EUVD-2025-37999

Missing Authorization vulnerability in Gaurav Aggarwal Backup and Move backup-and-move allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Backup and Move: from n/a through = 0.1...

PT-2025-45222

Missing Authorization vulnerability in Gaurav Aggarwal Backup and Move backup-and-move allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Backup and Move: from n/a through = 0.1...

GHSA-MQF3-QPC3-G26Q Silverstripe Framework has a Reflected Cross Site Scripting (XSS) in error message

!IMPORTANT This vulnerability only affects sites which are in the "dev" environment mode. If your production website is in "dev" mode, it has been misconfigured, and you should immediately swap it to "live" mode. See https://docs.silverstripe.org/en/developerguides/debugging/environmenttypes/ for...

Apache Commons Text 1.9 Remote Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Apache Commons Text RCE', 'Description' = %q This exploit takes advantage of the StringSubstitutor interpolator class, which is included in the...

in-passport.tecno.com Cross Site Scripting vulnerability OBB-3121078

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

Exploit for Path Traversal in Apache Http_Server

CVE-2021-41773 Apache / 2.4.49 CVE-2021-41773 exploit by G...

MAL-2022-7301 Malicious code in xss-test-gaurav (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 7d4856cf0b438d50d75a5861d08893b7b28643488276db12e9ba3e2d0bb6b1ed Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in xss-test-gaurav (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 7d4856cf0b438d50d75a5861d08893b7b28643488276db12e9ba3e2d0bb6b1ed Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Exploit for Path Traversal in Apache Http_Server

CVE-2021-41773 Apache2 2.4.49 - LFI & RCE Exploit Info...

Exploit for Path Traversal in Apache Http_Server

CVE-2021-41773 Apache2 2.4.49 - LFI & RCE Exploit Info...

Online Resort Management System 1.0 SQL Injection

Exploit Title: Online Resort Management System 1.0 - SQLi Authenticated Date: 15/01/2022 Exploit Author: Gaurav Grover Vendor Homepage: Software Link: Version: 1.0 Tested on: Linux and windows both Summary: There are a vulnerabilities in Online Resort Management System ORMS 1. The attacker can...

WordPress GTranslate plugin <= 2.8.51 - Unauthenticated Reflected Cross-Site Scripting (XSS) vulnerability

Unauthenticated Reflected Cross-Site Scripting XSS vulnerability discovered by Gaurav in WordPress GTranslate plugin versions = 2.8.51. Solution Update the WordPress GTranslate plugin to the latest available version at least 2.8.52...

SolarWinds TFTP Server <= 9.2.0.111 - Remote DoS Exploit

No description provided by source. !/usr/bin/perl SolarWinds TFTP Server =9.2.0.111 Remote DoS Exploit by Gaurav Baruah TFTP Server Service stops after payload is sent, and has to be started again in Config Tested on XP SP3 Big thnx: dragunov Greetz: Sanjay use IO::Socket; $port = 69; $host =...

IBM Lotus QuickR qp2 ActiveX Buffer Overflow

This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 HttpClients::IE,...

Google Maps Cross Site Scripting

Google Maps XSS currently unpatched Discovered By - Pratul Agrawal [email protected] Gaurav Baruah [email protected] PoC -...

SolarWinds TFTP Server 9.2.0.111 - Remote Denial of Service

SolarWinds TFTP Server 9.2.0.111 - Remote Denial of Service !/usr/bin/perl SolarWinds TFTP Server newPeerPort = $port,PeerAddr = $host,Proto= 'udp'; $boom= "\x00\x06\x54\x9d\x68\x21\xde\x59\x30\x9a\x0b\xb5\xd4\x94\x94\x42\x3c\xeb\xc5"...

SolarWinds TFTP Server <=9.2.0.111 Remote DoS Exploit

Exploit for unknown platform in category dos / poc ===================================================== SolarWinds TFTP Server newPeerPort = $port,PeerAddr = $host,Proto= 'udp'; $boom= "\x00\x06\x54\x9d\x68\x21\xde\x59\x30\x9a\x0b\xb5\xd4\x94\x94\x42\x3c\xeb\xc5"...

Grabit 1.7.2 Beta 3 SEH Overwrite

!/usr/bin/perl Grabit ./$file" || die "\nCan't open $file: $!"; print nzb "$header1" . "\x41" x 248 . "$nextseh" . "$seh" . "$shellcode"; close nzb; sleep 1; print "\nFile $file successfully created!\n";...

Grabit 1.7.2 Beta 3 - &#039;.nzb&#039; Local Buffer Overflow (SEH)

!/usr/bin/perl Grabit ./$file" || die "\nCan't open $file: $!"; print nzb "$header1" . "\x41" x 248 . "$nextseh" . "$seh" . "$shellcode"; close nzb; sleep 1; print "\nFile $file successfully created!\n"; milw0rm.com 2009-05-05...