LiquidWorm

790 exploits Active since Jun 2006
CVE-2019-25258 EXPLOITDB HIGH text WORKING POC
LogicalDOC Enterprise 7.7.4 - Info Disclosure
LogicalDOC Enterprise 7.7.4 contains multiple post-authentication file disclosure vulnerabilities that allow attackers to read arbitrary files through unverified 'suffix' and 'fileVersion' parameters. Attackers can exploit directory traversal techniques in /thumbnail and /convertpdf endpoints to access sensitive system files like win.ini and /etc/passwd by manipulating path traversal sequences.
CVSS 7.5
CVE-2019-25257 EXPLOITDB MEDIUM text WORKING POC
LogicalDOC Enterprise 7.7.4 - Command Injection
LogicalDOC Enterprise 7.7.4 contains multiple authenticated OS command execution vulnerabilities that allow attackers to manipulate binary paths when changing system settings. Attackers can exploit these vulnerabilities by modifying configuration parameters like antivirus.command, ocr.Tesseract.path, and other system paths to execute arbitrary system commands with elevated privileges.
CVSS 6.5
CVE-2019-25256 EXPLOITDB MEDIUM text WORKING POC
VideoFlow Digital Video Protection DVP 2.10 - Path Traversal
VideoFlow Digital Video Protection DVP 2.10 contains an authenticated directory traversal vulnerability that allows attackers to access arbitrary system files through unvalidated 'ID' parameters. Attackers can exploit multiple Perl scripts like downloadsys.pl to read sensitive files by manipulating directory path traversal in download requests.
CVSS 6.5
CVE-2019-25255 EXPLOITDB MEDIUM text WRITEUP
VideoFlow DVP 2.10 - Authenticated RCE
VideoFlow Digital Video Protection DVP 2.10 contains an authenticated remote code execution vulnerability that allows attackers to execute system commands with root privileges. Attackers can exploit the vulnerability through a cross-site request forgery (CSRF) mechanism to gain unauthorized system access.
CVSS 4.3
CVE-2019-25254 EXPLOITDB HIGH text WORKING POC
KYOCERA Net Admin 3.4.0906 - CSRF
KYOCERA Net Admin 3.4.0906 contains a cross-site request forgery vulnerability that allows attackers to create administrative users without proper request validation. Attackers can craft malicious web pages that automatically submit forms to add new admin accounts with predefined credentials when a logged-in user visits the page.
CVSS 8.8
CVE-2019-25253 EXPLOITDB HIGH text WORKING POC
KYOCERA Net Admin 3.4.0906 - XXE Injection
KYOCERA Net Admin 3.4.0906 contains an XML External Entity (XXE) injection vulnerability in the Multi-Set Template Editor that allows unauthenticated attackers to read arbitrary system files. Attackers can craft a malicious XML file with external entity references to retrieve sensitive configuration data like database credentials through an out-of-band channel attack.
CVSS 7.5
CVE-2019-25252 EXPLOITDB MEDIUM html WORKING POC
Teradek VidiU Pro 3.0.3 - CSRF
Teradek VidiU Pro 3.0.3 contains a cross-site request forgery vulnerability that allows attackers to change administrative passwords without proper request validation. Attackers can craft malicious web pages that automatically submit password change requests to the device when a logged-in administrator visits the page.
CVSS 4.3
CVE-2019-25251 EXPLOITDB MEDIUM text WORKING POC
Teradek VidiU Pro 3.0.3 - SSRF
Teradek VidiU Pro 3.0.3 contains a server-side request forgery vulnerability in the management interface that allows attackers to manipulate GET parameters 'url' and 'xml_url'. Attackers can exploit this flaw to bypass firewalls, initiate network enumeration, and potentially trigger external HTTP requests to arbitrary destinations.
CVSS 6.5
CVE-2019-25248 EXPLOITDB HIGH text WRITEUP
Beward N100 M2.1.6.04C014 - Info Disclosure
Beward N100 M2.1.6.04C014 contains an unauthenticated vulnerability that allows remote attackers to access live video streams without credentials. Attackers can directly retrieve the camera's RTSP stream by exploiting the lack of authentication in the video access mechanism.
CVSS 7.5
CVE-2019-25247 EXPLOITDB MEDIUM html WORKING POC
Beward N100 H.264 VGA IP Camera M2.1.6 - CSRF
Beward N100 H.264 VGA IP Camera M2.1.6 contains a cross-site request forgery vulnerability that allows attackers to perform administrative actions without proper request validation. Attackers can craft a malicious web page with a hidden form to add an admin user by tricking a logged-in user into submitting the form.
CVSS 5.3
CVE-2019-25246 EXPLOITDB HIGH text WORKING POC
Beward N100 H.264 VGA IP Camera M2.1.6 - Info Disclosure
Beward N100 H.264 VGA IP Camera M2.1.6 contains an authenticated file disclosure vulnerability that allows attackers to read arbitrary system files via the 'READ.filePath' parameter. Attackers can exploit the fileread script or SendCGICMD API to access sensitive files like /etc/passwd and /etc/issue by supplying absolute file paths.
CVSS 8.8
CVE-2019-25245 EXPLOITDB HIGH text WRITEUP
Ross Video DashBoard 8.5.1 - Privilege Escalation
Ross Video DashBoard 8.5.1 contains an elevation of privileges vulnerability that allows authenticated users to modify executable files due to improper permission settings. Attackers can exploit the 'M' or 'C' flags for 'Authenticated Users' group to replace the DashBoard.exe binary with a malicious executable.
