Exploits & CVE's

Exploits Database – Exploits, Shellcode, 0days, Remote Exploits, Local Exploits, Web Apps, Vulnerability Reports, CVEs and more.

SOUND4 IMPACT/FIRST/PULSE/Eco 2.x dns.php Command Injection

0
Authored by LiquidWorm | Site zeroscience.mk SOUND4 IMPACT/FIRST/PULSE/Eco version 2.x and below suffer from a conditional command injection vulnerability in dns.php. Change Mirror Download SOUND4 IMPACT/FIRST/PULSE/Eco <=2.x (dns.php) Conditional Command InjectionVendor: SOUND4...

Spitfire CMS 1.0.475 PHP Object Injection

0
Authored by LiquidWorm | Site zeroscience.mk Spitfire CMS version 1.0.475 is prone to a PHP object injection vulnerability due to the unsafe use of unserialize() function. A potential attacker, authenticated,...

CANAL+ / Microsoft PlayReady Cryptography Shortcomings / Authorization Bypass

0
Authored by Adam Gowdiak | Site security-explorations.com Security Explorations conducted a security analysis of Microsoft Play Ready content protection technology in the environment of the CANAL+ SAT TV provider. As...

Trojan-Dropper.Win32.Decay.dxv (CyberGate 1.00.0) MVID-2022-0664 Insecure Proprietary Password Encryption

0
Authored by malvuln | Site malvuln.com Trojan-Dropper.Win32.Decay.dxv (CyberGate 1.00.0) malware suffers from an insecure proprietary password encryption vulnerability. Change Mirror Download Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2022Original source:...

Shoplazza 1.1 Cross Site Scripting

0
Authored by Andrey Stoykov Shoplazza version 1.1 suffers from a persistent cross site scripting vulnerability. Change Mirror Download # Exploit Title: Shoplazza 1.1 - Stored Cross Site Scripting# Exploit Author: Andrey Stoykov#...

Backdoor.Win32.InCommander.17.b MVID-2022-0665 Hardcoded Credentials

0
Authored by malvuln | Site malvuln.com Backdoor.Win32.InCommander.17.b malware suffers from a hardcoded credential vulnerability. Change Mirror Download Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2022Original source: https://malvuln.com/advisory/dd76d8a5874bf8bf05279e35c68449ca.txtContact: [email protected]: twitter.com/malvulnBackup media:...

Ransom.Win64.AtomSilo MVID-2022-0666 Cryptography Logic Flaw

0
Authored by malvuln | Site malvuln.com Ransom.Win64.AtomSilo malware suffers from a cryptography logic flaw. Change Mirror Download Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2022Original source: https://malvuln.com/advisory/5559e9f5e1645f8554ea020a29a5a3ee.txtContact: [email protected]: twitter.com/malvulnBackup media:...

Intelbras WiFiber 120AC inMesh 1.1-220216 Command Injection

0
Authored by T. Weber | Site cyberdanube.com Intelbras WiFiber 120AC inMesh version 1.1-220216 suffers from an authenticated command injection vulnerability. advisories | CVE-2022-40005 Change Mirror Download CyberDanube Security Research 20221009-0------------------------------------------------------------------------------- ...

SAP@ Host Agent Privilege Escalation

0
Authored by Fabian Hagg | Site sec-consult.com SAP@ Host Agent suffers from a privilege escalation vulnerability. advisories | CVE-2022-35295 Change Mirror Download SEC Consult Vulnerability Lab Security Advisory < 20221213-0 >======================================================================= ...

ILIAS eLearning 7.15 Command Injection / XSS / LFI / Open Redirect

0
Authored by Anna Hartig, Niklas Schilling, Constantin Schwarz | Site sec-consult.com ILIAS eLearning versions 7.15 and below suffer from authenticated command injection, persistent cross site scripting, local file inclusion, and...