50738 matches found
3DSecure 2.0 3DS Authorization Method Cross Site Request Forgery
Product: 3DSecure 2.0 Manufacturer: Redsys Affected Versions: 3DSecure 2.0 3DS Authorization Method Tested Versions: 3DSecure 2.0 3DS Authorization Method Vulnerability Type: Cross-Site Request Forgery CSRF Risk Level: Medium Solution Status: Not yet fixed Manufacturer Notification: 2024-01-17...
QNX Qconn Command Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'QNX qconn Command Execution', 'Description' = %q This module uses the qconn daemon on QNX systems to gain a shell. The QNX qconn daemon does not...
UnRAR Path Traversal
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'UnRAR Path Traversal CVE-2022-30333', 'Description' = %q This module creates a RAR file that exploits CVE-2022-30333, which is a path-traversal...
Windows Escalate UAC Execute RunAs
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Windows Escalate UAC Execute RunAs', 'Description' = %q This module will attempt to elevate execution level using the ShellExecute undocumented...
3DSecure 2.0 3DS Method Authentication Cross Site Scripting
Product: 3DSecure 2.0 Manufacturer: Redsys Affected Versions: 3DSecure 2.0 3DS Method Authentication Tested Versions: 3DSecure 2.0 3DS Method Authentication Vulnerability Type: Cross-Site Scripting XSS Risk Level: Medium Solution Status: Not yet fixed Manufacturer Notification: 2024-01-17 Solutio...
SPIP BigUp 4.3.1 / 4.2.15 / 4.1.17 Unauthenticated Remote Code Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'SPIP BigUp Plugin Unauthenticated RCE', 'Description' = %q This module exploits a Remote Code Execution vulnerability in the BigUp plugin of SPIP...
3DSecure 2.0 3DS Authorization Challenge Cross Site Scripting
Product: 3DSecure 2.0 Manufacturer: Redsys Affected Versions: 3DSecure 2.0 3DS Authorization Challenge Tested Versions: 3DSecure 2.0 3DS Authorization Challenge Vulnerability Type: Cross-Site Scripting XSS Risk Level: Medium Solution Status: Not yet fixed Manufacturer Notification: 2024-01-17...
3DSecure 2.0 3DS Method Authentication Cross Site Scripting
Product: 3DSecure 2.0 Manufacturer: Redsys Affected Versions: 3DSecure 2.0 3DS Method Authentication Tested Versions: 3DSecure 2.0 3DS Method Authentication Vulnerability Type: Cross-Site Scripting XSS Risk Level: Medium Solution Status: Not yet fixed Manufacturer Notification: 2024-01-17 Solutio...
Nipah Virus Testing Management System 1.0 PHP Code Injection
============================================================================================================================================= | Title : Nipah virus NiV – Testing Management System 1.0 php code injection Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browse...
Maid Hiring Management System 1.0 Insecure Settings
==================================================================================================================================== | Title : Maid Hiring Management System 1.0 Insecure Settings Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox...
Medical Card Generations System 1.0 SQL Injection
==================================================================================================================================== | Title : Medical Card Generations System 1.0 Sql injection Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox 130.0....
BP Monitoring Management System 1.0 PHP Code Injection
============================================================================================================================================= | Title : BP Monitoring Management System 1.0 php code injection Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla...
Emergency Ambulance Hiring Portal 1.0 PHP Code Injection
============================================================================================================================================= | Title : Emergency Ambulance Hiring Portal 1.0 php code injection Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozill...
COVID19 Testing Management System 1.0 PHP Code Injection
============================================================================================================================================= | Title : COVID19 - Testing Management System 1.0 php code injection Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser :...
Art Gallery Management System 1.0 PHP Code Injection
============================================================================================================================================= | Title : Art Gallery Management System 1.0 php code injection Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla...
Online Survey System 1.0 Cross Site Scripting / Remote File Inclusion
============================================================================================================================================= | Title : Online Survey System 1.0 XSS Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox 128.0.3 64 bits | ...
Queuing Simple Chatbot 1.0 Shell Upload
============================================================================================================================================= | Title : Queuing Simple Chatbot 1.0 Remote File Upload Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox...
VICIdial 2.14-917a Remote Code Execution
KL-001-2024-012: VICIdial Authenticated Remote Code Execution Title: VICIdial Authenticated Remote Code Execution Advisory ID: KL-001-2024-012 Publication Date: 2024-09-10 Publication URL: https://korelogic.com/Resources/Advisories/KL-001-2024-012.txt 1. Vulnerability Details Affected Vendor:...
VICIdial 2.14-917a SQL Injection
KL-001-2024-011: VICIdial Unauthenticated SQL Injection Title: VICIdial Unauthenticated SQL Injection Advisory ID: KL-001-2024-011 Publication Date: 2024-09-10 Publication URL: https://korelogic.com/Resources/Advisories/KL-001-2024-011.txt 1. Vulnerability Details Affected Vendor: VICIdial Affect...
Online Birth Certificate System 1.0 Insecure Settings
==================================================================================================================================== | Title : Online Birth Certificate System 1.0 Insecure Settings Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox...
Printable Staff ID Card Creator System 1.0 Insecure Direct Object Reference
============================================================================================================================================= | Title : printable staff id card creator system 1.0 idor Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox...
Medical Card Generations System 1.0 Insecure Settings
==================================================================================================================================== | Title : Medical Card Generations System 1.0 Insecure Settings Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox...
Profiling System 1.0 Shell Upload
============================================================================================================================================= | Title : Profiling System 1.0 code injection Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox 129.0.1 64...
