header-logo
Suggest Exploit
explore-vulnerabilities

Explore Vulnerabilities

Version
Year

Explore all Exploits:

reNgine 2.2.0 – Command Injection (Authenticated)

The reNgine version 2.2.0 is vulnerable to authenticated command injection. By modifying the nmap_cmd parameters in the yml configuration, an attacker can inject malicious commands. This can lead to unauthorized remote code execution with the privileges of the application. This exploit allows an authenticated user to execute arbitrary commands on the underlying system.

Samba trans2open Overflow (Linux x86)

This exploits the buffer overflow found in Samba versions 2.2.0 to 2.2.8. This particular module is capable of exploiting the flaw on x86 Linux systems that do not have the noexec stack option set. NOTE: Some older versions of RedHat do not seem to be vulnerable since they apparently do not allow anonymous access to IPC.

FreePBX HTML-injection vulnerabilities

FreePBX is prone to multiple HTML-injection vulnerabilities because it fails to sufficiently sanitize user-supplied input data before using it in dynamically generated content. Attacker-supplied HTML and script code may be executed in the context of the affected web application, potentially allowing the attacker to steal cookie-based authentication credentials, control how the web application is displayed to the user, or manipulate the underlying PBX application; other attacks are also possible.

YNP Portal System 2.2.0 Remote File Disclosure Vulnerability

The YNP Portal System version 2.2.0 is vulnerable to remote file disclosure. This allows an attacker to access sensitive files on the server by exploiting the 'showpage.cgi' script. By manipulating the 'p' parameter in the URL, an attacker can disclose files outside the web root directory, such as the '/etc/passwd' file.

Hasura GraphQL 2.2.0 – Information Disclosure

An information disclosure vulnerability exists in Hasura GraphQL Community 2.2.0. An attacker can send a specially crafted request to the server to leak environment variables. The attacker can send a POST request to the '/v1/metadata' endpoint with a specially crafted payload containing an environment variable key to leak. This can lead to the disclosure of sensitive information.

Radexscript CMS 2.2.0 – SQL Injection vulnerability

A SQL Injection vulnerability exists in Redaxscript CMS 2.2.0. The vulnerable parameter is the 'search_terms' parameter in the 'search_post()' function of the 'redaxscript/includes/search.php' file. An attacker can send a maliciously crafted POST request to the vulnerable application to execute arbitrary SQL commands in the back-end database.

Recent Exploits: