header-logo
Suggest Exploit
explore-vulnerabilities

Explore Vulnerabilities

Version
Year

Explore all Exploits:

Easy File Management Web Server v5.3 – USERID Remote Buffer Overflow (ROP)

This exploit leverages a buffer overflow vulnerability in the Easy File Management Web Server v5.3. By sending a specially crafted UserID string, an attacker can overflow the buffer and execute arbitrary code.

SMF Path Disclosure and Remote Code Execution

The vulnerability allows an attacker to disclose the path of sensitive files on the server and execute arbitrary code by injecting a shell command in the 'path_to_smf' parameter in two different PHP files: 'logout.php' and 'get_session_vars.php'. This vulnerability was discovered by ThE dE@Th from the AsB-MaY DiScOvEr ExPlIoTs Gr0uP.

Huski Retail SQL Injection Vulnerabilities

Huski Retail is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting these issues could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.

LANDesk Management Gateway Cross-Site Request Forgery and Cross-Site Scripting Vulnerabilities

An attacker can exploit the cross-site request forgery issue to alter the settings on affected devices. This may lead to further network-based attacks, including command-injection attacks to the device's underlying operating system, which can lead to a complete compromise of a vulnerable device. The attacker can exploit the cross-site scripting issue to execute arbitrary script code in the context of the affected browser, potentially allowing the attacker to steal cookie-based authentication credentials. Other attacks are also possible.

Recent Exploits: