Exploits & CVE's

Exploits Database – Exploits, Shellcode, 0days, Remote Exploits, Local Exploits, Web Apps, Vulnerability Reports, CVEs and more.

Expert Restaurant eCommerce 1.0 SQL Injection

Authored by CraCkEr Expert Restaurant eCommerce version 1.0 suffers from a remote SQL injection vulnerability. Change Mirror Download ┌┌───────────────────────────────────────────────────────────────────────────────────────┐││ ...

Expert Restaurant eCommerce 1.0 Cross Site Scripting

Authored by CraCkEr Expert Restaurant eCommerce version 1.0 suffers from a cross site scripting vulnerability. Change Mirror Download ┌┌───────────────────────────────────────────────────────────────────────────────────────┐││ ...

Delta Electronics InfraSuite Device Master Deserialization

Authored by anonymous, Shelby Pace | Site metasploit.com Delta Electronics InfraSuite Device Master versions below 1.0.5 have an unauthenticated .NET deserialization vulnerability within the ParseUDPPacket() method of the Device-Gateway-Status process....

WordPress Directorist 7.5.4 Insecure Direct Object Reference / Privilege Escalation

Authored by Alex Thomas | Site wordfence.com WordPress Directorist plugin versions 7.5.4 and below suffer from insecure direct object reference and privilege escalation vulnerabilities. advisories | CVE-2023-1888, CVE-2023-1889 Change Mirror Download Alongside our...

Microsoft Windows PowerShell Remote Command Execution

Authored by hyp3rlinx | Site hyp3rlinx.altervista.org This python script mints a .ps1 file with an exploitable semicolon condition that allows for command execution from Microsoft Windows PowerShell. This is an...

RenderDoc 1.26 Local Privilege Escalation / Remote Code Execution

Authored by Qualys Security Advisory RenderDoc versions 1.26 and below suffer from integer underflow, integer overflow, and symlink vulnerabilities. advisories | CVE-2023-33863, CVE-2023-33864, CVE-2023-33865 Change Mirror Download Qualys Security AdvisoryLPE and RCE in...

ManageEngine ADManager Plus Command Injection

Authored by Grant Willcox, Simon Humbert, Dinh Hoang | Site metasploit.com ManageEngine ADManager Plus versions prior to build 7181 are vulnerable to an authenticated command injection vulnerability due to insufficient...

Expert Job Portal Management System 1.0 Cross Site Scripting

Authored by CraCkEr Expert Job Portal Management System version 1.0 suffers from a cross site scripting vulnerability. Change Mirror Download ┌┌───────────────────────────────────────────────────────────────────────────────────────┐││ ...

WordPress Getwid Gutenberg Blocks 1.8.3 Improper Authorization / SSRF

Authored by Ramuel Gall | Site wordfence.com WordPress Getwid Gutenberg Blocks plugin versions 1.8.3 and below suffer from improper authorization and server-side request forgery vulnerabilities. advisories | CVE-2023-1895, CVE-2023-1910 Change Mirror Download On...

WordPress Updraft 0.6.1 Backup Disclosure

Authored by indoushka WordPress Updraft plugin version 0.6.1 suffers from an information disclosure vulnerability. Change Mirror Download ====================================================================================================================================| # Title : WordPress - updraft 0.6.1 Backup Disclosure Vulnerability...