CVE-2025-2960

A vulnerability classified as problematic has been found in TRENDnet TEW-637AP and TEW-638APB 1.2.7/1.3.0.106. This affects the function sub41DED0 of the file /bin/goahead of the component HTTP Request Handler. The manipulation leads to null pointer dereference. Access to the local network is...

IPFire 2.25 Core Update 156 and Prior pakfire.cgi Authenticated RCE

This module exploits an authenticated command injection vulnerability in the /cgi-bin/pakfire.cgi web page of IPFire devices running versions 2.25 Core Update 156 and prior to execute arbitrary code as the root user. Module Options msf use exploit/linux/http/ipfirepakfireexec msf...

WinMPG iPod Convert 3.0 - 'Register' Denial of Service

Exploit Title: WinMPG iPod Convert 3.0 - 'Register' Denial of Service Date: 2019-07-16 Vendor Homepage:http://www.winmpg.com Software Link: https://www.techspot.com/downloads/downloadnow/6192/?evp=d62142990e9320a4e811b283fdcc4060&file= Exploit Author: stresser Tested Version: 3.0 Tested on: Windo...

VUPlayer 2.49 - '.m3u' Buffer Overflow (Win 7 DEP Bypass)

Exploit for windows platform in category local exploits !/usr/bin/env python Exploit Title: VUPlayer =2.49 .M3u Buffer overflow exploit with DEP bypass Date: 26-06-2016 Exploit Author: secfigo Vendor Homepage: http://vuplayer.com/ Software Link:...

Elxis CMS 2009.2 Electra Rev2631 Cross Site Scripting / SQL Injection

==================================== Vulnerability ID: HTB22613 Reference: http://www.htbridge.ch/advisory/sqlinjectionvulnerabilityinelxiscms.html Product: Elxis CMS Vendor: Elxis Team http://www.elxis.org/ Vulnerable Version: 2009.2 electra rev2631 and probably prior versions Vendor Notificatio...