CVE-2025-1782

In HylaFAX Enterprise Web Interface and AvantFAX, the language form element is not properly sanitized before being used and can be misused to include an arbitrary file in the PHP code allowing an attacker to do anything as the web server user. This flaw requires the attacker to be authenticated...

D-Link DIR-859 Authentication Bypass Vulnerability

The D-Link DIR-859 is a wireless router from China's AUO D-Link. The D-Link DIR-859 suffers from an authentication bypass vulnerability that stems from a lack of valid authentication in phpcgimain, which can be exploited by an attacker to bypass authentication...

Unchecked hostname resolution could allow access to local network resources by users outside the local network

Impact A newly implemented route allowing users to download files from remote endpoints was not properly verifying the destination hostname for user provided URLs. This would allow malicious users to potentially access resources on local networks that would otherwise be inaccessible. This...

CVE-2020-4434

Certain IBM Aspera applications are vulnerable to buffer overflow based on the product configuration and valid authentication, which could allow an attacker with intimate knowledge of the system to execute arbitrary code or perform a denial-of-service DoS through the http fallback service. IBM...

IPSwitch IMail 8.13 - 'DELETE' Remote Stack Overflow

!/usr/bin/perl -w IPSwitch-IMail-8.13-DELETE Discovered by : Muts Coded by : Zatlander WWW.WHITEHAT.CO.IL Plain vanilla stack overflow in the DELETE command Restrictions: - Need valid authentication credentials - Input buffer only allows characters between x20 - x7e Credits: -...

IPSwitch IMail 8.13 (DELETE) Remote Stack Overflow Exploit

No description provided by source. !/usr/bin/perl -w IPSwitch-IMail-8.13-DELETE Discovered by : Muts Coded by : Zatlander WWW.WHITEHAT.CO.IL Plain vanilla stack overflow in the DELETE command Restrictions: - Need valid authentication credentials - Input buffer only allows characters between x20 -...

Kerio MailServer 5.6.3 Remote Buffer Overflow Exploit

Exploit for linux platform in category remote exploits ===================================================== Kerio MailServer 5.6.3 Remote Buffer Overflow Exploit ===================================================== / Remote Buffer Overflow Exploit for Kerio MailServer 5.6.3 / /...

Kerio MailServer 5.6.3 - Remote Buffer Overflow

/ Remote Buffer Overflow Exploit for Kerio MailServer 5.6.3 / / ========================================= / / By B-r00t / / / / In response to the Kerio Mailserver vulnerabilities / / discovered by David F.Madrid. / / / / Although this exploit requires valid authentication / / details, it is...

Microsoft IIS 4.0/5.0/5.1 - Authentication Method Disclosure

source: https://www.securityfocus.com/bid/4235/info Microsoft IIS supports Basic and NTLM authentication. Reportedly, the authentication methods supported by a given IIS server can be revealed to an attacker through the inspection of returned error messages, even when anonymous access is also...