Exploits & CVE's

Authored by h00die, Gaetan Ferry, Michal Bentkowski | Site metasploit.com Kibana versions before 5.6.15 and 6.6.1 contain an arbitrary code execution flaw in the Timelion visualizer. An attacker with access...

Authored by Erik Wynter, Gal Goldstein, Daniel Abeles | Site metasploit.com This Metasploit module exploits an unauthenticated command injection vulnerability in the key parameter in OpenTSDB through 2.4.1 in order...

Authored by Ron Bowes, fulmetalpackets | Site metasploit.com This Metasploit module exploits a series of vulnerabilities - including auth bypass, SQL injection, and shell injection - to obtain remote code...

Authored by rgod, Ege Balci | Site metasploit.com This Metasploit module exploits broken access control and directory traversal vulnerabilities in LG Simple Editor software for gaining code execution. The vulnerabilities...

Authored by Georgi Guninski Firefox version 117 suffers from a file creation denial of service vulnerability. Change Mirror Download This is barely a DoS, but since Chrome has explicit protectionagainst it, we...

Authored by nu11secur1ty Event Booking Calendar version 4.0 suffers from a cross site scripting vulnerability. Change Mirror Download ## Title: Event Booking Calendar-4.0 XSS-Reflected## Author: nu11secur1ty## Date: 09/06/2023## Vendor: https://www.phpjabbers.com/## Software: https://www.phpjabbers.com/event-booking-calendar/#sectionDemo##...

Authored by nu11secur1ty Cleaning Business Software version 1.0 suffers from a cross site scripting vulnerability. Change Mirror Download ## Title: Cleaning Business Software-1.0 XSS-Reflected## Author: nu11secur1ty## Date: 09/06/2023## Vendor: https://www.phpjabbers.com/## Software: https://www.phpjabbers.com/cleaning-business-software/#sectionDemo##...

Authored by Rajdip Dey Sarkar OpenCart CMS version 4.0.2.2 suffers from a login brute forcing vulnerability. advisories | CVE-2023-40834 Change Mirror Download # Exploit Title: OpenCart CMS v4.0.2.2 Login Vulnerability# Date: 5-9-2023# Category:...

Authored by James Forshaw, Google Security Research Windows still suffers from issues related to the replacement of the system drive letter during impersonation. This can be abused to trick privilege...

Authored by Lana Codes | Site wordfence.com WordPress Newsletter plugin versions 7.8.9 and below suffer from a persistent cross site scripting vulnerability. advisories | CVE-2023-4772 Change Mirror Download Vulnerability Summary from Wordfence IntelligenceDescription:...