Exploits & CVE's

Authored by Ashish Koli Pluck CMS version 4.7.16 suffers from a remote shell upload execution vulnerability. advisories | CVE-2022-26965 Change Mirror Download # Exploit Title: Pluck CMS 4.7.16 - Remote Code Execution (RCE)...

Authored by UndeadLarva Node.JS node-serialize remote code execution exploit. advisories | CVE-2017-5941 Change Mirror Download # Exploit Title: Node.JS - 'node-serialize' Remote Code Execution (2)# Exploit Author: UndeadLarva# Software Link: https://www.npmjs.com/package/node-serialize# Version: 0.0.4#...

Authored by Google Security Research, natashenka There is a heap corruption bug that can occur when QT processes a malformed TIFF image. It happens because the size of the QImageData...

Site redteam-pentesting.de RedTeam Pentesting discovered a vulnerability in the web-based management interface of the Auerswald COMpact 5500R PBX which allows low-privileged users to access passwords of administrative user accounts. Affected...

Authored by malvuln | Site malvuln.com Builder XtremeRAT malware version 3.7 suffers from an insecure permissions vulnerability. Change Mirror Download Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2022Original source: https://malvuln.com/advisory/7f314e798c150aedd9ce41ed39318f65.txtContact:...

Authored by Mahendra Purbia OpenCart version 3.0.36 account takeover cross site request forgery exploit. Change Mirror Download # Exploit Title: OpenCart 3.0.36 - ATO via Cross Site Request Forgery# Date: 01-09-2021# Exploit...

Authored by Abdulazeez Alaseeri WordPress Good LMS plugin versions 2.1.4 and below suffer from a remote SQL injection vulnerability. Change Mirror Download # Exploit Title: Wordpress Plugin Good LMS 2.1.4 - 'id'...

Authored by malvuln | Site malvuln.com Backdoor.Win32.Inject.tyq malware suffers from an insecure permissions vulnerability. Change Mirror Download Discovery / credits: Malvuln - malvuln.com (c) 2021Original source: https://malvuln.com/advisory/833868d3092bea833839a6b8ec196046.txtContact: [email protected]: twitter.com/malvulnThreat: Backdoor.Win32.Inject.tyqVulnerability: Insecure PermissionsDescription:...

Authored by Y1LD1R1M Processwire CMS version 2.4.0 suffers from a local file inclusion vulnerability. Change Mirror Download # Exploit Title: # Vulnerability Type: Unauthenticated LFI# Date: # Exploit Author: # Type: #...

Authored by Rahad Chowdhury Fuel CMS version 1.4.13 suffers from a remote blind SQL injection vulnerability. Change Mirror Download # Exploit Title: Fuel CMS 1.4.13 - 'col' Parameter Blind SQL Injection(Authenticated)# Date:...