Millhouse-Project 1.414 Shell Upload
Authored by Chokri Hammedi
Millhouse-Project version 1.414 suffers from a remote shell upload vulnerability.
Change Mirror Download
<?php/*Exploit Title: thrsrossi Millhouse-Project 1.414 Remote Code ExecutionDate: 12/05/2023Exploit Author: Chokri HammediVendor Homepage: https://github.com/thrsrossi/Millhouse-ProjectSoftware Link:...
Millhouse-Project 1.414 Cross Site Scripting
Authored by Chokri Hammedi
Millhouse-Project version 1.414 suffers from a cross site scripting vulnerability.
Change Mirror Download
<?php/*Exploit Title: thrsrossi Millhouse-Project 1.414 - register - Reflected xssDate: 12/05/2023Exploit Author: Chokri HammediVendor Homepage:...
Advantech EKI-15XX Series Command Injection / Buffer Overflow
Authored by T. Weber, S. Dietz | Site cyberdanube.com
Advantech EKI-1524-CE series, EKI-1522 series, and EKI-1521 series suffer from command injection and buffer overflow vulnerabilities.
advisories | CVE-2023-2573, CVE-2023-2574, CVE-2023-2575
Change Mirror...
Shannon Baseband SIP Status Line Stack Buffer Overflow
Authored by Ivan Fratric, Google Security Research
There is a stack buffer overflow in Shannon Baseband when processing the status line of a SIP message (this happens in IMSPL_SipStatusLine.c according...
Shannon Baseband SIP Session-Expires Header Stack Buffer Overflow
Authored by Ivan Fratric, Google Security Research
There is a stack buffer overflow in Shannon Baseband when processing the Session-Expires header in the SIP protocol decoder (IMSPL_SipDecode.c according to the...
Shannon Baseband Negative-Size Memcpy / Out-Of-Bounds Read
Authored by Ivan Fratric, Google Security Research
There is a negative-size memcpy (heap overflow) when decoding the body of SIP multipart messages. According to debug strings in the modem image,...
FICO Origination Manager Decision Module 4.8.1 XSS / Session Hijacking
Authored by Matei Josephs
Multiple persistent cross site scripting vulnerabilities in FICO Origination Manager Decision Module version 4.8.1 allow an attacker to execute code in the context of the victim's...
Qualcomm Adreno/KGSL Insecure Secure Buffers
Authored by Jann Horn, Google Security Research
Qualcomm Adreno/KGSL suffers from an issue where secure buffers are addressable by all GPU users. Qualcomm believes this finding has no security impact...
HammerSpace GDE / GFS 4.6.6-324 Authentication Bypass
Authored by Justin Oberdorf
This utility generates the TOTP passcode used to sign in as the support service account user for HammerSpace GFS default installations. Both the OVA and ISO...
Spryker Commerce OS 1.0 SQL Injection
Authored by David Brown | Site schutzwerk.com
An SQL injection vulnerability affecting Spryker-based webshops was discovered in the order history search form. It can be exploited by authenticated attackers in...