Exploits & CVE's

Exploits Database – Exploits, Shellcode, 0days, Remote Exploits, Local Exploits, Web Apps, Vulnerability Reports, CVEs and more.

WordPress Stafflist 3.1.2 Cross Site Scripting

Authored by Hassan Khan Yusufzai WordPress Stafflist plugin version 3.1.2 suffers from a cross site scripting vulnerability. Change Mirror Download # Exploit Title: WordPress Plugin stafflist 3.1.2 - Reflected XSS (Authenticated)# Date:...

Tenda HG6 3.3.0 Remote Command Injection

Authored by LiquidWorm | Site zeroscience.mk Tenda HG6 version 3.3.0 suffers from a remote command injection vulnerability. It can be exploited to inject and execute arbitrary shell commands through the...

VMware Workspace ONE Access Template Injection / Command Execution

Authored by mr_me, wvu, Udhaya Prakash | Site metasploit.com This Metasploit module exploits CVE-2022-22954, an unauthenticated server-side template injection (SSTI) vulnerability in VMware Workspace ONE Access, to execute shell commands...

Redis Lua Sandbox Escape

Authored by Reginaldo Silva, jbaines-r7 | Site metasploit.com This Metasploit module exploits CVE-2022-0543, a Lua-based Redis sandbox escape. The vulnerability was introduced by Debian and Ubuntu Redis packages that insufficiently...

Home Clean Service System 1.0 SQL Injection

Authored by nu11secur1ty Home Clean Service System version 1.0 suffers from a remote SQL injection vulnerability. Change Mirror Download ## Title: Home Clean Service System v1.0 - 2022 SQLi## Author: nu11secur1ty## Date:...

Toll Tax Management System 1.0 SQL Injection

Authored by nu11secur1ty Toll Tax Management System version 1.0 suffers from a remote SQL injection vulnerability. Change Mirror Download ## Title: Toll Tax Management System v1.0 SQLi## Author: nu11secur1ty## Date: 04.07.2022## Vendor:...

Covid 19 Travel Pass Management System 1.0 SQL Injection

Authored by nu11secur1ty Covid 19 Travel Pass Management System version 1.0 suffers from a remote SQL injection vulnerability. Change Mirror Download ## Title: Covid 19 Travel Pass Management System v1.0 SQLi##...

Ransom.LockBit DLL Hijacking

Authored by malvuln | Site malvuln.com Ransom.LockBit malware suffers from a dll hijacking vulnerability. Change Mirror Download Discovery / credits: Malvuln - malvuln.com (c) 2022Original source: https://malvuln.com/advisory/96de05212b30ec85d4cf03386c1b84af.txtContact: [email protected]: twitter.com/malvulnThreat: Ransom.LockBitVulnerability: DLL HijackingDescription:...

Strapi 3.6.8 Password Disclosure / Insecure Handling

Authored by Kitchaphan Singchai Strap versions prior to 3.6.9 and 4.1.5 disclose a user's password due to simply base64 encoding it and sticking it in a cookie. advisories | CVE-2021-46440 Change Mirror...

WordPress Stafflist 3.1.2 SQL Injection

Authored by Hassan Khan Yusufzai WordPress Stafflist plugin version 3.1.2 suffers from a remote SQL injection vulnerability. Change Mirror Download # Exploit Title: WordPress Plugin stafflist 3.1.2 - SQL Injection(Authenticated)# Date: 05-02-2022#...