header-logo
Suggest Exploit
explore-vulnerabilities

Explore Vulnerabilities

Version
Year

Explore all Exploits:

Zabbix Server : Multiple remote vulnerabilities

Zabbix Server is a network management system application designed to monitor and track the status of various network services, servers, and other network hardware. Multiple vulnerabilities were discovered in Zabbix Server, including remote command execution, remote SQL execution, and remote DoS (NULL deref). The faulty source code for each vulnerability was identified and patched versions were released. The changelog entries for each vulnerability are also provided.

NAS Uploader [V1.0&1.5] Remote File Upload Vulnerability

A vulnerability exists in NAS Uploader versions 1.0 and 1.5, which allows an attacker to upload a malicious file to the server. The attacker can go to the target website's upload_multiple_js.php page, click on the 'Parcourir' button, and upload a shell file in the form of 'shell.php.rar'. The uploaded file can then be accessed at target.com/[path]/uploads/tests/shell.php.rar.

Max’s AJAX File Uploader Remote File Upload Vulnerability

A vulnerability exists in Max's AJAX File Uploader which allows an attacker to upload a malicious file to the server. The attacker can then access the uploaded file by providing the path to the file in the URL. The vulnerability is due to insufficient validation of the uploaded file type.

DigitalHive Multiple Vulnerabilities

Signup in the forum by going to http://localhost/[script]/base.php?page=inscription.php, then going to your profile here http://localhost/[script]/base.php?page=compte.php&var=accueil and click 'modfier', upload your shell in 'php.jpg' format, do a right click in the icon situated in 'Apparence' then copy the link of your shell.

Quartz Concept Content Manager V3.00 Authentication Bypass

Quartz Concept Content Manager V3.00 is vulnerable to an authentication bypass vulnerability. An attacker can exploit this vulnerability by sending a specially crafted HTTP request to the vulnerable application. This will allow the attacker to bypass authentication and gain access to the application as an administrator.

RM Downloader 3.0.2.1(.M3U File) Stack Overflow exploit

This exploit is for RM Downloader 3.0.2.1, a software used to convert RM files to MP3. The vulnerability is a stack overflow which occurs when a specially crafted .M3U file is opened. The exploit code contains a jmp esp from RDcodec02.dll, followed by 256 bytes of NOPs, 8 bytes of NOPs, 100 bytes of NOPs, and a shellcode which executes calc.exe.

Ez Guestbook 1.0 Multiple Vulnerabilities

Ez Guestbook script version 1.0 suffers from multiple vulnerabilities, including a Cross Site Request Forgery vulnerability. An attacker can exploit this vulnerability by crafting a malicious form that changes the admin password and submitting it to the vulnerable application. Additionally, an attacker can exploit the vulnerability by sending a malicious request to the vulnerable application to delete a post by ID.

Recent Exploits: