This exploit is a python script that can be used to exploit multiple vulnerabilities in wp-graphql version 0.2.3. It can be used to post comments impersonating a specific user, register a new admin user, and show installed plugins and themes. The exploit was authored by Simone Quatrini of Pen Test Partners and affects Wordpress 5.1.1 and wp-graphql 0.2.3.
Deluge 1.3.15 is vulnerable to a denial of service attack when a maliciously crafted 'Webseeds' field is supplied. This can be exploited by an attacker to crash the application, resulting in a denial of service condition.
Deluge 1.3.15 is vulnerable to a denial of service attack when a maliciously crafted URL is provided. When the URL is provided, the application crashes due to a buffer overflow. This can be exploited by an attacker to crash the application and deny service to legitimate users.
This module exploits a vulnerability found in GetSimpleCMS, which allows unauthenticated attackers to perform Remote Code Execution. An arbitrary file upload (PHPcode for example) vulnerability can be triggered by an authenticated user, however authentication can be bypassed by leaking the cms API key to target the session manager.
A buffer overflow vulnerability in the dtprintinfo(1) CDE Print Viewer, leading to local root. This is the ret-into-ld.so version of raptor_dtprintname_sparc.c, able to bypass the non-executable stack protection (noexec_user_stack=1 in /etc/system).
A buffer overflow vulnerability in the dtprintinfo(1) CDE Print Viewer, leading to local root. This exploit uses the ret-into-ld.so technique to bypass the non-exec stack protection.
A denial of service vulnerability exists in BulletProof FTP Server 2019.0.0.50 when an attacker sends a specially crafted request containing a large amount of data to the 'Storage-Path' parameter. This can cause the application to crash.
A denial of service vulnerability exists in BulletProof FTP Server 2019.0.0.50 when a maliciously crafted DNS address is supplied. An attacker can exploit this vulnerability by running a python code to generate a maliciously crafted DNS address, copying the content to clipboard, enabling the DNS address in the Firewall settings, and clicking on the Test button. This will cause the application to crash.
AbsoluteTelnet 10.16 is vulnerable to a denial of service attack when a maliciously crafted 'License Name' is entered. This can be exploited by an attacker to crash the application, denying service to legitimate users.
DocPrint Pro is vulnerable to a denial of service attack when a maliciously crafted file is opened. When a user opens a maliciously crafted file, the application crashes due to a buffer overflow.
Services By CQR