5327 matches found
Traffic Offense Management System 1.0 - SQL Injection to Remote Code Execution Exploit
Exploit Title: Traffic Offense Management System 1.0 - SQLi to Remote Code Execution RCE Unauthenticated Exploit Author: Tagoletta Tağmaç Software Link: https://www.sourcecodester.com/php/14909/online-traffic-offense-management-system-php-free-source-code.html Version: 1.0 Tested on: Linux import...
Traffic Offense Management System 1.0 - Remote Code Execution (RCE) (Unauthenticated)
Exploit Title: Traffic Offense Management System 1.0 - SQLi to Remote Code Execution RCE Unauthenticated Date: 19.08.2021 Exploit Author: Tagoletta Tağmaç Software Link: https://www.sourcecodester.com/php/14909/online-traffic-offense-management-system-php-free-source-code.html Version: 1.0 Tested...
Ship Ferry Ticket Reservation System 1.0 SQL Injection
Exploit Title: Ship Ferry Ticket Reservation System v1.0 SQL-Injection-Bypass-Authentication in /shipticketing/classes/Login.php. Author: nu11secur1ty Testing and Debugging: nu11secur1ty Date: 08.30.2021 Vendor:...
Source code is downloaded over cleartext HTTP in portaudio
An issue was discovered in the portaudio crate through 0.7.0 for Rust. There is a man-in-the-middle issue because the source code is downloaded over cleartext HTTP...
Compilation database: An alternative way to configure your C or C++ analysis
Analyzing C or C++ code requires - in addition to the source code - the configuration that is used to build the code. At SonarSource, we have provided a tool to automate the extraction of this information, the build wrapper. This tool has been used successfully with many projects, yet there are...
Laundry Booking Management System 1.0 - Multiple Stored Cross-Site Scripting Vulnerability
Exploit Title: Laundry Booking Management System 1.0 - 'Multiple' Stored Cross-Site Scripting XSS Exploit Author: Azumah Foresight Xorlali Vendor Homepage: https://www.sourcecodester.com/php/14400/laundry-booking-management-system-php-source-code.html Software Link:...
Laundry Booking Management System 1.0 Cross Site Scripting
Exploit Title: Laundry Booking Management System 1.0 - 'Multiple' Stored Cross-Site Scripting XSS Date: 2021-08-19 Exploit Author: Azumah Foresight Xorlali Vendor Homepage: https://www.sourcecodester.com/php/14400/laundry-booking-management-system-php-source-code.html Software Link:...
Simple Image Gallery 1.0 - Remote Code Execution (Unauthenticated) Exploit
Exploit Title: Simple Image Gallery 1.0 - Remote Code Execution RCE Unauthenticated Exploit Author: Tagoletta Tağmaç Software Link: https://www.sourcecodester.com/php/14903/simple-image-gallery-web-app-using-php-free-source-code.html Version: V 1.0 Tested on: Ubuntu import requests import random...
Mitel Networks MiCollab Information Disclosure Vulnerability
An information disclosure vulnerability exists in Mitel Networks MiCollab, a mobile application from Mitel Networks Canada that provides voice, video, messaging, audio conferencing and team collaboration for employees. Service component does not effectively filter output information. An attacker...
CVE-2021-32825
bblfshd is an open source self-hosted server for source code parsing. In bblfshd before commit 4265465b9b6fb5663c30ee43806126012066aad4 there is a "zipslip" vulnerability. The unsafe handling of symbolic links in an unpacking routine may enable attackers to read and/or write to arbitrary location...
CVE-2021-32825 ZipSlip vulnerability in bblfshd
bblfshd is an open source self-hosted server for source code parsing. In bblfshd before commit 4265465b9b6fb5663c30ee43806126012066aad4 there is a "zipslip" vulnerability. The unsafe handling of symbolic links in an unpacking routine may enable attackers to read and/or write to arbitrary location...
CVE-2021-32825
CVE-2021-32825 pertains to bblfshd, an open-source self-hosted server for source code parsing. The vulnerability, a zipslip flaw in the unpacking routine, arises from unsafe handling of symbolic links, allowing an attacker to read or write outside the designated target folder. Impact can include ...
Exploit for Cross-site Scripting in Online_Doctor_Appointment_System_Php_Full_Source_Code_Project Online_Doctor_Appointment_System_Php_Full_Source_Code
CVE-2021-25791-Multiple-Stored-XSS : Multiple Stored XSS Onlin...
Path Traversal
bblfshd is an open source self-hosted server for source code parsing. In bblfshd there is a zipslip vulnerability. The unsafe handling of symbolic links in an unpacking routine may enable attackers to read and/or write to arbitrary locations outside the designated target folder. This issue may le...
CVE-2021-32072
The MiCollab Client Service component in Mitel MiCollab before 9.3 could allow an attacker to get source code information disclosing sensitive application data due to insufficient output sanitization. A successful exploit could allow an attacker to view source code methods...
CVE-2021-32072
The MiCollab Client Service component in Mitel MiCollab before 9.3 could allow an attacker to get source code information disclosing sensitive application data due to insufficient output sanitization. A successful exploit could allow an attacker to view source code methods...
CVE-2021-32072
The MiCollab Client Service component in Mitel MiCollab before 9.3 could allow an attacker to get source code information disclosing sensitive application data due to insufficient output sanitization. A successful exploit could allow an attacker to view source code methods...
CVE-2021-32072
The CVE-2021-32072 entry concerns Mitel MiCollab: the MiCollab Client Service component in MiCollab prior to version 9.3 has an information disclosure flaw due to insufficient output sanitization, allowing an attacker to view source code methods. Connected documents confirm the affected product a...
Exploit for Off-by-one Error in Sudo_Project Sudo
CVE-2021-3156 Introduction This repository was created f...
Mitel Networks MiCollab 信息泄露漏洞
An information disclosure vulnerability exists in Mitel Networks MiCollab, a mobile application from Mitel Networks Canada that provides voice, video, messaging, audio conferencing and team collaboration for employees. Service component does not effectively filter output information. An attacker...