CVE-2025-20194

A vulnerability in the web-based management interface of Cisco IOS XE Software could allow an authenticated, low-privileged, remote attacker to perform an injection attack against an affected device. This vulnerability is due to insufficient input validation. An attacker could exploit this...

CVE-2025-20194

A vulnerability in the web-based management interface of Cisco IOS XE Software could allow an authenticated, low-privileged, remote attacker to perform an injection attack against an affected device. This vulnerability is due to insufficient input validation. An attacker could exploit this...

CVE-2024-4475

The WP Logs Book WordPress plugin (versions <= 1.0.1) contains a CSRF vulnerability in the log-clearing action, allowing an authenticated attacker to trigger log clearing via CSRF requests. PoCs describe an HTML form-based trigger requiring admin interaction. Several sources corroborate the is...

WordPress plugin MailPress 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a set of blogging platforms developed using the PHP language. WordPress plugin is an application plugin. WordPress MailPress plugin 7.2.1 and earlier versions have a cross-site request forgery vulnerability...

KillShot - Information Gathering Tool

A Penetration Testing Framework, Information gathering tool & Website Vulnerability Scanner Why KillShot ? You Can use this tool to Spider your website and get important information and gather information automaticaly using whatweb-host-traceroute-dig-fierce-wafw00f or to Identify the cms and to...

Credential disclosure in LXCA log files - Lenovo Support US

No description provided...

Dahua DVR Auth Bypass Scanner

Scans for Dahua-based DVRs and then grabs settings. Optionally resets a user's password and clears the device logs This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule %qDahua DVR Auth Bypass Scanner...

Zoom X4/X5 ADSL Modem and Router -Unauthenticated Remote Root Command Execution

Vulnerable Products - Zoom X4 ADSL Modem and Router running Nucleus/4.3 UPnP/1.0Virata-EmWeb/R620 Server All GS Firmware versions Zoom X5 ADSL Modem and Router running Nucleus/4.3 UPnP/1.0Virata-EmWeb/R620 Server All GS Firmware versions Note: A similar vulnerability was reported several years ag...

Zoom X4 / X5 SQL Injection / Authentication Bypass Vulnerabilities

Zoom X4 and X5 modems suffers from authentication bypass and remote SQL injection vulnerabilities. Vulnerable Products - Zoom X4 ADSL Modem and Router running Nucleus/4.3 UPnP/1.0Virata-EmWeb/R620 Server All GS Firmware versions Zoom X5 ADSL Modem and Router running Nucleus/4.3...

eXtreme Message Board 1.9.11 Cross Site Request Forgery

Date: Thu 15 Jul 2010 12:08:07 PM EEST Vendor: http://www.xmbforum.com/ Download: http://www.xmbforum.com/download/XMB-1.9.11.09.zip --- -= CSRF PoC 1 - Change Admin Password =- -= Method 1 - editprofile.php =- eXtreme Message Board 1.9.11 Multiple CSRF Vulnerabilities - Change Admin Password -=...