Exploits & CVE's

Authored by Chokri Hammedi Millhouse-Project version 1.414 suffers from a remote shell upload vulnerability. Change Mirror Download <?php/*Exploit Title: thrsrossi Millhouse-Project 1.414 Remote Code ExecutionDate: 12/05/2023Exploit Author: Chokri HammediVendor Homepage: https://github.com/thrsrossi/Millhouse-ProjectSoftware Link:...

Authored by Chokri Hammedi Millhouse-Project version 1.414 suffers from a cross site scripting vulnerability. Change Mirror Download <?php/*Exploit Title: thrsrossi Millhouse-Project 1.414 - register - Reflected xssDate: 12/05/2023Exploit Author: Chokri HammediVendor Homepage:...

Authored by T. Weber, S. Dietz | Site cyberdanube.com Advantech EKI-1524-CE series, EKI-1522 series, and EKI-1521 series suffer from command injection and buffer overflow vulnerabilities. advisories | CVE-2023-2573, CVE-2023-2574, CVE-2023-2575 Change Mirror...

Authored by Ivan Fratric, Google Security Research There is a stack buffer overflow in Shannon Baseband when processing the status line of a SIP message (this happens in IMSPL_SipStatusLine.c according...

Authored by Ivan Fratric, Google Security Research There is a stack buffer overflow in Shannon Baseband when processing the Session-Expires header in the SIP protocol decoder (IMSPL_SipDecode.c according to the...

Authored by Ivan Fratric, Google Security Research There is a negative-size memcpy (heap overflow) when decoding the body of SIP multipart messages. According to debug strings in the modem image,...

Authored by Matei Josephs Multiple persistent cross site scripting vulnerabilities in FICO Origination Manager Decision Module version 4.8.1 allow an attacker to execute code in the context of the victim's...

Authored by Jann Horn, Google Security Research Qualcomm Adreno/KGSL suffers from an issue where secure buffers are addressable by all GPU users. Qualcomm believes this finding has no security impact...

Authored by Justin Oberdorf This utility generates the TOTP passcode used to sign in as the support service account user for HammerSpace GFS default installations. Both the OVA and ISO...

Authored by David Brown | Site schutzwerk.com An SQL injection vulnerability affecting Spryker-based webshops was discovered in the order history search form. It can be exploited by authenticated attackers in...