Exploit for Path Traversal in Stitionai Devika

CVE-2024-40422 Found this on exploit-db, decided to make my ow...

Lost And Found Information System 1.0 Broken Access Control / Privilege Escalation

Vulnerability: Broken Access Control Author: Akash Pandey CVE: CVE-2023-3018 Source: https://www.sourcecodester.com/php/16525/lost-and-found-information-system-using-php-and-mysql-db-source-code-free-download.html Steps to re-produce: 1. Go to https://site.com/admin/?page=user/list as staff user...

Raspberry Pi Camera Server 1.0 Authentication Bypass

Exploit Title: "camp" Raspberry Pi camera server 1.0 - Authentication Bypass Date: 2022-07-25 Exploit Author: Elias Hohl Vendor Homepage: https://github.com/patrickfuller Software Link: https://github.com/patrickfuller/camp Version: bf6af5c2e5cf713e4050c11c52dd4c55e89880b1 Tested on: Ubuntu 20.04...

Exploit for Unrestricted Upload of File with Dangerous Type in Seeddms

CVE-2019-12744 Information Exploit Title: Remote Command...

Nagios XI Magpie_debug.php Root Remote Code Execution Exploit

This Metasploit module exploits two vulnerabilities in Nagios XI 5.5.6. One allows for unauthenticated remote code execution and another allows for local privilege escalation. When combined, these two vulnerabilities give us a root reverse shell. This module requires Metasploit:...

X (Formerly Twitter): [URGENT] Opportunity to publish tweets on any twitters account

The reporter discovered a flaw in the handling of Twitter Ads Studio requests which allowed an attacker to tweet as any user. By sharing media with a victim user and then modifying the post request with the victim's account ID the media in question would be posted from the victim's account. This...