Apache Artemis: Unauthorized Temporary Address Creation via OpenWire Protocol

Incorrect Authorization CWE-863 vulnerability in Apache Artemis, Apache ActiveMQ Artemis exists when an application using the OpenWire protocol attempts to create a non-durable JMS topic subscription on an address that doesn't exist with an authenticated user which has the "createDurableQueue"...

CVE-2026-32642

Incorrect Authorization CWE-863 vulnerability in Apache Artemis, Apache ActiveMQ Artemis exists when an application using the OpenWire protocol attempts to create a non-durable JMS topic subscription on an address that doesn't exist with an authenticated user which has the "createDurableQueue"...

CVE-2026-32642 Apache Artemis, Apache ActiveMQ Artemis: Temporary address auto-created for OpenWire consumer without createAddress permission

Incorrect Authorization CWE-863 vulnerability in Apache Artemis, Apache ActiveMQ Artemis exists when an application using the OpenWire protocol attempts to create a non-durable JMS topic subscription on an address that doesn't exist with an authenticated user which has the "createDurableQueue"...

PT-2023-25413 · WordPress · Simple Author Box

Name of the Vulnerable Software and Affected Versions: The Simple Author Box WordPress plugin versions prior to 2.52 Description: The issue is related to the disclosure of arbitrary user information due to a lack of verification of the user ID before outputting information about that user. This c...

WordPress plugin Simple Author Box security vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exists in...

WordPress Simple Author Box Plugin < 2.52 is vulnerable to Insecure Direct Object References (IDOR)

Software Simple Author Box Type Plugin Vulnerable versions 2.52 Fixed in 2.52 OWASP Top 10 A1: Broken Access Control Classification Insecure Direct Object References IDOR CVE CVE-2023-3601 Patch priority Low CVSS severity Low 6.5 Developer WebFactory Ltd. PSID c55453b38919 Credits Dmitriy Require...

CVE-2021-29213

A potential local bypass of security restrictions vulnerability has been identified in HPE ProLiant DL20 Gen10, HPE ProLiant ML30 Gen10, and HPE ProLiant MicroServer Gen10 Plus server's system ROMs prior to version 2.52. The vulnerability could be locally exploited to cause disclosure of sensitiv...

WordPress 跨站请求伪造漏洞

WordPress is a set of blogging platforms developed using the PHP language by the WordPress Wordpress Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. A cross-site request forgery vulnerability exists in the Wordpress plugin WP-Stats, which is caused ...

Omron CX-One and CX-Protocol Buffer Error Vulnerability

Omron CX-One is an integrated toolkit from Omron Japan. The products include inverters, temperature controllers, and PLC programming software, etc. CX-Protocol is one of the components used to create a serial communication protocol to communicate with standard serial devices. A buffer error...

Omron CX-One and CX-Protocol Buffer Error Vulnerability

Omron CX-One is an integrated toolkit from Omron Japan. The products include inverters, temperature controllers, and PLC programming software, etc. CX-Protocol is one of the components used to create a serial communication protocol to communicate with standard serial devices. A buffer error...

BigAnt-Server-2.52-SP5-SEH

Exploit Title: BigAnt Server 2.52 SP5 SEH Stack Overflow ROP-based exploit ASLR + DEP bypass Date: 03/11/2012 Exploit Author: Lorenzo Cantoni Vendor Homepage: http://www.bigantsoft.com/ Version: BigAnt Console 2.52 SP5 Tested on: Windows 7 SP0 x86 Italian - expsrv.dll 6.0.9589 Info: Vulnerability...

BigAnt Server 2.52 - SEH (0day)

No description provided by source. !/usr/bin/python import socket, sys BigAnt version 2.52 0day Tested on XPSP2 & Win2k3 SP2 Discovered by Lincoln Thanks to muts & remote-exploit 650 or so bytes available after seh, easier to jump back root@BT4VM: ./bigant.py 192.168.87.130 Exploit sent! Connect ...

XOOPS Module PopnupBlog <= 2.52 (postid) BLIND SQL Injection Exploit

No description provided by source. html head titleXOOPS Module PopnupBlog = 2.52 postid BLIND SQL Injection Exploit/title script type=text/javascript //'=============================================================================================== //'Script Name: XOOPS Module PopnupBlog = 2.52...

BigAnt Server 2.52 Stack Overflow

Exploit Title: BigAnt Server 2.52 SP5 SEH Stack Overflow ROP-based exploit ASLR + DEP bypass Date: 03/11/2012 Exploit Author: Lorenzo Cantoni Vendor Homepage: http://www.bigantsoft.com/ Version: BigAnt Console 2.52 SP5 Tested on: Windows 7 SP0 x86 Italian - expsrv.dll 6.0.9589 Info: Vulnerability...

BigAnt Server 2.52 SP5 - Remote Stack Overflow ROP-Based (SEH) (ASLR + DEP Bypass)

BigAnt Server 2.52 SP5 - Remote Stack Overflow ROP-Based SEH ASLR + DEP Bypass Exploit Title: BigAnt Server 2.52 SP5 SEH Stack Overflow ROP-based exploit ASLR + DEP bypass Date: 03/11/2012 Exploit Author: Lorenzo Cantoni Vendor Homepage: http://www.bigantsoft.com/ Version: BigAnt Console 2.52 SP5...

RarmaRadio (.m3u) Denial of Service Vulnerability

Exploit for windows platform in category dos / poc ================================================= RarmaRadio .m3u Denial of Service Vulnerability ================================================= || || | || o,7 || . o7 || 4||| ow, : / /...

BigAnt Server 2.52 USV Buffer Overflow

This exploits a stack buffer overflow in the BigAnt Messaging Service, part of the BigAnt Server product suite. This module was tested successfully against version 2.52. NOTE: The AntServer service does not restart, you only get one shot. This module requires Metasploit:...

BigAnt Server 2.52 USV Buffer Overflow

$Id: bigantserverusv.rb 8071 2010-01-05 11:49:12Z swtornio $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...

BigAnt IM Server 'USV' Request Buffer Overflow Vulnerability

BigAnt IM Server is prone to a remote buffer-overflow vulnerability because it fails to perform adequate boundary checks on user- supplied input. An attacker can exploit this issue to execute arbitrary code with the privileges of the user running the server. Failed exploit attempts will result in...

BigAnt 2.52 Buffer Overflow

!/usr/bin/python BigAnt Server 2.52 remote buffer overflow exploit 2 Author: DouBleZer0 Vulnerability discovered by Lincoln a another version of the original exploit by Lincoln application is little hazy.. import sys,socket host = sys.argv1 buffer= "\x90" 20 ./msfpayload...