LocalGPT 访问控制错误漏洞

LocalGPT is a localized private document-based intelligent question-and-answer and analysis platform developed by PromptEngineer. LocalGPT has a access control vulnerability, which stems from incorrect operations on the BaseHTTPRequestHandler parameter, resulting in a lack of authentication...

Advantech WebAccess SCADA 8.3.2 Remote Code Execution

Exploit Title: Advantech WebAccess SCADA 8.3.2 - Remote Code Execution Date: 2018-11-02 Exploit Author: Chris Lyne @lynerc Vendor Homepage: http://www.advantech.com Device: NRVMini2 Software Link: http://downloadt.advantech.com/download/downloadsr.aspx?FileId=1-1MDG1BH Version: 8.3.2 Tested on:...

Advantech WebAccess SCADA 8.3.2 - Remote Code Execution

Advantech WebAccess SCADA 8.3.2 - Remote Code Execution Exploit Title: Advantech WebAccess SCADA 8.3.2 - Remote Code Execution Date: 2018-11-02 Exploit Author: Chris Lyne @lynerc Vendor Homepage: http://www.advantech.com Device: NRVMini2 Software Link:...

Episerver 7 patch 4 - XML External Entity Injection

Episerver 7 patch 4 - XML External Entity Injection Exploit Title: Episerver 7 patch 4 - XML External Entity Injection Google Dork: N/A Date: 2018-08-28 Exploit Author: Jonas Lejon Vendor Homepage: https://www.episerver.se/ Version: Episerver 7 patch 4 and below CVE : N/A episploit.py - Blind XXE...

DblTek Multiple Vulnerabilities

Vulnerabilities summary The following advisory describes 2 two vulnerabilities found in DblTek webserver. DBL is “specialized in VoIP products, especially GoIPs. We design, develop, manufacture, and sell our products directly and via distributors to customers. Our GoIP models now cover 1, 4, 8, 1...

[RT-SA-2014-008] Python CGIHTTPServer File Disclosure and Potential Code Execution

Advisory: Python CGIHTTPServer File Disclosure and Potential Code Execution The CGIHTTPServer Python module does not properly handle URL-encoded path separators in URLs. This may enable attackers to disclose a CGI script's source code or execute arbitrary CGI scripts in the server's document root...

Mozilla Firefox 2.0.0.16 UTF-8 URL Remote Buffer Overflow Exploit

No description provided by source. !/usr/bin/python FireFox 2.0.0.16 Windows XP SP3 x86 Remote Exploit Author: Dominic Chell [email protected] Exploits the UTF-8 URL overflow vulnerability described in CVE-2008-0016. As of September 2009 there are no public exploits for this vulnerability...

Mozilla Firefox 2.0.0.16 - UTF-8 URL Remote Buffer Overflow

Mozilla Firefox 2.0.0.16 - UTF-8 URL Remote Buffer Overflow !/usr/bin/python FireFox 2.0.0.16 Windows XP SP3 x86 Remote Exploit Author: Dominic Chell Exploits the UTF-8 URL overflow vulnerability described in CVE-2008-0016. As of September 2009 there are no public exploits for this vulnerability...

Mozilla Firefox 3.5 (OSX) - Font Tags Remote Buffer Overflow

Mozilla Firefox 3.5 OSX - Font Tags Remote Buffer Overflow !/usr/bin/env python FireFox 3.5 Heap Spray OS X Exploit Modified by: DrIDE Originally Discovered by: Simon Berry-Bryne Pythonized by: David Kennedy ReL1K @ SecureState Thanks to HDM Tested on OS X 10.5.7 from BaseHTTPServer import...

Microsoft Office Web Components Spreadsheet - ActiveX 'OWC10/11' Remote Overflow

Author : Ahmed Obied [email protected] - Based on the code posted at http://www.milw0rm.com/exploits/9163 - Tested using: Internet Explorer 7.0.5730.13 on Windows XP SP3 with owc10.dll installed Internet Explorer 7.0.5730.13 on Windows XP SP3 with owc11.dll installed Usage : python ieowc.py...