Exploits & CVE's

Exploits Database – Exploits, Shellcode, 0days, Remote Exploits, Local Exploits, Web Apps, Vulnerability Reports, CVEs and more.

W3 Eden Download Manager 3.2.70 Cross Site Scripting

Authored by Lana Codes | Site wordfence.com W3 Eden Download Manager versions 3.2.70 and below suffer from a persistent cross site scripting vulnerability via ShortCode. advisories | CVE-2023-2305 Change Mirror Download W3 Eden...

Affiliate Me 5.0.1 SQL Injection

Authored by h4ck3r Affiliate Me version 5.0.1 suffers from a remote SQL injection vulnerability. Change Mirror Download Exploit Title: Affiliate Me Version 5.0.1 - SQL Injection Exploit Date: May 16, 2023....

WBiz Desk 1.2 Cross Site Scripting

Authored by CraCkEr WBiz Desk version 1.2 suffers from a cross site scripting vulnerability. Change Mirror Download ┌┌───────────────────────────────────────────────────────────────────────────────────────┐││ ...

Sudoedit Extra Arguments Privilege Escalation

Authored by h00die, Matthieu Barjole, Victor Cutillas | Site metasploit.com This exploit takes advantage of a vulnerability in sudoedit, part of the sudo package. The sudoedit (aka sudo -e) feature...

Filmora 12 Build 1.0.0.7 Unquoted Service Path

Authored by Thurein Soe Filmora version 12 Build 1.0.0.7 suffers from an unquoted service path vulnerability. advisories | CVE-2023-31747 Change Mirror Download Vendor Name: FilmoraProduct Name: Filmora 12 version ( Build 1.0.0.7 )Vendor...

MobileTrans 4.0.11 Weak Service Permissions

Authored by Thurein Soe MobileTrans version 4.0.11 suffers from having a weak service permission vulnerability. advisories | CVE-2023-31748 Change Mirror Download Vendor Name: MobileTransProduct Name: MobileTransVendor Home Page: https://mobiletrans.wondershare.com/Affected Version(s): MobileTrans version...

ChurchCRM 4.5.4 Cross Site Scripting

Authored by Rahad Chowdhury ChurchCRM version 4.5.4 suffers from a cross site scripting vulnerability. Related CVE number: CVE-2023-31699. Change Mirror Download # Exploit Title: ChurchCRM v4.5.4 - Reflected XSS via Image (Authenticated)#...

CiviCRM 5.59.alpha1 Cross Site Scripting

Authored by Andrea Intilangelo CiviCRM version 5.59.alpha1 suffers from a persistent cross site scripting vulnerability. advisories | CVE-2023-25440 Change Mirror Download # Exploit Title: CiviCRM 5.59.alpha1 - Stored XSS (Cross-Site Scripting)# Date: 2023-02-02#...

Kiddoware Kids Place Parental Control Android App 3.8.49 XSS / CSRF / File Upload

Authored by Fabian Densborn, Bernhard Grundling | Site sec-consult.com Kiddoware Kids Place Parental Control Android App versions 3.8.49 and below suffer from weak hashing, cross site request forgery, cross site...

Ivanti Avalanche FileStoreConfig Shell Upload

Authored by Shelby Pace, Piotr Bazydlo | Site metasploit.com Ivanti Avalanche versions prior to 6.4.0.186 permits MS-DOS style short names in the configuration path for the Central FileStore. Because of...