Windows PspBuildCreateProcessContext Double-Fetch / Buffer Overflow
Authored by gabe_k
Proof of concept code that demonstrates how the Windows kernel suffers from a privilege escalation vulnerability due to a double-fetch in PspBuildCreateProcessContext that leads to a stack...
Online Tours And Travels Management System 1.0 SQL Injection
Authored by nu11secur1ty
Online Tours and Travels Management System version 1.0 suffers from a remote SQL injection vulnerability.
Change Mirror Download
## Titles: Travel-Manager-OTMSP-1.0 Multiple SQLi## Author: nu11secur1ty## Date: 05/01/2024## Vendor: https://mayurik.com/##...
Packet Storm New Exploits For April, 2024
Authored by Todd J. | Site packetstormsecurity.com
This archive contains all of the 132 exploits added to Packet Storm in April, 2024.
htmlLawed 1.2.5 Remote Command Execution
Authored by d4t4s3c
htmlLawed versions 1.2.5 and below proof of concept remote command execution exploit.
advisories | CVE-2022-35914
Change Mirror Download
#!/bin/bash# Exploit Title: htmlLawed <= 1.2.5 - Remote Code Execution# Date: 2024-05-02#...
SOPlanning 1.52.00 Cross Site Scripting
Authored by liquidsky
SOPlanning version 1.52.00 suffers from a cross site scripting vulnerability in groupe_save.php.
Change Mirror Download
Exploit Title: SOPlanning v1.52.00 'groupe_save.php' XSS (Reflected XSS)Application: SOPlanningVersion: 1.52.00Date: 4/22/24Exploit Author: Joseph McPeters...
SOPlanning 1.52.00 Cross Site Request Forgery
Authored by liquidsky
SOPlanning version 1.52.00 suffers from a cross site request forgery vulnerability in xajax_server.php.
Change Mirror Download
<!--Exploit Title: SOPlanning v1.52.00 'xajax_server.php' CSRF (Account Takeover)Application: SOPlanningVersion: 1.52.00Date: 4/22/24Exploit Author: Joseph...
SOPlanning 1.52.00 SQL Injection
Authored by liquidsky
SOPlanning version 1.52.00 suffers from a remote SQL injection vulnerability in projects.php.
Change Mirror Download
Exploit Title: SOPlanning v1.52.00 'projets.php' SQLiApplication: SOPlanningVersion: 1.52.00Date: 4/22/24Exploit Author: Joseph McPeters (Liquidsky)Vendor Homepage:...
Docker Privileged Container Kernel Escape
Authored by Eran Ayalon, Nick Cottrell, Ilan Sokol | Site metasploit.com
This Metasploit module performs a container escape onto the host as the daemon user. It takes advantage of the...
osCommerce 4 Cross Site Scripting
Authored by CraCkEr
osCommerce version 4 suffers from a cross site scripting vulnerability. This finding is another vector of attack for this issue already discovered by the same researcher in...
undefinedExploiting The NT Kernel In 24H2undefined
Authored by gabe_k
This is the full Windows privilege escalation exploit produced from the blog Exploiting the NT Kernel in 24H2: New Bugs in Old Code and Side Channels Against...