Exploits & CVE's

Authored by Ivan Spiridonov BWL Advanced FAQ Manager version 2.0.3 suffers from a remote SQL injection vulnerability. advisories | CVE-2024-32136 Change Mirror Download Exploit Title: BWL Advanced FAQ Manager 2.0.3 - Authenticated SQL...

Authored by Hamit Avşar Online Payment Hub System version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass. Change Mirror Download # Exploit Title: Online Payment Hub System...

Authored by Zach Crosman changedetection versions 0.45.20 and below suffer from a remote code execution vulnerability. advisories | CVE-2024-32651 Change Mirror Download # Exploit Title: changedetection <= 0.45.20 Remote Code Execution (RCE)# Date:...

Authored by Todd J. | Site packetstormsecurity.com This archive contains all of the 68 exploits added to Packet Storm in May, 2024.

Authored by tmrswrr ElkArte Forum version 1.1.9 suffers from a remote code execution vulnerability. Change Mirror Download # Exploit Title : ElkArte Forum 1.1.9 - Remote Code Execution (RCE) (Authenticated) # Date:...

Authored by Gerhard Hechenberger, Steffen Robertz, Constantin Schieber-Knoebl | Site sec-consult.com Siemens CP-XXXX Series (CP-2014, CP-2016, CP-2017, CP-2019, CP-5014) expose serial shells on multiple PLCs. A serial interface can be...

Authored by Thorger Jansen, Florian Stuhlmann | Site sec-consult.com HAWKI version 1.0.0-beta.1 before commit 146967f suffers from cross site scripting, arbitrary file overwrite, and session fixation vulnerabilities. advisories | CVE-2024-25975, CVE-2024-25976,...

Authored by Marco Ivaldi | Site security.humanativaspa.it Eclipse ThreadX versions prior to 6.4.0 suffers from a missing array size check causing a memory overwrite, missing parameter checks leading to integer...

Authored by Dave Yesland | Site metasploit.com This Metasploit module exploits an unauthenticated command injection vulnerability in Progress Flowmon versions before v12.03.02. advisories | CVE-2024-2389 Change Mirror Download ### This module requires Metasploit:...

Authored by T. Weber | Site cyberdanube.com ORing IAP-420 version 2.01e suffers from remote command injection and persistent cross site scripting vulnerabilities. advisories | CVE-2024-5410, CVE-2024-5411 Change Mirror Download CyberDanube Security Research 20240528-0-------------------------------------------------------------------------------...