Palo Alto Networks Authenticated Remote Code Execution
Authored by UnD3sc0n0c1d0, Mikhail Klyuchnikov, jheysel-r7, Nikita Abramov | Site metasploit.com
This Metasploit module exploits an OS command injection vulnerability in the PAN-OS management interface that allows authenticated administrators to...
SAP SAPControl Web Service Interface Local Privilege Escalation
Authored by M. Li | Site sec-consult.com
SAPControl Web Service Interface (sapstartsrv) suffers from a privilege escalation vulnerability via a race condition.
advisories | CVE-2022-29614
Change Mirror Download
SEC Consult Vulnerability Lab Security...
Genesys PureConnect Cross Site Scripting
Authored by Jake Murphy
Genesys PureConnect as of their build on 08-October-2020 suffers from a cross site scripting vulnerability.
advisories | CVE-2022-37775
Change Mirror Download
Product: Genesys PureConnect - Interaction Web Tools Chat...
WordPress GetYourGuide Ticketing 1.0.1 Cross Site Scripting
Authored by Mariam Tariq
WordPress GetYourGuide Ticketing plugin version 1.0.1 suffers from a persistent cross site scripting vulnerability.
Change Mirror Download
# *Exploit Title*: WordPress Plugin ‘GetYourGuide Ticketing’ - StoredCross-Site Scripting#...
OpenCart 3.x Newsletter Custom Popup 4.0 SQL Injection
Authored by Saud Alenazi
OpenCart 3.x Newsletter Custom Popup module version 4.0 suffers from a remote blind SQL injection vulnerability.
Change Mirror Download
# Exploit Title: OpenCart v3.x So Newsletter Custom Popup...
Owlfiles File Manager 12.0.1 Path Traversal / Local File Inclusion
Authored by Chokri Hammedi
Owlfiles File Manager version 12.0.1 suffers from local file inclusion and path traversal vulnerabilities.
Change Mirror Download
# Exploit Title: Owlfiles File Manager 12.0.1 - multi vulnerabilities# Date:...
PhotoSync 4.7 Local File Inclusion
Authored by Chokri Hammedi
PhotoSync version 4.7 suffers from a local file inclusion vulnerability.
Change Mirror Download
# Exploit Title: PhotoSync 4.7 IOS APP Local file inclusion# Date: Sep 19, 2022# Exploit...
SoX 14.4.2 Division-By-Zero / Denial Of Service
Authored by LiquidWorm | Site zeroscience.mk
SoX versions 14.4.2 and below suffer from a division by zero attack when handling WAV files, resulting in denial of service vulnerability and possibly...
VIAVIWEB Wallpaper Admin SQL Injection / Shell Upload
Authored by Edd13Mora
VIAVIWEB Wallpaper Admin suffers from remote shell upload and remote SQL injection vulnerabilities.
Change Mirror Download
```# Exploit Title: # Google Dork: intext:"Wallpaper Admin" "LOGIN" "password" "Username"#...
TIBCO JasperReports Server 8.0.2 Community Edition Code Execution
Authored by Moritz Bechler | Site syss.de
Due to JMX/RMI services in TIBCO JasperReports Server version 8.0.2 Community Edition performing unsafe deserialization, it is possible to execute arbitrary code and...