357 matches found
CVE-2020-37183
Allok RM RMVB to AVI MPEG DVD Converter 3.6.1217 contains a stack overflow vulnerability that allows attackers to execute arbitrary code by overwriting Structured Exception Handler SEH registers. Attackers can craft a malicious payload in the License Name input field to trigger a buffer overflow...
Exploit for Path Traversal in Rarlab Winrar
CVE-2025-8088 Este repositorio contiene un generador de archiv...
WordPress Simple File List <=4.2.2 - Remote Code Execution
An unrestricted file upload vulnerability in the WordPress Simple File List plugin before version 4.2.3 allows unauthenticated remote attackers to achieve remote code execution. The plugin's upload endpoint ee-upload-engine.php restricts file uploads based on extension, but lacks proper validatio...
CVE-2020-37049
Frigate 3.36.0.9 contains a local buffer overflow vulnerability in the Command Line input field that allows attackers to execute arbitrary code. Attackers can craft a malicious payload to overflow the buffer, bypass DEP, and execute commands like launching calc.exe through a specially crafted inp...
PT-2026-4814
Name of the Vulnerable Software and Affected Versions Live Helper Chat versions prior to 4.72 Description A stored Cross-Site Scripting XSS issue exists in the PDF file upload functionality. An attacker can upload a malicious PDF file containing an XSS payload. When a user downloads and opens the...
Burp Extension Persistence
This module adds a java based malicious extension to the Burp Suite configuration file. When burp is opened, the extension will be loaded and the payload will be executed. Tested against Burp Suite Community Edition v2024.9.4, on Ubuntu Desktop 24.04. Tested against Burp Suite Community Edition...
SiYuan has a Reflected Cross-Site Scripting (XSS) via /api/icon/getDynamicIcon
Summary Reflected XSS in /api/icon/getDynamicIcon due to unsanitized SVG input. Details The endpoint generates SVG images for text icons type=8. The content query parameter is inserted directly into the SVG tag without XML escaping. Since the response Content-Type is image/svg+xml, injecting...
WordPress Electric Studio Download Counter plugin cross-site scripting vulnerability
WordPress Electric Studio Download Counter plugin is a plugin for WordPress websites whose main function is to count and track the number of file downloads. The WordPress Electric Studio Download Counter plugin suffers from a cross-site scripting vulnerability that stems from the application's la...
TFTP Fetch, Linux Chmod
Fetch and execute an ARMLE payload from a TFTP server. Runs chmod on the specified file with specified mode. Module Options msf use payload/cmd/linux/tftp/armle/chmod msf payloadchmod show actions ...actions... msf payloadchmod set ACTION msf payloadchmod show options ...show and set options... m...
TFTP Fetch, Linux Chmod
Fetch and execute an AARCH64 payload from a TFTP server. Runs chmod on the specified file with specified mode. Module Options msf use payload/cmd/linux/tftp/aarch64/chmod msf payloadchmod show actions ...actions... msf payloadchmod set ACTION msf payloadchmod show options ...show and set options...
WMI Event Subscription Logon Timer Persistence
This module will create a permanent WMI event subscription to achieve file-less persistence using an event filter that will trigger the payload after the system has a certain uptime. Payloads will trigger every minute until the set end time. Additionally a custom command can be specified to run...
WMI Event Subscription Interval Persistence
This Metasploit module will create a permanent WMI event subscription to achieve file-less persistence using an event filter that triggers the payload after the specified CALLBACKINTERVAL. If the persistence is not installed, it will keep triggering payloads to spawn. Additionally a custom comman...
CVE-2022-50896
Testa 3.5.1 contains a reflected cross-site scripting vulnerability in the login.php redirect parameter that allows attackers to inject malicious scripts. Attackers can craft a specially encoded payload in the redirect parameter to execute arbitrary JavaScript in victim's browser context...
CVE-2026-22587 Ideagen DevonWay Reports page stored XSS
Ideagen DevonWay contains a stored cross site scripting vulnerability. A remote, authenticated attacker could craft a payload in the 'Reports' page that executes when another user views the report. Fixed in 2.62.4 and 2.62 LTS...
CVE-2026-22587 Ideagen DevonWay Reports page stored XSS
Ideagen DevonWay contains a stored cross site scripting vulnerability. A remote, authenticated attacker could craft a payload in the 'Reports' page that executes when another user views the report. Fixed in 2.62.4 and 2.62 LTS...
CVE-2026-22587
Ideagen DevonWay contains a stored cross-site scripting vulnerability in the Reports page. An authenticated remote attacker can craft a payload that executes when another user views the report. Affected software: Ideagen DevonWay (Reports page). Root cause: stored XSS. Impact details are limited ...
CVE-2025-1513
The Photos, Files, YouTube, Twitter, Instagram, TikTok, Ecommerce Contest Gallery – Upload, Vote, Sell via PayPal or Stripe, Social Share Buttons plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Name and Comment field when commenting on photo gallery entries in all versio...
HTTPS Fetch, Linux Command Shell, Reverse TCP Inline
Fetch and execute an RISC-V 64-bit payload from an HTTPS server. Connect back to attacker and spawn a command shell. Module Options msf use payload/cmd/linux/https/riscv64le/shellreversetcp msf payloadshellreversetcp show actions ...actions... msf payloadshellreversetcp set ACTION msf...
HTTP Fetch, Linux Command Shell, Bind TCP Inline
Fetch and execute an RISC-V 64-bit payload from an HTTP server. Listen for a connection and spawn a command shell Module Options msf use payload/cmd/linux/http/riscv64le/shellbindtcp msf payloadshellbindtcp show actions ...actions... msf payloadshellbindtcp set ACTION msf payloadshellbindtcp show...
HTTP Fetch, Linux Command Shell, Bind TCP Inline
Fetch and execute an RISC-V 32-bit payload from an HTTP server. Listen for a connection and spawn a command shell Module Options msf use payload/cmd/linux/http/riscv32le/shellbindtcp msf payloadshellbindtcp show actions ...actions... msf payloadshellbindtcp set ACTION msf payloadshellbindtcp show...