Exploits & CVE's

Exploits Database – Exploits, Shellcode, 0days, Remote Exploits, Local Exploits, Web Apps, Vulnerability Reports, CVEs and more.

e-Biz Technocrats Pvt.Ltd SQL Injection

Authored by K1LL3rB4LL It appears that sites designed by e-Biz Technocrats Pvt.Ltd suffer from a remote SQL injection vulnerability. As they do not provide any sort of versioning with their...

Simple Customer Relationship Management CRM 2023 1.0 SQL Injection

Authored by nu11secur1ty Simple Customer Relationship Management CRM 2023 version 1.0 suffers from a remote SQL injection vulnerability. Change Mirror Download ## Title: SCRMS-2023-05-27-1.0-Multiple-SQLi## Author: nu11secur1ty## Date: 05.27.2023## Vendor: https://github.com/oretnom23## Software: https://www.sourcecodester.com/php/15895/simple-customer-relationship-management-crm-system-using-php-free-source-coude.html##...

New MVC Shop 1.0 SQL Injection / Missing Attributes

Authored by nu11secur1ty New MVC Shop version 1.0 suffers from remote SQL injection and missing attribute vulnerabilities. Change Mirror Download ## Title: new-mvc-shop-1.0 - SQLi + SameSite attribute weak securityPHPSESSID Hijacking## Author:...

FusionInvoice 2023-1.0 Cross Site Scripting

Authored by Andrea Intilangelo FusionInvoice version 2023-1.0 suffers from a persistent cross site scripting vulnerability. advisories | CVE-2023-25439 Change Mirror Download # Exploit Title: FusionInvoice 2023-1.0 - Stored XSS (Cross-Site Scripting)# Date: 2023-05-24#...

Service Provider Management System 1.0 SQL Injection

Authored by Ashik Kunjumon Service Provider Management System version 1.0 suffers from a remote SQL injection vulnerability. Change Mirror Download # Exploit Title: Service Provider Management System v1.0 - SQL Injection# Date:...

WFTPD 3.25 Credential Disclosure

Authored by golem445 WFTPD version 3.25 leaves credentials accessible in wftpd.ini. Change Mirror Download # Exploit Title: WFTPD 3.25 - Unprotected Credential Storage# Date: 04/01/2023# Exploit Author: golem445# Vendor Homepage: https://www.texis.com/# Tested...

2023 Online Course Registration 1.0 SQL Injection

Authored by nu11secur1ty 2023 Online Course Registration version 1.0 suffers from a remote SQL Injection vulnerability that allows for authentication bypass. Change Mirror Download ## Title: 2023-Online-Course-Registration-1.0-Bypass-login-SQLi-RCE-password-changing## Author: nu11secur1ty## Date: 05.25.2023## Vendor:...

WordPress Beautiful Cookie Consent Banner 2.10.1 Cross Site Scripting

Site wordfence.com WordPress Beautiful Cookie Consent Banner versions 2.10.1 and below suffer from an unauthenticated persistent cross site scripting vulnerability. Change Mirror Download Description: Beautiful Cookie Consent Banner <= 2.10.1 - Unauthenticated...

Laravel 10.11 Database Disclosure / Information Disclosure

Authored by indoushka Laravel version 10.11 suffers from database disclosure and information leakage vulnerabilities. Change Mirror Download ====================================================================================================================================| # Title : Laravel 10.11 Information Disclosure MySQL Credential Disclosure...

Webkul Qloapps 1.5.2 Cross Site Scripting

Authored by Astik Rawat Webkul Qloapps version 1.5.2 suffers from a cross site scripting vulnerability. advisories | CVE-2023-30256 Change Mirror Download # Exploit Title: Webkul Qloapps 1.5.2 - Cross-Site Scripting (XSS)# Date: 15...