CVE-2019-13128

An issue was discovered on D-Link DIR-823G devices with firmware 1.02B03. There is a command injection in HNAP1 exploitable with Authentication via shell metacharacters in the IPAddress or Gateway field to SetStaticRouteSettings...

CVE-2019-13482

An issue was discovered on D-Link DIR-818LW devices with firmware 2.06betab01. There is a command injection in HNAP1 exploitable with Authentication via shell metacharacters in the Type field to SetWanSettings...

CVE-2006-6973

Headstart Solutions DeskPRO does not require authentication for certain files and directories associated with administrative activities, which allows remote attackers to 1 reinstall the application via a direct request for install/index.php; 2 delete the database via a do=deletedatabase QUERYSTRI...

PT-2025-19984 · Zitadel · Zitadel

Name of the Vulnerable Software and Affected Versions: ZITADEL versions prior to 3.0.0 ZITADEL versions prior to 2.71.9 ZITADEL versions prior to 2.70.10 Description: The issue concerns the Session API in ZITADEL, which allows developers to manage user sessions and use IdPs for authentication...

Exploit for Missing Authentication for Critical Function in Erlang Erlang\/Otp

CVE-2025-32433Erlang-OTP This script is a custom security too...

Exploit for Missing Authentication for Critical Function in Erlang Erlang\/Otp

CVE-2025-32433Erlang-OTP This script is a custom security too...

Commvault Command Center Innovation Release 11.38 Remote Code Execution

Commvault Command Center Innovation Release version 11.38 proof of concept pre-authentication remote code execution exploit...

CVE-2025-3616 Greenshift 11.4 - 11.4.5 - Authenticated (Subscriber+) Arbitrary File Upload

The Greenshift – animation and page builder blocks plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the gspbmakeproxyapirequest function in versions 11.4 to 11.4.5. This makes it possible for authenticated attackers, with Subscriber-level access...

CVE-2025-28032

The CVE-2025-28032 issue affects TOTOLINK router models A800R, A810R, A830R, A950RG, A3000RU, and A3100R, with a pre-auth buffer overflow in the setNoticeCfg function via the IpForm parameter. Root cause: buffer overflow in pre-auth code path. Impact is described as a vulnerability in the provide...

📄 NagVis 1.9.33 Arbitrary File Read

NagVis version 1.9.33 suffers from an arbitrary file read vulnerability. Exploit Title: NagVis 1.9.33 - Arbitrary File Read Date: 03/12/2024 Exploit Author: David Rodríguez a.k.a. xerosec Vendor Homepage: https://www.nagvis.org/ Software Link: https://www.nagvis.org/downloads/archive Version:...

PT-2025-14011 · Microsoft · Sharepoint Server +1

Name of the Vulnerable Software and Affected Versions: Microsoft Azure Health Bot affected versions not specified Microsoft SharePoint Server affected versions not specified Description: The issue is related to a Server-Side Request Forgery SSRF vulnerability. An authenticated attacker can exploi...

CVE-2025-20231 Sensitive Information Disclosure in Splunk Secure Gateway App

In Splunk Enterprise versions below 9.4.1, 9.3.3, 9.2.5, and 9.1.8, and versions below 3.8.38 and 3.7.23 of the Splunk Secure Gateway app on Splunk Cloud Platform, a low-privileged user that does not hold the “admin“ or “power“ Splunk roles could run a search using the permissions of a...

PT-2025-12480 · WordPress · Export/Import Users/Customers

Name of the Vulnerable Software and Affected Versions: The Export and Import Users and Customers plugin for WordPress versions up to, and including, 2.6.2 Description: The issue allows authenticated attackers with Administrator-level access and above to read the contents of arbitrary log files on...

CVE-2025-24974 DataEase Mysql JDBC Connection Parameters Not Being Verified Leads to Arbitrary File Read Vulnerability

DataEase is an open source business intelligence and data visualization tool. Prior to version 2.10.6, authenticated users can read and deserialize arbitrary files through the background JDBC connection. The vulnerability has been fixed in v2.10.6. No known workarounds are available...

CVE-2024-6756

The Social Auto Poster plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'wpwautopostergetimagepath' function in all versions up to, and including, 5.3.14. This makes it possible for authenticated attackers, with Contributor-level and above...

CVE-2024-40892

A weak credential vulnerability exists in Firewalla Box Software versions before 1.979. This vulnerability allows a physically close attacker to use the license UUID for authentication and provision SSH credentials over the Bluetooth Low-Energy BTLE interface. Once an attacker gains access to the...

Exploit for Server-Side Request Forgery in Havocframework Havoc

Havoc-C2-SSRF-to-RCE This is a modified version of the CVE-202...

CVE-2024-11420 Blocksy <= 2.0.77 - Authenticated (Contributor+) Stored Cross-Site Scripting

The Blocksy theme for WordPress is vulnerable to Stored Cross-Site Scripting via the Contact Info Block link parameter in all versions up to, and including, 2.0.77 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-leve...

Simple School Managment System Security Bypass Vulnerability

Simple School Managment System is Code-projects open source a simple school management system . Simple School Managment System has a security bypass vulnerability that can be exploited by attackers to bypass authentication...

Apache Ozone Authorization Problem Vulnerability (CNVD-2024-27493)

Apache Ozone is a software application. A scalable, redundant and distributed object store for Hadoop and cloud-native environments. An authorization issue vulnerability exists in Apache Ozone versions 1.2.0 through 1.3.0, which stems from the presence of an incorrect authentication vulnerability...