CVE-2026-40875

creationtimestamp| type| source ---|---|--- 2026-04-21 21:26:51+00:00| seen| Telegram/FmTSSVQ1J3rSbvAltEePP9EbJsBmWNaUcXM1uvMHIpeiAtQ...

CVE-2022-40875

Tenda AX1803 v1.0.0.1 was discovered to contain a heap overflow in the function GetParentControlInfo...

CVE-2024-40875

creationtimestamp| type| source ---|---|--- 2024-12-20 20:20:19+00:00| seen| https://infosec.exchange/users/cve/statuses/113687004376620638 2024-12-20 21:15:31+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3ldrcmqimm322 2024-12-20 23:26:40+00:00| seen|...

CVE-2024-40875 Cross-site scripting vulnerability in the Secure Access administrative console prior to 13.52

There is a cross-site scripting vulnerability in the management console of Absolute Secure Access prior to version 13.52. Attackers with system administrator permissions can interfere with another system administrator’s use of the management console when the second administrator logs in. Attack...

CVE-2023-40875

DedeCMS up to and including 5.7.110 was discovered to contain multiple cross-site scripting XSS vulnerabilities at /dede/voteedit.php via the votename and votenote parameters...

CVE-2023-40875

DedeCMS (Dream Weaving CMS) up to and including version 5.7.110 contains multiple cross‑site scripting (XSS) vulnerabilities in the vote_edit.php endpoint, exploitable via the votename and votenote parameters. The issue is described across multiple sources as XSS vulnerabilities affecting that pa...

CVE-2022-40875

Tenda AX1803 v1.0.0.1 was discovered to contain a heap overflow in the function GetParentControlInfo...

CVE-2022-40875

Tenda AX1803 v1.0.0.1 was discovered to contain a heap overflow in the function GetParentControlInfo...

CVE-2022-40875

CVE-2022-40875 affects Tenda AX1803 v1.0.0.1, with a heap overflow in the GetParentControlInfo function. Reported across multiple sources, the issue is described as a heap overflow vulnerability in a router firmware component. The connected documents confirm the vulnerable product/version and the...

Gurock Testrail 7.2.0.3014 Improper Access Control

Exploit Title: Gurock Testrail 7.2.0.3014 - 'files.md5' Improper Access Control Date: 22/09/2022 Exploit Author: Sick Codes & JohnJHacking Sakura Samuraii Vendor Homepage: https://www.gurock.com/testrail/ Version: 7.2.0.3014 and below Tested on: macOS, Linux, Windows CVE : CVE-2021-40875 Referenc...

Gurock Testrail 7.2.0.3014 - 'files.md5' Improper Access Control

Exploit Title: Gurock Testrail 7.2.0.3014 - 'files.md5' Improper Access Control Date: 22/09/2022 Exploit Author: Sick Codes & JohnJHacking Sakura Samuraii Vendor Homepage: https://www.gurock.com/testrail/ Version: 7.2.0.3014 and below Tested on: macOS, Linux, Windows CVE : CVE-2021-40875 Referenc...

CVE-2021-40875

CVE-2021-40875 concerns Gurock TestRail before 7.2.0.3014, where improper access control allows a client-side request to the "/files.md5" file. The exposure reveals a full list of application files and their paths, which can be tested to potentially disclose hardcoded credentials, API keys, or ot...

CVE-2021-40875

creationtimestamp| type| source ---|---|--- 2021-09-22 08:04:51+00:00| published-proof-of-concept| https://t.me/GithubRedTeam/574 2021-09-22 18:28:54+00:00| seen| https://t.me/cibsecurity/29229 2021-09-23 20:58:26+00:00| published-proof-of-concept|...

omicsgroup.org XSS vulnerability

Vulnerable URL:...

Mail.app Image Attachment Command Execution

$Id$ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 'Mail.app Ima...

Mail.app Image Attachment Command Execution

This module exploits a command execution vulnerability in the Mail.app application shipped with Mac OS X 10.5.0. This flaw was patched in 10.4 in March of 2007, but reintroduced into the final release of 10.5. This module requires Metasploit: https://metasploit.com/download Current source:...

Mail.App 10.5.0 Image Attachment Command Execution (OS X)

No description provided by source. $Id$ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require...

Apple Mail.App 10.5.0 (OSX) - Image Attachment Command Execution (Metasploit)

Apple Mail.App 10.5.0 OSX - Image Attachment Command Execution Metasploit $Id$ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...