Exploits & CVE's

Exploits Database – Exploits, Shellcode, 0days, Remote Exploits, Local Exploits, Web Apps, Vulnerability Reports, CVEs and more.

Windows Credential Guard KerbIumCreateApReqAuthenticator Key Information Disclosure

0
Authored by James Forshaw, Google Security Research On Windows, CG API KerbIumCreateApReqAuthenticator can be used to decrypt arbitrary encrypted Kerberos keys leading to information disclosure. advisories | CVE-2022-34711

Windows Credential Guard KerbIumGetNtlmSupplementalCredential Information Disclosure

0
Authored by James Forshaw, Google Security Research On Windows, the KerbIumGetNtlmSupplementalCredential CG API does not check the encryption key type leading to information disclosure of key material. advisories | CVE-2022-34712

InTouch Access Anywhere Secure Gateway 2020 R2 Path Traversal

0
Authored by Jens Regel | Site crisec.de InTouch Access Anywhere Secure Gateway versions 2020 R2 and below suffer from a path traversal vulnerability. advisories | CVE-2022-23854 Change Mirror Download Title:======AVEVA InTouch Access Anywhere...

Windows Credential Guard TGT Renewal Information Disclosure

0
Authored by James Forshaw, Google Security Research On Windows, the Kerberos ticket renewal process can be used with CG to get an unencrypted TGT session key for a currently authenticated...

Windows Credential Guard Kerberos Change Password Privilege Escalation

0
Authored by James Forshaw, Google Security Research Windows Credential guard does not prevent using encrypted Kerberos keys to change a user's password leading to elevation of privilege. advisories | CVE-2022-35771

AirDisk 7.5.5 Cross Site Scripting

0
Authored by Chokri Hammedi AirDisk version 7.5.5 suffers from a persistent cross site scripting vulnerability. Change Mirror Download # Exploit Title: AirDisk 7.5.5 File Manager Stored XSS# Date: Sep 8, 2022# Exploit...

mbDrive Lite WiFi Flash Disk 1.4.0 Cross Site Scripting

0
Authored by Chokri Hammedi mbDrive Lite WiFi Flash Disk version 1.4.0 suffers from a cross site scripting vulnerability. Change Mirror Download # Exploit Title: mbDrive Lite - WiFi flash disk 1.4.0 Reflected...

Online Notice Board 2022 SQL Injection

0
Authored by nu11secur1ty Online Notice Board 2022 suffers from a remote SQL injection vulnerability. Change Mirror Download ## Title: ONLINE-NOTICE-BOARD-2022 SQLi## Author: nu11secur1ty## Date: 09.09.2022## Vendor: https://www.sourcecodester.com/users/razormist## Software: https://www.sourcecodester.com/php/14317/online-notice-board-system.html## Reference: https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/razormist/2022/ONLINE-NOTICE-BOARD-2022## Description:The...

Wifi HD Wireless Disk Drive 11 Local File Inclusion

0
Authored by Chokri Hammedi Wifi HD Wireless Disk Drive version 11 suffers from a local file inclusion vulnerability. Change Mirror Download # Exploit Title: Wifi HD Wireless Disk Drive Local File Inclusion#...

Trojan.Win32.Autoit.fhj MVID-2022-0637 Insecure Permissions

0
Authored by malvuln | Site malvuln.com Trojan.Win32.Autoit.fhj malware suffers from an insecure permissions vulnerability. Change Mirror Download Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2022Original source: https://malvuln.com/advisory/d871836f77076eeed87eb0078c1911c7.txtContact: [email protected]: twitter.com/malvulnThreat: Trojan.Win32.Autoit.fhjVulnerability:...