Windows Kernel nt!MiRelocateImage Invalid Read
Authored by Google Security Research, mjurczyk
The Microsoft Windows kernel suffers from an invalid read in nt!MiRelocateImage while parsing a malformed PE file.
advisories | CVE-2022-30155
Travel Tours Script 1.0 SQL Injection
Authored by CraCkEr
Travel Tours Script version 1.0 suffers from a remote SQL injection vulnerability.
Change Mirror Download
┌┌────────────────────────────────────────────────────────────────────────────┐││ ...
Property Listing Script 3.1 SQL Injection
Authored by CraCkEr
Property Listing Script version 3.1 suffers from a remote SQL injection vulnerability.
Change Mirror Download
┌┌────────────────────────────────────────────────────────────────────────────────────┐││ ...
Orange Station 1.0 SQL Injection
Authored by nu11secur1ty
Orange Station version 1.0 suffers from a remote SQL injection vulnerability.
Change Mirror Download
## Title: Orange Station 1.0 SQLi## Author: nu11secur1ty## Date: 0.16.2022## Vendor: https://www.mayurik.com/## Software: https://www.sourcecodester.com/php/15485/garage-management-system-using-phpmysql-source-code.html## Reference:...
Backdoor.Win32.HoneyPot.a MVID-2022-0622 Weak Hardcoded Password
Authored by malvuln | Site malvuln.com
Backdoor.Win32.HoneyPot.a malware suffers from a weak hardcoded password vulnerability.
Change Mirror Download
Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2022Original source: https://malvuln.com/advisory/e3bb503f9b02cf57341695f30e31128f.txtContact: [email protected]: twitter.com/malvulnThreat:...
Builder XtremeRAT 3.7 MVID-2022-0623 Insecure Permissions
Authored by malvuln | Site malvuln.com
Builder XtremeRAT malware version 3.7 suffers from an insecure permissions vulnerability.
Change Mirror Download
Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2022Original source: https://malvuln.com/advisory/7f314e798c150aedd9ce41ed39318f65.txtContact:...
Builder XtremeRAT 3.7 MVID-2022-0624 Insecure Crypto Bypass
Authored by malvuln | Site malvuln.com
Builder XtremeRAT malware version 3.7 suffers from an insecure cryptography implementation vulnerability that allows an attacker to login with only partial knowledge of a...
Asus GameSDK 1.0.0.4 Unquoted Service Path
Authored by Angelo Pio Amirante
Asus GameSDK version 1.0.0.4 suffers from an unquoted service path vulnerability in GameSDK.exe.
advisories | CVE-2022-35899
Change Mirror Download
# Exploit Title: Asus GameSDK v1.0.0.4 - 'GameSDK.exe' Unquoted...
Windows LSA Service LsapGetClientInfo Impersonation Level Check Privilege Escalation
Authored by James Forshaw, Google Security Research
On Microsoft Windows, the LsapGetClientInfo API in LSASRV will fallback and directly capture a caller's impersonation token if it fails to impersonate, leading...
Sourcegraph gitserver sshCommand Remote Command Execution
Authored by Spencer McIntyre, Altelus1 | Site metasploit.com
A vulnerability exists within Sourcegraph's gitserver component that allows a remote attacker to execute arbitrary OS commands by modifying the core.sshCommand value...





