Exploit for CVE-2022-21907

CVE-2022-21907 Vulnerability in HTTP Protocol Stack Enabling R...

Download to arbitrary folder can lead to RCE

Summary A web UI user can store files anywhere on the pyLoad server and gain command execution by abusing scripts. Details When a user creates a new package, a subdirectory is created within the /downloads folder to store files. This new directory name is derived from the package name, except a...

Acronis: IDOR in backup recovery functionality

The vulnerability allowed an authenticated attacker to recover a backup belonging to another user by using the user's machine UUID, backup ID, and other parameters to configure and run a recovery plan...

10-Strike Network Inventory Explorer Pro 9.31 - Buffer Overflow (SEH) Exploit

Exploit Title: 10-Strike Network Inventory Explorer Pro 9.31 - Buffer Overflow SEH Exploit Author: ro0k Vendor Homepage: https://www.10-strike.com/ Software Link: https://www.10-strike.com/networkinventoryexplorer/network-inventory-pro-setup.exe Version: 9.31 Tested on: Windows 10 x64 Education...

CVE-2021-28581

Adobe Creative Cloud Desktop 3.5 and earlier is affected by an uncontrolled search path vulnerability that could result in elevation of privileges. Exploitation of this issue requires user interaction in that a victim must log on to the attacker's local machine...

Exploit for Code Injection in Playsms

CVE-playsms There is a vulnerability in playsms 1.4.3 that a...