CVE-2025-61524

CVE-2025-61524 affects Casdoor before 2.63.0, where a flaw in the permission verification module and the organization/application editing interface allows remote authenticated administrators of any organization to bypass permission checks by directly concatenating URLs after login. Technical deta...

SQL Injection in AssetController

Impact SQL injections in AssetController due to unsanitized concatenating strings in where clause. The attacker can dump database, alter data or perform dos on the backend database. Patches Update to version 10.5.21 or apply this patch manually...

CVE-2022-45429

Some Dahua software products have a vulnerability of server-side request forgery SSRF. An Attacker can access internal resources by concatenating links URL that conform to specific rules...

PHP 7.1.x < 7.1.5 Multiple Vulnerabilities

According to its banner, the version of PHP running on the remote web server is 7.1.x prior to 7.1.5. It is, therefore, affected by the following vulnerabilities : - A memory allocation issue exists in the zendstringextend function in file Zend/zendstring.h when concatenating strings due to a...

ActiveState Perl.exe x64 Client 5.20.2 - Crash PoC

Exploit for windows platform in category dos / poc Exploit Title: ActiveState Perl.exe x64 Client Denial of Service v5.20.2 Date: 9-3-2015 Software Link:...

ActiveState Perl.exe x64 Client 5.20.2 - Crash (PoC)

ActiveState Perl.exe x64 Client 5.20.2 - Crash PoC Exploit Title: ActiveState Perl.exe x64 Client Denial of Service v5.20.2 Date: 9-3-2015 Software Link:...

Design/Logic Flaw

PGP Desktop 10.0.x before 10.0.3 SP2 and 10.1.0 before 10.1.0 SP1 does not properly implement the "Decrypt/Verify File via Right-Click" functionality for multi-packet OpenPGP messages that represent multi-message input, which allows remote attackers to spoof signed data by concatenating an...

Ingres SQL Injection

Ingres SQL-Injection Небольшая заметка по Ingres, информации по этой СУБД крайне мало, поэтому решил поставить себе на локалхост и потренироваться. Далее мои впечатления и изыскания, форма представления материала скорее повествовательная, не привык писать строгие мануалы. Многие вещи основаны...

mercurypown-v1.pl.txt

!/usr/bin/perl mercurypown-v1.pl Mercury/32 Connected\n"; $buf = "1 LOGIN"." "x$LEN-$BUFLEN."\255\n"; sendSOCKET, $buf, 0; sleep$senddelay; print"- Sending payload\n"; $buf = $NOP x 255; sendSOCKET, $buf, 0; sleep$senddelay; print"- Sending payload 2\n"; $buf = $NOP x $BUFLEN; sendSOCKET, $buf, 0...

Mercury32 Mail Server 4.01b - check Buffer Overflow (PoC)

Mercury32 Mail Server 4.01b - check Buffer Overflow PoC !/usr/bin/perl mercurypown-v1.pl Mercury/32 Connected\n"; $buf = "1 LOGIN"." "x$LEN-$BUFLEN."\255\n"; sendSOCKET, $buf, 0; sleep$senddelay; print"- Sending payload\n"; $buf = $NOP x 255; sendSOCKET, $buf, 0; sleep$senddelay; print"- Sending...