CVE-2025-9396

A security flaw has been discovered in ckolivas lrzip up to 0.651. This impacts the function GIstrtollinternal of the file strtoll.c. Performing manipulation results in null pointer dereference. The attack is only possible with local access. The exploit has been released to the public and may be...

PT-2025-34145 · Elunez · Eladmin

Name of the Vulnerable Software and Affected Versions: elunez eladmin versions prior to 2.8 Description: A security flaw has been discovered in elunez eladmin up to version 2.7. This issue affects an unknown functionality of the file /auth/info. Manipulation of this functionality results in...

CVE-2025-9143 Scada-LTS mailing_lists.shtm cross site scripting

A security flaw has been discovered in Scada-LTS 2.7.8.1. This affects an unknown part of the file mailinglists.shtm. The manipulation of the argument name/userList/address results in cross site scripting. It is possible to launch the attack remotely. The exploit has been released to the public a...

PT-2025-33638 · Portabilis · Portabilis I-Diario

Name of the Vulnerable Software and Affected Versions: Portabilis i-Diario versions prior to 1.5.1 Description: A security flaw has been discovered in Portabilis i-Diario. The vulnerability affects an unknown functionality of the file /password/email within the Password Recovery Endpoint componen...

📄 Android 13 Local Privilege Escalation

Android version 13 local privilege escalation proof of concept exploit. Exploit Title: Android 13 - Local Privilege Escalation Date: 2025-04-16 Exploit Author: Milad Karimi Ex3ptionaL Contact: [email protected] Zone-H: www.zone-h.org/archive/notifier=Ex3ptionaL Version: = 13 Tested on: Win,...

TYPO3 Extension Restler 1.7.0 - Local File Disclosure

Exploit Title: Typo3 Restler Extension - Local File Disclosure Date: 2017-10-13 Exploit Author: CrashBandicot @dosperl Vendor Homepage: https://www.aoe.com/ Software Link: https://extensions.typo3.org/extension/restler/ Tested on : MsWin Version: 1.7.0 last Vulnerability File : getsource.php 3...

AudioCoder 0.8.46 - Local Buffer Overflow (SEH)

AudioCoder 0.8.46 - Local Buffer Overflow SEH !/usr/bin/python Exploit Title : AudioCoder 0.8.46 Local Buffer Overflow SEH CVE : CVE-2017-8870 Exploit Author : Muhann4d @0xSecured Vendor Homepage : http://www.mediacoderhq.com Vulnerable Software:...

Watchguard Firewalls - 'ESCALATEPLOWMAN' ifconfig Privilege Escalation

Exploit Title: WatchGuard Firewalls - ifconfig Privilege Escalation ESCALATEPLOWMAN Date: 19-08-2016 Exploit Author: Shadow Brokers Vendor Homepage: http://www.watchguard.com/ Full Exploit: https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/40270.zip...

3Com 3CDaemon FTP Unauthorized "USER" Remote BoF Exploit

No description provided by source. / Added on line 86 /str0ke / / 3com 3CDaemon FTP Unauthorized USER Remote BOverflow The particularity of this exploit is to exploits a FTP server without the need of any authorization. Homepage: www.3com.com version: 3CDaemon v2.0 rev10 Link:...

Nokia DX200 Denial Of Service

Vulnerability: Nokia TCP Syn Flood DoS - DX200 Synopsis : Denial of Service Affected Platforms: DX200 M13 MGW/HLR, S12 BSC Severity: High Risk Vendor: Nokia http://www.nokia.com/ Exploit Release Date: 01/21/2009 By: tambarus [email protected] !/usr/bin/perl eval "use Getopt::Long;";die "error...

alsaplayer-overflow.txt

I have released this exploit for the alsaplayer bug CVE-2007-5301. You can find all the needed files at http://www.wekk.net/research/CVE-2007-5301/ With my modified version of vorbiscomment, you can generate a ogg exploit like this: whats@debian:$ vorbiscomment.whats -w -t "TITLE=$perl -e 'print...

WSN Guest 1.21 - id SQL Injection

WSN Guest 1.21 - id SQL Injection WSN Guest 1.21 Version Comments.PHP "ID" SQL Injection Exploit WSN Guest 1.21 Version Comments.PHP "ID" SQL Injection Exploit SQL Injection Code Search Board ALL UniquE-KeyUniquE-Cracker [email protected] f...

Mercury32 Mail Server 4.01a (Pegasus) - IMAP Buffer Overflow

Mercury32 Mail Server 4.01a Pegasus - IMAP Buffer Overflow / Mercury imap4 server remote buffer overflow exploit author : c0d3r "kaveh razavi" [email protected] [email protected] package : Mercury mail transport system 4.01a and prolly prior workaround : upgrade to 4.01b version advisory : not...

Golden FTP Server Pro 2.52 - Remote Buffer Overflow (2)

Golden FTP Server Pro 2.52 - Remote Buffer Overflow 2 / Golden FTP Server Pro remote stack BOF exploit author : c0d3r "kaveh razavi" [email protected] [email protected] risk : highly critical vender status : no patch released , all targets are vuln package : golden-ftp-server-pro 2.5.0.0 and...

CrystalFTP Pro 2.8 - Remote Buffer Overflow

/ CrystalFTP Pro v2.8 Buffer Overflow Exploit 04/25/2005 despite the fact that nobody uses CrystalFTP i had to release a new version that replaces the first one. this overwrites the structured exception handler with a "pop edx pop eax ret" in kernel32.dll. this takes us to a pointer of the next...

Sentinel LM 7.x UDP License Service Remote Buffer Overflow Exploit

No description provided by source. / SentinelLM, UDP License Service Stack Overflow Homepage: safenet-inc.com Affected version: 7. Patched version: 8.0 Link: safenet-inc.com/products/sentinel/lm.asp Date: 09 March 2005 Advisory: securitytracker.com/alerts/2005/Mar/1013385.html Application Risk:...

"at" is vulnerable on Solaris 7 and 8

We found that "at" in Solaris is vulnerable on Solaris 7 and 8 The kind of bug is discussed on Bugtraqid:1634 -- Generally a program that needs to display a message to the user will obtain the proper language specific string from the database using the original message as the search key and...

Sybergen SyGate 2.03.11 - Denial of Service

Sybergen SyGate 2.03.11 - Denial of Service // source: https://www.securityfocus.com/bid/1420/info An exploit which causes a Denial of Service to Sybergen's Sygate when run from an internal machine has been released. The exploit sends a UDP packet to port 53 of the gateway. //Sygate Crash by:...

WuFTPD: Providing *remote* root since at least1994

/ - wuftpd2600.c VERY PRIVATE VERSION. DO NOT DISTRIBUTE. 15-10-1999 WUFTPD 2.6.0 REMOTE ROOT EXPLOIT by tf8 NOTE: For ethical reasons, only an exploit for 2.6.0 will be released 2.6.0 is the most popular version nowadays, and it should suffice to proof this vulnerability concept. Site exec was...

bypass.viruscheck.txt

Greetings All, I originally released this vulnerability over the Christmas holidays on NTBugTraq. I spoke with a member of the Security Focus staff about getting it onto the web site and was told that I should post the problem here. During our conversation we decided that I hadn't been clear in m...