MAL-2025-41586 Malicious code in oneauth-win64 (npm)

--- -= Per source details. Do not edit below this line.=-...

Malicious code in oneauth-win64 (npm)

--- -= Per source details. Do not edit below this line.=-...

Employee And Visitor Gate Pass Logging System 1.0 SQL Injection Vulnerability

Employee and Visitor Gate Pass Logging System version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass. Exploit Title: Employee and Visitor Gate Pass Logging System - SQLi Authentication Bypass Exploit Author: Furkan Eren Tetik Vendor Homepage:...

Bludit 3-14-1 Plugin (UploadPlugin) - Remote Code Execution (Authenticated) Vulnerability

Exploit Title: Bludit 3-14-1 Plugin 'UploadPlugin' - Remote Code Execution RCE Authenticated Exploit Author: Alperen Ergel Contact: @alpernae IG/TW Software Homepage: https://www.bludit.com/ Version : 3-14-1 Tested on: windows 11 wampserver | Kali linux Category: WebApp Google Dork: intext:'2022...

K15376: OpenSSL 0.9.8k vulnerability CVE-2009-0789

Security Advisory Description OpenSSL before 0.9.8k on WIN64 and certain other platforms does not properly handle a malformed ASN.1 structure, which allows remote attackers to cause a denial of service invalid memory access and application crash by placing this structure in the public key of a...

TextPattern CMS 4.8.7 Shell Upload

Exploit Title: TextPattern CMS 4.8.7 - Remote Command Execution RCE Authenticated Date: 2021/09/06 Exploit Author: Mert Daş [email protected] Software Link: https://textpattern.com/filedownload/113/textpattern-4.8.7.zip Software web: https://textpattern.com/ Tested on: Server: Xampp First of...

TextPattern CMS 4.8.7 - Remote Command Execution Vulnerability

Exploit Title: TextPattern CMS 4.8.7 - Remote Command Execution RCE Authenticated Exploit Author: Mert Daş email protected Software Link: https://textpattern.com/filedownload/113/textpattern-4.8.7.zip Software web: https://textpattern.com/ Tested on: Server: Xampp First of all we should use file...

Selea CarPlateServer 4.0.1.6 Remote Program Execution

Selea CarPlateServer CPS v4.0.1.6 Remote Program Execution Vendor: Selea s.r.l. Product web page: https://www.selea.com Affected version: 4.0.1.6210120 4.013201105 3.100200225 3.005191206 3.005191112 Summary: Our CPS Car Plate Server software is an advanced solution that can be installed on...

The vulnerability of the information protection tool against unauthorized access—Akord-Win64—allows a intruder to gain access to confidential information.

The vulnerability of the Akord-Win64 information protection tool against unauthorized access is related to deficiencies in security mechanisms when working with hidden files and directories. Exploiting this vulnerability could allow a malicious actor, operating locally, to gain access to...

The vulnerability of the AppInit_DLLs parameter in the Akord-Win64 information protection tool allows a hacker to execute arbitrary code.

The vulnerability of the AppInitDLLs parameter in the Accord-Win64 information protection tool is related to deficiencies in the mechanism for calling system libraries. Exploiting this vulnerability allows a perpetrator to execute arbitrary code using a specially crafted DLL library, by placing i...

RealPlayer 18.1.5.705 - '.QCP' Crash (PoC) Exploit

Exploit for windows platform in category dos / poc RealPlayer 18.1.5.705 - '.QCP' Crash PoC Exploit Tested on: Win7 / Win10 x64 Date: October 20th 2016 Vendor homepage: http://www.real.com Software link:...

CVE-2009-0789

OpenSSL before 0.9.8k on WIN64 and certain other platforms does not properly handle a malformed ASN.1 structure, which allows remote attackers to cause a denial of service invalid memory access and application crash by placing this structure in the public key of a certificate, as demonstrated by ...

up.time 7.5.0 - Superadmin Privilege Escalation

up.time 7.5.0 - Superadmin Privilege Escalation ...

up.time 7.5.0 - Upload and Execute

up.time 7.5.0 - Upload and Execute up.time 7.5.0 Upload And Execute File Exploit Vendor: Idera Inc. Product web page: http://www.uptimesoftware.com Affected version: 7.5.0 build 16 and 7.4.0 build 13 Summary: The next-generation of IT monitoring software. Desc: up.time suffers from arbitrary...

up.time 7.5.0 Upload And Execute File Exploit

Summary The next-generation of IT monitoring software. Description up.time suffers from arbitrary command execution. Attackers can exploit this issue using the monitor service feature and adding a command with respected arguments to given binary for execution. In combination with the CSRF,...

Immunity Canvas: ADOBE_FLASH_VALUEOF

Name| adobeflashvalueof ---|--- CVE| CVE-2015-5119 Exploit Pack| CANVAS Description| adobeflashvalueof Notes| CVE Name: CVE-2015-5119 VENDOR: Adobe Notes: Tested on: - Windows 7 x86/x64 IE32/64 8, 9, 11 This module exploits a use after free vulnerability on Adobe Flash Player. When you have a...

CrowdStrike found Windows x64 to mention the right to 0day (CVE-2 0 1 4-4 1 1 3)-vulnerability warning-the black bar safety net

Monitoring the program to display from the WEBSHELL using Win64. exe to elevate permissions | 1 | net localgroup administrators admin /add ---|--- 1 2 3 4 next...

Immunity Canvas: ADOBE_FLASH_COPYPIXELSTOBYTEARRAY

Name| adobeflashcopypixelstobytearray ---|--- CVE| CVE-2014-0556 Exploit Pack| CANVAS Description| adobeflashcopypixelstobytearray Notes| CVE Name: CVE-2014-0556 VENDOR: Adobe Notes: This module exploits a heap based buffer overflow on Adobe Flash Player when copying data from a BitmapData object...

Win64 bit/xp Calculator Shellcode

+Exploit Title: Win64 bit/xp Calculator Shellcode +Author : ^Xecuti0N3r +Tested On : WIN64-XP include include include int main char shellc = "\xeb\x16\x5b\x50\x88\x43\x09\x53\xbb\x0d\x25\x86\x7c\xff\xd3\x31\xc0\xbb\x12\xcb\x81\x7c\xff\xd3\xe8\xe5\xff\xff\xff" "\x63\x61\x6c\x63\x2e" "\x65\x78\x65"...

CVE-2009-0789

OpenSSL before 0.9.8k on WIN64 and certain other platforms does not properly handle a malformed ASN.1 structure, which allows remote attackers to cause a denial of service invalid memory access and application crash by placing this structure in the public key of a certificate, as demonstrated by ...