131 matches found
CVE-2024-6374 lahirudanushka School Management System Subject Page subject.php cross site scripting
A vulnerability was found in lahirudanushka School Management System 1.0.0/1.0.1 and classified as problematic. This issue affects some unknown processing of the file /subject.php of the component Subject Page. The manipulation of the argument Subject Title/Sybillus Details leads to cross site...
XSS_vuln_issue
It is an offensive tool for web application security testing. Th...
CVE-2023-2059 DedeCMS select_templets.php path traversal
A vulnerability was found in DedeCMS 5.7.87. It has been rated as problematic. Affected by this issue is some unknown functionality of the file uploads/include/dialog/selecttemplets.php. The manipulation leads to path traversal: '..\filedir'. The attack may be launched remotely. The exploit has...
CVE-2022-45299
An issue in the IpFile argument of rust-lang webbrowser-rs v0.8.2 allows attackers to access arbitrary files via supplying a crafted URL...
10-Strike Network Inventory Explorer Pro 9.31 Buffer Overflow
Exploit Title: 10-Strike Network Inventory Explorer Pro 9.31 - Buffer Overflow SEH Date: 2021-10-31 Exploit Author: ro0k Vendor Homepage: https://www.10-strike.com/ Software Link: https://www.10-strike.com/networkinventoryexplorer/network-inventory-pro-setup.exe Version: 9.31 Tested on: Windows 1...
CVE-2020-21601
libde265 v1.0.4 contains a stack buffer overflow in the putqpelfallback function, which can be exploited via a crafted a file...
Exploit for Off-by-one Error in Sudo_Project Sudo
This repository contains exploits for the CVE-2021-3156 vulnerability, which affects the Linux kernel. The vulnerability allows an attacker to gain root privileges by exploiting a flaw in the way the kernel handles the "setuid" system call. The repository contains two exploit files: "exploit.c" a...
BlogEngine.NET 3.3.6 / 3.3.7 dirPath Directory Traversal / Remote Code Execution
Exploit Title: Directory Traversal + RCE on BlogEngine.NET Date: 17 Jun 2019 Exploit Author: Aaron Bishop Vendor Homepage: https://blogengine.io/ Version: v3.3.7 Tested on: 3.3.7, 3.3.6 CVE : 2019-10719 1. Description ============== BlogEngine.NET is vulnerable to an Directory Traversal on...
AnyBurn 4.3 Local Buffer Overflow
!/usr/bin/env python Exploit Title: AnyBurn 4.3 - Local Buffer Overflow SEH Unicode Date: 20-12-2018 Exploit Author: Matteo Malvica Vendor Homepage: http://www.anyburn.com/ Software Link : http://www.anyburn.com/anyburnsetup.exe Tested Version: 4.3 32-bit Tested on: Windows 7 x64 SP1 Credits:...
CuteFTP 5.0 - Buffer Overflow Exploit
Exploit for windows platform in category local exploits Exploit Title: CuteFTP 5.0 - Buffer Overflow Author: Matteo Malvica Vendor homepage: www.globalscape.com Software: CuteFTP 5.0.4 XP - build 54.8.6.1 Software Link: http://installer.globalscape.com/pub/cuteftp/archive/english/cuteftp50.exe...
WebKit not_number defineProperties Use-After-Free Exploit
Exploit for multiple platform in category dos / poc This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'WebKit notnumber defineProperties UAF', 'Description' = %q This module exploits a UAF...
Airbnb Clone Script - Arbitrary File Upload Vulnerability
Exploit for php platform in category web applications Vulnerability:Profile Arbitrary Shell Upload Google Dork: Airbnb Clone Script Date:11.01.2017 Vendor Homepage: http://www.tibsolutions.com/airbnb-clone/ Script Name: Airbnb Clone Script Script Buy Now:...
Google Chrome (Fedora 25 / Ubuntu 16.04) - 'tracker-extract' / 'gnome-video-thumbnailer' + 'totem' Drive-By Download
Source: https://scarybeastsecurity.blogspot.com/2016/12/redux-compromising-linux-using-snes.html Overview Full reliable 0day drive-by exploit against Fedora 25 + Google Chrome, by breaking out of Super Nintendo Entertainment System emulation via cascading side effects from a subtle and interestin...
The “elegance”of Linux vulnerabilities: rare ways to bypass the ASLR and DEP protection mechanisms-vulnerability warning-the black bar safety net
! The recent foreign researchers published a exp code in the finished patch to the Fedora and other Linux system on the drive-by attacks, in order to install keyloggers, backdoors and other malicious software. This exp is for the GStreamer framework in a memory-corruption vulnerability that...
WordPress Shopping Cart 3.0.4 --任意文件上传
受影响版本: WordPress Shopping Cart 3.0.4 日期: 29-10-2014 软件链接: https://wordpress.org/plugins/wp-easycart/ CVE: CVE-2014-9308 类别: 应用程序漏洞详情:任何注册用户都可以上传任何文件。上传点: wp-easycart\inc\amfphp\administration\banneruploaderscript.php$date = $POST'datemd5';$usersqlquery = sprintf"SELECT ecuser., ecrole.adminaccess...
Kenward-Zipper-1.4
Exploit Title : Kenward zipper v1.4 0day Stack Buffer Overflow PoC exploit Date : 23/3/2010 Bug found by : corelanc0d3r http://www.corelan.be:8800/ Author : mrme http://net-ninja.net/ Software Link : http://www.trans4mind.com/personaldevelopment/zipper/ Version : 1.4 ldfheader =...
GSM-SIM-Utility-5.15
Exploit Title : GSM SIM Utility sms file Local SEH BoF Date : June 28, 2010 Author : chap0 www.seek-truth.net Download Link : http://download.cnet.com/GSM-SIM-Utility/3000-185084-10396246.html?tag=mncol Version : 5.15 import time sc ="d9eb9bd97424f431d2b27a31c964" "8b71308b760c8b761c8b46088b7e"...
Triologic-Media-Player-8-(.m3u)
Exploit Title: Triologic Media Player 8 .m3u Local Universal Unicode Buffer Overflow SEH Date: August 17, 2010 Software Link: http://download.cnet.com/Triologic-Media-Player/3000-21394-10691520.html buffer = "\x41" 536 buffer buffer += "\x61\x41" popad + nop/align buffer += "\xF2\x41" pop,pop,ret...
Free-CD-to-MP3-Converter-3.1
Exploit Title: Free CD to MP3 Converter 3.1 Buffer Overflow Exploit SEH Date: 10/18/10 Credit/Bug found by: C4SS!0 G0M3S Software Link: http://www.eusing.com/Download/cdtomp3freeware.exe filename = 'crash.wav' windows/exec - 144 bytes http://www.metasploit.com Encoder: x86/shikataganai...
Nokia-Multimedia-Player-1.0
Exploit Title: Nokia Multimedia player SEH Unicode Date: January 11 2011 Author: Carlos Mario Penagos Hollmann Software Link: http://www.brothersoft.com/nokia-multimedia-player-download-46238.html Version: 1.00.55.5010 junk="\x44" 2660 shellcode =...