Web Ofisi Emlak SQL注入漏洞

Web Ofisi Emlak is a real estate agency website system developed by the Turkish company Web Ofisi. The Web Ofisi Emlak V2 version has a SQL injection vulnerability, which stems from insufficient validation of multiple GET parameter inputs. This vulnerability may lead to SQL injection attacks...

TP-LINK TL-WR1041N 安全漏洞

TP-LINK TL-WR1041N is a wireless router from China P&L TP-LINK. A security vulnerability exists in the TP-Link TL-WR1041N V2 version, which originates from a security flaw in the component /userRpm/NetworkCfgRpm. An attacker can exploit the vulnerability to cause a Denial of Service DoS by...

Multiple storage slot collisions between versions - due to different order in declaration

Lines of code Vulnerability details Impact If we list the sequence of how variables receive slots, we will see the failure to follow "append-only" principle. Many variable added "in-between" V2 version can read/write wrong slots. Proof of Concept Here is the table/list of variable, built taking...