Online Diagnostic Lab Management System 1.0 Missing Access Control
Authored by Himash
Online Diagnostic Lab Management System version 1.0 suffers from an account takeover vulnerability.
Change Mirror Download
#Exploit Title: Online Diagnostic Lab Management System 1.0 - Account Takeover (Unauthenticated)#Date: 11/01/2022#Exploit...
RLM 14.2 Cross Site Scripting
Authored by Giulia Melotti Garibaldi
RLM version 14.2 suffers from a cross site scripting vulnerability.
advisories | CVE-2021-45422
Change Mirror Download
# Product: RLM 14.2# Vendor: Reprise Software# CVE ID:...
Apple ColorSync Out-Of-Bounds Read
Authored by Google Security Research, mjurczyk
Apple ColorSync suffers from out-of-bounds read vulnerabilities due to integer overflows in curve table initialization.
advisories | CVE-2021-30942
Microsoft Windows EFSRPC Arbitrary File Upload / Privilege Escalation
Authored by James Forshaw, Google Security Research
The EFSRPC service on Microsoft Windows Server versions 2019 and 2022 does not prevent a caller specifying a local device path allowing any...
Chrome IPC::ChannelAssociatedGroupController Memory Corruption
Authored by Google Security Research, Glazvunov
Chrome suffers from a memory corruption vulnerability in IPC::ChannelAssociatedGroupController due to interface ID reuse.
advisories | CVE-2021-4098
SonicWall SMA 100 Series Authenticated Command Injection
Authored by jbaines-r7 | Site metasploit.com
This Metasploit module exploits an authenticated command injection vulnerability in the SonicWall SMA 100 series web interface. Exploitation results in command execution as root....
WordPress Contact Form Entries Cross Site Scripting
Authored by gx1
WordPress Contact Form Entries plugin versions prior to 1.2.4 suffer from an unauthenticated persistent cross site scripting vulnerability.
advisories | CVE-2021-25079
Change Mirror Download
# Exploit Title: Contact Form Entries...
Open-AudIT Community 4.2.0 Cross Site Scripting
Authored by Dominic Clark
Open-AudIT Community versions 4.2.0 and below suffer from a cross site scripting vulnerability.
advisories | CVE-2021-44916
Change Mirror Download
# Exploit Title: Open-AudIT Community 4.2.0 - Cross-Site Scripting (XSS)...
Linux Garbage Collection Memory Corruption
Authored by Jann Horn, Google Security Research
Linux suffers from a garbage collection memory corruption vulnerability by resurrecting a file reference through RCU.
advisories | CVE-2021-4083
Microsoft Windows .Reg File Dialog Spoofing / Mitigation Bypass
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org
Microsoft Windows suffers from a registration file dialog spoofing vulnerability and their last fix to this issue can be bypassed.
Change Mirror Download
Credits: John...
