High Infinity Technology HiKam S6 1.3.26 Spoofing / Broken Authentication
Authored by Gerhard Hechenberger, S. Robertz | Site sec-consult.com
High Infinity Technology HiKam S6 versions 1.3.26 and below suffer from broken authentication, enumeration, message protocol downgrade, insufficient use of cryptography,...
Magento 2.4.6 XSLT Server Side Injection / Command Execution
Authored by tmrswrr
Magento version 2.4.6 suffers from an XSLT server side injection vulnerability that allows for remote command execution.
Change Mirror Download
Exploit Title: Magento ver. 2.4.6 - XSLT Server Side...
Legends Of IdleOn Random Number Generation Manipulation
Authored by Soatok Dreamseeker | Site gist.github.com
Legends of IdleOn suffers from use of an insecure random number generator that can be replaced by a malicious user.
Foxit PDF Editor (iOS) 11.3.1 Arbitrary File Upload
Authored by Saud Alenazi
Foxit PDF Editor (iOS) version 11.3.1 suffers from an arbitrary file upload vulnerability.
Change Mirror Download
# Exploit Title: Foxit PDF Editor (iOS) - Arbitrary File Upload (Unauthenticated)#...
Git LFS Clone Command Execution
Authored by Shelby Pace, Matheus Tavares, Johannes Schindelin | Site metasploit.com
Git clients that support delay-capable clean / smudge filters and symbolic links on case-insensitive file systems are vulnerable to...
Internet Radio auna IR-160 SE UIProto DoS / XSS / Missing Authentication
Authored by naphthalin
Internet Radio auna IR-160 SE using the UIProto firmware suffers from missing authentication, cross site scripting, and denial of service vulnerabilities.
advisories | CVE-2019-13473, CVE-2019-13474
Change Mirror Download
The internet...
Freefloat FTP Server 1.0 Buffer Overflow
Authored by Waqas Ahmed Faroouqi
Freefloat FTP Server version 1.0 suffers from a remote buffer overflow vulnerability.
Change Mirror Download
#Exploit title: Freefloat FTP Server 1.0 - 'PWD' Remote Buffer Overflow#Date: 08/22/2023#Exploit...
ebankIT 6 Cross Site Scripting
Authored by Jake Murphy
ebankIT versions prior to 7 suffer from a cross site scripting vulnerability.
advisories | CVE-2023-30454
Change Mirror Download
CVE-2023-30454An issue was discovered in ebankIT before version 7.Document Object Model...
TinyWebGallery 2.5 Cross Site Scripting
Authored by Mirabbas Agalarov
TinyWebGallery version 2.5 suffers from a persistent cross site scripting vulnerability.
Change Mirror Download
#Exploit Title: TinyWebGallery v2.5 - Stored Cross-Site Scripting (XSS)#Application: TinyWebGallery#Version: v2.5#Bugs: Stored Xss#Technology:...
Cisco HyperFlex HX Data Platform File Upload / Remote Code Execution
Authored by wvu, Mikhail Klyuchnikov, jheysel-r7, Nikita Abramov | Site metasploit.com
This Metasploit module exploits an unauthenticated file upload vulnerability in Cisco HyperFlex HX Data Platform's /upload endpoint to upload...
