Exploits & CVE's

Exploits Database – Exploits, Shellcode, 0days, Remote Exploits, Local Exploits, Web Apps, Vulnerability Reports, CVEs and more.

WordPress WoodMart Theme 7.1.1 Cross Site Request Forgery

Authored by fearzzzz WordPress WoodMart Theme versions 7.1.1 and below suffer from a cross site request forgery vulnerability due to missing nonce validation on the process_form function. Change Mirror Download ==== ...

Osprey Pump Controller 1.0.1 Unauthenticated Remote Code Execution

Authored by LiquidWorm | Site zeroscience.mk Osprey Pump Controller version 1.0.1 unauthenticated remote code execution exploit. Change Mirror Download #!/usr/bin/env python### Osprey Pump Controller 1.0.1 Unauthenticated Remote Code Execution Exploit### Vendor: ProPump...

Osprey Pump Controller 1.0.1 Cross Site Scripting

Authored by LiquidWorm | Site zeroscience.mk Osprey Pump Controller version 1.0.1 suffers from a cross site scripting vulnerability. Change Mirror Download Osprey Pump Controller 1.0.1 Unauthenticated Reflected XSSVendor: ProPump and Controls, Inc.Product...

Osprey Pump Controller 1.0.1 Authentication Bypass

Authored by LiquidWorm | Site zeroscience.mk Osprey Pump Controller version 1.0.1 allows an unauthenticated attacker to create an account and bypass authentication, thereby gaining unauthorized access to the system. Change Mirror...

Osprey Pump Controller 1.0.1 userName Command Injection

Authored by LiquidWorm | Site zeroscience.mk Osprey Pump Controller version 1.0.1 suffers from an unauthenticated OS command injection vulnerability. This can be exploited to inject and execute arbitrary shell commands...

Osprey Pump Controller 1.0.1 eventFileSelected Command Injection

Authored by LiquidWorm | Site zeroscience.mk Osprey Pump Controller version 1.0.1 suffers from an unauthenticated OS command injection vulnerability. This can be exploited to inject and execute arbitrary shell commands...

WordPress Real Estate 7 Theme 3.3.4 Cross Site Request Forgery

Authored by fearzzzz WordPress Real Estate 7 Theme versions 3.3.4 and below suffer from multiple cross site request forgery vulnerabilities. Change Mirror Download ==== ============================================= ==Report Title: ...

Osprey Pump Controller 1.0.1 pseudonym Command Injection

Authored by LiquidWorm | Site zeroscience.mk Osprey Pump Controller version 1.0.1 suffers from an unauthenticated OS command injection vulnerability. This can be exploited to inject and execute arbitrary shell commands...

Employee Task Management System 1.0 Privilege Escalation

0
Authored by Muhammad Navaid Zafar Ansari Employee Task Management System version 1.0 suffers from a privilege escalation vulnerability due to a broken access control where a lower privileged user's cookie...

Employee Task Management System 1.0 SQL Injection

0
Authored by Muhammad Navaid Zafar Ansari Employee Task Management System version 1.0 suffers from multiple remote SQL injection vulnerabilities. advisories | CVE-2023-0902, CVE-2023-0904 Change Mirror Download # Employee Task Management System - SQL...