Exploits & CVE's

Exploits Database – Exploits, Shellcode, 0days, Remote Exploits, Local Exploits, Web Apps, Vulnerability Reports, CVEs and more.

WordPress Motopress Hotel Booking Lite 4.2.4 Cross Site Scripting

Authored by Sanjay Singh WordPress Motopress Hotel Booking Lite plugin version 4.2.4 suffers from a persistent cross site scripting vulnerability. Change Mirror Download # Exploit Title: WordPress Plugin Motopress Hotel Booking Lite...

Through The Wire CVE-2022-26134 Confluence Proof Of Concept

Authored by jbaines-r7 | Site github.com Through the Wire is a proof of concept exploit for CVE-2022-26134, an OGNL injection vulnerability affecting Atlassian Confluence Server and Data Center versions 7.13.6...

Confluence OGNL Injection Proof Of Concept

Authored by Samy Younsi | Site github.com Proof of concept script that exploits the remote code execution vulnerability affecting Atlassian Confluence versions 7.18 and below. The OGNL injection vulnerability allows...

Poly Studio X30 / Studio X50 / Studio X70 / G7500 Command Injection

Authored by Johannes Kruchem | Site sec-consult.com Poly Studio X30, Studio X50, Studio X70, and G7500 versions 3.4.0-292042, 3.5.0-344025, and 3.6.0 suffers from an authenticated command injection vulnerability. advisories | CVE-2022-26481 Change...

Confluence OGNL Injection Remote Code Execution

Authored by h3v0x | Site github.com Confluence suffers from a pre-authentication remote code execution vulnerability that is leveraged via OGNL injection. All 7.4.17 versions before 7.18.1 are affected. advisories | CVE-2022-26134 Change...

IIPImage Remote Memory Corruption

Authored by Jeremy Brown IIPImage is distributed with a server that enables advanced, high-performance image manipulation for web-based streaming and viewing of high resolution images. The server component called iipsrv.fcgi...

Real Player 20.1.0.312 / 20.0.3.317 DLL Hijacking

Authored by Eduardo Braun Prado | Site github.com The Player application and the Recording Manager of Real Player versions 20.1.0.312 and 20.0.3.317 are prone to a remote DLL hijack (binary...

NVIDIA Data Center GPU Manager Remote Memory Corruption

Authored by Jeremy Brown NVIDIA DCGM runs on machines with NVIDIA GPUs to gather telemetry and GPU health data. nv-hostengine is a daemon that by default listens on the loopback...

Apache 2.4.50 Remote Code Execution

Authored by Vilius Povilaika | Site povilaika.com Apache version 2.4.50 remote code execution exploit that leverages a traversal as identified in CVE-2021-42013. Written in C. advisories | CVE-2021-42013 Change Mirror Download #include <stdio.h>#include...

Reolink E1 Zoom Camera 3.0.0.716 Private Key Disclosure

Authored by Julien Ahrens | Site rcesecurity.com Reolink E1 Zoom Camera versions 3.0.0.716 and below suffer from a private key disclosure vulnerability. advisories | CVE-2021-40149 Change Mirror Download RCE Security Advisoryhttps://www.rcesecurity.com1. ADVISORY INFORMATION=======================Product:...