178 matches found
CVE-2025-40923
Plack-Middleware-Session before version 0.35 for Perl generates session ids insecurely. The default session id generator returns a SHA-1 hash seeded with the built-in rand function, the epoch time, and the PID. The PID will come from a small set of numbers, and the epoch time may be guessed, if i...
AIX is vulnerable to arbitrary command execution due to Perl (CVE-2025-33112)
IBM SECURITY ADVISORY First Issued: Tue Jun 10 08:28:43 CDT 2025 The most recent version of this document is available here: https://aix.software.ibm.com/aix/efixes/security/perladvisory9.asc Security Bulletin: AIX is vulnerable to arbitrary command execution due to Perl CVE-2025-33112...
Linux Distros Unpatched Vulnerability : CVE-2013-7422
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Integer underflow in regcomp.c in Perl before 5.20, as used in Apple OS X before 10.10.5 and other products, allows context-dependent attackers to execute...
i-Gallery 3.4 Database Disclosure
==================================================================================================================================== | Title : i-Gallery v3.4 Database Disclosure Exploit | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 108.032-bit | |...
Erim Upload 4 Database Disclosure
==================================================================================================================================== | Title : Erim Upload V4 Database Disclosure Exploit | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 108.032-bit | |...
ExcessWeb And Network CMS 4.0 Database Disclosure
==================================================================================================================================== | Title : ExcessWeb & Network CMS v4.0 Database Disclosure Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefo...
Data Driven CMS 0.4.1 Database Disclosure
==================================================================================================================================== | Title : Data Driven CMS v0.4.1 database disclosure Exploit | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 63.0.3...
Web Wiz Forums 12.06 Database Disclosure
==================================================================================================================================== | Title : Web Wiz Forums 12.06 Database Disclosure Exploit | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 108.032-bit ...
Banner RotatorCMS 1.0 Database Disclosure
==================================================================================================================================== | Title : Banner RotatorCMS v1.0 Database Disclosure Exploit | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 108.032-bi...
A Cart 2.0 Database Disclosure
==================================================================================================================================== | Title : A cart 2.0 Database Disclosure Exploit | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 108.032-bit | | Vendor...
WordPress Slider Revolution 4.x.x Shell Upload
================================================================================================= | Title : WordPress - Slider Revolution 4.x.x WordPress - arbitrary file upload exploit | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 66.064-bit | |...
WordPress Slider Revolution 4.6.5 Shell Upload
==================================================================================================================================== | Title : WordPress - Slider Revolution 4.6.5 WordPress - Slider Revolution 4.6.5 shell upload 0-day exploit | | Author : indoushka | | Tested on : windows 10...
Sami HTTP Server 2.0 Denial Of Service
!/usr/bin/perl -w Date: 06/14/2021 14 Jun Version Vulnerable: Sami HTTP 2.0 OS Tested: Windows XP PACK 3 Brazilian use IO::Socket; $sis="$^O"; print $sis; if $sis eq "windows" $cmd="cls"; else $cmd="clear"; system"$cmd"; if !$ARGV0 || !$ARGV1 &apresentacao; exit; sub apresentacao print q Sami HTT...
WordPress 5.2.3 Remote Cross Site Host Modification
!/usr/bin/perl -w Wordpress Type: Remote Risk: High Solution: Set security headers to web server and no-cache for Cache-Control Simple Attack Scenarios: o This attack can bypass Simple WAF to access restricted content on the web server, something like phpMyAdmin; o This attack can deface the...
WinRAR 5.61 - '.lng' Denial of Service
Exploit Title: WinRAR 5.61 - Denial of Service Author: Kağan Çapar Discovery Date: 2019-02-20 Software Link: https://win-rar.com/predownload.html?spV=true&subD=true&f=wrar561tr.exe Vendor Homepage : https://www.win-rar.com Tested Version: 5.61 32 Bit Tested on OS: Windows 10 Education 64 Bit Step...
Audacity 2.3 - Denial of Service (PoC)
Audacity 2.3 - Denial of Service PoC Exploit Title: AudaCity 2.3 - Denial of Service PoC Author: Kağan Çapar Discovery Date: 2018-10-19 Software Link: https://www.fosshub.com/Audacity.html Vendor Homepage : https://www.audacityteam.org Tested Version: 2.3 Tested on OS: Windows 10 x64/86 Normal us...
Audacity 2.3 - Denial of Service (PoC)
Exploit Title: AudaCity 2.3 - Denial of Service PoC Author: Kağan Çapar Discovery Date: 2018-10-19 Software Link: https://www.fosshub.com/Audacity.html Vendor Homepage : https://www.audacityteam.org Tested Version: 2.3 Tested on OS: Windows 10 x64/86 Normal use CPU & Windows 7 High CPU usage &...
Quest DR Series Disk Backup Software Elevation of Privilege Vulnerability (CNVD-2018-15903)
The Quest DR Series are disk storage and deduplication appliances. An elevation of privilege vulnerability exists in versions of Quest DR Series disk backup software prior to 4.0.3.1. An attacker can exploit this vulnerability via perl to elevate privileges from web server user to root...
AVS Audio Converter 8.2.1 - Buffer Overflow Vulnerability
Product & Service Introduction: =============================== AVS Audio Editor is an audio file editor of its primary function is for editing audio files. It is able to cut, join, combine or split audio files. All these operations are done with great precision to the hundredth of a second. You...
VUPlayer 2.49 - (.wax) Buffer Overflow Vulnerability
Product & Service Introduction: =============================== VUPlayer is a freeware multi-format audio player for windows. Copy of the Vendor Homepage: http://vuplayer.com/vuplayer.php Technical Details & Description: ================================ The classic buffer overflow vulnerability i...