CVE-2024-48589

Cross Site Scripting vulnerability in Gilnei Moraes phpABook v.0.9 allows a remote attacker to execute arbitrary code via the rol parameter in index.php...

Remote code execution

A remote code execution RCE vulnerability via an insecure file upload exists in gugoan's Economizzer v.0.9-beta1 and commit 3730880 April 2023. A malicious attacker can upload a PHP web shell as an attachment when adding a new cash book entry. Afterwards, the attacker may visit the web shell and...

Economizzer Security Vulnerabilities

Economizzer is a simple and open source personal finance management system using PHP Yii Framework 2 by Gustavo G. Andrade, an individual developer. A security vulnerability exists in Economizzer v.0.9-beta1, which is vulnerable to clickjacking attacks...

Patchelf out-of-bounds read

Patchelf v0.9 was discovered to contain an out-of-bounds read via the function modifyRPath at src/patchelf.cc...

CVE-2022-44940

Patchelf v0.9 was discovered to contain an out-of-bounds read via the function modifyRPath at src/patchelf.cc...

CVE-2022-44940

Patchelf v0.9 was discovered to contain an out-of-bounds read via the function modifyRPath at src/patchelf.cc...

Out-of-bounds

Patchelf v0.9 was discovered to contain an out-of-bounds read via the function modifyRPath at src/patchelf.cc...

CVE-2022-44940

Patchelf v0.9 was discovered to contain an out-of-bounds read via the function modifyRPath at src/patchelf.cc...

CVE-2022-44940

Patchelf v0.9 contains an out-of-bounds read via modifyRPath in patchelf.cc (CVE-2022-44940). Several advisories (Ubuntu USN-6036-1, Mageia MGASA-2023-0179, OSV entries) confirm the issue and note a fix has been released in updated Patchelf packages; affected users should apply the vendor-provide...

CVE-2022-27095

BattlEye v0.9 contains an unquoted service path which allows attackers to escalate privileges to the system level...

Code injection

BattlEye v0.9 contains an unquoted service path which allows attackers to escalate privileges to the system level...

CVE-2022-27095

BattlEye v0.9 contains an unquoted service path that allows local privilege escalation to SYSTEM. Root cause: unquoted path in the service entry. Impact: attacker gains complete system control if exploited. Exploitation details are not provided in the supplied documents; no remediation or patch v...

CVE-2022-27095

BattlEye v0.9 contains an unquoted service path which allows attackers to escalate privileges to the system level...

CVE-2019-20016

libmysofa before 2019-11-24 does not properly restrict recursive function calls, as demonstrated by reports of stack consumption in readOHDRHeaderMessageDatatype in dataobject.c and directblockRead in fractalhead.c. NOTE: a download of v0.9 after 2019-12-06 should fully remediate this issue...

Design/Logic Flaw

libmysofa before 2019-11-24 does not properly restrict recursive function calls, as demonstrated by reports of stack consumption in readOHDRHeaderMessageDatatype in dataobject.c and directblockRead in fractalhead.c. NOTE: a download of v0.9 after 2019-12-06 should fully remediate this issue...

CVE-2019-20016

libmysofa before 2019-11-24 does not properly restrict recursive function calls, as demonstrated by reports of stack consumption in readOHDRHeaderMessageDatatype in dataobject.c and directblockRead in fractalhead.c. NOTE: a download of v0.9 after 2019-12-06 should fully remediate this issue...

VamCart 0.9 - CSRF Vulnerability

No description provided by source. Exploit Title: VamCart v0.9 CSRF Vulnerability Date: 20/08/2012 Author: DaOne Software Link: http://vamcart.googlecode.com/files/vamcart.zip Greetings to: LCA CSRF Add Admin: html body onload=document.form0.submit; form method=POST name=form0...

NeoBill 0.9-alpha eCommerce Command Execution / SQL Injection / LFI

Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 + Site : 1337day.com 0 1 + Support e-mail : submitat1337day.com 1 0 0 1 1 0 I'm KedAns-Dz member from Inj3ct0r Team 1 1 0 0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-1 Title : NeoBill...

NeoBill v0.9-alpha eCommerce <= (RCE/SQLi/LFI) Vulnerabilities

NeoBill v0.9-alpha is suffer from multiple vulnerabilities Usage Info Bllind Exploitation via cURL exploits or HTTP Headers Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 + Site : 1337day.com 0 1 + Support e-mail : submitat1337day.com 1 0 0 1 1 0 I'm KedAns-Dz...

VamCart v0.9 CSRF Vulnerability

Exploit for php platform in category web applications Exploit Title: VamCart v0.9 CSRF Vulnerability Date: 20/08/2012 Author: DaOne Software Link: http://vamcart.googlecode.com/files/vamcart.zip Greetings to: LCA CSRF Add Admin: 0day.today 2018-01-06...