Exploits & CVE's

Authored by nu11secur1ty Kruxton version 1.0 suffers from a remote shell upload vulnerability. Change Mirror Download ## Title: kruxton-1.0-FileUpload-RCE## Author: nu11secur1ty## Date: 04/15/2024## Vendor: https://www.mayurik.com/## Software: https://www.sourcecodester.com/php/16127/best-pos-management-system-php.html## Reference: https://portswigger.net/web-security/file-upload## Description:The system setting...

Authored by Joseph Kwabena Fiagbor Terratec dmx_6fire USB version 1.23.0.02 suffers from an unquoted service path vulnerability. advisories | CVE-2024-31804 Change Mirror Download # Exploit Title: Terratec dmx_6fire USB - Unquoted Service...

Authored by h00die, Paul Gerste | Site metasploit.com GitKraken GitLens versions prior to 14.0.0 allow an untrusted workspace to execute git commands. A repo may include its own .git folder...

Authored by h00die | Site metasploit.com This Metasploit module creates a vsix file which can be installed in Visual Studio Code as an extension. At activation/install, the extension will execute...

Authored by Michael Werner | Site sec-consult.com The password of database connections in AWS Glue is loaded into the website when a connection's edit page is requested. Principals with appropriate...

Authored by LiquidWorm | Site zeroscience.mk Elber Signum DVB-S/S2 IRD for Radio Networks version 1.999 suffers from an unauthenticated device configuration and client-side hidden functionality disclosure vulnerability. Change Mirror Download Elber Signum...

Authored by Fire_Wolf The Ray Project dashboard contains a CPU profiling page, and the format parameter is not validated before being inserted into a system command executed in a shell,...

Authored by LiquidWorm | Site zeroscience.mk Elber Cleber/3 Broadcast Multi-Purpose Platform version 1.0.0 suffers from an authentication bypass vulnerability through a direct and unauthorized access to the password management functionality....

Authored by jheysel-r7, l3yx | Site metasploit.com Apache Solr versions 6.0.0 through 8.11.2 and versions 9.0.0 up to 9.4.1 are affected by an unrestricted file upload vulnerability which can result...

Authored by LiquidWorm | Site zeroscience.mk Elber Wayber Analog/Digital Audio STL version 4.00 suffers from an unauthenticated device configuration and client-side hidden functionality disclosure vulnerability. Change Mirror Download Elber Wayber Analog/Digital Audio...