Exploits & CVE's

Authored by CraCkEr Hyip Rio version 2.1 suffers from an arbitrary file upload vulnerability that can be leveraged to commit cross site scripting attacks. advisories | CVE-2023-4382 Change Mirror Download # Exploit Title:...

Authored by Matthias Deeg, Moritz Abrell | Site syss.de AudioCodes VoIP Phones with firmware versions greater than or equal to 3.4.4.1000 have been found to have validation of firmware images...

Authored by Moritz Abrell | Site syss.de The AudioCodes VoIP phones store sensitive information, e.g. credentials and passwords, in encrypted form in their configuration files. These encrypted values can also...

Authored by Ege Balci, Chris Wild | Site metasploit.com Maltrail is a malicious traffic detection system, utilizing publicly available blacklists containing malicious and/or generally suspicious trails. Maltrail versions below 0.54...

Authored by bwatters-r7, p4r4bellum | Site metasploit.com There exists a .NET deserialization vulnerability in Greenshot versions 1.3.274 and below. The deserialization allows the execution of commands when a user opens...

Authored by Google Security Research, Mark Brand Chrome IPCZ FragmentDescriptors are not validated allowing for an out-of-bounds crash condition. advisories | CVE-2023-3732

Authored by Hank Leininger, Jim Becher | Site korelogic.com Cisco ThousandEyes Enterprise Agent Virtual Appliance version thousandeyes-va-64-18.04 0.218 has an insecure sudo configuration which permits a low-privilege user to read...

Authored by Jim Becher | Site korelogic.com Cisco ThousandEyes Enterprise Agent Virtual Appliance version thousandeyes-va-64-18.04 0.218 has an insecure sudo configuration which permits a low-privilege user to run arbitrary commands...

Authored by indoushka Erim Upload version 4 suffers from a database disclosure vulnerability. Change Mirror Download ====================================================================================================================================| # Title : Erim Upload V4 Database Disclosure Exploit ...

Authored by indoushka Event Locations CMS version 1.0.1 suffers from a cross site scripting vulnerability. Change Mirror Download ====================================================================================================================================| # Title : Event Locations CMS v1.0.1 - XSS...