BlogEngine 3.3.8 Cross Site Scripting
Authored by Andrey Stoykov
BlogEngine version 3.3.8 suffers from a persistent cross site scripting vulnerability.
Change Mirror Download
# Exploit Title: BlogEngine 3.3.8 - 'Content' Stored XSS# Date: 11/2020# Exploit Author: Andrey...
git-lfs Remote Code Execution
Authored by Dawid Golunski
Proof of concept git-lfs remote code execution exploit written in Go. Affects Git, GitHub CLI, GitHub Desktop, Visual Studio, GitKraken, SmartGit, SourceTree, and more.
advisories | CVE-2020-27955
Change...
Sentrifugo 3.2 Remote Code Execution
Authored by Fatih Celik
Sentrifugo version 3.2 announcements authenticated remote code execution exploit.
Change Mirror Download
# Exploit Title: Sentrifugo Version 3.2 - 'announcements' Remote Code Execution (Authenticated)# Google Dork: N/A# Date:...
Asterisk 17.6.0 / 17.5.1 Denial Of Service
Authored by Sandro Gauci | Site enablesecurity.com
Asterisk versions 17.5.1 and 17.6.0 were found vulnerability to a denial of service condition where Asterisk segfaults when receiving an INVITE flood over...
Processwire CMS 2.4.0 Local File Inclusion
Authored by Y1LD1R1M
Processwire CMS version 2.4.0 suffers from a local file inclusion vulnerability.
Change Mirror Download
# Exploit Title: # Vulnerability Type: Unauthenticated LFI# Date: # Exploit Author: # Type: #...
PDW File Browser 1.3 Shell Upload
Authored by David Bimmel
PDW File Browser version 1.3 suffers from a remote shell upload vulnerability.
Change Mirror Download
# Exploit Title: PDW File Browser 1.3 - Remote Code Execution# Date: 24-10-2020#...
School Log Management System 1.0 Code Execution / SQL Injection
Authored by mosaaed
School Log Management System version 1.0 suffers from a remote SQL injection vulnerability that could lead to code execution.
Change Mirror Download
# Exploit Title: School Log Management System...
Student Attendance Management System 1.0 Code Execution / SQL Injection
Authored by mosaaed
Student Attendance Management System version 1.0 suffers from a remote SQL injection vulnerability that could lead to code execution.
Change Mirror Download
# Exploit Title: Student Attendance Management System...
Amarok 2.8.0 Denial Of Service
Authored by FishballAndMeatball
Amarok version 2.8.0 suffers from a denial of service vulnerability.
advisories | CVE-2020-13152
Change Mirror Download
# Exploit Title: Amarok 2.8.0 - Denial-of-Service# Date: 1 November 2020# Exploit Author: FishballAndMeatball#...
Trend Micro IMSVA CSRF / XML Injection / SSRF / File Disclosure
Authored by Wolfgang Ettlinger, T. Serafin | Site sec-consult.com
Trend Micro InterScan Messaging Security Virtual Appliance (IMSVA) versions prior to 9.1.0 Critical Patch Build 2025 suffer from XML injection, over-privileged...
