header-logo
Suggest Exploit
explore-vulnerabilities

Explore Vulnerabilities

Version
Year

Explore all Exploits:

Show More

Apache + mod_mylo remote exploit

This is a remote exploit for Apache + mod_mylo. It allows an attacker to execute shellcode on a vulnerable system. The exploit uses a forking portbind shellcode to establish a shell on port 45295. The shellcode is modified from eSDee's original code to fix an issue with the dup2() syscall numbers. This exploit is specific to Linux and FreeBSD targets.

7.5
CVSS
HIGH
Remote exploit
CWE
Product Name
Apache
Platforms Tested
Linux, FreeBSD
Affected Version
From:
To:
2003
Show More

word-list-compress Local Exploit

This is a local exploit for the word-list-compress program. It takes advantage of a buffer overflow vulnerability to execute arbitrary code. The exploit overflows the exploit buffer with a shellcode and sets the return address to a specific address in memory. It then loads the exploit string into the environment and executes the word-list-compress program with the exploit as an argument.

7.5
CVSS
HIGH
Buffer Overflow
119
CWE
Product Name
word-list-compress
Platforms Tested
Unknown
Affected Version
From:
Unknown
To:
Unknown
Unknown
Show More

phpAbook <= 0.8.8b (COOKIE) Local File Inclusion Vulnerability

This exploit targets the phpAbook version 0.8.8b and takes advantage of a local file inclusion vulnerability. By manipulating the 'userInfo' cookie, an attacker can include arbitrary files on the server, potentially accessing sensitive information. The exploit code is provided as a JavaScript snippet that sets the 'userInfo' cookie to include the path to the '/etc/passwd' file.

7.5
CVSS
HIGH
Local File Inclusion
CWE
Product Name
phpAbook
Platforms Tested
Affected Version
From:
0.8.8b
To:
0.8.8b
2008
Show More

AyeView v2.20 (invalid bitmap header parsing) DoS Exploit

AyeView v2.20 software does not properly parse values in bmp file header, allowing an attacker to create a special bitmap that can slow down or suspend the entire system. The exploit triggers AyeView to allocate large amounts of memory, causing the system to slow down or crash.

7.5
CVSS
HIGH
Denial of Service (DoS)
CWE
Product Name
AyeView
Platforms Tested
Windows
Affected Version
From:
v2.20
To:
v2.20
Show More

Read/Write bits to buffer

This code snippet contains functions for reading and writing bits to a buffer. It supports up to 32 bits numbers and is not the fastest method. The vulnerability lies in the lack of input validation, which can lead to buffer overflow if the input exceeds the allowed number of bits. The vulnerability can be exploited to execute arbitrary code or crash the program.

7.5
CVSS
HIGH
Buffer Overflow
121
CWE
Product Name
Platforms Tested
Affected Version
From:
To:

Recent Exploits:

RDPGuard 9.9.9 – Privilege Escalation

author
Ahmet Ümit BAYRAM
vendor
RDPGuard
severity
6.1
HIGH

YesWiki Unauthenticated Path Traversal

author
Al Baradi Joy
vendor
YesWiki
severity
7.1
HIGH

ABB Cylon Aspect 3.08.02 Stored Cross-Site Scripting Vulnerability

author
Gjoko 'LiquidWorm' Krstic
vendor
ABB Ltd.
severity
6.1
HIGH

Apache ActiveMQ 6.1.6 – Denial of Service (DOS)

author
Abdualhadi khalifa
vendor
Apache
severity
6.1
HIGH

GeoVision GV-ASManager 6.1.1.0 – CSRF

author
Giorgi Dograshvili [DRAGOWN]
vendor
GeoVision
severity
6.1
HIGH

ABB Cylon FLXeon 9.3.4 WebSocket Command Spawning Vulnerability

author
Zero Science Lab
vendor
ABB Ltd.
severity
6.1
HIGH

GestioIP 3.5.7 – Stored Cross-Site Scripting Vulnerability

author
m4xth0r (Maximiliano Belino)
vendor
GestioIP
severity
6.1
HIGH

Cacti 1.2.26 – Remote Code Execution (RCE) (Authenticated)

author
D3Ext
vendor
Cacti
severity
6.1
HIGH

Exclusive Addons for Elementor ≤ 2.6.9 – Authenticated Stored Cross-Site Scripting (XSS)

author
Al Baradi Joy
vendor
exclusiveaddons
severity
5.1
MEDIUM

Kentico Xperience 13.0.178 – Cross Site Scripting (XSS)

author
Alex Messham
vendor
Kentico
severity
6.1
HIGH

Navigation

Suggest Exploit

Services By CQR