OpenCart 3.0.3.6 Cross Site Scripting
Authored by Hemant Patidar
OpenCart version 3.0.3.6 suffers from multiple persistent cross site scripting vulnerabilities.
Change Mirror Download
# Exploit Title: OpenCart 3.0.3.6 - 'subject' Stored Cross-Site Scripting# Date: 24-11-2020# Exploit Author:...
Seowon 130-SLC 1.0.11 Remote Code Execution
Authored by maj0rmil4d
Seowon 130-SLC router version 1.0.11 suffers from a remote code execution vulnerability.
Change Mirror Download
# Exploit Title: Seowon 130-SLC router 1.0.11 - 'ipAddr' RCE (Authenticated)# Date: 5 Aug...
ZTE MF253V 1.0.0B04 XSS / CSRF / Hardcoded Password
Authored by T. Weber, S. Robertz | Site sec-consult.com
ZTE WLAN router MF253V version 1.0.0B04 suffers from cross site request forgery, hardcoded password, outdated component, and cross site scripting vulnerabilities.
Change...
Wondershare Driver Install Service Help 10.7.1.321 Unquoted Service Path
Authored by Luis Sandoval
Wondershare Driver Install Service Help version 10.7.1.321 suffers from an unquoted service path vulnerability.
Change Mirror Download
# Exploit Title: Wondershare Driver Install Service help 10.7.1.321 - 'ElevationService'...
osCommerce 2.3.4.1 Cross Site Scripting
Authored by Emre Aslan
osCommerce version 2.3.4.1 suffers from a persistent cross site scripting vulnerability.
Change Mirror Download
# Exploit Title: osCommerce 2.3.4.1 - 'title' Persistent Cross-Site Scripting# Date: 2020-11-19# Exploit Author:...
SyncBreeze 10.0.28 Remote Buffer Overflow
Authored by Abdessalam King
SyncBreeze version 10.0.28 suffers from a remote buffer overflow vulnerability.
Change Mirror Download
# Exploit Title: SyncBreeze 10.0.28 - 'password' Remote Buffer Overflow# Date: 18-Sep-2020# Exploit Author: Abdessalam...
WordPress Simple File List Unauthenticated Remote Code Execution
Authored by h00die, coiffeur | Site metasploit.com
This Metasploit module exploits WordPress Simple File List plugin versions prior to 4.2.3, which allows remote unauthenticated attackers to upload files within a...
Kong Gateway Admin API Remote Code Execution
Authored by Graeme Robinson | Site metasploit.com
This Metasploit module uses the Kong admin API to create a route and a serverless function plugin that is associated with the route....
OpenMediaVault rpc.php Authenticated PHP Code Injection
Authored by Anastasios Stasinopoulos | Site metasploit.com
This Metasploit module exploits an authenticated PHP code injection vulnerability found in openmediavault versions before 4.1.36 and 5.x versions before 5.5.12 inclusive in...
Barco wePresent Insecure Firmware Image
Authored by Matthew Bergin, Jim Becher | Site korelogic.com
Barco wePresent WiPG-1600W versions 2.5.1.8, 2.5.0.25, 2.5.0.24, and 2.4.1.19 have firmware that does not perform verification of digitally signed firmware updates...
