33 matches found
GHSA-99J6-HJ87-6FCF AVideo: Unauthenticated Information Disclosure via Missing Auth on CloneSite client.log.php
Summary The plugin/CloneSite/client.log.php endpoint serves the clone operation log file without any authentication. Every other endpoint in the CloneSite plugin directory enforces User::isAdmin. The log contains internal filesystem paths, remote server URLs, and SSH connection metadata. Details...
AVideo: Unauthenticated Information Disclosure via Missing Auth on CloneSite client.log.php
Summary The plugin/CloneSite/client.log.php endpoint serves the clone operation log file without any authentication. Every other endpoint in the CloneSite plugin directory enforces User::isAdmin. The log contains internal filesystem paths, remote server URLs, and SSH connection metadata. Details...
Exploit for CVE-2025-12762
🔐 CVE-2025-12762 — Critical RCE Vulnerability in pgAdmin 4 !...
PT-2025-47005
Name of the Vulnerable Software and Affected Versions SourceCodester Simple Online Book Store System affected versions not specified Description An information disclosure issue exists in the web-accessible backup file of the SourceCodester Simple Online Book Store System. A remote, unauthenticate...
Xoxo to Prague
Welcome to this week's edition of the Threat Source newsletter. I haven't been to Prague in a while, which is a pity. It's a wonderful city -- great people, amazing food. I've visited customers there, held team meetings at the local office shoutout to Petr! and spent some memorable summer days of...
Exploit for Path Traversal in Gibbonedu Gibbon
CVE-2023-34598 - Gibbon v25.0.0 LFI Exploit This repository c...
GLPI 9.4.5 - Remote Code Execution (RCE)
Exploit Title: GLPI 9.4.5 - Remote Code Execution RCE Exploit Author: Brian Peters Vendor Homepage: https://glpi-project.org Software Link: https://github.com/glpi-project/glpi/releases Version: | grep "CREATE TABLE" | grep -n wifinetworks Update the offsettable value with this number in the...
CVE-2021-26939
CVE-2021-26939 affects henriquedornas 5.2.17 and is described in connected sources as an information-disclosure issue that allows an attacker to dump phpMyAdmin SQL content. The SUSE entry and PT-Security note this as a site-specific problem. PT-Security provides a mitigation suggestion: restrict...
NIT-Warangal Dispensary Management System India 1.0 Database Disclosure
Exploit Title : NIT-Warangal Dispensary Management System India 1.0 Database Disclosure Author Discovered By : KingSkrupellos Team : Cyberizm Digital Security Army Date : 15/04/2019 Vendor Homepage : nitw.ac.in Software Download Link : github.com/NIT-Warangal/DispensaryMS/archive/master.zip Sofwa...
Themosis Framework BookStore 1.3.0 Database Disclosure
Exploit Title : Themosis Framework BookStore 1.3.0 Database Disclosure Author Discovered By : KingSkrupellos Team : Cyberizm Digital Security Army Date : 10/04/2019 Vendor Homepage : framework.themosis.com Software Download Link : github.com/themosis/bookstore/archive/master.zip Software...
NekoCMS 2.5 Database Disclosure
Exploit Title : NekoCMS 2.5 Database Disclosure Author Discovered By : KingSkrupellos Team : Cyberizm Digital Security Army Date : 10/04/2019 Vendor Homepage : osdn.net nekocms.osdn.jp Software Download Link : github.com/novhex/NekoCMS-v2.5/archive/master.zip Software Information Link :...
DataWrapper ProtoType 0.8 Database Disclosure
Exploit Title : DataWrapper ProtoType 0.8 Database Disclosure Exploit Author Discovered By : KingSkrupellos Team : Cyberizm Digital Security Army Date : 02/04/2019 Vendor Homepage : datawrapper.de Software Download Link : github.com/datawrapper/datawrapper-prototype/archive/master.zip Software...
Mash Project Integrated 4.2.7.1 Database Disclosure
Exploit Title : Mash Project Integrated 4.2.7.1 Database Disclosure Exploit Author Discovered By : KingSkrupellos Team : Cyberizm Digital Security Army Date : 02/04/2019 Vendor Homepage : mashglobal.org Software Download Link : github.com/Shekharrajak/Mash-Project-Integrated/archive/master.zip...
Shinobi Security Software 1.0 Database Disclosure
Exploit Title : Shinobi Security Software 1.0 Database Disclosure Exploit Author Discovered By : KingSkrupellos Team : Cyberizm Digital Security Army Date : 02/04/2019 Vendor Homepage : shinobi.video Software Download Link : github.com/moeiscool/Shinobi/archive/master.zip Software Information Lin...
WordPress Ultimate Form Builder 1.0 Database Disclosure
Exploit Title : WordPress Ultimate Form Builder Plugins 1.0 Database Disclosure Author Discovered By : KingSkrupellos Team : Cyberizm Digital Security Army Date : 28/03/2019 Vendor Homepage : access-keys.com Software Information Link : codecanyon.net/item/ultimate-form-builder/14644208...
WordPress WP-Forum 1.7.8 Database Disclosure
Exploit Title : WordPress 2.0.2 WP-Forum Plugins 1.7.8 Database Disclosure Author Discovered By : KingSkrupellos Team : Cyberizm Digital Security Army Date : 27/03/2019 Vendor Homepage : wordpress.org Software Information Link :...
Xoops 1.0.2 PD-Links 1.0 Database Disclosure
Exploit Title : Xoops 1.0.2 PD-Links Modules 1.0 Krobi Database Disclosure Author Discovered By : KingSkrupellos Team : Cyberizm Digital Security Army Date : 03/03/2019 Vendor Homepage : xoops.org power-dreams.com Software Download Link : xoops.org/modules/repository/visit.php?cid=40&lid=1491...
PrestaShop yllyaidechantier 1.4.9.0 Database Disclosure
Exploit Title : PrestaShop yllyaidechantier Modules 1.4.9.0 Database Disclosure Author Discovered By : KingSkrupellos from Cyberizm Digital Security Army Date : 24/12/2018 Vendor Homepage : prestashop.com Software Download Link : N/A Tested On : Windows and Linux Category : WebApps Version...
WordPress TimeTable Responsive Schedule 5.4 Database Disclosure
Exploit Title : WordPress TimeTable Responsive Schedule Plugins 5.4 Database Backup Disclosure Author Discovered By : KingSkrupellos from Cyberizm Digital Security Army Date : 08/12/2018 Vendor Homepage : wordpress.org codecanyon.net Software Download Link :...
Guinevere - Automated Security Assessment Reporting Tool
This tool works with Gauntlet a private tool to automate assessment reporting. Main features include: Generate Assessment Report Export Assessment Generate Retest Report Generate Pentest Checklist Generate Assessment Report This option will generate you .docx report based on the vulnerabilities...