Docker Privileged Container Kernel Escape
Authored by Eran Ayalon, Nick Cottrell, Ilan Sokol | Site metasploit.com
This Metasploit module performs a container escape onto the host as the daemon user. It takes advantage of the...
osCommerce 4 Cross Site Scripting
Authored by CraCkEr
osCommerce version 4 suffers from a cross site scripting vulnerability. This finding is another vector of attack for this issue already discovered by the same researcher in...
undefinedExploiting The NT Kernel In 24H2undefined
Authored by gabe_k
This is the full Windows privilege escalation exploit produced from the blog Exploiting the NT Kernel in 24H2: New Bugs in Old Code and Side Channels Against...
Windows NtQueryInformationThread Double-Fetch / Arbitrary Write
Authored by gabe_k
Proof of concept code that demonstrates how the Windows kernel suffers from a privilege escalation vulnerability due to a double-fetch in NtQueryInformationThread that leads to an arbitrary...
ESET NOD32 Antivirus 17.1.11.0 Unquoted Service Path
Authored by Milad Karimi
ESET NOD32 Antivirus version 17.1.11.0 suffers from an unquoted service path vulnerability.
Change Mirror Download
# Exploit Title: ESET NOD32 Antivirus 17.1.11.0 - Unquoted Service Path# Exploit Author:...
Doctor Appointment Management System 1.0 Cross Site Scripting
Authored by SoSPiro
Doctor Appointment Management System version 1.0 suffers from a cross site scripting vulnerability.
advisories | CVE-2024-4293
Change Mirror Download
# Application Name: Doctor Appointment Management System# Software Link: (https://phpgurukul.com/doctor-appointment-management-system-using-php-and-mysql/)# Vendor...
Kemp LoadMaster Unauthenticated Command Injection
Authored by Dave Yesland | Site metasploit.com
This Metasploit module exploits an unauthenticated command injection vulnerability in Progress Kemp LoadMaster in the authorization header after version 7.2.48.1. The following versions...
Relate Learning And Teaching System SSTI / Remote Code Execution
Authored by kai6u
Relate Learning and Teaching System versions prior to 2024.1 suffers from a server-side template injection vulnerability that leads to remote code execution. This particular finding targets the...
Apache Solr Backup/Restore API Remote Code Execution
Authored by jheysel-r7, l3yx | Site metasploit.com
Apache Solr versions 6.0.0 through 8.11.2 and versions 9.0.0 up to 9.4.1 are affected by an unrestricted file upload vulnerability which can result...
PowerVR PMRMMapPMR() Writability Check
Authored by Jann Horn, Google Security Research
PowerVR has a security issue where a writability check in PMRMMapPMR() does not clear VM_MAYWRITE.