Online Leave Management System 1.0 Shell Upload
Authored by Justin White
Online Leave Management System version 1.0 suffers from a remote shell upload vulnerability.
Change Mirror Download
# Exploit Title: Online Leave Management System 1.0 - Arbitrary File Upload...
ProcessMaker 3.5.4 Local File Inclusion
Authored by Ai Ho
ProcessMaker version 3.5.4 suffers from a local file inclusion vulnerability.
Change Mirror Download
# Exploit Title: ProcessMaker 3.5.4 - Local File inclusion# Exploit Author: Ai Ho (@j3ssiejjj)# Date:...
NetModule Router Software Password Handling / Session Fixation
Authored by Gerhard Hechenberger, S. Robertz | Site sec-consult.com
NetModule Router Software versions prior to 4.3.0.113, 4.4.0.111, and 4.5.0.105 suffer from insecure password handling and session fixation vulnerabilities.
advisories | CVE-2021-39289,...
Altus Sistemas de Automacao Products CSRF / Command Injection / Hardcoded Credentials
Authored by T. Weber, Daniel Teuchert | Site sec-consult.com
Multiple Altus Sistemas de Automacao products such as the Nexto NX30xx Series, Nexto NX5xxx Series, Nexto Xpress XP3xx Series, and Hadron...
Laundry Booking Management System 1.0 Cross Site Scripting
Authored by Azumah Foresight Xorlali
Laundry Booking Management System version 1.0 suffers from a persistent cross site scripting vulnerability.
Change Mirror Download
# Exploit Title: Laundry Booking Management System 1.0 - 'Multiple'...
Laundry Booking Management System 1.0 SQL Injection
Authored by Azumah Foresight Xorlali
Laundry Booking Management System version 1.0 suffers from a remote SQL injection vulnerability.
Change Mirror Download
# Exploit Title: Laundry Booking Management System 1.0 - 'Multiple' SQL...
Charity Management System CMS 1.0 Code Execution / XSS / SQL Injection
Authored by Davide Taraschi
Charity Management System CMS version 1.0 suffers from code execution, cross site scripting, and remote SQL injection vulnerabilities.
Change Mirror Download
# Exploit Title: Charity Management System CMS...
WebKit WebCore::FrameLoader::PolicyChecker::checkNavigationPolicy Heap Use-After-Free
Authored by Google Security Research, Glazvunov
WebKit suffers from a heap use-after-free vulnerability in WebCore::FrameLoader::PolicyChecker::checkNavigationPolicy.
advisories | CVE-2021-30795
Change Mirror Download
WebKit: heap-use-after-free in WebCore::FrameLoader::PolicyChecker::checkNavigationPolicyVULNERABILITY DETAILSPolicyChecker.cpp:```#define IS_ALLOWED (m_frame.page() ? m_frame.page()->sessionID().isAlwaysOnLoggingAllowed() : false)#define PAGE_ID...
JavaScriptCore Crash Proof Of Concept
Authored by Ivan Fratric, Google Security Research
JavaScriptCore suffers from a crash condition due to an uninitialized register in slow_path_profile_catch. Proof of concept that affects Safari is included.
advisories | CVE-2021-30797
WebKit Element::dispatchMouseEvent Heap Use-After-Free
Authored by Google Security Research, Glazvunov
WebKit suffers from a heap use-after-free vulnerability in Element::dispatchMouseEvent.
advisories | CVE-2021-30799
