Exploits & CVE's

Exploits Database – Exploits, Shellcode, 0days, Remote Exploits, Local Exploits, Web Apps, Vulnerability Reports, CVEs and more.

Arm Mali Insufficient Cache Invalidation

0
Authored by Jann Horn, Google Security Research Arm Mali suffers from an insufficient cache invalidation for non-page-aligned user buffer imports.

Music Gallery Site 1.0 Privilege Escalation / Missing Authentication

0
Authored by Muhammad Navaid Zafar Ansari Music Gallery Site version 1.0 suffers from a missing authentication vulnerability that allows for privilege escalation. advisories | CVE-2023-0963 Change Mirror Download # Music Gallery Site -...

Music Gallery Site 1.0 SQL Injection

0
Authored by Muhammad Navaid Zafar Ansari Music Gallery Site version 1.0 suffers from multiple remote SQL injection vulnerabilities. advisories | CVE-2023-0938, CVE-2023-0961, CVE-2023-0962 Change Mirror Download # Music Gallery Site - SQL Injection...

Simple Food Ordering System 1.0 Cross Site Scripting

0
Authored by Muhammad Navaid Zafar Ansari Simple Food Ordering System version 1.0 suffers from a cross site scripting vulnerability. advisories | CVE-2023-0902 Change Mirror Download # Simple Food Ordering System - Authenticated Reflected...

pfBlockerNG 2.1.4_26 Remote Code Execution

0
Authored by IHTeam pfBlockerNG version 2.1.4_26 remote code execution exploit. advisories | CVE-2022-31814 Change Mirror Download # Exploit Title: pfBlockerNG 2.1.4_26 - Remote Code Execution (RCE)# Shodan Results: https://www.shodan.io/search?query=http.title%3A%22pfSense+-+Login%22+%22Server%3A+nginx%22+%22Set-Cookie%3A+PHPSESSID%3D%22# Date: 5th of September...

Arm Mali CSF kbase_kcpu_command_queue Use-After-Free

0
Authored by Jann Horn, Google Security Research kbase_csf_kcpu_queue_enqueue() locks the kctx->csf.kcpu_queues, looks up a pointer from inside that structure, then drops the lock before continuing to use the kbase_kcpu_command_queue that...

ABUS Security Camera TVIP 20000-21150 LFI / Remote Code Execution

0
Authored by d1g ABUS Security Camera version TVIP 20000-21150 suffers from local file inclusion, hardcoded credential, and command injection vulnerabilities. When coupled together, they can be leveraged to achieve remote...

ASUS ASMB8 iKVM 1.14.51 SNMP Remote Root

0
Authored by d1g ASUS ASMB8 iKVM firmware versions 1.14.51 and below suffers from a flaw where SNMPv2 can be used with write access to introduce arbitrary extensions to achieve remote...

Windows Kernsl SID Table Poisoning

0
Authored by Google Security Research, mjurczyk The Microsoft Windows kernel registry has a SID table poisoning problem that leads to bad locking and other issues. advisories | CVE-2023-21749, CVE-2023-21776

WEBY 1.2.5 Cross Site Request Forgery

0
Authored by indoushka WEBY version 1.2.5 suffers from a cross site request forgery vulnerability. Change Mirror Download ====================================================================================================================================| # Title : WEBY v.1.2.5 CSRF Vulnerability ...