Faculty Evaluation System 1.0 Shell Upload
Authored by Alex Gan
Faculty Evaluation System version 1.0 suffers from a remote shell upload vulnerability.
advisories | CVE-2023-33440
Change Mirror Download
# Exploit Title: Faculty Evaluation System 1.0 - Unauthenticated File Upload#...
Flexense HTTP Server 10.6.24 Buffer Overflow / Denial Of Service
Authored by Ege Balci | Site metasploit.com
This Metasploit module triggers a denial of service vulnerability in the Flexense HTTP server. The vulnerability is caused by a user mode write...
STARFACE 7.3.0.10 Broken Authentication
Site redteam-pentesting.de
RedTeam Pentesting discovered that the web interface of STARFACE as well as its REST API allows authentication using the SHA512 hash of the password instead of the cleartext...
Biig Order CMS 2 SQL Injection
Authored by indoushka
Biig Order version 2 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
Change Mirror Download
================================================================================| # Title : E-commerce Biig...
Inlislite 3.1 Insecure Settings
Authored by indoushka
Inlislite version 3.1 appears to leave default credentials installed after installation.
Change Mirror Download
====================================================================================================================================| # Title : Inlislite V3.1 Insecure Settings Vulnerability ...
KesionCMS ASP 9.5 Add Administrator
Authored by indoushka
KesionCMS ASP version 9.5 suffers from an add administrator vulnerability.
Change Mirror Download
====================================================================================================================================| # Title : KesionCMS ASP v9.5 Reinstall Add Admin Exploit ...
Total CMS 1.7.4 Shell Upload
Authored by tmrswrr
Total CMS version 1.7.4 suffers from a remote shell upload vulnerability.
Change Mirror Download
# Exploit Title: Total CMS 1.7.4 - Remote Code Execution (RCE) on File Upload (Authenticated)...
Packet Storm New Exploits For May, 2023
Authored by Todd J. | Site packetstormsecurity.com
This archive contains all of the 173 exploits added to Packet Storm in May, 2023.
Qualcomm Adreno/KGSL Unchecked Cast / Type Confusion
Authored by Jann Horn, Google Security Research
Qualcomm Adreno/KGSL suffers from an unchecked cast of vma->vm_file->private_data in kgsl_setup_dmabuf_useraddr().
advisories | CVE-2022-25743, CVE-2023-21665
Change Mirror Download
Qualcomm Adreno/KGSL: unchecked cast of vma->vm_file->private_data in kgsl_setup_dmabuf_useraddr()The...
Qualcomm Adreno/KGSL Data Leakage
Authored by Jann Horn, Google Security Research
On Qualcomm Adreno/KGSL builds where CONFIG_QCOM_KGSL_USE_SHMEM is not set (or on older KGSL versions without CONFIG_QCOM_KGSL_USE_SHMEM), KGSL allocates GPU-shared memory from its own...