Exploits & CVE's

Exploits Database – Exploits, Shellcode, 0days, Remote Exploits, Local Exploits, Web Apps, Vulnerability Reports, CVEs and more.

PrestaShop 1.7.6.7 Cross Site Scripting

Authored by Priyanka Samak PrestaShop version 1.7.6.7 suffers from a cross site scripting vulnerability via the file upload functionality. advisories | CVE-2020-21967

Xen TLB Flush Bypass

Authored by Jann Horn, Google Security Research Xen's _get_page_type() contains an ABAC cmpxchg() race, where the code incorrectly assumes that if it reads a specific type_info value, and then later...

Chrome PaintImage Deserialization Out-Of-Bounds Read

Authored by Google Security Research, Mark Brand The code in cc::PaintImageReader::Read (cc::PaintImage*) does not properly check the incoming data when handling embedded image data, resulting in an out-of-bounds copy into...

Nginx 1.20.0 Denial Of Service

Authored by Mohammed Alshehri Nginx version 1.20.0 suffers from a denial of service vulnerability. advisories | CVE-2021-23017 Change Mirror Download # Exploit Title: Nginx 1.20.0 - Denial of Service (DOS)# Date: 2022-6-29# Exploit...

Sashimi Evil OctoBot Tentacle

Authored by Samy Younsi, Thomas Knudsen | Site github.com Sashimi Evil OctoBot Tentacle is a python script that exploits a vulnerability that lies in the Tentacles upload functionality of the...

WordPress Visual Slide Box Builder 3.2.9 SQL Injection

Authored by nu11secur1ty WordPress Visual Slide Box Builder plugin version 3.2.9 suffers from a remote SQL injection vulnerability. Change Mirror Download ## Title: WordPress 6.0 - Visual Slide Box Builder 3.2.9 SQLi##...

JBOSS EAP/AS 6.x Remote Code Execution

Authored by Heyder Andrade, Marcio Almeida, Joao Matos | Site metasploit.com An unauthenticated attacker with network access to the JBOSS EAP/AS versions 6.x and below Remoting Unified Invoker interface can...

Windows Kerberos KerbRetrieveEncodedTicketMessage AppContainer Privilege Escalation

Authored by James Forshaw, Google Security Research On Windows 11, the Kerberos SSP's KerbRetrieveEncodedTicketMessage message can be used to get an arbitrary service ticket and session key from an AppContainer...

Mutt mutt_decode_uuencoded() Memory Disclosure

Authored by Tavis Ormandy, Google Security Research In mutt_decode_uuencoded(), the line length is read from the untrusted uuencoded part without validation. This could result in including private memory in replys,...

Windows Kerberos Redirected Logon Buffer Privilege Escalation

Authored by James Forshaw, Google Security Research On Windows, the buffer for redirected logon context does not protect against spoofing resulting in arbitrary code execution in the LSA leading to...