326 bytes small Windows/x64 add administrative user dynamic PEB and EDT method shellcode.
ce836880761cfda2559a206f8a4eddd7cafbcbfe3f946cceb11b3d189d914798
FLEX versions prior to 1085 Web 1.6.0 suffer from a denial of service vulnerability.
ae0a20928dfa334d84c3e4bae14365283943129dafd6b66b0cb30a235a9f223c
Advanced Host Monitor version 12.56 suffers from an unquoted service path vulnerability.
345729204fd62ea669a733d90946c008f6634738cd6a29af717aa4eda7454e05
KODExplorer versions 4.49 and below suffer from cross site request forgery and remote shell upload vulnerabilities.
2c24ede0b6c9ade31db524c30505dfd3c2502c034c6ae0b1c0858a97d424c42d
SAP Information System version 1.0.0 suffers from an improper authentication vulnerability that allows a malicious user to create an administrative account without needing to authenticate. The POST request is sent to the /SAP_Information_System/controllers/add_admin.php endpoint. The problem occurs due to lack of session verification in the request.
81b2d35c550ef4f8db3fd0aac42c15232a707b20d75b5eeabeefd52e176de1e6
Royale Event Management System version 1.0 suffers from a cross site scripting vulnerability.
4ba5bed99918ab869e0641c56b759bcab5b92ee105f33e0a11566bb46af66764
Royale Event Management System version 1.0 suffers from a privilege escalation vulnerability by allowing an attacker to register an account as an administrator.
85ce88277012be394e2e9c1726b65a9dd12b2ee36964f37334e9e463bf7d6124
Microfinance Management System version 1.0 suffers from a persistent cross site scripting vulnerability.
c86119833c22b38c0769d848d0d43aa58bfb7a83ddc8391abb36775d17fb128c
One Church Management System version 1.0 suffers from a remote SQL injection vulnerability.
7370b13e702149a98eb34624da7e19119c5e0bd03b3a9128aec5c36bb8b8e281
Microfinance Management System version 1.0 suffers from multiple remote SQL injection vulnerabilities including one that allows for authentication bypass. Original discovery of SQL injection in this version is attributed to Hejap Zairy in March of 2022.
343044362efa4a6c2b811fb81e765a9457a7230a718bbb4fa5ab4935f8b979a8
One Church Management System version 1.0 suffers from multiple cross site scripting vulnerabilities.
f821ada63fe52bb30efe2ce38c79ee3cd771ba5c4bd2328f70edc33512ce5e3d
College Website Management System version 1.0 suffers from a remote SQL injection vulnerability.
728950467a26ee6d6511c30824c4ea6b179d8627cc5304a9a0b2a94cfedcc2da
Automatic Question Paper Generator System version 1.0 suffers from a persistent cross site scripting vulnerability.
8010a14496f4fb08182b6da205815a644f43386ad9762be33603bba8aa039062
Automatic Question Paper Generator System version 1.0 suffers from an insecure direct object reference that allows an attacker to reset the password of other users.
7cfab5761bf9d3af6005cfa1068476496ef37656abf084c7157403f53dec2e13
FLEX 1080/1085 Web version 1.6.0 suffers from an information disclosure vulnerability.
28ce810269e0bf61bc80264045e9cf5c6db97242b86229546be0407a3d2ebece
FLEX 1085 Web version 1.6.0 suffers from an html injection vulnerability.
2ce54edd9758e61d9f66041bd0461c61b5f7135aa98da49b7508c369fbbd421e