Exploits & CVE's

Exploits Database – Exploits, Shellcode, 0days, Remote Exploits, Local Exploits, Web Apps, Vulnerability Reports, CVEs and more.

Gitlab 14.9 Cross Site Scripting

0
Authored by stacksmashing, Greenwolf Gitlab versions 14.9 prior to 14.9.2, 14.8 prior to 14.8.5, and 14.7 prior to 14.7.7 suffer from a persistent cross site scripting vulnerability. advisories | CVE-2022-1175 Change Mirror...

WordPress Coru LFMember 1.0.2 Cross Site Scripting

0
Authored by Mariam Tariq WordPress Coru LFMember plugin version 1.0.2 suffers from a persistent cross site scripting vulnerability. Change Mirror Download # Exploit Title: WordPress Plugin Coru LFMember - Stored Cross SiteScripting#...

Jenkins Remote Code Execution

0
Authored by Orange Tsai | Site github.com Jenkins exploit that chains CVE-2018-1000861, CVE-2019-1003005 and CVE-2019-1003029 to a more reliable and elegant pre-auth remote code execution. Jenkins versions below 2.138 are...

7-Zip 16 DLL Hijacking

0
Authored by Eduardo Braun Prado 7-Zip versions 16 and below, and possibly other software that utilizes the HTML Help System to display help content to the user, are prone to...

Online Restaurant Table Reservation System 1.0 SQL Injection

0
Authored by segf0lt Online Restaurant Table Reservation System version 1.0 suffers from a remote SQL injection vulnerability. Change Mirror Download # Exploit Title: Online Restaurant Table Reservation System v1.0# Exploit Author: segf0lt#...

Pharmacy Management System 1.0 Shell Upload

0
Authored by Saud Alenazi Pharmacy Management System version 1.0 suffers from a remote shell upload vulnerability. Change Mirror Download # Exploit Title: Pharmacy management system - Remote Code Execution (RCE)# Date: 19/04/2022#...

Backdoor.Win32.GateHell.21 Authentication Bypass

0
Authored by malvuln | Site malvuln.com Backdoor.Win32.GateHell.21 malware suffers from an authentication bypass vulnerability. Change Mirror Download Discovery / credits: Malvuln - malvuln.com (c) 2022Original source: https://malvuln.com/advisory/5aa81ddc996be64116754efac0e4f55d.txtContact: [email protected]: twitter.com/malvulnThreat: Backdoor.Win32.GateHell.21Vulnerability: Authentication BypassDescription:...

BlueZ Key Theft / bluetoothd Double-Free

0
Authored by Jann Horn, Google Security Research BlueZ suffers from a vulnerability where a malicious USB device can steal Bluetooth link keys over HCI using a fake BD_ADDR. It was...

WordPress Motopress Hotel Booking Lite 4.2.4 SQL Injection

0
Authored by Mohsen Dehghani WordPress Motopress Hotel Booking Lite plugin version 4.2.4 suffers from a remote SQL injection vulnerability. Change Mirror Download # Exploit Title: WordPress Plugin Motopress Hotel Booking Lite 4.2.4...

Linux FUSE Use-After-Free

0
Authored by Jann Horn, Google Security Research Linux suffers from a vulnerability where FUSE allows use-after-free reads of write() buffers, allowing theft of (partial) /etc/shadow hashes. advisories | CVE-2022-1011