Kruxton 1.0 SQL Injection
Authored by nu11secur1ty
Kruxton version 1.0 suffers from a remote SQL injection vulnerability.
Change Mirror Download
## Title: kruxton-1.0-Multiple-SQLi## Author: nu11secur1ty## Date: 04/15/2024## Vendor: https://www.mayurik.com/## Software: https://www.sourcecodester.com/php/16127/best-pos-management-system-php.html## Reference: https://portswigger.net/web-security/sql-injection## Description:The username parameter...
PrusaSlicer 2.6.1 Arbitrary Code Execution
Authored by Kamil Brenski
PrusaSlicer versions 2.6.1 and below suffer from an arbitrary code execution vulnerability.
advisories | CVE-2023-47268
Change Mirror Download
# Exploit Title: PrusaSlicer 2.6.1 - Arbitrary code execution on g-code...
AMPLE BILLS 0.1 SQL injection
Authored by nu11secur1ty
AMPLE BILLS version 0.1 suffers from a remote SQL injection vulnerability.
Change Mirror Download
## Title: AMPLE BILLS 0.1 Multiple-SQLi## Author: nu11secur1ty## Date: 04/13/2024## Vendor: https://www.mayurik.com/## Software: https://www.sourcecodester.com/php/16741/free-and-open-source-inventory-management-system-php-source-code.html## Reference:...
Joomla SP Page Builder 5.2.7 SQL Injection
Authored by indoushka
Joomla SP Page Builder component version 5.2.7 suffers from a remote SQL injection vulnerability.
Change Mirror Download
====================================================================================================================================| # Title : SP Page Builder 5.2.7...
CHAOS RAT 5.0.1 Remote Command Execution
Authored by chebuya
CHAOS RAT web panel version 5.0.1 is vulnerable to command injection, which can be triggered from a cross site scripting attack, allowing an attacker to takeover the...
Windows Kernel Subkey List Use-After-Free
Authored by Google Security Research, mjurczyk
The Windows Kernel suffers from a subkey list use-after-free vulnerability due to a mishandling of partial success in CmpAddSubKeyEx.
advisories | CVE-2024-26182
GUnet OpenEclass E-learning 3.15 File Upload / Command Execution
Authored by Georgios Tsimpidas, Frey
GUnet OpenEclass E-learning platform version 3.15 suffers from an unrestricted file upload vulnerability in certbadge.php that allows for remote command execution.
advisories | CVE-2024-31777
Change Mirror Download
import...
Concrete CMS 9.2.7 Cross Site Scripting / Open Redirect
Authored by Andrey Stoykov
Concrete CMS version 9.2.7 suffers from information disclosure, open redirection, and persistent cross site scripting vulnerabilities.
Change Mirror Download
# Exploit Title: Multiple Web Flaws in concretecmsv9.2.7# Date:...
Trimble TM4Web 22.2.0 Privilege Escalation / Access Code Disclosure
Authored by Clement Cruchet
An access control issue in Trimble TM4Web version 22.2.0 allows unauthenticated attackers to access a specific crafted URL path to retrieve the last registration access code...
MinIO Privilege Escalation
Authored by Jenson Zhao
MinIO versions prior to 2024-01-31T20-20-33Z suffer from a privilege escalation vulnerability.
advisories | CVE-2024-24747
Change Mirror Download
# Exploit Title: MinIO < 2024-01-31T20-20-33Z - Privilege Escalation# Date: 2024-04-11#...