CVE-2021-37200

A vulnerability has been identified in SINEC NMS All versions V1.0 SP1. An attacker with access to the webserver of an affected system could download arbitrary files from the underlying filesystem by sending a specially crafted HTTP request...

CVE-2021-37200

A vulnerability has been identified in SINEC NMS All versions V1.0 SP1. An attacker with access to the webserver of an affected system could download arbitrary files from the underlying filesystem by sending a specially crafted HTTP request...

Cross site request forgery (csrf)

A vulnerability has been identified in SINEC NMS All versions V1.0 SP1. An attacker with access to the webserver of an affected system could download arbitrary files from the underlying filesystem by sending a specially crafted HTTP request...

CVE-2021-37200

A vulnerability has been identified in SINEC NMS All versions V1.0 SP1. An attacker with access to the webserver of an affected system could download arbitrary files from the underlying filesystem by sending a specially crafted HTTP request...

OpenPLC WebServer Remote Code Execution (CVE-2021-31630)

A remote code execution vulnerability exists in OpenPLC WebServer. Successful exploitation of this vulnerability could allow an authenticated attacker to execute arbitrary code on the affected system...

Tor: Information Exposure Through Directory Listing

Vulnerability description The web server is configured to display the list of files contained in this directory. This is not recommended because the directory may contain files that are not normally exposed through links on the web site. Link as POC: https://www.torproject.org/static/...

CVE-2021-35395

Realtek Jungle SDK version v2.x up to v3.4.14B provides an HTTP web server exposing a management interface that can be used to configure the access point. Two versions of this management interface exists: one based on Go-Ahead named webs and another based on Boa named boa. Both of them are affect...

Buffer overflow

A buffer overflow in D-Link DIR-615 C2 3.03WW. The pingipaddr parameter in pingresponse.cgi POST request allows an attacker to crash the webserver and might even gain remote code execution...

CVE-2021-37388

A buffer overflow in D-Link DIR-615 C2 3.03WW. The pingipaddr parameter in pingresponse.cgi POST request allows an attacker to crash the webserver and might even gain remote code execution...

Debian: Security Advisory (DSA-4949-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2021-31630

Command Injection in Open PLC Webserver v3 allows remote attackers to execute arbitrary code via the "Hardware Layer Code Box" component on the "/hardware" page of the application...

Command injection

Command Injection in Open PLC Webserver v3 allows remote attackers to execute arbitrary code via the "Hardware Layer Code Box" component on the "/hardware" page of the application...

CVE-2021-31630

CVE-2021-31630 affects OpenPLC WebServer v3. It enables command injection via the Hardware Layer Code Box on the /hardware page, allowing remote code execution. Multiple connected sources (Red Hat advisory and various PoCs/exploits on GitHub) describe authenticated or near-authenticated workflows...

CVE-2021-31630

Command Injection in Open PLC Webserver v3 allows remote attackers to execute arbitrary code via the "Hardware Layer Code Box" component on the "/hardware" page of the application...

PT-2021-19453 · Unknown · Open Plc Webserver

Name of the Vulnerable Software and Affected Versions: Open PLC Webserver version 3 Description: Command Injection in Open PLC Webserver allows remote attackers to execute arbitrary code via the Hardware Layer Code Box component on the "/hardware" page of the application. Recommendations: As a...

XOS Shop 1.0.9 - (Multiple) Arbitrary File Deletion (Authenticated) Vulnerability

Exploit Title: XOS Shop 1.0.9 - 'Multiple' Arbitrary File Deletion Authenticated Exploit Author: faisalfs10x https://github.com/faisalfs10x Vendor Homepage: https://xos-shop.com Software Link: https://github.com/XOS-Shop/xosshopsystem/releases/tag/v1.0.9 Version: 1.0.9 Tested on: Windows 10, XAMP...

XOS Shop 1.0.9 - 'Multiple' Arbitrary File Deletion (Authenticated)

Exploit Title: XOS Shop 1.0.9 - 'Multiple' Arbitrary File Deletion Authenticated Date: 2021-07-25 Exploit Author: faisalfs10x https://github.com/faisalfs10x Vendor Homepage: https://xos-shop.com Software Link: https://github.com/XOS-Shop/xosshopsystem/releases/tag/v1.0.9 Version: 1.0.9 Tested on:...

AceIDE <= 2.6.2 - Authenticated (admin+) Arbitrary File Access

The plugin does not sanitise or validate the user input which is appended to system paths before using it in various actions, such as to read arbitrary files from the server. This allows high privilege users such as administrator to access any file on the web server outside of the blog directory...

CSZ CMS 1.2.9 - &#039;Multiple&#039; Arbitrary File Deletion

Exploit Title: CSZ CMS 1.2.9 - 'Multiple' Arbitrary File Deletion Date: 2021-07-20 Exploit Author: faisalfs10x https://github.com/faisalfs10x Vendor Homepage: https://www.cszcms.com Software Link: https://sourceforge.net/projects/cszcms/files/latest/download Version: 1.2.9 Tested on: Windows 10,...

Cross-site Scripting (XSS) - DOM in alovoa/alovoa

✍️ Description It is possible to run JavaScript code in the webpage by DOM unsanitized properties. The function onChangeLocal sets the value of window.location.search directly from the URL, without previous checks. 🕵️‍♂️ Proof of Concept // Vulnerable function in file fragments.html:139 function...