Exploits & CVE's

Authored by malvuln | Site malvuln.com TROJAN.WIN32.JORIK.DMSPAMMER.SZ malware suffers from a remote memory corruption vulnerability. Change Mirror Download Discovery / credits: malvuln - Malvuln.com (c) 2021Original source: http://malvuln.com/advisory/bdcaed5042eba30f91b093f0bcb3caf3.txtContact: [email protected]: twitter.com/malvulnThreat: TROJAN.WIN32.JORIK.DMSPAMMER.SZVulnerability: Remote...

Authored by malvuln | Site malvuln.com Phorplex malware suffers from an insecure permissions vulnerability that can allow for privilege escalation. Change Mirror Download Discovery / credits: malvuln - Malvuln.com (c) 2021Original source:...

Authored by malvuln | Site malvuln.com BACKDOOR.WIN32.BNLITE malware suffers from a remote heap corruption vulnerability. Change Mirror Download Discovery / credits: malvuln - Malvuln.com (c) 2021Original source: http://malvuln.com/advisory/f78cef7588f9c32609a4932d10c67f95.txtContact: [email protected]: twitter.com/malvulnThreat: BACKDOOR.WIN32.BNLITEVulnerability: Remote...

Authored by Ferhat Cil CHMSC Elearning System version 1.0 suffers from a remote SQL injection vulnerability. Change Mirror Download # Exploit Title: CHMSC Elearning System 1.0 - SQL Injection# Exploit Author: Ferhat...

Authored by Daniel Bishtawi | Site netsparker.com SEOPanel version 4.6.0 suffers from multiple cross site scripting vulnerabilities. Change Mirror Download Hello,We are informing you about Cross-Site Scripting Vulnerabilities in SEOPanel4.6.0.Information--------------------Advisory by NetsparkerName:...

Authored by Jeremy Brown Cassandra Web is vulnerable to directory traversal due to the disabled Rack::Protection module. Apache Cassandra credentials are passed via the CLI in order for the server...

Authored by Jeremy Brown HPE Edgeline Infrastructure Manager suffers from multiple broken authorization flows that allow for administrative function access without authenticating and can allow for arbitrary password changes. Change Mirror...

Authored by Dwiki Kusuma EgavilanMedia My To Do List version 1.0 suffers from a persistent cross site scripting vulnerability.

Authored by EgiX | Site karmainsecurity.com qdPM versions 9.1 and below suffer from an executeExport PHP object injection vulnerability. advisories | CVE-2020-26165 Change Mirror Download --------------------------------------------------------------qdPM <= 9.1 (executeExport) PHP Object Injection Vulnerability--------------------------------------------------------------...

Authored by Jeremy Brown Openpilot has a default SSH key that can allow attackers remote access if not changed. This script port scans and attempts to login to Openpilot SSH...