Xen PV Guest Non-SELFSNOOP CPU Memory Corruption
Authored by Jann Horn, Google Security Research
On CPUs without SELFSNOOP support, a Xen PV domain that has access to a PCI device (which grants the domain the ability to...
EQS Integrity Line Cross Site Scripting / Information Disclosure
Authored by Giovanni Pellerano | Site ush.it
EQS Integrity Line versions through 2022-07-01 suffer from cross site scripting and sensitive information disclosure vulnerabilities.
advisories | CVE-2022-34007
Change Mirror Download
EQS Integrity Line: Multiple...
DouPHP 1.2 Release 20141027 SQL Injection
Authored by indoushka
DouPHP version 1.2 Release 20141027 suffers from a remote SQL injection vulnerability.
Change Mirror Download
====================================================================================================================================| # Title : DouPHP v1.2 Release 20141027 SQL Injection...
Ransom Lockbit 3.0 MVID-2022-0620 Buffer Overflow
Authored by malvuln | Site malvuln.com
Lockbit ransomware version 3.0 apparently now requires a password to execute as noted by "@vxunderground", but does not properly check bounds for both the...
Windows Defender Remote Credential Guard Authentication Relay Privilege Escalation
Authored by James Forshaw, Google Security Research
The handling of Windows Defender Remote Credential Guard credentials is vulnerable to authentication relay attacks leading to elevation of privilege or authentication bypass.
advisories...
Advanced Testimonials Manager 5.6 SQL Injection
Authored by indoushka
Advanced Testimonials Manager version 5.6 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
Change Mirror Download
====================================================================================================================================| # Title : Advanced...
Ransom Lockbit 3.0 MVID-2022-0621 Code Execution
Authored by malvuln | Site malvuln.com
Lockbit version 3.0 ransomware looks for and executes DLLs in its current directory. Therefore, we can hijack a DLL, in this case "RstrtMgr.dll", execute...
Magnolia CMS 6.2.19 Cross Site Scripting
Authored by Giulio Garzia
Magnolia CMS versions 6.2.19 and below suffer from a persistent cross site scripting vulnerability.
advisories | CVE-2022-33098
Change Mirror Download
# Exploit Title: Magnolia CMS <= 6.2.19 - Stored...
Paymoney 3.3 Cross Site Scripting
Authored by nu11secur1ty
Paymoney version 3.3 suffers from a cross site scripting vulnerability.
Change Mirror Download
## Title: paymoney-3.3 XSS-Reflected## Author: nu11secur1ty## Date: 07.02.2022## Vendor: https://paymoney.techvill.org/## Software: paymoney-3.3## Reference: https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/paymoney/2022/paymoney-3.3Description:The parameters first_name...
PHP Library Remote Code Execution
Authored by Eldar Marcussen
Several PHP compatibility libraries contain a potential remote code execution flaw in their json_decode() function based on having copy pasted existing vulnerable code. Affected components include...





