Exploits & CVE's

Exploits Database – Exploits, Shellcode, 0days, Remote Exploits, Local Exploits, Web Apps, Vulnerability Reports, CVEs and more.

Mumara Classic 2.93 SQL Injection

0
Authored by Shain Lakin Mumara Classic versions 2.93 and below suffer from a remote SQL injection vulnerability. Change Mirror Download # Exploit Title: Mumara Classic 2.93 - 'license' SQL Injection (Unauthenticated)# Date:...

Microsoft Windows MultiPoint Server 2011 SP1 Local Privilege Escalation

0
Authored by Marcio Mendes Microsoft MultiPoint Server 2011 version 6.1 Compilation 7601 Service Pack 1 suffers from an RpcEptMapper and Dnschade local privilege escalation vulnerability.

WordPress WP Symposium Pro 2021.10 Cross Site Scripting

0
Authored by Murat Demirci WordPress WP Symposium Pro version 2021.10 suffers from a persistent cross site scripting vulnerability. Change Mirror Download # Exploit Title: WordPress Plugin WP Symposium Pro 2021.10 - 'wps_admin_forum_add_name'...

Xlight FTP 3.9.3.1 Buffer Overflow

0
Authored by Yehia Elghaly Xlight FTP version 3.9.3.1 suffers from a buffer overflow vulnerability. Change Mirror Download # Exploit Title: Xlight FTP 3.9.3.1 - 'Buffer Overflow' (PoC)# Discovered by: Yehia Elghaly# Discovered...

Employee Daily Task Management System 1.0 Cross Site Scripting

0
Authored by Ragavender A G Employee Daily Task Management System version 1.0 suffers from a persistent cross site scripting vulnerability. Change Mirror Download # Exploit Title: Employee Daily Task Management System 1.0...

Dolibarr ERP / CRM 13.0.2 Cross Site Scripting

0
Authored by Nick Decker | Site trovent.io Dolibarr ERP and CRM version 13.0.2 suffer from a persistent cross site scripting vulnerability. advisories | CVE-2021-33618 Change Mirror Download # Trovent Security Advisory 2105-02 ######################################Stored...

Dolibarr ERP / CRM 13.0.2 Remote Code Execution

0
Authored by Nick Decker | Site trovent.io Dolibarr ERP and CRM version 13.0.2 suffer from a remote code execution vulnerability. advisories | CVE-2021-33816 Change Mirror Download # Trovent Security Advisory 2106-01 ######################################Authenticated remote...

Microsoft OMI Management Interface Authentication Bypass

0
Authored by Spencer McIntyre, Nir Ohfeld, Shir Tamari | Site metasploit.com This Metasploit module demonstrates that by removing the authentication exchange, an attacker can issue requests to the local OMI...

Win32k NtGdiResetDC Use-After-Free / Local Privilege Escalation

0
Authored by Grant Willcox, KaLendsi, ly4k, Costin Raiu, Boris Larin, Red Raindrop Team, IronHusky | Site metasploit.com A use after free vulnerability exists in the NtGdiResetDC() function of Win32k which...

FormaLMS 2.4.4 Authentication Bypass

0
Authored by Cristian Giustini FormaLMS versions 2.4.4 and below suffer from an authentication bypass vulnerability. advisories | CVE-2021-43136 Change Mirror Download # Exploit Title: FormaLMS 2.4.4 - Authentication Bypass# Google Dork: inurl:index.php?r=adm/# Date:...