Exploits & CVE's

Authored by Aakash Choudhary WordPress KN Fix Your Title plugin version 1.0.1 suffers from a cross site scripting vulnerability. Change Mirror Download # Exploit Title: WordPress Plugin KN Fix Your Title 1.0.1...

Authored by Mesh3l_911, Z0ldyck Webmin version 1.973 cross site request forgery exploit that loads a reverse shell. advisories | CVE-2021-31761 Change Mirror Download # Exploit Title: Webmin 1.973 - 'run.cgi' Cross-Site Request Forgery...

Authored by James Forshaw, Google Security Research The default rules for the WFP connect layers permit certain executables to connect TCP sockets in AppContainers without capabilities leading to elevation of...

Authored by Pierre Kim Dell OpenManage Enterprise versions up to 3.6.1 suffer from multiple hard-coded credential issues, multiple privilege escalation, weak permissions, authentication bypass, and other vulnerabilities. Change Mirror Download Hello,Please find...

Authored by LiquidWorm | Site zeroscience.mk KevinLAB BEMS version 1.0 has an undocumented backdoor account and the sets of credentials are never exposed to the end-user and cannot be changed...

Authored by LiquidWorm | Site zeroscience.mk KevinLAB BEMS version 1.0 suffers from an unauthenticated SQL Injection vulnerability. Input passed through input_id POST parameter in /http/index.php is not properly sanitized before...

Authored by malvuln | Site malvuln.com HEUR.Backdoor.Win32.Winnti.gen malware suffers from an insecure permissions vulnerability. Change Mirror Download Discovery / credits: Malvuln - malvuln.com (c) 2021Original source: https://malvuln.com/advisory/eb272fe923ccf3e66fde1bf309cbc464.txtContact: [email protected]: twitter.com/malvulnThreat: HEUR.Backdoor.Win32.Winnti.genVulnerability: Insecure PermissionsDescription:...

Authored by nhattruong WordPress LearnPress plugin versions prior to 3.2.6.8 suffer from a remote time-based blind SQL injection vulnerability. advisories | CVE-2020-6010 Change Mirror Download # Exploit Title: WordPress Plugin LearnPress < 3.2.6.8...

Authored by nhattruong WordPress LearnPress plugin versions prior to 3.2.6.9 suffer from a privilege escalation vulnerability. advisories | CVE-2020-11511 Change Mirror Download # Exploit Title: WordPress Plugin LearnPress < 3.2.6.9 - User Registration...

Authored by malvuln | Site malvuln.com Backdoor.Win32.Agent.bjev malware suffers from an insecure permissions vulnerability. Change Mirror Download Discovery / credits: Malvuln - malvuln.com (c) 2021Original source: https://malvuln.com/advisory/ca40998b5d62ee7f936537ff3de7993d.txtContact: [email protected]: twitter.com/malvulnThreat: Backdoor.Win32.Agent.bjev Vulnerability: Insecure...