Exploit for Exposure of Sensitive Information to an Unauthorized Actor in Checkpoint Quantum_Spark_Firmware

CVE-2024-24919 Bulk Scanner CVE-2024-24919 Check Point Securi...

Exploit for Deserialization of Untrusted Data in Apache Kafka_Connect

This tool is intended for security testing purposes only. Do not...

Music Gallery Site v1.0 - Broken Access Control

Exploit Title: Music Gallery Site v1.0 - Broken Access Control Exploit Author: Muhammad Navaid Zafar Ansari Date: 21 February 2023 CVE Assigned: CVE-2023-0963 mitre.org nvd.nist.org Vendor Homepage: https://www.sourcecodester.com Software Link: Music Gallery Site Version: v 1.0 Tested on: Windows...

Joomla JoomRecipe 4.2.2 Cross Site Scripting

┌┌───────────────────────────────────────────────────────────────────────────────────────┐ ││ C r a C k E r ┌┘ ┌┘ T H E C R A C K O F E T E R N A L M I G H T ││ └───────────────────────────────────────────────────────────────────────────────────────┘┘ ┌──── From The Ashes and Dust Rises An...

Security Bulletin: IBM Business Process Manager (BPM) Vulnerable URLs (CVE-2013-0581)

Abstract When a dashboard is opened or a service is executed, a malicious attacker can intercept network requests from the client. Then, the attacker can modify the URL parameters of the request so that malicious code can be executed within the client browser. Content VULNERABILITY DETAILS:...

Meredith: Shop - Reflected XSS With Clickjacking Leads to Steal User's Cookie In Two Domain

Hii Security Team , I am S Rahul MCEHMetaxone Certified Ethical Hacker and a Security Researcher I just checked your website and found Reflected XSS to Good XSS Clickjacking In Two Domain Description:- As the search parameter is vulnerable to XSS and but the plus point is there is no...

dorkScanner - A Typical Search Engine Dork Scanner Scrapes Search Engines With Dorks That You Provide In Order To Find Vulnerable URLs

A typical search engine dork scanner that scrapes search engines with queries that you provide in order to find vulnerable URLs. Introduction Dorking is a technique used by newsrooms, investigative organisations, security auditors as well as tech savvy criminals to query various search engines fo...

xShock - Shellshock Exploit

xShock ShellShock CVE-2014-6271 This tool exploits shellshock. Written by Hulya Karabag Version 1.0.0 Instagram: Capture the Root Screenshots...

Zabbix 4.4 Authentication Bypass

!/usr/bin/perl -w Zabbix Zabbix Initializing the browser Referer = User-Agent = Opera/9.61 Macintosh; Intel Mac OS X; U; de Presto/2.1.1 Content-Type = application/x-www-form-urlencoded no-store, no-cache, must-revalidate close Mon, 07 Oct 2019 12:29:54 GMT no-cache nginx Accept-Encoding text/htm...

Epignosis eFront LMS PHP deserialization code execution vulnerability

Summary A code execution vulnerability exists in Epignosis eFront LMS v5.2.12. A specially crafted web request can cause unsafe deserialization potentially resulting in PHP code being executed. An attacker can send a crafted web parameter to trigger this vulnerability. Tested Versions Epignosis...

Comodo Dome Firewall 2.7.0 Cross Site Scripting

Exploit Title: Comodo Dome Firewall 2.7.0 | Cross-Site Scripting Date: 18.02.2019 Exploit Author: Ozer Goker Vendor Homepage: https://cdome.comodo.com/firewall/ Software Link: https://secure.comodo.com/home/purchase.php?pid=106&license=try&track=9278&af=9278 Version: 2.7.0 Introduction Comodo Dom...

Care2x 2.7 (HIS) Hospital Information System - Multiple SQL Injection

Care2x 2.7 HIS Hospital Information System - Multiple SQL Injection Exploit Title: Care2x 2.7 HIS Hospital Information system - Multiples SQL Injection Date: 01/17/2019 Software Links/Project: https://github.com/care2x/care2x | http://www.care2x.org/ Version: Care2x 2.7 Exploit Author: Carlos Avi...

Simple Forum PHP 2.4 SQL Injection

===================================================== Simple Forum PHP 2.4 - SQL Injection ===================================================== Vendor Homepage: http://simpleforumphp.com Date: 14 Oct 2016 Demo Link : http://simpleforumphp.com/forum/admin.php Version : 2.4 Platform : WebApp - PHP...

Signature - External URLs, KeyStore usage, Possible privilege escalation vulnerabilities

HackApp vulnerability scanner discovered that application Signature published at the 'play' market has multiple vulnerabilities...

某政府系统一处SQL注入

简要描述： RT 详细说明： 山东农友软件公司官网:http://www.nongyou.com.cn/ 案例如下： http://61.133.119.187:8091/symItemView/ItemFourth.aspx?id=1 http://222.135.76.147:8200/symItemView/ItemFourth.aspx?id=1 http://222.135.127.190:7200/symItemView/ItemFourth.aspx?id=1 http://221.2.149.47:8200/symItemView/ItemFourth.aspx?id=1...

WordPress SP Client Document Manager 2.4.1 SQL Injection

Vulnerability title: Multiple SQL Injection in SP Client Document Manager plugin Plugin: SP Client Document Manager Vendor: http://smartypantsplugins.com Product: https://wordpress.org/plugins/sp-client-document-manager/ Affected version: version 2.4.1 and previous version Fixed version: N/A Goog...

Content-Builder (CMS) <= 0.7.2 - Multiple Include Vulnerabilities

No description provided by source. $$$$$$$$$$$$$$$ DEVIL TEAM THE BEST POLISH TEAM $$$$$$$$$$$$$$$ $$ $$ ContentBuilder = 0.7.2 Remote File Include Vulnerability $$ script site: http://www.content-builder.net/ $$ $$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$ $$ $$ Find by: Kacpe...

四川某大学老师帐号和密码泄漏，可以任意更改成绩

简要描述： 老师的密码是初始密码，未更改。 详细说明： 通过查询老师的工号，用初始密码123456即可登录，可随意更改成绩，危害极大。 google：inurl：/jwweb/ 有很多。 漏洞证明： 就拿我的学校来测试吧：http://jwc.scac.edu.cn/jwweb/ 通过课表查询老师的工号 可以...

WhyWeb - SQL Injection Vulnerability

Exploit for php platform in category web applications 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 x...

Buchanan Solutions SQL Injection

+------------------------------------------------------------------------------------------+ |------------------------ B-Solutions SQL Injection Vulnerability -----------------------| +------------------------------------------------------------------------------------------+ + Google Dork :...