Passion Responsive Blogging version 1.0 suffers from a cross site scripting vulnerability.
d018857c74fe94b61772f381b1c65cf98c7545a26d4e10a537baa1ba622950b2
Online Survey System version 1.0 suffers from cross site scripting and remote file inclusion vulnerabilities.
0573d4aa4fad74ba21dfae8c95d8a0ef8922ce6bbbf5c65fcd1a8b98424e3d9e
Online Birth Certificate System version 1.0 suffers from an ignored default credential vulnerability.
c7135c363265f519cec4fb4469d88770d47f7406243e7711a2ef7aca6159b30a
Medical Card Generations System version 1.0 suffers from an ignored default credential vulnerability.
548b7135e2e243d5d128158ec4a8510b49b16082fb38de180bdb2e26aeaff932
Emergency Ambulance Hiring Portal version 1.0 suffer from a WYSIWYG code injection vulnerability.
7b43b9d23f12307ed0da163a4b20cc1867ad452d0156731cd3972715a734a359
Printable Staff ID Card Creator System version 1.0 suffers from an insecure direct object reference vulnerability.
1f76023e1ce2b532a638fe37cd83cacdb3aa9015435641c743140013ed4ffc9f
Proof of concept automation code to exploit a template injection vulnerability in GitHub repository sqlpad/sqlpad version prior to 6.10.1 that can result in remote code execution.
79a6a3c0f0cc3437faa5b70a9c94c21f376448987379d2b3ee42300f9a2f5271
Proof of concept exploit for Spring Cloud Data Flow versions prior to 2.11.4 that achieves remote code execution through a malicious upload.
0ee38b6a8cf494539040a02c4712511aeac366dfde03820937e77f9441253ed3
The array ppsPMR in DEVMEMXINT_RESERVATION holds references to PMR structures (using PMRRefPMR2()), intending to prevent the PMRs' physical memory from being released. However, PMRs with PVRSRV_MEMALLOCFLAG_NO_OSPAGES_ON_ALLOC (which for OSMem PMRs internally translates to FLAG_ONDEMAND) can release their backing physical pages while references to the PMR still exist; PMRLockSysPhysAddresses() must be used to prevent a PMR's backing pages from disappearing, like in DevmemIntMapPMR2(). Therefore, it is currently possible to free a PMR's backing pages while the PMR is mapped into a DEVMEMXINT_RESERVATION, leading to physical page use-after-free.
cc6e11ae0dee934a94a29ebded0e52e70690ca998d7efe6c5f0ffe85ffda4eba
Prison Management System version 1.0 suffers from an add administrator vulnerability.
a25a824e97167db71e31b2009a9c44afedb55532be1b9ffa63f063ebf5479933
Online Survey System version 1.0 suffers from a remote file inclusion vulnerability.
9ac49e540003cc98bbab6ed47333ffe2f4616bc3a383f48fe3a342e9a7dd83cc
Online Student Grading System version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
6572f3f9bad83df66bb8f42e5fa49921e0511eab96c98361242df9209e7eb2d1
Online Marriage Registration System version 1.0 suffers from a remote shell upload vulnerability.
990ace207073f604556500939f13df158bf2dfab39adaff554b8e9d0500f40f9
Dairy Farm Shop Management System version 1.2 suffers from a remote SQL injection vulnerability that allows for a backdoor to be inserted for code execution.
f0a55905dd74350644935386e7b408242f816011a8331a2ff6ea98c8aaa3d8b4
Beauty Parlour Management System version 1.0 suffers from a remote SQL injection vulnerability that allows for a backdoor to be inserted for code execution.
b0286b70ee31536cfdb4ed8e4228e76f2063f3a36f78315a2281b5a491ef8140
Apartment Visitor Management System version 1.0 suffers from a remote SQL injection vulnerability that allows for a backdoor to be inserted for code execution.
987ce5e26137f8bdddbb51bcae57cd30034894c8600689ffa818695de55f9f63
Passion Responsive Blogging version 1.0 suffers from a remote SQL injection vulnerability.
e5c501fb2cc5591e80691d788822914442c49c70c0cef043c7a782a2ac61afd5
Proof of concept code for the Microsoft Windows DWM Core library elevation of privilege vulnerability. The researcher shows how they reversed the patch, how the heap overflow is produced, and overall gives a complete walk through of their process.
ae21b7b798fa9141cefb1411db92e94dfef6796823599323e49ec4cfcc3f7c0d
By having specific DDL permissions set in Oracle 19c, you can bypass access restrictions normally in place for VPD (virtual private database).
ff60854406414096e014384dc484cf5d2a0ecd59484b16d36d5fb5dd40a2a5f3
PPDB version 2.4-update 6118-1 suffers from a remote blind SQL injection vulnerability.
9d523a1c4c7a1e4958bb28bea2acec5647cfe8b259c7789ee6c3b10177fbb4d5
POMS version 1.0 suffers from an ignored default credential vulnerability.
e96b4926531826f22ee72eeb7f339d7761192178a35f69af5d5141abbc8b63c1
Pharmacy Management System version version 1.0 suffers from an ignored default credential vulnerability.
6c367c1c4b085e72851f370194180a14f132217419dbc26645d989d1f50bd05c
PDF Generator Web Application version 1.0 suffers from an ignored default credential vulnerability.
ea0edf3e01f27c48e18ff7db4471b92d0d058e7c65718cf02003efd67a75fb49
Park Ticketing Project version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
1273e992f54e38d81032650942cf05f0d1f6d8b4728541c4e226b2c694587317
Online Travel Agency System version 1.0 suffers from an ignored default credential vulnerability.
33fc5279701fd33248284f756fca51419cb1e797d0158e5bc05d6612e87f5c60