header-logo
Suggest Exploit
explore-vulnerabilities

Explore Vulnerabilities

Version
Year

Explore all Exploits:

Simple E-Document Arbitrary File Upload

This module exploits a file upload vulnerability found in Simple E-Document versions 3.0 to 3.1. Attackers can bypass authentication and abuse the upload feature in order to upload malicious PHP files which results in arbitrary remote code execution as the web server user. File uploads are disabled by default.

PCMAN FTP 2.07 CWD Command Buffer Overflow

This exploit takes advantage of a buffer overflow vulnerability in the CWD command of PCMAN FTP version 2.07. By sending a specially crafted string as the argument to the CWD command, an attacker can overwrite the function with junk characters, leading to remote code execution. The exploit includes a shellcode that binds a shell to port 4444.

ThWboard <=3.0 beta 2.84-php5 board[styleid] sql injection / cmd exec exploit

This exploit allows an attacker to execute arbitrary commands or retrieve the md5 hash of a certain user on a ThWboard <=3.0 beta 2.84-php5 board. The vulnerability is caused by insufficient input validation in the 'styleid' parameter. An attacker can exploit this vulnerability by sending a specially crafted request to the target server.

Oracle Outside In MDB File Parsing Stack Based Buffer Overflow PoC

This PoC demonstrates a stack-based buffer overflow vulnerability in Oracle Outside In MDB File Parsing. By providing a specially crafted MDB file, an attacker can exploit this vulnerability to execute arbitrary code or crash the application. The vulnerability has a CVE identifier of CVE-2013-5791. The PoC author is Citadelo.

DigiAffiliate <= V1.4 Remote Blind SQL Injection Exploit

This exploit allows an attacker to perform blind SQL injection on DigiAffiliate version 1.4. By injecting a specially crafted SQL query, the attacker can retrieve sensitive information such as login credentials and personal details of the admin user.

Recent Exploits: