CVE-2020-37025

CVE-2020-37025 affects Port Forwarding Wizard 4.8.0. A buffer overflow in the Register feature lets local attackers send a long request to overwrite SEH handlers and potentially execute shellcode on vulnerable Windows systems. Descriptions indicate an egg-tag payload may be crafted to trigger the...

Workout Journal App 1.0 Cross Site Scripting

Exploit Title: Workout Journal App 1.0 - Stored XSS Date: 12.01.2024 Exploit Author: MURAT CAGRI ALIS Vendor Homepage: https://www.sourcecodester.com Software Link: https://www.sourcecodester.com/php/17088/workout-journal-app-using-php-and-mysql-source-code.html Version: 1.0 Tested on: Windows /...

CVE-2023-46539

TP-LINK TL-WR886N V7.03.0.14Build221115Rel.56908n.bin was discovered to contain a stack overflow via the function registerRequestHandle...

CVE-2023-46539

TP-LINK TL-WR886N V7.03.0.14Build221115Rel.56908n.bin was discovered to contain a stack overflow via the function registerRequestHandle...

TP-LINK WR886N Buffer Error Vulnerability

The TP-LINK WR886N is a wireless router from China P&L TP-LINK. A security vulnerability exists in the TP-LINK TL-WR886N V7.03.0.14Build221115Rel.56908n.bin version, which originates from a buffer overflow vulnerability in the registerRequestHandle method...

PT-2023-6593 · Tp Link · Tp-Link Tl-Wr886N

Name of the Vulnerable Software and Affected Versions: TP-LINK TL-WR886N version 7.0 3.0.14 Build 221115 Rel.56908n.bin Description: The issue is related to a stack overflow in the registerRequestHandle function, which can be exploited by a remote attacker to impact the integrity, availability, a...

Directory Traversal

Gravitee API Management is vulnerable to path traversal. The vulnerability exists in the Email service due to an html injection which allows an attacker to read arbitrary files via a /management/users/register request...

CVE-2019-25075

HTML injection combined with path traversal in the Email service in Gravitee API Management before 1.25.3 allows anonymous users to read arbitrary files via a /management/users/register request...

CVE-2019-25075

HTML injection combined with path traversal in the Email service in Gravitee API Management before 1.25.3 allows anonymous users to read arbitrary files via a /management/users/register request...

[Full-disclosure] Replay Attack Vulnerability on Sonys Instant Video Everywhere Service

Replay Attack Vulnerability on Sonys Instant Video Everywhere Service http://www.iptel.org/security/2005-12-31.html December 31, 2005 I. Background Sony offers a SIP based voice and video service called IVE. By downloading a client application for the Windows operating system everybody can make...

CVE-2005-4466

Heap-based buffer overflow in the SIPParser function in i3sipmsg.dll in Interaction SIP Proxy before 3.0.011 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a REGISTER request with a SPI version number that contains a large number of space or tab...

CVE-2005-4466

Heap-based buffer overflow in the SIPParser function in i3sipmsg.dll in Interaction SIP Proxy before 3.0.011 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a REGISTER request with a SPI version number that contains a large number of space or tab...