EUVD-2018-6793

Malware in sbrugna...

EUVD-2017-15631

Malware in sbrugna...

EUVD-2024-1703

Malicious code in bioql PyPI...

CrushFTP 10.x < 10.8.5 / 11.x < 11.3.4_23 Privilege Escalation (CVE-2025-54309)

The CrushFTP application installed on the remote host is missing a vendor-supplied patch. It is, therefore, affected by a vulnerability. CrushFTP 10 before 10.8.5 and 11 before 11.3.423, when the DMZ proxy feature is not used, mishandles AS2 validation and consequently allows remote attackers to...

CVE-2019-17510

D-Link DIR-846 devices with firmware 100A35 allow remote attackers to execute arbitrary OS commands as root by leveraging admin access and sending a /HNAP1/ request for SetWizardConfig with shell metacharacters to /squashfs-root/www/HNAP1/control/SetWizardConfig.php...

WordPress plugin Alemha watermarker security vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plug-in. A security vulnerability...

phpBB 2.0.12 - Session Handling Authentication Bypass

phpBB 2.0.12 - Session Handling Authentication Bypass phpBB 2.0.12 Session Handling Authentication Bypass .. easy to use exploit .. YOU DON'T HAVE TO REGISTER AT THE VICTIM'S FORUM.. 1- Simply VISIT the forum using Mozilla Firefox.. and be sure that the cookie is made : 3- Close the Browser .. 2-...

Vuln. in all sites using PHP-Nuke, versions less than 3

Greetings, PHP-Nuke is a Web Portal System, storytelling software also an automated web site to distribute news and articles with users system. Exploit: ------- The problem is when somebody does a http://example.com/admin.php3?admin=whatever, can have full access as an admin, that means posting...