Child's Day Care Management System 1.0 SQL Injection
Posted by deepcore under exploit (No Respond)
Child’s Day Care Management System version 1.0 appears to be susceptible to a remote SQL injection vulnerability.
Archive for December, 2021
Arunna 1.0.0 Cross Site Request Forgery
Posted by deepcore under exploit (No Respond)
Arunna version 1.0.0 suffers from a cross site request forgery vulnerability.
Croogo 3.0.2 Cross Site Scripting
Posted by deepcore under exploit (No Respond)
Croogo version 3.0.2 suffers from cross site scripting vulnerabilities.
Croogo 3.0.2 Shell Upload
Posted by deepcore under exploit (No Respond)
Croogo version 3.0.2 suffers from a remote shell upload vulnerability.
Cibele Thinfinity VirtualUI 2.5.41.0 User Enumeration
Posted by deepcore under exploit (No Respond)
Cibele Thinfinity VirtualUI version 2.5.41.0 suffers from a user enumeration vulnerability.
Chrome blink::NativeIOFile::DoRead Heap Use-After-Free
Posted by deepcore under exploit (No Respond)
Chrome suffers from a heap use-after-free vulnerability in blink::NativeIOFile::DoRead.
Chrome ThreadedIconLoader::DecodeAndResizeImageOnBackgroundThread Heap Use-After-Free
Posted by deepcore under exploit (No Respond)
Chrome suffers from a heap use-after-free vulnerability in ThreadedIconLoader::DecodeAndResizeImageOnBackgroundThread.
Chrome NavigationPreloadRequest Site Isolation Bypass
Posted by deepcore under exploit (No Respond)
Chrome suffers from a site isolation bypass vulnerability in NavigationPreloadRequest.
Log4j2 Log4Shell Regexes
Posted by deepcore under exploit (No Respond)
If you are curious about web application firewall (WAF) bypass payloads that can be leveraged to exploit the log4j2 code execution vulnerability, you should look at this tool.
Log4j Payload Generator
Posted by deepcore under exploit (No Respond)
log4j-payload-generator is a plugin for the woodpecker framework to produce log4 jndi injection vulnerability payload. Five types of payloads can be produced with one click.