Exploits & CVE's

Authored by Ivan Fratric, Google Security Research There is an integer overflow in Shannon Baseband leading to a heap buffer overflow when reassembling IPv4 fragments. According to the debug strings,...

Authored by 8bitsec Codigo Markdown Editor version 1.0.1 suffers from an arbitrary code execution vulnerability. Change Mirror Download # Exploit Title: Codigo Markdown Editor v1.0.1 (Electron) - Arbitrary Code Execution# Date: 2023-05-03#...

Authored by Rafael Pedrero EasyPHP Webserver version 14.1 suffers from remote code execution and path traversal vulnerabilities. Change Mirror Download # Exploit Title: EasyPHP Webserver 14.1 - Multiple Vulnerabilities (RCE andPath Traversal)#...

Authored by Mirabbas Agalarov Pluck CMS version 4.7.18 suffers from a persistent cross site scripting vulnerability. Change Mirror Download Exploit Title: pluck v4.7.18 - Stored Cross-Site Scripting (XSS)Application: pluckVersion: 4.7.18Bugs: XSSTechnology:...

Authored by Ahmet Umit Bayram Wolf CMS version 0.8.3.1 suffers from a remote shell upload vulnerability. Change Mirror Download # Exploit Title: Wolf CMS 0.8.3.1 - Remote Code Execution (RCE)# Date: 2023-05-02#...

Authored by Maurice Fielenbach File Thingie version 2.5.7 remote shell upload exploit. This exploit is based on the vulnerability priorly discovered by Cakes in September of 2019. Change Mirror Download #!/usr/bin/python# Exploit...

Authored by abhhi OpenEMR versions 7.0.1 and below remote authentication bruteforcing tool that bypasses mitigations. Change Mirror Download # Exploit Title: OpenEMR v7.0.1 - Authentication credentials brute force# Date: 2023-04-28# Exploit Author:...

Authored by Daniele Linguaglossa, Alberto Bruscino FS-S3900-24T4S suffers from a privilege escalation vulnerability. advisories | CVE-2023-30350 Change Mirror Download # Exploit Title: FS-S3900-24T4S Privilege Escalation# Date: 29/04/2023# Exploit Author: Daniele Linguaglossa & Alberto...

Authored by Felipe Alcantara SoftExpert Suite version 2.1.3 suffers from a local file inclusion vulnerability. advisories | CVE-2023-30330 Change Mirror Download # Exploit Title: SoftExpert (SE) Suite v2.1.3 - Local File Inclusion# Date:...

Authored by Florian Roth, Marius Bartholdy | Site sec-consult.com The Databricks Platform as of 2023-01-26 suffered from a cluster isolation bypass vulnerability through insecure defaults and shared storage. Change Mirror Download SEC...