Exploits & CVE's

Exploits Database – Exploits, Shellcode, 0days, Remote Exploits, Local Exploits, Web Apps, Vulnerability Reports, CVEs and more.

Zoho ManageEngine Endpoint Central / MSP 10.1.2228.10 Remote Code Execution

0
Authored by Christophe de la Fuente, Khoa Dinh, horizon3ai | Site metasploit.com This Metasploit module exploits an unauthenticated remote code execution vulnerability that affects Zoho ManageEngine Endpoint Central and MSP...

Material Dashboard 2 SQL Injection

0
Authored by indoushka Material Dashboard version 2 suffers from a remote SQL injection vulnerability that allows for authentication bypass. Change Mirror Download ====================================================================================================================================| # Title : Material Dashboard...

101news By Mayuri K 1.0 SQL Injection

0
Authored by nu11secur1ty 101news By Mayuri K version 1.0 suffers from multiple remote SQL injection vulnerabilities. Change Mirror Download ## Title: 101news-by-Mayuri-K-1.0 Multiple-SQLi## Author: nu11secur1ty## Date: 02.02.2023## Vendor: https://mayurik.com/## Software: https://mayurik.com/source-code/P4030/news-portal-project-in-php## Reference:...

Zoho ManageEngine ServiceDesk Plus 14003 Remote Code Execution

0
Authored by Christophe de la Fuente, Khoa Dinh, horizon3ai | Site metasploit.com This Metasploit module exploits an unauthenticated remote code execution vulnerability that affects Zoho ManageEngine ServiceDesk Plus versions 14003...

Nagios XI 5.7.5 Remote Code Execution

0
Authored by Matthew Mathur | Site metasploit.com This Metasploit module exploits CVE-2021-25296, CVE-2021-25297, and CVE-2021-25298, which are OS command injection vulnerabilities in the windowswmi, switch, and cloud-vm configuration wizards that...

ManageEngine ADSelfService Plus Unauthenticated SAML Remote Code Execution

0
Authored by Christophe de la Fuente, Khoa Dinh, horizon3ai | Site metasploit.com This Metasploit module exploits an unauthenticated remote code execution vulnerability that affects Zoho ManageEngine AdSelfService Plus versions 6210...

CKSource CKEditor5 35.4.0 Cross Site Scripting

0
Authored by Manish Pathak CKSource CKEditor5 version 35.4.0 suffers from a cross site scripting vulnerability. advisories | CVE-2022-48110 Change Mirror Download # Exploit Title: Cross Site Scripting in CKSource's CKEditor5 35.4.0# Google Dork:...

Windows Kernel Dangling Registry Link Node Use-After-Free

0
Authored by Google Security Research, mjurczyk The Microsoft Windows kernel suffers from a use-after-free vulnerability due to a dangling registry link node under paged pool memory pressure. advisories | CVE-2023-21747

Fortra GoAnywhere MFT Unsafe Deserialization Remote Code Execution

0
Authored by Ron Bowes | Site metasploit.com This Metasploit module exploits an object deserialization vulnerability in Fortra GoAnywhere MFT. advisories | CVE-2023-0669 Change Mirror Download ### This module requires Metasploit: https://metasploit.com/download# Current source:...

macOS Dirty Cow Arbitrary File Write Local Privilege Escalation

0
Authored by timwr, Ian Beer, Zhuowei Zhang | Site metasploit.com Dirty Cow arbitrary file write local privilege escalation exploit for macOS. advisories | CVE-2022-46689 Change Mirror Download ### This module requires Metasploit: https://metasploit.com/download#...