WordPress Hide My WP SQL Injection
Authored by Xenofon Vassilakopoulos
WordPress Hide My WP plugin versions 6.2.9 and below suffer from an unauthenticated remote SQL injection vulnerability.
advisories | CVE-2022-4681
Change Mirror Download
# Exploit Title: Wordpress Plugin Hide...
RUPPEINVOICE 1.0 SQL Injection
Authored by nu11secur1ty
RUPPEINVOICE version 1.0 suffers from a remote SQL injection vulnerability.
Change Mirror Download
## Title: RUPPEINVOICE-1.0 Multiple-SQLi## Author: nu11secur1ty## Date: 03/09/2024## Vendor: https://www.mayurik.com/## Software: https://www.sourcecodester.com/php/14831/billing-system-project-php-source-code-free-download.html## Reference: https://portswigger.net/web-security/sql-injection## Description:The username...
WordPress Duplicator Data Exposure / Account Takeover
Authored by Dmitrii Ignatyev
WordPress Duplicator plugin versions prior to 1.5.7.1 suffer from an unauthenticated sensitive data exposure vulnerability that can lead to account takeover.
advisories | CVE-2023-6114
Change Mirror Download
# Exploit...
Backdoor.Win32.Beastdoor.oq MVID-2024-0674 Remote Command Execution
Authored by malvuln | Site malvuln.com
Backdoor.Win32.Beastdoor.oq malware suffers from a remote command execution vulnerability.
Change Mirror Download
Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2024Original source: https://malvuln.com/advisory/6268df4c9c805c90725dde4fe5ef6fea.txtContact: [email protected]: twitter.com/malvulnThreat:...
Adobe ColdFusion 2018,15 / 2021,5 Arbitrary File Read
Authored by Youssef Muhammad
Adobe ColdFusion versions 2018,15 and below and versions 2021,5 and below suffer from an arbitrary file read vulnerability.
advisories | CVE-2023-26360
Change Mirror Download
# Exploit Title: File Read...
Sitecore 8.2 Remote Code Execution
Authored by Abhishek Morla
Sitecore version 8.2 suffers from a remote code execution vulnerability.
advisories | CVE-2023-35813
Change Mirror Download
#!/usr/bin/env python3## Exploit Title: Sitecore - Remote Code Execution v8.2 # Exploit Author:...
Numbas Remote Code Execution
Authored by Matheus Boschetti
Numbas versions prior to 7.3 suffer from a remote code execution vulnerability.
advisories | CVE-2024-27612
Change Mirror Download
# Exploit Title: Numbas < v7.3 - Remote Code Execution# Google...
Human Resource Management System 1.0 SQL Injection
Authored by Srikar
Human Resource Management System version 1.0 suffers from a remote SQL injection vulnerability. Original discovery of SQL injection in this version is attributed to Abdulhakim Oner in...
NorthStar C2 Agent 1.0 Cross Site Scripting / Remote Command Execution
Authored by chebuya
NorthStar C2 agent version 1.0 applies insufficient sanitization on agent registration routes, allowing an unauthenticated attacker to send multiple malicious agent registration requests to the teamserver to...
Ladder 0.0.21 Server-Side Request Forgery
Authored by chebuya
Ladder versions 0.0.1 through 0.0.21 fail to apply sufficient default restrictions on destination addresses, allowing an attacker to make GET requests to addresses that would typically not...