Microweber 1.2.11 - Remote Code Execution (Authenticated) Vulnerability

Exploit Title: Microweber 1.2.11 - Remote Code Execution RCE Authenticated Google Dork: NA Exploit Author: Chetanya Sharma @AggressiveUser Vendor Homepage: https://microweber.org/ Software Link: https://github.com/microweber/microweber Version: 1.2.11 Tested on: KALI OS CVE : CVE-2022-0557...

Crazy Bone <= 0.6.0 - Unauthenticated Stored XSS

The plugin does not sanitise and escape the username submitted via the login from when displaying them back in the log dashboard, leading to an unauthenticated Stored Cross-Site scripting PoC curl 'https://example.com/wp-login.php' --data-raw 'log=a=x&wp-submit;=Log+In' The XSS will be trigged in...

XXL-JOB cross-site scripting vulnerability (CNVD-2021-44699)

XXL-JOB is a distributed task scheduling platform whose core design goals are rapid development, simple learning, lightweight and easy to extend. A stored cross-site scripting vulnerability exists in XXL-JOB 2.2.0 in the "Add User" section, which can be exploited to bypass a 20-minute vulnerabili...

Cross site scripting

TechKshetra Info Solutions Pvt. Ltd Savsoft Quiz 5.5 and earlier has XSS which can result in an attacker injecting the XSS payload in the User Registration section and each time the admin visits the manage user section from the admin panel, the XSS triggers and the attacker can steal the cookie v...

DEBIAN-CVE-2019-7704

wasm::WasmBinaryBuilder::readUserSection in wasm-binary.cpp in Binaryen 1.38.22 triggers an attempt at excessive memory allocation, as demonstrated by wasm-merge and wasm-opt...

SuiteCRM 7.10.7 - record SQL Injection

SuiteCRM 7.10.7 - record SQL Injection Exploit Title: SuiteCRM 7.10.7 - 'record' SQL Vulnerabilities Dork: N/A Date: 03-02-2019 Exploit Author: Mehmet EMIROGLU Vendor Homepage: https://suitecrm.com/ Software Link: https://suitecrm.com/download/ Version: 7.10.7 Category: Webapps Tested on: Wampp...

Family Connections CMS 1.4 Multiple Remote SQL Injection Vulnerabilities

No description provided by source. ========================================================================== Family Connections CMS 1.4 Multiple Remote SQL Injection Vulnerabilities ========================================================================== ,--^----------,--------,-----,-------^-...

Family Connections CMS 1.4 Multiple Remote SQL Injection Vulnerabilities

Exploit for unknown platform in category web applications ======================================================================== Family Connections CMS 1.4 Multiple Remote SQL Injection Vulnerabilities ========================================================================...

Family Connections CMS 1.4 - Multiple SQL Injections

========================================================================== Family Connections CMS 1.4 Multiple Remote SQL Injection Vulnerabilities ========================================================================== ,--^----------,--------,-----,-------^--, | ||||||||| --------' | O .. CWH...

Family Connections CMS 1.4 - Multiple SQL Injections

Family Connections CMS 1.4 - Multiple SQL Injections ========================================================================== Family Connections CMS 1.4 Multiple Remote SQL Injection Vulnerabilities ==========================================================================...