CVE-2024-13342

The Booster for WooCommerce plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'addfilestoorder' function in all versions up to, and including, 7.2.4. This makes it possible for unauthenticated attackers to upload arbitrary files with double...

CVE-2023-1125

The Ruby Help Desk WordPress plugin before 1.3.4 does not ensure that the ticket being modified belongs to the user making the request, allowing an attacker to close and/or add files and replies to tickets other than their own...

CVE-2024-3497 Directory Traversal Remote Code Execution Vulnerability

Path traversal vulnerability in the web server of the Toshiba printer enables attacker to overwrite orginal files or add new ones to the printer. As for the affected products/models/versions, see the reference URL...

CVE-2024-3497

The CVE-2024-3497 entry refers to a directory traversal vulnerability in the web server of Toshiba e-STUDIO printers. The issue allows a network-adjacent attacker to overwrite or add files via path traversal in the unzip operation, with ZDI noting possible remote code execution and no authenticat...

Quick CMS 6.7 Shell Upload Vulnerability

Title : Authenticated Shell Upload Product : Quick CMS Vendor : https://opensolution.org/ Affected Version : 6.7 Researcher : Eagle Eye Tested on : Window & Linux Report : Already contact the vendor but no response Affected path : admin.php , core/common-admin.php, database/config.php Affected...

CVE-2023-1125

The Ruby Help Desk WordPress plugin before 1.3.4 does not ensure that the ticket being modified belongs to the user making the request, allowing an attacker to close and/or add files and replies to tickets other than their own...

DEBIAN-CVE-2023-28998

The Nextcloud Desktop Client is a tool to synchronize files from Nextcloud Server. Starting with version 3.0.0 and prior to version 3.6.5, a malicious server administrator can gain full access to an end-to-end encrypted folder. They can decrypt files, recover the folder structure, and add new...

PT-2023-22075 · Nextcloud +2 · Nextcloud Android App +4

Name of the Vulnerable Software and Affected Versions: Nextcloud Desktop client versions 3.0.0 through 3.8.0 Nextcloud Android app versions 3.13.0 through 3.25.0 Nextcloud iOS app versions 3.0.5 through 4.8.0 Description: A malicious server administrator can gain full access to an end-to-end...

Unrestricted Upload of File with Dangerous Type

Description Malicious user can bypass checking and upload .phtm or .php6 file which leads to stored XSS. Proof of Concept - Step 1: Login as admin at https://demo.microweber.org/demo/admin/ - Step 2: Go to Websites setting and Edit any page https://demo.microweber.org/demo/admin/page/24/edit -...

Microsoft Windows Store Installer Privilege Vulnerability

Microsoft Windows and Microsoft Windows Server are both products of Microsoft Corporation.Microsoft Windows is an operating system for personal devices.Microsoft Windows Server is a server operating system. A privilege extraction vulnerability exists in the Microsoft Store installer, which can be...

Naturpic Video Joiner Buffer Overflow POC

Exploit for windows platform in category dos / poc ========================================= Naturpic Video Joiner Buffer Overflow POC ========================================= 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ ...

Donar Player 2.2.0 Denial Of Service

!/usr/bin/python Title: Donar Player 2.2.0 Local Crash PoC Date: 03-21-2010 Author: b0telh0 Link: http://www.donarzone.com/downloads/donar-player-setup-free.exe Tested on: Windows XP SP3 crash = "\x41" 1000 try: file = open'b0t.wma','w'; file.writecrash; file.close; print "\n+ b0t.wma created."...