Aggregator

Hello and welcome back to the little Starting Point series I’ve been doing on the HacktheBox main pl

A vulnerability has been found in PortailPHP and classified as problematic. Impacted is an unknown function of the file mod_news/goodies.php. This manipulation of the argument Remote causes Local Privilege Escalation. This vulnerability is registered as CVE-2007-0821. The attack needs to be launched locally. Furthermore, an exploit is available.

A vulnerability described as problematic has been identified in Cedric CLAIRE PortailPhp 2. Impacted is an unknown function of the file mod_news/index.php of the component mod_news/index.php. Such manipulation of the argument chemin leads to path traversal. This vulnerability is documented as CVE-2007-0821. The attack can be executed remotely. Additionally, an exploit exists.

A vulnerability has been found in PortailPHP and classified as problematic. This affects an unknown function of the file mod_news/goodies.php of the component mod_news/goodies.php. Performing manipulation of the argument chemin results in path traversal. This vulnerability is cataloged as CVE-2007-0821. The attack must be initiated from a local position. Furthermore, there is an exploit available.

A vulnerability classified as critical was found in Portail Web Php up to 2.5.1.0. This vulnerability affects unknown code of the file includes/includes.php. The manipulation of the argument site_path results in code injection. This vulnerability was named CVE-2007-0699. The attack may be performed from remote. In addition, an exploit is available. Upgrading the affected component is advised.

A vulnerability marked as critical has been reported in Cedric CLAIRE PortailPhp 2. This issue affects some unknown processing of the file mod_news/index.php of the component mod_news/index.php. This manipulation of the argument chemin causes file inclusion. This vulnerability is registered as CVE-2007-0820. Remote exploitation of the attack is possible. Furthermore, an exploit is available.

A vulnerability was found in PortailPHP and classified as critical. The affected element is an unknown function of the file mod_search/index.php. Such manipulation of the argument Remote leads to Remote Code Execution. This vulnerability is documented as CVE-2007-0820. The attack can be executed remotely. Additionally, an exploit exists.

A vulnerability classified as problematic was found in PHPGurukul Hostel Management System 2.1. The impacted element is an unknown function of the file /register-complaint.php. Executing manipulation of the argument cdetails can lead to cross site scripting. This vulnerability is registered as CVE-2025-13577. It is possible to launch the attack remotely. Furthermore, an exploit is available.

Вся внутренняя кухня FS Italiane теперь в руках хакеров.

A vulnerability classified as critical has been found in code-projects Blog Site 1.0. The affected element is an unknown function of the file /admin.php. Performing manipulation results in improper authorization. This vulnerability is cataloged as CVE-2025-13576. It is possible to initiate the attack remotely. Furthermore, there is an exploit available. Multiple endpoints are affected.

A vulnerability described as critical has been identified in code-projects Blog Site 1.0. Impacted is the function category_exists of the file /resources/functions/blog.php of the component Category Handler. Such manipulation of the argument name/field leads to sql injection. This vulnerability is listed as CVE-2025-13575. The attack may be performed from remote. In addition, an exploit is available. Multiple endpoints are affected.

Submit #698995 / VDB-333341

Submit #698772 / VDB-333340

Submit #698771 / VDB-333339

Submit #698769 / VDB-333339

A vulnerability marked as critical has been reported in code-projects Online Bidding System 1.0. This issue affects the function categoryadd of the file /administrator/addcategory.php. This manipulation of the argument catimage causes unrestricted upload. This vulnerability is tracked as CVE-2025-13574. The attack is possible to be carried out remotely. Moreover, an exploit is present.

A vulnerability, which was classified as problematic, was found in Linux Kernel 6.2. This issue affects the function sleeping of the file drivers/tty/n_gsm.c. Such manipulation leads to denial of service. This vulnerability is traded as CVE-2023-31082. Access to the local network is required for this attack to succeed. Furthermore, there is an exploit available.

A vulnerability marked as critical has been reported in Linux Kernel up to 5.4.239/5.10.176/5.15.104/6.1.21/6.2.8. This affects an unknown function of the file kernel/dma/mapping.c. Performing manipulation results in denial of service. This vulnerability is reported as CVE-2023-53041. The attacker must have access to the local network to execute the attack. No exploit exists. It is suggested to upgrade the affected component.

A vulnerability, which was classified as critical, was found in Linux Kernel up to 5.10.137/5.15.62/5.19.3. The impacted element is an unknown function of the component ceph. The manipulation results in deadlock. This vulnerability is identified as CVE-2022-50059. The attack can only be performed from the local network. There is not any exploit available. You should upgrade the affected component.

A vulnerability was found in OpenPrinting cups-filters and libcupsfilters. It has been classified as critical. The affected element is an unknown function of the component pdftoraster. This manipulation causes out-of-bounds write. The identification of this vulnerability is CVE-2025-64503. The attack can only be executed locally. There is no exploit available. It is recommended to apply a patch to fix this issue.