241 matches found
CVE-2013-4412
CVE-2013-4412 affects slim, with a NULL pointer dereference when using the crypt() function from glibc 2.17. The connected records confirm the description across multiple sources (NVD, OSV, Ubuntu/Debian advisories, and vendor entries), but none provide concrete details on affected versions beyon...
PT-2019-6950 · Gnu · Glibc
Name of the Vulnerable Software and Affected Versions: slim affected versions not specified Description: The issue is related to a NULL pointer dereference in slim when using the crypt method from glibc 2.17. Recommendations: At the moment, there is no information about a newer version that...
JobSkee Open Source JobBoard 1.1.3 Database Disclosure
Exploit Title : JobSkee Open Source JobBoard 1.1.3 Database Disclosure Author Discovered By : KingSkrupellos Team : Cyberizm Digital Security Army Date : 12/04/2019 Vendor Homepage : jobskee.com Software Download Link : jobskee.com/download.php Software Information Link :...
Zomato: Potential server misconfiguration leads to disclosure of vendor/ directory
Hi, Apologies for the weakness label, it was the closest I could find for what appears to be a server misconfiguration. Typically, in MVC frameworks like Slim which I see you are using here, Symfony, Laravel, etc., the front controller is the only thing exposed, leaving vendor/, logs/, and others...
Remote Code Execution (RCE)
Slim is vulnerable to Remote Code Execution RCE through PHP Object Injections. A malicious user can inject and execute arbitrary code when deserialising a SessionCookie object...
minnesota-slim.net XSS vulnerability
Vulnerable URL: http://www.minnesota-slim.net/vu/boot.asp?boot=1"...
Design/Logic Flaw
Unquoted service path vulnerability in Lenovo Edge and Lenovo Slim USB Keyboard Driver versions earlier than 1.21 allows local users to execute code with elevated privileges...
CVE-2016-8225
The CVE-2016-8225 entry concerns Lenovo Edge USB Keyboard Driver (also called Lenovo Slim USB Keyboard/Low Profile Keyboard) on Windows. The advisory LEN-11588 indicates a local privilege escalation vulnerability when the driver is prior to version 1.21. The root issue is exposed as a local explo...
Lenovo Slim USB Keyboard 1.09 Privilege Escalation Vulnerability
Exploit for windows platform in category local exploits Exploit Title: Lenovo Slim USB Keyboard - Unquoted Service Path Privilege Escalation Date: 10/19/2016 Exploit Author: Joey Lane Version: 1.09 Tested on: Windows 7 Professional The Lenovo Slim USB Keyboard service is installed with an unquote...
Lenovo Slim USB Keyboard 1.09 - Unquoted Service Path Privilege Escalation
Lenovo Slim USB Keyboard 1.09 - Unquoted Service Path Privilege Escalation Exploit Title: Lenovo Slim USB Keyboard - Unquoted Service Path Privilege Escalation Date: 10/19/2016 Exploit Author: Joey Lane Version: 1.09 Tested on: Windows 7 Professional The Lenovo Slim USB Keyboard service is...
Lenovo Slim USB Keyboard 1.09 - Unquoted Service Path Privilege Escalation
Exploit Title: Lenovo Slim USB Keyboard - Unquoted Service Path Privilege Escalation Date: 10/19/2016 Exploit Author: Joey Lane Version: 1.09 Tested on: Windows 7 Professional The Lenovo Slim USB Keyboard service is installed with an unquoted service path. This enables a local privilege escalatio...
SlimCMS 0.1 - Cross-Site Request Forgery (Change Admin Password)
Exploit for php platform in category web applications input ty...
Slim CMS 0.1 Cross Site Request Forgery
input type="hidden" name="url" value="http://localhost/SlimCMS"...
SlimCMS 0.1 - Cross-Site Request Forgery (Change Admin Password)
input typ...
the php framework slim architecture on the presence of the XXE vulnerability, XXE typically present in the form of-vulnerability warning-the black bar safety net
Modern cms framework laraval/symfony/slim, leading to today's php vulnerability appears point, principle, using method, has undergone some changes, this series can hope to summarize their excavation of such a cms vulnerability. slim is one of the design ideas ahead of the well-known of php light...
CVE-2015-2171
Middleware/SessionCookie.php in Slim before 2.6.0 allows remote attackers to conduct PHP object injection attacks and execute arbitrary PHP code via crafted session data...
Design/Logic Flaw
Middleware/SessionCookie.php in Slim before 2.6.0 allows remote attackers to conduct PHP object injection attacks and execute arbitrary PHP code via crafted session data...
CVE-2015-2171
Middleware/SessionCookie.php in Slim before 2.6.0 allows remote attackers to conduct PHP object injection attacks and execute arbitrary PHP code via crafted session data...
CVE-2015-2171
Middleware/SessionCookie.php in Slim before 2.6.0 allows remote attackers to conduct PHP object injection attacks and execute arbitrary PHP code via crafted session data...
CVE-2015-2171
CVE-2015-2171 affects the Slim PHP framework; vulnerable component is Middleware/SessionCookie.php in Slim before 2.6.0. The issue allows remote attackers to perform PHP object injection via crafted session data, enabling arbitrary code execution on the server. The root cause is deserialization o...