a-rey

5 exploits Active since Jan 2026
CVE-2023-54330 WRITEUP CRITICAL WRITEUP
Inbit Messenger 4.6.0-4.9.0 - Unauthenticated Remote Code Execution via SEH Overflow
Inbit Messenger versions 4.6.0 to 4.9.0 contain a remote stack-based buffer overflow vulnerability that allows unauthenticated attackers to execute arbitrary code by sending malformed network packets. Attackers can craft a specially designed payload targeting the messenger's network handler to overwrite the Structured Exception Handler (SEH) and execute shellcode on vulnerable Windows systems.
CVSS 9.8
CVE-2023-54330 EXPLOITDB CRITICAL python WORKING POC
Inbit Messenger 4.6.0-4.9.0 - Unauthenticated Remote Code Execution via SEH Overflow
Inbit Messenger versions 4.6.0 to 4.9.0 contain a remote stack-based buffer overflow vulnerability that allows unauthenticated attackers to execute arbitrary code by sending malformed network packets. Attackers can craft a specially designed payload targeting the messenger's network handler to overwrite the Structured Exception Handler (SEH) and execute shellcode on vulnerable Windows systems.
CVSS 9.8
CVE-2023-54329 EXPLOITDB CRITICAL python WORKING POC
inbit_messenger 4.6.0-4.9.0 - Unauthenticated Remote Code Execution via Malicious XML Packet
Inbit Messenger 4.6.0 - 4.9.0 contains a remote command execution vulnerability that allows unauthenticated attackers to execute arbitrary commands by exploiting a stack overflow in the messenger's protocol. Attackers can send specially crafted XML packets to port 10883 with a malicious payload to trigger the vulnerability and execute commands with system privileges.
CVSS 9.8
EIP-2026-110491 EXPLOITDB python WORKING POC
Patient Appointment Scheduler System 1.0 - Persistent Cross-Site Scripting
EIP-2026-110492 EXPLOITDB python WORKING POC
Patient Appointment Scheduler System 1.0 - Unauthenticated File Upload