3 matches found
CVE-2021-45097
KNIME Server before 4.12.6 and 4.13.x before 4.13.4 when installed in unattended mode keeps the administrator's password in a file without appropriate file access controls, allowing all local users to read its content...
4images 1.8 - 'limitnumber' SQL Injection (Authenticated)
Exploit Title: 4images 1.8 - 'limitnumber' SQL Injection Authenticated Exploit Author: Andrey Stoykov Software Link: https://www.4homepages.de/download-4images Version: 1.8 Tested on: Linux Source Analysis: Line 658 - User action defined if $action == "findimages" Line 661 - Vulnerable condition...
4images 1.8 SQL Injection
Exploit Title: 4images 1.8 - 'limitnumber' SQL Injection Authenticated Exploit Author: Andrey Stoykov Software Link: https://www.4homepages.de/download-4images Version: 1.8 Tested on: Linux Source Analysis: Line 658 - User action defined if $action == "findimages" Line 661 - Vulnerable condition...