Exploits & CVE's

Exploits Database – Exploits, Shellcode, 0days, Remote Exploits, Local Exploits, Web Apps, Vulnerability Reports, CVEs and more.

TX Text Control .NET Server For ASP.NET Arbitrary File Read / Write

0
Authored by Filip Palian TX Text Control .NET Server For ASP.NET has an issue where it was possible to change the configured system path for reading and writing files in...

WSO2 4.0.0 / 4.1.0 / 4.2.0 Shell Upload

0
Site github.com WS02 versions 4.0.0, 4.1.0, and 4.2.0 are susceptible to remote code execution via an arbitrary file upload vulnerability.

HASOMED Elefant / Elefant Software Updater Data Exposure / Privilege Escalation

0
Authored by Daniel Hirschberger, Florian Stuhlmann | Site sec-consult.com HASOMED Elefant versions prior to 24.04.00 and Elefant Software Updater versions prior to 1.4.2.1811 suffer from having an unprotected exposed firebird...

CyberPanel upgrademysqlstatus Arbitrary Command Execution

0
Site github.com Proof of concept remote command execution exploit for CyberPanel versions prior to 5b08cd6. advisories | CVE-2024-51567 Change Mirror Download import httpx import sys def get_CSRF_token(client): resp = client.get("/")...

WordPress Meetup 0.1 Authentication Bypass

0
Site github.com WordPress Meetup plugin versions 0.1 and below suffer from an authentication bypass vulnerability. advisories | CVE-2024-50483 Change Mirror Download # CVE-2024-50483Meetup <= 0.1 - Authentication Bypass via Account Takeover# Description:The Meetup...

Sysax Multi Server 6.99 Cross Site Scripting

0
Authored by Yehia Elghaly Sysax Multi Server version 6.9.9 suffers from a cross site scripting vulnerability. Change Mirror Download # Exploit Title: Sysax Multi Server 6.99 - Reflected XSS# Date: 2024-11-03# Exploit...

Sysax Multi Server 6.99 SSH Denial Of Service

0
Authored by Yehia Elghaly Sysax Multi Server version 6.9.9 suffers from an SSH related denial of service vulnerability. Change Mirror Download # Exploit Title: Sysax Multi Server 6.99 - SSH Denial of...

ABB Cylon Aspect 3.08.00 Off-By-One

0
Authored by LiquidWorm | Site zeroscience.mk A vulnerability was identified in a ABB Cylon Aspect version 3.08.00 where an off-by-one error in array access could lead to undefined behavior and...

TestRail CLI FieldsParser eval Injection

0
Change Mirror Download This is not a very exciting vulnerability, but I had already publicly disclosedit on GitHub at the request of the vendor. Since that report has disappeared,the link...

Ping Identity PingIDM 7.5.0 Query Filter Injection

0
Authored by Miguel García Martín, Ksandros Apostoli | Site sec-consult.com Ping Identity PingIDM versions 7.0.0 through 7.5.0 enabled an attacker with read access to the User collection, to abuse API...