21 matches found
EUVD-2024-38906
Malicious code in bioql PyPI...
CVE-2025-48416
An OpenSSH daemon listens on TCP port 22. There is a hard-coded entry in the "/etc/shadow" file in the firmware image for the "root" user. However, in the default SSH configuration the "PermitRootLogin" is disabled, preventing the root user from logging in via SSH. This configuration can be...
SUSE CVE-2021-47080
In the Linux kernel, the following vulnerability has been resolved: RDMA/core: Prevent divide-by-zero error triggered by the user The userentrysize is supplied by the user and later used as a denominator to calculate number of entries. The zero supplied by the user will trigger the following...
DEBIAN-CVE-2021-47080
In the Linux kernel, the following vulnerability has been resolved: RDMA/core: Prevent divide-by-zero error triggered by the user The userentrysize is supplied by the user and later used as a denominator to calculate number of entries. The zero supplied by the user will trigger the following...
UBUNTU-CVE-2021-47080
In the Linux kernel, the following vulnerability has been resolved: RDMA/core: Prevent divide-by-zero error triggered by the user The userentrysize is supplied by the user and later used as a denominator to calculate number of entries. The zero supplied by the user will trigger the following...
PT-2023-6781
Name of the Vulnerable Software and Affected Versions SysAid On-Premise versions prior to 23.3.36 Description A path traversal vulnerability in SysAid On-Premise software leads to code execution after an attacker writes a file to the Tomcat webroot. This issue has been exploited in the wild, with...
karaf: path traversal flaws
A flaw was found in the Apache Karaf obr: command, where a partial path traversal issue allows a break out of the expected folder. This entry is set by the user...
CVE-2022-22932
A flaw was found in the Apache Karaf obr: command, where a partial path traversal issue allows a break out of the expected folder. This entry is set by the user...
kernel: RDMA/core: Prevent divide-by-zero error triggered by the user
In the Linux kernel, the following vulnerability has been resolved: RDMA/core: Prevent divide-by-zero error triggered by the user The userentrysize is supplied by the user and later used as a denominator to calculate number of entries. The zero supplied by the user will trigger the following...
PT-2024-11157 · Linux +2 · Linux Kernel +2
Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 5.13.0-rc1+ Description: A divide-by-zero error can be triggered in the Linux kernel by a user-supplied value, specifically the user entry size, which is used as a denominator to calculate the number of entries...
priceblink.com XSS vulnerability
Open Bug Bounty ID: OBB-106477 Description| Value ---|--- Affected Website:| priceblink.com Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Remediation Guide:| OWASP XSS Prevention Cheat...
PHP-Nuke <= 8.0 XSS & HTML Code Injection in News Module
No description provided by source. Software Link: http://www.phpnuke.org/modules.php?name=Downloads&dop=viewdownload&cid=1 -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= note : This bug found by tampering passed data . coders don't sanitize and check user entry point for news rate...
Metasploit < 4.4 - pcap_log Plugin Privilege Escalation (Metasploit)
This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' require 'rex' require 'msf/core/post/common' require...
Metasploit pcap_log Local Privilege Escalation
This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' require 'rex' require 'msf/core/post/common' require...
PHP-Nuke 8.0 - News Module Cross-Site Scripting / HTML Code Injection
Software Link: http://www.phpnuke.org/modules.php?name=Downloads&dop=viewdownload&cid=1 -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= note : This bug found by tampering passed data . coders don't sanitize and check user entry point for news rate...
PHP-Nuke <= 8.0 XSS & HTML Code Injection in News Module
No description provided by source. Software Link: http://www.phpnuke.org/modules.php?name=Downloads&dop=viewdownload&cid=1 -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= note : This bug found by tampering passed data . coders don't sanitize and check user entry point for news rate...
PHP-Nuke 8.0 - News Module Cross-Site Scripting HTML Code Injection
PHP-Nuke 8.0 - News Module Cross-Site Scripting HTML Code Injection Software Link: http://www.phpnuke.org/modules.php?name=Downloads&dop=viewdownload&cid=1 -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= note : This bug found by tampering passed data . coders don't sanitize and che...
PHP-Nuke <= 8.0 XSS & HTML Code Injection in News Module
Exploit for unknown platform in category web applications ======================================================== PHP-Nuke alert/XSS/.source 2. Html code injection : -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= 0day.today 2018-03-19...
MeltingIce File System 1.0 - Arbitrary Add User
MeltingIce File System 1.0 - Arbitrary Add User !/usr/bin/perl use strict; use LWP::UserAgent; NOTE: user a pretty uniqe username, has the script will say successfull if a username aready existed! NOTE: exploit is mainly to get a nice quota, but it can also to be used to add a user primeraly...
Assign Groups to Project Role screen allows entry of users as groups
When assigning groups to a project role, the screen allows the user to specify a group that is really a user name...