Home Tools Exploits & CVE's

Exploits & CVE's

Exploits Database – Exploits, Shellcode, 0days, Remote Exploits, Local Exploits, Web Apps, Vulnerability Reports, CVEs and more.

Longjing Technology BEMS API 1.21 Remote Arbitrary File Download

0
Authored by LiquidWorm | Site zeroscience.mk Longjing Technology BEMS API version 1.21 suffers from an unauthenticated arbitrary file download vulnerability. Input passed through the fileName parameter through downloads endpoint is...

Oracle Fatwire 6.3 Cross Site Scripting / SQL Injection

0
Authored by J. Francisco Bolivar Oracle Fatwire version 6.3 suffers from cross site scripting and remote SQL injection vulnerabilities. Change Mirror Download # Exploit Title: Oracle Fatwire 6.3 - Multiple Vulnerabilities# Date:...

Microsoft Exchange AD Schema Misconfiguration Privilege Escalation

0
Authored by James Forshaw, Google Security Research The msExchStorageGroup schema class added during Exchange installation can be used to create almost any AD object including users, groups or domain trusts...

ObjectPlanet Opinio 7.13 / 7.14 XML Injection

0
Authored by Daniel Tan, Khor Yong Heng, Timothy Tan, Yu Enhui ObjectPlanet Opinio versions 7.13 and 7.14 suffer from an XML external entity injection vulnerability. advisories | CVE-2020-26564 Change Mirror Download # Exploit...

ObjectPlanet Opinio 7.13 Expression Language Injection

0
Authored by Daniel Tan, Khor Yong Heng, Timothy Tan, Yu Enhui ObjectPlanet Opinio version 7.13 suffers from an expression language injection vulnerability. advisories | CVE-2020-26565 Change Mirror Download # Exploit Authors: Timothy Tan...

ObjectPlanet Opinio 7.13 Shell Upload

0
Authored by Daniel Tan, Khor Yong Heng, Timothy Tan, Yu Enhui ObjectPlanet Opinio version 7.13 suffers from a remote shell upload vulnerability. advisories | CVE-2020-26806 Change Mirror Download # Exploit Authors: Timothy Tan...

Panasonic Sanyo CCTV Network Camera 2.03-0x Cross Site Request Forgery

0
Authored by LiquidWorm | Site zeroscience.mk Panasonic Sanyo CCTV Network Camera version 2.03-0x allows users to perform certain actions via HTTP requests without performing any validity checks to verify the...

Pi-Hole Remove Commands Linux Privilege Escalation

0
Authored by h00die, Emanuele Barbeno | Site metasploit.com Pi-Hole versions 3.0 through 5.3 allows for command line input to the removecustomcname, removecustomdns, and removestaticdhcp functions without properly validating the parameters...

Event Registration System With QR Code 1.0 Shell Upload

Authored by Javier Olmedo Event Registration System with QR Code version 1.0 suffers from authentication bypass and shell upload vulnerabilities. Change Mirror Download # Exploit Title: Event Registration System with QR Code...

Backdoor.Win32.WinShell.40 Code Execution

Authored by malvuln | Site malvuln.com Backdoor.Win32.WinShell.40 malware suffers from a code execution vulnerability. Change Mirror Download Discovery / credits: Malvuln - malvuln.com (c) 2021Original source: https://malvuln.com/advisory/c98e23742807f3cb5a095f34e0eb0e52.txtContact: [email protected]: twitter.com/malvulnThreat: Backdoor.Win32.WinShell.40Vulnerability: Unauthenticated Remote...
Error decoding the Instagram API json