OIBSIP_-SQL-Injection-on-DVWA-Low-Security-

This project demonstrates a basic SQL Injection vulnerability us...

CVE-2025-68915

Riello UPS NetMan 208 Application before 1.12 allows cgi-bin/loginbannerw.cgi XSS via a crafted banner...

CVE-2025-8769

Telenium Online Web Application is vulnerable due to a Perl script that is called to load the login page. Due to improper input validation, an attacker can inject arbitrary Perl code through a crafted HTTP request, leading to remote code execution on the server...

XSSREFLECTOR

XSS Reflector XSS Reflector adalah tools otomatis untuk...

Complete Online Beauty Parlor Management System /search-invoices.php File SQL Injection Vulnerability

Complete Online Beauty Parlor Management System is an online beauty parlor management system. Complete Online Beauty Parlor Management System suffers from a SQL injection vulnerability that stems from the lack of validation of externally entered SQL statements in the file...

CVE-2025-8769

Telenium Online Web Application is vulnerable due to a Perl script that is called to load the login page. Due to improper input validation, an attacker can inject arbitrary Perl code through a crafted HTTP request, leading to remote code execution on the server...

CVE-2025-8769

CVE-2025-8769 affects MegaSys/Megasys’ Telenium Online Web Application. The vulnerability arises from a Perl script used to load the login page with improper input validation, allowing an attacker to inject arbitrary Perl code through a crafted HTTP request and achieve remote code execution on th...

CVE-2025-8769 MegaSys Computer Technologies Telenium Online Web Application Improper Input Validation

Telenium Online Web Application is vulnerable due to a Perl script that is called to load the login page. Due to improper input validation, an attacker can inject arbitrary Perl code through a crafted HTTP request, leading to remote code execution on the server...

CVE-2025-8769 MegaSys Computer Technologies Telenium Online Web Application Improper Input Validation

Telenium Online Web Application is vulnerable due to a Perl script that is called to load the login page. Due to improper input validation, an attacker can inject arbitrary Perl code through a crafted HTTP request, leading to remote code execution on the server...

Exploit for Improper Restriction of XML External Entity Reference in Wordpress

TryHackMe Writeups and Walkthroughs This repository contains...

CVE-2025-43876

CVE-2025-43876 affects Johnson Controls iSTAR family (Ultra, Ultra SE, Ultra G2, Ultra G2 SE, iSTAR Edge G2). It is described as an authenticated web application command injection impacting get8021xSettings, with a root cause leading to unauthorized device access under certain circumstances. Publ...

CVE-2025-43876 iSTAR Ultra, Ultra SE, Ultra G2, Ultra G2 SE, iSTAR Edge G2 - Authenticated web application command injection - get8021xSettings

Under certain circumstances a successful exploitation could result in access to the device...

CVE-2025-43875 iSTAR Ultra, Ultra SE, Ultra G2, Ultra G2 SE, iSTAR Edge G2 - Authenticated web application command injection - getOptionsInfo

Under certain circumstances a successful exploitation could result in access to the device...

PT-2025-53378

Name of the Vulnerable Software and Affected Versions Telenium Online Web Application affected versions not specified Description The application is susceptible to remote code execution due to improper input validation within a Perl script used to load the login page. An attacker can inject...

Megasys Telenium Online Web Application 输入验证错误漏洞

Megasys Telenium Online Web Application is a web page for a network management system from Megasys Canada. An input validation error vulnerability exists in MegaSys Telenium Online Web Application, which stems from improper Perl script input validation and could lead to remote code execution...

📄 PKP-WAL 3.5.0-1 SQL Injection

PKP-WAL versions 3.5.0-1 and below suffer from a remote SQL injection vulnerability in the Institution Collector. ---------------------------------------------------------------------- PKP-WAL = 3.5.0-1 Institution Collector SQL Injection Vulnerability...

Simple Machines Forum (SMF) <= 2.1.6 XSS Vulnerability

Simple Machines Forum SMF is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

📄 PKP-WAL 3.5.0-3 X-Forwarded-Host LESS Code Injection

PKP-WAL versions 3.5.0-3 and below suffer from a LESS X-Forwarded-Host related code injection vulnerability. ----------------------------------------------------------------------- PKP-WAL getBaseUrl method, can be manipulated by unauthenticated attackers through the X-Forwarded-Host HTTP header,...

CVE-2025-62926

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in HappyDevs TempTool Show Current Template Info current-template-name allows Stored XSS.This issue affects TempTool Show Current Template Info: from n/a through = 1.3.1...

EUVD-2025-204590

A vulnerability was detected in code-projects Simple Blood Donor Management System 1.0. The affected element is an unknown function of the file /editedcampaign.php. The manipulation of the argument campaignname results in sql injection. The attack can be executed remotely. The exploit is now publ...