Exploits & CVE's

Authored by z9fr, kozmer, svmorris Apache Log4j2 versions 2.0-beta-9 and 2.14.1 remote code execution exploit. advisories | CVE-2021-44228 Change Mirror Download # Exploit Title: Apache Log4j 2 - Remote Code Execution (RCE)# Date:...

Authored by Spencer McIntyre, numan turle | Site metasploit.com Control Web Panel versions prior to 0.9.8.1147 are vulnerable to unauthenticated OS command injection. Successful exploitation results in code execution as...

Authored by Kagan Capar dataSIMS Avionics ARINC 664-1 version 4.5.3 suffers from a local buffer overflow vulnerability. Change Mirror Download # Exploit Title: dataSIMS Avionics ARINC 664-1 - Local Buffer Overflow (PoC)#...

Authored by Ivo Palazzolo Oracle Business Intelligence Enterprise Edition versions 5.5.0.0.0, 12.2.1.3.0, and 12.2.1.4.0 suffer from local file inclusion and directory traversal vulnerabilities. advisories | CVE-2020-14864 Change Mirror Download # Exploit Title: Oracle...

Authored by Sandro Gauci | Site enablesecurity.com FreeSWITCH versions 1.10.6 and below suffer from a denial of service vulnerability when handling invalid SRTP packets. advisories | CVE-2021-41105 Change Mirror Download # FreeSWITCH susceptible...

Authored by Google Security Research, Felix Wilhelm Node-saml and its partner project passport-saml are vulnerable to an authentication bypass due to lax parsing of SAML responses. advisories | CVE-2022-39299

Authored by Juli Agarwal Exam Reviewer Management System version 1.0 suffers from a remote shell upload vulnerability. Change Mirror Download # Exploit Title: Exam Reviewer Management System 1.0 - Remote Code Execution...

Authored by Vulnerability Laboratory | Site vulnerability-lab.com uBidAuction version 2.0.1 suffers from a cross site scripting vulnerability. Change Mirror Download Document Title:===============uBidAuction v2.0.1 - Multiple XSS Web VulnerabilitiesReferences (Source):====================https://www.vulnerability-lab.com/get_content.php?id=2289Release Date:=============2022-01-21Vulnerability Laboratory ID...

Authored by indoushka ARTISTRY LIMITED LMS version 0.5 appears to leave default credentials installed after installation. Change Mirror Download ====================================================================================================================================| # Title : ARTISTRY LIMITED LMS v 0.5...

Authored by indoushka Eden CMS version 1.02 suffers from a cross site scripting vulnerability. Change Mirror Download ====================================================================================================================================| # Title : Eden CMS v1.02 Xss Vulnerability ...