Exploit for Deserialization of Untrusted Data in Facebook React

CVE-2025-55182 — React2Shell Unauthenticated RCE in React Ser...

PT-2025-51311

Name of the Vulnerable Software and Affected Versions Ateme TITAN File version 3.9.12.4 Description The software contains an authenticated server-side request forgery issue in the job callback URL parameter. This allows attackers to bypass network restrictions. Exploitation involves an unvalidate...

Exploit for Deserialization of Untrusted Data in Facebook React

🛡️ RSC Sentinel Pro Advanced React Server Components R...

CVE-2024-25063

Due to insufficient server-side validation, a successful exploit of this vulnerability could allow an attacker to gain access to certain URLs that the attacker should not have access to...

Default configuration

An issue was discovered in Appalti & Contratti 9.12.2. The target web applications LFS and DL229 expose a set of services provided by the Axis 1.4 instance, embedded directly into the applications, as hinted by the WEB-INF/web.xml file leaked through Local File Inclusion. Among the exposed...

OpenSMTPD < 6.6.3p1 - Local Privilege Escalation / Remote Code Execution Exploit

/ LPE and RCE in OpenSMTPD's default install CVE-2020-8794 Copyright C 2020 Qualys, Inc. This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or at...

CVE-2017-9413

Multiple cross-site request forgery CSRF vulnerabilities in the Podcast feature in Subsonic 6.1.1 allow remote attackers to hijack the authentication of users for requests that 1 subscribe to a podcast via the add parameter to podcastReceiverAdmin.view or 2 update Internet Radio Settings via the...

DELTAScripts PHPLinks (catid) SQL Injection Vulnerability

Exploit for unknown platform in category web applications ========================================================= DELTAScripts PHPLinks catid SQL Injection Vulnerability ========================================================= / Name : DELTAScripts PHPLinks Vuln : SQL Injection Author : Hamza...

PLE CMS 1.0 beta 4.2 (login.php school) Blind SQL Injection Exploit

No description provided by source. --+++==============================================================+++-- --+++====== PLE CMS 1.0 beta 4.2 Blind SQL Injection Exploit ======+++-- --+++==============================================================+++-- ?php function query $user, $pos, $chr $quer...

cnn-xss.txt

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Dear CNN, I recently discovered a security vulnerability on the www.cnn.com website. I believe the vulnerability can be used by a remote user to alter content on www.cnn.com. On 10 Nov 2008, I wrote to...

eBD-en.txt

=============================== - Advisory - =============================== Tittle: Several flaws in e-business designer Risk: Critical Date: 03.May.2006 Author: Pedro Andújar URL: http://www.digitalsec.es http://www.514.es/ .: INTRO :. eBD is an Integrated Development Environment for the...