Lucene search
K

11 matches found

Packet Storm
Packet Storm
added 2026/02/13 12:0 a.m.149 views

📄 Peyara Remote Mouse 1.0.1 Shell Upload / Code Execution

The Peyara Remote Mouse desktop control software exposes an unauthenticated file upload endpoint, along with an unauthenticated WebSocket control channel. An attacker can upload arbitrary files including .LNK shortcuts to the victim environment and trigger command execution via simulated...

6.1AI score
Exploits0
EUVD
EUVD
added 2025/10/03 8:7 p.m.19 views

EUVD-2025-28860

Malicious code in bioql PyPI...

7.8CVSS6.9AI score0.63102EPSS
Exploits3References1
Metasploit
Metasploit
added 2025/10/01 6:56 p.m.635 views

SpecialFolderDatablock - Windows LNK File Special UNC Path NTLM Leak

This module creates a malicious Windows shortcut LNK file that specifies a special UNC path in SpecialFolderDatablock of Shell Link .LNK that can trigger an authentication attempt to a remote server. This can be used to harvest NTLM authentication credentials. When a victim browse to the location...

5.9AI score
Exploits0
CVE
CVE
added 2025/08/26 4:25 p.m.201 views

CVE-2025-9491

CVE-2025-9491 is a Microsoft Windows LNK file UI misrepresentation vulnerability. The flaw lies in how Windows handles .LNK/shortcuts, where crafted whitespace padding can hide malicious command-line arguments from the target user’s view, enabling arbitrary code execution in the context of the cu...

7.8CVSS7.2AI score0.63102EPSS
In wildExploits3References3Affected Software1
RedhatCVE
RedhatCVE
added 2025/05/22 10:9 a.m.9 views

CVE-2019-19731

Roxy Fileman 1.4.5 for .NET is vulnerable to path traversal. A remote attacker can write uploaded files to arbitrary locations via the RENAMEFILE action. This can be leveraged for code execution by uploading a specially crafted Windows shortcut file and writing the file to the Startup folder...

7.5CVSS7.7AI score0.11617EPSS
Exploits5References1
BDU FSTEC
BDU FSTEC
added 2025/03/19 12:0 a.m.4 views

The vulnerability of the .LNK-file processing mechanism in Windows operating systems allows a hacker to secretly execute arbitrary operating system commands.

The vulnerability of the .LNK file processing mechanism in Windows operating systems is related to information representation errors in the user interface. Exploiting this vulnerability allows an attacker to secretly execute arbitrary commands on the operating system by sending a specially crafte...

7CVSS5.8AI score
Exploits0References2
Prion
Prion
added 2019/12/16 5:15 p.m.14 views

Path traversal

Roxy Fileman 1.4.5 for .NET is vulnerable to path traversal. A remote attacker can write uploaded files to arbitrary locations via the RENAMEFILE action. This can be leveraged for code execution by uploading a specially crafted Windows shortcut file and writing the file to the Startup folder...

5CVSS7.9AI score0.11617EPSS
Exploits5References2Affected Software1
Cvelist
Cvelist
added 2019/12/16 4:26 p.m.25 views

CVE-2019-19731

Roxy Fileman 1.4.5 for .NET is vulnerable to path traversal. A remote attacker can write uploaded files to arbitrary locations via the RENAMEFILE action. This can be leveraged for code execution by uploading a specially crafted Windows shortcut file and writing the file to the Startup folder...

7.8AI score0.11617EPSS
Exploits5References2
CVE
CVE
added 2019/12/16 4:26 p.m.62 views

CVE-2019-19731

CVE-2019-19731 affects Roxy Fileman 1.4.5 for .NET. The vulnerability is a path traversal flaw that allows a remote attacker to write uploaded files to arbitrary locations via the RENAMEFILE action. Documents describe that this can enable code execution by uploading a crafted Windows shortcut fil...

7.5CVSS7.8AI score0.11617EPSS
Exploits5References2Affected Software1
Exploit DB
Exploit DB
added 2019/12/16 12:0 a.m.125 views

Roxy Fileman 1.4.5 - Directory Traversal

Exploit Title: Roxy Fileman 1.4.5 - Directory Traversal Author: Patrik Lantz Date: 2019-12-06 Software: Roxy Fileman Version: 1.4.5 Vendor Homepage: http://www.roxyfileman.com/ Software Link: http://www.roxyfileman.com/download.php?f=1.4.5-net CVE: CVE-2019-19731 Tested on: ASP.NET 4.0.30319 and...

7.5CVSS7.8AI score0.11617EPSS
Exploits5
exploitpack
exploitpack
added 2019/12/16 12:0 a.m.87 views

Roxy Fileman 1.4.5 - Directory Traversal

Roxy Fileman 1.4.5 - Directory Traversal Exploit Title: Roxy Fileman 1.4.5 - Directory Traversal Author: Patrik Lantz Date: 2019-12-06 Software: Roxy Fileman Version: 1.4.5 Vendor Homepage: http://www.roxyfileman.com/ Software Link: http://www.roxyfileman.com/download.php?f=1.4.5-net CVE:...

5CVSS0.6AI score0.11617EPSS
Exploits5
Rows per page
Query Builder