19 matches found
Exploit for Inclusion of Functionality from Untrusted Control Sphere in Sudo_Project Sudo
CVE-2025-32463 – Sudo chroot Privilege Escalation PoC This...
Exploit for CVE-2025-47827
CVE-2025-47827 !GitHub licensehttps://img.shields.io/gith...
Exploit for Path Traversal in Ghost
CVE-2023-40028: Ghost CMS Symlink Exploitation PoC Overv...
Spot UniswapV3 pricing for rETH when staking in SafEth can lead to loss of user funds
Lines of code Vulnerability details Impact An attacker can craft a set of transactions so that when they are depositing funds in the SafEth contract, using the stake function, they can understate the value of existing deposits preDepositPrice value, while overstating the value of their deposit...
Prototype Pollution in maikelvl/dot-json
Description dot-json is vulnerable to Prototype Pollution. This package allowing for modification of prototype behavior, which may result in Information Disclosure/DoS/RCE. Proof of Concept 1. Create the following PoC file: js // poc.js var dotJson = require"dot-json" var myfile = new...
ThinkSAAS SQL注入漏洞打包6-10
简要描述: 详细说明: 上个注入大礼包,终于走了一个大厂商! 看来还是打包来的划算,最后一个注入大礼包了。 这个漏洞完了,回给出修复方案,求给力! 第一处SQL注入 /app/group/action/add.php // 执行发布帖子 case "do" : if $POST 'token' != $SESSION 'token' tsNotice '非法操作!' ; $authcode = strtolower $POST 'authcode' ; if $TSSITE 'base' 'isauthcode' if $authcode != $SESSION 'verify'...
Jetaudio 8.0.17 Crash Proof Of Concept
References: http://downloads.securityfocus.com/vulnerabilities/exploits/61400.py http://packetstormsecurity.com/files/122504/Jetaudio-8.0.17-Crash-Proof-Of-Concept.html http://cxsecurity.com/issue/WLB-2013070167 -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'...
UCStats 1.1 - SQL Injection
UCStats 1.1 - SQL Injection UCStats 1.1 Remote SQL Injection Vulnerability Author: Sora Contact: vhr95zw at hotmail dot com Website: http://greyhathackers.wordpress.com/ Google Dork: "Powered by UCStats version 1.1" Vulnerability Description: UCStats version 1.1 suffers a remote SQL injection...
Jamroom 4.0.2 - t Local File Inclusion
Jamroom 4.0.2 - t Local File Inclusion o-----------------------------------------------------------------------------------------------------------------x | Local File Include Vulnerability | o------------------------------------------------------------------------------------o | Software : Jamro...
RealVNC 4.1.2 - 'vncviewer.exe' RFB Protocol Remote Code Execution (PoC)
!/usr/bin/env python POC: RealVNC 4.1.2 'vncviewer.exe' RFB Protocol Remote Code Execution Vulnerability, BID 30499 Author: Andres Lopez Luksenberg import socket serversocket = socket.socketsocket.AFINET, socket.SOCKSTREAM serversocket.bind'', 5900 serversocket.listen1 while True: clientsocket,...
[Full-disclosure] HP eSupportDiagnostics hpediags.dll Information Disclosure
The HP eSupportDiagnostics hpediag.dll exposes some methods that allow the reading of arbitrary files and registry values. hpediag.dll, version 1.0.11.0 PoC as follows: --------------------- html head script language="JavaScript" DEFER function Check var out = fileUtil.ReadTextFilesomePath; var o...
wms_poc.pl.txt
SoftiaCom MailServer v2.0 - Denial Of Service Software: wMailServer Corporation: SoftiaCom Software Version: v1.0 v2.0 is the same... Vulnerability: Denial of Service ------------------------------------------ BACKGROUND SoftiaCom design and build software utilities in communication and network...
phpCMS12x.txt
SEC-CONSULT Security Advisory 20050602-1 ======================================================================= title: Arbitrary File Inclusion in phpCMS 1.2.x program: phpCMS vulnerable version: 1.2.0, 1.2.1, 1.2.1pl1 homepage: www.phpcms.de found: 2005-05-31 by: sk0L / SEC-CONSULT /...
3Com Ftp Server 2.0 Remote Overflow Exploit
No description provided by source. / Email fixed brotha /str0ke / / 3Com Ftp Server remote overflow exploit author : c0d3r "kaveh razavi" [email protected] package : 3CDaemon version 2.0 revision 10 advisory : http://secway.org/advisory/ad20041011.txt company address : 3com.com it is just a...
wgettrap.txt
!/usr/bin/perl -W wgettrap.poc -- A POC for the wget1 directory traversal vulnerability Copyright 2004 Jan Min=C3=A1=C5=99 jjminar fastmail fm License: Public Domain - SECU When wget connects to us, we send it a HTTP redirect constructed so that wget wget will connect the second time, it will be...
[XSS] PHP-Nuke 7.4 Newsletter Injection Bug
CODEBUG Labs Advisory 5 Title: Newsletter Injection Bug Author: Pierquinto 'Mantra' Manco Product: PHP-Nuke 7.4 Type: XSS Web: http://www.mantralab.org Newsletter Injection Bug - Description PHP-Nuke is a very bugged web CMS, version 7.4 has critical XSS bug that permit to an attacker to post...
Linux Kernel 2.2.252.4.242.6.2 - mremap() Validator
Linux Kernel 2.2.252.4.242.6.2 - mremap Validator / Proof-of-concept exploit code for domremap 2 EDB Note: This is NOT to be confused with CVE-2003-0985 // https://www.exploit-db.com/exploits/141/, which would be "domremap 1". EDB Note: This will just "test" the vulnerability. A exploit version c...
Linux Kernel 2.4.23/2.6.0 - 'do_mremap()' Bound Checking Validator (1)
/ EDB Note: This will just "test" the vulnerability. EDB Note: An exploit version can be found here https://www.exploit-db.com/exploits/145/ / / Proof-of-concept exploit code for domremap Copyright C 2004 Christophe Devine and Julien Tinnes This program is free software; you can redistribute it...
eMule/xMule/LMule - OP_SERVERMESSAGE Format String
/ eMule/xMule/LMule OPSERVERMESSAGE Format String Vulnerability SecurityFocus BID 8443 proof of concept code version 1.0 Aug 29 2003 by Rémi Denis-Courmont This vulnerability was found by: Stefan Esser whose original advisory may be fetched from: http://security.e-matters.de/advisories/022003.htm...