Exploits & CVE's

Exploits Database – Exploits, Shellcode, 0days, Remote Exploits, Local Exploits, Web Apps, Vulnerability Reports, CVEs and more.

Sports Complex Booking System 1.0 SQL Injection

0
Authored by Hejap Zairy Sports Complex Booking System version 1.0 suffers from a remote blind SQL injection vulnerability that can be used to escalate privileges and execute code. Change Mirror Download #...

Microfinance Management System 1.0 SQL Injection

0
Authored by Hejap Zairy Microfinance Management System version 1.0 suffers from a remote blind SQL injection vulnerability that can be used to escalate privileges and execute code. Change Mirror Download # Title:...

Event Management System 1.0 Shell Upload

0
Authored by Hejap Zairy Event Management System version 1.0 suffers from a remote shell upload vulnerability. Change Mirror Download # Title: Event Management System 1.0 Shell Upload# Author: Hejap Zairy#...

RTLO Injection URI Spoofing

0
Authored by Sick Codes, zadewg RTLO injection URI spoofing generator for WhatsApp, iMessage, Instagram, and Facebook Messenger. advisories | CVE-2020-20093, CVE-2020-20094, CVE-2020-20095, CVE-2020-20096 Change Mirror Download # Exploit Title: RTLO Injection URI Spoofing:...

ImpressCMS 1.4.2 SQL Injection / Remote Code Execution

0
Authored by EgiX | Site karmainsecurity.com ImpressCMS versions 1.4.2 and below pre-authentication SQL injection to remote code execution exploit. User input passed through the "groups" POST parameter to the /include/findusers.php...

ImpressCMS 1.4.2 Path Traversal

0
Authored by EgiX | Site karmainsecurity.com ImpressCMS versions 1.4.2 and below suffer from a path traversal vulnerability that can allow for arbitrary file deletion. advisories | CVE-2021-26601 Change Mirror Download -----------------------------------------------------------------ImpressCMS <= 1.4.2...

ImpressCMS 1.4.2 Incorrect Access Control

0
Authored by EgiX | Site karmainsecurity.com ImpressCMS versions 1.4.2 and below suffer from an incorrect access control vulnerability. advisories | CVE-2021-26598 Change Mirror Download --------------------------------------------------------------------------ImpressCMS <= 1.4.2 (findusers.php) Incorrect Access Control Vulnerability-------------------------------------------------------------------------- Software...

ImpressCMS 1.4.2 SQL Injection

0
Authored by EgiX | Site karmainsecurity.com ImpressCMS versions 1.4.3 and below suffer from a remote SQL injection vulnerability. advisories | CVE-2021-26599 Change Mirror Download ---------------------------------------------------------------ImpressCMS <= 1.4.3 (findusers.php) SQL Injection Vulnerability--------------------------------------------------------------- Software Link:https://www.impresscms.org...

WordPress Amministrazione Aperta 3.7.3 Arbitrary File Read

0
Authored by Hassan Khan Yusufzai WordPress Amministrazione Aperta plugin version 3.7.3 suffers from an arbitrary file read vulnerability. Change Mirror Download # Exploit Title: WordPress Plugin amministrazione-aperta 3.7.3 - Local File Read...

Drupal Avatar Upload 7.x-1.0-beta8 Cross Site Scripting

0
Authored by Milad Karimi Drupal Avatar Uploader version 7.x-1.0-beta8 suffers from a cross site scripting vulnerability. Change Mirror Download # Exploit Title: Drupal avatar_uploader v7.x-1.0-beta8 - Cross Site Scripting (XSS)# Date: 2022-03-22#...