CVE-2018-25031.zip
4 KB
CVE-2018-25031
Author: RelicHunt3r
Swagger UI before 4.1.3 could allow a remote attacker to conduct spoofing attacks. By persuading a victim to open a crafted URL, an attacker could exploit this vulnerability to display remote OpenAPI definitions.
GitHub Link:
https://github.com/RelicHunt3r/swagger-ui
Author: RelicHunt3r
Swagger UI before 4.1.3 could allow a remote attacker to conduct spoofing attacks. By persuading a victim to open a crafted URL, an attacker could exploit this vulnerability to display remote OpenAPI definitions.
GitHub Link:
https://github.com/RelicHunt3r/swagger-ui
CVE-2025-32463.zip
1.8 KB
CVE-2025-32463
Author: At0mXploit
Sudo before 1.9.17p1 allows local users to obtain root access because /etc/nsswitch.conf from a user-controlled directory is used with the --chroot option.
GitHub Link:
https://github.com/At0mXploit/CVE-2025-32463
Author: At0mXploit
Sudo before 1.9.17p1 allows local users to obtain root access because /etc/nsswitch.conf from a user-controlled directory is used with the --chroot option.
GitHub Link:
https://github.com/At0mXploit/CVE-2025-32463
CVE-2018-25031.zip
4.7 KB
CVE-2018-25031
Author: rh007pt
Swagger UI before 4.1.3 could allow a remote attacker to conduct spoofing attacks. By persuading a victim to open a crafted URL, an attacker could exploit this vulnerability to display remote OpenAPI definitions.
GitHub Link:
https://github.com/rh007pt/swagger-ui
Author: rh007pt
Swagger UI before 4.1.3 could allow a remote attacker to conduct spoofing attacks. By persuading a victim to open a crafted URL, an attacker could exploit this vulnerability to display remote OpenAPI definitions.
GitHub Link:
https://github.com/rh007pt/swagger-ui
CVE-2018-25031.zip
4 KB
CVE-2018-25031
Author: RelicHunt3r
Swagger UI before 4.1.3 could allow a remote attacker to conduct spoofing attacks. By persuading a victim to open a crafted URL, an attacker could exploit this vulnerability to display remote OpenAPI definitions.
GitHub Link:
https://github.com/RelicHunt3r/swagger-ui
Author: RelicHunt3r
Swagger UI before 4.1.3 could allow a remote attacker to conduct spoofing attacks. By persuading a victim to open a crafted URL, an attacker could exploit this vulnerability to display remote OpenAPI definitions.
GitHub Link:
https://github.com/RelicHunt3r/swagger-ui
CVE-2025-32463.zip
2.3 KB
CVE-2025-32463
Author: At0mXploit
Sudo before 1.9.17p1 allows local users to obtain root access because /etc/nsswitch.conf from a user-controlled directory is used with the --chroot option.
GitHub Link:
https://github.com/At0mXploit/CVE-2025-32463
Author: At0mXploit
Sudo before 1.9.17p1 allows local users to obtain root access because /etc/nsswitch.conf from a user-controlled directory is used with the --chroot option.
GitHub Link:
https://github.com/At0mXploit/CVE-2025-32463
CVE-2018-25031.zip
4.7 KB
CVE-2018-25031
Author: rh007pt
Swagger UI before 4.1.3 could allow a remote attacker to conduct spoofing attacks. By persuading a victim to open a crafted URL, an attacker could exploit this vulnerability to display remote OpenAPI definitions.
GitHub Link:
https://github.com/rh007pt/swagger-ui
Author: rh007pt
Swagger UI before 4.1.3 could allow a remote attacker to conduct spoofing attacks. By persuading a victim to open a crafted URL, an attacker could exploit this vulnerability to display remote OpenAPI definitions.
GitHub Link:
https://github.com/rh007pt/swagger-ui
CVE-2025-20265.zip
3.6 KB
CVE-2025-20265
Author: amalpvatayam67
A vulnerability in the RADIUS subsystem implementation of Cisco Secure Firewall Management Center (FMC) Software could allow an unauthenticated, remote attacker to inject arbitrary shell commands that are executed by the device.
This vulnerability is due to a lack of proper handling of user input during the authentication phase. An attacker could exploit this vulnerability by sending crafted input when entering credentials that will be authenticated at the configured RADIUS server. A successful exploit could allow the attacker to execute commands at a high privilege level.
Note: For this vulnerability to be exploited, Cisco Secure FMC Software must be configured for RADIUS authentication for the web-based management interface, SSH management, or both.
