Exploits & CVE's

Authored by James Forshaw, Google Security Research The msExchStorageGroup schema class added during Exchange installation can be used to create almost any AD object including users, groups or domain trusts...

Authored by Ang Kar Min ObjectPlanet Opinio version 7.12 suffers from reflective and persistent cross site scripting vulnerabilities. advisories | CVE-2020-26563 Change Mirror Download # Exploit Title: ObjectPlanet Opinio 7.12 allows Cross-Site Scripting#...

Authored by Ivan Nikolsky Denver IP Camera SHO-110 suffers from an unauthenticated disclosure of a snapshot. Change Mirror Download # Exploit Title: Denver IP Camera SHO-110 - Unauthenticated Snapshot# Date: 28 July...

Authored by LiquidWorm | Site zeroscience.mk Longjing Technology BEMS API version 1.21 suffers from an unauthenticated arbitrary file download vulnerability. Input passed through the fileName parameter through downloads endpoint is...

Authored by J. Francisco Bolivar Oracle Fatwire version 6.3 suffers from cross site scripting and remote SQL injection vulnerabilities. Change Mirror Download # Exploit Title: Oracle Fatwire 6.3 - Multiple Vulnerabilities# Date:...

Authored by Javier Olmedo Event Registration System with QR Code version 1.0 suffers from authentication bypass and shell upload vulnerabilities. Change Mirror Download # Exploit Title: Event Registration System with QR Code...

Authored by malvuln | Site malvuln.com Backdoor.Win32.WinShell.40 malware suffers from a code execution vulnerability. Change Mirror Download Discovery / credits: Malvuln - malvuln.com (c) 2021Original source: https://malvuln.com/advisory/c98e23742807f3cb5a095f34e0eb0e52.txtContact: [email protected]: twitter.com/malvulnThreat: Backdoor.Win32.WinShell.40Vulnerability: Unauthenticated Remote...

Authored by LiquidWorm | Site zeroscience.mk IntelliChoice eFORCE Software Suite version 2.5.9 allows for username enumeration. Change Mirror Download IntelliChoice eFORCE Software Suite v2.5.9 Username EnumerationVendor: IntelliChoice, Inc.Product web page: https://www.eforcesoftware.comAffected version:...

Authored by securityforeveryone.com Care2x Integrated Hospital Info System version 2.7 suffers from multiple remote SQL injection vulnerabilities. Change Mirror Download # Exploit Title: Care2x Integrated Hospital Info System 2.7 - 'Multiple' SQL...

Authored by niebardzo CloverDX version 5.9.0 cross site request forgery to remote code execution exploit. advisories | CVE-2021-29995 Change Mirror Download # Exploit Title: CloverDX 5.9.0 - Cross-Site Request Forgery (CSRF) to Remote...