Exploits & CVE's

Exploits Database – Exploits, Shellcode, 0days, Remote Exploits, Local Exploits, Web Apps, Vulnerability Reports, CVEs and more.

Packet Storm New Exploits For August, 2022

0
Authored by Todd J. | Site packetstormsecurity.com This archive contains all of the 79 exploits added to Packet Storm in August, 2022.

WordPress Netroics Blog Posts Grid 1.0 Cross Site Scripting

0
Authored by yunaranyancat, syad, saitamang WordPress Netroics Blog Posts Grid plugin version 1.0 suffers from a persistent cross site scripting vulnerability. Change Mirror Download # Exploit Title: Stored XSS in post_title parameter...

Apple macOS Remote Events Memory Corruption

0
Authored by Jeremy Brown This is a proof of concept exploit for the Apple macOS remote events remote memory corruption vulnerability. It serves as a toolkit to help debug and...

Online Market Place Site 1.0 SQL Injection

0
Authored by Joe Pollock Online Market Place Site version 1.0 suffers from an unauthenticated blind SQL injection vulnerability allowing remote attackers to dump the SQL database via time-based SQL injection. advisories...

Online Market Place Site 1.0 Cross Site Scripting

0
Authored by Joe Pollock Online Market Place Site version 1.0 suffers from a persistent cross site scripting vulnerability. advisories | CVE-2022-30003 Change Mirror Download # Exploit Title: Online Market Place Site v1.0 -...

Cisco ASA-X With FirePOWER Services Authenticated Command Injection

0
Authored by jbaines-r7 | Site metasploit.com This Metasploit module exploits an authenticated command injection vulnerability affecting Cisco ASA-X with FirePOWER Services. This exploit is executed through the ASA's ASDM web...

Doctor’s Appointment System 1.0 Cross Site Scripting

0
Authored by Abdullah AlAmri Doctor's Appointment System version 1.0 suffers from a cross site scripting vulnerability in register.php. Original discovery of cross site scripting in this version is attributed to...

Doctor’s Appointment System 1.0 SQL Injection

0
Authored by Abdullah AlAmri Doctor's Appointment System version 1.0 suffers from a remote SQL injection vulnerability. Original discovery of SQL injection in this version is attributed to Soham Bakore and...

Xalan-J XSLTC Integer Truncation

0
Authored by Google Security Research, Felix Wilhelm The Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets. This can be used to corrupt...

AeroCMS 0.0.1 SQL Injection

0
Authored by nu11secur1ty AeroCMS version 0.0.1 suffers from a remote SQL injection vulnerability. Change Mirror Download ## Title: AeroCMS-v0.0.1 SQLi## Author: nu11secur1ty## Date: 08.27.2022## Vendor: https://github.com/MegaTKC## Software: https://github.com/MegaTKC/AeroCMS/releases/tag/v0.0.1## Reference: https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/MegaTKC/2021/AeroCMS-v0.0.1-SQLi## Description:The `author`...