FlatnuX CMS - Directory Traversal

A path traversal vulnerability in controlcenter.php in FlatnuX CMS 2011 08.09.2 allows remote administrators to read arbitrary files via a full pathname in the dir parameter in a contents/Files action. id: CVE-2012-4878 info: name: FlatnuX CMS - Directory Traversal author: daffainfo severity:...

Exploit for Path Traversal in Apache Http_Server

Vulnerability Research Lab Project Summary This project p...

Exploit for Deserialization of Untrusted Data in Redhat Jboss_Enterprise_Application_Platform

Many critical industries banking, healthcare, and manufacturing...

Statmic CMS vulnerable to account takeover via XSS and password reset link

Impact HTML files crafted to look like jpg files are able to be uploaded, allowing for XSS. This affects: - front-end forms with asset fields without any mime type validation - asset fields in the control panel - asset browser in the control panel Additionally, if the XSS is crafted in a specific...

Exploit for Uncontrolled Resource Consumption in Siemens 6Bk1602-0Aa12-0Tp0_Firmware

CVE-2023-46604 Lab This lab guides on exploiting vulnerabiliti...

ILIAS eLearning Platform XSS / Remote Code Execution

SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Multiple high risk vulnerabilities product: ILIAS eLearning platform vulnerable version: see section "Vulnerable version" below fixed version: see section "Solution" belo...

Siemens SICAM A8000 Devices

​​As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services ...

FAUST iServer 9.0.018.018.4 Local File Inclusion

SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Local file inclusion vulnerability product: Land Software - FAUST iServer vulnerable version: 9.0.017.017.1-3 - 9.0.018.018.4 fixed version: 9.0.019.019.7, Version 10 CVE...

Affiliate Pro 1.7 - 'Multiple' Cross Site Scripting (XSS)

Exploit Title: Affiliate Pro 1.7 - 'Multiple' Cross Site Scripting XSS Exploit Author: Vulnerability-Lab Date: 05/01/2022 Document Title: =============== Affiliate Pro v1.7 - Multiple Cross Site Vulnerabilities References Source: ====================...

Easy Cart Shopping Cart 2021 Cross Site Scripting

Document Title: =============== Easy Cart Shopping Cart - Search Persistent Vulnerability References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2298 Release Date: ============= 2021-12-15 Vulnerability Laboratory ID VL-ID: ====================================...

PHPJabbers Simple CMS 5 - (name) Persistent Cross-Site Scripting Vulnerability

Exploit Title: PHPJabbers Simple CMS 5 - 'name' Persistent Cross-Site Scripting XSS Google Dork: subtitle:Copyright © 2021 PHPJabbers.com Date: 2021-10-28 Exploit Author: Vulnerability-Lab Vendor Homepage: https://www.phpjabbers.com/faq.php Software Link: https://www.phpjabbers.com/simple-cms/...

Moxa Command Injection / Cross Site Scripting / Vulnerable Software

SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Multiple vulnerabilities product: see "Vulnerable / tested versions" vulnerable version: see "Vulnerable / tested versions" fixed version: see "Solution" CVE number:...

WordPress Master Slider plugin <= 3.7.0 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability

Authenticated Stored Cross-Site Scripting XSS vulnerability discovered by Vulnerability-Lab in WordPress Master Slider plugin versions = 3.7.0. Solution Update the WordPress Master Slider plugin to the latest available version at least 3.7.1...

flatCore CMS XSS / File Disclosure / SQL Injection

SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Multiple Vulnerabilities product: flatCore CMS vulnerable version: 2.0.0 Build 139 fixed version: Release 2.0.0 Build 139 CVE number: CVE-2021-23835, CVE-2021-23836,...

Huawei HedEx Lite 200R006C00SPC005 - Path Traversal

Exploit Title: Huawei HedEx Lite 200R006C00SPC005 - Path Traversal Date: 2020-11-24 Exploit Author: Vulnerability-Lab Vendor Homepage: https://www.huawei.com/ Software Link: https://support.huawei.com/carrier/docview!docview?nid=SCL1000005027&path=PAN-ET/PAN-T/PAN-T-HedEx Version: 200R006C00SPC00...

vulhub

This is a Docker Compose file for a vulnerability environment. It is a collection of services that can be used to test and demonstrate various types of vulnerabilities. The file is written in YAML format and defines the services, their ports, and the networks they use. The file contains several...

Sentrifugo CMS 3.2 - Persistent Cross-Site Scripting

Exploit Title: Sentrifugo CMS 3.2 - Persistent Cross-Site Scripting Dork: N/A Date: 2020-05-06 Exploit Author: Vulnerability-Lab Vendor: http://www.sentrifugo.com/ Link: http://www.sentrifugo.com/download Version: 3.2 Category: Webapps CVE: N/A Document Title: =============== Sentrifugo v3.2 CMS ...

cpCommerce v1.2.8 - (id_document) Blind SQL Injection

Document Title: =============== cpCommerce v1.2.8 - iddocument Blind SQL Injection References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2254 Release Date: ============= 2020-05-08 Vulnerability Laboratory ID VL-ID: ==================================== 2254...

Qik Chat v3.0 iOS - (Name) Command Inject Vulnerability

Document Title: =============== Qik Chat v3.0 iOS - Name Command Inject Vulnerability References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2247 Release Date: ============= 2020-05-04 Vulnerability Laboratory ID VL-ID: ==================================== 224...

Advanced Persistent Threat 2020 - Golden_hands (DE|EU)

Document Title: =============== Advanced Persistent Threat 2020 - Goldenhands DE|EU References: =========== https://www.vulnerability-lab.com/getcontent.php?id=2256 Document: https://www.vulnerability-lab.com/resources/documents/2256.rar Magazine Article:...