header-logo
Suggest Exploit
explore-vulnerabilities

Explore Vulnerabilities

Version
Year

Explore all Exploits:

Windows NtUserSetWindowFNID Win32k User Callback

An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory. This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2019, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers. This module is tested against Windows 10 v1703 x86.

Oracle Siebel CRM 19.0 – Persistent Cross-Site Scripting

The Siebel CRM application allows its users to upload any file types in most of the available file upload functionalities, later on, the uploaded file can be downloaded by another user with the appropriate privileges as part of the workflow. As such, it was possible to upload file with the “html” extension, (containing html and JavaScript code) thereby allowing to also perform Persistent Cross Site Scripting attack.

MAPLE Computer WBT SNMP Administrator 2.0.195.15 – Remote Buffer Overflow

SnmpAdm.exe in MAPLE WBT SNMP Administrator v2.0.195.15 has an Unauthenticated Remote Buffer Overflow via a long string to the CE Remote feature listening on Port 987. This will overwrite data on the stack/registers and allow for control of the programs execution flow resulting in attacker supplied remote code execution. Authentication is not required for this exploit.

PHP Laravel Framework token Unserialize Remote Command Execution

This module exploits a vulnerability in the PHP Laravel Framework for versions 5.5.40, 5.6.x <= 5.6.29. Remote Command Execution is possible via a correctly formatted HTTP X-XSRF-TOKEN header, due to an insecure unserialize call of the decrypt method in Illuminate/Encryption/Encrypter.php. Authentication is not required, however exploitation requires knowledge of the Laravel APP_KEY. Similar vulnerabilities appear to exist within Laravel cookie tokens based on the code fix. In some cases the APP_KEY is leaked which allows for discovery and exploitation.

CWP Control Web Panel 0.9.8.836 – 0.9.8.839 Root Privilege Escalation

The CWP Control Web Panel version 0.9.8.836 to 0.9.8.839 is vulnerable to root privilege escalation. The vulnerability occurs due to the session file being stored in the /tmp directory and the rkey value in the session file not changing when accessed by the same source IP address.

FlightPath < 4.8.2 & < 5.0-rc2 - Local File Inclusion

This exploit allows an attacker to include arbitrary local files on the server by modifying the 'include_form' parameter in a POST request. By manipulating the 'form_include' parameter, an attacker can traverse directories and access sensitive files on the server, such as /etc/passwd.

Falcon Series One – Multilple Remote File Inclusion + Permanent Xss

This exploit allows for remote file inclusion and permanent cross-site scripting. The vulnerability can be exploited through the sitemap.xml.php and errors.php pages. The permanent XSS can be executed through the input fields gb_mail, gb_name, and textarea gb_text on the index.php?guestbook=v page. Additionally, there is a CSRF exploit for changing passwords on the index.php?admin=changepass page.

Recent Exploits: