CVE-2021-4070
Off-by-one Error in GitHub repository v2fly/v2ray-core prior to 4.44.0. Devamını Oku
Devamını oku
[webapps] Simple Real Estate Portal System 1.0 – ‘id’ SQLi
Simple Real Estate Portal System 1.0 – ‘id’ SQLi
Exploit ile ilgili teknik detaylar için Devamını Oku
Kaynak: Exploit-DB.com RSS Feed
[webapps] WebHMI 4.1.1 – Remote Code Execution (RCE) (Authenticated)
WebHMI 4.1.1 – Remote Code Execution (RCE) (Authenticated)
Exploit ile ilgili teknik detaylar için Devamını Oku
Kaynak: Exploit-DB.com RSS Feed
[remote] ICL ScadaFlex II SCADA Controllers SC-1/SC-2 1.03.07 – Remote File CRUD
ICL ScadaFlex II SCADA Controllers SC-1/SC-2 1.03.07 – Remote File CRUD
Exploit ile ilgili teknik detaylar için Devamını Oku
Kaynak: Exploit-DB.com RSS Feed
[webapps] Student Record System 1.0 – ‘cid’ SQLi (Authenticated)
Student Record System 1.0 – ‘cid’ SQLi (Authenticated)
Exploit ile ilgili teknik detaylar için Devamını Oku
Kaynak: Exploit-DB.com RSS Feed
[remote] Adobe ColdFusion 11 – LDAP Java Object Deserialization Remode Code Execution (RCE)
Adobe ColdFusion 11 – LDAP Java Object Deserialization Remode Code Execution (RCE)
Exploit ile ilgili teknik detaylar için Devamını Oku
Kaynak: Exploit-DB.com RSS Feed
[webapps] aaPanel 6.8.21 – Directory Traversal (Authenticated)
aaPanel 6.8.21 – Directory Traversal (Authenticated)
Exploit ile ilgili teknik detaylar için Devamını Oku
Kaynak: Exploit-DB.com RSS Feed
[webapps] Air Cargo Management System v1.0 – SQLi
Air Cargo Management System v1.0 – SQLi
Exploit ile ilgili teknik detaylar için Devamını Oku
Kaynak: Exploit-DB.com RSS Feed
[webapps] Microweber CMS 1.2.10 – Local File Inclusion (Authenticated) (Metasploit)
Microweber CMS 1.2.10 – Local File Inclusion (Authenticated) (Metasploit)
Exploit ile ilgili teknik detaylar için Devamını Oku
Kaynak: Exploit-DB.com RSS Feed
[webapps] WebHMI 4.1 – Stored Cross Site Scripting (XSS) (Authenticated)
WebHMI 4.1 – Stored Cross Site Scripting (XSS) (Authenticated)
Exploit ile ilgili teknik detaylar için Devamını Oku
Kaynak: Exploit-DB.com RSS Feed
CVE-2021-43824
Envoy is an open source edge and service proxy, designed for cloud-native applications. In affected versions a crafted request crashes Envoy when a CONNECT request is sent to JWT filter configured with regex match. This provides a denial of service attack vector. The only workaround is to not use regex in the JWT filter. Users…
CVE-2021-43825
Envoy is an open source edge and service proxy, designed for cloud-native applications. Sending a locally generated response must stop further processing of request or response data. Envoy tracks the amount of buffered request and response data and aborts the request if the amount of buffered data is over the limit by sending 413 or…