Exploits & CVE's

Exploits Database – Exploits, Shellcode, 0days, Remote Exploits, Local Exploits, Web Apps, Vulnerability Reports, CVEs and more.

Arris DG3450 AR01.02.056.18_041520_711.NCS.10 XSS / Missing Authentication

0
Authored by Steffen Robertz | Site sec-consult.com Arris DG3450 cable gateway version AR01.02.056.18_041520_711.NCS.10 suffers from cross site scripting and missing authentication vulnerabilities. advisories | CVE-2023-27571, CVE-2023-27572 Change Mirror Download SEC Consult Vulnerability Lab...

Purchase Order Management 1.0 Shell Upload

0
Authored by nu11secur1ty Purchase Order Management version 1.0 suffers a remote shell upload vulnerability. Flow details to achieve this are shown in the video link provided. Change Mirror Download ## Title: Purchase...

Wondershare Dr Fone 12.9.6 Weak Permissions / Privilege Escalation

0
Authored by Thurein Soe Wondershare Dr Fone version 12.9.6 suffers from a weak service permission vulnerability that can allow for privilege escalation. advisories | CVE-2023-27010 Change Mirror Download Executive Summary:Product Name: Wondershare Dr....

Oracle 19c Access Bypass

0
Authored by Emad Al-Mousa Oracle Database Vault had a flaw that would allow unauthorized privileged users to extract data from a protected table. Oracle 19c versions 19.18 and below are...

OpenBSD 7.2 ip_srcroute() Overflow

0
Authored by Erg Noor | Site github.com OpenBSD version 7.2 suffers from an overflow vulnerability. ip_dooptions() will allow IPOPT_SSRR with optlen = 2. save_rte() will set isr_nhops to very large...

ZwiiCMS 12.2.04 Remote Code Execution

0
Authored by Hadi Mene ZwiiCMS version 12.2.04 suffers from an authenticated remote code execution vulnerability. advisories | CVE-2020-10567 Change Mirror Download # Exploit Title: ZwiiCMS 12.2.04 Remote Code Execution (Authenticated) # Date: 03/06/2023#...

CoreDial sipXcom sipXopenfire 21.04 Remote Command Execution / Weak Permissions

0
Authored by Systems Research Group CoreDial sipXcom sipXopenfire versions 21.04 and below suffer from XMPP message system command argument injection and insecure service file permissions that when chained together gives...

CoreDial sipXcom sipXopenfire 21.04 Remote Command Execution / Weak Permissionsundefined

0
Authored by Systems Research Group CoreDial sipXcom sipXopenfire versions 21.04 and below suffer from XMPP message system command argument injection and insecure service file permissions that when chained together gives...

Agilebio Lab Collector 4.234 Remote Code Execution

0
Authored by Anthony Cole Agilebio Lab Collector version 4.234 suffers from a remote code execution vulnerability. advisories | CVE-2023-24217 Change Mirror Download # Exploit Title: Agilebio Lab Collector Electronic Lab Notebook Remote Code...

Purchase Order Management 1.0 SQL Injection

Authored by nu11secur1ty Purchase Order Management version 1.0 suffers from a remote SQL injection vulnerability. Change Mirror Download ## Title: Purchase Order Management-1.0 - SQLi## Author: nu11secur1ty## Date: 03.06.2023## Vendor: https://www.sourcecodester.com/user/257130/activity## Software:...