Passion Responsive Blogging version 1.0 suffers from a cross site scripting vulnerability.
d018857c74fe94b61772f381b1c65cf98c7545a26d4e10a537baa1ba622950b2Online Survey System version 1.0 suffers from cross site scripting and remote file inclusion vulnerabilities.
0573d4aa4fad74ba21dfae8c95d8a0ef8922ce6bbbf5c65fcd1a8b98424e3d9eOnline Birth Certificate System version 1.0 suffers from an ignored default credential vulnerability.
c7135c363265f519cec4fb4469d88770d47f7406243e7711a2ef7aca6159b30aMedical Card Generations System version 1.0 suffers from an ignored default credential vulnerability.
548b7135e2e243d5d128158ec4a8510b49b16082fb38de180bdb2e26aeaff932Emergency Ambulance Hiring Portal version 1.0 suffer from a WYSIWYG code injection vulnerability.
7b43b9d23f12307ed0da163a4b20cc1867ad452d0156731cd3972715a734a359Printable Staff ID Card Creator System version 1.0 suffers from an insecure direct object reference vulnerability.
1f76023e1ce2b532a638fe37cd83cacdb3aa9015435641c743140013ed4ffc9fProof of concept automation code to exploit a template injection vulnerability in GitHub repository sqlpad/sqlpad version prior to 6.10.1 that can result in remote code execution.
79a6a3c0f0cc3437faa5b70a9c94c21f376448987379d2b3ee42300f9a2f5271Proof of concept exploit for Spring Cloud Data Flow versions prior to 2.11.4 that achieves remote code execution through a malicious upload.
0ee38b6a8cf494539040a02c4712511aeac366dfde03820937e77f9441253ed3The array ppsPMR in DEVMEMXINT_RESERVATION holds references to PMR structures (using PMRRefPMR2()), intending to prevent the PMRs' physical memory from being released. However, PMRs with PVRSRV_MEMALLOCFLAG_NO_OSPAGES_ON_ALLOC (which for OSMem PMRs internally translates to FLAG_ONDEMAND) can release their backing physical pages while references to the PMR still exist; PMRLockSysPhysAddresses() must be used to prevent a PMR's backing pages from disappearing, like in DevmemIntMapPMR2(). Therefore, it is currently possible to free a PMR's backing pages while the PMR is mapped into a DEVMEMXINT_RESERVATION, leading to physical page use-after-free.
cc6e11ae0dee934a94a29ebded0e52e70690ca998d7efe6c5f0ffe85ffda4ebaPrison Management System version 1.0 suffers from an add administrator vulnerability.
a25a824e97167db71e31b2009a9c44afedb55532be1b9ffa63f063ebf5479933Online Survey System version 1.0 suffers from a remote file inclusion vulnerability.
9ac49e540003cc98bbab6ed47333ffe2f4616bc3a383f48fe3a342e9a7dd83ccOnline Student Grading System version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
6572f3f9bad83df66bb8f42e5fa49921e0511eab96c98361242df9209e7eb2d1Online Marriage Registration System version 1.0 suffers from a remote shell upload vulnerability.
990ace207073f604556500939f13df158bf2dfab39adaff554b8e9d0500f40f9Dairy Farm Shop Management System version 1.2 suffers from a remote SQL injection vulnerability that allows for a backdoor to be inserted for code execution.
f0a55905dd74350644935386e7b408242f816011a8331a2ff6ea98c8aaa3d8b4Beauty Parlour Management System version 1.0 suffers from a remote SQL injection vulnerability that allows for a backdoor to be inserted for code execution.
b0286b70ee31536cfdb4ed8e4228e76f2063f3a36f78315a2281b5a491ef8140Apartment Visitor Management System version 1.0 suffers from a remote SQL injection vulnerability that allows for a backdoor to be inserted for code execution.
987ce5e26137f8bdddbb51bcae57cd30034894c8600689ffa818695de55f9f63Passion Responsive Blogging version 1.0 suffers from a remote SQL injection vulnerability.
e5c501fb2cc5591e80691d788822914442c49c70c0cef043c7a782a2ac61afd5Proof of concept code for the Microsoft Windows DWM Core library elevation of privilege vulnerability. The researcher shows how they reversed the patch, how the heap overflow is produced, and overall gives a complete walk through of their process.
ae21b7b798fa9141cefb1411db92e94dfef6796823599323e49ec4cfcc3f7c0dBy having specific DDL permissions set in Oracle 19c, you can bypass access restrictions normally in place for VPD (virtual private database).
ff60854406414096e014384dc484cf5d2a0ecd59484b16d36d5fb5dd40a2a5f3PPDB version 2.4-update 6118-1 suffers from a remote blind SQL injection vulnerability.
9d523a1c4c7a1e4958bb28bea2acec5647cfe8b259c7789ee6c3b10177fbb4d5POMS version 1.0 suffers from an ignored default credential vulnerability.
e96b4926531826f22ee72eeb7f339d7761192178a35f69af5d5141abbc8b63c1Pharmacy Management System version version 1.0 suffers from an ignored default credential vulnerability.
6c367c1c4b085e72851f370194180a14f132217419dbc26645d989d1f50bd05cPDF Generator Web Application version 1.0 suffers from an ignored default credential vulnerability.
ea0edf3e01f27c48e18ff7db4471b92d0d058e7c65718cf02003efd67a75fb49Park Ticketing Project version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
1273e992f54e38d81032650942cf05f0d1f6d8b4728541c4e226b2c694587317Online Travel Agency System version 1.0 suffers from an ignored default credential vulnerability.
33fc5279701fd33248284f756fca51419cb1e797d0158e5bc05d6612e87f5c60
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed