5 matches found
CVE-2023-32670
Cross-Site Scripting vulnerability in BuddyBoss 2.2.9 version , which could allow a local attacker with basic privileges to execute a malicious payload through the "name=image.jpg" parameter, allowing to assign a persistent javascript payload that would be triggered when the associated image is...
Exploit for Code Injection in Exiftool_Project Exiftool
CVE-2021-22204-exiftool Python exploit for the CVE-2021-22204...
CVE-2018-18428
TP-Link TL-SC3130 1.6.18P12121101 devices allow unauthenticated RTSP stream access, as demonstrated by a /jpg/image.jpg URI...
Apple Mac OS X Mail任意代码执行漏洞
Apple Mac OS X是一款基于BSD的操作系统。 Apple Mac OS X包含的Mail应用程序处理EMAIL附件时存在问题,远程攻击者可以利用漏洞以应用程序权限执行任意指令。 如果构建一个命名为"image.jpg"的SHELL脚本,并作为附件发送。当Apple Mail应用程序处理时会显示图片的图标,并以应用程序权限执行。 Apple Mac OS X Server 10.5.1 Apple Mac OS X Server 10.5 Apple Mac OS X 10.5.1 Apple Mac OS X 10.5 目前没有详细解决方案提供:...
SAP 'enserver.exe' file downloader
No description provided by source. !/usr/bin/perl -w SAP 'enserver.exe' file downloader Tested on "SAP Web Application Server Java 6.40" eval DVD Found & coded by Nicob The downloaded file is limited to the first 32 kilobytes Usual port : TCP/3200+SYSNR Exemple : ./r3-stealer-1.0.pl 192.168.2.22...