Exploits & CVE's

Exploits Database – Exploits, Shellcode, 0days, Remote Exploits, Local Exploits, Web Apps, Vulnerability Reports, CVEs and more.

Elber Wayber Analog/Digital Audio STL 4.00 Insecure Direct Object Reference

0
Authored by LiquidWorm | Site zeroscience.mk Elber Wayber Analog/Digital Audio STL version 4.00 suffers from an unauthenticated device configuration and client-side hidden functionality disclosure vulnerability. Change Mirror Download Elber Wayber Analog/Digital Audio...

BMC Compuware iStrobe Web 20.13 Shell Upload

0
Authored by trancap BMC Compuware iStrobe Web version 20.13 suffers from a remote shell upload vulnerability. advisories | CVE-2023-40304 Change Mirror Download #!/usr/bin/env python3# Exploit Title: Pre-auth RCE on Compuware iStrobe Web# Date:...

WordPress WP Video Playlist 1.1.1 Cross Site Scripting

0
Authored by Erdemstar WordPress WP Video Playlist plugin version 1.1.1 suffers from a persistent cross site scripting vulnerability. Change Mirror Download # Exploit Title: Wordpress Plugin WP Video Playlist 1.1.1 - Stored...

GLPI 10.x.x Remote Command Execution

0
Authored by V3locidad GLPI versions 10.x.x suffers from a remote command execution vulnerability via the shell commands plugin. advisories | CVE-2024-31705

CrushFTP Remote Code Execution

0
Authored by Christophe de la Fuente, Ryan Emmons | Site metasploit.com This Metasploit exploit module leverages an improperly controlled modification of dynamically-determined object attributes vulnerability (CVE-2023-43177) to achieve unauthenticated remote...

Amazon AWS Glue Database Password Disclosure

0
Authored by Michael Werner | Site sec-consult.com The password of database connections in AWS Glue is loaded into the website when a connection's edit page is requested. Principals with appropriate...

Backdoor.Win32.Dumador.c MVID-2024-0679 Buffer Overflow

0
Authored by malvuln | Site malvuln.com Backdoor.Win32.Dumador.c malware suffers from a buffer overflow vulnerability. Change Mirror Download Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2024Original source: https://malvuln.com/advisory/6cc630843cabf23621375830df474bc5.txtContact: [email protected]: twitter.com/malvulnThreat: Backdoor.Win32.Dumador.cVulnerability:...

Centreon 23.10-1.el8 SQL Injection

0
Authored by Cody Sixteen | Site code610.blogspot.com Centreon version 23.10-1.el8 suffers from a remote authenticated SQL injection vulnerability. Change Mirror Download ;; Postauth SQL Injection in Centreon 23.10-1.el8;; by code610;; ;; found...

pgAdmin 8.3 Remote Code Execution

0
Authored by Spencer McIntyre, Abdel Adim Oisfi, Davide Silvetti | Site metasploit.com pgAdmin versions 8.3 and below have a path traversal vulnerability within their session management logic that can allow...

Palo Alto OS Command Injection Proof Of Concept

0
Authored by W01fh4cker | Site github.com This is a scanning script to validate vulnerable Palo Alto OS systems for the recent zero day command injection vulnerability. advisories | CVE-2024-3400
Error decoding the Instagram API json