Home Tools Exploits & CVE's

Exploits & CVE's

Exploits Database – Exploits, Shellcode, 0days, Remote Exploits, Local Exploits, Web Apps, Vulnerability Reports, CVEs and more.

WFTPD 3.25 Credential Disclosure

Authored by golem445 WFTPD version 3.25 leaves credentials accessible in wftpd.ini. Change Mirror Download # Exploit Title: WFTPD 3.25 - Unprotected Credential Storage# Date: 04/01/2023# Exploit Author: golem445# Vendor Homepage: https://www.texis.com/# Tested...

2023 Online Course Registration 1.0 SQL Injection

Authored by nu11secur1ty 2023 Online Course Registration version 1.0 suffers from a remote SQL Injection vulnerability that allows for authentication bypass. Change Mirror Download ## Title: 2023-Online-Course-Registration-1.0-Bypass-login-SQLi-RCE-password-changing## Author: nu11secur1ty## Date: 05.25.2023## Vendor:...

WordPress Beautiful Cookie Consent Banner 2.10.1 Cross Site Scripting

Site wordfence.com WordPress Beautiful Cookie Consent Banner versions 2.10.1 and below suffer from an unauthenticated persistent cross site scripting vulnerability. Change Mirror Download Description: Beautiful Cookie Consent Banner <= 2.10.1 - Unauthenticated...

WBCE CMS 1.6.1 Cross Site Scripting

Authored by Mirabbas Agalarov WBCE CMS version 1.6.1 suffers from a cross site scripting vulnerability. Change Mirror Download Exploit Title: WBCE CMS 1.6.1 - Multiple Stored Cross-Site Scripting (XSS)Version: 1.6.1Bugs: XSSTechnology:...

Zenphoto 1.6 Cross Site Scripting

Authored by Mirabbas Agalarov Zenphoto version 1.6 suffers from multiple persistent cross site scripting vulnerabilities. Change Mirror Download Exploit Title: Zenphoto 1.6 - Multiple stored XSSApplication: Zenphoto-1.6 xss pocVersion: 1.6 Bugs: ...

Ulicms 2023.1 Create Administrator

Authored by Mirabbas Agalarov Ulicms version 2023.1 create administrator user via mass assignment exploit. Change Mirror Download #Exploit Title: Ulicms 2023.1 - create admin user via mass assignment#Application: Ulicms#Version: 2023.1-sniffing-vicuna#Bugs: ...

SCM Manager 1.60 Cross Site Scripting

Authored by neg0x | Site github.com SCM Manager versions 1.2 through 1.60 suffer from a persistent cross site scripting vulnerability. advisories | CVE-2023-33829 Change Mirror Download #!/usr/bin/python3# Exploit Title: SCM Manager 1.60 -...

Seagate Central Storage 2015.0916 User Creation / Command Execution

Authored by Ege Balci | Site metasploit.com This Metasploit module exploits the broken access control vulnerability in Seagate Central External NAS Storage device. Subject product suffers several critical vulnerabilities such...

Laravel 10.11 Database Disclosure / Information Disclosure

Authored by indoushka Laravel version 10.11 suffers from database disclosure and information leakage vulnerabilities. Change Mirror Download ====================================================================================================================================| # Title : Laravel 10.11 Information Disclosure MySQL Credential Disclosure...

Webkul Qloapps 1.5.2 Cross Site Scripting

Authored by Astik Rawat Webkul Qloapps version 1.5.2 suffers from a cross site scripting vulnerability. advisories | CVE-2023-30256 Change Mirror Download # Exploit Title: Webkul Qloapps 1.5.2 - Cross-Site Scripting (XSS)# Date: 15...
Error decoding the Instagram API json