Exploits & CVE's

Exploits Database – Exploits, Shellcode, 0days, Remote Exploits, Local Exploits, Web Apps, Vulnerability Reports, CVEs and more.

Virus.Win32.Qvod.b Insecure Permissions

0
Authored by malvuln | Site malvuln.com Virus.Win32.Qvod.b malware suffers from an insecure permissions vulnerability. Change Mirror Download Discovery / credits: Malvuln - malvuln.com (c) 2022Original source: https://malvuln.com/advisory/c44a9580e17bad0aa27329e51b7d0ae0.txtContact: [email protected]: twitter.com/malvulnThreat: Virus.Win32.Qvod.bVulnerability: Insecure Permissions...

Email-Worm.Win32.Sidex Remote Command Execution

0
Authored by malvuln | Site malvuln.com Email-Worm.Win32.Sidex malware suffers from a remote command execution vulnerability. Change Mirror Download Discovery / credits: Malvuln - malvuln.com (c) 2022Original source: https://malvuln.com/advisory/a98cdaa89da57bf269873db63e22a939.txtContact: [email protected]: twitter.com/malvulnThreat: Email-Worm.Win32.SidexVulnerability: Unauthenticated...

Pharmacy Management System 1.0 SQL Injection

0
Authored by Saud Alenazi Pharmacy Management System version 1.l0 suffers from a remote SQL injection vulnerability. Change Mirror Download # Exploit Title: Pharmacy management system - 'email' SQL injection# Date: 19/04/2022# Exploit...

USR IOT 4G LTE Industrial Cellular VPN Router 1.0.36 Remote Root Backdoor

0
Authored by LiquidWorm | Site zeroscience.mk The USR IOT industrial router is vulnerable to hard-coded credentials within its Linux distribution image. These sets of credentials are never exposed to the...

Watch Queue Out-Of-Bounds Write

0
Authored by Jann Horn, bwatters-r7, bonfee | Site metasploit.com This Metasploit module exploits a vulnerability in the Linux Kernel's watch_queue event notification system. It relies on a heap out-of-bounds write...

ManageEngine ADSelfService Plus Custom Script Execution

0
Authored by Jake Baines, Andrew Iwamaye, Dan Kelley, Hernan Diaz | Site metasploit.com This Metasploit module exploits the "custom script" feature of ADSelfService Plus. The feature was removed in build...

WordPress ScrollReveal.js Effects 1.1.1 Cross Site Scripting

0
Authored by Mariam Tariq WordPress ScrollReveal.js Effects plugin version 1.1.1 suffers from a persistent cross site scripting vulnerability. Change Mirror Download # Exploit Title: WordPress Plugin ScrollReveal.js Effects - Stored Cross Site...

Joomla Sexy Polling 2.1.7 SQL Injection

0
Authored by Wolfgang Hotwagner | Site ait.ac.at Joomla Sexy Polling extension versions 2.1.7 and below suffer from a remote SQL injection vulnerability. Change Mirror Download SexyPolling SQL Injection====================| Identifier: | AIT-SA-20220208-01|| Target:...

WordPress WP-Invoice 4.3.1 Cross Site Scripting

0
Authored by Mariam Tariq WordPress WP-Invoice plugin version 4.3.1 suffers from a persistent cross site scripting vulnerability. Change Mirror Download # Exploit Title: WordPress Plugin WP-Invoice - Stored Cross Site Scripting#...

Gitlab 14.9 Authentication Bypass

0
Authored by stacksmashing, Greenwolf Gitlab versions 14.9 prior to 14.9.2, 14.8 prior to 14.8.5, and 14.7 prior to 14.7.7 suffer from a bypass vulnerability due to having set a hardcoded...