Exploits & CVE's

Exploits Database – Exploits, Shellcode, 0days, Remote Exploits, Local Exploits, Web Apps, Vulnerability Reports, CVEs and more.

SEO Friendly Blog CMS 1.0 Cross Site Scripting

Authored by nu11secur1ty SEO Friendly Blog CMS version 1.0 suffers from a cross site scripting vulnerability. Change Mirror Download ## Title: SEO-friendly-blog-CMS-system-in-PHP-with-MYSQL-database-1.0-2023XSS-Reflected Vulnerability## Author: nu11secur1ty## Date: 05.17.2023## Vendor: https://technosmarter.com/## Software: https://github.com/technosmarter/SEO-friendly-blog-CMS-system-in-PHP-with-MYSQL-database## Reference...

WordPress Core 6.2 XSS / CSRF / Directory Traversal

Authored by Jakub Zoczek, Ramuel Gall, John Blackbourn, Matt Rusnak, Liam Gladdy | Site wordfence.com WordPress Core versions 6.2 and below suffer from cross site request forgery, persistent cross site...

IBM AIX 7.2 inscout Privilege Escalation

Authored by Tim Brown, Brendan Coles | Site metasploit.com This Metasploit module exploits a command injection vulnerability in IBM AIX invscout set-uid root utility present in AIX 7.2 and earlier....

Bludit CMS 3.14.1 Cross Site Scripting

Authored by Rahad Chowdhury Bludit CMS version 3.14.1 suffers from a persistent cross site scripting vulnerability. advisories | CVE-2023-31698 Change Mirror Download # Exploit Title: Bludit CMS v3.14.1 - Stored Cross-Site Scripting (XSS)(Authenticated)#...

Screen SFT DAB 600/C Authentication Bypass / Reset Board Config

Authored by LiquidWorm | Site zeroscience.mk Screen SFT DAB 600/C suffers from a weak session management that can allow an attacker on the same network to bypass these controls by...

Screen SFT DAB 600/C Unauthenticated Information Disclosure

Authored by LiquidWorm | Site zeroscience.mk Screen SFT DAB 600/C is affected by an information disclosure vulnerability due to improper access control enforcement. An unauthenticated remote attacker can exploit this...

GaanaGawaana Music Platform PHP Script 1.0 Cross Site Scripting / SQL Injection

Authored by nu11secur1ty GaanaGawaana Music Platform PHP Script version 1.0 suffers from cross site scripting and remote SQL injection vulnerabilities. Change Mirror Download ## Title: GaanaGawaana - Music Platform PHP Script-1.0 XSS-Reflectedand...

VideoStream Local Privilege Escalation

Authored by Dan Revah | Site danrevah.github.io This blog post discusses a local privilege escalation vulnerability discovered within the macOS Videostream application. They author walks you through the process of...

Telegram On macOS TCC Bypass

Authored by Dan Revah | Site danrevah.github.io This article focuses on a weakness in the Telegram application on macOS that allows for the injection of a Dynamic Library (or Dylib...

Screen SFT DAB 600/C Authentication Bypass / Admin Password Change

Authored by LiquidWorm | Site zeroscience.mk Screen SFT DAB 600/C exploit that circumvents the control and requirement of the admin's old password and directly changes the password. Change Mirror Download #!/usr/bin/env python3###...