Exploit for Improper Authentication in Microsoft

CVE-2025-549...

SialWeb CMS eCommerce 1.0 / 1.1 Cross Site Scripting / SQL Injection Vulnerabilities

Exploit for php platform in category web applications Exploit Title: SialWeb CMS SQL Injection & XSS Vulnerability Google Dork: intext:" By Sial Web" +inurl:/.php?id= Exploit Author: @ThelastVvV Vendor Homepage: https://sialweb.net/ Tested on: Ubuntu...

SialWeb CMS eCommerce 1.0 / 1.1 Cross Site Scripting / SQL Injection

Exploit Title: SialWeb CMS SQL Injection & XSS Vulnerability Google Dork: intext:" By Sial Web" +inurl:/.php?id= Date: 2020-03-22 Exploit Author: @ThelastVvV Vendor Homepage: https://sialweb.net/ Tested on: Ubuntu --------------------------------------------------------- PoC 1: The remote sql...

Photo Nettoyeur 1.4.5 Insecure File Permission Vulnerability

Exploit for windows platform in category local exploits i?-------------------------------------------------------- Exploit Title: Photo Nettoyeur 1.4.5 - Insecure File Permission Exploit Author : ZwX Vendor Homepage : http://www.marseillesoft.com/ Link Software :...

Easy File Sharing Web Server 7.2 Domain Name Buffer Overflow

-------------------------------------------------------- Exploit Title: Easy File Sharing Web Server 7.2 - 'Domain Name' Buffer Overflow Exploit Exploit Author : ZwX Exploit Date: 2018-09-19 Vendor Homepage : http://www.sharing-file.com/ Link Software : http://www.sharing-file.com/efssetup.exe...

Clone2Go Video to iPod Converter 2.5.0 - Denial of Service Exploit

Exploit for windows platform in category dos / poc Exploit Title: Clone2Go Video to iPod Converter 2.5.0 - Denial of Service PoC Exploit Author: ZwX Vendor Homepage : http://www.clone2go.com/ Software Link: http://www.clone2go.com/down/video-to-ipod-setup.exe Tested on OS: Windows 7 Proof of...

Clone2Go Video to iPod Converter 2.5.0 - Denial of Service (PoC)

Clone2Go Video to iPod Converter 2.5.0 - Denial of Service PoC Exploit Title: Clone2Go Video to iPod Converter 2.5.0 - Denial of Service PoC Exploit Author: ZwX Exploit Date: 2018-09-11 Vendor Homepage : http://www.clone2go.com/ Software Link: http://www.clone2go.com/down/video-to-ipod-setup.exe...

Perfect Privacy VPN Manager v1.10.11 - DoS Vulnerability

Document Title: =============== Perfect Privacy VPN Manager v1.10.11 - DoS Vulnerability References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2102 Ticket:...

Intel HD Graphics - Unquoted Service Path Privilege Escalation Vulnerability

intel Corp. designs, manufactures and sells computer components and related products. The company also engages in the designing and manufacturing of computing and communication components, such as microprocessors, chipsets, motherboards, and wireless and wired connectivity products. It develops...

Clean Master 1.0 - Unquoted Service Path Privilege Escalation Vulnerability

Clean Master Cleaner is a powerful application dedicated to the cleaning of certain content Android terminal. It is able to remove all traces of activities performed on the Smartphone to free up space and increase performance. This app is able to best improve the security system of the device. Co...

WordPress Plugin Ultimate Product Catalog 3.8.1 - Privilege Escalation

WordPress Plugin Ultimate Product Catalog 3.8.1 - Privilege Escalation /Functions/UpdateAdmin-Databases.php file. Remote attackers are able to request crafted data of the POST method request with the vulnerable ´accesrole´ parameter. The security risk of the privilege scalation web vulnerability ...

Prezi Bug Bounty #7 - (Charts) Persistent Vulnerability

Document Title: =============== Prezi Bug Bounty 7 - Charts Persistent Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1723 Release Date: ============= 2016-02-22 Vulnerability Laboratory ID VL-ID: ==================================== 1723...

Song Exporter v2.1.1 RS iOS文件包含漏洞

Song Exporter可以将你iOS设备的歌曲通过WiFi传输到同一局域网内任何电脑上的实用工具，让你无需iTunes也能方便的将音乐备份到电脑上。 本地文件包含Web漏洞允许远程攻击者未经授权包含本地文件的请求或系统特定的路径命令，控制网页应用程序或设备。 0 Song Exporter 2.1.1 目前厂商暂无提供补丁或者升级程序，我们建议使用此软件的用户随时关注厂商的主页以获取最新版本： https://itunes.apple.com/us/app/song-exporter-pro/id421646421 Proof of Concept PoC:...

Open Source Smart Meter Hacking Framework can Hack into the Power Grid

A researcher specializing in smart grids has released an open-source tool designed to assess the security of smart meters. Dubbed 'Termineter,' the framework would allow users, such as grid operators and administrators, to test smart meters for vulnerabilities. It claims will let security...

SHOPEX Cross Station and CSRF vulnerabilities-vulnerability warning-the black bar safety net

Cross-site request forgerycross-site request forgeryis usually abbreviated as CSRF/XSRF, the literal translation for cross-site request forgery, i.e. an attacker by invoking third-party web site the malicious script or use the program to forge a request, of course, not need to the user end disgui...

PHPRecipeBook 2.24 - base_id SQL Injection

PHPRecipeBook 2.24 - baseid SQL Injection + PHPRecipeBook 2.24 idRemort SQL Injection Vulnerability - + Discovered By d3b4g + script: http://phprecipebook.sourceforge.net/demo/phprecipebook/ + Greetz : str0ke | Inerd | & friends - Follow me on twitter www.twitter.com/schaba About: ------...

What A Drag

Internet Explorer supports a fantastic variety of "styles" amongst other 'unique capabilities'. A lovely demonstration of that can be found here: http://www.malware.com/wattadrag.html -- http://www.malware.com...

[Full-Disclosure] Eudora file URL buffer overflow

There is a buffer overflow in Eudora for Windows, verified on versions 6.1, 6.0.3 and 5.2.1. This is easily exploitable to run arbitrary code. I do not know if this issue affects Eudora for Macs. Demo: !/usr/bin/perl -- print "From: men"; print "To: youn"; print "Subject: Eudora file URL buffer...

Re: IE allows universal Cross Site Scripting (TL#002)

Hello, This can also be exploited in IE5 and IE5.5 as well as IE6 by using a different resource file. Thor's demonstration is confined to IE6 because the resource he found to be exploitable first appeared in IE6 privacy policy. Proof of concept and HTML version:...