5335 matches found
CVE-2020-12880
CVE-2020-12880 affects Pulse Policy Secure (PPS) and Pulse Connect Secure (PCS) Virtual Appliance prior to 9.1R8. By manipulating a kernel boot parameter, an insider can drop into a root shell in a pre-install phase where the appliance source code is accessible. Root access risk is limited to the...
Source code of over 50 high profile organizations leaked online
By Deeba Ahmed Source code leak took place due to a misconfiguration error. This is a post from HackRead.com Read the original post: Source code of over 50 high profile organizations leaked online...
PT-2020-13313 · Pulse · Pulse Policy Secure +1
Name of the Vulnerable Software and Affected Versions: Pulse Policy Secure PPS and Pulse Connect Secure PCS Virtual Appliance versions prior to 9.1R8 Description: An issue was discovered in the affected software. By manipulating a certain kernel boot parameter, it can be tricked into dropping int...
Online Farm Management System 0.1.0 Cross Site Scripting
Exploit Title: Online Farm Management System 0.1.0 - Persistent Cross-Site Scripting Date: 2020-06-29 Exploit Author: KeopssGroup0day,Inc Vendor Homepage: https://www.sourcecodester.com/php/14198/online-farm-management-system-phpmysql.html Software Link:...
Acronis: Local File Disclosure /Delete On [us-az-vpn.acronis.com]
Cisco ASA VPN server hosted on https://us-az-vpn.acronis.com was found to be using an outdated version that suffers from a Local File Disclosure /Delete vulnerability. Through this vulnerability an unauthenticated remote attacker can read and delete the contents of any file stored on the VPN serv...
Web Based Online Hotel Booking System 0.1.0 - Authentication Bypass Vulnerability
Exploit for php platform in category web applications Exploit Title: Web Based Online Hotel Booking System 0.1.0 - Authentication Bypass Exploit Author: KeopssGroup0day,Inc Vendor Homepage: https://github.com/mrzulkarnine/Web-based-hotel-booking-system Software Link:...
Online Farm Management System 0.1.0 - Persistent Cross-Site Scripting Vulnerability
Exploit for php platform in category web applications Exploit Title: Online Farm Management System 0.1.0 - Persistent Cross-Site Scripting Exploit Author: KeopssGroup0day,Inc Vendor Homepage: https://www.sourcecodester.com/php/14198/online-farm-management-system-phpmysql.html Software Link:...
Web Based Online Hotel Booking System 0.1.0 - Authentication Bypass
Exploit Title: Web Based Online Hotel Booking System 0.1.0 - Authentication Bypass Date: 2020-07-03 Exploit Author: KeopssGroup0day,Inc Vendor Homepage: https://github.com/mrzulkarnine/Web-based-hotel-booking-system Software Link: https://github.com/mrzulkarnine/Web-based-hotel- booking-system...
Exploit for Improper Input Validation in Microsoft
This is an educational exercise. Use at your own risk. CVE-...
Visual Studio Code ESLint Extension Remote Code Execution Vulnerability
A remote code execution vulnerability exists in the ESLint extension for Visual Studio Code when it validates source code after opening a project. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on...
Smartwatch Hack Could Trick Dementia Patients into Overdosing
Researchers are warning vulnerabilities in a smartwatch application for dementia patients could allow an attacker to convince patients to overdose. The vulnerabilities stem from the SETracker application, which is developed by Chinese developer 3G Electronics based out of Shenzhen City. The app,...
Savsoft Quiz 5 - Persistent Cross-Site Scripting Vulnerability
Exploit for php platform in category web applications Exploit Title: Savsoft Quiz 5 - Persistent Cross-Site Scripting Exploit Author: Ogulcan Unverenth3d1gger Vendor Homepage: https://savsoftquiz.com/ Software Link: https://github.com/savsofts/savsoftquizv5.git Version: 5.0 Tested on: Kali Linux...
Savsoft Quiz 5 - Persistent Cross-Site Scripting Vulnerability
Exploit for php platform in category web applications Exploit Title: Savsoft Quiz 5 - Persistent Cross-Site Scripting Exploit Author: Ogulcan Unverenth3d1gger Vendor Homepage: https://savsoftquiz.com/ Software Link: https://github.com/savsofts/savsoftquizv5.git Version: 5.0 Tested on: Kali Linux...
Savsoft Quiz 5 - Persistent Cross-Site Scripting
Exploit Title: Savsoft Quiz 5 - Persistent Cross-Site Scripting Date: 2020-07-09 Exploit Author: Ogulcan Unverenth3d1gger Vendor Homepage: https://savsoftquiz.com/ Software Link: https://github.com/savsofts/savsoftquizv5.git Version: 5.0 Tested on: Kali Linux ---Vulnerable Source Code---- functio...
Airshare - Cross-platform Content Sharing In A Local Network
Airshare is a Python-based CLI tool and module that lets you transfer data between two machines in a local network, P2P, using Multicast-DNS. It also opens an HTTP gateway for other non-CLI external interfaces. It works completely offline! Built with aiohttp and zeroconf. Checkout the demo...
File Management System 1.1 - Persistent Cross-Site Scripting
Exploit Title: File Management System 1.1 - Persistent Cross-Site Scripting Date: 2020-06-30 Exploit Author: KeopssGroup0day,Inc Vendor Homepage: https://www.sourcecodester.com/download-code?nid=13333&title=File+Management+System+Very+Complete+Using+PHP%2FMySQLi+version+1.1 Software Link:...
Engel & Völkers Technology GmbH: Publicly accessible .SVN repository allows downloading entire source code
Summary of the Issue The researcher found a publicly accessible SVN repository at https://printshop.engelvoelkers.com/.svn/wc.db Steps to reproduce Go to https://printshop.engelvoelkers.com/.svn/wc.db Impact statement Information disclosure...
e-learning Php Script 0.1.0 - 'search' SQL Injection
Exploit Title: e-learning Php Script 0.1.0 - 'search' SQL Injection Date: 2020-06-29 Exploit Author: KeopssGroup0day,Inc Vendor Homepage: https://github.com/amitkolloldey/elearning-script Software Link: https://github.com/amitkolloldey/elearning-script Version: 0.1.0 Tested on: Kali Linux Source...
vBulletin 5 SQL Injection
SQL Injection vulnerability in vBulletin nodeId parameter Vulnerability Type: SQL Injection For the exploit source code contact DSquare Security sales team...
Unnamed Vulnerability in GitLab (CNVD-2021-19411)
GitLab is a Ruby on Rails-developed, self-hosted, Git version control system project repository application from the American company GitLab. The program can be used to access a project's file contents, commit history, bug lists, and more. A security vulnerability exists in GitLab Enterprise and...