header-logo
Suggest Exploit
explore-vulnerabilities

Explore Vulnerabilities

Version
Year

Explore all Exploits:

GMP Deserialization Type Confusion Vulnerability [MyBB <= 1.8.3 RCE Vulnerability]

A type-confusion vulnerability was discovered in GMP deserialization with crafted object's __wakeup() magic method that can be abused for updating any already assigned properties of any already created objects, this result in serious security issues.

Arbitrary Code Execution in Cisco WebEx Extension

The Cisco WebEx extension allows arbitrary code execution due to a flaw in the way it handles URLs containing a specific pattern. The extension uses nativeMessaging and can execute arbitrary code when a website requests the extension to open a port for communication. The extension uses CustomEvent() objects to pass JSON messages between the webpage, the extension, and the native code.

DiskSavvy Enterprise GET Buffer Overflow

This module exploits a stack-based buffer overflow vulnerability in the web interface of DiskSavvy Enterprise v9.1.14 and v9.3.14, caused by improper bounds checking of the request path in HTTP GET requests sent to the built-in web server. This module has been tested successfully on Windows XP SP3 and Windows 7 SP1.

Recent Exploits: