CyberPanel Command Injection
Authored by Luka Petrovic | Site github.com
Proof of concept exploit for a command injection vulnerability in CyberPanel. This vulnerability enables unauthenticated attackers to inject and execute arbitrary commands on...
Qualitor 8.24 Server-Side Request Forgery
Authored by OpenXP Research Team | Site github.com
Qualitor versions 8.24 and below suffer from an unauthenticated server-side request forgery vulnerability.
advisories | CVE-2024-48360
Change Mirror Download
# CVE-2024-48360 | Qualitor <= v8.24...
WordPress Automatic 3.92.0 Path Traversal / Server-Side Request Forgery
Authored by Quantum-Hacker | Site github.com
WordPress Automatic plugin versions 3.92.0 and below proof of concept exploit that demonstrates path traversal and server-side request forgery vulnerabilities.
advisories | CVE-2024-27954
WordPress WP-Automatic SQL Injection
Authored by Valentin Lobstein, Rafie Muhammad | Site metasploit.com
This Metasploit module exploits an unauthenticated SQL injection vulnerability in the WordPress wp-automatic plugin versions prior to 3.92.1 to achieve remote...
Xerox Printers Authenticated Remote Code Execution
Authored by Timo Longin, Tamas Jos | Site sec-consult.com
Various Xerox printers, such as models EC80xx, AltaLink, VersaLink, and WorkCentre, suffer from an authenticated remote code execution vulnerability.
advisories | CVE-2024-6333
Change...
ABB Cylon Aspect 3.08.02 logYumLookup.php Authenticated File Disclosure
Authored by LiquidWorm | Site zeroscience.mk
ABB Cylon Aspect version 3.08.02 suffers from an authenticated arbitrary file disclosure vulnerability. Input passed through the logFile GET parameter via the logYumLookup.php script...
Lawo AG vsm LTC Time Sync Path Traversal
Authored by Sandro Einfeldt, Dennis Jung | Site sec-consult.com
Lawo AG vsm LTC Time Sync versions prior to 4.5.6.0 suffer from a path traversal vulnerability.
advisories | CVE-2024-6049
Change Mirror Download
SEC Consult...
ABB Cylon Aspect 3.08.01 getApplicationNamesJS.php Building/Project Name Exposure
Authored by LiquidWorm | Site zeroscience.mk
ABB Cylon Aspect version 3.08.01 suffers from an unauthenticated building/project name exposure vulnerability.
Change Mirror Download
ABB Cylon Aspect 3.08.01 (getApplicationNamesJS.php) Building/Project Name ExposureVendor: ABB Ltd.Product...
ABB Cylon Aspect 3.08.01 persistenceManagerAjax.php Command Injection
Authored by LiquidWorm | Site zeroscience.mk
ABB Cylon Aspect version 3.08.01 suffers from an unauthenticated OS command injection vulnerability. This can be exploited to inject and execute arbitrary shell commands...
ABB Cylon Aspect 3.08.01 throttledLog.php Unauthenticated Log Disclosure
Authored by LiquidWorm | Site zeroscience.mk
ABB Cylon Aspect version 3.08.01 suffers from an unauthenticated log information disclosure vulnerability. An unauthorized attacker can reference the affected page and disclose the...
