Exploits & CVE's

Exploits Database – Exploits, Shellcode, 0days, Remote Exploits, Local Exploits, Web Apps, Vulnerability Reports, CVEs and more.

WordPress Download Manager 3.2.50 Arbitrary File Deletion

0
Authored by Chloe Chamberland | Site wordfence.com WordPress Download Manager plugin versions 3.2.50 and below suffer from an arbitrary file deletion vulnerability. advisories | CVE-2022-2431 Change Mirror Download Description: Authenticated (Contributor+) Arbitrary File...

Backdoor.Win32.Jokerdoor MVID-2022-0628 Buffer Overflow

0
Authored by malvuln | Site malvuln.com Backdoor.Win32.Jokerdoor malware suffers from a buffer overflow vulnerability. Change Mirror Download Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2022Original source: https://malvuln.com/advisory/783a191e7944e1af84ec0fa96d933f30.txtContact: [email protected]: twitter.com/malvulnThreat: Backdoor.Win32.JokerdoorVulnerability:...

Chrome WebGL Uniform Integer Overflows

0
Authored by Google Security Research, Mark Brand The WebGL implementation for setting uniform values with an ArrayBuffer argument do not properly handle large buffer sizes. As WASM now allows allocating...

WordPress Testimonial Slider And Showcase 2.2.6 Cross Site Scripting

0
Authored by yunaranyancat, saitamang, amd_syad WordPress Testimonial Slider and Showcase plugin version 2.2.6 suffers from a persistent cross site scripting vulnerability. Change Mirror Download # Exploit Title: Stored XSS in post_title parameter...

Online Admission System 1.0 SQL Injection

0
Authored by syad Online Admission System version 1.0 suffers from a remote SQL injection vulnerability. Change Mirror Download # Exploit Title: online-admission-system 1.0 - unauthenticated SQL Injection# Date: 5-08-2022# Exploit Author:...

uftpd 2.10 Directory Traversal

0
Authored by Aaron Esau uftpd versions 2.7 through 2.10 suffer from an authenticated directory traversal vulnerability. advisories | CVE-2020-20277 Change Mirror Download # Exploit Title: uftpd 2.10 - Directory Traversal (Authenticated)# Google Dork:...

IObit Malware Fighter 9.2 Tampering / Privilege Escalation

0
Authored by Yehia Elghaly IObit Malware Fighter version 9.2 fails to provide sufficient anti-tampering protection and that shortcoming can be leveraged to escalate to SYSTEM privileges. Change Mirror Download Credits: Yehia...

Multi-Language Hotel Management 2022 1.0 SQL Injection

0
Authored by nu11secur1ty Multi-Language Hotel Management 2022 version 1.0 suffers from a remote SQL injection vulnerability. Change Mirror Download ## Title: Multi-Language-Hotel-Management-2022 1.0 SQLi## Author: nu11secur1ty## Date: 08.03.2022## Vendor: https://www.nikhilbhalerao.com/## Software: https://github.com/nu11secur1ty/CVE-nu11secur1ty/blob/main/vendors/Nikhil%20Bhalerao/2022/Multi-Language-Hotel-Management-2022/Docs/sparkz.zip##...

MobileIron Log4Shell Remote Command Execution

0
Authored by Spencer McIntyre, RageLtMan, jbaines-r7, rwincey | Site metasploit.com MobileIron Core is affected by the Log4Shell vulnerability whereby a JNDI string sent to the server will cause it to...

Zoho Password Manager Pro XML-RPC Java Deserialization

0
Authored by Grant Willcox, Y4er, Vinicius | Site metasploit.com This Metasploit module exploits a Java deserialization vulnerability in Zoho ManageEngine Pro before 12101 and PAM360 before 5510. Unauthenticated attackers can...