Exploits & CVE's

Authored by Ceylan Bozogullarindan WordPress Mortgage Calculators WP plugin version 1.52 suffers from a persistent cross site scripting vulnerability. advisories | CVE-2021-24904 Change Mirror Download # Exploit Title: WordPress Plugin Mortgage Calculators WP...

Authored by Jonah Tan Oracle WebLogic Server suffers from a local file inclusion vulnerability. Versions affected include 12.1.3.0.0, 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. advisories | CVE-2022-21371 Change Mirror Download # Exploit Title: Oracle WebLogic...

Authored by Andris Raugulis | Site github.com Local privilege escalation root exploit for Polkit's pkexec vulnerability as described in CVE-2021-4034. Verified on Debian 10 and CentOS 7. Written in C. advisories...

Authored by Daniele Linguaglossa | Site github.com Local privilege escalation root exploit for Polkit's pkexec vulnerability as described in CVE-2021-4034 and known as PwnKit. Written in Go. advisories | CVE-2021-4034

Authored by Alejandro Guerrero Local privilege escalation exploit for a Linux kernel slab out-of-bounds write vulnerability. This exploit has been tested in an Ubuntu 21.04 Hirsute with kernel 5.11.0. advisories |...

Authored by malvuln | Site malvuln.com Backdoor.Win32.WinShell.50 malware suffers from a weak hardcoded password vulnerability. Change Mirror Download Discovery / credits: Malvuln - malvuln.com (c) 2022Original source: https://malvuln.com/advisory/1fd45364073a81ddd707d74ba5d4c121.txtContact: [email protected]: twitter.com/malvulnThreat: Backdoor.Win32.WinShell.50Vulnerability: Weak...

Authored by Vulnerability Laboratory | Site vulnerability-lab.com uBidAuction version 2.0.1 suffers from a cross site scripting vulnerability. Change Mirror Download Document Title:===============uBidAuction v2.0.1 - Multiple XSS Web VulnerabilitiesReferences (Source):====================https://www.vulnerability-lab.com/get_content.php?id=2289Release Date:=============2022-01-21Vulnerability Laboratory ID...

Authored by malvuln | Site malvuln.com CosaNostra Builder WebPanel malware suffers from a cross site request forgery vulnerability. Change Mirror Download Discovery / credits: Malvuln - malvuln.com (c) 2022Original source: https://malvuln.com/advisory/61285c988de52b7c067fb2e703f2ab83_C.txtContact: [email protected]:...

Authored by Steffen Rogge | Site sec-consult.com Ethercreative Logs plugin versions 3.0.3 and below for Craft CMS suffer from a path traversal vulnerability. advisories | CVE-2022-23409 Change Mirror Download SEC Consult Vulnerability Lab...

Authored by jbaines-r7 | Site metasploit.com This Metasploit module exploits an unauthenticated SQL injection vulnerability and a command injection vulnerability affecting the Grandstream UCM62xx IP PBX series of devices. The...