PowerVR has an issue with missing tracking of multiple sparse mappings in DevmemIntChangeSparse2() that leads to a dangling page table entry.
426fb16d93d8096a50bbd9d26c9fe783fb082dc59ace42d221957b371d7eaae7XenForo versions 2.2.15 and below suffer from a remote code execution vulnerability in the Template system.
141922e324fd21737d323eaed2f53c7bc972900273dfc3e19ea72c0648544233XenForo versions 2.2.15 and below suffer from a cross site request forgery vulnerability in Widget::actionSave.
a2e0e2c93fd20ac00f325a1d77c282bae74c903affae30dd55518d5333641874Hospital Management System Project in ASP.Net MVC version 1 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
a527f71217d32274beae028c4fd49e504ec99bf57f1991e46fa931328924f372Bonjour Service version 3,0,0,10 suffers from an unquoted service path vulnerability.
96a6358909e31beb0326289a4ff7dfcc87a50626a1d66ff21c7c3a1445bf8796GeoServer is an open-source software server written in Java that provides the ability to view, edit, and share geospatial data. It is designed to be a flexible, efficient solution for distributing geospatial data from a variety of sources such as Geographic Information System (GIS) databases, web-based data, and personal datasets. In the GeoServer versions before 2.23.6, greater than or equal to 2.24.0, before 2.24.4 and greater than equal to 2.25.0, and before 2.25.1, multiple OGC request parameters allow remote code execution (RCE) by unauthenticated users through specially crafted input against a default GeoServer installation due to unsafely evaluating property names as XPath expressions. An attacker can abuse this by sending a POST request with a malicious xpath expression to execute arbitrary commands as root on the system.
60f349aa901f9dae2286ae790ca0dc4f7e03fb5120fbbaa6cd6f79d5a14fe921WordPress PZ Frontend Manager plugin versions 1.0.5 and below suffer from a cross site request forgery vulnerability in the change user profile picture functionality.
71b1a540c9b3265fc977fa30c1fda5b93cf9333b67a049926eee9138c3fa55c1Havoc C2 version 0.7 suffers from an unauthenticated server-side request forgery vulnerability.
230b2481f9d45d3d95942d6366c578a7c8ca2b796c5c8c16549416644fe40531Atlassian Confluence suffers from a template injection vulnerability that leads to remote code execution. This repository has three go-exploit implementations of CVE-2023-22527 that execute their payload without touching disk.
efe9acf218872fcb2aaad8260c6fdae6e0f538f783ac6624c299f3a0e4254f94This Metasploit module exploits an authenticated administrator-level vulnerability in Atlassian Confluence, tracked as CVE-2024-21683. The vulnerability exists due to the Rhino script engine parser evaluating tainted data from uploaded text files. This facilitates arbitrary code execution. This exploit will authenticate, validate user privileges, extract the underlying host OS information, then trigger remote code execution. All versions of Confluence prior to 7.17 are affected, as are many versions up to 8.9.0.
b198d9755cf50ac9c6b86be9526d83c12bdaeab6e989721de64dd0ef6781f8d3LumisXP versions 15.0.x through 16.1.x suffer from a cross site scripting vulnerability in XsltResultControllerHtml.jsp.
44811fffdad55f59cab99ee680cea0158c35b26606a7a72215c8b74fff752970LumisXP versions 15.0.x through 16.1.x suffer from a cross site scripting vulnerability in UrlAccessibilityEvaluation.jsp.
62722fa4e4796c8ac819f4f74bff3b88e4c3207619569dd0af373cca85ccd325LumisXP versions 15.0.x through 16.1.x suffer from a cross site scripting vulnerability in main.jsp
6b2f2821d4c2d0424a401ff4ad365da2713d18f6c494dadd54e7fce8dfe51786LumisXP versions 15.0.x through 16.1.x have a hardcoded privileged identifier that allows attackers to bypass authentication and access internal pages and other sensitive information.
507655a40fa21c33f270fff3ee33944627b6c9719d3c667e8ec61677948d5b35WordPress Poll Maker plugin version 5.3.2 suffers from a remote SQL injection vulnerability.
412661be72a0f1455977b2bc649510ea25f659ce8916ac1617c93065fb279cc6ESET NOD32 Antivirus version 17.2.7.0 suffers from an unquoted service path vulnerability.
15433b833752badf84eb655e3ab8d18cc641b65960b6406504c020083f4be3fbThis archive contains three proof of concepts exploit for multiple Microsoft SharePoint remote code execution vulnerabilities.
d80ffcbe99aa73f58e248f00ca3af5b3281e817bc026be01942991e895b4530aIvanti Endpoint Manager (EPM) 2022 SU5 and prior versions are susceptible to an unauthenticated SQL injection vulnerability which can be leveraged to achieve unauthenticated remote code execution.
afbe87d39c043c81d0f93f3553319f8d3bdf71f4fb0e22d349d23f26beab2503WordPress Poll plugin version 2.3.6 suffers from a remote SQL injection vulnerability.
89404e7e10cdbc8b7c46d87e4fc6a716578fba5b7b12062e8f9a7fdefcad5d93VMWare Aria Operations for Networks (vRealize Network Insight) is vulnerable to command injection when accepting user input through the Apache Thrift RPC interface. This is a proof of concept exploit.
c714227bbfea1d4fec4126f79c54dfdd4ec91c95a6e8c0ffc7b795b17b7901eeVeeam Backup Enterprise Manager authentication bypass proof of concept exploit. Versions prior to 12.1.2.172 are vulnerable.
31fb3b66c17ab7cbfde346b10334c22f95eded003360d0eab92157d99cefd29cVeeam Recovery Orchestrator authentication bypass proof of concept exploit.
c7b976542137634b6839638c2c6a072b32e8cf78c61435488fcde8c526101303Telerik Report Server deserialization and authentication bypass exploit chain that makes use of the vulnerabilities noted in CVE-2024-4358 and CVE-2024-1800.
973c92a0a0da78a80793a389527088eee6855414a151fa24deb8c5bd767aaa68Progress WhatsUp Gold WriteDatafile unauthenticated remote code execution proof of concept exploit.
8555b3fc19ed4287c691eed2de41c35a867aa34e1477c6e4b70035490dca6662Progress WhatsUp Gold GetFileWithoutZip unauthenticated remote code execution proof of concept exploit.
645be8b10a258029fe6ad8527b1a56a51a5c0b7d9500967dd05deb6a107887f2
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed