CVE-2023-33412

The web interface in the Intelligent Platform Management Interface IPMI baseboard management controller BMC implementation on Supermicro X11 and M11 based devices, with firmware versions before 3.17.02, allows remote authenticated users to execute arbitrary commands via a crafted request targetin...

PT-2023-12987 · Western Digital · Western Digital My Cloud Os 5

Name of the Vulnerable Software and Affected Versions: Western Digital My Cloud OS 5 versions prior to 5.26.119 Description: An issue was discovered in Western Digital My Cloud OS 5 devices, allowing an attacker to execute code in the context of the root user on a vulnerable CGI file due to...

Inim Electronics Smartliving SmartLAN 6.x - Remote Command Execution Exploit

Exploit for hardware platform in category web applications Exploit Title: Inim Electronics Smartliving SmartLAN 6.x - Remote Command Execution Author: LiquidWorm Product web page: https://www.inim.biz Link:...

Usermin 1.750 - Remote Command Execution (Metasploit)

Usermin 1.750 - Remote Command Execution Metasploit This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' require 'uri' class MetasploitModule 'Usermin 1.750 - Remote Command Execution', 'Description' = %q...

Schools Alert Management Script - SQL Injection

Exploit Title: Schools Alert Management Script - SQL Injection Date: 2018-06-07 Vendor Homepage: https://www.phpscriptsmall.com/ Software Link: https://www.phpscriptsmall.com/product/schools-alert-management-system/ Category: Web Application Exploit Author: M3@Pandas Web:...

Schools Alert Management Script SQL Injection

Exploit Title: Schools Alert Management Script - SQL Injection Date: 2018-06-07 Vendor Homepage: https://www.phpscriptsmall.com/ Software Link: https://www.phpscriptsmall.com/product/schools-alert-management-system/ Category: Web Application Exploit Author: M3@Pandas Web:...

Schools Alert Management Script - SQL Injection

Schools Alert Management Script - SQL Injection Exploit Title: Schools Alert Management Script - SQL Injection Date: 2018-06-07 Vendor Homepage: https://www.phpscriptsmall.com/ Software Link: https://www.phpscriptsmall.com/product/schools-alert-management-system/ Category: Web Application Exploit...

qDecoder 4.x/5.x Remote Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/2329/info Improperly validated user-supplied input to the Content-Type header can create an overflow condition. As a result, excessive data copied onto the stack can overwrite critical parts of the stack frame such as the...

Linksys Routers Vulnerable to Remote Access Vulnerability

Linksys routers sold to consumers as a home or small office networking box are vulnerable to a simple exploit that could give an attacker remote access to the router. The vulnerabilities are wormable, yet are unrelated to the Moon worm reported last week by the SANS Institute. Linksys, which was...

ishopcart-cgi-bof.c.txt

Vendor: ishopcart inc Vendor Site: ishopcart.com Vendor Status: notified via telephone While spending a night auditing I have found 2 buffer overflows and 1 directory traversal in the ishopcart cgi, which is written in C. The directory traversal is caused by how the cgi chooses to show pages. If,...

form-totaller.txt

Content-Type: Remote Root via vulnerible CGI software Date : 13/08/2000 Sender : s1gnal9 Subject : form-totaller Vulnerible CGI X-System : UNIX/NT systems running the form-totaller CGI software X-Status : s1gnal9-ADVISORY-form-totaller.txt X-Greets : Narr0w, f0bic, VetesGirl PRODUCT NAME:...

NCSA httpd-campas 1.2 - sample script

source: https://www.securityfocus.com/bid/1975/info Campas is a sample CGI script shipped with some older versions of NCSA HTTPd, an obsolete web server package. The versions that included the script could not be determined as the server is no longer maintained, but version 1.2 of the script itse...