Exploit for Code Injection in Crushftp

CVE-2024-4040 — CrushFTP SSTI / LFI Proof of Concept For...

CVE-2026-4040

creationtimestamp| type| source ---|---|--- 2026-03-12 11:15:59+00:00| seen| https://www.incibe.es/incibe-cert/alerta-temprana/vulnerabilidades/cve-2026-4040 2026-03-12 16:33:08+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mgutbf6fx22k...

EUVD-2026-4040

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in ovatheme Movie Booking movie-booking allows Path Traversal.This issue affects Movie Booking: from n/a through = 1.1.5...

CVE-2009-4040

Cross-site scripting XSS vulnerability in phpMyFAQ before 2.0.17 and 2.5.x before 2.5.2, when used with Internet Explorer 6 or 7, allows remote attackers to inject arbitrary web script or HTML via unspecified parameters to the search page...

CVE-2025-20737

In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00435343; Issue ID: MSV-4040...

EUVD-2017-11373

Malware in sbrugna...

EUVD-2016-7474

Malware in sbrugna...

EUVD-2017-11372

Malware in sbrugna...

CVE-2025-4040

creationtimestamp| type| source ---|---|--- 2025-07-21 15:32:48+00:00| seen| Telegram/9ICN-5LiD66DA0K9FSqtqgsG88-YpJJlSnWjZq7bmBw0c...

CVE-2025-4040

Authorization Bypass Through User-Controlled Key vulnerability in Turpak Automatic Station Monitoring System allows Privilege Escalation.This issue affects Automatic Station Monitoring System: before 5.0.6.51...

CVE-2025-4040 IDOR in Turpak's Automatic Station Monitoring System

Authorization Bypass Through User-Controlled Key vulnerability in Turpak Automatic Station Monitoring System allows Privilege Escalation.This issue affects Automatic Station Monitoring System: before 5.0.6.51...

CVE-2025-4040

CVE-2025-4040 affects Turpak Automatic Station Monitoring System (versions prior to 5.0.6.51). The issue is an Authorization Bypass Through a User-Controlled Key, enabling Privilege Escalation. Multiple sources (Red Hat, CVE ecosystem listings, and PT Security) corroborate the vulnerability and s...

CVE-2025-4040 IDOR in Turpak's Automatic Station Monitoring System

Authorization Bypass Through User-Controlled Key vulnerability in Turpak Automatic Station Monitoring System allows Privilege Escalation.This issue affects Automatic Station Monitoring System: before 5.0.6.51...

Exploit for Path Traversal in Lakernote Easyadmin

CVE-2024-4040 — CrushFTP Authentication Bypass Exploit This r...

Exploit for Code Injection in Crushftp

CVE-2024-4040 — CrushFTP Authentication Bypass Exploit This r...

Linux Distros Unpatched Vulnerability : CVE-2010-4040

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Google Chrome before 7.0.517.41 does not properly handle animated GIF images, which allows remote attackers to cause a denial of service memory corruption or...

CVE-2020-4040

Bolt CMS before version 3.7.1 lacked CSRF protection in the preview generating endpoint. Previews are intended to be generated by the admins, developers, chief-editors, and editors, who are authorized to create content in the application. But due to lack of proper CSRF protection, unauthorized...

Debian: Security Advisory (DLA-4040-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2020-4040 affecting package bolt 0.9.2-2

CVE-2020-4040 affecting package bolt 0.9.2-2. This CVE either no longer is or was never applicable...

Exploit for Code Injection in Crushftp

EN GenCrushSSTIExploit is a PoC exploit tool targeting the...