Exploits & CVE's

Authored by EgiX | Site karmainsecurity.com XenForo versions 2.2.13 and below suffer from a zip slip filename traversal vulnerability in ArchiveImport.php. Change Mirror Download ------------------------------------------------------------XenForo <= 2.2.13 (ArchiveImport.php) Zip Slip Vulnerability------------------------------------------------------------ Software...

Authored by Fernando Mengali GlobalScape Secure FTP Server version 3.0 remote denial of service exploit. Change Mirror Download #!/usr/bin/perluse strict;use IO::Socket;print "GlobalScape Secure FTP Server 3.0 - Denial of Service ...

Authored by xer0dayz | Site sn1persecurity.com Apache Tomcat suffers from a client-side de-sync vulnerability via HTTP request smuggling. Apache Tomcat versions 8.5.7 through 8.5.63 and 9.0.0-M11 through 9.0.43 are vulnerable. advisories...

Authored by Todd J. | Site packetstormsecurity.com This archive contains all of the 140 exploits added to Packet Storm in January, 2024.

Authored by Fernando Mengali Solar FTP Server version 2.1.1 remote denial of service exploit. Change Mirror Download #!/usr/bin/python# Exploit Title: Solar FTP Server 2.1.1 PASV Command - Denial of Service (DoS)# Discovery...

Authored by Fernando Mengali War-FTPD version 1.65 remote denial of service exploit. Change Mirror Download #include <stdio.h>#include <stdlib.h>#include <string.h>#include <unistd.h>#include <sys/socket.h>#include <arpa/inet.h>void intro();void main_exploit(char *ip, int port);int main(int argc, char *argv) {...

Authored by malvuln | Site malvuln.com Trojan.Win32 BankShot malware suffers from a buffer overflow vulnerability. Change Mirror Download Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2024Original source: https://malvuln.com/advisory/f2fd6a7b400782bb43499e722fb62cf4.txtContact: [email protected]: twitter.com/malvulnThreat:...

Authored by nu11secur1ty PHPJ Callback Widget version 1.0 suffers from a persistent cross site scripting vulnerability. Change Mirror Download ## Title: PHPJ-Callback-Widget-1.0-XSS-Stored-admin-Hijacking## Author: nu11secur1ty## Date: 01/26/2024## Vendor: https://www.phpjabbers.com/## Software: https://www.phpjabbers.com/callback-widget/## Reference: https://portswigger.net/web-security/cross-site-scripting##...

Authored by Georgi Guninski Chrome version 121 suffers from a javascript fork malloc vulnerability that indicates memory corruption upon crash. Change Mirror Download Searching the web for `javascript fork malloc bomb` returns...

Authored by nu11secur1ty Interactive Floor Plan version 1.0 suffers from a cross site scripting vulnerability. Change Mirror Download ## Title: Interactive-Floor-Plan-1.0-XSS-Reflected-SESSION-Hijacking## Author: nu11secur1ty## Date: 01/28/2024## Vendor: https://www.phpjabbers.com/## Software: https://www.phpjabbers.com/interactive-floor-plan-software/#sectionDemo## Reference: https://portswigger.net/web-security/cross-site-scripting/reflected## Description:The...