WatchGuard XTM Firebox Unauthenticated Remote Command Execution

This module exploits a buffer overflow at the administration interface 8080 or 4117 of WatchGuard Firebox and XTM appliances which is built from a cherrypy python backend sending XML-RPC requests to a C binary called wgagent using pre-authentication endpoint /agent/login. This vulnerability impac...

PT-2024-6141 · Openvpn +1 · Openvpn +1

Name of the Vulnerable Software and Affected Versions: OpenVPN versions 2.6.9 and earlier Description: The issue is related to the interactive service in OpenVPN, which allows an attacker to send data causing a stack overflow. This can be used to execute arbitrary code with more privileges. The...

PT-2024-6140 · Openvpn +1 · Openvpn +1

Name of the Vulnerable Software and Affected Versions: OpenVPN versions 2.6.9 and earlier Description: The issue is related to the interactive service in OpenVPN, which allows the OpenVPN service pipe to be accessed remotely. This enables a remote attacker to interact with the privileged OpenVPN...

WordPress Qi Addons For Elementor Plugin <= 1.6.7 is vulnerable to Cross Site Scripting (XSS)

Software Qi Addons For Elementor Type Plugin Vulnerable versions = 1.6.7 Fixed in 1.6.8 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-0826 Patch priority Low CVSS severity Low 6.5 Developer Qode Interactive PSID 2d3d74026644 Credits Webbernaut...

Atlassian Confluence < 8.5.3 - Remote Code Execution Exploit

Exploit Title: CVE-2023-22527: Atlassian Confluence RCE Vulnerability Exploit Author: MaanVader Vendor Homepage: https://www.atlassian.com/software/confluence Software Link: https://www.atlassian.com/software/confluence Version: 8.0.x, 8.1.x, 8.2.x, 8.3.x, 8.4.x, 8.5.0-8.5.3 Tested on: 8.5.3 CVE ...

Atlassian Confluence &lt; 8.5.3 - Remote Code Execution

Exploit Title: CVE-2023-22527: Atlassian Confluence RCE Vulnerability Date: 25/1/2024 Exploit Author: MaanVader Vendor Homepage: https://www.atlassian.com/software/confluence Software Link: https://www.atlassian.com/software/confluence Version: 8.0.x, 8.1.x, 8.2.x, 8.3.x, 8.4.x, 8.5.0-8.5.3 Teste...

CVE-2023-49340

An issue was discovered in Newland Nquire 1000 Interactive Kiosk version NQ1000-IIGV1.00.011, allows remote attackers to escalate privileges and bypass authentication via incorrect access control in the web management portal...

CVE-2023-49340

CVE-2023-49340 affects the Newland Nquire 1000 Interactive Kiosk, specifically version NQ1000-II_G_V1.00.011 (and related entries note NQ1000-II G V1.00.011). The issue is an authentication/access-control flaw in the web management portal that permits remote attackers to escalate privileges and b...

CVE-2023-49340

An issue was discovered in Newland Nquire 1000 Interactive Kiosk version NQ1000-IIGV1.00.011, allows remote attackers to escalate privileges and bypass authentication via incorrect access control in the web management portal...

CVE-2023-49341

CVE-2023-49341 affects Newland Nquire 1000 Interactive Kiosk (NQ1000-II_G_V1.00.011). The issue is cleartext credential storage in the backup.htm component that could allow remote attackers to obtain sensitive information. Root cause appears to be insecure credential storage in that component; de...

WinFiHack - A Windows Wifi Brute Forcing Utility Which Is An Extremely Old Method But Still Works Without The Requirement Of External Dependencies

WinFiHack is a recreational attempt by me to rewrite my previous project Brute-Hacking-Framework's main wifi hacking script that uses netsh and native Windows scripts to create a wifi bruteforcer. This is in no way a fast script nor a superior way of doing the same hack but it needs no external...

BIT-GITLAB-2022-1944

When the feature is configured, improper authorization in the Interactive Web Terminal in GitLab CE/EE affecting all versions from 11.3 prior to 14.9.5, 14.10 prior to 14.10.4, and 15.0 prior to 15.0.1 allows users with the Developer role to open terminals on other Developers' running jobs...

BIT-JUPYTER-NOTEBOOK-2022-29238 Forced Browsing in Jupyter Notebook

Jupyter Notebook is a web-based notebook environment for interactive computing. Prior to version 6.4.12, authenticated requests to the notebook server with ContentsManager.allowhidden = False only prevented listing the contents of hidden directories, not accessing individual hidden files or files...

BIT-JUPYTER-BASE-NOTEBOOK-2022-29238 Forced Browsing in Jupyter Notebook

Jupyter Notebook is a web-based notebook environment for interactive computing. Prior to version 6.4.12, authenticated requests to the notebook server with ContentsManager.allowhidden = False only prevented listing the contents of hidden directories, not accessing individual hidden files or files...

BIT-JUPYTERLAB-2024-22421 Potential authentication and CSRF tokens leak in JupyterLab

JupyterLab is an extensible environment for interactive and reproducible computing, based on the Jupyter Notebook and Architecture. Users of JupyterLab who click on a malicious link may get their Authorization and XSRFToken tokens exposed to a third party when running an older jupyter-server...

BIT-JUPYTER-BASE-NOTEBOOK-2024-22421 Potential authentication and CSRF tokens leak in JupyterLab

JupyterLab is an extensible environment for interactive and reproducible computing, based on the Jupyter Notebook and Architecture. Users of JupyterLab who click on a malicious link may get their Authorization and XSRFToken tokens exposed to a third party when running an older jupyter-server...

Deno's deno_runtime vulnerable to interactive permission prompt spoofing via improper ANSI stripping

Summary A maliciously crafted permission request can show the spoofed permission prompt by inserting a broken ANSI escape sequence into the request contents. Details In the patch for CVE-2023-28446, Deno is stripping any ANSI escape sequences from the permission prompt, but permissions given to t...

GHSA-M4PQ-FV2W-6HRW Deno's deno_runtime vulnerable to interactive permission prompt spoofing via improper ANSI stripping

Summary A maliciously crafted permission request can show the spoofed permission prompt by inserting a broken ANSI escape sequence into the request contents. Details In the patch for CVE-2023-28446, Deno is stripping any ANSI escape sequences from the permission prompt, but permissions given to t...

Exploit for CVE-2024-25600

CVE-2024-25600 Exploit Tool 🚀 Description 📝 This tool 🛠️...

Exploit for CVE-2024-25600

CVE-2024-25600 Exploit Tool 🚀 Description 📝 This tool 🛠️...