Joomla JoomCRM 1.1.1 Component - SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: Joomla! Component JoomCRM 1.1.1 - SQL Injection Exploit Author: Ihsan Sencan Vendor Homepage: http://joomboost.com/ Software Link: https://extensions.joomla.org/extensions/extension/marketing/crm/joomcrm/ Version: 1.1.1 Category...

Infogram: User account blocking by Internal Server error

If you send a language=en in https://infogram.com/api/users/me user be forever get an Internal Server error EVEN AFTER re-logining: https://youtu.be/AxYa11lEiWA I idk why does hackerone can't upload this video so I uploaded this video privately to the youtube! In this video, I'm trying to relogin...

Citrix Director error "403 Forbidden : access is denied"

When you try to access Director URL in the browser, there is an error displayed: Server Error - 403 - Forbidden: Access Denied...

Adding layer versions with Nutanix fails with error: Failed to execute the script.

When trying to add versions to layers, the task may fail with an error. Failed to execute the script. Unable to perform the operation. The Nutanix server has encountered a failure processing the request 500. Error: internal server error. Details: Error occurred while creating Disk image...

CVE-2018-17891

Carestream Vue RIS, RIS Client Builds: Version 11.2 and prior running on a Windows 8.1 machine with IIS/7.5. When contacting a Carestream server where there is no Oracle TNS listener available, users will trigger an HTTP 500 error, leaking technical information an attacker could use to initiate a...

Semmle: Server side includes in https://lgtm-com.pentesting.semmle.net/internal_api/v0.2/savePublicInformation leads to 500 server error and D-DOS

Summary: Improper sanitizing of input in one of the input forms in https://lgtm-com.pentesting.semmle.net/internalapi/v0.2/savePublicInformation leads to server side include that causes a 500 internal server error and a possible denial of service. Description: After login in to semmle , in other ...

CVE-2017-1239

IBM Quality Manager RQM 5.0.x and 6.0 through 6.0.5 could reveal sensitive information in HTTP 500 Internal Server Error responses. IBM X-Force ID: 124357...

CVE-2017-1239

IBM Quality Manager RQM 5.0.x and 6.0 through 6.0.5 could reveal sensitive information in HTTP 500 Internal Server Error responses. IBM X-Force ID: 124357...

Unable to Connect to StoreFront from NetScaler After Logging into NetScaler Page with Error "Http/1.1 Internal Server Error 43531"

The following error is shown after logon to NetScaler page: Error "Http/1.1 Internal Server Error 43531" The NetScaler is unable to connect or redirect to StoreFront page...

Redatam Web Server < 7 - Directory Traversal

Exploit Title: Redatam Web Server R+SP WebUtilities Exception Error Number 401 Error Message File not found in folder C:\wamp\apps\redatam\redbin\ - blablabla Script directory /wamp/a...

Error: "Http/1.1 Internal Server Error 43531" When Enrolling Device to XenMobile

MAM enrollment is failing with below errors: 1. While authenticating from the Gateway Web Page -"Http/1.1 Internal Server Error 43531" 2. While attempting from the mobile device - "Enrollment Failed - There's a prblem with the server setup. Please contact your administrator"...

CVE-2017-1515

IBM Doors Web Access 9.5 and 9.6 could allow an authenticated user to obtain sensitive information from HTTP internal server error responses. IBM X-Force ID: 129825...

CVE-2017-1515

CVE-2017-1515 — IBM DOORS Web Access information disclosure . Affected: Rational DOORS 9.5.x and 9.6.x (Rational DOORS Web Access). Description: an authenticated user could obtain sensitive information from HTTP internal server error responses due to the vulnerability in DOORS Web Access. Root ca...

CVE-2017-1515

IBM Doors Web Access 9.5 and 9.6 could allow an authenticated user to obtain sensitive information from HTTP internal server error responses. IBM X-Force ID: 129825...

Cross site scripting

In Dell EMC VNX2 versions prior to Operating Environment for File 8.1.9.217 and VNX1 versions prior to Operating Environment for File 7.1.80.8, a web server error page in VNX Control Station is impacted by a reflected cross-site scripting vulnerability. A remote unauthenticated attacker could...

Cross site scripting

A cross site scripting XSS vulnerability exists in CheckMK versions 1.2.8x prior to 1.2.8p25 and 1.4.0x prior to 1.4.0p9, allowing an unauthenticated attacker to inject arbitrary HTML or JavaScript via the outputformat parameter, and the username parameter of failed HTTP basic authentication...

UBUNTU-CVE-2017-11507

A cross site scripting XSS vulnerability exists in CheckMK versions 1.2.8x prior to 1.2.8p25 and 1.4.0x prior to 1.4.0p9, allowing an unauthenticated attacker to inject arbitrary HTML or JavaScript via the outputformat parameter, and the username parameter of failed HTTP basic authentication...

IBM Rational Rhapsody Design Manager Information Disclosure Vulnerability (CNVD-2017-38260)

IBM Rational Rhapsody Design Manager is a suite of collaborative design management software from IBM. The software supports the use of centralized system repositories with Web-based access to store, share, search, and manage design models as well as automated software design reviews. An informati...

CVE-2017-1240

CVE-2017-1240 affects IBM Rational Rhapsody Design Manager (RDM) within IBM CLM family. Affected versions: RDM 4.0–4.0.7, 5.0–5.0.2, and 6.0–6.0.4. Description in connected sources shows an information-disclosure flaw where sensitive data could be exposed via HTTP 500 Internal Server Error respon...

International Islamic University Chittagong: Another Internal Path Disclosure

Keeping your previous fixes in mind, I found another endpoint which is disclosing full internal path through 500 Internal Server error. POC-URL: http://119.18.148.140/iiuc/login/ Request: GET http://119.18.148.140/iiuc/login/ HTTP/1.1 Host: 119.18.148.140 Connection: keep-alive User-Agent:...