36 matches found
Linux kernel 安全漏洞
The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There are security vulnerabilities in the Linux kernel. These vulnerabilities stem from the fact that ksmbd does not verify the SID length of inherited ACEs in the...
report-anonymizer
🛡️ Report Anonymizer Local LLM anonymizer for penetration-t...
ALPINE-CVE-2026-40706
In NTFS-3G 2022.10.3 before 2026.2.25, a heap buffer overflow exists in ntfsbuildpermissionsposix in acls.c that allows an attacker to corrupt heap memory in the SUID-root ntfs-3g binary by crafting a malicious NTFS image. The overflow is triggered on the READ path stat, readdir, open when...
CVE-2026-40706
In NTFS-3G 2022.10.3 before 2026.2.25, a heap buffer overflow exists in ntfsbuildpermissionsposix in acls.c that allows an attacker to corrupt heap memory in the SUID-root ntfs-3g binary by crafting a malicious NTFS image. The overflow is triggered on the READ path stat, readdir, open when...
PT-2026-34185
Name of the Vulnerable Software and Affected Versions NTFS-3G versions 2022.10.3 through 2026.2.24 Description A heap buffer overflow exists in the ntfs build permissions posix function within acls.c. This issue allows an attacker to corrupt heap memory in the SUID-root ntfs-3g binary by using a...
CVE-2025-9830
A security flaw has been discovered in PHPGurukul Beauty Parlour Management System 1.1. This affects an unknown function of the file /admin/add-customer-services.php. The manipulation of the argument sids results in sql injection. The attack can be executed remotely. The exploit has been released...
Beauty Parlour Management System add-customer-services.php File SQL Injection Vulnerability
Beauty Parlour Management System is a software system for standardizing salon business processes and improving management efficiency. Beauty Parlour Management System suffers from a SQL injection vulnerability, which originates from the lack of validation of externally entered SQL statements in t...
CVE-2025-9830
A security flaw has been discovered in PHPGurukul Beauty Parlour Management System 1.1. This affects an unknown function of the file /admin/add-customer-services.php. The manipulation of the argument sids results in sql injection. The attack can be executed remotely. The exploit has been released...
CVE-2025-9830
A security flaw has been discovered in PHPGurukul Beauty Parlour Management System 1.1. This affects an unknown function of the file /admin/add-customer-services.php. The manipulation of the argument sids results in sql injection. The attack can be executed remotely. The exploit has been released...
CVE-2025-9830
CVE-2025-9830 affects PHPGurukul Beauty Parlour Management System 1.1. The vulnerability is a SQL injection in the file /admin/add-customer-services.php, triggered by manipulating the sids[] parameter. It is exploitable remotely and publicly available exploits exist. Reported by multiple sources ...
CVE-2025-9830 PHPGurukul Beauty Parlour Management System add-customer-services.php sql injection
A security flaw has been discovered in PHPGurukul Beauty Parlour Management System 1.1. This affects an unknown function of the file /admin/add-customer-services.php. The manipulation of the argument sids results in sql injection. The attack can be executed remotely. The exploit has been released...
PHPGurukul Beauty Parlour Management System 安全漏洞
Beauty Parlour Management System is a software system for standardizing salon business processes and improving management efficiency. Beauty Parlour Management System suffers from a SQL injection vulnerability, which originates from the lack of validation of externally entered SQL statements in t...
PHPGurukul Men Salon Management System 注入漏洞
PHPGurukul Men Salon Management System is a men's salon management system from PHPGurukul Inc. An injection vulnerability exists in PHPGurukul Men Salon Management System version 1.0, which stems from an incorrect manipulation of the parameter sids that can lead to SQL injection...
1000 Projects Beauty Parlour Management System 注入漏洞
1000 Projects Beauty Parlour Management System is an open source beauty parlor management system by 1000 Projects. An injection vulnerability exists in 1000 Projects Beauty Parlour Management System version 1.0, which stems from an incorrect manipulation of the parameter sids that can lead to SQL...
Misconfigured Certificate Template Finder
class MetasploitModule 'Misconfigured Certificate Template Finder', 'Description' = %q This module allows users to query a LDAP server for vulnerable certificate templates and will print these certificates out in a table along with which attack they are vulnerable to and the SIDs that can be used...
ansible-freeipa bug fix and enhancement update
An update is available for ansible-freeipa. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The ansible-freeipa package provides Ansible roles and playbooks to...
Misconfigured Certificate Template Finder
This module allows users to query a LDAP server for vulnerable certificate templates and will print these certificates out in a table along with which attack they are vulnerable to and the SIDs that can be used to enroll in that certificate template. Additionally the module will also print out a...
Koh - The Token Stealer
Koh is a C and Beacon Object File BOF toolset that allows for the capture of user credential material via purposeful token/logon session leakage. Some code was inspired by Elad Shamir's Internal-Monologue project no license, as well as KB180548. For why this is possible and Koh's approeach, see t...
Microsoft Windows Logged On Users
Using the HKU registry, Nessus was able to enumerate the SIDs of logged on users %NASLMINLEVEL 7300 C Tenable, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if description scriptid161502; scriptversion"1.3"; scriptsetattributeattribute:"pluginmodificationdate", value:"2025/10/01";...
AlmaLinux 8 : idm:DL1 (ALSA-2021:5142)
The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2021:5142 advisory. samba: Samba AD DC did not always rely on the SID and PAC in Kerberos tickets CVE-2020-25719 Tenable has extracted the preceding description block directly from th...