Exploits & CVE's

Authored by Mert Das TextPattern CMS version 4.8.7 suffers from an authenticated remote shell upload vulnerability. Change Mirror Download # Exploit Title: TextPattern CMS 4.8.7 - Remote Command Execution (RCE) (Authenticated)# Date:...

Authored by nu11secur1ty IFSC Code Finder Project version 1.0 suffers from a remote SQL injection vulnerability. advisories | CVE-2021-42224 Change Mirror Download Hello, dear friends.KR## (https://phpgurukul.com/ifsc-code-finder-project-using-php/)## (https://phpgurukul.com/author/admin/)!(https://github.com/nu11secur1ty/CVE-mitre/blob/main/CVE-2021-42224/docs/Screenshot%202021-10-14%20104403.png)## Description:- vulnerability: `all or nothing`SQL Injection...

Authored by Michele Di Bonaventura Yellowfin versions prior to 9.6.1 suffer from persistent cross site scripting and insecure direct object reference vulnerabilities. advisories | CVE-2021-36387, CVE-2021-36388, CVE-2021-36389 Change Mirror Download YELLOWFIN < 9.6.1...

Authored by Google Security Research, Glazvunov WebKit suffers from a heap use-after-free vulnerability in PointerCaptureController::processPendingPointerCapture. advisories | CVE-2021-30846

Authored by Google Security Research, Glazvunov WebKit suffers from a heap use-after-free vulnerability in EventHandler::keyEvent. advisories | CVE-2021-30848

Authored by Google Security Research, Glazvunov WebKit suffers from a heap use-after-free vulnerability in DOMWindow::open. advisories | CVE-2021-30849

Authored by Forster Chiu i-Panel Administration System version 2.0 suffers from a cross site scripting vulnerability. advisories | CVE-2021-41878 Change Mirror Download # Exploit Title: i-Panel Administration System 2.0 - Reflected Cross-site Scripting...

Authored by Lucas Souza Apache HTTP Server version 2.4.50 suffers from path traversal and code execution vulnerabilities. advisories | CVE-2021-42013 Change Mirror Download # Exploit: Apache HTTP Server 2.4.50 - Path Traversal &...

Authored by Bekir Bugra Turkoglu Simple Issue Tracker System version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass. Change Mirror Download # Exploit Title: Simple Issue Tracker...

Authored by Huseyin Serkan Balkanli Student Quarterly Grading System version 1.0 suffers from a persistent cross site scripting vulnerability. Change Mirror Download # Exploit Title: Student Quarterly Grading System 1.0 - 'grade'...