Exploits & CVE's

Exploits Database – Exploits, Shellcode, 0days, Remote Exploits, Local Exploits, Web Apps, Vulnerability Reports, CVEs and more.

FICO Origination Manager Decision Module 4.8.1 XSS / Session Hijacking

Authored by Matei Josephs Multiple persistent cross site scripting vulnerabilities in FICO Origination Manager Decision Module version 4.8.1 allow an attacker to execute code in the context of the victim's...

Qualcomm Adreno/KGSL Insecure Secure Buffers

Authored by Jann Horn, Google Security Research Qualcomm Adreno/KGSL suffers from an issue where secure buffers are addressable by all GPU users. Qualcomm believes this finding has no security impact...

HammerSpace GDE / GFS 4.6.6-324 Authentication Bypass

Authored by Justin Oberdorf This utility generates the TOTP passcode used to sign in as the support service account user for HammerSpace GFS default installations. Both the OVA and ISO...

Spryker Commerce OS 1.0 SQL Injection

Authored by David Brown | Site schutzwerk.com An SQL injection vulnerability affecting Spryker-based webshops was discovered in the order history search form. It can be exploited by authenticated attackers in...

ManageEngine ADAudit Plus Remote Code Execution

Authored by Erik Wynter, Moon | Site metasploit.com This Metasploit module exploits security issues in ManageEngine ADAudit Plus versions prior to 7006 that allow authenticated users to execute arbitrary code...

Soft-o Free Password Manager 1.1.20 DLL Hijacking

Authored by Christian Bortone Soft-o Free Password Manager version 1.1.20 suffers from a dll hijacking vulnerability. advisories | CVE-2023-25428 Change Mirror Download # Title:Soft-o Free Password Manager 1.1.20 DLL hijacking# Credit:Christian Bortone# CVE:CVE-2023-25428#...

VOTAB Voting Quiz PHP Script 1.0 Cross Site Scripting

Authored by CraCkEr VOTAB Voting Quiz PHP Script version 1.0 suffers from a cross site scripting vulnerability. Change Mirror Download ┌┌───────────────────────────────────────────────────────────────────────────────────────┐││ ...

VOTAB Voting Quiz PHP Script 1.0 SQL Injection

Authored by CraCkEr VOTAB Voting Quiz PHP Script version 1.0 suffers from a remote SQL injection vulnerability. Change Mirror Download ┌┌───────────────────────────────────────────────────────────────────────────────────────┐││ ...

Optoma 1080PSTX Firmware C02 Authentication Bypass

Authored by Anthony Cole Optoma 1080PSTX with firmware C02 suffers from an authentication bypass vulnerability. advisories | CVE-2023-27823 Change Mirror Download # Exploit Title: Optoma 1080PSTX Firmware C02 - Auth Bypass# Date: 2023/05/09#...

Zyxel Chained Remote Code Execution

Authored by Thomas Rinsma, h00die-gr3y, Bogi Napoleon Wennerstrom | Site metasploit.com This Metasploit module exploits multiple vulnerabilities in the zhttpd binary (/bin/zhttpd) and zcmd binary (/bin/zcmd). It is present on...