36 matches found
CVE-2025-11126
A security flaw has been discovered in Apeman ID71 218.53.203.117. This vulnerability affects unknown code of the file /system/www/system.ini. The manipulation results in hard-coded credentials. The attack may be performed from remote. The exploit has been released to the public and may be...
CVE-2025-11126
Vulnerability CVE-2025-11126 affects Apeman ID71. A flaw in unknown code within /system/www/system.ini enables hard-coded credentials, allowing remote takeover. Exploit has been released publicly; vendor response is not provided in the documents. Described impact includes total compromise with re...
Apeman ID71 信任管理问题漏洞
Apeman ID71 is a webcam from Apeman. The Apeman ID71 suffers from a trust management issue vulnerability that stems from the presence of hard-coded credentials in the file /system/www/system.ini, which could lead to a remote attack...
Backdoor.Win32.Agent.afq Directory Traversal
Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/853754de6b8ffbe1321a8c91aab5c232B.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Agent.afq Vulnerability: Directory Traversal Description: The malwares built-in serv...
WinRAR 5.80 XML Injection
Exploit Title: winrar External Entity Injection Exploit Author: albalawi-s Vendor Homepage: https://win-rar.com Software Link: https://win-rar.com/fileadmin/winrar-versions/winrar-x64-58b2.exe Version: 5.80 Tested on: Microsoft Windows Version 10.0.18362.418 64bit https://twitter.com/testapp poc...
GoAhead System.ini Leak
The remote server uses a version of GoAhead that allows a remote unauthenticated attacker to download the system.ini file. This file contains credentials to the web interface, ftp interface, and others. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid102174;...
MobaXterm Personal Edition 9.4 Path Traversal
Credits: John Page AKA hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/MOBAXTERM-TFTP-PATH-TRAVERSAL-REMOTE-FILE-ACCESS.txt + ISR: ApparitionSec Vendor: ===================== mobaxterm.mobatek.net Product: ===============================...
MobaXterm Personal Edition 9.4 - Directory Traversal Vulnerability
Exploit for windows platform in category remote exploits + Credits: John Page AKA hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/MOBAXTERM-TFTP-PATH-TRAVERSAL-REMOTE-FILE-ACCESS.txt + ISR: ApparitionSec Vendor: =====================...
Data Dynamics ActiveReport ActiveX (actrpt2.dll <= 2.5) Inscure Method
No description provided by source. pre codespan style=font: 10pt Courier New;span class=general1-symbol----------------------------------------------------------------------------------------------- bData Dynamics ActiveReport ActiveX Control actrpt2.dll = 2.5 SaveLayout Inscure Method/b url:...
Tiny Server 1.1.5 - Arbitrary File Disclosure Exploit
No description provided by source. !/usr/bin/perl -w Title : Tiny Server v1.1.5 Arbitrary File Disclosure Exploit Author : KaHPeSeSe Test : PERFECT XP PC1 / SP3 Date : 15/03/2012 Thanks : exploit-db.com use LWP::Simple; use LWP::UserAgent; system'color','A'; system'cls'; print \n\t\n; print...
Simple Machine Forum 2.0.x 2.0.4 - File Disclosure Directory Traversal
Simple Machine Forum 2.0.x 2.0.4 - File Disclosure Directory Traversal Exploit Title: SMF /index.php?action=admin;area=logs;sa=errorlog;file=BASE64 ENCODED FILE PATH;line=LINE NUMBER Example : /srv/www/smf/Settings.php : L3Nydi93d3cvc21mL1NldHRpbmdzLnBocA= /etc/passwd : L2V0Yy9wYXNzd2Q= SMF...
Tiny Server v1.1.5 Arbitrary File Disclosure Exploit
Exploit for windows platform in category remote exploits !/usr/bin/perl -w Title : Tiny Server v1.1.5 Arbitrary File Disclosure Exploit Author : KaHPeSeSe Test : PERFECT XP PC1 / SP3 Date : 15/03/2012 use LWP::Simple; use LWP::UserAgent; system'color','A'; system'cls'; print "\n\t\n"; print...
mySeatXT 0.164 - lang Local File Inclusion
mySeatXT 0.164 - lang Local File Inclusion source: https://www.securityfocus.com/bid/46507/info mySeatXT is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this vulnerability to obtain potentially sensitive information...
mySeatXT 0.164 - 'lang' Local File Inclusion
source: https://www.securityfocus.com/bid/46507/info mySeatXT is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this vulnerability to obtain potentially sensitive information and to execute arbitrary local scripts in...
GeoVision LiveX_v8200 ActiveX (LIVEX_~1.OCX) File Corruption PoC
Exploit for unknown platform in category remote exploits ================================================================ GeoVision LiveXv8200 ActiveX LIVEX1.OCX File Corruption PoC ================================================================ function sleepn var now = new Date; var exitTime =...
GeoVision LiveX 8200 - ActiveX 'LIVEX_~1.OCX' File Corruption
function sleepn var now = new Date; var exitTime = now.getTime + n1000; while true now = new Date; if now.getTime exitTime return; param name="FixHeight" v...
GeoVision LiveX 8200 - ActiveX LIVEX_~1.OCX File Corruption
GeoVision LiveX 8200 - ActiveX LIVEX1.OCX File Corruption function sleepn var now = new Date; var exitTime = now.getTime + n1000; while true now = new Date; if now.getTime exitTime return; par...
GeoVision ActiveX File Corruption
function sleepn var now = new Date; var exitTime = now.getTime + n1000; while true now = new Date; if now.getTime exitTime return; param name="AutoLogin" v...
Data Dynamics ActiveReport ActiveX (actrpt2.dll <= 2.5) Inscure Method
No description provided by source. pre codespan style="font: 10pt Courier New;"span class="general1-symbol"----------------------------------------------------------------------------------------------- bData Dynamics ActiveReport ActiveX Control actrpt2.dll = 2.5 "SaveLayout" Inscure Method/b ur...
Data Dynamics ActiveReport - ActiveX actrpt2.dll 2.5 Insecure Method
Data Dynamics ActiveReport - ActiveX actrpt2.dll 2.5 Insecure Method ----------------------------------------------------------------------------------------------- Data Dynamics ActiveReport ActiveX Control actrpt2.dll url: http://www.datadynamics.com/default.aspx author: shinnai mail:...