NodAPS 4.0 - SQL injection Cross-Site Request Forgery

NodAPS 4.0 - SQL injection Cross-Site Request Forgery Exploit Title: Online Booking system - NodAPS 4.0 - 'search' SQL injection / Cross-Site Request Forgery Date: 2018-05-16 Exploit Author: Borna nematzadeh L0RD Vendor Homepage:...

H2 Database - 'Alias' Arbitrary Code Execution

''' Exploit Title: H2 Database Alias Abuse Date: 05/04/2018 Exploit Author: gambler Vendor Homepage:www.h2database.com Software Link: http://www.h2database.com/html/download.html Version: all versions Tested on: Linux, Mac OS ''' import sys import argparse import html import requests Blogpost abo...

Joomla! Google Map Landkarten 4.2.3 SQL Injection

Exploit Title: Joomla! Component Google Map Landkarten cmslitedoct' http://localhost/Joomla375/index.php?option=comgmap&view=gmmarkers&tm...

Joomla! Gallery WD 1.3.6 SQL Injection

Exploit Title: Joomla! Component Gallery WD 1.3.6 - SQL Injection Dork: N/A Date: 16.02.2018 Vendor Homepage: https://web-dorado.com/ Software Link: https://extensions.joomla.org/extensions/extension/photos-a-images/galleries/gallery-wd/ Software Download:...

Joomla! Component Saxum Picker 3.2.10 - SQL Injection

Exploit Title: Joomla! Component Saxum Picker 3.2.10 - SQL Injection Dork: N/A Date: 16.02.2018 Vendor Homepage: http://www.saxum2003.hu/ Software Link: https://extensions.joomla.org/extensions/extension/sports-a-games/games/saxumpicker/ Software Download:...

GHSA-5726-G6R9-5F22 Potential for Script Injection in syntax-error

Versions of syntax-error prior to 1.1.1 are affected by a cross-site scripting vulnerability which may allow a malicious file to execute code when browserified. Recommendation Update to version 1.1.1 or later...

@chargetrip/internal-vue-components (>=0.0.1 <=0.0.13), ampersand-view-conventions (>=1.0.0 <=1.1.3) +260 more potentially affected by CVE-2014-7192 via syntax-error (>=0.0.0 <=0.0.1)

syntax-error NPM version =0.0.0, =0.0.1, =1.0.0, =0.0.0, =0.0.1, =1.1.5, =1.0.0, =0.0.1, =0.0.1, =0.0.1, =0.1.0, =0.1.4, =0.2.0, =0.2.4 and more Source cves: CVE-2014-7192 Source advisory: OSV:GHSA-5726-G6R9-5F22...

Potential for Script Injection in syntax-error

Versions of syntax-error prior to 1.1.1 are affected by a cross-site scripting vulnerability which may allow a malicious file to execute code when browserified. Recommendation Update to version 1.1.1 or later...

Database Creation Error when creating a new WEM database using a hyphen ("-") in the database name

When attempting to create a new WEM database when using a hyphen '-'in the name, an error appears saying "Database Creation Error". The Citrix WEM Database Management Utility Debug Log contains the following Exception: Exception - CreateVuemdb.Run : SqlDatabaseHelper. connection Error : 102 |...

perl -- multiple vulnerabilities

Meta CPAN reports: CVE-2017-12814: $ENV$key stack buffer overflow on Windows A possible stack buffer overflow in the %ENV code on Windows has been fixed by removing the buffer completely since it was superfluous anyway. CVE-2017-12837: Heap buffer overflow in regular expression compiler Compiling...

SUSE SLED12 / SLES12 Security Update : bash (SUSE-SU-2017:1317-1)

This update for bash fixes an issue that could lead to syntax errors when parsing scripts that use expr1 inside loops. Additionally, the popd build-in now ensures that the normalized stack offset is within bounds before trying to free that stack entry. This fixes a segmentation fault. Note that...

OracleVM 3.3 / 3.4 : bash (OVMSA-2017-0050)

The remote OracleVM system is missing necessary patches to address critical security updates : - Fix signal handling in read builtin Resolves: 1421926 - CVE-2016-9401 - Fix crash when '-' is passed as second sign to popd Resolves: 1396383 - CVE-2016-7543 - Fix for arbitrary code execution via...

shopify-scripts: Incorrect code generation with redo inside NODE_RESCUE.

The following code causes mruby to use up all available memory: class A redo rescue c end Following the execution, we see the code in codegen.c jumping between CASEOPONERR and CASEOPJMP. CASEOPONERR uses realloc to double the size of mrb-c-rescue, and since it is stuck in an infinite loop between...

shopify-scripts: Invalid handling of zero-length heredoc identifiers leads to infinite loop in the sandbox

Introduction ============ Certain invalid Ruby programs which should normally raise a syntax error are able to cause an infinite loop in MRuby's parser which makes the mruby-engine sandbox and consequently the MRI process it is running in unresponsive to SIGTERM. The process begins looping foreve...

openSUSE Security Update : python-Jinja2 (openSUSE-2016-1159)

This update for python-Jinja2 fixes the following issues : Update to version 2.8 : - Added target parameter to urlize function. - Added support for followsymlinks to the file system loader. - The truncate filter now counts the length. - Added equalto filter that helps with select filters. - Chang...

Scientific Linux Security Update : autofs on SL7.x x86_64 (20151119)

It was found that program-based automounter maps that used interpreted languages such as Python used standard environment variables to locate and load modules of those languages. A local attacker could potentially use this flaw to escalate their privileges on the system. CVE-2014-8169 Note: This...

autofs security update

CentOS Errata and Security Advisory CESA-2015:2417 Updated autofs packages that fix one security issue, several bugs, and add one enhancement are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability...

Moderate: Red Hat Security Advisory: autofs security, bug fix and enhancement update

Updated autofs packages that fix one security issue, several bugs, and add one enhancement are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a...

Scientific Linux Security Update : autofs on SL6.x i386/x86_64 (20150722)

It was found that program-based automounter maps that used interpreted languages such as Python would use standard environment variables to locate and load modules of those languages. A local attacker could potentially use this flaw to escalate their privileges on the system. CVE-2014-8169 Note:...

通达oa2013又一奇葩注入DBA

简要描述： 无语了。。。 详细说明： 官网demo登录试用: http://www.day900.com/ 发现这个: http://www.day900.com/general/crm/apps/crm/include/search.php?ENTITY=crmmarketing&PAGESIZE=10&CURPAGE=&ORDERFIELD=&ORDERTYPE=&USERVIEW=1706 payload:ENTITY=crmmarketing' 返回这个: 请联系管理员 错误1064: You have an error in your SQL syntax; check the...