Exploits & CVE's

Exploits Database – Exploits, Shellcode, 0days, Remote Exploits, Local Exploits, Web Apps, Vulnerability Reports, CVEs and more.

crewjam/saml Signature Bypass

0
Authored by Google Security Research, Felix Wilhelm The crewjam/saml go library is vulnerable to an authentication bypass when processing SAML responses containing multiple Assertion elements. advisories | CVE-2022-41912

Chrome Synchronous Mojo Use-After-Free

0
Authored by Google Security Research, Glazvunov A design flaw in the Chrome Synchronous Mojo message handling introduces unexpected reentrancy and allows for multiple use-after-free vulnerabilities. advisories | CVE-2022-4178

Packet Storm New Exploits For December, 2022

0
Authored by Todd J. | Site packetstormsecurity.com This archive contains all of the 82 exploits added to Packet Storm in December, 2022.

Packet Storm New Exploits For 2022

0
Authored by Todd J. | Site packetstormsecurity.com Complete comprehensive archive of all 1,384 exploits added to Packet Storm in 2022.

Oracle Unified Audit Policy Bypass

0
Authored by Emad Al-Mousa Oracle versions 12.1.0.2, 12.2.0.1, and 19c suffer from a Unified Audit Policy bypass vulnerability. advisories | CVE-2021-35576 Change Mirror Download Title: CVE-2021-35576 – Oracle database system Unified Audit Policy...

BDWeb-Link LMS 1.11.5 SQL Injection

0
Authored by indoushka BDWeb-Link LMS version 1.11.5 suffers from a remote SQL injection vulnerability. Change Mirror Download ====================================================================================================================================| # Title : BDWeb-Link Lms v1.11.5 SQL Injection Vulnerability ...

SugarCRM Shell Upload

0
Authored by sw33t.0day SugarCRM versions up to 12.2.0 suffer from a remote shell upload vulnerability. Change Mirror Download #!/usr/bin/env python## SugarCRM 0-day Auth Bypass + RCE Exploit## Dorks:# https://www.google.com/search?q=site:sugarondemand.com&filter=0# https://www.google.com/search?q=intitle:"SugarCRM"+inurl:index.php# https://www.shodan.io/search?query=http.title:"SugarCRM"# https://search.censys.io/search?resource=hosts&q=services.http.response.html_title:"SugarCRM"#...

Hughes Satellite Router Remote File Inclusion Cross Frame Scripting

0
Authored by LiquidWorm | Site zeroscience.mk Hughes Satellite Router contains a cross-frame scripting via remote file inclusion vulnerability that may potentially be exploited by malicious users to compromise an affected...

Enlightenment 0.25.3 Privilege Escalation

0
Authored by nu11secur1ty Enlightenment version 0.25.3 suffers from a local privilege escalation vulnerability. advisories | CVE-2022-37706 Change Mirror Download ## Title: Enlightenment Version: 0.25.3 LPE## Author: nu11secur1ty## Date: 12.26.2022## Vendor: https://www.enlightenment.org/## Software: https://www.enlightenment.org/download##...

ProLink PRS1841 Backdoor Account

0
Authored by Lawrence Amer, Lawrence Amer @zux0x3a | Site 0xsp.com The ProLink PRS1841 home router suffers from having a backdoor account. Change Mirror Download # Exploit Title: Router backdoor - ProLink PRS1841...