10-Strike Network Inventory Explorer version 9.03 Read-from-file buffer overflow exploit that uses SEH and ROP.
>> AUTHOR: deepcore
FlashFXP 4.2.0 Build 1730 – Denial of Service (PoC)
Grandstream UCM6200 Series CTI Interface – ‘user_password’ SQL Injection
DLINK DWL-2600 – Authenticated Remote Command Injection (Metasploit)
This Metasploit module can be used to leverage the extension functionality added since Redis 4.0.0 to execute arbitrary code. To transmit the given extension it makes use of the feature…
Odin Secure FTP Expert 7.6.3 – ‘Site Info’ Denial of Service (PoC)
Joomla! com_fabrik 3.9.11 – Directory Traversal
Multiple DrayTek Products – Pre-authentication Remote Root Code Execution
Webexcels Ecommerce CMS version 2.x suffers from cross site scripting and remote SQL injection vulnerabilities.
FreeCommander XE 2020 Build 810a 32-bit suffers from a pathname buffer overflow vulnerability.