CVSS 8.8
CVE-2019-25244 EXPLOITDB MEDIUM text WORKING POC
Legrand BTicino Driver Manager F454 1.0.51 - CSRF, XSS
Legrand BTicino Driver Manager F454 1.0.51 contains multiple web vulnerabilities that allow attackers to perform administrative actions without proper request validation. Attackers can exploit cross-site request forgery to change passwords and inject stored cross-site scripting payloads through unvalidated GET parameters.
CVSS 5.3
CVE-2019-25243 EXPLOITDB HIGH text WORKING POC
FaceSentry 6.4.8 - Command Injection
FaceSentry 6.4.8 contains an authenticated remote command injection vulnerability in pingTest.php and tcpPortTest.php scripts. Attackers can exploit unsanitized input parameters to inject and execute arbitrary shell commands with root privileges by manipulating the 'strInIP' and 'strInPort' parameters.
CVSS 8.8
CVE-2019-25242 EXPLOITDB MEDIUM text WORKING POC
FaceSentry Access Control System 6.4.8 - CSRF
FaceSentry Access Control System 6.4.8 contains a cross-site request forgery vulnerability that allows attackers to perform administrative actions without user consent. Attackers can craft malicious web pages to change administrator passwords, add new admin users, or open access control doors by tricking authenticated users into loading a specially crafted webpage.
CVSS 4.3
CVE-2019-25241 EXPLOITDB CRITICAL python WORKING POC
FaceSentry Access Control System <6.4.8 - Privilege Escalation
FaceSentry Access Control System 6.4.8 contains a critical authentication vulnerability with hard-coded SSH credentials for the wwwuser account. Attackers can leverage the insecure sudoers configuration to escalate privileges and gain root access by executing sudo commands without authentication.
CVSS 9.8
CVE-2019-25240 EXPLOITDB CRITICAL bash WORKING POC
Rifatron 5brid DVR - Unauthenticated Access
Rifatron 5brid DVR contains an unauthenticated vulnerability in the animate.cgi script that allows unauthorized access to live video streams. Attackers can exploit the Mobile Web Viewer module by specifying channel numbers to retrieve sequential video snapshots without authentication.
CVSS 9.8
CVE-2019-25239 EXPLOITDB HIGH text WORKING POC
V-SOL GPON/EPON OLT Platform 2.03 - Info Disclosure
V-SOL GPON/EPON OLT Platform 2.03 contains an unauthenticated information disclosure vulnerability that allows attackers to download configuration files via direct object reference. Attackers can retrieve sensitive configuration data by sending HTTP GET requests to the usrcfg.conf endpoint, potentially enabling authentication bypass and system access.
CVSS 7.5
CVE-2019-25238 EXPLOITDB MEDIUM text WORKING POC
V-SOL GPON/EPON OLT Platform 2.03 - CSRF
V-SOL GPON/EPON OLT Platform 2.03 contains a cross-site request forgery vulnerability that allows attackers to perform administrative actions without user consent. Attackers can craft malicious web pages to create admin users, enable SSH, or modify system settings by tricking authenticated administrators into loading a specially crafted page.
CVSS 4.3
CVE-2019-25237 EXPLOITDB CRITICAL text WORKING POC
V-SOL GPON/EPON OLT Platform v2.03 - Privilege Escalation
V-SOL GPON/EPON OLT Platform v2.03 contains a privilege escalation vulnerability that allows normal users to gain administrative access by manipulating the user role parameter. Attackers can send a crafted HTTP POST request to the user management endpoint with 'user_role_mod' set to integer value '1' to elevate their privileges.
CVSS 9.8
CVE-2019-25236 EXPLOITDB CRITICAL bash WORKING POC
iSeeQ Hybrid DVR WH-H4 1.03R - Info Disclosure
iSeeQ Hybrid DVR WH-H4 1.03R contains an unauthenticated vulnerability in the get_jpeg script that allows unauthorized access to live video streams. Attackers can retrieve video snapshots from specific camera channels by sending requests to the /cgi-bin/get_jpeg endpoint without authentication.
CVSS 9.8
CVE-2019-25235 EXPLOITDB CRITICAL text WRITEUP
Smartwares HOME easy <1.0.9 - Auth Bypass
Smartwares HOME easy 1.0.9 contains an authentication bypass vulnerability that allows unauthenticated attackers to access administrative web pages by disabling JavaScript. Attackers can navigate to multiple administrative endpoints and to bypass client-side validation and access sensitive system information.
CVSS 9.8
CVE-2019-25234 EXPLOITDB MEDIUM text WORKING POC
SmartHouse Webapp 6.5.33 - CSRF/XSS
SmartHouse Webapp 6.5.33 contains multiple cross-site request forgery and cross-site scripting vulnerabilities that allow attackers to perform unauthorized actions. Attackers can exploit these vulnerabilities by tricking logged-in users into visiting malicious websites or injecting malicious scripts into various application parameters.
CVSS 5.3
CVE-2019-25233 EXPLOITDB MEDIUM text WORKING POC
AVE DOMINAplus <1.10.x - XSS, CSRF
AVE DOMINAplus 1.10.x contains cross-site request forgery and cross-site scripting vulnerabilities that allow attackers to perform administrative actions without user consent. Attackers can craft malicious web pages to exploit login.php parameters and execute arbitrary scripts in user browser sessions.
CVSS 5.3
CVE-2018-25156 EXPLOITDB MEDIUM html WORKING POC
Teradek Cube 7.3.6 - CSRF
Teradek Cube 7.3.6 contains a cross-site request forgery vulnerability that allows attackers to change administrative passwords without proper request validation. Attackers can craft a malicious web page with a hidden form to submit password change requests to the device's system configuration interface.
CVSS 4.3