📄 SilverStripe 5.3.8 Cross Site Scripting

SilverStripe version 5.34.8 suffers from a persistent cross site scripting vulnerability. Exploit Title: SilverStripe 5.3.8 - Stored Cross Site Scripting XSS Authenticated Date: 2025-01-15 Exploit Author: James Nicoll Vendor Homepage: https://www.silverstripe.org/ Software Link:...

WinFTP 2.3.0 NLST Denial of Service

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'WinFTP 2.3.0 NLST Denial of Service', 'Description' = %q This module is a very rough port of Julien Bedard's PoC. You need a valid login, but eve...

Guild FTPd 0.999.8.11/0.999.14 Heap Corruption

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Guild FTPd 0.999.8.11/0.999.14 Heap Corruption', 'Description' = %q Guild FTPd 0.999.8.11 and 0.999.14 are vulnerable to heap corruption. You nee...

Unrestricted file upload

The file upload functionality is not implemented correctly and allows uploading of any type of file. As a prerequisite, it is necessary for the attacker to log into the application with a valid username...

CVE-2023-31469

A REST interface in Apache StreamPipes versions 0.69.0 to 0.91.0 was not properly restricted to admin-only access. This allowed a non-admin user with valid login credentials to elevate privileges beyond the initially assigned roles. The issue is resolved by upgrading to StreamPipes 0.92.0...

Buffer overflow

Rocket Software UniData versions prior to 8.2.4 build 3003 and UniVerse versions prior to 11.3.5 build 1001 or 12.2.1 build 2002 suffer from a buffer overflow in an API function, where a string is copied into a caller-provided buffer without checking the length. This requires a valid login to...

CVE-2023-28506 Stack buffer overflow in UniRPC service

Rocket Software UniData versions prior to 8.2.4 build 3003 and UniVerse versions prior to 11.3.5 build 1001 or 12.2.1 build 2002 suffer from a stack-based buffer overflow, where a string is copied into a buffer using a memcpy-like function and a user-provided length. This requires a valid login t...

CVE-2020-9499

Some Dahua products have buffer overflow vulnerabilities. After the successful login of the legal account, the attacker sends a specific DDNS test command, which may cause the device to go down...

Netgear DGN2200 dnslookup.cgi Command Injection Vulnerability

The NETGEAR DGN2200 is an ADSL router device. A command injection vulnerability exists in Netgear DGN2200 dnslookup.cgi. This module allows attackers to exploit the vulnerability to inject arbitrary commands by sending a specially crafted publish request with valid login details...

RhinoSoft Serv-U FTP Server 3/4/5 MDTM Command Time Argument Buffer Overflow Vulnerability (2)

No description provided by source. source: http://www.securityfocus.com/bid/9751/info Serv-U FTP Server has been reported prone to a remote stack based buffer overflow vulnerability when handling time zone arguments passed to the MDTM FTP command. The problem exists due to insufficient bounds...

Novell iManager EnteredClassName buffer overflow

Added: 07/12/2010 CVE: CVE-2010-1929 BID: 40480 OSVDB: 65737 Background Novell iManager is a web-based management interface for other Novell products. Problem A buffer overflow vulnerability in jclient.dll allows remote attackers to execute arbitrary commands by sending a specially crafted...

AdminLog 0.5 (valid_login) Authentication Bypass Vulnerability

No description provided by source. + AdminLog 0.5 Login Bypass Vulnerability + Discovered By SirGod + http://insecurity-ro.org + http://h4cky0u.org + down: http://www.manlyfamily.net/wiki/doku.php?id=programming:php:adminlog + Login Bypass - Conditions : registerglobals = ON - PoC...

Guild FTPd 0.999.8.11/0.999.14 Heap Corruption

Guild FTPd 0.999.8.11 and 0.999.14 are vulnerable to heap corruption. You need to have a valid login so you can run CWD and LIST. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Guild FTPd...

XM Easy Personal FTP Server 5.6.0 NLST DoS

This module is a port of shinnai's script. You need a valid login, but even anonymous can do it as long as it has permission to call NLST. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'XM Eas...

WinFTP 2.3.0 NLST Denial of Service

This module is a very rough port of Julien Bedard's PoC. You need a valid login, but even anonymous can do it if it has permission to call NLST. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule...

PHP-Nuke DownloadsPlus Module - Arbitrary File Upload

source: https://www.securityfocus.com/bid/28919/info The DownloadsPlus module for PHP-Nuke is prone to a vulnerability that lets remote attackers upload and execute arbitrary code because the application fails to sanitize user-supplied input. This issue permits attackers to upload arbitrary files...

Apache Tomcat - WebDAV SSL Remote File Disclosure

!/usr/bin/perl ================================================================ Apache Tomcat Remote File Disclosure Zeroday Xploit - With support for SSL MoDiFiEd version by : h3rcul3s ORiGiNaL Version by : kcdarookie aka eliteb0y / 2007 http://milw0rm.org/exploits/4530 MoDiFiCaTiOn : This code ...

Computer Associates Alert Notification Server buffer overflow

Added: 07/19/2007 CVE: CVE-2007-3825 BID: 24947 OSVDB: 36096 Background The Alert Notification Server is included with multiple Computer Associates products to provide notifications to console users. Problem The Alert Notification Server is affected by buffer overflow vulnerabilities in multiple...

Vulnerability in core server (CVE-2006-5542)

A bug in the logging of V3 protocol messages can cause a denial of service. A valid login is required to exploit this vulnerability...

Vulnerability in core server (CVE-2006-5541)

A bug in the coercion of unknown literals to ANYARRAY can cause a denial of service. A valid login is required to exploit this vulnerability...