Exploits - exploit.company

explore-vulnerabilities

Explore Vulnerabilities

Explore all Exploits:

Show More

Firelinking – Proof-of-Concept

The Firelinking - Proof-of-Concept is a proof-of-concept exploit designed for Firefox 1.0.2. It takes advantage of a bug in bugzilla #290036 to execute arbitrary JavaScript code in the context of the user's browser.

Cross-Site Scripting (XSS)

Platforms Tested

Windows, Mac, Linux

Affected Version

Show More

Firewalling – Proof-of-Concept

The 'Set As Wallpaper' dialog takes the image url as a parameter without validating it, allowing to execute javascript in chrome and to run arbitrary code. By using absolute positioning and the moz-opacity filter an attacker can easily fool the user to think he is setting a valid image as wallpaper.

Platforms Tested

Affected Version

Recent Exploits:

openSIS 9.1 – SQL Injection (Authenticated)

author

Devrim Dıragumandan (d0ub1edd)

vendor

severity

dizqueTV 1.5.3 – Remote Code Execution (RCE)

author

Ahmed Said Saud Al-Busaidi

vendor

severity

reNgine 2.2.0 – Command Injection (Authenticated)

author

vendor

severity

Stored Cross-Site Scripting (XSS) in NoteMark

author

Alessio Romano (sfoffo)

vendor

severity

Windows IPv6 CVE-2024-38063 Denial-Of-Service Vulnerability

author

vendor

severity

Invesalius 3.1 – Remote Code Execution (RCE)

author

Alessio Romano (sfoffo), Riccardo Degli Esposti (partywave)

vendor

severity

Stored XSS in Gitea

author

Catalin Iovita & Alexandru Postolache

vendor

severity

Elber ESE DVB-S/S2 Satellite Receiver 1.5.x Device Configuration Vulnerability

author

Gjoko 'LiquidWorm' Krstic

vendor

severity

Elber Wayber Analog/Digital Audio STL 4.00 Authentication Bypass

author

Gjoko 'LiquidWorm'

vendor

severity

Elber Wayber Analog/Digital Audio STL 4.00 Device Configuration Vulnerability

author

Gjoko 'LiquidWorm' Krstic

vendor

severity