8bitsec vulnerabilities and exploits

(subscribe to this query)

A CSV Injection vulnerability exists in Shopy Point of Sale v1.0 that allows a user with low level privileges to inject a command that will be included in the exported CSV file, leading to possible code execution.

Codeslab Shopy Point Of Sale 1.0

1 EDB exploit

An Authenticated Stored XSS vulnerability was found in HRSALE The Ultimate HRM v1.0.2, exploitable by a low privileged user.

Hrsale Project Hrsale 1.0.2

1 EDB exploit

A CSV Injection vulnerability exists in clustercoding Blog Master Pro v1.0 that allows a user with low level privileges to inject a command that will be included in the exported CSV file, leading to possible code execution.

Clustercoding Blog Master Pro 1.0.0

1 EDB exploit

A CSV Injection vulnerability exists in HRSALE The Ultimate HRM v1.0.2 that allows a user with low level privileges to inject a command that will be included in the exported CSV file, leading to possible code execution.

Hrsale Project Hrsale 1.0.2

1 EDB exploit

A Local File Inclusion vulnerability was found in HRSALE The Ultimate HRM v1.0.2, exploitable by a low privileged user.

Hrsale Project Hrsale 1.0.2

1 EDB exploit

A SQL Injection vulnerability exists in HRSALE The Ultimate HRM v1.0.2 that allows a user with low level privileges to directly modify the SQL query.

Hrsale Project Hrsale 1.0.2

1 EDB exploit

Gin 0.7.4 allows execution of arbitrary code when a crafted file is opened, e.g., via require('child_process').

Gin Project Gin 0.7.4

Yank Note (YN) 3.52.1 allows execution of arbitrary code when a crafted file is opened, e.g., via nodeRequire('child_process').

Yank-note Yank Note 3.52.1

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook