CVE-2018-25265

LanSpy 2.0.1.159 contains a local buffer overflow vulnerability in the scan section that allows local attackers to execute arbitrary code by exploiting structured exception handling mechanisms. Attackers can craft malicious payloads using egghunter techniques to locate and execute shellcode,...

Siemens S7-1500 NULL Pointer Dereference (CVE-2025-8224)

A vulnerability has been found in GNU Binutils 2.44 and classified as problematic. This vulnerability affects the function bfdelfgetstrsection of the file bfd/elf.c of the component BFD Library. The manipulation leads to null pointer dereference. Local access is required to approach this attack...

CVE-2025-67025

Cross Site Scripting vulnerability in Anycomment anycomment.io 0.4.4 allows a remote attacker to execute arbitrary code via the Anycomment comment section...

Wiki.js 安全漏洞

Wiki.js is a suite of open source Wiki software from the Requarks.io team based on Node.js and written in the JavaScript language. A security vulnerability exists in Wiki.js versions prior to 2.5.303, which stems from a vulnerability that allows an attacker to inject malicious JavaScript into the...

Cross-site Scripting (XSS)

backdrop/backdrop is vulnerable to cross-site scripting. The vulnerability exists due to the lack of sanitization in the comment section in the library, allowing an attacker to inject and execute malicious javascript...

CVE-2017-17868

In Liferay Portal 6.1.0, the tags section has XSS via a Public Render Parameter prp value, as demonstrated by prp564233524tag...

PT-2017-4320 · Gnu +1 · Gnu Binutils +1

Name of the Vulnerable Software and Affected Versions: GNU Binutils version 2.29.1 Description: The issue is related to an integer overflow in the dump relocs in section function of the objdump.c component. This allows a remote attacker to cause a denial of service, potentially leading to excessi...

DEBIAN-CVE-2017-14129

The readsection function in dwarf2.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service parsecompunit heap-based buffer over-read and application crash via a crafted ELF file...

ApPHP MicroCMS 3.9.5 Cross Site Scripting

Exploit Title :----------------- : ApPHP MicroCMS 3.9.5 - Stored Cross Site Scripting Author :------------------------ : Besim Google Dork :---------------- : - Date :-------------------------- : 12/10/2016 Type :-------------------------- : webapps Platform : -------------------- : PHP Vendor...

husvagnsguiden.se XSS vulnerability

Vulnerable URL: http://www.husvagnsguiden.se/kopsalj/?search="';--=0=0 Details: Description| Value ---|--- Patched:| No Latest check for patch:| 25.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| Unknown / Not calculated Google Pagerank| 0 VIP website status...

GoogleToolbar:About -- Allows Script Injection

Affection Software : GoogleToolbar Version : Tested on 2.0.114.1-big/en GGLD Notes: GoogleToolbar's About section allows injection of script, since it lacks any checking. The following code is a Proof Of Concept. s c r i p t...