Exploits & CVE's

Authored by Bryan Leong osCommerce version 2.3.4.1 remote code execution exploit. This is a variant of the original discovery of code execution in this version by Simon Scannell in March...

Authored by Spencer McIntyre, Michael Stepankin, bwatters-r7, jheysel-r7 | Site metasploit.com This Metasploit module leverages a pre-authentication remote code execution vulnerability in the OpenAM identity and access management solution. The...

Authored by wvu, Ricter Z | Site metasploit.com This Metasploit module exploits Java unsafe reflection and SSRF in the VMware vCenter Server Virtual SAN Health Check plugin's ProxygenController class to...

Authored by malvuln | Site malvuln.com Backdoor.Win32.Surila.j malware suffers from an authentication bypass vulnerability. Change Mirror Download Discovery / credits: Malvuln - malvuln.com (c) 2021Original source: https://malvuln.com/advisory/b1cec4b806c71c82bbd9002bdaf21d1f_B.txtContact: [email protected]: twitter.com/malvulnThreat: Backdoor.Win32.Surila.jVulnerability: Authentication BypassDescription:...

Authored by Alexandre Zanni OpenEMR version 5.0.1.3 authenticated remote shell upload exploit that leverages a vulnerability discovered in 2018. advisories | CVE-2018-15139 Change Mirror Download # Title: OpenEMR 5.0.1.3 - 'manage_site_files' Remote Code...

Authored by malvuln | Site malvuln.com VirTool.Win32.Afix malware suffers from buffer overflow and code execution vulnerabilities. Change Mirror Download Discovery / credits: Malvuln - malvuln.com (c) 2021Original source: https://malvuln.com/advisory/c971e978198331bb0b56dc8b47f0b4b0.txtContact: [email protected]: twitter.com/malvulnThreat: VirTool.Win32.AfixVulnerability:...

Authored by Swapnil Subhash Bodekar WordPress WPFront Notification Bar plugin version 1.9.1.04012 suffers from a persistent cross site scripting vulnerability. Change Mirror Download # Exploit Title: WordPress Plugin WPFront Notification Bar 1.9.1.04012...

Authored by Luca Bernardi Garbage Collection Management System version 1.0 shell upload exploit that leverages a SQL injection vulnerability. Change Mirror Download # Exploit Title: Garbage Collection Management System 1.0 - SQL...

Authored by malvuln | Site malvuln.com Backdoor.Win32.Surila.j malware suffers from a denial of service vulnerability. Change Mirror Download Discovery / credits: Malvuln - malvuln.com (c) 2021Original source: https://malvuln.com/advisory/b1cec4b806c71c82bbd9002bdaf21d1f_C.txtContact: [email protected]: twitter.com/malvulnThreat: Backdoor.Win32.Surila.j Vulnerability:...

Authored by Subhadip Nag Invoice System version 1.0 suffers from a persistent cross site scripting vulnerability. Change Mirror Download # Exploit Title: Invoice System 1.0 - 'Multiple' Stored Cross-Site Scripting (XSS)# Date:...