Exploits & CVE's

Exploits Database – Exploits, Shellcode, 0days, Remote Exploits, Local Exploits, Web Apps, Vulnerability Reports, CVEs and more.

HealthForYou 1.11.1 / HealthCoach 2.9.2 Missing Password Policy

0
Authored by Nick Decker | Site trovent.io HealthForYou version 1.11.1 and HealthCoach version 2.9.2 are missing a server-side password policy. When creating an account or changing your password the mobile...

Pentaho Business Analytics / Pentaho Business Server 9.1 SQL Injection

0
Authored by Altion Malka, Alberto Favero Pentaho allows users to create and manage Data Sources. Users can select a Data Source when creating a Dashboard through the Pentaho User Console....

WordPress Pie Register 3.7.1.4 Authentication Bypass / Remote Code Execution

0
Authored by h00die, Lotfi13-DZ | Site metasploit.com This Metasploit module uses an authentication bypass vulnerability in Wordpress Pie Register plugin versions 3.7.1.4 and below to generate a valid cookie. With...

10-Strike Network Inventory Explorer Pro 9.31 Buffer Overflow

0
Authored by ro0k 10-Strike Network Inventory Explorer Pro version 9.31 suffers from a buffer overflow vulnerability. Change Mirror Download # Exploit Title: 10-Strike Network Inventory Explorer Pro 9.31 - Buffer Overflow (SEH)#...

Employee Record Management System 1.2 SQL Injection

0
Authored by Anubhav Singh Employee Record Management System version 1.2 suffers from a remote SQL injection vulnerability. Change Mirror Download # Title: Employee Record Management System 1.2 - 'empid' SQL injection (Unauthenticated)#...

Dynojet Power Core 2.3.0 Unquoted Service Path

0
Authored by Pedro Sousa Rodrigues Dynojet Power Core version 2.3.0 suffers from an unquoted service path vulnerability. Change Mirror Download # Exploit Title: Dynojet Power Core 2.3.0 - Unquoted Service Path# Exploit...

Ericsson Network Location MPS GMPC21 Remote Code Execution

0
Authored by AkkuS | Site metasploit.com This Metasploit module exploits an arbitrary command execution vulnerability in Ericsson Network Location Mobile Positioning Systems. The export feature in various parts of the...

Ericsson Network Location MPS GMPC21 Privilege Escalation

0
Authored by AkkuS | Site metasploit.com This Metasploit module exploits a privilege escalation vulnerability in Ericsson Network Location Mobile Positioning Systems. Change Mirror Download ### This module requires Metasploit: https://metasploit.com/download# Current source:...

i3 International Annexxus Cameras Ax-n 5.2.0 Application Logic Flaw

0
Authored by LiquidWorm | Site zeroscience.mk i3 International Annexxus Cameras Ax-n version 5.2.0 does not allow creation of more than one administrator account on the system. This also applies for...

Fuel CMS 1.4.1 Remote Code Execution

0
Authored by Padsala Trushal Fuel CMS version 1.4.1 remote code execution exploit. Original discovery of remote code execution in this version is attributed to 0xd0ff9 in July of 2019. advisories |...