Exploits & CVE's

Authored by Imre Rad Google's Extensible Service Proxy suffers from a header forgery vulnerability. Change Mirror Download Extensible Service Proxy (a.k.a. ESP) is an open source software byGoogle assisting Cloud Endpoints, a...

Authored by Leonardo Nicolas Servalli Mitrastar GPT-2541GNAC-N1 suffers from a privilege escalation vulnerability that provides root privileges. Change Mirror Download # Exploit Title: Mitrastar GPT-2541GNAC-N1 - Privilege escalation# Date: 10-08-2021# Exploit Author:...

Authored by Mr.Gedik Pet Shop Management System version 1.0 suffers from a remote shell upload vulnerability. Change Mirror Download # Title: Pet Shop Management System 1.0 - Remote Code Execution (RCE) (Unauthenticated)#...

Authored by treebuilder This code is a proof-of-concept of the recently revealed Azure Active Directory password brute-forcing vulnerability announced by Secureworks.

Authored by Murat Pharmacy Point of Sale System version 1.0 suffers from multiple remote SQL injection vulnerabilities. Original discovery of SQL injection in this version is attributed to Janik Wehrli...

Authored by spacehen WordPress JS Jobs Manager plugin version 1.1.7 suffers from an unauthenticated plugin installation and activation vulnerability. Change Mirror Download # Exploit Title: Wordpress Plugin JS Jobs Manager 1.1.7 -...

Authored by LiquidWorm | Site zeroscience.mk FatPipe Networks WARP/IPVPN/MPVPN version 10.2.2 has the hidden administrative account cmuser that has no password and has write access permissions to the device. The...

Authored by LiquidWorm | Site zeroscience.mk FatPipe Networks WARP/IPVPN/MPVPN version 10.2.2 suffers from a remote privilege escalation vulnerability. Change Mirror Download #!/usr/bin/env python3### FatPipe Networks WARP/IPVPN/MPVPN 10.2.2 Remote Privilege Escalation### Vendor: FatPipe...

Authored by nu11secur1ty | Site github.com Covid Vaccination Scheduler System version 1.0 suffers from cross site scripting and remote SQL injection vulnerabilities. Original discovery of SQL injection in this version...

Authored by Eric Salario OpenSIS version 8.0 suffers from a cross site scripting vulnerability. Change Mirror Download # Exploit Title: OpenSIS 8.0 - 'cp_id_miss_attn' Reflected Cross-Site Scripting (XSS)# Date: 9/24/2021# Exploit Author:...