Purchase Order Management 1.0 Cross Site Scripting
Authored by nu11secur1ty
Purchase Order Management version 1.0 appears to suffer from a cross site scripting vulnerability due to printing errors with a malicious password payload.
Change Mirror Download
## Title: Purchase...
Android GKI Kernels Contain Broken Non-Upstream Speculative Page Faults MM Code
Authored by Jann Horn, Google Security Research
Android GKI kernels contain broken non-upstream Speculative Page Faults MM code that can lead to multiple use-after-free conditions.
advisories | CVE-2023-20937
Change Mirror Download
Android: GKI...
Barracuda CloudGen WAN OS Command Injection
Authored by Stefan Viehbock | Site sec-consult.com
Barracuda CloudGen WAN provides a private edge appliance for hybrid deployments. An authenticated user in the administration interface for the private edge virtual...
Packet Storm New Exploits For February, 2023
Authored by Todd J. | Site packetstormsecurity.com
This archive contains all of the 82 exploits added to Packet Storm in February, 2023.
Oracle E-Business Suite (EBS) Unauthenticated Arbitrary File Upload
Authored by sf, HMs, l1k3beef | Site metasploit.com
This Metasploit module exploits an unauthenticated arbitrary file upload vulnerability in Oracle Web Applications Desktop Integrator, as shipped with Oracle EBS versions...
Real Estate CRM Pro 5.7 SQL Injection
Authored by indoushka
Real Estate CRM Pro from IT Ways version 5.7 appears to suffer from a remote SQL injection vulnerability that can allow for authentication bypass.
Change Mirror Download
====================================================================================================================================| #...
Lucee Authenticated Scheduled Job Code Execution
Authored by Alexander Philiotis | Site metasploit.com
This Metasploit module can be used to execute a payload on Lucee servers that have an exposed administrative web interface. It's possible for...
NetBSD hfslib_reada_node_offset Overflow
Authored by Erg Noor | Site github.com
NetBSD hfslib_reada_node_offset local overflow proof of concept exploit.
WordPress Real Estate 7 Theme 3.3.4 Cross Site Scripting
Authored by fearzzzz
WordPress Real Estate 7 Theme versions 3.3.4 and below suffer from a cross site scripting vulnerability.
Change Mirror Download
==== ============================================= ==Report Title: ...
Osprey Pump Controller 1.0.1 Cross Site Request Forgery
Authored by LiquidWorm | Site zeroscience.mk
Osprey Pump Controller version 1.0.1 suffers from a cross site request forgery vulnerability.
Change Mirror Download
<!--Osprey Pump Controller 1.0.1 Cross-Site Request ForgeryVendor: ProPump and Controls,...





