MikroTik RouterOS 6.40.5 - 6.44, 6.48.1 - 6.49.10 DoS Vulnerability

MikroTik RouterOS is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Wago 750-88X and 750-89X Cross-site Scripting (CVE-2018-16210)

WAGO 750-88X and WAGO 750-89X Ethernet Controller devices, versions 01.09.1813 and before, have XSS in the SNMP configuration via the webserv/cplcfg/snmp.ssi SNMPDESC or SNMPLOCSNMPCONT field. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for mor...

TEM Opera Plus FM Family Transmitter 35.45 Remote Code Execution

Summary This new line of Opera plus FM Transmitters combines very high efficiency, high reliability and low energy consumption in compact solutions. They have innovative functions and features that can eliminate the costs required by additional equipment: automatic exchange of audio sources,...

Exploit for Cross-site Scripting in Axigen Axigen_Mobile_Webmail

Exploit Title: Axigen if xhr1.readyState === XMLHttpRe...

EuroTel ETL3100 Transmitter Authorization Bypass (IDOR)

Summary RF Technology For Television Broadcasting Applications. The Series ETL3100 Radio Transmitter provides all the necessary features defined by the FM and DAB standards. Two bands are provided to easily complain with analog and digital DAB standard. The Series ETL3100 Television Transmitter...

Exploit for Cross-site Scripting in Ninjaforms Ninja_Forms

CVE-2023-37979 Exploit !Python Versionhttps://img.shields...

CVE-2023-2779

creationtimestamp| type| source ---|---|--- 2023-06-20 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/51534...

Anevia Flamingo XS 3.6.5 Authenticated Root Remote Code Execution

Summary Flamingo XL, a new modular and high-density IPTV head-end product for hospitality and corporate markets. Flamingo XL captures live TV and radio content from satellite, cable, digital terrestrial and analog sources before streaming it over IP networks to STBs, PCs or other IP-connected...

Exploit for Special Element Injection in Rocket.Chat

CVE-2021-22911 Pre-Auth Blind NoSQL Injection leading to Remot...

Faculty Evaluation System 1.0 Shell Upload

Exploit Title: Faculty Evaluation System 1.0 - Unauthenticated File Upload Date: 5/29/2023 Author: Alex Gan Vendor Homepage: https://www.sourcecodester.com/php/14635/faculty-evaluation-system-using-phpmysqli-source-code.html Software Link:...

Faculty Evaluation System 1.0 - Unauthenticated File Upload Exploit

Exploit Title: Faculty Evaluation System 1.0 - Unauthenticated File Upload Author: Alex Gan Vendor Homepage: https://www.sourcecodester.com/php/14635/faculty-evaluation-system-using-phpmysqli-source-code.html Software Link:...

File Thingie 2.5.7 Shell Upload

!/usr/bin/python Exploit Title: File Thingie 2.5.7 - Remote Code Execution RCE Google Dork: N/A Date: 27th of April, 2023 Exploit Author: Maurice Fielenbach grimlockx - Hexastrike Cybersecurity UG haftungsbeschränkt Software Link: https://github.com/leefish/filethingie Version: 2.5.7 Tested on: N...

GDidees CMS 3.9.1 Local File Disclosure / Directory Traversal

Exploit Title: GDidees CMS - 'imgdownload.php' Local File Disclosure Date : 03/27/2023 Exploit Author : Hadi Mene Vendor Homepage : https://www.gdidees.eu/ Software Link : https://www.gdidees.eu/cms-1-0.html Version : 3.9.1 and earlier Tested on : Debian 11 CVE : CVE-2023-27179 Summary: GDidees C...

Exploit for Incorrect Authorization in Cacti

Cacti v1.2.22 command injection CVE-2022-46169 vulnerable ap...

Sielco Analog FM Transmitter 2.12 Cross-Site Request Forgery

Summary Sielco designs and produces FM radio transmitters for professional broadcasting. The in-house laboratory develops standard and customised solutions to meet all needs. Whether digital or analogue, each product is studied to ensure reliability, resistance over time and a high standard of...

D-Link DIR-645 Rev. A Devices Multiple Vulnerabilities (Feb 2015)

D-Link DIR-645 Rev. A devices are prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

SugarCRM <= 9.0.0 XSS Vulnerability

SugarCRM is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:sugarcrm:sugarcrm"...

Exploit for Unrestricted Upload of File with Dangerous Type in Tecrail Responsive_Filemanager

ResponsiveFileManager-CVE-2022-46604 Responsive FileManager v...

SentinelOne sentinelagent 22.3.2.5 Privilege Escalation Vulnerability

SentinelOne sentinelagent version 22.3.2.5 on Linux suffers from a privilege escalation vulnerability due to not use a fully qualified path when calling grep. Exploit Title: SentinelOne sentinelagent linux root Privilege Escalation zero day vulnerability Exploit Author: ouchthishurts Vendor...

Exploit for Improper Authentication in Fortinet Fortiproxy

Fortinet-PoC-Auth-Bypass Bash Proof of Concept PoC for Forti...