16 matches found
Design/Logic Flaw
An issue in MOKO TECHNOLOGY LTD MOKOSmart MKGW1 BLE Gateway v.1.1.1 and before allows a remote attacker to escalate privileges via the session management component of the administrative web interface...
CVE-2023-51059
An issue in MOKO TECHNOLOGY LTD MOKOSmart MKGW1 BLE Gateway v.1.1.1 and before allows a remote attacker to escalate privileges via the session management component of the administrative web interface...
CVE-2022-43437 HWA JIUH DIGITAL TECHNOLOGY LTD. EasyTest - SQL Injection
The Download function’s parameter of EasyTest has insufficient validation for user input. A remote attacker authenticated as a general user can inject arbitrary SQL command to access, modify or delete database...
ICT Protege GX/WX 2.08 - Client-Side SHA1 Password Hash Disclosure
Exploit Title: ICT Protege GX/WX 2.08 - Client-Side SHA1 Password Hash Disclosure Exploit Author: LiquidWorm Vendor: Integrated Control Technology Ltd. Product web page: https://www.ict.co Affected version: GX: Ver: 2.08.1002 K1B3 Lib: 04.00.217 Int: 2.3.235.J013 OS: 2.0.20 WX: Ver: 4.00 284 H062...
ICT Protege GX/WX 2.08 Authenticated Stored XSS Vulnerability
Summary Protege GX is an enterprise level integrated access control, intrusion detection and building automation solution with a feature set that is easy to operate, simple to integrate and effortless to extend. Protege WX is an all-in-one, web-based, cross-platform system that gives you a fully...
File Upload Vulnerability in the Flash Flood Monitoring and Early Warning Platform of Siltronic Ltd (CNVD-2022-10323)
Siltronic Ltd. is an information service provider for disaster reduction and profitability in China. A file upload vulnerability exists in the flash flood monitoring and early warning platform of Sicron Technology Limited, which can be exploited by attackers to gain control of the server...
CVE-2021-30173 Jun-He Technology Ltd. Quan-Fang-Wei-Tong-Xun system - Local File Inclusion
Local File Inclusion vulnerability of the omni-directional communication system allows remote authenticated attacker inject absolute path into Url parameter and access arbitrary file...
CVE-2021-30172 Jun-He Technology Ltd. Quan-Fang-Wei-Tong-Xun system - Reflected XSS
Special characters of picture preview page in the Quan-Fang-Wei-Tong-Xun system are not filtered in users’ input, which allow remote authenticated attackers can inject malicious JavaScript and carry out Reflected XSS Cross-site scripting attacks, additionally access and manipulate customer’s...
CVE-2021-30170 Jun-He Technology Ltd. ERP POS - Stored XSS-1
Special characters of ERP POS customer profile page are not filtered in users’ input, which allow remote authenticated attackers can inject malicious JavaScript and carry out stored XSS Stored Cross-site scripting attacks, additionally access and manipulate customer’s information...
Weak Password Vulnerability in PA-5500-U06 of Humber Technology Ltd.
English: Opzoon is a leading global provider of cloud computing data center solutions and the first high-tech enterprise in China to establish an enterprise-level applied mathematics laboratory. A weak password vulnerability exists in Humber Technology Limited PA-5500-U06, which can be exploited ...
Weak Password Vulnerability in TL-WR841HP of P&L Technology Ltd.
The TL-WR841HP is a 300Mbps, high power wireless router. A weak password vulnerability exists in the P&T TL-WR841HP, which can be exploited by an attacker to obtain sensitive information...
SQL injection vulnerability in ne***.asp page di*** parameter and pr***.php page di*** parameter of website building system of Shenzhen Dr. Tong Technology Co.
Ltd. is an Internet infrastructure operator engaged in website construction, website optimization and Internet marketing. There is a SQL injection vulnerability in the ne.asp page di parameter and pr.php page di parameter of the website building system of Shenzhen Dr. Tong Technology Co. Ltd. whi...
KV Site Admin CMS 3.0 SQL injection Vulnerability
Exploit for php platform in category web applications Exploit Title : KV Site Admin CMS 3.0 SQL injection Vulnerability Exploit Author : xBADGIRL21 Dork : e.World Technology Ltd. All rights reserved "Admin Area - Version 3.0" Version: 3.0 MyBlog: http://xbadgirl21.blogspot.com Tested on: BackBox...
KV Site Admin CMS 3.0 SQL Injection
Exploit Title : KV Site Admin CMS 3.0 SQL injection Vulnerability Exploit Author : xBADGIRL21 Dork : e.World Technology Ltd. All rights reserved "Admin Area - Version 3.0" Version: 3.0 MyBlog: http://xbadgirl21.blogspot.com Tested on: BackBox skype:xbadgirl21 Video Proof :...
Source Technology SQL Injection
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 x Official Website: http://www.1337day.com 0 1 x Support...
Source Technology - SQL Injection Vulnerability
Exploit for php platform in category web applications -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 x...