Magento version 2.4.6 XSLT server-side injection proof of concept exploit.
ae81950e2fc15cf464a8175e05b574b8b5b2ed4aba982fabb1e7d86affd1d181Citrix NetScaler ADC and NetScaler Gateway proof of concept exploit for the session token leakage vulnerability as described in CVE-2023-4966.
89ec75b909eb1e5d40ef988dc08431b0375f4fa6890974bea609b7d956cd8ac4Two and a half years ago an independent audit was performed on the Squid Caching Proxy, which ultimately resulted in 55 vulnerabilities being discovered in the project's C++ source code. Although some of the issues have been fixed, the majority (35) remain valid. The majority have not been assigned CVEs, and no patches or workarounds are available. Some of the listed issues concern more than one bug, which is why 45 issues are listed, despite there being 55 vulnerabilities in total (10 extra of the result of similar, but different pathways to reproduce a vulnerability). After two and a half years of waiting, the researcher has decided to release the issues publicly. This archive contains all of the proof of concept code released by the researcher.
8a60c32d038280c1edeea0a6969797283bd744dd1d8876f4879ad103db17b469XNSoft Nconvert version 7.136 is vulnerable to buffer overflow and denial of service conditions. Proof of concepts included.
638390b25c13e2dfa7b3f373e58cc3d277307ff7a2ae09d48cf4a2266af3831aElasticsearch version 8.5.3 stack overflow proof of concept exploit.
3ea73849caae7368d08d81cb21e393baddfab08e0fc2108b64083363b66bb17aPackers and Movers Management System version 1.0 suffers from a remote blind SQL injection vulnerability. Proof of concept exploit written in python included.
392e218592b7d81bc0c0a1e2e699e9fe38ca587052d6e6393e97b66c59ab44eaVMWare Aria Operations for Networks (vRealize Network Insight) static SSH key remote code execution proof of concept exploit.
ae67475970c05c39bc93428dddf3a98ddfed987c1bd13fb23f729e242a686959Proof of concept exploit for Oracle RMAN on Oracle database versions 19c, 18c, 12.2.0.1, and 12.1.0.2 where an RMAN controlfile operation is not adequately logged.
a4b527febec8b5e2538fa176029d4e006f6958e1699c0f13efc73dce25b4e691LOLDriver version 1.3-x64 proof of concept memory corruption exploit.
a330abffaaadfd62570ff07c8df013554081bb33cab314ff75bd805bebba1f05A proof of concept exploit for chaining four CVEs to achieve remote code execution in Juniper JunOS within SRX and EX Series products.
ab0b70a7cc6a4a947d8faceced29674fb6ad7bf45e8a329120e642cb825e3c05GOM Player version 2.3.90.5360 man-in-the-middle proof of concept remote code execution exploit.
f2826517a53fda0ce64b48c45b78c7b264d5e4695963f36c0f2cda3c61797dceGoogle Chrome version 115.0.5790.102 WebGPU use-after-free memory corruption proof of concept exploit.
8d8a37ec6a9723c095e854941ee699a99d052bf1885ef10eb39b13deb719ce3dServiceNow suffered from having an insecure access control that could lead to full administrative compromise. The associated link has a proof of concept.
1ba72d97e5b5609910fcc6b7107bef5cb14d772f105f4a4b5e856f37da0c93f2WordPress Abandoned Cart Lite for WooCommerce plugin versions 5.14.2 and below proof of concept authentication bypass exploit.
a6f89cfb298bd156a4472f93e13a6411f9168c346e1e105e5bddc52630ec5c7dThis proof of concept abuses an SQL injection vulnerability in MOVEit to obtain a sysadmin API access token and then use that access to abuse a deserialization call to obtain remote code execution. This proof of concept needs to reach out to an Identity Provider endpoint which hosts proper RS256 certificates used to forge arbitrary user tokens - by default this POC uses horizon3ai's IDP endpoint hosted in AWS. By default, the exploit will write a file to C:\Windows\Temp\message.txt. Alternative payloads can be generated by using the ysoserial.net project.
891c1c3067e64d2916aec314b0195ba65fbc31db8570faee1f1fc3f6b4a366d9Proof of concept exploit for a SPARQL injection vulnerability in VIVO that triggers a denial of service.
03a908c86212c5d8cb01cd14ceb44e5ff14b5a0ad5966f87f7b111117d9a3ab6Proof of concept exploit for a buffer overflow in strongSwan VPN's charon server.
381239d433a012d932de3871f064091c52ad26bb7b01de975c5e82fe37562652Proof of concept exploit for a buffer overflow remote code execution vulnerability in librelp.
e494ed907a60d68aba585cbc21eba08e50daffab41973ff8ba84e679096953dcProof of concept exploit for polkit that triggers an eventfd file descriptor leak.
f9b681fc933ff4d272ea49c02694d6c797b953465a57f0c30ab341372a92d369Proof of concept exploit for a path traversal vulnerability in Ansible's fetch module.
8c4c608182c45d96419302765b9eaa12ca07e339dc23cb5c1ded2218533abe68libssh proof of concept authentication bypass exploit, which, under certain conditions, may enable a remote attacker to gain unauthorized access to another user's account via ssh login. Versions 0.9.0 through 0.9.6 and 0.10.0 through 0.10.4 are affected.
9bd1a8957c6bb9f405736511d3ad44169c96d1094aebcfdbf0555a4786bbe3ebProof of concept exploit for a D-Bus denial of service condition that can be triggered via a file descriptor leak.
87e71894350d7dbd3c36666fe7e024bd14e19415a79f2aed19e7d9102383633cApple XNU kernel memory exposure proof of concept exploit that is designed for macOS High Sierra version 10.13.
38dd575e5b5287e0c5ce77e2d2ac39c63d630fc15948a59b9200382df1ff09b0Proof of concept exploit for a remotely trigger-able heap buffer overflow vulnerability in iOS 11.4.1 and macOS 10.13.6. This exploit can be used to crash any vulnerable iOS or macOS device that is connected to the same network as the attacker's computer. The vulnerability can be triggered without any user interaction on the victim's device. The exploit involves sending a TCP packet with non-zero options in the IP and TCP headers.
5352cd5286d39bd38e49f40ff6d66d63f42d4b951311bef0126c92981172e14fmacOS NFS client buffer overflow proof of concept exploit. These issues were addressed in macOS version 10.13.6.
917b85555ca4494b492d414d04dedd1a7811edb66c81d2df1ef9435751ac4474
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed