ZKTeco ZEM/ZMM 8.88 - Missing Authentication

Exploit Title: ZKTeco ZEM/ZMM 8.88 - Missing Authentication Exploit Author: RedTeam Pentesting GmbH CVE: CVE-2022-42953 Advisory: Missing Authentication in ZKTeco ZEM/ZMM Web Interface The ZKTeco time attendance device does not require authentication to use the web interface, exposing the databas...

Gerdab.ir SQL Injection

This site belongs to the Revolutionary Guards Intelligence Organization of the Islamic Republic of Iran IRGC, which has a security problem with the SQL INJECTION Vulnerability "CWE-89". We have repeatedly reported to this site that it has a security problem and has ignored our report. We want to...

Play TV 1.25.1 Build r123776 DLL Hijacking

Document Title: =============== Play TV v1.25.1Build r123776 - DLL Hijack Vulnerability References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2085 Release Date: ============= 2017-09-04 Vulnerability Laboratory ID VL-ID: ====================================...

WordPress Traffic Analyzer Cross Site Scripting

Exploit Title : WordPress Trafficanalyzer Plugin XSS Vulnerability Author : IrIsT.Ir Discovered By : BeniVanda Home : http://IrIsT.Ir/en/ Software Link : http://wptrafficanalyzer.in Security Risk : Medium Version : All Version Tested on : GNU/Linux Ubuntu/BT/Fedora - win7 Dork :...

PHP Jobsite v1.36 - Cross Site Scripting Vulnerabilities

Document Title: =============== PHP Jobsite v1.36 - Cross Site Scripting Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=616 Release Date: ============= 2012-06-16 Vulnerability Laboratory ID VL-ID: ==================================== 61...

EnjoyGraph Communication SQL Injection

1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 + Site : 1337day.com 0 1 + Support e-mail :...

ACC PHP eMail v1.1 - Multiple Web Vulnerabilities

Document Title: =============== ACC PHP eMail v1.1 - Multiple Web Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=505 Release Date: ============= 2012-04-12 Vulnerability Laboratory ID VL-ID: ==================================== 505 Produ...

ZyWALL USG Appliance Access Bypass

Advisory: Client Side Authorization ZyXEL ZyWALL USG Appliances Web Interface The ZyXEL ZyWALL USG appliances perform parts of the authorization for their management web interface on the client side using JavaScript. By setting the JavaScript variable "isAdmin" to "true", a user with limited acce...

Barracuda Web Firewall 660 Firmware 7.3.1.007 - Multiple Vulnerabilities

Barracuda Web Firewall 660 Firmware 7.3.1.007 - Multiple Vulnerabilities Pentest Information: ==================== GESEC Team remove discover a input validation vulnerability on Barracuda - Web Application Firewall 660 Appliance. A remote attacker is able to get sensitive customer sessions hijack...

Barracuda Web Firewall 660 Firmware 7.3.1.007 - Multiple Vulnerabilities

Pentest Information: ==================== GESEC Team remove discover a input validation vulnerability on Barracuda - Web Application Firewall 660 Appliance. A remote attacker is able to get sensitive customer sessions hijackor can implement script routines & malicious codesserver-side|persistent...

[Full-disclosure] Fujitsu-Siemens PRIMERGY BX300 Switch Blade Information Disclosure

Advisory: Fujitsu-Siemens PRIMERGY BX300 Switch Blade Information Disclosure RedTeam Pentesting discovered an information disclosure in the Fujitsu- Siemens BX300 Switch Blade during a penetration test. By accessing URLs of the web interface directly and aborting the authentication dialog, one is...

Solaris 7 (x86) : 107710-27

SunOS 5.7x86: libssasnmp/libssagent/snmpdx/snmpXdmid/mibiisa Patc. Date this patch was last updated by Sun : Apr/19/06 %NASLMINLEVEL 999999 @DEPRECATED@ This script has been deprecated as the associated patch is not currently a recommended security fix. Disabled on 2011/09/17. C Tenable Network...

Solaris 2.5.1 (x86) : 105124-07

OpenWindows 3.5.1x86: Calendar Manager patch. Date this patch was last updated by Sun : Mar/08/02 %NASLMINLEVEL 999999 @DEPRECATED@ This script has been deprecated as the associated patch is not currently a recommended security fix. Disabled on 2011/09/17. C Tenable Network Security, Inc. if !...