Music Gallery Site version 1.0 suffers from a missing authentication vulnerability that allows for privilege escalation.
>> CATEGORY: exploit
Music Gallery Site version 1.0 suffers from multiple remote SQL injection vulnerabilities.
Simple Food Ordering System version 1.0 suffers from a cross site scripting vulnerability.
Simple Food Ordering System version 1.0 suffers from a cross site scripting vulnerability.
Yoga Class Registration System version 1.0 suffers from multiple remote SQL injection vulnerabilities.
Froxlor versions 2.0.6 and below suffer from a bug that allows authenticated users to change the application logs path to any directory on the OS level which the user www-data…
Device Manager Express versions 7.8.20002.47752 and below suffer from code execution, command execution, cross site scripting, remote SQL injection, and traversal vulnerabilities.
Device Manager Express versions 7.8.20002.47752 and below suffer from code execution, command execution, cross site scripting, remote SQL injection, and traversal vulnerabilities.
pyLoad versions prior to 0.5.0b3.dev31 are vulnerable to Python code injection due to the pyimport functionality exposed through the js2py library. An unauthenticated attacker can issue a crafted POST request…
pyLoad versions prior to 0.5.0b3.dev31 are vulnerable to Python code injection due to the pyimport functionality exposed through the js2py library. An unauthenticated attacker can issue a crafted POST request…