Exploits & CVE's

Authored by Xenofon Vassilakopoulos WordPress Hide My WP plugin versions 6.2.9 and below suffer from an unauthenticated remote SQL injection vulnerability. advisories | CVE-2022-4681 Change Mirror Download # Exploit Title: Wordpress Plugin Hide...

Authored by nu11secur1ty RUPPEINVOICE version 1.0 suffers from a remote SQL injection vulnerability. Change Mirror Download ## Title: RUPPEINVOICE-1.0 Multiple-SQLi## Author: nu11secur1ty## Date: 03/09/2024## Vendor: https://www.mayurik.com/## Software: https://www.sourcecodester.com/php/14831/billing-system-project-php-source-code-free-download.html## Reference: https://portswigger.net/web-security/sql-injection## Description:The username...

Authored by Dmitrii Ignatyev WordPress Duplicator plugin versions prior to 1.5.7.1 suffer from an unauthenticated sensitive data exposure vulnerability that can lead to account takeover. advisories | CVE-2023-6114 Change Mirror Download # Exploit...

Authored by malvuln | Site malvuln.com Backdoor.Win32.Beastdoor.oq malware suffers from a remote command execution vulnerability. Change Mirror Download Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2024Original source: https://malvuln.com/advisory/6268df4c9c805c90725dde4fe5ef6fea.txtContact: [email protected]: twitter.com/malvulnThreat:...

Authored by Youssef Muhammad Adobe ColdFusion versions 2018,15 and below and versions 2021,5 and below suffer from an arbitrary file read vulnerability. advisories | CVE-2023-26360 Change Mirror Download # Exploit Title: File Read...

Authored by Abhishek Morla Sitecore version 8.2 suffers from a remote code execution vulnerability. advisories | CVE-2023-35813 Change Mirror Download #!/usr/bin/env python3## Exploit Title: Sitecore - Remote Code Execution v8.2 # Exploit Author:...

Authored by Matheus Boschetti Numbas versions prior to 7.3 suffer from a remote code execution vulnerability. advisories | CVE-2024-27612 Change Mirror Download # Exploit Title: Numbas < v7.3 - Remote Code Execution# Google...

Authored by Srikar Human Resource Management System version 1.0 suffers from a remote SQL injection vulnerability. Original discovery of SQL injection in this version is attributed to Abdulhakim Oner in...

Authored by chebuya NorthStar C2 agent version 1.0 applies insufficient sanitization on agent registration routes, allowing an unauthenticated attacker to send multiple malicious agent registration requests to the teamserver to...

Authored by chebuya Ladder versions 0.0.1 through 0.0.21 fail to apply sufficient default restrictions on destination addresses, allowing an attacker to make GET requests to addresses that would typically not...