Exploits & CVE's

Exploits Database – Exploits, Shellcode, 0days, Remote Exploits, Local Exploits, Web Apps, Vulnerability Reports, CVEs and more.

Owlfiles File Manager 12.0.1 Path Traversal / Local File Inclusion

0
Authored by Chokri Hammedi Owlfiles File Manager version 12.0.1 suffers from local file inclusion and path traversal vulnerabilities. Change Mirror Download # Exploit Title: Owlfiles File Manager 12.0.1 - multi vulnerabilities# Date:...

PhotoSync 4.7 Local File Inclusion

0
Authored by Chokri Hammedi PhotoSync version 4.7 suffers from a local file inclusion vulnerability. Change Mirror Download # Exploit Title: PhotoSync 4.7 IOS APP Local file inclusion# Date: Sep 19, 2022# Exploit...

SoX 14.4.2 Division-By-Zero / Denial Of Service

0
Authored by LiquidWorm | Site zeroscience.mk SoX versions 14.4.2 and below suffer from a division by zero attack when handling WAV files, resulting in denial of service vulnerability and possibly...

VIAVIWEB Wallpaper Admin SQL Injection / Shell Upload

0
Authored by Edd13Mora VIAVIWEB Wallpaper Admin suffers from remote shell upload and remote SQL injection vulnerabilities. Change Mirror Download ```# Exploit Title: # Google Dork: intext:"Wallpaper Admin" "LOGIN" "password" "Username"#...

TIBCO JasperReports Server 8.0.2 Community Edition Code Execution

0
Authored by Moritz Bechler | Site syss.de Due to JMX/RMI services in TIBCO JasperReports Server version 8.0.2 Community Edition performing unsafe deserialization, it is possible to execute arbitrary code and...

WordPress WPGateway 3.5 Privilege Escalation

0
Authored by Chloe Chamberland | Site wordfence.com WordPress WPGateway plugin versions 3.5 and below suffer from an unauthenticated privilege escalation vulnerability. advisories | CVE-2022-3180 Change Mirror Download Description: Unauthenticated Privilege EscalationAffected Plugin: WPGatewayPlugin...

Gitea 1.16.6 Remote Code Execution

0
Authored by krastanoel, wuhan005, li4n0 | Site metasploit.com This Metasploit module exploits the Git fetch command in Gitea repository migration process that leads to a remote command execution on the...

News247 News Magazine 1.0 Cross Site Scripting

0
Authored by Ravinder Verma News247 News Magazine version 1.0 suffers from a persistent cross site scripting vulnerability. advisories | CVE-2021-41731 Change Mirror Download # Exploit Title: News247 - News Magazine (CMS) v1.0 –...

Chrome LinkToTextMenuObserver::CompleteWithError Heap Use-After-Free

0
Authored by Google Security Research, Glazvunov A use-after-free issue exists in Chrome 104 and earlier versions. Processing maliciously crafted web content may lead to arbitrary code execution in the browser...

Rocket LMS 1.6 SQL Injection

0
Authored by CraCkEr Rocket LMS version 1.6 suffers from a remote SQL injection vulnerability. Change Mirror Download ┌┌───────────────────────────────────────────────────────────────────────────────────────┐││ ...