EUVD-2022-1267

Malicious code in bioql PyPI...

CVE-2022-28578

It is found that there is a command injection vulnerability in the setOpenVpnCfg interface in TOTOlink A7100RU v7.4cu.2313b20191024 router, which allows an attacker to execute arbitrary commands through a carefully constructed payload...

CVE-2024-57098

Moss v0.1.3 version has an SQL injection vulnerability that allows attackers to inject carefully designed payloads into the order parameter...

Android Janus APK Signature Bypass

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core/payload/apk' class MetasploitModule "Android Janus APK Signature bypass", 'Description' = %q This module exploits CVE-2017-13156 in Android to install ...

XooDigital - 'p' SQL Injection

Exploit Title: XooDigital - 'p' SQL Injection Date: 26.03.2019 Exploit Author: Ahmet Ümit BAYRAM Vendor Homepage: https://xooscripts.com/product/digital-download-protection-script.html Demo Site: http://xooscripts.com/demos/xoodigital/ Version: Lastest Tested on: Kali Linux CVE: N/A ----- PoC :...

File Upload Vulnerability in UFIDA Financials

UFIDA Financials is a financial management software. A file upload vulnerability exists in UFIDA Financial System. Vulnerability payload: http://target/TaskManager/EBankTaskServlet?m=1&taskjson=cnvdtest&taskname=... /... /R9iPortal/upload/cnvd.jsp%00&optionType=create Submitting the above request...