CVE-2024-48514

php-heic-to-jpg = 1.0.5 is vulnerable to code injection fixed in 1.0.6. An attacker who can upload heic images is able to execute code on the remote server via the file name. As a result, the CIA is no longer guaranteed. This affects php-heic-to-jpg 1.0.5 and below...

IBM Notes Denial Of Service

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "IBM Notes Denial Of Service", 'Description' = %q This module exploits a vulnerability in the native browser that comes with IBM Lotus Notes. If...

CVE-2024-37084

In Spring Cloud Data Flow versions prior to 2.11.4, a malicious user who has access to the Skipper server api can use a crafted upload request to write an arbitrary file to any location on the file system which could lead to compromising the server...

Exploit for OS Command Injection in Php

CVE-2024-4577 FOFA Search： header="Xamppsinfo" || body="/...

Lot Reservation Management System - Unauthenticated File Upload and Remote Code Execution

Exploit Title: Lot Reservation Management System Unauthenticated File Upload and Remote Code Execution Google Dork: N/A Date: 10th December 2023 Exploit Author: Elijah Mandila Syoyi Vendor Homepage:...

Savant 3.0 Denial Of Service

!/usr/bin/perl use IO::Socket; Exploit Title: Savant 3.0 - Denied of Service DoS Discovery by: Fernando Mengali Discovery Date: 27 january 2024 https://sourceforge.net/projects/savant/files/Savant/3.0/Savant30.exe/download Download to demo:...

Code injection

An issue has been discovered in GitLab CE/EE affecting all versions from 16.0 prior to 16.6.6, 16.7 prior to 16.7.4, and 16.8 prior to 16.8.1 which allows an authenticated user to write files to arbitrary locations on the GitLab server while creating a workspace...

Lot Reservation Management System 1.0 Shell Upload Vulnerability

Exploit Title: Lot Reservation Management System Unauthenticated File Upload and Remote Code Execution Date: 10th December 2023 Exploit Author: Elijah Mandila Syoyi Vendor Homepage: https://www.sourcecodester.com/php/14530/lot-reservation-management-system-using-phpmysqli-source-code.html Softwar...

Path traversal

gatsby-plugin-sharp is a plugin for the gatsby framework which exposes functions built on the Sharp image processing library. The gatsby-plugin-sharp plugin prior to versions 5.8.1 and 4.25.1 contains a path traversal vulnerability exposed when running the Gatsby develop server gatsby develop. It...

CVE-2022-45434

Some Dahua software products have a vulnerability of unauthenticated un-throttled ICMP requests on remote DSS Server. After bypassing the firewall access control policy, by sending a specific crafted packet to the vulnerable interface, an attacker could exploit the victim server to launch ICMP...

CVE-2022-45434

Some Dahua software products have a vulnerability of unauthenticated un-throttled ICMP requests on remote DSS Server. After bypassing the firewall access control policy, by sending a specific crafted packet to the vulnerable interface, an attacker could exploit the victim server to launch ICMP...

Rocket.Chat: Cross-Site-Scripting in "Search Messages"

Vulnerability description not provided...

Ree6 安全漏洞

Ree6 is a Ree6 open source all-in-one Discord Bot maintained by Presti. A security vulnerability exists in Ree6 versions prior to 1.9.9 that stems from a cross-server channel exploit, which can be exploited by an attacker to send server log events to another server channel that can be used to...

Poetry Argument Injection can lead to Local Code Execution

Observation When handling dependencies that come from a Git repository instead of a registry, Poetry uses various commands, such as git clone. These commands are being constructed using user input e.g. the repository URL. When building the commands, Poetry correctly avoids Command Injection...

CVE-2021-23385

This affects all versions of package Flask-Security. When using the getpostlogoutredirect and getpostloginredirect functions, it is possible to bypass URL validation and redirect a user to an arbitrary URL by providing multiple back slashes such as \\evil.com/path. This vulnerability is only...

Exploit for CVE-2022-30190

CVE-2022-30190 Usag...

CVE-2022-24780 Code Injection in Combodo iTop

Combodo iTop is a web based IT Service Management tool. In versions prior to 2.7.6 and 3.0.0, users of the iTop user portal can send TWIG code to the server by forging specific http queries, and execute arbitrary code on the server using http server user privileges. This issue is fixed in version...

MGASA-2021-0525 Updated rsh packages fix security vulnerability

In NetKit through 0.17, rcp.c in the rcp client allows remote rsh servers to bypass intended access restrictions via the filename of . or an empty filename. The impact is modifying the permissions of the target directory on the client side. This is similar to CVE-2018-20685. CVE-2019-7282 An issu...

CVE-2021-44143

A flaw was found in mbsync in isync 1.4.0 through 1.4.3. Due to an unchecked condition, a malicious or compromised IMAP server could use a crafted mail message that lacks headers i.e., one that starts with an empty line to provoke a heap overflow, which could conceivably be exploited for remote...

CVE-2021-44143

The CVE-2021-44143 issue affects isync (mbsync) in versions prior to 1.4.4 (1.4.0–1.4.3). An unchecked condition in processing a crafted IMAP message lacking headers (starts with an empty line) can provoke a heap overflow, potentially enabling remote code execution on the client. Remediation: upg...