WordPress ReviewX 1.6.13 Privilege Escalation
Authored by Lana Codes | Site wordfence.com
WordPress ReviewX plugin versions 1.6.13 and below suffer from a privilege escalation vulnerability.
advisories | CVE-2023-2833
Change Mirror Download
Description: ReviewX <= 1.6.13 – Arbitrary Usermeta...
Pydio Cells 4.1.2 Privilege Escalation
Site redteam-pentesting.de
Pydio Cells versions 4.1.2 and below suffer from a privilege escalation vulnerability. It allows users, by default, to create so-called external users in order to share files with...
Pydio Cells 4.1.2 Cross Site Scripting
Site redteam-pentesting.de
Pydio Cells versions 4.1.2 and below implement the download of files using presigned URLs which are generated using the Amazon AWS SDK for JavaScript. The secrets used to...
WBCE CMS 1.6.1 Cross Site Scripting
Authored by Mirabbas Agalarov
WBCE CMS version 1.6.1 suffers from a cross site scripting vulnerability.
Change Mirror Download
Exploit Title: WBCE CMS 1.6.1 - Multiple Stored Cross-Site Scripting (XSS)Version: 1.6.1Bugs: XSSTechnology:...
Zenphoto 1.6 Cross Site Scripting
Authored by Mirabbas Agalarov
Zenphoto version 1.6 suffers from multiple persistent cross site scripting vulnerabilities.
Change Mirror Download
Exploit Title: Zenphoto 1.6 - Multiple stored XSSApplication: Zenphoto-1.6 xss pocVersion: 1.6 Bugs: ...
Ulicms 2023.1 Create Administrator
Authored by Mirabbas Agalarov
Ulicms version 2023.1 create administrator user via mass assignment exploit.
Change Mirror Download
#Exploit Title: Ulicms 2023.1 - create admin user via mass assignment#Application: Ulicms#Version: 2023.1-sniffing-vicuna#Bugs: ...
SCM Manager 1.60 Cross Site Scripting
Authored by neg0x | Site github.com
SCM Manager versions 1.2 through 1.60 suffer from a persistent cross site scripting vulnerability.
advisories | CVE-2023-33829
Change Mirror Download
#!/usr/bin/python3# Exploit Title: SCM Manager 1.60 -...
Seagate Central Storage 2015.0916 User Creation / Command Execution
Authored by Ege Balci | Site metasploit.com
This Metasploit module exploits the broken access control vulnerability in Seagate Central External NAS Storage device. Subject product suffers several critical vulnerabilities such...
Camaleon CMS 2.7.0 Server-Side Template Injection
Authored by Parag Bagul
Camaleon CMS version 2.7.0 suffers from a server-side template injection vulnerability.
advisories | CVE-2023-30145
Change Mirror Download
Exploit Title: Camaleon CMS v2.7.0 - Server-Side Template Injection (SSTI)Exploit Author: PARAG...
Jobs Portal 3.6 Insecure Settings
Authored by indoushka
Jobs Portal version 3.6 appears to leave default credentials installed after installation.
Change Mirror Download
====================================================================================================================================| # Title : Jobs Portal V 3.6 Insecure Settings...