Passion Responsive Blogging 1.0 Cross Site Scripting
============================================================================================================================================= | Title : Passion Responsive Blogging 1.0 XSS Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox 129.0.1 64...
Emergency Ambulance Hiring Portal 1.0 WYSIWYG Code Injection
============================================================================================================================================= | Title : Emergency Ambulance Hiring Portal 1.0 WYSIWYG code injection Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser :...
Beauty Parlour Management System 1.0 SQL Injection / Code Execution
============================================================================================================================================= | Title : Beauty Parlour Management System 1.0 php code injection Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla...
Prison Management System 1.0 Add Administrator
============================================================================================================================================= | Title : Prison Management System v1.0 Add Admin Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox 128.0.3...
Online Student Grading System 1.0 SQL Injection
============================================================================================================================================= | Title : Online Student Grading System 1.0 Auth by pass Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox...
Dairy Farm Shop Management System 1.2 SQL Injection / Code Execution
============================================================================================================================================= | Title : Dairy Farm Shop Management System 1.2 php code injection Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozill...
Online Survey System 1.0 Remote File Inclusion
============================================================================================================================================= | Title : Online Survey System 1.0 File inclusion Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox 128.0.3...
Online Marriage Registration System 1.0 Shell Upload
============================================================================================================================================= | Title : Online Marriage Registration System 1.0 php code injection Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser :...
Passion Responsive Blogging 1.0 SQL Injection
============================================================================================================================================= | Title : Passion Responsive Blogging 1.0 SQL injection Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox...
Apartment Visitor Management System 1.0 SQL Injection / Code Execution
============================================================================================================================================= | Title : Apartment Visitor Management System 1.0 php code injection Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser :...
PPDB 2.4-update 6118-1 SQL Injection
============================================================================================================================================= | Title : ppdb v2.4-update 6118-1 SQL injection Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox 128.0.3 6...
Online Survey System 1.0 SQL Injection
============================================================================================================================================= | Title : Online Survey System 1.0 auth by pass Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox 128.0.3 6...
Breaking Oracle Database VPD Through DDL Permissions In 19c
Title: Breaking Oracle Database VPD Virtual Private Database Through DDL Permissions in 19c Product: Database Manufacturer: Oracle Affected Versions: 19c Tested Versions: 19c Risk Level: Low Author of Advisory: Emad Al-Mousa Vulnerability Details: By design VPD security feature protects against a...
PDF Generator Web Application 1.0 Insecure Settings
==================================================================================================================================== | Title : PDF Generator Web Application v1.0 Insecure Settings Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox...
Park Ticketing Project 1.0 SQL Injection
============================================================================================================================================= | Title : Park Ticketing Project 1.0 Auth By Pass Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox 128.0.3...
Online Travel Agency System 1.0 Insecure Settings
============================================================================================================================================= | Title : Online Travel Agency System v1.0 Insecure Settings Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla...
Online Tours and Travels Management System 1.0 Insecure Settings
============================================================================================================================================= | Title : Online Tours and Travels Management System v1.0 Insecure Settings Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser...
POMS 1.0 Insecure Settings
============================================================================================================================================= | Title : POMS v1.0 Insecure Settings Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox 125.0.1 64 bits | |...
Pharmacy Management System version 1.0 Insecure Settings
==================================================================================================================================== | Title : Pharmacy Management System version 1.0 Insecure Settings Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox...
Online Sports Complex Booking System 1.0 Insecure Settings
==================================================================================================================================== | Title : Online Sports Complex Booking System v1.0 Insecure Settings Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla...
Online Shopping Portal Project 2.0 SQL Injection
============================================================================================================================================= | Title : Online Shopping Portal Project 2.0 auth by pass Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox...
Blood Bank And Donor Management System 2.4 Insecure Settings
============================================================================================================================================= | Title : Blood Bank & Donor Management System v2.4 Insecure Settings Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser :...
C-MOR Video Surveillance 5.2401 / 6.00PL01 Information Disclosure / Cleartext Secret
Advisory ID: SYSS-2024-028 Product: C-MOR Video Surveillance Manufacturer: za-internet GmbH Affected Versions: 5.2401, 6.00PL01 Tested Versions: 5.2401, 6.00PL01 Vulnerability Type: Cleartext Storage of Sensitive Information CWE-312 Risk Level: Medium Solution Status: Open Manufacturer...
C-MOR Video Surveillance 5.2401 Cross Site Scripting
Advisory ID: SYSS-2024-020 Product: C-MOR Video Surveillance Manufacturer: za-internet GmbH Affected Versions: 5.2401 Tested Versions: 5.2401 Vulnerability Type: Reflected Cross-Site Scripting CWE-79 Risk Level: Medium Solution Status: Fixed Manufacturer Notification: 2024-04-05 Solution Date:...
C-MOR Video Surveillance 5.2401 / 6.00PL01 Command Injection
Advisory ID: SYSS-2024-030 Product: C-MOR Video Surveillance Manufacturer: za-internet GmbH Affected Versions: 5.2401, 6.00PL01 Tested Versions: 5.2401, 6.00PL01 Vulnerability Type: OS Command Injection CWE-78 Risk Level: High Solution Status: Open Manufacturer Notification: 2024-04-05 Solution...
File Management System 1.0 Insecure Direct Object Reference
============================================================================================================================================= | Title : File Management System 1.0 IDOR Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox 128.0.3 64 bits...
Online Pizza Ordering System 1.0 Insecure Settings
============================================================================================================================================= | Title : Online Pizza Ordering System v1.0 Insecure Settings Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla...