CVE-2026-2000

A vulnerability was found in DCN DCME-320 up to 20260121. Impacted is the function applyconfig of the file /function/system/basic/bridgecfg.php of the component Web Management Backend. Performing a manipulation of the argument iplist results in command injection. The attack is possible to be...

CVE-2026-2000

A vulnerability was found in DCN DCME-320 up to 20260121. Impacted is the function applyconfig of the file /function/system/basic/bridgecfg.php of the component Web Management Backend. Performing a manipulation of the argument iplist results in command injection. The attack is possible to be...

CVE-2026-2000

A vulnerability was found in DCN DCME-320 up to 20260121. Impacted is the function applyconfig of the file /function/system/basic/bridgecfg.php of the component Web Management Backend. Performing a manipulation of the argument iplist results in command injection. The attack is possible to be...

CVE-2026-2000 DCN DCME-320 Web Management Backend bridge_cfg.php apply_config command injection

A vulnerability was found in DCN DCME-320 up to 20260121. Impacted is the function applyconfig of the file /function/system/basic/bridgecfg.php of the component Web Management Backend. Performing a manipulation of the argument iplist results in command injection. The attack is possible to be...

DCN DCME-320 命令注入漏洞

DCN DCME-320 is an Internet exchange gateway router developed by China's DCN Technology Co., Ltd. Versions of DCN DCME-320 prior to 20260121 contained a command injection vulnerability. This vulnerability stemmed from incorrect operations with the parameter iplist in the function applyconfig with...

PT-2026-6684

Name of the Vulnerable Software and Affected Versions DCN DCME-320 versions up to 20260121 Description A flaw exists in the Web Management Backend component of DCN DCME-320. Specifically, manipulating the ip list argument within the apply config function of the /function/system/basic/bridge cfg.p...

CVE-2025-5902

A vulnerability was found in TOTOLINK T10 4.1.8cu.5207 and classified as critical. This issue affects the function setUpgradeFW of the file /cgi-bin/cstecgi.cgi of the component POST Request Handler. The manipulation of the argument slaveIpList leads to buffer overflow. The attack may be initiate...

Exploit for Exposure of Sensitive Information to an Unauthorized Actor in Checkpoint Quantum_Spark_Firmware

Takes in a ip list and you...

CVE-2023-24154

TOTOLINK T8 V4.1.5cu was discovered to contain a command injection vulnerability via the slaveIpList parameter in the function setUpgradeFW...

Searpy - Search Engine Tookit

1. Install git clone https://github.com/j3ers3/Searpy pip install -r requirement.txt 配置API及账号 ./config.py python Searpy -h 2. Help baidu Engine --google Using google Engine --so Using 360so Engine --bing Using bing Engine --shodan Using shodan Engine --fofa Using fofa Engine --zoomeye Using...

StrongPity APT Back with Kurdish-Aimed Watering Hole Attacks

The APT group known as StrongPity is back with a new watering-hole campaign, targeting mainly Kurdish victims in Turkey and Syria. The malware served offers operators the ability to search for and exfiltrate any file or document from a victim’s machine. The group a.k.a. Promethium is operating a...

CVE-2019-0975

A security feature bypass vulnerability exists when Active Directory Federation Services ADFS improperly updates its list of banned IP addresses. To exploit this vulnerability, an attacker would have to convince a victim ADFS administrator to update the list of banned IP addresses. This security...

NoSQL Exploitation Framework 2.0 - A Framework For NoSQL Scanning and Exploitation

A FrameWork For NoSQL Scanning and Exploitation Framework Authored By Francis Alexander. Added Features: First Ever Tool With Added Support For Mongo,Couch,Redis,H-Base,Cassandra Support For NoSQL WebAPPS Added payload list for JS Injection,Web application Enumeration. Scan Support for...

Network-Analysis-Tools - Pcap Capture File Analysis Tool

Pcap Capture File Analysis Tool Features 1-Top 10 Visited Sites 2-Emails 3-All Request Urls 4-User-Agents List 5-String Grep Mode 6-Connection details 7-Ports Used 8-ALL Ip List 9-Manuel Packet Filter 10-Smtp Analysis 11-Web Attack Detect Installation Modules $ pip install pyshark $ pip install...

Bruteforce Attack Protection: sentry

Safe and effective protection against bruteforce attacks ssh, FTP, SMTP, and more Sentry detects and prevents bruteforce attacks against sshd using minimal system resources. Sentry does NOT make changes to your firewall configuration. It merely adds IPs to a table/list/chain. It does this...

Static-HTTP-Server-1.0-SEH

Notes: Multiple HTTP commands and headers are vulnerable to overflows and trigger an exception, but I was unable to control the SEH handler with anyting but configuration options in the http.ini. import os def fileCreate: print "\n Your current file directory is %s. " % os.getcwd try: File =...

Jax PHP Scripts 1.0/1.34/2.14/3.31 guestbook_ips2block Banned IP List Disclosure

No description provided by source. source: http://www.securityfocus.com/bid/14482/info Jax PHP Scripts are affected by multiple cross-site scripting vulnerabilities. These issues are due to a failure in the applications to properly sanitize user-supplied input. An attacker may leverage any of the...

Static HTTP Server 1.0 - Local Overflow (SEH)

Static HTTP Server 1.0 - Local Overflow SEH !/usr/bin/env python import os TitleStatic HTTP Server SEH Overflow - HTTP Config - httptiplist Discovered and ReportedJune 2013 Discovered/Exploited ByJacob Holcomb/Gimppy, Security Analyst @ Independent Security Evaluators...

Fake Hit Generator 2.1 Shell Upload Vulnerability

No description provided by source. Exploit Title: Fake Hit Generator Shell Upload Vulnerability Date: 25.12.2009 Author: DigitALL Greetz: Zombie KroNickq HackSpy and All 1923turk.biz Members Version: 2.1 Dork: "Upload unique IP List:" and "The Ultimate Fake Hit Generator - BOOST YOUR ALEXA RANK"...

Fake Hit Generator Shell Upload

Exploit Title: Fake Hit Generator Shell Upload Vulnerability Date: 25.12.2009 Author: DigitALL Greetz: Zombie KroNickq HackSpy and All 1923turk.biz Members Version: 2.1 Dork: "Upload unique IP List:" and "The Ultimate Fake Hit Generator - BOOST YOUR ALEXA RANK" Application: Please Proxy List Uplo...