phpMyFAQ 2.9.8 - Cross-Site Request Forgery(CSRF)

Exploit Title: phpMyFAQ 2.9.8 - Cross-Site Request ForgeryCSRF Date: 2024-10-26 Exploit Author: CodeSecLab Vendor Homepage: https://github.com/thorsten/phpMyFAQ Software Link: https://github.com/thorsten/phpMyFAQ Version: 2.9.8 Tested on: Ubuntu Windows CVE : CVE-2017-15734 PoC: Get...

CVE-2025-5416 Keycloak-core: keycloak environment information

A vulnerability has been identified in Keycloak that could lead to unauthorized information disclosure. While it requires an already authenticated user, the /admin/serverinfo endpoint can inadvertently provide sensitive environment information...

CVE-2019-6634

On BIG-IP 14.1.0-14.1.0.5, 14.0.0-14.0.0.4, 13.0.0-13.1.1.4, and 12.1.0-12.1.4, a high volume of malformed analytics report requests leads to instability in restjavad process. This causes issues with both iControl REST and some portions of TMUI. The attack requires an authenticated user with any...

PT-2021-1638 · Cisco · Cisco Firepower Management Center

Name of the Vulnerable Software and Affected Versions: Cisco Firepower Management Center FMC affected versions not specified Description: The issue is related to multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center FMC, which could allow an...

gpEasy CMS 4.0 Shell Upload Vulnertability

gpEasy CMS version 4.0 suffers from a remote shell upload vulnerability. Exploit Title : gpEasy CMS Malicious File Upload Date : 4 June 2013 Exploit Author : CWH Underground Site : www.2600.in.th Vendor Homepage : http://gpeasy.com/ Software Link : http://gpeasy.com/SpecialgpEasy?cmd=dlzip Versio...