Lucene search
K

31 matches found

Hacker One
Hacker One
added 2018/11/12 9:18 a.m.92 views

OLX: Cross-site Scripting (XSS) - Reflected

Dear Security OLX team, I want to report the findings of the security gap on the olx.co.id website, the detailed findings are as follows: impact:https://www.olx.co.id/adminpanel/login/ Payload : ope8i"alert1grpo8 POC: paramter = userpassword POST /adminpanel/login/?ref0action=index&ref0method=ind...

0.1AI score
Exploits0
Vulnerability Lab
Vulnerability Lab
added 2018/01/03 12:0 a.m.36 views

Wincor Nixdorf PC/E Mobile Cash TryOut - API Vulnerability

Document Title: =============== Wincor Nixdorf PC/E Mobile Cash TryOut - API Vulnerability References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2002 Release Date: ============= 2018-01-03 Vulnerability Laboratory ID VL-ID: ===================================...

Exploits0
myhack58
myhack58
added 2017/09/07 12:0 a.m.75 views

Samsung, Huawei and other phone Bootloader was traced to the presence of many high-risk bug-vulnerability warning-the black bar safety net

California University research team to create the main stream mobile platform in the bootloader exists in the code test and the DOS of the security gap. Workshop staff with a BootStomp to create 6 new found cracks, 5 of which division is the manufacturer to confirm. There is also a su XI reported...

7.1CVSS1.3AI score0.00365EPSS
Exploits0
CVE
CVE
added 2017/08/05 5:0 p.m.51 views

CVE-2017-9858

CVE-2017-9858 affects SMA Solar Technology inverters (Sunny Boy TLST-21, TL-21; Sunny Tripower TL-10, TL-30). By sending crafted packets to the inverter and observing responses, an attacker can determine which user accounts are active or inactive, enabling brute-force planning. The vendor notes t...

7.5CVSS7.4AI score0.02058EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2017/08/05 5:0 p.m.21 views

CVE-2017-9858

An issue was discovered in SMA Solar Technology products. By sending crafted packets to an inverter and observing the response, active and inactive user accounts can be determined. This aids in further attacks such as a brute force attack as one now knows exactly which users exist and which do no...

7.5AI score0.02058EPSS
Exploits0References3
Hacker One
Hacker One
added 2017/07/13 4:20 p.m.26 views

Legal Robot: Missing link to 2FA recovery code

While going live with additional 2FA options, a security researcher discovered that while we provide a TOTP fallback and Recovery code fallback for users that have enabled U2F, we neglected to do this for TOTP-only users. All users that have enabled TOTP or U2F 2FA should have been able to access...

2.9AI score
Exploits0
Imperva Blog
Imperva Blog
added 2017/06/05 9:56 p.m.21 views

Today’s File Security is So ’80s, Part 1: Why the Traditional Approach to File Security is Broken

In today’s knowledge-driven economy, modern enterprises have a fluid organizational structure in which most employees have access to most data to do their jobs. Working groups are formed organically and are cross-functional by nature. The amount of unstructured data organizations create is growin...

6.7AI score
Exploits0
myhack58
myhack58
added 2014/02/08 12:0 a.m.29 views

08cms GETSHELL vulnerabilities-vulnerability warning-the black bar safety net

08cms GETSHELL Directly on the Exp ? php / Car CMS4. 1 GBK version: exp index. php? tplname=..%252f..%252fdynamic%252fstats%252faclicks. cac shell /dynamic/tplcache/common/....dynamicstatsaclicks.cac.php Decoration of the CMS: shell: /dynamic/dynamic/stats/aclicks.cac.php / $exp = '/tools/ptool...

Exploits0
exploitpack
exploitpack
added 2008/11/01 12:0 a.m.20 views

AJ Article 1.0 - Authentication Bypass

AJ Article 1.0 - Authentication Bypass / / \ / / / / / / / / / / / /\ / / / / / / / / / / / / / / \ / // // / / / / // // / // / / / / / / / // / / / / / / //, / // //,/// // // /,// // // // Discovered by : Hakxer Type Gap : Auth Bypass Script : AJ ARTICLE Greetz : Allah , Egyptian x...

0.6AI score
Exploits0
Packet Storm
Packet Storm
added 2008/10/13 12:0 a.m.26 views

res-sql.txt

Author : EgY Coders TM Home : Www.educ-up.com Type Gap : SQL INJECTION script : Real-Estate-Scripts see script http://www.real-estate-scripts.com/demo.html Greetz : Allah , Egyptian x Hacker , Soufiane , Sinaritx , SQLinj4ct0r , Stealth , Kof2002 ,Bright D@rk + Bug in : index.php POC...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2008/10/11 12:0 a.m.15 views

Absolute Poll Manager XE 4.1 - xlacomments.asp SQL Injection

Absolute Poll Manager XE 4.1 - xlacomments.asp SQL Injection Author : Hakxer Home : Www.educ-up.com Type Gap : Sql injection --MSSQL Injection-- script : Absolute Poll Manager XE see script http://www.xigla.com/absolutepm/demo.htm Greetz : Allah , Egyptian x Hacker , Soufiane , Sinaritx ,...

0.5AI score
Exploits0
Rows per page
Query Builder