GitHub Link:
https://github.com/amalpvatayam67/day08-CISCO-fmc-sim
Author: amalpvatayam67
A vulnerability in the RADIUS subsystem implementation of Cisco Secure Firewall Management Center (FMC) Software could allow an unauthenticated, remote attacker to inject arbitrary shell commands that are executed by the device.
This vulnerability is due to a lack of proper handling of user input during the authentication phase. An attacker could exploit this vulnerability by sending crafted input when entering credentials that will be authenticated at the configured RADIUS server. A successful exploit could allow the attacker to execute commands at a high privilege level.
Note: For this vulnerability to be exploited, Cisco Secure FMC Software must be configured for RADIUS authentication for the web-based management interface, SSH management, or both.
GitHub Link:
https://github.com/amalpvatayam67/day08-CISCO-fmc-sim
CVE-2025-49493.zip
1.6 KB
CVE-2025-49493
Author: Soham-id
Akamai CloudTest before 60 2025.06.02 (12988) allows file inclusion via XML External Entity (XXE) injection.
GitHub Link:
https://github.com/Soham-id/2025hvv
Author: Soham-id
Akamai CloudTest before 60 2025.06.02 (12988) allows file inclusion via XML External Entity (XXE) injection.
GitHub Link:
https://github.com/Soham-id/2025hvv
CVE-2018-9995
Author: jameseyes
TBK DVR4104 and DVR4216 devices, as well as Novo, CeNova, QSee, Pulnix, XVR 5 in 1, Securus, Night OWL, DVR Login, HVR Login, and MDVR Login, which run re-branded versions of the original TBK DVR4104 and DVR4216 series, allow remote attackers to bypass authentication via a "Cookie: uid=admin" header, as demonstrated by a device.rsp?opt=user&cmd=list request that provides credentials within JSON data in a response.
GitHub Link:
https://github.com/jameseyes/DVRC
Author: jameseyes
TBK DVR4104 and DVR4216 devices, as well as Novo, CeNova, QSee, Pulnix, XVR 5 in 1, Securus, Night OWL, DVR Login, HVR Login, and MDVR Login, which run re-branded versions of the original TBK DVR4104 and DVR4216 series, allow remote attackers to bypass authentication via a "Cookie: uid=admin" header, as demonstrated by a device.rsp?opt=user&cmd=list request that provides credentials within JSON data in a response.
GitHub Link:
https://github.com/jameseyes/DVRC
CVE-2023-30258.zip
1.5 KB
CVE-2023-30258
Author: abdullohqurbon0v
Command Injection vulnerability in MagnusSolution magnusbilling 6.x and 7.x allows remote attackers to run arbitrary commands via unauthenticated HTTP request.
GitHub Link:
https://github.com/abdullohqurbon0v/CVE-2023-30258-Exploit-For-Magnus-Billing-System
Author: abdullohqurbon0v
Command Injection vulnerability in MagnusSolution magnusbilling 6.x and 7.x allows remote attackers to run arbitrary commands via unauthenticated HTTP request.
GitHub Link:
https://github.com/abdullohqurbon0v/CVE-2023-30258-Exploit-For-Magnus-Billing-System
CVE-2025-32433.zip
696.5 KB
CVE-2025-32433
Author: iteride
Erlang/OTP is a set of libraries for the Erlang programming language. Prior to versions OTP-27.3.3, OTP-26.2.5.11, and OTP-25.3.2.20, a SSH server may allow an attacker to perform unauthenticated remote code execution (RCE). By exploiting a flaw in SSH protocol message handling, a malicious actor could gain unauthorized access to affected systems and execute arbitrary commands without valid credentials. This issue is patched in versions OTP-27.3.3, OTP-26.2.5.11, and OTP-25.3.2.20. A temporary workaround involves disabling the SSH server or to prevent access via firewall rules.
GitHub Link:
https://github.com/iteride/CVE-2025-32433
Author: iteride
Erlang/OTP is a set of libraries for the Erlang programming language. Prior to versions OTP-27.3.3, OTP-26.2.5.11, and OTP-25.3.2.20, a SSH server may allow an attacker to perform unauthenticated remote code execution (RCE). By exploiting a flaw in SSH protocol message handling, a malicious actor could gain unauthorized access to affected systems and execute arbitrary commands without valid credentials. This issue is patched in versions OTP-27.3.3, OTP-26.2.5.11, and OTP-25.3.2.20. A temporary workaround involves disabling the SSH server or to prevent access via firewall rules.
GitHub Link:
https://github.com/iteride/CVE-2025-32433