Exploits & CVE's

Exploits Database – Exploits, Shellcode, 0days, Remote Exploits, Local Exploits, Web Apps, Vulnerability Reports, CVEs and more.

Xen PV Guest Non-SELFSNOOP CPU Memory Corruption

Authored by Jann Horn, Google Security Research On CPUs without SELFSNOOP support, a Xen PV domain that has access to a PCI device (which grants the domain the ability to...

EQS Integrity Line Cross Site Scripting / Information Disclosure

Authored by Giovanni Pellerano | Site ush.it EQS Integrity Line versions through 2022-07-01 suffer from cross site scripting and sensitive information disclosure vulnerabilities. advisories | CVE-2022-34007 Change Mirror Download EQS Integrity Line: Multiple...

DouPHP 1.2 Release 20141027 SQL Injection

Authored by indoushka DouPHP version 1.2 Release 20141027 suffers from a remote SQL injection vulnerability. Change Mirror Download ====================================================================================================================================| # Title : DouPHP v1.2 Release 20141027 SQL Injection...

Ransom Lockbit 3.0 MVID-2022-0620 Buffer Overflow

Authored by malvuln | Site malvuln.com Lockbit ransomware version 3.0 apparently now requires a password to execute as noted by "@vxunderground", but does not properly check bounds for both the...

Windows Defender Remote Credential Guard Authentication Relay Privilege Escalation

Authored by James Forshaw, Google Security Research The handling of Windows Defender Remote Credential Guard credentials is vulnerable to authentication relay attacks leading to elevation of privilege or authentication bypass. advisories...

Advanced Testimonials Manager 5.6 SQL Injection

Authored by indoushka Advanced Testimonials Manager version 5.6 suffers from a remote SQL injection vulnerability that allows for authentication bypass. Change Mirror Download ====================================================================================================================================| # Title : Advanced...

Ransom Lockbit 3.0 MVID-2022-0621 Code Execution

Authored by malvuln | Site malvuln.com Lockbit version 3.0 ransomware looks for and executes DLLs in its current directory. Therefore, we can hijack a DLL, in this case "RstrtMgr.dll", execute...

Magnolia CMS 6.2.19 Cross Site Scripting

Authored by Giulio Garzia Magnolia CMS versions 6.2.19 and below suffer from a persistent cross site scripting vulnerability. advisories | CVE-2022-33098 Change Mirror Download # Exploit Title: Magnolia CMS <= 6.2.19 - Stored...

Paymoney 3.3 Cross Site Scripting

Authored by nu11secur1ty Paymoney version 3.3 suffers from a cross site scripting vulnerability. Change Mirror Download ## Title: paymoney-3.3 XSS-Reflected## Author: nu11secur1ty## Date: 07.02.2022## Vendor: https://paymoney.techvill.org/## Software: paymoney-3.3## Reference: https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/paymoney/2022/paymoney-3.3Description:The parameters first_name...

PHP Library Remote Code Execution

Authored by Eldar Marcussen Several PHP compatibility libraries contain a potential remote code execution flaw in their json_decode() function based on having copy pasted existing vulnerable code. Affected components include...