29 matches found
CVE-2025-47154
LibJS in Ladybird before f5a6704 mishandles the freeing of the vector that argumentslist references, leading to a use-after-free, and allowing remote attackers to execute arbitrary code via a crafted .js file. NOTE: the GitHub README says "Ladybird is in a pre-alpha state, and only suitable for u...
CVE-2025-47154
CVE-2025-47154 affects the LibJS component of the Ladybird browser, specifically versions prior to f5a6704. The root cause is improper freeing of the vector referenced by arguments_list, causing a use-after-free. This can allow remote attackers to execute arbitrary code by feeding a crafted .js f...
CVE-2025-47154
LibJS in Ladybird before f5a6704 mishandles the freeing of the vector that argumentslist references, leading to a use-after-free, and allowing remote attackers to execute arbitrary code via a crafted .js file. NOTE: the GitHub README says "Ladybird is in a pre-alpha state, and only suitable for u...
Grafiki - Threat Hunting Tool About Sysmon And Graphs
Grafiki is a Django project about Sysmon and graphs, for the time being. In my opinion EventViewer, Elastic and even Kibana, are not graphic enough. The current threats are complicated and if attackers think in graphs, defenders also must do it. This is a proof of concept, the code was not debugg...
Tsunami - A General Purpose Network Security Scanner With An Extensible Plugin System For Detecting High Severity Vulnerabilities With High Confidence
Tsunami is a general-purpose network security scanner with an extensible plugin system for detecting high severity vulnerabilities with high confidence. To learn more about Tsunami, visit our documentations. Tsunami relies heavily on its plugin system to provide basic scanning capabilities. All...
Fire Web Server 0.1 Denial Of Service
Exploit Title: Fire Web Server 0.1 - Remote Denial of Service PoC Date: 2020-06-26 Exploit Author: Saeed reza Zamanian Vendor Homepage: https://sourceforge.net/projects/firewebserver/ Software Link: https://sourceforge.net/projects/firewebserver/files/ Version: Pre-Alpha Tested on: Windows 7 ,...
Fire Web Server Pre-Alpha Denial Of Service
!/usr/bin/python ''' Exploit Title: Fire Web Server Pre-Alpha - Remote Denial of Service PoC Date: 2020-Jun-26 Exploit Author: Saeed reza Zamanian Vendor Homepage: https://sourceforge.net/projects/firewebserver/ Software Link: https://sourceforge.net/projects/firewebserver/files/ Version: Pre-Alp...
i2pd and kovri information disclosure vulnerabilities
i2p is a network protocol for encryption that enables anonymous access to the Internet. i2pd is a C++ implementation of the i2p client. kovri is a lightweight i2p-compatible router. A security vulnerability exists in i2pd versions prior to 2.17 and in the kovri pre-alpha version, which stems from...
PT-2017-14694 · I2P +1 · I2Pd +2
Name of the Vulnerable Software and Affected Versions: i2pd versions prior to 2.17 kovri versions prior to 2.17 pre-alpha implementations Description: The issue is related to the improper handling of Garlic DeliveryTypeTunnel packets in the I2P routing protocol, which allows remote attackers to...
The Rat CMS viewarticle2.php id Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/29959/info The Rat CMS is prone to multiple input-validation vulnerabilities, including SQL-injection issues and cross-site scripting issues, because it fails to sufficiently sanitize user-supplied data. Exploiting these...
The Rat CMS viewarticle.php Multiple Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/29959/info The Rat CMS is prone to multiple input-validation vulnerabilities, including SQL-injection issues and cross-site scripting issues, because it fails to sufficiently sanitize user-supplied data. Exploiting these...
The Rat CMS viewarticle2.php id Parameter SQL Injection
No description provided by source. source: http://www.securityfocus.com/bid/29959/info The Rat CMS is prone to multiple input-validation vulnerabilities, including SQL-injection issues and cross-site scripting issues, because it fails to sufficiently sanitize user-supplied data. Exploiting these...
ModuleBased CMS Multiple Remote File Include Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/19754/info ModuleBased CMS is prone to multiple remote file-include vulnerabilities because it fails to properly sanitize user-supplied input. An attacker can exploit these issues to include an arbitrary remote file...
Opera Browser 10/11/12 (SVG layout) Memory Corruption
Exploit for Opera Browser 10/11/12 SVG layout Memory Corruption 0day Vulnerability: Discovered: 2010-10-13 Patched: 0day Tested on: v10.xx v10.50, v10.51, v10.52, v10.53, v10.54, v10.6, v10.61, v10.62 and v10.63 v11.xx v11.00, v11.01, v11.10, v11.11, v11.50 and v11.51 Exploit: Coded: 2010-10-14...
Sql injection
Multiple SQL injection vulnerabilities in The Rat CMS Pre-Alpha 2 allow remote attackers to execute arbitrary SQL commands via the id parameter to 1 viewarticle.php and 2 viewarticle2.php...
CVE-2008-5163
The Rat CMS Pre-Alpha 2 contains SQL injection vulnerabilities in the viewarticle.php and viewarticle2.php scripts. The root cause is unsafe handling of the id parameter, enabling remote attackers to execute arbitrary SQL commands. Affected component: The Rat CMS Pre-Alpha 2 (web application). Im...
CVE-2008-5164
The CVE-2008-5164 entry describes multiple cross-site scripting (XSS) vulnerabilities in The Rat CMS Pre-Alpha 2. The issues allow remote attackers to inject arbitrary web scripts or HTML via the (1) id parameter to viewarticle.php and viewarticle2.php and the (2) PATH_INFO to viewarticle.php. Th...
The Rat CMS - viewarticle2.php?id Cross-Site Scripting
The Rat CMS - viewarticle2.php?id Cross-Site Scripting source: https://www.securityfocus.com/bid/29959/info The Rat CMS is prone to multiple input-validation vulnerabilities, including SQL-injection issues and cross-site scripting issues, because it fails to sufficiently sanitize user-supplied...
The Rat CMS - viewarticle.php Multiple Cross-Site Scripting Vulnerabilities
The Rat CMS - viewarticle.php Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/29959/info The Rat CMS is prone to multiple input-validation vulnerabilities, including SQL-injection issues and cross-site scripting issues, because it fails to sufficiently...
The Rat CMS - viewarticle2.php?id SQL Injection
The Rat CMS - viewarticle2.php?id SQL Injection source: https://www.securityfocus.com/bid/29959/info The Rat CMS is prone to multiple input-validation vulnerabilities, including SQL-injection issues and cross-site scripting issues, because it fails to sufficiently sanitize user-supplied data...