Microsoft Windows Kernel Arbitrary Read
Authored by Google Security Research, mjurczyk
There is a Microsoft Windows Kernel arbitrary read that can be performed by accessing predefined keys through differencing hives.
advisories | CVE-2023-35356
Microsoft Windows Kernel Unsafe Reference
Authored by Google Security Research, mjurczyk
The Microsoft Windows Kernel may reference unbacked layered keys through registry virtualization.
advisories | CVE-2023-35357
Microsoft Windows Kernel Security Descriptor Use-After-Free
Authored by Google Security Research, mjurczyk
The Microsoft Windows Kernel CmDeleteLayeredKey may delete predefined tombstone keys, leading to security descriptor use-after-free.
advisories | CVE-2023-35356
Dexx CMS HTML And Site Builder 2.2.3 XSS / Arbitrary File Upload
Authored by indoushka
Dexx CMS HTML and Site Builder version 2.2.3 suffers from cross site scripting and arbitrary file upload vulnerabilities.
Change Mirror Download
====================================================================================================================================| # Title :...
eHato CMS 1.0 Cross Site Scripting
Authored by indoushka
eHato CMS version 1.0 suffers from a cross site scripting vulnerability.
Change Mirror Download
====================================================================================================================================| # Title : eHato CMS 1.0 XSS Vulnerability ...
Lucee 5.4.2.17 Cross Site Scripting
Authored by Yehia Elghaly
Lucee version 5.4.2.17 suffers from a cross site scripting vulnerability.
Change Mirror Download
# Exploit Title: Lucee 5.4.2.17 - Authenticated Reflected XSS# Google Dork: NA# Date: 05/08/2023# Exploit...
PHPJabbers Vacation Rental Script 4.0 Cross Site Request Forgery
Authored by Hasan Ali YILDIR
PHPJabbers Vacation Rental Script version 4.0 suffers from a cross site request forgery vulnerability.
Change Mirror Download
# Exploit Title: PHPJabbers Vacation Rental Script 4.0 - CSRF#...
Emagic Data Center Management Suite 6.0 Remote Command Execution
Authored by thewhiteh4t, Shubham Pandey
Emagic Data Center Management Suite version 6.0 suffers from a remote command execution vulnerability.
advisories | CVE-2023-37569
Change Mirror Download
# Exploit Title: Emagic Data Center Management Suite...
Pyro CMS 3.9 Server-Side Template Injection
Authored by Daniel Barros
Pyro CMS version 3.9 suffers from a server-side template injection vulnerability.
advisories | CVE-2023-29689
Change Mirror Download
# Exploit Title: Pyro CMS 3.9 - Server-Side Template Injection (SSTI) (Authenticated)#...
Metabase Remote Code Execution
Authored by h00die, Shubham Shah, Maxwell Garrett | Site metasploit.com
Metabase versions before 0.46.6.1 contain a flaw where the secret setup-token is accessible even after the setup process has been...
