Gambio Online Webshop 4.9.2.0 Remote Code Execution
Authored by h00die-gr3y, usd Herolab | Site metasploit.com
A remote code execution vulnerability in Gambio online webshop versions 4.9.2.0 and below allows remote attackers to run arbitrary commands via an...
Visual Studio Code Execution
Authored by h00die | Site metasploit.com
This Metasploit module creates a vsix file which can be installed in Visual Studio Code as an extension. At activation/install, the extension will execute...
GitLens Git Local Configuration Execution
Authored by h00die, Paul Gerste | Site metasploit.com
GitKraken GitLens versions prior to 14.0.0 allow an untrusted workspace to execute git commands. A repo may include its own .git folder...
FortiNet FortiClient EMS 7.2.2 / 7.0.10 SQL Injection / Remote Code Execution
Authored by Spencer McIntyre, jheysel-r7, James Horseman, Zach Hanley | Site metasploit.com
A remote SQL injection vulnerability exists in FortiNet FortiClient EMS (Endpoint Management Server) versions 7.2.0 through 7.2.2 and...
Nginx 1.25.5 Host Header Validation
Authored by dhteam
Nginx versions 1.25.5 and below appear to have a host header filtering validation bug that could possibly be used for malice.
Change Mirror Download
# Nginx =< 1.25.5 $host...
Relate Learning And Teaching System SSTI / Remote Code Execution
Authored by kai6u
Relate Learning and Teaching System versions prior to 2024.1 suffers from a server-side template injection vulnerability that leads to remote code execution. This particular finding targets the...
Apache Solr Backup/Restore API Remote Code Execution
Authored by jheysel-r7, l3yx | Site metasploit.com
Apache Solr versions 6.0.0 through 8.11.2 and versions 9.0.0 up to 9.4.1 are affected by an unrestricted file upload vulnerability which can result...
PowerVR PMRMMapPMR() Writability Check
Authored by Jann Horn, Google Security Research
PowerVR has a security issue where a writability check in PMRMMapPMR() does not clear VM_MAYWRITE.
LRMS PHP 1.0 SQL Injection / Shell Upload
Authored by nu11secur1ty
LRMS PHP version 1.0 suffers from remote shell upload and multiple remote SQL injection vulnerabilities.
Change Mirror Download
## Titles: LRMS-PHP-by-oretnom23-v1.0 hat-trick1. Multiple-SQLi2. File Upload3. SQLi Bypass Authentication:## Latest...
Laravel Framework 11 Credential Disclosure
Authored by Huseein Amer
Laravel Framework version 11 suffers from a credential disclosure vulnerability.
advisories | CVE-2024-29291
Change Mirror Download
# Exploit Title: Laravel Framework 11 - Credential Leakage# Google Dork: N/A# Date:...