Exploits & CVE's

Authored by golem445 WFTPD version 3.25 leaves credentials accessible in wftpd.ini. Change Mirror Download # Exploit Title: WFTPD 3.25 - Unprotected Credential Storage# Date: 04/01/2023# Exploit Author: golem445# Vendor Homepage: https://www.texis.com/# Tested...

Authored by nu11secur1ty 2023 Online Course Registration version 1.0 suffers from a remote SQL Injection vulnerability that allows for authentication bypass. Change Mirror Download ## Title: 2023-Online-Course-Registration-1.0-Bypass-login-SQLi-RCE-password-changing## Author: nu11secur1ty## Date: 05.25.2023## Vendor:...

Site wordfence.com WordPress Beautiful Cookie Consent Banner versions 2.10.1 and below suffer from an unauthenticated persistent cross site scripting vulnerability. Change Mirror Download Description: Beautiful Cookie Consent Banner <= 2.10.1 - Unauthenticated...

Authored by Mirabbas Agalarov WBCE CMS version 1.6.1 suffers from a cross site scripting vulnerability. Change Mirror Download Exploit Title: WBCE CMS 1.6.1 - Multiple Stored Cross-Site Scripting (XSS)Version: 1.6.1Bugs: XSSTechnology:...

Authored by Mirabbas Agalarov Zenphoto version 1.6 suffers from multiple persistent cross site scripting vulnerabilities. Change Mirror Download Exploit Title: Zenphoto 1.6 - Multiple stored XSSApplication: Zenphoto-1.6 xss pocVersion: 1.6 Bugs: ...

Authored by Mirabbas Agalarov Ulicms version 2023.1 create administrator user via mass assignment exploit. Change Mirror Download #Exploit Title: Ulicms 2023.1 - create admin user via mass assignment#Application: Ulicms#Version: 2023.1-sniffing-vicuna#Bugs: ...

Authored by neg0x | Site github.com SCM Manager versions 1.2 through 1.60 suffer from a persistent cross site scripting vulnerability. advisories | CVE-2023-33829 Change Mirror Download #!/usr/bin/python3# Exploit Title: SCM Manager 1.60 -...

Authored by Ege Balci | Site metasploit.com This Metasploit module exploits the broken access control vulnerability in Seagate Central External NAS Storage device. Subject product suffers several critical vulnerabilities such...

Authored by indoushka Laravel version 10.11 suffers from database disclosure and information leakage vulnerabilities. Change Mirror Download ====================================================================================================================================| # Title : Laravel 10.11 Information Disclosure MySQL Credential Disclosure...

Authored by Astik Rawat Webkul Qloapps version 1.5.2 suffers from a cross site scripting vulnerability. advisories | CVE-2023-30256 Change Mirror Download # Exploit Title: Webkul Qloapps 1.5.2 - Cross-Site Scripting (XSS)# Date: 15...