Riak Insecure Default Configuration / Remote Command Execution
Authored by Jeremy Brown
Riak runs as an Erlang service configured with a default cookie of riak that allows for remote command execution if not modified before use.
Change Mirror Download
Riak...
Client Management System 1.1 Cross Site Scripting
Authored by Mohammad Koochaki
Client Management System version 1.1 suffers from a persistent cross site scripting vulnerability. This is a variant from the discovery of persistent cross site scripting in...
Men Salon Management System 1.0 SQL Injection
Authored by Akshay Khanna
Men Salon Management System version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
Change Mirror Download
# Exploit Title: Men Salon Management System...
Neo4j 3.4.18 Remote Code Execution
Authored by Nick Gonella, Christopher Ellis
Neo4j version 3.4.18 RMI-based java deserialization remote code execution exploit.
Change Mirror Download
# Exploit Title: Neo4j 3.4.18 - RMI based Remote Code Execution (RCE)# Date:...
Online Hotel Reservation System 1.0 Cross Site Scripting
Authored by Mohammad Koochaki
Online Hotel Reservation System version 1.0 suffers from multiple cross site scripting vulnerabilities. Original discovery of cross site scripting in this version is attributed to Mesut...
ObjectPlanet Opinio 7.13 / 7.14 XML Injection
Authored by Daniel Tan, Khor Yong Heng, Timothy Tan, Yu Enhui
ObjectPlanet Opinio versions 7.13 and 7.14 suffer from an XML external entity injection vulnerability.
advisories | CVE-2020-26564
Change Mirror Download
# Exploit...
ObjectPlanet Opinio 7.13 Expression Language Injection
Authored by Daniel Tan, Khor Yong Heng, Timothy Tan, Yu Enhui
ObjectPlanet Opinio version 7.13 suffers from an expression language injection vulnerability.
advisories | CVE-2020-26565
Change Mirror Download
# Exploit Authors: Timothy Tan...
ObjectPlanet Opinio 7.13 Shell Upload
Authored by Daniel Tan, Khor Yong Heng, Timothy Tan, Yu Enhui
ObjectPlanet Opinio version 7.13 suffers from a remote shell upload vulnerability.
advisories | CVE-2020-26806
Change Mirror Download
# Exploit Authors: Timothy Tan...
Panasonic Sanyo CCTV Network Camera 2.03-0x Cross Site Request Forgery
Authored by LiquidWorm | Site zeroscience.mk
Panasonic Sanyo CCTV Network Camera version 2.03-0x allows users to perform certain actions via HTTP requests without performing any validity checks to verify the...
Pi-Hole Remove Commands Linux Privilege Escalation
Authored by h00die, Emanuele Barbeno | Site metasploit.com
Pi-Hole versions 3.0 through 5.3 allows for command line input to the removecustomcname, removecustomdns, and removestaticdhcp functions without properly validating the parameters...
