Exploits & CVE's

Authored by Gurkirat Singh Sphider Search Engine version 1.3.6 remote code execution exploit. advisories | CVE-2014-5194 Change Mirror Download # Exploit Title: Sphider Search Engine 1.3.6 - 'word_upper_bound' RCE (Authenticated)# Google Dork: intitle:"Sphider...

Authored by LiquidWorm | Site zeroscience.mk Adtec Digital is a leading manufacturer of Broadcast, Cable and IPTV products and solutions. Many of their devices utilize hard-coded and default credentials within...

Authored by Gurkirat Singh Sentrifugo version 3.2 suffers from a restriction bypass vulnerability that allows for a remote shell upload. advisories | CVE-2019-15813 Change Mirror Download # Exploit Title: Sentrifugo 3.2 - File...

Authored by LiquidWorm | Site zeroscience.mk TDM Digital Signage Windows Player version 4.1 suffers from an elevation of privileges vulnerability which can be used by a simple authenticated user that...

Authored by n1x_ WordPress Colorbox Lightbox plugin version 1.1.1 suffers from a persistent cross site scripting vulnerability. Change Mirror Download # Exploit Title: WordPress Plugin Colorbox Lightbox v1.1.1 - Persistent Cross-Site Scripting...

Authored by Spencer McIntyre, Oleksandr Mirosh, Markus Wulftange, Alvaro Munoz, Paul Taylor, Caleb Gross, straightblast | Site metasploit.com This Metasploit module exploits the .NET deserialization vulnerability within the RadAsyncUpload (RAU)...

Authored by Sosecure Hrsale version 2.0.0 suffers from a local file inclusion vulnerability. Change Mirror Download # Exploit Title: Hrsale 2.0.0 - Local File Inclusion# Date: 10/21/2020# Exploit Author: Sosecure# Vendor Homepage:...

Authored by Jyotsna Adhana School Faculty Scheduling System version 1.0 suffers from a persistent cross site scripting vulnerability. Change Mirror Download # Exploit Title: School Faculty Scheduling System 1.0 - Stored Cross...

Authored by Jyotsna Adhana School Faculty Scheduling System version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass. Change Mirror Download # Exploit Title: School Faculty Scheduling System...

Authored by Balzabu GOautodial version 4.0 suffers from a remote shell upload vulnerability. Change Mirror Download # Exploit Title: GOautodial 4.0 - Authenticated Shell Upload# Author: Balzabu# Discovery Date: 07-23-2020# Vendor Homepage:...