Exploits & CVE's

Exploits Database – Exploits, Shellcode, 0days, Remote Exploits, Local Exploits, Web Apps, Vulnerability Reports, CVEs and more.

Simple Cold Storage Management System 1.0 SQL Injection

0
Authored by QiaoRui Feng Simple Cold Storage Management System version 1.0 suffers from a remote SQL injection vulnerability. advisories | CVE-2022-43229 Change Mirror Download # Simple Cold Storage Management System v1.0 by oretnom23...

Leeloo Multipath Authorization Bypass / Symlink Attack

0
Authored by Qualys Security Advisory The Qualys Research Team has discovered authorization bypass and symlink vulnerabilities in multipathd. The authorization bypass was introduced in version 0.7.0 and the symlink vulnerability...

Train Scheduler App 1.0 Insecure Direct Object Reference

0
Authored by Rohit Sharma Train Scheduler App version 1.0 suffers from an insecure direct object reference vulnerability. advisories | CVE-2022-3774 Change Mirror Download # Exploit Title: Train Scheduler App v1.0 - Insecure Direct...

Ecommerce CodeIgniter Bootstrap 1.0 Cross Site Scripting

0
Authored by nu11secur1ty Ecommerce CodeIgniter Bootstrap version 1.0 suffers from a cross site scripting vulnerability. Change Mirror Download ## Title: Ecommerce-CodeIgniter-Bootstrap-1.0 Cross-site scripting (reflected) RCE## Author: nu11secur1ty## Date: 10.29.2022## Vendor: https://github.com/kirilkirkov/Ecommerce-CodeIgniter-Bootstrap## Software:...

wolfSSL Buffer Overflow

0
Authored by Maximilian Ammann In wolfSSL versions prior to 5.5.1, malicious clients can cause a buffer overflow during a resumed TLS 1.3 handshake. If an attacker resumes a previous TLS...

Siemens APOGEE PXC / TALON TC Authentication Bypass

0
Authored by RoseSecurity APOLOGEE is a Python script and Metasploit module that enumerates a hidden directory on Siemens APOGEE PXC BACnet Automation Controllers and TALON TC BACnet Automation Controllers. With...

ERP Sankhya 4.13.x Cross Site Scripting

0
Authored by Lucas Alves Da Cunha ERP Sankhya versions 4.13.x and below suffer from a cross site scripting vulnerability. advisories | CVE-2022-42989 Change Mirror Download # Exploit Title: ERP Sankhya - XSS to...

Dinstar FXO Analog VoIP Gateway DAG2000-16O Cross Site Scripting

0
Authored by Yehia Elghaly Dinstar FXO Analog VoIP Gateway version DAG2000-16O suffers from a persistent cross site scripting vulnerability. Change Mirror Download # Exploit Title: Dinstar FXO Analog VoIP Gateway DAG2000-16O Stored...

Vagrant Synced Folder Vagrantfile Breakout

0
Authored by Brendan Coles, HashiCorp | Site metasploit.com This Metasploit module exploits a default Vagrant synced folder (shared folder) to append a Ruby payload to the Vagrant project Vagrantfile config...

GLPI 10.0.2 Command Injection

0
Authored by bwatters-r7, cosad3s | Site metasploit.com This Metasploit module exploits an unauthenticated PHP command injection vulnerability in GLPI versions 10.0.2 and below to execute a command. advisories | CVE-2022-35914 Change Mirror...