Mageia: Security Advisory (MGASA-2021-0554)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Simple Chatbot Application 1.0 - 'message' Blind SQLi

Exploit Title: Simple Chatbot Application 1.0 - 'message' Blind SQLi Date: 18/01/2022 Exploit Author: Saud Alenazi Vendor Homepage: https://www.sourcecodester.com/ Software Link: https://www.sourcecodester.com/php/14788/simple-chatbot-application-using-php-source-code.html Version: 1.0 Tested on:...

SalonERP 3.0.1 - 'sql' SQL Injection (Authenticated)

Exploit Title: SalonERP 3.0.1 - 'sql' SQL Injection Authenticated Exploit Author: Betul Denizler Vendor Homepage: https://salonerp.sourceforge.io/ Software Link: https://sourceforge.net/projects/salonerp/files/latest/download Version: SalonERP v3.0.1 Tested on: Ubuntu Mate 20.04 Vulnerable...

Movie Rating System 1.0 - Broken Access Control (Admin Account Creation) (Unauthenticated)

Exploit Title: Movie Rating System 1.0 - Broken Access Control Admin Account Creation Unauthenticated Date: 22/12/2021 Exploit Author: Tagoletta Tağmaç Software Link: https://www.sourcecodester.com/php/15104/sentiment-based-movie-rating-system-using-phpoop-free-source-code.html Version: 1.0 Teste...

Bazaar Web PHP Social Listings Shell Upload Vulnerability

-- Exploit Title: Bazaar Web PHP Social Listings Arbitrary File Upload Exploit Author: Sohel Yousef - email protected Software Link: https://codecanyon.net/item/bazaar-social-listing-shopping-web-php-template/23207913 Software Demo :https://xserver.app/apps/bazaar-web/index.php Category: webapps ...

openSUSE 15 Security Update : MozillaFirefox (openSUSE-SU-2021:1575-1)

The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2021:1575-1 advisory. - Under certain circumstances, asynchronous functions could have caused a navigation to fail but expose the target URL. This vulnerability...

Mozilla Firefox Information Disclosure Vulnerability (CNVD-2021-99616)

Mozilla Firefox is an open source Web browser from the Mozilla Foundation in the U.S. Mozilla Firefox is vulnerable to an information disclosure vulnerability that stems from the use of XMLHttpRequest, which can be exploited by attackers to identify installed applications by probing error message...

SUSE SLES11 Security Update : MozillaFirefox (SUSE-SU-2021:14859-1)

The remote SUSE Linux SLES11 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:14859-1 advisory. - Under certain circumstances, asynchronous functions could have caused a navigation to fail but expose the target URL. This vulnerability...

Information Disclosure

thunderbird and firefox are vulnerable to information disclosure. The vulnerability exists due to a lack of sanitization when using XMLHttpRequest allowing an attacker to identify installed applications by probing error messages for loading external protocols...

Mozilla: XMLHttpRequest error codes could have leaked the existence of an external protocol handler

Using XMLHttpRequest, an attacker could have identified installed applications by probing error messages for loading external protocols. This vulnerability affects Thunderbird 91.4.0, Firefox ESR 91.4.0, and Firefox 95...

Employees Daily Task Management System 1.0 SQL Injection

Exploit Title: Employees Daily Task Management System 1.0 - 'username' SQLi Authentication Bypass Exploit Author: able403 Date: 08/12/2021 Vendor Homepage: https://www.sourcecodester.com/php/15030/employee-daily-task-management-system-php-and-sqlite-source-code.html Software Link:...

CVE-2021-43542

Using XMLHttpRequest, an attacker could have identified installed applications by probing error messages for loading external protocols. This vulnerability affects Thunderbird 91.4.0, Firefox ESR 91.4.0, and Firefox 95...

DEBIAN-CVE-2021-43542

Using XMLHttpRequest, an attacker could have identified installed applications by probing error messages for loading external protocols. This vulnerability affects Thunderbird 91.4.0, Firefox ESR 91.4.0, and Firefox 95...

Design/Logic Flaw

Using XMLHttpRequest, an attacker could have identified installed applications by probing error messages for loading external protocols. This vulnerability affects Thunderbird 91.4.0, Firefox ESR 91.4.0, and Firefox 95...

CVE-2021-43542

Using XMLHttpRequest, an attacker could have identified installed applications by probing error messages for loading external protocols. This vulnerability affects Thunderbird 91.4.0, Firefox ESR 91.4.0, and Firefox 95...

CVE-2021-43542

Using XMLHttpRequest, an attacker could have identified installed applications by probing error messages for loading external protocols. This vulnerability affects Thunderbird 91.4.0, Firefox ESR 91.4.0, and Firefox 95...

CVE-2021-43542

Using XMLHttpRequest, an attacker could have identified installed applications by probing error messages for loading external protocols. This vulnerability affects Thunderbird 91.4.0, Firefox ESR 91.4.0, and Firefox 95...

CVE-2021-43542

CVE-2021-43542 is a information-disclosure vulnerability involving XMLHttpRequest: error messages could reveal the existence of an external protocol handler, enabling an attacker to identify installed applications. Connected sources indicate the issue affects Thunderbird < 91.4.0, Firefox ESR ...

CVE-2021-43542

Using XMLHttpRequest, an attacker could have identified installed applications by probing error messages for loading external protocols. This vulnerability affects Thunderbird 91.4.0, Firefox ESR 91.4.0, and Firefox 95...

Mozilla Firefox < 95.0

The version of Firefox installed on the remote macOS or Mac OS X host is prior to 95.0. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2021-52 advisory. - Mozilla developers and community members Julian Hector, Randell Jesup, Gabriele Svelto, Tyson Smith, Christia...