Exploits & CVE's

Authored by malvuln | Site malvuln.com Worm.Win32.Busan.k malware suffers from an insecure transit vulnerability. Change Mirror Download Discovery / credits: Malvuln - malvuln.com (c) 2021Original source: https://malvuln.com/advisory/bcad7aa6cb6cb9d94377cd88acbca1c9.txtContact: [email protected]: twitter.com/malvulnThreat: Worm.Win32.Busan.kVulnerability: Insecure Communication...

Authored by Stefan Kanthak Windows 10 Wi-Fi Drivers For Intel Wireless Adapters version 22.30.0 suffer from a privilege escalation vulnerability. Change Mirror Download Hi @ll,the executable installers version 22.30.0 (Latest), published 2/23/2021,for...

Authored by nu11secur1ty SEO Panel version 4.8.0 remote blind SQL injection exploit. Original discovery in this version is attributed to Piyush Patil in February of 2021. advisories | CVE-2021-28419 Change Mirror Download #...

Authored by Fellipe Oliveira OpenPLC version 3 authenticated remote code execution exploit. Change Mirror Download # Exploit Title: OpenPLC 3 - Remote Code Execution (Authenticated)# Date: 25/04/2021# Exploit Author: Fellipe Oliveira# Vendor...

Authored by Dolev Farhi Hasura GraphQL version 1.3.3 remote code execution exploit. Change Mirror Download # Exploit Title: Hasura GraphQL 1.3.3 - Remote Code Execution# Software: Hasura GraphQL# Software Link: https://github.com/hasura/graphql-engine# Version:...

Authored by Ahmad Shakla Montiorr version 1.7.6m suffers from a cross site scripting vulnerability via a file upload. Change Mirror Download # Exploit Title: Montiorr 1.7.6m - File Upload to XSS# Date:...

Authored by Litch1, je5442804, Alibaba Cloud Security Team | Site metasploit.com Apache Druid includes the ability to execute user-provided JavaScript code embedded in various types of requests; however, that feature...

Authored by Dolev Farhi WordPress WPGraphQL plugin version 1.3.5 suffers from a denial of service vulnerability. Change Mirror Download # Exploit Title: WordPress Plugin WPGraphQL 1.3.5 - Denial of Service # Author:...

Authored by wvu, Egor Dimitrenko | Site metasploit.com This Metasploit module exploits a pre-auth server-side request forgery (CVE-2021-21975) and post-auth file write (CVE-2021-21983) in VMware vRealize Operations Manager to leak...

Authored by Bobby Cooke GetSimple CMS My SMTP Contact plugin versions 1.1.1 and below cross site request forgery to persistent cross site scripting to remote code execution exploit. Change Mirror Download #...