Exploits & CVE's

Authored by Jyotsna Adhana Point of Sales version 1.0 suffers from a remote SQL injection vulnerability. Change Mirror Download # Exploit Title: Point of Sales 1.0 - 'username' SQL Injection# Date: 22/10/2020#...

Authored by Vaisha Bernard PackageKit versions prior to 1.1.13 suffer from a file existence disclosure vulnerability. Change Mirror Download # Exploit Title: File Existence Disclosure in PackageKit < 1.1.13-2ubuntu1# Date: 2020-10-27# Exploit...

Authored by Vaisha Bernard aptdaemon versions prior to 1.1.1 suffer from a file existence disclosure vulnerability. Change Mirror Download # Exploit Title: File Existence Disclosure in aptdaemon <= 1.1.1+bzr982-0ubuntu32.1# Date: 2020-10-27# Exploit...

Authored by Vaisha Bernard Blueman versions prior to 2.1.4 suffer from a local privilege escalation vulnerability that achieves root. advisories | CVE-2020-15238 Change Mirror Download # Exploit Title: Local Privilege Escalation in Blueman...

Authored by Chris Lyne, Matthew Aberegg Nagios XI version 5.7.3 mibs.php remote command injection exploit. advisories | CVE-2020-5791 Change Mirror Download # Exploit Title: Nagios XI 5.7.3 - 'mibs.php' Remote Command Injection (Authenticated)#...

Authored by Julien Ahrens | Site rcesecurity.com God Kings version 0.60.1 suffers from an improper authorization issue allowing for in-game notification spoofing. advisories | CVE-2020-25204 Change Mirror Download RCE Security Advisoryhttps://www.rcesecurity.com1. ADVISORY INFORMATION=======================Product:...

Site redteam-pentesting.de RedTeam Pentesting discovered a vulnerability in the BigBlueButton web conferencing system version 2.2.25 that allows participants of a conference with permissions to upload presentations to read arbitrary files...

Authored by Gurkirat Singh CMS Made Simple version 2.1.6 suffers from a server-side template injection vulnerability. advisories | CVE-2017-16783 Change Mirror Download # Exploit Title: CMS Made Simple 2.1.6 - 'cntnt01detailtemplate' Server-Side Template...

Authored by Ramon Janssen, Joost Vondeling, David Bimmel PDW File Browser versions 1.3 and below suffer from a cross site scripting vulnerability. Change Mirror Download # Exploit Title: PDW File Browser <=...

Authored by Simon Lyhin InoERP version 0.7.2 suffers from an unauthenticated remote code execution vulnerability. Change Mirror Download #!/usr/bin/python# -*- coding: UTF-8 -*-# Exploit Title: InoERP 0.7.2 Unauthenticated Remote Code Execution#...