Ecommerce 1.0 Cross Site Scripting / Open Redirect
Authored by nu11secur1ty
Ecommerce version 1.0 suffers from cross site scripting and open redirection vulnerabilities.
Change Mirror Download
## Title: Ecommerse-1.0 XSS-Reflected Hijack-credentials - JavaScript Injection## Author: nu11secur1ty## Date: 11.23.2022## Vendor: https://github.com/winston-dsouza##...
ZTE ZXHN-H108NS Authentication Bypass
Authored by George Tsimpidas
ZTE ZXHN-H108NS router with firmware version H108NSV1.0.7u_ZRD_GR2_A68 suffers from an authentication bypass vulnerability when alternate HTTP methods are leveraged.
Change Mirror Download
# Exploit Title: Router ZTE-H108NS -...
Microsoft Outlook 2019 16.0.12624.20424 Out-Of-Bounds Read
Authored by Hangjun Go
This is a whitepaper along with a proof of concept eml file that demonstrates an out-of-bounds read on Outlook 2019 version 16.0.12624.20424. NIST references this issue...
Microsoft Outlook 2019 16.0.13231.20262 Remote Code Execution
Authored by Hangjun Go
This is a whitepaper along with a proof of concept eml file discussing CVE-2020-16947 where a remote code execution vulnerability exists in Microsoft Outlook 2019 version...
Boa Web Server 0.94.13 / 0.94.14 Authentication Bypass
Authored by George Tsimpidas
Boa Web Server versions 0.94.13 through 0.94.14 fail to validate the correct security constraint on the HEAD HTTP method allowing everyone to bypass the Basic Authorization...
Roxy Fileman 1.4.6 Remote Shell Upload
Authored by Hadi Mene
Roxy Fileman versions 1.4.6 and below remote shell upload proof of concept exploit.
advisories | CVE-2022-40797
Change Mirror Download
# Exploit Title: Roxy Fileman <= 1.4.6 Arbitrary File Upload...
F5 BIG-IP iControl Cross Site Request Forgery
Authored by Ron Bowes | Site metasploit.com
This Metasploit module exploits a cross-site request forgery (CSRF) vulnerability in F5 Big-IP's iControl interface to write an arbitrary file to the filesystem....
ChurchInfo 1.2.13-1.3.0 Remote Code Execution
Authored by m4lwhere | Site metasploit.com
This Metasploit module exploits the logic in the CartView.php page when crafting a draft email with an attachment. By uploading an attachment for a...
Backdoor.Win32.Serman.a MVID-2022-0659 Unauthenticated Open Proxy
Authored by malvuln | Site malvuln.com
Backdoor.Win32.Serman.a malware suffers from an unauthenticated open proxy vulnerability.
Change Mirror Download
Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2022Original source: https://malvuln.com/advisory/f312e3a436995b86b205a1a37b1bf10f.txtContact: [email protected]: twitter.com/malvulnBackup...
Backdoor.Win32.Oblivion.01.a MVID-2022-0658 Insecure Transit
Authored by malvuln | Site malvuln.com
Backdoor.Win32.Oblivion.01.a malware suffers from an insecure transit vulnerability due to sending passwords in the clear over the wire.
Change Mirror Download
Discovery / credits: Malvuln (John...





