Tenant Limited 1.0 SQL Injection
Authored by nu11secur1ty
Tenant Limited version 1.0 suffers from a remote SQL injection vulnerability.
Change Mirror Download
## Titles: TENANT-LIMITED-1.0 SQLi## Author: nu11secur1ty## Date: 05/20/2024## Vendor: https://mayurik.com/## Software:https://www.sourcecodester.com/php/17375/best-courier-management-system-project-php.html## Reference: https://portswigger.net/web-security/sql-injection## Description:The username...
Arm Mali r45p0 Broken State Use-After-Free
Authored by Jann Horn, Google Security Research
Arm Mali versions since r45p0 suffer from a broken KBASE_USER_BUF_STATE_* state machine for userspace mappings that can lead to a use-after-free condition.
advisories |...
PowerVR _UnrefAndMaybeDestroy() Use-After-Free
Authored by Jann Horn, Google Security Research
PowerVR suffers from a use-after-free vulnerability in _UnrefAndMaybeDestroy().
advisories | CVE-2024-34724
PowerVR DevmemIntChangeSparse2() Dangling Page Table Entry
Authored by Jann Horn, Google Security Research
PowerVR suffers from a wrong order of operations in DevmemIntChangeSparse2() that leads to a temporarily dangling page table entry.
advisories | CVE-2024-31335
Backdrop CMS 1.27.1 Remote Command Execution
Authored by Ahmet Umit Bayram
Backdrop CMS version 1.27.1 suffers from a remote command execution vulnerability.
Change Mirror Download
# Exploit Title: Backdrop CMS 1.27.1 - Remote Command Execution (RCE)# Date: 04/27/2024#...
Apache OFBiz 18.12.12 Directory Traversal
Authored by Abdualhadi Khalifa
Apache OFBiz versions 18.12.12 and below suffer from a directory traversal vulnerability.
Change Mirror Download
# Exploit Title: Apache OFBiz 18.12.12 - Directory Traversal# Google Dork: N/A# Date:...
WordPress XStore Theme 9.3.8 SQL Injection
Authored by Abdualhadi Khalifa
WordPress XStore theme version 9.3.8 suffers from a remote SQL injection vulnerability.
advisories | CVE-2024-33559
Change Mirror Download
# Exploit Title: Wordpress Theme XStore 9.3.8 - SQLi# Google Dork:...
Zope 5.9 Command Injection
Authored by Ilyase Dehy, Aymane MAZGUITI
Zope version 5.9 suffers from a command injection vulnerability in /utilities/mkwsgiinstance.py.
advisories | CVE-2024-33828
Change Mirror Download
# Vulnerability Report## Title: Command Argument Injection Vulnerability in Zope...
SAP Cloud Connector 2.16.1 Missing Validation
Authored by Mingshuo Li, Fabian Hagg | Site sec-consult.com
SAP Cloud Connector versions 2.15.0 through 2.16.1 were found to happily accept self-signed TLS certificates between SCC and SAP BTP.
advisories |...
Cacti 1.2.26 Remote Code Execution
Authored by EgiX | Site karmainsecurity.com
Cacti versions 1.2.26 and below suffer from a remote code execution execution vulnerability in import.php.
advisories | CVE-2024-25641
Change Mirror Download
----------------------------------------------------------------Cacti <= 1.2.26 (import.php) Remote Code...
