Task Management System 1.0 - 'page' Local File Inclusion

Exploit Title: Task Management System 1.0 - 'page' Local File Inclusion Exploit Author: İsmail BOZKURT Date: 2020-12-15 Vendor Homepage: https://www.sourcecodester.com/php/14615/task-management-system-using-phpmysqli-source-code.html Software Link:...

WSMan-WinRM - A Collection Of Proof-Of-Concept Source Code And Scripts For Executing Remote Commands Over WinRM Using The WSMan.Automation COM Object

A collection of proof-of-concept source code and scripts for executing remote commands over WinRM using the WSMan.Automation COM object. Background For background information, please refer to the following blog post: WS-Management COM: Another Approach for WinRM Lateral Movement Notes...

Library Management System 2.0 SQL Injection

Exploit Title: Library Management System 2.0 - Auth Bypass SQL Injection Date: 2020-12-09 Exploit Author: Manish Solanki Vendor Homepage: https://www.sourcecodester.com/php/6849/library-management-system.html Software Link:...

Apache Tomcat 9.0.0.M1 < 9.0.40 multiple vulnerabilities

The version of Tomcat installed on the remote host is prior to 9.0.40. It is, therefore, affected by multiple vulnerabilities as referenced in the fixedinapachetomcat9.0.40security-9 advisory. - When serving resources from a network location using the NTFS file system, Apache Tomcat versions...

Apache Tomcat 8.5.0 < 8.5.60 multiple vulnerabilities

The version of Tomcat installed on the remote host is prior to 8.5.60. It is, therefore, affected by multiple vulnerabilities as referenced in the fixedinapachetomcat8.5.60security-8 advisory. - When serving resources from a network location using the NTFS file system, Apache Tomcat versions...

Online Bus Ticket Reservation 1.0 SQL Injection

Exploit Title: Online Bus Ticket Reservation 1.0 - SQL Injection Date: 2020-12-07 Exploit Author: Sakshi Sharma Vendor Homepage: https://www.sourcecodester.com/php/5012/online-bus-ticket-reservation-using-phpmysql.html Software Link:...

Online Bus Ticket Reservation 1.0 - SQL Injection

Exploit Title: Online Bus Ticket Reservation 1.0 - SQL Injection Date: 2020-12-07 Exploit Author: Sakshi Sharma Vendor Homepage: https://www.sourcecodester.com/php/5012/online-bus-ticket-reservation-using-phpmysql.html Software Link:...

Employee Performance Evaluation System 1.0 - &#039;Task and Description&#039; Persistent Cross Site Scripting

Exploit Title: Employee Performance Evaluation System 1.0 - ' Task and Description' Persistent Cross Site Scripting Date: 08/12/2020 Exploit Author: Ritesh Gohil Vendor Homepage: https://www.sourcecodester.com Software Link:...

Car Rental Management System 1.0 Local File Inclusion / SQL Injection

Exploit Title: Car Rental Management System 1.0 - SQL Injection / Local File include Date: 22-10-2020 Exploit Author: Mosaaed Vendor Homepage: https://www.sourcecodester.com/php/14544/car-rental-management-system-using-phpmysqli-source-code.html Software Link:...

Local Service Search Engine Management System 1.0 - SQLi Authentication Bypass

Exploit Title: Local Service Search Engine Management System 1.0 - SQLi Authentication Bypass Date: 21/11/2020 Exploit Author: Aditya Wakhlu Vendor Homepage: https://www.sourcecodester.com/php/14607/local-service-search-engine-management-system-using-phpmysqli-source-code.html Software Link:...

Pharmacy Store Management System 1.0 SQL Injection

Exploit Title: Pharmacy Store Management System 1.0 - 'id' SQL Injection Google Dork: N/A Date: 1.12.2020 Exploit Author: Aydın Baran Ertemir Vendor Homepage: https://www.sourcecodester.com/php/13225/pharmacy-store-management-system.html Software Link:...

DNSx - A Fast And Multi-Purpose DNS Toolkit Allow To Run Multiple DNS Queries Of Your Choice With A List Of User-Supplied Resolvers

dnsx is a fast and multi-purpose DNS toolkit allow to run multiple probers using retryabledns library, that allows you to perform multiple DNS queries of your choice with a list of user supplied resolvers. dnsx is successor of dnsprobe that includes new features, multiple bugs fixes, and tailored...

osCommerce 2.3.4.1 Cross Site Scripting

Exploit Title: osCommerce 2.3.4.1 - 'title' Persistent Cross-Site Scripting Date: 2020-11-19 Exploit Author: Emre Aslan Vendor Homepage: https://www.oscommerce.com/ Version: 2.3.4.1 Tested on: Windows & XAMPP == Tutorial https://HOST/catalog/admin/newsletters.php?action=new 3- Enter the XSS paylo...

CVE-2020-25159

499ES EtherNet/IP ENIP Adaptor Source Code is vulnerable to a stack-based buffer overflow, which may allow an attacker to send a specially crafted packet that may result in a denial-of-service condition or code execution...

CVE-2020-25159

499ES EtherNet/IP ENIP Adaptor Source Code is vulnerable to a stack-based buffer overflow, which may allow an attacker to send a specially crafted packet that may result in a denial-of-service condition or code execution...

Stack overflow

499ES EtherNet/IP ENIP Adaptor Source Code is vulnerable to a stack-based buffer overflow, which may allow an attacker to send a specially crafted packet that may result in a denial-of-service condition or code execution...

BigBlueButton has an unspecified vulnerability

BigBlueButton is an open source Web conferencing system from the BigBlueButton community. security vulnerabilities exist in versions prior to BigBlueButton 2.2.29, the source of the vulnerability lacks cleanup for certain parameters, as evidenced by the control characters in the accepted username...

Driver Disk for LSI megaraid sas 07.701.18.00+rc1 - For XenServer 7.x CR

Who Should Install this Driver Disk? Customers running a Citrix XenServer 7.x Current Release who use LSI's megaraid-sas driver and wish to use the latest version of the following: Driver Module| Version ---|--- megaraid-sas| 07.701.18.00+rc1 Issues Resolved In this Driver Disk Includes general...

Driver Disk for Intel i40e 2.0.23 - For XenServer 7.x CR

Who Should Install this Driver Disk? Customers running a Citrix XenServer 7.x Current Release who use Intel's i40e driver and wish to use the latest version of the following: Driver Module| Version ---|--- i40e| 2.0.23 Issues Resolved In this Driver Disk Includes general enhancements and bug fixe...

Hotfix XS80E009 - For Citrix Hypervisor 8.0

Who Should Install This Hotfix? This is a hotfix for customers running Citrix Hypervisor 8.0. All customers who are affected by the issues described inCTX266932 - Citrix Hypervisor Multiple Security Updatesshould install this hotfix. Information About this Hotfix Component| Details ---|---...