Mitsubishi Electric & INEA SmartRTU - Source Code Disclosure Vulnerability

Exploit Title: Mitsubishi Electric & INEA SmartRTU - Source Code Disclosure Exploit Author: Hamit CİBO Vendor Homepage: https://www.inea.si Software Link: https://www.inea.si/telemetrija-in-m2m-produkti/mertu/ Version: ME RTU Tested on: Windows CVE : CVE-2018-16060 PoC Request GET /web HTTP/1.1...

Mitsubishi Electric / INEA SmartRTU Source Code Disclosure

Exploit Title: Mitsubishi Electric & INEA SmartRTU - Source Code Disclosure Date: 2021-17-10 Exploit Author: Hamit CİBO Vendor Homepage: https://www.inea.si Software Link: https://www.inea.si/telemetrija-in-m2m-produkti/mertu/ Version: ME RTU Tested on: Windows CVE : CVE-2018-16060 PoC Request GE...

Company's Recruitment Management System 1.0 - 'description' Stored Cross-Site Scripting (XSS)

Exploit Title: Company's Recruitment Management System 1.0 - 'description' Stored Cross-Site Scripting XSS Date: 18-10-2021 Exploit Author: Aniket Anil Deshmane Vendor Homepage: https://www.sourcecodester.com/php/14959/companys-recruitment-management-system-php-and-sqlite-free-source-code.html...

Mitsubishi Electric & INEA SmartRTU - Source Code Disclosure

Exploit Title: Mitsubishi Electric & INEA SmartRTU - Source Code Disclosure Date: 2021-17-10 Exploit Author: Hamit CİBO Vendor Homepage: https://www.inea.si Software Link: https://www.inea.si/telemetrija-in-m2m-produkti/mertu/ Version: ME RTU Tested on: Windows CVE : CVE-2018-16060 PoC Request GE...

[SECURITY] Fedora 33 Update: libopenmpt-0.4.24-1.fc33

libopenmpt is a cross-platform C++ and C library to decode tracked music files modules into a raw PCM audio stream. libopenmpt is based on the player code of the OpenMPT project Open ModPlug Tracker. In order to avoid code base fragmentation, libopenmpt is developed in the same source code...

CVE-2018-16060

Mitsubishi Electric Europe B.V. SmartRTU devices allow remote attackers to obtain sensitive information directory listing and source code via a direct request to the /web URI...

Code injection

Mitsubishi Electric SmartRTU devices allow remote attackers to obtain sensitive information directory listing and source code via a direct request to the /web URI...

CVE-2018-16060

CVE-2018-16060 affects Mitsubishi Electric Europe B.V. SmartRTU devices. Affected component: the web interface at the direct URI /web. Root cause: direct requests to /web disclose directory listings and source code, enabling remote attackers to obtain sensitive information. Exploitation status: P...

CVE-2018-16060

Mitsubishi Electric Europe B.V. SmartRTU devices allow remote attackers to obtain sensitive information directory listing and source code via a direct request to the /web URI...

Missouri Vows to Prosecute ‘Hacker’ Who Informed State About Data Leak

The St. Louis Post-Dispatch newspaper recently found a huge security blunder: The Missouri educational agency’s site was displaying 100,000+ clearly visible Social-Security numbers for school teachers, administrators and counselors in its HTML source code. The newspaper verified its findings with...

Mitsubishi Electric SmartRTU 安全漏洞

Mitsubishi Electric smartRTU is an intelligent remote terminal unit RTU from Mitsubishi Electric Japan. A security vulnerability exists in the Mitsubishi Electric SmartRTU that originates from the disclosure of sensitive information in the /web URI of the device. The vulnerability can be exploite...

PT-2021-8816 · Mitsubishi · Smartrtu

Name of the Vulnerable Software and Affected Versions: Mitsubishi Electric Europe B.V. SmartRTU devices affected versions not specified Description: The issue allows remote attackers to obtain sensitive information, including directory listings and source code, by making a direct request to the...

Simple Payroll System 1.0 SQL Injection

Exploit Title: Simple Payroll System 1.0 - SQLi Authentication Bypass Date: 2021-10-09 Exploit Author: Yash Mahajan Vendor Homepage: https://www.sourcecodester.com/php/14974/simple-payroll-system-dynamic-tax-bracket-php-using-sqlite-free-source-code.html Software Link:...

Pharmacy Point of Sale System 1.0 - 'Add New User' Cross-Site Request Forgery (CSRF)

Exploit Title: Pharmacy Point of Sale System 1.0 - 'Add New User' Cross-Site Request Forgery CSRF Date: 10/11/2021 Exploit Author: Murat DEMIRCI @butterflyhunt3r Vendor Homepage: https://www.sourcecodester.com/ Software Link:...

Online Learning System 2.0 - 'Multiple' SQLi Authentication Bypass

Exploit Title: Online Learning System 2.0 - 'Multiple' SQLi Authentication Bypass Date: 11.10.2021 Exploit Author: Oguzhan Kara Vendor Homepage: https://www.sourcecodester.com/php/14929/online-learning-system-v2-using-php-free-source-code.html Software Link:...

Simple Payroll System 1.0 - SQLi Authentication Bypass

Exploit Title: Simple Payroll System 1.0 - SQLi Authentication Bypass Date: 2021-10-09 Exploit Author: Yash Mahajan Vendor Homepage: https://www.sourcecodester.com/php/14974/simple-payroll-system-dynamic-tax-bracket-php-using-sqlite-free-source-code.html Software Link:...

Driver Disk for Qlogic fastlinq 8.55.13.0 - For Citrix Hypervisor 8.2 LTSR

Who Should Install this Driver Disk? Customers running the Citrix Hypervisor 8.2 LTSR release who use Qlogic's fastlinq driver and wish to use the latest version of the following: Driver Module| Version ---|--- qed| 8.55.13.0 qede| 8.55.13.0 qedf| 8.55.13.0 qedi| 8.55.13.0 qedr| 8.55.13.0 Issues...

Simple Online College Entrance Exam System 1.0 Unauthenticated Admin Creation

Exploit Title: Simple Online College Entrance Exam System 1.0 - Unauthenticated Admin Creation Date: 07.10.2021 Exploit Author: Amine ismail @aminei Vendor Homepage: https://www.sourcecodester.com/php/14976/simple-online-college-entrance-exam-system-php-and-sqlite-free-source-code.html Software...

Loan Management System 1.0 SQL Injection

Exploit Title: Loan Management System 1.0 - SQLi Authentication Bypass Date: 08.10.2021 Exploit Author: Merve Oral Vendor Homepage: https://www.sourcecodester.com/php/14471/loan-management-system-using-phpmysql-source-code.html Software Link:...

Online Enrollment Management System 1.0 SQL Injection

Exploit Title: Online Enrollment Management System 1.0 - Authentication Bypass Date: 07.10.2021 Exploit Author: Amine ismail @aminei Vendor Homepage: https://www.sourcecodester.com/php/12914/online-enrollment-management-system-paypal-payments-phpmysqli.html Software Link:...