5335 matches found
House Rental 1.0 SQL Injection Exploit
Exploit for php platform in category web applications Exploit Title: House Rental v1.0 - PDO Bypass SQL Injection - Unauthenticated Code Execution - Change Admin Password Exploit Author: Bobby Cooke boku & Adeeb Shah @hyd3sec Vendor Homepage: https://projectworlds.in Software Link:...
CTF-challenges-by-me
This is an offensive tool for CTF challenges. It is a collection of exploits and challenges from various CTF events, including 0ctffinal-2017 and 0ctfquals-2018. The repository contains a variety of challenges, including web security, pwnable, and cryptography challenges. The challenges are...
Hackers Dump 20GB of Intel's Confidential Data Online
More than 20 gigabytes of proprietary data and source code from chipmaker Intel Corp. was dumped online by a third party, likely the result of a data breach from earlier this year. The announcement of the “first 20gb release in a series of large Intel leaks” was made by user and IT consultant...
Intel leaks – Hacker posts 20GB of alleged Intel source code, files online
By Waqas "This is the first 20GB release in a series of large Intel leaks" the developer claimed. This is a post from HackRead.com Read the original post: Intel leaks - Hacker posts 20GB of alleged Intel source code, files online...
Chinese Hackers Have Pillaged Taiwan's Semiconductor Industry
A campaign called Operation Skeleton Key has stolen source code, software development kits, chip designs, and more...
Stock Management System 1.0 - Authentication Bypass Vulnerability
Exploit for php platform in category web applications Exploit Title: Stock Management System 1.0 - Authentication Bypass Exploit Author: Adeeb Shah @hyd3sec Vendor Homepage: https://www.sourcecodester.com/ Software Link: https://www.sourcecodester.com/php/14366/stock-management-system-php.html...
Stock Management System 1.0 - Authentication Bypass
Exploit Title: Stock Management System 1.0 - Authentication Bypass Exploit Author: Adeeb Shah @hyd3sec Date: August 1, 2020 Vendor Homepage: https://www.sourcecodester.com/ Software Link: https://www.sourcecodester.com/php/14366/stock-management-system-php.html Version: 1.0 Tested On: Windows 10...
Daily Expenses Management System 1.0 SQL Injection
Exploit Title: Daily Expenses Management System 1.0 - 'username' SQL Injection Exploit Author: Daniel Ortiz Date: 2020-08-01 Vendor Homepage: https://www.sourcecodester.com/php/14372/daily-tracker-system-phpmysql.html Tested on: XAMPP Version 5.6.40 / Windows 10 Software Link:...
Stock Management System 1.0 SQL Injection
Exploit Title: Stock Management System 1.0 - Authentication Bypass Exploit Author: Adeeb Shah @hyd3sec Date: August 1, 2020 Vendor Homepage: https://www.sourcecodester.com/ Software Link: https://www.sourcecodester.com/php/14366/stock-management-system-php.html Version: 1.0 Tested On: Windows 10...
October CMS Build 465 XSS / File Read / File Deletion / CSV Injection
October CMS = Build 465 Multiple Vulnerabilities Author - Sivanesh Ashok | @sivaneshashok | stazot.com Date : 2020-03-31 Vendor : https://octobercms.com/ Version : = Build 465 Tested on : Build 465 CVE : CVE-2020-5295, CVE-2020-5296, CVE-2020-5297, CVE-2020-5298, CVE-2020-5299, CVE-2020-11083 Las...
Daily Tracker System 1.0 SQL Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: Daily Tracker System 1.0 - Authentication Bypass Exploit Author: Adeeb Shah @hyd3sec Vendor Homepage: https://www.sourcecodetester.com Software Link:...
Daily Tracker System 1.0 Cross Site Scripting Vulnerability
Exploit for php platform in category web applications Exploit Title: Daily Tracker System v1.0 - Reflected Cross Site Scripting XSS Exploit Author: Adeeb Shah Vendor Homepage: https://www.sourcecodester.com/ Software Link:...
curl: Connect-only connections can use the wrong connection
Summary: If a connect-only easy handle is not read from or written to, its connection can time out and be closed. If a new connection is created it can be allocated at the same address, causing the easy handle to use the new connection. This new connection may not be connected to the same server ...
Daily Tracker System 1.0 Cross Site Scripting
Exploit Title: Daily Tracker System v1.0 - Reflected Cross Site Scripting XSS Exploit Author: Adeeb Shah Date: July 30th, 2020 Vendor Homepage: https://www.sourcecodester.com/ Software Link: https://www.sourcecodester.com/download-code?nid=14372&title=Daily+Tracker+System+in+PHP%2FMySQL Version:...
Daily Tracker System 1.0 SQL Injection
Exploit Title: Daily Tracker System 1.0 - Authentication Bypass Exploit Author: Adeeb Shah @hyd3sec Credit to Bobby Cooke Date: July 29th, 2020 Vendor Homepage: https://www.sourcecodetester.com Software Link:...
Cherokee Web Server 0.4.27 <= 1.2.104 DoS Vulnerability
Cherokee Web Server is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
Survey of Supply Chain Attacks
The Atlantic Council has a released a report that looks at the history of computer supply chain attacks. Key trends from their summary: 1. Deep Impact from State Actors: There were at least 27 different state attacks against the software supply chain including from Russia, China, North Korea, and...
CVE-2020-12880
An issue was discovered in Pulse Policy Secure PPS and Pulse Connect Secure PCS Virtual Appliance before 9.1R8. By manipulating a certain kernel boot parameter, it can be tricked into dropping into a root shell in a pre-install phase where the entire source code of the appliance is available and...
CVE-2020-12880
An issue was discovered in Pulse Policy Secure PPS and Pulse Connect Secure PCS Virtual Appliance before 9.1R8. By manipulating a certain kernel boot parameter, it can be tricked into dropping into a root shell in a pre-install phase where the entire source code of the appliance is available and...
Hardcoded credentials
An issue was discovered in Pulse Policy Secure PPS and Pulse Connect Secure PCS Virtual Appliance before 9.1R8. By manipulating a certain kernel boot parameter, it can be tricked into dropping into a root shell in a pre-install phase where the entire source code of the appliance is available and...