Exploits & CVE's

Exploits Database – Exploits, Shellcode, 0days, Remote Exploits, Local Exploits, Web Apps, Vulnerability Reports, CVEs and more.

Croogo 3.0.2 Shell Upload

0
Authored by Enes Ozeser Croogo version 3.0.2 suffers from a remote shell upload vulnerability. Change Mirror Download # Exploit Title: Croogo 3.0.2 - Unrestricted File Upload# Date: 06/12/2021# Exploit Author: Enes Özeser#...

Cibele Thinfinity VirtualUI 2.5.41.0 User Enumeration

0
Authored by Daniel Morales Cibele Thinfinity VirtualUI version 2.5.41.0 suffers from a user enumeration vulnerability. advisories | CVE-2021-44848 Change Mirror Download # Exploit Title: Cibele Thinfinity VirtualUI 2.5.41.0 - User Enumeration# Date: 13/12/2021#...

Chrome blink::NativeIOFile::DoRead Heap Use-After-Free

0
Authored by Google Security Research, Glazvunov Chrome suffers from a heap use-after-free vulnerability in blink::NativeIOFile::DoRead. advisories | CVE-2021-38006

Log4j Remote Code Execution Word Bypassing

0
Authored by Puliczek | Site github.com Log4j remote code execution exploit with a trick to bypass words blocking patches. Works on Log4j versions 2.14.1 and below. advisories | CVE-2021-44228

log4j-scan Extensive Scanner

0
Authored by fullhunt | Site github.com log4j-scan is fully automated, accurate, and extensive scanner for finding vulnerable log4j hosts. It supports fuzzing for more than 60 HTTP request headers, JSON...

Child’s Day Care Management System 1.0 SQL Injection

0
Authored by nu11secur1ty Child's Day Care Management System version 1.0 appears to be susceptible to a remote SQL injection vulnerability. Change Mirror Download ## Title: Child's Day Care Management System 1.0 SQL...

Log4j Payload Generator

0
Authored by c0ny1 | Site github.com log4j-payload-generator is a plugin for the woodpecker framework to produce log4 jndi injection vulnerability payload. Five types of payloads can be produced with one...

Oliver Library Server 5 Arbitrary File Download

0
Authored by Ishaan Vij, Mandeep Singh, CTRL Group, Luke Blues Oliver Library Server 5 versions prior to 8.00.008.053 suffer from an arbitrary file download vulnerability. Change Mirror Download # Exploit Title: Oliver...

OpenEMR 6.0.0 / 6.1.0-dev SQL Injection

0
Authored by Stefan Pietsch | Site trovent.io OpenEMR versions 6.0.0 and 6.1.0-dev suffer from an authenticated remote SQL injection vulnerability in the calendar search functionality. advisories | CVE-2021-41843 Change Mirror Download # Trovent...

SAP Netweaver IUUC_RECON_RC_COUNT_TABLE_BIG SQL Injection

0
Authored by Raschin Tavakoli | Site sec-consult.com SAP Netweaver suffers from a remote ADBC SQL injection vulnerability in IUUC_RECON_RC_COUNT_TABLE_BIG. Other software and various versions are also affected. advisories | CVE-2021-33701 Change Mirror...