header-logo
Suggest Exploit
explore-vulnerabilities

Explore Vulnerabilities

Version
Year

Explore all Exploits:

Show More

PLC Wireless Router GPN2.4P21-C-CN Unauthenticated Remote Reboot

PLC Wireless Router's are vulnerable to a unauthenticated remote reboot which can be achieved through sending a modified http request. The script below will take a user supplied IP address of a PLC router and send the exploit to the device. Use the Shodan dork above to find PLC wireless routers.

N/A
CVSS
N/A
Unauthenticated Remote Reboot
Unknown
CWE
Product Name
GPN2.4P21-C-CN
Platforms Tested
Debian Linux
Affected Version
From:
Unknown
To:
Unknown
2018
Show More

Acunetix Web Vulnerability Scanner 10.0 Build 20150623 – Denial of Service (PoC)

The Acunetix Web Vulnerability Scanner 10.0 Build 20150623 is vulnerable to a denial of service attack. By providing a specially crafted input, an attacker can cause the application to crash, resulting in a denial of service condition.

5
CVSS
MEDIUM
Denial of Service (PoC)
400
CWE
Product Name
Acunetix Web Vulnerability Scanner
Platforms Tested
Windows 10 PRO x86 en
Affected Version
From:
10
To:
10
2018
Show More

iSmartViewPro 1.5 – ‘SavePath for ScreenShots’ Local Buffer Overflow

The iSmartViewPro 1.5 software is vulnerable to a local buffer overflow in the 'SavePath for ScreenShots' field. By sending a specially crafted input, an attacker can cause a buffer overflow and potentially execute arbitrary code on the target system.

7.5
CVSS
HIGH
Local Buffer Overflow
119
CWE
Product Name
iSmartViewPro
Platforms Tested
Windows XP Service Pack 3 x86
Affected Version
From:
1.5
To:
1.5
2018
Show More

TP-Link C50 Wireless Router 3 – Cross-Site Request Forgery (Remote Reboot)

This exploit allows an attacker to remotely reboot the TP-Link C50 Wireless Router 3 by sending a forged request. The vulnerability exists in the firmware version <= Build 171227 of the router. By exploiting this vulnerability, an attacker can disrupt the normal functioning of the router.

7.5
CVSS
HIGH
Cross-Site Request Forgery
352
CWE
Product Name
TP-Link C50 Wireless Router 3
Platforms Tested
Affected Version
From:
To:
Build 171227
2018
Show More

PHP 5.2.4 ionCube extension safe_mode and disable_functions protections bypass

This exploit allows an attacker to bypass the safe_mode and disable_functions protections of the ionCube extension in PHP 5.2.4. By changing the file path, an attacker can retrieve sensitive information, such as source code and password files. The exploit works on Windows XP Pro SP2 with full patches and can be executed from the command line or Apache server.

5.5
CVSS
MEDIUM
Bypass protection
CWE
Product Name
PHP
Platforms Tested
Windows XP Pro SP2
Affected Version
From:
PHP 5.2.4
To:
PHP 5.2.4
2007

Recent Exploits:

RDPGuard 9.9.9 – Privilege Escalation

author
Ahmet Ümit BAYRAM
vendor
RDPGuard
severity
6.1
HIGH

YesWiki Unauthenticated Path Traversal

author
Al Baradi Joy
vendor
YesWiki
severity
7.1
HIGH

ABB Cylon Aspect 3.08.02 Stored Cross-Site Scripting Vulnerability

author
Gjoko 'LiquidWorm' Krstic
vendor
ABB Ltd.
severity
6.1
HIGH

Apache ActiveMQ 6.1.6 – Denial of Service (DOS)

author
Abdualhadi khalifa
vendor
Apache
severity
6.1
HIGH

GeoVision GV-ASManager 6.1.1.0 – CSRF

author
Giorgi Dograshvili [DRAGOWN]
vendor
GeoVision
severity
6.1
HIGH

ABB Cylon FLXeon 9.3.4 WebSocket Command Spawning Vulnerability

author
Zero Science Lab
vendor
ABB Ltd.
severity
6.1
HIGH

GestioIP 3.5.7 – Stored Cross-Site Scripting Vulnerability

author
m4xth0r (Maximiliano Belino)
vendor
GestioIP
severity
6.1
HIGH

Cacti 1.2.26 – Remote Code Execution (RCE) (Authenticated)

author
D3Ext
vendor
Cacti
severity
6.1
HIGH

Exclusive Addons for Elementor ≤ 2.6.9 – Authenticated Stored Cross-Site Scripting (XSS)

author
Al Baradi Joy
vendor
exclusiveaddons
severity
5.1
MEDIUM

Kentico Xperience 13.0.178 – Cross Site Scripting (XSS)

author
Alex Messham
vendor
Kentico
severity
6.1
HIGH

Navigation

Suggest Exploit

Services By CQR