PT-2026-23609

Name of the Vulnerable Software and Affected Versions mcp-memory-service versions prior to 10.21.0 Description The /api/health/detailed endpoint in mcp-memory-service exposes sensitive system information, including OS version, Python version, CPU count, memory details, disk usage, and the full...

SAP NetWeaver ICM Info Sensitive Information Disclosure

SAP NetWeaver Internet Communication Manager ICM includes an information page that can disclose sensitive information about the SAP platform, such as operating system version, SAP version, IP address, and other details. If this page is accessible without proper authentication, it can expose...

CVE-2025-29525

The CVE-2025-29525 entry concerns the DASAN GPON ONU H660WM family (H660WMR210825, hardware DS-E5-583-A1) with insecure default credentials in the modem’s control panel. The root issue is default credentials that can be exploited for unauthorized access over the network (supported by CVSS vector:...

Enel X Waybox 安全漏洞

The Enel X Waybox is a home charging station from Enel X, Inc. A security vulnerability exists in version 3.0 of the Enel X Waybox, which stems from a request directed to the web management application to obtain information such as the Waybox OS version or service configuration details...

CVE-2023-22804

LS ELECTRIC XBC-DN32U with operating system version 01.80 is missing authentication to create users on the PLC. This could allow an attacker to create and use an account with elevated privileges and take control of the device...

CVE-2022-36302

File path manipulation vulnerability in BF-OS version 3.00 up to and including 3.83 allows an attacker to modify the file path to access different resources, which may contain sensitive information...

Popular iOS SDK Accused of Spying on Billions of Users and Committing Ad Fraud

A popular iOS software development kit SDK used by over 1,200 apps—with a total of more than a billion mobile users—is said to contain malicious code with the goal of perpetrating mobile ad-click fraud and capturing sensitive information. According to a report published by cybersecurity firm Snyk...

Node.js third-party modules: [plain-object-merge] Prototype pollution

I would like to report a prototype pollution vulnerability in plain-object-merge module. It allows an attacker to inject properties on Object.prototype. Module module name: plain-object-merge version: 1.0.1 npm page: https://www.npmjs.com/package/plain-object-merge Module Description Extremely fa...

Node.js third-party modules: [blamer] RCE via insecure command formatting

I would like to report a RCE issue in the blamer module. It allows to execute arbitrary commands remotely inside the victim's PC Module module name: blamer version: 0.1.13 npm page: https://www.npmjs.com/package/blamer Module Description Blamer is a tool for get information about author of code...

PT-2019-11104 · Apc · Apc Ups Network Management Card 2

Name of the Vulnerable Software and Affected Versions: APC UPS Network Management Card 2 AOS version 6.5.6 Description: A Credentials Management issue exists, which could cause Remote Monitoring Credentials to be viewed in plaintext when Remote Monitoring is enabled and then disabled...

Node.js third-party modules: [expressjs-ip-control] Whitelist IP bypass leads to authorization bypass and sensitive info disclosure

I would like to report a unauthenticated access/authorization bypass issue in the expressjs-ip-control module. It allows to bypass the whitelist IP check in order to bypass the authorization check and possibly expose sensitive datas. Module module name: MODULE NAME version: MODULE VERSION npm pag...

Node.js third-party modules: [md-fileserver] Path Traversal

I would like to report path traversal in md-fileserver modulee It allows an attacker to read system files via path traversal through commandline Module module name: md-fileserver version: 1.3.2 npm page: https://www.npmjs.com/package/md-fileserver Module Description Starts a local server to rende...

Input validation

DISPUTED In Malwarebytes Premium 3.3.1.2183, the driver file FARFLT.SYS allows local users to cause a denial of service BSOD or possibly have unspecified other impact because of not validating input values from IOCtl 0x9c40e010. NOTE: the vendor reported that they "have not been able to reproduce...

Th3 MMA mma.php Backdoor Arbitrary File Upload Exploit

Exploit for php platform in category remote exploits This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' require 'nokogiri' class Metasploit3 'Th3 MMA mma.php Backdoor Arbitrary File Upload', 'Descriptio...

Th3 MMA mma.php Backdoor Arbitrary File Upload

This module exploits Th3 MMA mma.php Backdoor which allows an arbitrary file upload that leads to arbitrary code execution. This backdoor also echoes the Linux kernel version or operating system version because of the phpuname function. This module requires Metasploit:...

SAP ICF /sap/public/info Service Sensitive Information Gathering

This module uses the /sap/public/info service within SAP Internet Communication Framework ICF to obtain the operating system version, SAP version, IP address and other information. This module requires Metasploit: https://metasploit.com/download Current source:...

SAP /sap/bc/soap/rfc SOAP Service RFC_SYSTEM_INFO Function Sensitive Information Gathering

This module makes use of the RFCSYSTEMINFO Function to obtain the operating system version, SAP version, IP address and other information through the use of the /sap/bc/soap/rfc SOAP service. This module requires Metasploit: https://metasploit.com/download Current source:...

NTP Clock Variables Disclosure

This module reads the system internal NTP variables. These variables contain potentially sensitive information, such as the NTP software version, operating system version, peers, and more. This module requires Metasploit: https://metasploit.com/download Current source:...

SAP BusinessObjects 'HappyAxis2.jsp' Information Disclosure

The SAP BusinessObjects installation on the remote web server is leaking information via '/BusinessProcessBI/axis2-web/HappyAxis.jsp'. This page contains debugging information such as local file paths, operating system version, and Java version. A remote attacker could use this information to mou...

ms07-009-sploit.txt

//------------------Replace with your code-----------------------// var Shellcode =...