Exploits & CVE's

Exploits Database – Exploits, Shellcode, 0days, Remote Exploits, Local Exploits, Web Apps, Vulnerability Reports, CVEs and more.

Online Food Ordering System 2.0 Cross Site Scripting

0
Authored by Alaeddin Berksoy Online Food Ordering System version 2.0 suffers from a cross site scripting vulnerability. Change Mirror Download # Exploit Title: Online Food Ordering System v2 - Stored Cross Site...

Linux khugepaged Race Conditions

0
Authored by Jann Horn, Google Security Research khugepaged on Linux races with rmap-based zap, races with GUP-fast, and fails to call MMU notifiers.

WordPress Royal Elementor 1.3.59 XSS / CSRF / Insufficient Access Controls

0
Authored by Ramuel Gall | Site wordfence.com WordPress Royal Elementor add-ons versions 1.3.59 and below suffer from cross site request forgery, insufficient access control, cross site scripting vulnerabilities. advisories | CVE-2022-4700,...

WordPress Mega Main Menu 2.2.2 Information Disclosure

0
Authored by indoushka WordPress Mega Main Menu plugin version 2.2.2 suffers from a backup disclosure vulnerability. Change Mirror Download ====================================================================================================================================| # Title : WordPress Menu Plugin - Mega...

Arm Mali CSF KBASE_REG_NO_USER_FREE Unsafe Use Use-After-Free

0
Authored by Jann Horn, Google Security Research The Mali driver tries to use the KBASE_REG_NO_USER_FREE flag to ensure that the memory region referenced by kbase_csf_tiler_heap::buf_desc_reg cannot be freed by userspace....

Linux 4.10 Use-After-Free

0
Authored by Jann Horn, Google Security Research Linux kernel version 4.10 suffers from a use-after-free vulnerability in __do_semtimedop() due to a lockless check outside the RCU section.

MOV.AI Robotics Engine 2.2.3-3 Cross Site Scripting

0
Authored by Thurein Soe MOV.AI Robotics Engine version 2.2.3-3 suffers from multiple cross site scripting vulnerabilities. advisories | CVE-2022-46620 Change Mirror Download Vendor Name: MOV.AIProduct Name: MOV.AI Robotics EngineVendor Home Page: https://www.mov.aiAffected...

Tiki Wiki CMS Groupware 25.0 Cross Site Request Forgery

0
Authored by EgiX | Site karmainsecurity.com Tiki Wiki CMS Groupware versions 25.0 and below suffer from multiple cross site request forgery vulnerabilities. advisories | CVE-2023-22852 Change Mirror Download ------------------------------------------------------------------------------Tiki Wiki CMS Groupware <=...

Tiki Wiki CMS Groupware 24.0 structlib.php Code Execution

0
Authored by EgiX | Site karmainsecurity.com Tiki Wiki CMS Groupware versions 24.0 and below suffer from a PHP code injection vulnerability in structlib.php. advisories | CVE-2023-22853 Change Mirror Download --------------------------------------------------------------------------------Tiki Wiki CMS Groupware...

Tiki Wiki CMS Groupware 24.0 grid.php PHP Object Injection

0
Authored by EgiX | Site karmainsecurity.com Tiki Wiki CMS Groupware versions 24.0 and below suffers from a PHP object injection vulnerability in grid.php. advisories | CVE-2023-22580 Change Mirror Download -----------------------------------------------------------------------------Tiki Wiki CMS Groupware...