Adobe ColdFusion 2018,15 / 2021,5 Arbitrary File Read
Authored by Youssef Muhammad
Adobe ColdFusion versions 2018,15 and below and versions 2021,5 and below suffer from an arbitrary file read vulnerability.
advisories | CVE-2023-26360
Change Mirror Download
# Exploit Title: File Read...
Sitecore 8.2 Remote Code Execution
Authored by Abhishek Morla
Sitecore version 8.2 suffers from a remote code execution vulnerability.
advisories | CVE-2023-35813
Change Mirror Download
#!/usr/bin/env python3## Exploit Title: Sitecore - Remote Code Execution v8.2 # Exploit Author:...
Numbas Remote Code Execution
Authored by Matheus Boschetti
Numbas versions prior to 7.3 suffer from a remote code execution vulnerability.
advisories | CVE-2024-27612
Change Mirror Download
# Exploit Title: Numbas < v7.3 - Remote Code Execution# Google...
Human Resource Management System 1.0 SQL Injection
Authored by Srikar
Human Resource Management System version 1.0 suffers from a remote SQL injection vulnerability. Original discovery of SQL injection in this version is attributed to Abdulhakim Oner in...
NorthStar C2 Agent 1.0 Cross Site Scripting / Remote Command Execution
Authored by chebuya
NorthStar C2 agent version 1.0 applies insufficient sanitization on agent registration routes, allowing an unauthenticated attacker to send multiple malicious agent registration requests to the teamserver to...
Ladder 0.0.21 Server-Side Request Forgery
Authored by chebuya
Ladder versions 0.0.1 through 0.0.21 fail to apply sufficient default restrictions on destination addresses, allowing an attacker to make GET requests to addresses that would typically not...
MongoDB 2.0.1 / 2.1.1 / 2.1.4 / 2.1.5 Local Password Disclosure
Authored by Emad Al-Mousa
MongoDB versions 2.0.1, 2.1.1, 2.1.4, and 2.1.5 appear to suffer from multiple localized password disclosure issues.
Change Mirror Download
Title: MongoDB MONGOSH Password Exposure VulnerabilityProduct: ...
JetBrains TeamCity Authentication Bypass / Remote Code Execution
Authored by W01fh4cker | Site github.com
JetBrains TeamCity versions prior to 2023.11.4 remote authentication bypass exploit that can be leveraged for user addition and remote code execution.
advisories | CVE-2024-27198
Artica Proxy 4.40 / 4.50 Local File Inclusion / Traversal
Authored by Jaggar Henry | Site korelogic.com
Artica Proxy versions 4.40 and 4.50 suffer from a local file inclusion protection bypass vulnerability that allows for path traversal.
advisories | CVE-2024-2053
Change Mirror...
Artica Proxy 4.50 Unauthenticated PHP Deserialization
Authored by Jaggar Henry | Site korelogic.com
The Artica Proxy administrative web application will deserialize arbitrary PHP objects supplied by unauthenticated users and subsequently enable code execution as the www-data...