Lucene search
K

19 matches found

GithubExploit
GithubExploit
added 2025/07/01 1:48 p.m.283 views

Exploit for Inclusion of Functionality from Untrusted Control Sphere in Sudo_Project Sudo

CVE-2025-32463 – Sudo chroot Privilege Escalation PoC This...

9.3CVSS9.7AI score0.47467EPSS
Exploits70
GithubExploit
GithubExploit
added 2025/05/20 10:42 a.m.297 views

Exploit for CVE-2025-47827

CVE-2025-47827 !GitHub licensehttps://img.shields.io/gith...

8.4CVSS8.2AI score0.03817EPSS
Exploits2
GithubExploit
GithubExploit
added 2025/03/07 12:48 a.m.617 views

Exploit for Path Traversal in Ghost

CVE-2023-40028: Ghost CMS Symlink Exploitation PoC Overv...

6.5CVSS6.3AI score0.57565EPSS
Exploits12
Code423n4
Code423n4
added 2023/03/30 12:0 a.m.11 views

Spot UniswapV3 pricing for rETH when staking in SafEth can lead to loss of user funds

Lines of code Vulnerability details Impact An attacker can craft a set of transactions so that when they are depositing funds in the SafEth contract, using the stake function, they can understate the value of existing deposits preDepositPrice value, while overstating the value of their deposit...

6.8AI score
Exploits0
Huntr
Huntr
added 2020/11/18 12:0 a.m.16 views

Prototype Pollution in maikelvl/dot-json

Description dot-json is vulnerable to Prototype Pollution. This package allowing for modification of prototype behavior, which may result in Information Disclosure/DoS/RCE. Proof of Concept 1. Create the following PoC file: js // poc.js var dotJson = require"dot-json" var myfile = new...

1.8AI score
Exploits0
seebug.org
seebug.org
added 2014/02/24 12:0 a.m.17 views

ThinkSAAS SQL注入漏洞打包6-10

简要描述: 详细说明: 上个注入大礼包,终于走了一个大厂商! 看来还是打包来的划算,最后一个注入大礼包了。 这个漏洞完了,回给出修复方案,求给力! 第一处SQL注入 /app/group/action/add.php // 执行发布帖子 case "do" : if $POST 'token' != $SESSION 'token' tsNotice '非法操作!' ; $authcode = strtolower $POST 'authcode' ; if $TSSITE 'base' 'isauthcode' if $authcode != $SESSION 'verify'...

7.1AI score
Exploits0
0day.today
0day.today
added 2013/08/12 12:0 a.m.29 views

Jetaudio 8.0.17 Crash Proof Of Concept

References: http://downloads.securityfocus.com/vulnerabilities/exploits/61400.py http://packetstormsecurity.com/files/122504/Jetaudio-8.0.17-Crash-Proof-Of-Concept.html http://cxsecurity.com/issue/WLB-2013070167 -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'...

7.1AI score
Exploits0
exploitpack
exploitpack
added 2010/01/01 12:0 a.m.43 views

UCStats 1.1 - SQL Injection

UCStats 1.1 - SQL Injection UCStats 1.1 Remote SQL Injection Vulnerability Author: Sora Contact: vhr95zw at hotmail dot com Website: http://greyhathackers.wordpress.com/ Google Dork: "Powered by UCStats version 1.1" Vulnerability Description: UCStats version 1.1 suffers a remote SQL injection...

0.2AI score
Exploits0
exploitpack
exploitpack
added 2009/04/14 12:0 a.m.14 views

Jamroom 4.0.2 - t Local File Inclusion

Jamroom 4.0.2 - t Local File Inclusion o-----------------------------------------------------------------------------------------------------------------x | Local File Include Vulnerability | o------------------------------------------------------------------------------------o | Software : Jamro...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2009/02/02 12:0 a.m.34 views

RealVNC 4.1.2 - 'vncviewer.exe' RFB Protocol Remote Code Execution (PoC)

!/usr/bin/env python POC: RealVNC 4.1.2 'vncviewer.exe' RFB Protocol Remote Code Execution Vulnerability, BID 30499 Author: Andres Lopez Luksenberg import socket serversocket = socket.socketsocket.AFINET, socket.SOCKSTREAM serversocket.bind'', 5900 serversocket.listen1 while True: clientsocket,...

