unSafe.sh - 不安全

Celebrating 7 Years of STAR Labs SG 2025-1-12 00:0:0 | 阅读: 8 | 收藏 |

Blogs on STAR Labs - starlabs.sg
pwn2own sg jacob renovation soo

STAR Labs 2025 New Year Exploitation Challenge 2025-1-1 00:0:0 | 阅读: 8 | 收藏 |

Blogs on STAR Labs - starlabs.sg
verse windows laoshi gu

All I Want for Christmas is a CVE-2024-30085 Exploit CVE-2024-30085 is a heap-based buffer overflow vulnerability affecting the Windows Cloud Files Mini...
2024-12-24 00:0:0 | 阅读: 8 | 收藏 |

Blogs on STAR Labs - starlabs.sg
alpc wnf reparse hsm pipedata

Behind the Scenes: Understanding CVE-2022-24547 Vulnerabilities can often be found in places we don’t expect, and CVE-2022-24547 in CastSrv.exe is...
2024-12-24 00:0:0 | 阅读: 4 | 收藏 |

Blogs on STAR Labs - starlabs.sg
castsrv user02

(CVE-2024-6781) Calibre Arbitrary File Read SummaryProductCalibreVendorCalibreSeverityHigh - Unprivileged adversaries may exploit...
2024-7-31 08:0:0 | 阅读: 17 | 收藏 |

Advisories on STAR Labs - starlabs.sg
calibre relpath library bytesio readonly

(CVE-2024-6782) Calibre Remote Code Execution SummaryProductCalibreVendorCalibreSeverityCritical - Unprivileged adversaries may exp...
2024-7-31 08:0:0 | 阅读: 21 | 收藏 |

Advisories on STAR Labs - starlabs.sg
calibre ans formatter remote python

(CVE-2024-7008) Calibre Reflected Cross-Site Scripting (XSS) SummaryProductCalibreVendorCalibreSeverityMediumAffected Versions<= 7.15.0 (lates...
2024-7-31 08:0:0 | 阅读: 11 | 收藏 |

Advisories on STAR Labs - starlabs.sg
calibre etree lxml victim injection

(CVE-2024-7009) Calibre SQLite Injection SummaryProductCalibreVendorCalibreSeverityMediumAffected Versions<= 7.15.0 (lates...
2024-7-31 08:0:0 | 阅读: 9 | 收藏 |

Advisories on STAR Labs - starlabs.sg
fts calibre library stemming database

(CVE-2024-1837) Singtel RT5703W Unauthenticated Command Injection RCE via Login Vulnerability SummaryProductSingtel WI-FI 6 ROUTER RT5703WVendorSingtel/AskeySeverityCritical - Adv...
2024-7-22 08:0:0 | 阅读: 3 | 收藏 |

Advisories on STAR Labs - starlabs.sg
username singtel injection concated ash

#BadgeLife @ Off-By-One Conference 2024 IntroductionAs promised, we are releasing the firmware and this post for the Off-By-One badge about...
2024-7-22 08:0:0 | 阅读: 6 | 收藏 |

Blogs on STAR Labs - starlabs.sg
bird uptime worm catches arduino

(CVE-2024-1838) Singtel RT5703W Authenticated Command Injection RCE via SetLoginPwd Vulnerability SummaryProductSingtel WI-FI 6 ROUTER RT5703WVendorSingtel/AskeySeverityHigh - Adversa...
2024-7-22 08:0:0 | 阅读: 13 | 收藏 |

Advisories on STAR Labs - starlabs.sg
newpwd singtel injection setloginpwd des

Send()-ing Myself Belated Christmas Gifts - GitHub.com's Environment Variables & GHES Shell Earlier this year, in mid-January, you might have come across this security announcement by GitHub....
2024-4-30 08:0:0 | 阅读: 3 | 收藏 |

Blogs on STAR Labs - starlabs.sg
repository github gitrpc arg1 arity

Route to Safety: Navigating Router Pitfalls IntroductionWi-Fi routers have always been an attractive target for attackers. When taken over, an...
2024-3-18 08:0:0 | 阅读: 6 | 收藏 |

Blogs on STAR Labs - starlabs.sg
injection strncpy routers overflow

(CVE-2023-4226) Chamilo LMS Work Ajax File Upload Functionality Remote Code Execution SummaryProductChamiloVendorChamiloSeverityHigh - Adversaries may exploit software vul...
2023-11-28 08:0:0 | 阅读: 6 | 收藏 |

Advisories on STAR Labs - starlabs.sg
php chamilo htaccess tmpfile

(CVE-2023-3368) Chamilo LMS Unauthenticated Command Injection SummaryProductChamiloVendorChamiloSeverityHigh - Adversaries may exploit software vul...
2023-11-28 08:0:0 | 阅读: 5 | 收藏 |

Advisories on STAR Labs - starlabs.sg
webservices php security chamilo xsi

(CVE-2023-3533) Chamilo LMS Unauthenticated Remote Code Execution via Arbitrary File Write SummaryProductChamiloVendorChamiloSeverityHigh - Adversaries may exploit software vul...
2023-11-28 08:0:0 | 阅读: 9 | 收藏 |

Advisories on STAR Labs - starlabs.sg
php chamilo payload webservices security

(CVE-2023-3545) Chamilo LMS Htaccess File Upload Security Bypass SummaryProductChamiloVendorChamiloSeverityHigh - Adversaries may exploit software vul...
2023-11-28 08:0:0 | 阅读: 27 | 收藏 |

Advisories on STAR Labs - starlabs.sg
htaccess php chamilo remote windows

(CVE-2023-4220) Chamilo LMS Unauthenticated Big Upload File Remote Code Execution SummaryProductChamiloVendorChamiloSeverityHigh - Adversaries may exploit software vul...
2023-11-28 08:0:0 | 阅读: 13 | 收藏 |

Advisories on STAR Labs - starlabs.sg
bigupload php chamilo tempname

(CVE-2023-4221) Chamilo LMS Learning Path PPT2LP OpenofficePresentation Command Injection SummaryProductChamiloVendorChamiloSeverityHigh - Adversaries may exploit software vul...
2023-11-28 08:0:0 | 阅读: 10 | 收藏 |

Advisories on STAR Labs - starlabs.sg
php lp injection ppt2lp chamilo

(CVE-2023-4222) Chamilo LMS Learning Path PPT2LP OpenofficeTextDocument Command Injection SummaryProductChamiloVendorChamiloSeverityHigh - Adversaries may exploit software vul...
2023-11-28 08:0:0 | 阅读: 8 | 收藏 |

Advisories on STAR Labs - starlabs.sg
php lp injection chamilo woogie