Exploits & CVE's

Exploits Database – Exploits, Shellcode, 0days, Remote Exploits, Local Exploits, Web Apps, Vulnerability Reports, CVEs and more.

Acelle Email Marketing 3.0.15 Arbitrary File Upload

Authored by indoushka Acelle Email Marketing version 1.0 suffers from an arbitrary file upload vulnerability. Change Mirror Download ====================================================================================================================================| # Title : Acelle Email Marketing v3.0.15 unrestricted file...

Menorah Restaurant 1.0.0 Insecure Settings

Authored by indoushka Menorah Restaurant version 1.0.0 appears to leave default credentials installed after installation. Change Mirror Download ====================================================================================================================================| # Title : Menorah Restaurant - Restaurant Food Ordering...

Faculty Evaluation System 1.0 Shell Upload

Authored by Alex Gan Faculty Evaluation System version 1.0 suffers from a remote shell upload vulnerability. advisories | CVE-2023-33440 Change Mirror Download # Exploit Title: Faculty Evaluation System 1.0 - Unauthenticated File Upload#...

Flexense HTTP Server 10.6.24 Buffer Overflow / Denial Of Service

Authored by Ege Balci | Site metasploit.com This Metasploit module triggers a denial of service vulnerability in the Flexense HTTP server. The vulnerability is caused by a user mode write...

STARFACE 7.3.0.10 Broken Authentication

Site redteam-pentesting.de RedTeam Pentesting discovered that the web interface of STARFACE as well as its REST API allows authentication using the SHA512 hash of the password instead of the cleartext...

Biig Order CMS 2 SQL Injection

Authored by indoushka Biig Order version 2 suffers from a remote SQL injection vulnerability that allows for authentication bypass. Change Mirror Download ================================================================================| # Title : E-commerce Biig...

Inlislite 3.1 Insecure Settings

Authored by indoushka Inlislite version 3.1 appears to leave default credentials installed after installation. Change Mirror Download ====================================================================================================================================| # Title : Inlislite V3.1 Insecure Settings Vulnerability ...

KesionCMS ASP 9.5 Add Administrator

Authored by indoushka KesionCMS ASP version 9.5 suffers from an add administrator vulnerability. Change Mirror Download ====================================================================================================================================| # Title : KesionCMS ASP v9.5 Reinstall Add Admin Exploit ...

Qualcomm Adreno/KGSL Unchecked Cast / Type Confusion

Authored by Jann Horn, Google Security Research Qualcomm Adreno/KGSL suffers from an unchecked cast of vma->vm_file->private_data in kgsl_setup_dmabuf_useraddr(). advisories | CVE-2022-25743, CVE-2023-21665 Change Mirror Download Qualcomm Adreno/KGSL: unchecked cast of vma->vm_file->private_data in kgsl_setup_dmabuf_useraddr()The...

Qualcomm Adreno/KGSL Data Leakage

Authored by Jann Horn, Google Security Research On Qualcomm Adreno/KGSL builds where CONFIG_QCOM_KGSL_USE_SHMEM is not set (or on older KGSL versions without CONFIG_QCOM_KGSL_USE_SHMEM), KGSL allocates GPU-shared memory from its own...