7AI score
Exploits0
securityvulns
securityvulns
added 2007/12/20 12:0 a.m.40 views

[Full-disclosure] HP eSupportDiagnostics hpediags.dll Information Disclosure

The HP eSupportDiagnostics hpediag.dll exposes some methods that allow the reading of arbitrary files and registry values. hpediag.dll, version 1.0.11.0 PoC as follows: --------------------- html head script language="JavaScript" DEFER function Check var out = fileUtil.ReadTextFilesomePath; var o...

0.4AI score
Exploits0
Packet Storm
Packet Storm
added 2005/07/13 12:0 a.m.34 views

wms_poc.pl.txt

SoftiaCom MailServer v2.0 - Denial Of Service Software: wMailServer Corporation: SoftiaCom Software Version: v1.0 v2.0 is the same... Vulnerability: Denial of Service ------------------------------------------ BACKGROUND SoftiaCom design and build software utilities in communication and network...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2005/06/18 12:0 a.m.31 views

phpCMS12x.txt

SEC-CONSULT Security Advisory 20050602-1 ======================================================================= title: Arbitrary File Inclusion in phpCMS 1.2.x program: phpCMS vulnerable version: 1.2.0, 1.2.1, 1.2.1pl1 homepage: www.phpcms.de found: 2005-05-31 by: sk0L / SEC-CONSULT /...

7.4AI score
Exploits0
seebug.org
seebug.org
added 2005/02/17 12:0 a.m.14 views

3Com Ftp Server 2.0 Remote Overflow Exploit

No description provided by source. / Email fixed brotha /str0ke / / 3Com Ftp Server remote overflow exploit author : c0d3r "kaveh razavi" [email protected] package : 3CDaemon version 2.0 revision 10 advisory : http://secway.org/advisory/ad20041011.txt company address : 3com.com it is just a...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2004/12/30 12:0 a.m.43 views

wgettrap.txt

!/usr/bin/perl -W wgettrap.poc -- A POC for the wget1 directory traversal vulnerability Copyright 2004 Jan Min=C3=A1=C5=99 jjminar fastmail fm License: Public Domain - SECU When wget connects to us, we send it a HTTP redirect constructed so that wget wget will connect the second time, it will be...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2004/09/08 12:0 a.m.34 views

[XSS] PHP-Nuke 7.4 Newsletter Injection Bug

CODEBUG Labs Advisory 5 Title: Newsletter Injection Bug Author: Pierquinto 'Mantra' Manco Product: PHP-Nuke 7.4 Type: XSS Web: http://www.mantralab.org Newsletter Injection Bug - Description PHP-Nuke is a very bugged web CMS, version 7.4 has critical XSS bug that permit to an attacker to post...

Exploits0
exploitpack
exploitpack
added 2004/02/18 12:0 a.m.37 views

Linux Kernel 2.2.252.4.242.6.2 - mremap() Validator

Linux Kernel 2.2.252.4.242.6.2 - mremap Validator / Proof-of-concept exploit code for domremap 2 EDB Note: This is NOT to be confused with CVE-2003-0985 // https://www.exploit-db.com/exploits/141/, which would be "domremap 1". EDB Note: This will just "test" the vulnerability. A exploit version c...

7.2CVSS0.01233EPSS
Exploits3
Exploit DB
Exploit DB
added 2004/01/06 12:0 a.m.42 views

Linux Kernel 2.4.23/2.6.0 - 'do_mremap()' Bound Checking Validator (1)

/ EDB Note: This will just "test" the vulnerability. EDB Note: An exploit version can be found here https://www.exploit-db.com/exploits/145/ / / Proof-of-concept exploit code for domremap Copyright C 2004 Christophe Devine and Julien Tinnes This program is free software; you can redistribute it...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2003/09/01 12:0 a.m.41 views

eMule/xMule/LMule - OP_SERVERMESSAGE Format String

/ eMule/xMule/LMule OPSERVERMESSAGE Format String Vulnerability SecurityFocus BID 8443 proof of concept code version 1.0 Aug 29 2003 by Rémi Denis-Courmont This vulnerability was found by: Stefan Esser whose original advisory may be fetched from: http://security.e-matters.de/advisories/022003.htm...

7.4AI score
Exploits0
Rows per page
Query Builder