phpAnalyzer 2.0.4 Insecure Settings
Authored by indoushka
phpAnalyzer version 2.0.4 appears to leave default credentials installed after installation.
Change Mirror Download
====================================================================================================================================| # Title : phpAnalyzer v2.0.4 Insecure Settings Vulnerability ...
Piyanas 0.1 Cross Site Request Forgery
Authored by indoushka
Piyanas version 0.1 suffers from a cross site request forgery vulnerability.
Change Mirror Download
====================================================================================================================================| # Title : Piyanas v0.1 User Login Page CSRF Vulnerability...
ProLogin 1.9 Insecure Direct Object Reference
Authored by indoushka
ProLogin version 1.9 suffers from an insecure direct object reference vulnerability.
Change Mirror Download
====================================================================================================================================| # Title : ProLogin V1.9 Insecure Direct Object Reference Vulnerability...
TerraMaster TOS 4.2.29 Remote Code Execution
Authored by h00die-gr3y, Octagon Networks, 0xf4n9x | Site metasploit.com
This Metasploit module exploits an unauthenticated remote code execution vulnerability in TerraMaster TOS versions 4.2.29 and below by chaining two existing...
TerraMaster TOS 4.2.15 Remote Code Execution
Authored by n0tme, h00die-gr3y | Site metasploit.com
This Metasploit module is a Terramaster chained exploit that performs session crafting to achieve escalated privileges that allows an attacker to access vulnerable...
Oracle Weblogic PreAuth Remote Command Execution
Authored by Grant Willcox, 4ra1n, 14m3ta7k | Site metasploit.com
Oracle Weblogic versions 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0 prior to the Jan 2023 security update are vulnerable to an unauthenticated remote code...
MOVEit Transfer SQL Injection / Remote Code Execution
Authored by Horizon3 Attack Team | Site github.com
This proof of concept abuses an SQL injection vulnerability in MOVEit to obtain a sysadmin API access token and then use that...
Xoops CMS 2.5.10 Cross Site Scripting
Authored by tmrswrr
Xoops CMS version 2.5.10 suffers from a persistent cross site scripting vulnerability.
Change Mirror Download
# Exploit Title: Xoops CMS Version 2.5.10 - Stored Cross-Site Scripting (XSS) (Authenticated)# Date:...
BB Machine Forum 1.0 Cross Site Scripting
Authored by CraCkEr
BB Machine Forum version 1.0 suffers from a cross site scripting vulnerability.
Change Mirror Download
┌┌───────────────────────────────────────────────────────────────────────────────────────┐││ ...
LearnDesk 1.0 Cross Site Scripting
Authored by CraCkEr
LearnDesk version 1.0 suffers from a cross site scripting vulnerability.
Change Mirror Download
┌┌───────────────────────────────────────────────────────────────────────────────────────┐││ ...





