Exploits & CVE's

Authored by indoushka SPIP version 4.2.11 suffers from a code execution vulnerability. Change Mirror Download =============================================================================================================================================| # Title : SPIP 4.2.11 PHP Code execution Vulnerability ...

Authored by Md. Sadikul Islam Helpdeskz version 2.0.2 suffers from a persistent cross site scripting vulnerability. Change Mirror Download # Exploit Title: Stored XSS Vulnerability via File Name# Google Dork: N/A# Date:...

Authored by Catalin Iovita, Alexandru Postolache Calibre Web version 0.6.21 suffers from a persistent cross site scripting vulnerability. advisories | CVE-2024-39123 Change Mirror Download # Exploit Title: Stored XSS in Calibre-web# Date: 07/05/2024#...

Authored by Riccardo Degli Esposti, Alessio Romano Invesalius versions 3.1.99991 through 3.1.99998 suffer from a remote code execution vulnerability. The exploitation steps of this vulnerability involve the use of a...

Authored by Hosein Vita PlantUML version 1.2024.6 suffers from a cross site scripting vulnerability. Change Mirror Download #Exploit Title: PlantUML version 1.2024.6 Cross Site Scripting (XSS)#Date: 23/08/2024#Exploit Author: Hosein Vita#Vendor Homepage: https://plantuml.com/#Version:...

Authored by Sebastian Hamann | Site syss.de DiCal-RED version 4009 provides a Telnet service on TCP port 23. This service grants access to an interactive shell as the system's root...

Authored by Sebastian Hamann | Site syss.de DiCal-RED version 4009 has a password that is stored in the file /etc/deviceconfig as a plain MD5 hash, i.e. without any salt or...

Authored by Sebastian Hamann | Site syss.de DiCal-RED version 4009 provides an administrative web interface that requests the administrative system password before it can be used. Instead of submitting the...

Authored by Sebastian Hamann | Site syss.de DiCal-RED version 4009 has an administrative web interface that is vulnerable to path traversal attacks in several places. The functions to download or...

Authored by Sebastian Hamann | Site syss.de DiCal-RED version 4009 is vulnerable to unauthorized log access and other files on the device's file system due to improper authentication checks. advisories |...