Exploits & CVE's

Authored by Beren Kuday Gorun WordPress Plainview Activity Monitor plugin version 20161228 authenticated remote code execution exploit. advisories | CVE-2018-15877 Change Mirror Download # Exploit Title: WordPress Plugin Plainview Activity Monitor 20161228 -...

Authored by Jeremy Brown Okta Access Gateway version 2020.5.5 suffers from multiple authenticated remote root command injection vulnerabilities. advisories | CVE-2021-28113 Change Mirror Download Okta Access Gateway v2020.5.5 Post-Auth Remote Root RCECVE-2021-28113=======Details=======There are...

Authored by Ron Jost WordPress SP Project and Document Manager plugin version 4.21 suffers from a remote shell upload vulnerability. advisories | CVE-2021-24347 Change Mirror Download # Exploit Title: Wordpress Plugin SP Project...

Authored by Subhadip Nag Employee Record Management System version 1.2 suffers from a persistent cross site scripting vulnerability. Change Mirror Download # Exploit Title: Employee Record Management System 1.2 - Stored Cross-Site...

Authored by faisalfs10x Online Covid Vaccination Scheduler System version 1.0 suffers from a remote shell upload vulnerability. Change Mirror Download # Exploit Title: Online Covid Vaccination Scheduler System 1.0 - Arbitrary File...

Authored by Tavis Ormandy, Google Security Research ASProtect embeds a runtime DLL that is susceptible to memory corruption. Crash testcase provided. advisories | CVE-2021-31985

Authored by Patrik Lantz Wyomind Help Desk version 1.3.6 suffers from remote shell upload, cross site scripting, and directory traversal vulnerabilities. Change Mirror Download # Exploit Title: Wyomind Help Desk 1.3.6 -...

Authored by Eleonora Guardini Church Management System version 1.0 shell upload exploit that leverages SQL injection. Change Mirror Download # Exploit Title: Church Management System 1.0 - SQL Injection (Authentication Bypass) +...

Authored by Spencer McIntyre, jheysel-r7, Kevin Backhouse | Site metasploit.com A vulnerability exists within the polkit system service that can be leveraged by a local, unprivileged attacker to perform privileged...

Authored by faisalfs10x Online Covid Vaccination Scheduler System version 1.0 suffers from a remote time-based blind SQL injection vulnerability. Change Mirror Download # Exploit Title: Online Covid Vaccination Scheduler System 1.0 -...