Exploits & CVE's

Exploits Database – Exploits, Shellcode, 0days, Remote Exploits, Local Exploits, Web Apps, Vulnerability Reports, CVEs and more.

Tiki Wiki CMS Groupware 24.1 tikiimporter_blog_wordpress.php PHP Object Injection

0
Authored by EgiX | Site karmainsecurity.com Tiki Wiki CMS Groupware versions 24.1 and below suffer from a PHP object injection vulnerability in tikiimporter_blog_wordpress.php. advisories | CVE-2023-22851 Change Mirror Download ----------------------------------------------------------------------------------------------------Tiki Wiki CMS Groupware...

Linux PT_SUSPEND_SECCOMP Permission Bypass / Ptracer Death Race

0
Authored by Jann Horn, Google Security Research Linux suffers from two seccomp bugs with a PT_SUSPEND_SECCOMP permission bypass and ptracer death race condition. advisories | CVE-2022-30594

Oracle DBMS_REDACT Dynamic Data Masking Bypass

0
Authored by Emad Al-Mousa Proof of concept overview on how the DBMS_REDACT Dynamic Data Masking security feature in Oracle can be bypassed. Affected versions include 19c and 21c. Change Mirror Download Title:...

Nexxt Router Firmware 42.103.1.5095 Remote Code Execution

0
Authored by Yerodin Richards Nexxt Router Firmware version 42.103.1.5095 authenticated remote code execution exploit that enables telnetd. advisories | CVE-2022-44149 Change Mirror Download # Exploit Title: Nexxt Router Firmware 42.103.1.5095 - Remote Code...

Linear eMerge E3-Series Access Controller Command Injection

0
Authored by h00die-gr3y, Gjoko Krstic | Site metasploit.com This Metasploit module exploits a command injection vulnerability in the Linear eMerge E3-Series Access Controller. The Linear eMerge E3 versions 1.00-06 and...

Oracle Database Vault Metadata Exposure

0
Authored by Emad Al-Mousa Oracle Database versions 12.1.0.2, 12.2.0.1, 18c, and 19c suffer from a vault metadata exposure vulnerability. advisories | CVE-2021-2175 Change Mirror Download Title: CVE-2021-2175 – Oracle Database Vault Metadata Exposure...

Linux videobuf2 Use-After-Free

0
Authored by Google Security Research, Seth Jenkins An unsafe use of follow_pfn in get_vaddr_frames in videobuf2 on Linux leads to use-after-free issues or writes to ro-pages.

Control Web Panel 7 Remote Code Execution

0
Authored by numan turle Control Web Panel 7 versions prior to 0.9.8.1147 suffer from an unauthenticated remote code execution vulnerability. advisories | CVE-2022-44877 Change Mirror Download Centos Web Panel 7 Unauthenticated Remote...

Excel Net Computer Institute 4.1 SQL Injection

0
Authored by indoushka Excel Net Computer Institute version 4.1 suffers from a remote SQL injection vulnerability that allows for authentication bypass. Change Mirror Download ====================================================================================================================================| # Title :...

Eatself 1.1.5 SQL Injection

0
Authored by indoushka Eatself version 1.1.5 suffers from a remote SQL injection vulnerability that allows for authentication bypass. Change Mirror Download ====================================================================================================================================| # Title : Eatself v1.1.5 Auth...