14 matches found
EUVD-2023-23951
Malicious code in bioql PyPI...
CVE-2024-52427
CVE-2024-52427 affects WordPress Plugin Event Tickets with Ticket Scanner (
CVE-2024-52427 WordPress Event Tickets with Ticket Scanner plugin <= 2.3.11 - Remote Code Execution (RCE) vulnerability
Deserialization of Untrusted Data vulnerability in Vollstart Event Tickets with Ticket Scanner event-tickets-with-ticket-scanner allows Server Side Include SSI Injection.This issue affects Event Tickets with Ticket Scanner: from n/a through = 2.3.11...
CVE-2023-1728
Unrestricted Upload of File with Dangerous Type vulnerability in Fernus Informatics LMS allows OS Command Injection, Server Side Include SSI Injection. This issue affects LMS: before 23.04.03...
CVE-2023-1728
CVE-2023-1728 describes an Unrestricted Upload of File with Dangerous Type in Fernus Informatics LMS, enabling OS Command Injection and Server-Side Include (SSI) Injection. Affected: Fernus Informatics LMS versions prior to 23.04.03. Root cause: unrestricted file uploads allow dangerous types to ...
PT-2023-17196
Name of the Vulnerable Software and Affected Versions Fernus Informatics LMS versions prior to 23.04.03 Description The issue allows OS Command Injection and Server Side Include SSI Injection due to an Unrestricted Upload of File with Dangerous Type vulnerability. This vulnerability can be...
The vulnerability of NETGEAR’s Wi-Fi routers, namely RBK40, RBR40, and RBS40, stems from improper handling of the cryptographic generation process. This allows attackers to execute a Server Side Include Injection (SSI) attack.
The vulnerability of the built-in Wi-Fi router software from NETGEAR, namely RBK40, RBR40, and RBS40, is related to incorrect code generation. Exploiting this vulnerability could allow an attacker to execute a Server Side Include Injection SSI attack...
QRGen - Simple Script For Generating Malformed QRCodes
Simple Script For Generating Malformed QRCodes. These qrcodes are useful if you want to test some QRCode scanner's parser or how the application handle QRCode data. Down side of this tool: you need to manually scan codes with camera. Proof Installation What do you need: python3 qrcode Pillow...
BurpBounty - A Extension Of Burp Suite That Improve An Active And Passive Scanner
This extension allows you, in a quick and simple way, to improve the active and passive burpsuite scanner by means of personalized rules through a very intuitive graphical interface. Through an advanced search of patterns and an improvement of the payload to send, we can create our own issue...
Mail.ru: [realty.mail.ru] XSS, SSI Injection
XSS === PoC Открыть с помощью Internet Explorer https://blackfan.ru/x?r=https://realty.mail.ru/%22--%3e%3csvg/onload=alertdocument.domain%3e/%252e%252e Request GET /"--/.. HTTP/1.1 Host: realty.mail.ru Connection: close SSI Injection === PoC Request-URI также попадает в SSI код GET //"-- HTTP/1.1...
[Netsparker v3.0.2.0 Community Edition] Web Application Security Scanner
Netsparker can crawl, attack and identify vulnerabilities in all custom web applications regardless of the platform and the technology they are built on, just like an actual attacker. It can identify web application vulnerabilities like SQL Injection, Cross-site Scripting XSS, Remote Code Executi...
CGI Generic SSI Injection (HTTP headers)
The remote web server hosts one or more CGI scripts that fail to adequately sanitize request strings and seem to be vulnerable to an 'SSI injection' attack. By leveraging this issue, an attacker may be able to execute arbitrary commands on the remote host. %NASLMINLEVEL 70300 C Tenable Network...
CGI Generic SSI Injection
The remote web server hosts CGI scripts that fail to adequately sanitize request strings. They seem to be vulnerable to an 'SSI injection' attack. By leveraging this issue, an attacker may be able to execute arbitrary commands on the remote host. %NASLMINLEVEL 70300 C Tenable Network Security, In...
SSI vulnerability in Compaq Web Based Management Agent
SSI vulnerability in Compaq Web Based Management Agent ====================================================== Type of vulnerabilities: Server Side Include injection. Exploitable. Stack overflows and access violations. Exploitable? Creation of script objects. Exploitable? Affected Software: Compaq...