Authentication Bypass By Spoofing

Apache SeaTunnel is vulnerable to Authentication Bypass by Spoofing. The vulnerability is due to a hardcoded JWT key in the application, allowing an attacker to forge any token to log in as any user...

Spoofing

The Login as User or Customer WordPress plugin through 3.8 does not prevent users to log in as any other user on the site...

pysaml2 Improper Authentication vulnerability

pysaml2 version 4.4.0 and older accept any password when run with python optimizations enabled. This allows attackers to log in as any user without knowing their password...

Oracle MySQL for Microsoft Windows FILE Privilege Abuse Exploit

Exploit for windows platform in category remote exploits Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 'Oracle MySQL for Microsoft Windows FILE Privilege Abuse', 'Description' = %q This module takes advantage of a file privilege misconfigurati...

Flatnuke 3 Remote Cookie Manipoulation / Privilege Escalation

Exploit for unknown platform in category web applications ============================================================= Flatnuke 3 Remote Cookie Manipoulation / Privilege Escalation =============================================================...