Security
Headlines
HeadlinesLatestCVEs

Tag

#sql

Introduction To Web Pentesting

This archive holds a whitepaper called Introduction to Web Pentesting. It provides basic configuration for Burpsuite Proxy along with basic exploitation cross site scripting, SQL injection, cross site request forgery, and open redirects. Two copies of the whitepaper are included. One is in English and one is in Bulgarian.

Packet Storm
#sql#xss#web
Joomla JLex GuestBook 1.6.4 Cross Site Scripting

Joomla JLex GuestBook extension version 1.6.4 suffers from a cross site scripting vulnerability.

Cryptolive CMS 1.0 SQL Injection

Cryptolive CMS version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

Creative Commons Attribution 3.0 SQL Injection

Creative Commons Attribution version 3.0 suffers from a remote SQL injection vulnerability.

CVE-2023-36118: Faculty Evaluation System - HackMD

Cross Site Scripting vulnerability in Faculty Evaulation System using PHP/MySQLi v.1.0 allows an attacker to execute arbitrary code via a crafted payload to the page parameter.

Joomla JLex Review 6.0.1 Cross Site Scripting

Joomla JLex Review extension version 6.0.1 suffers from a cross site scripting vulnerability.

Online Diagnostic Lab Management 1.0 SQL Injection

Online Lab Diagnostic Management version 1.0 suffers from a remote SQL injection vulnerability.