QT TIFF Processing Out-Of-Bounds Read
Authored by Google Security Research, natashenka
The QImageReader class can read out-of-bounds when converting a specially-crafted TIFF file into a QImage, where the TIFF tile length is inconsistent with the...
RarmaRadio 2.72.8 Denial Of Service
Authored by Ismael Nava
RarmaRadio version 2.72.8 denial of service proof of concept exploit.
Change Mirror Download
# Exploit Title: RarmaRadio 2.72.8 - Denial of Service (PoC)# Date: 2021-05-25# Exploit Author: Ismael...
ProFTPd 1.3.5 Remote Command Execution
Authored by Shellbr3ak
ProFTPd version 1.3.5 remote command execution exploit. This is a variant of the original vulnerability discovered in 2015 with credit going to R-73eN.
advisories | CVE-2015-3306
Change Mirror Download
#...
Nagios XI / Fusion Privilege Escalation / Cross Site Scripting / Code Execution
Authored by Shahar Zini, Samir Ghanem | Site skylightcyber.com
Skylight Cyber has identified a total of 13 vulnerabilities in Nagios XI and Nagios Fusion servers. These include remote code execution,...
Pluck CMS 4.7.13 Remote Shell Upload
Authored by Ron Jost
Pluck CMS version 4.7.13 suffers from a remote shell upload vulnerability.
advisories | CVE-2020-29607
Change Mirror Download
# Exploit Title: Pluck CMS 4.7.13 - File Upload Remote Code Execution...
i-doit 1.15.2 Cross Site Scripting
Authored by nu11secur1ty
i-doit version 1.15.2 suffers from a cross site scripting vulnerability.
advisories | CVE-2021-3151
Change Mirror Download
# Exploit Title: SXX for i-doit 1.15.2 in parameret (viewMode) from Infrastructure# Author: @nu11secur1ty#...
nginx 1.20.0 DNS Resolver Off-By-One Heap Write
Authored by Markus Vervier, Eric Sesterhenn, Luis Merino
An off-by-one error in ngx_resolver_copy() while processing DNS responses allows a network attacker to write a dot character ('.', 0x2E) out of...
iDailyDiary 4.30 Denial Of Service
Authored by Ismael Nava
iDailyDiary version 4.30 suffers from a denial of service vulnerability.
Change Mirror Download
# Exploit Title: iDailyDiary 4.30 - Denial of Service (PoC)# Date: 2021-05-21# Exploit Author: Ismael...
Shopizer 2.16.0 Cross Site Scripting
Authored by Marek Toth
Shopizer versions 2.16.0 and below suffer from multiple cross site scripting vulnerabilities.
Change Mirror Download
# Exploit Title: Shopizer <= 2.16.0 - Multiple Cross-Site Scripting (XSS)# Date: 23-05-2021#...
PHP 8.1.0-dev Backdoor Remote Command Injection
Authored by Richard Jones
PHP version 8.1.0-dev backdoor unauthenticated remote command injection exploit.
Change Mirror Download
# Exploit Title: PHP 8.1.0-dev (backdoor) | Remote Command Injection (Unauthenticated)# Date: 23/05/2021# Exploit Author: Richard...
