CVE-2023-21924

...

refund() for ETHCrowdfund may fail for the final user due to rounding discrepancies

Lines of code Vulnerability details Proof of Concept This is how fee is deducted from a user's contribution when the user contributes. Observe that amount at the end is slightly greater than it's suppose to be due to the rounding in the feeAmount calculation. if fundingSplitRecipient != address0 ...

PAN-OS: Local File Deletion Vulnerability

A local file deletion vulnerability in Palo Alto Networks PAN-OS software enables an authenticated administrator to delete files from the local file system with elevated privileges. These files can include logs and system components that impact the integrity and availability of PAN-OS software...

Don't plug your phone into a free charging station, warns FBI

In a recent tweet, the FBI office in Denver warned consumers against using free public charging stations, stating that criminals have managed to hijack public chargers with the objective of infecting devices with malware or other software that can give hackers access to your phone, tablet or...

ChatBot < 4.4.5 - Stored XSS via CSRF

The plugin does not escape most of its settings before outputting them back in the dashboard, and does not have a proper CSRF check, allowing attackers to make a logged in admin set XSS payloads in them. Note: v4.4.5 fixed the CSRF issue, the lack of escaping was fixed in 4.5.1 and a separate iss...

Medicine Tracker System v1.0 - Sql Injection

Exploit Title: Medicine Tracker System v1.0 - Sql Injection Exploit Author: Sanjay Singh Vendor Homepage: https://www.sourcecodester.com Software Link: https://www.sourcecodester.com/sites/default/files/download/oretnom23/php-mts0.zip Version: V1.0.0 Tested on: Windows/Linux Proof of Concept: 1-...

bgERP 22.31 Cross Site Scripting

Title: bgERP v22.31 Orlovets - Cookie Session vulnerability & Cross-Site Scripting XSS Author: nu11secur1ty Date: 01.31.2023 Vendor: https://bgerp.com/Bg/Za-sistemata Software: https://github.com/bgerp/bgerp/releases/tag/v22.31 Reference:...

Froxlor 2.0.3 Stable - Remote Code Execution Exploit

!/usr/bin/python3 Exploit Title: Froxlor 2.0.3 Stable - Remote Code Execution RCE Date: 2023-01-08 Exploit Author: Askar @mohammadaskar2 CVE: CVE-2023-0315 Vendor Homepage: https://froxlor.org/ Version: v2.0.3 Tested on: Ubuntu 20.04 / PHP 8.2 import telnetlib import requests import socket import...

Art Gallery Management System Project v1.0 - SQL Injection (Authenticated) Vulnerability

Exploit Title: Art Gallery Management System Project v1.0 - SQL Injection sqli authenticated Exploit Author: Rahul Patwari Vendor Homepage: https://phpgurukul.com/ Software Link: https://phpgurukul.com/projects/Art-Gallery-MS-PHP.zip Version: 1.0 Tested on: XAMPP / Windows 10 CVE : CVE-2023-23163...

Steveas WP Live Chat Shoutbox <= 1.4.2 - Unauthenticated SQLi

The plugin does not sanitise and escape a parameter before using it in a SQL statement via an AJAX action available to unauthenticated users, leading to a SQL injection. Submit a message in the chatbox, intercept the request using Burp Suite for example. Edit the request to reflect this request:...

Bangresto 1.0 - SQL Injection

Exploit Title: Bangresto 1.0 - SQL Injection Exploit Author: nu11secur1ty Date: 12.16.2022 Vendor: https://axcora.com/, https://www.hockeycomputindo.com/2021/05/restaurant-pos-source-code-free.html Demo: https://axcora.my.id/bangrestoapp/start.php Software: https://github.com/mesinkasir/bangresto...

Senayan Library Management System v9.0.0 - SQL Injection

Exploit Title: Senayan Library Management System v9.0.0 - SQL Injection Author: nu11secur1ty Date: 11.09.2022 Vendor: https://slims.web.id/web/ Software: https://github.com/slims/slims9bulian/releases/download/v9.0.0/slims9bulian-9.0.0.zip Reference:...

CVE-2022-40577

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2022. Notes: none...

Zentao Project Management System 17.0 - Authenticated Remote Code Execution Exploit

Exploit Title: Zentao Project Management System 17.0 - Authenticated Remote Code Execution RCE Exploit Author: mister0xf Software Link: https://github.com/easysoft/zentaopms Version: tested on 17.0 probably works also on newer/older versions Tested On: Kali Linux 2022.2 Exploit Tested Using: Pyth...

macOS 12.x < 12.6.4 Multiple Vulnerabilities (HT213677)

The remote host is running a version of macOS / Mac OS X that is 12.x prior to 12.6.4. It is, therefore, affected by multiple vulnerabilities: - Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1225. CVE-2023-0433 - Divide By Zero in GitHub repository vim/vim prior to 9.0.1247...

Design/Logic Flaw

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2020. Notes: none...

Design/Logic Flaw

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2020. Notes: none...

Design/Logic Flaw

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2020. Notes: none...

Design/Logic Flaw

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2020. Notes: none...

OSV-2023-212 Global-buffer-overflow in xmlParseEntityDecl

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=57294 Crash type: Global-buffer-overflow READ 1 Crash state: xmlParseEntityDecl xmlParseMarkupDecl xmlParseInternalSubset...