XAMPP - Buffer Overflow Exploit

Exploit Title: XAMPP v3.3.0 — '.ini' Buffer Overflow Unicode + SEH Author: Talson @Ripp3rdoc Software Link: https://sourceforge.net/projects/xampp/files/XAMPP%20Windows/8.0.28/xampp-windows-x64-8.0.28-0-VS16-installer.exe Version: 3.3.0 Tested on: Windows 11 CVE-2023-46517 \ / \ \ /| | || | /| ||...

Authorization

An issue discovered in iSpyConnect.com Agent DVR 5.1.6.0 allows attackers to run arbitrary files by restoring a crafted backup file...

CVE-2024-22514

An issue discovered in iSpyConnect.com Agent DVR 5.1.6.0 allows attackers to run arbitrary files by restoring a crafted backup file...

Exploit for Code Injection in Ispyconnect Agent_Dvr

CVE-2024-22514: Remote Code Execution in Agent DVR Informa...

CVE-2024-0716

A vulnerability classified as problematic has been found in Byzoro Smart S150 Management Platform V31R02B15. This affects an unknown part of the file /log/download.php of the component Backup File Handler. The manipulation leads to information disclosure. It is possible to initiate the attack...

CVE-2024-0716

A vulnerability classified as problematic has been found in Byzoro Smart S150 Management Platform V31R02B15. This affects an unknown part of the file /log/download.php of the component Backup File Handler. The manipulation leads to information disclosure. It is possible to initiate the attack...

CVE-2024-0716 Byzoro Smart S150 Management Platform Backup File download.php information disclosure

A vulnerability classified as problematic has been found in Byzoro Smart S150 Management Platform V31R02B15. This affects an unknown part of the file /log/download.php of the component Backup File Handler. The manipulation leads to information disclosure. It is possible to initiate the attack...

CVE-2024-0716 Byzoro Smart S150 Management Platform Backup File download.php information disclosure

A vulnerability classified as problematic has been found in Byzoro Smart S150 Management Platform V31R02B15. This affects an unknown part of the file /log/download.php of the component Backup File Handler. The manipulation leads to information disclosure. It is possible to initiate the attack...

PT-2024-15776 · Byzoro · Byzoro Smart S150 Management Platform

Name of the Vulnerable Software and Affected Versions: Byzoro Smart S150 Management Platform version V31R02B15 Description: A vulnerability has been found in the Byzoro Smart S150 Management Platform, affecting an unknown part of the file /log/download.php of the component Backup File Handler. Th...

Clone < 2.4.3 - Unauthenticated Backup Download

Description The plugin uses buffer files to store in-progress backup informations, which is stored at a publicly accessible, statically defined file path. PoC While a backup job is running, visitors can access one of the following files it might take a couple tries, as the timing needs to be righ...

Restoration with backup file doesn't work issue

Restore by backup file does not work correctly in NetScaler...

CVE-2023-44318

Affected devices use a hardcoded key to obfuscate the configuration backup that an administrator can export from the device. This could allow an authenticated attacker with administrative privileges or an attacker that obtains a configuration backup to extract configuration information from the...

CVE-2023-5263 ZZZCMS Database Backup File save.php restore permission

A vulnerability was found in ZZZCMS 2.1.7 and classified as critical. Affected by this issue is the function restore of the file /admin/save.php of the component Database Backup File Handler. The manipulation leads to permission issues. The attack may be launched remotely. The exploit has been...

CVE-2023-5263

The CVE concerns ZZZCMS 2.1.7. It targets the restore function in the Database Backup File Handler’s /admin/save.php, where improper handling leads to permission issues. The vulnerability can be exploited remotely, and public disclosures exist (exploit has been disclosed). Affected component: Dat...

CVE-2023-43825

Relative path traversal vulnerability in Shihonkanri Plus Ver9.0.3 and earlier allows a local attacker to execute an arbitrary code by having a legitimate user import a specially crafted backup file of the product...

Path traversal

Relative path traversal vulnerability in Shihonkanri Plus Ver9.0.3 and earlier allows a local attacker to execute an arbitrary code by having a legitimate user import a specially crafted backup file of the product...

CVE-2023-43825

Relative path traversal vulnerability in Shihonkanri Plus Ver9.0.3 and earlier allows a local attacker to execute an arbitrary code by having a legitimate user import a specially crafted backup file of the product...

CVE-2023-43825

Relative path traversal vulnerability in Shihonkanri Plus Ver9.0.3 and earlier allows a local attacker to execute an arbitrary code by having a legitimate user import a specially crafted backup file of the product...

Shihonkanri Plus vulnerable to relative path traversal

Overview Shihonkanri Plus provided by EKAKIN contains a relative path traversal vulnerability CWE-23. Shimizu Yutaro of Cyber Defense Institute, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. Impact An attack...

The vulnerability of the Conversations messaging software, related to insufficient validation of input data, allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the Conversations messaging software is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information by opening a backup file...