CVE-2023-32314

A flaw was found in the vm2 sandbox. When a host object is created based on the specification of Proxy, an attacker can bypass the sandbox protections. This may allow an attacker to run remote code execution on the host running the sandbox. This vulnerability impacts the confidentiality, integrit...

PT-2023-2909

Name of the Vulnerable Software and Affected Versions vm2 versions up to and including 3.9.17 Description A sandbox escape issue exists in vm2, allowing a threat actor to bypass sandbox protections and gain remote code execution rights on the host. This is achieved by abusing an unexpected creati...

Php Blue Dragon CMS 3.0.0 Remote Code Execution Exploit

No description provided by source. ?php // Exploit Name: Php Blue Dragon CMS 3.0.0 Code Execution Exploit //Script Homepage: http://phpbluedragon.pl/ // Autor: Kacper [email protected] // Autor Homepage: devilteam.eu | kacper.bblog.pl //Pozdrawiam wszystkich ludzi z DEVIL TEAM, Zapraszam na irc...

Woltlab Burning Board Lite 1.0.2 decode_cookie() SQL Injection Exploit

No description provided by source. ?php printr' -------------------------------------------------------------------------------- Woltlab Burning Board Lite 1.0.2 decodecookie sql injection exploit by rgod [email protected] site: http://retrogod.altervista.org dork: "Powered by Burning Board Lite...

exV2 < 2.0.4.3 - 'sort' SQL Injection

!/usr/bin/php -q -d shortopentag=on = 4.1 allowing subs and if 'messages' module is enabled / if $argc 126 $result.=" ."; else $result.=" ".$string$i; if strlendechexord...