Microsoft SharePoint Unsafe Control And ViewState Remote Code Execution
Authored by unknown, Spencer McIntyre, wvu | Site metasploit.com
The EditingPageParser.VerifyControlOnSafeList method fails to properly validate user supplied data. This can be leveraged by an attacker to leak sensitive information...
Windows Kerberos AppContainer Enterprise Authentication Capability Bypass
Authored by James Forshaw, Google Security Research
Kerberos supports a security buffer to set the target SPN of a ticket bypassing the SPN check in LSASS.
advisories | CVE-2021-26414, CVE-2021-31962
Brother BRAgent 1.38 Unquoted Service Path
Authored by Brian Rodriguez
Brother BRAgent version 1.38 suffers from an unquoted service path vulnerability.
Change Mirror Download
# Exploit Title: Brother BRAgent 1.38 - 'WBA_Agent_Client' Unquoted Service Path# Discovery by: Brian...
Online Library Management System 2.0 Cross Site Request Forgery
Authored by Mohit Dabas
Online Library Management System version 2.0 suffers from a cross site request forgery vulnerability.
Change Mirror Download
# Exploit Title: Online Library Management System# Date:15/06/2021# Exploit Author :...
Polkit 0.105-26 0.117-2 Privilege Escalation
Authored by J Smith
Polkit version Polkit 0.105-26 0.117-2 suffers from a local privilege escalation vulnerability.
advisories | CVE-2021-3560
Change Mirror Download
# Exploit Title: Polkit 0.105-26 0.117-2 - Local Privilege Escalation# Date:...
XML External Entity Via MP3 File Upload On WordPress
Authored by Vallari Sharma, Archie Midha
This document illustrates proof of concept exploitation of a vulnerability in WordPress versions 5.6.0 through 5.7.0 that gives a user the ability to upload...
Brother BRPrint Auditor 3.0.7 Unquoted Service Path
Authored by Brian Rodriguez
Brother BRPrint Auditor version 3.0.7 suffers from an unquoted service path vulnerability.
Change Mirror Download
# Exploit Title: Brother BRPrint Auditor 3.0.7 - 'Multiple' Unquoted Service Path# Discovery...
HashiCorp Nomad Remote Command Execution
Authored by Wyatt Dahlenburg | Site metasploit.com
This Metasploit module lets you create a batch job on HashiCorp's Nomad service to spawn a shell. The default option is to use...
IPFire 2.25 Remote Code Execution
Authored by Grant Willcox, Mucahit Saratar | Site metasploit.com
This Metasploit module exploits an authenticated command injection vulnerability in the /cgi-bin/pakfire.cgi web page of IPFire devices running versions 2.25 Core...
Client Management System 1.1 SQL Injection
Authored by BHAVESH KAUL
Client Management System version 1.1 suffers from a remote SQL injection vulnerability.
Change Mirror Download
# Exploit Title: Client Management System 1.1 - 'Search' SQL Injection# Date: 14...
