[webapps] Nagios XI 5.7.3 – 'SNMP Trap Interface' Authenticated SQL Injection
Posted by deepcore under Security (No Respond)
Archive for October, 2020
[webapps] Nagios XI 5.7.3 – 'Contact Templates' Persistent Cross-Site Scripting
Posted by deepcore under Security (No Respond)
[webapps] Nagios XI 5.7.3 – 'Manage Users' Authenticated SQL Injection
Posted by deepcore under Security (No Respond)
[webapps] Tourism Management System 1.0 – Arbitrary File Upload
Posted by deepcore under Security (No Respond)
Employee Management System 1.0 Cross Site Scripting
Posted by deepcore under exploit (No Respond)
Employee Management System version 1.0 suffers from a persistent cross site scripting vulnerability.
Employee Management System 1.0 SQL Injection
Posted by deepcore under exploit (No Respond)
Employee Management System version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
Alumni Management System 1.0 SQL Injection
Posted by deepcore under exploit (No Respond)
Alumni Management System version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
aaPanel 6.6.6 Privilege Escalation
Posted by deepcore under exploit (No Respond)
aaPanel version 6.6.6 suffers from an authenticated privilege escalation vulnerability.
CS-Cart 1.3.3 Remote Code Execution
Posted by deepcore under exploit (No Respond)
Details for achieving remote code execution on CS-Cart version 1.3.3, a really old version.
CS-Cart 1.3.3 Local File Inclusion
Posted by deepcore under exploit (No Respond)
Details for performing a local file inclusion attack on CS-Cart version 1.3.3, a really old version.
