8 matches found
Metasploit Weekly Wrap-Up 08/28/2025
New module content 2 Pretalx Arbitrary File Read/Limited File Write Authors: Stefan Schiller and msutovsky-r7 Type: Auxiliary and Exploit Pull request: 20480 contributed by msutovsky-r7 Path: auxiliary/scanner/http/pretalxfilereadcve202328459 and exploit/linux/http/pretalxrcecve202328458 Attacker...
ROS-20230419-03
The X.Org Server vulnerability is related to a post-release exploit bug where, when handling the deletion of a of a window, Xserver leaves a dangling pointer to that window in the CompScreen structure. Exploitation of the vulnerability could allow an attacker to cause a post-release usage error a...
Attacker can steal entire reserves by abusing fee calculation
Lines of code Vulnerability details Description Similar to other LP pools, In Trader Joe users can call mint to provide liquidity and receive LP tokens, and burn to return their LP tokens in exchange for underlying assets. Users collect fees using collectFessaccount,binID. Fees are implemented...
CVE-2012-0943
debian/guest-account in Light Display Manager lightdm 1.0.x before 1.0.6 and 1.1.x before 1.1.7, as used in Ubuntu Linux 11.10, allows local users to delete arbitrary files via a space in the name of a file in /tmp. NOTE: this identifier was SPLIT per ADT1/ADT2 due to different codebases and...
OTSTurntables 1.00.027 .ofl Stack Overflow
OTSTurntables 1.00.027 .ofl Local Stack Overflow Exploit Discovered & exploited bY suN8Hclf [email protected], blacksideofthesun.linuxsecured.net Tested on: Windows XP SP2 Polish Full patched Only 274 bytes for shellcode. Wanna more, exploit SEH !!! Thanks to Myo and to everyone who knows wh...
Drcat 0.5.0-beta (drcatd) Remote Root Exploit
No description provided by source. / Proof of Concept DRCATD Remote exploit by Taif Test: root@localhost drcat ./drcat -d 127.0.0.1 -u taif -p test Public code by Taif drcat-0.5.0-beta 'remote r00t' proof Bug found by Khan Shirani host: +-+-+-+-+-+-+-+ 127.0.0.1 |C|L|U|P|C|S|R| user:...
RHEL 3 : cups (RHSA-2004:449)
Updated cups packages that fix a denial of service vulnerability are now available. The Common UNIX Printing System CUPS is a print spooler. Alvaro Martinez Echevarria reported a bug in the CUPS Internet Printing Protocol IPP implementation in versions of CUPS prior to 1.1.21. An attacker could...
cpanelInject.txt
Major Bug found 6/7/04 Discovered by Verb0s Reseller accounts with cpanel, in the password modification page, can insert a basic injection ex:http://domain:2086/scripts/passwd?password=&domain=&user= The code will modify all the mysql database passwords, in which the reseller shouldnb't have...