Gitlab 14.9 Cross Site Scripting
Authored by stacksmashing, Greenwolf
Gitlab versions 14.9 prior to 14.9.2, 14.8 prior to 14.8.5, and 14.7 prior to 14.7.7 suffer from a persistent cross site scripting vulnerability.
advisories | CVE-2022-1175
Change Mirror...
WordPress Coru LFMember 1.0.2 Cross Site Scripting
Authored by Mariam Tariq
WordPress Coru LFMember plugin version 1.0.2 suffers from a persistent cross site scripting vulnerability.
Change Mirror Download
# Exploit Title: WordPress Plugin Coru LFMember - Stored Cross SiteScripting#...
Jenkins Remote Code Execution
Authored by Orange Tsai | Site github.com
Jenkins exploit that chains CVE-2018-1000861, CVE-2019-1003005 and CVE-2019-1003029 to a more reliable and elegant pre-auth remote code execution. Jenkins versions below 2.138 are...
7-Zip 16 DLL Hijacking
Authored by Eduardo Braun Prado
7-Zip versions 16 and below, and possibly other software that utilizes the HTML Help System to display help content to the user, are prone to...
Online Restaurant Table Reservation System 1.0 SQL Injection
Authored by segf0lt
Online Restaurant Table Reservation System version 1.0 suffers from a remote SQL injection vulnerability.
Change Mirror Download
# Exploit Title: Online Restaurant Table Reservation System v1.0# Exploit Author: segf0lt#...
Pharmacy Management System 1.0 Shell Upload
Authored by Saud Alenazi
Pharmacy Management System version 1.0 suffers from a remote shell upload vulnerability.
Change Mirror Download
# Exploit Title: Pharmacy management system - Remote Code Execution (RCE)# Date: 19/04/2022#...
Backdoor.Win32.GateHell.21 Authentication Bypass
Authored by malvuln | Site malvuln.com
Backdoor.Win32.GateHell.21 malware suffers from an authentication bypass vulnerability.
Change Mirror Download
Discovery / credits: Malvuln - malvuln.com (c) 2022Original source: https://malvuln.com/advisory/5aa81ddc996be64116754efac0e4f55d.txtContact: [email protected]: twitter.com/malvulnThreat: Backdoor.Win32.GateHell.21Vulnerability: Authentication BypassDescription:...
BlueZ Key Theft / bluetoothd Double-Free
Authored by Jann Horn, Google Security Research
BlueZ suffers from a vulnerability where a malicious USB device can steal Bluetooth link keys over HCI using a fake BD_ADDR. It was...
WordPress Motopress Hotel Booking Lite 4.2.4 SQL Injection
Authored by Mohsen Dehghani
WordPress Motopress Hotel Booking Lite plugin version 4.2.4 suffers from a remote SQL injection vulnerability.
Change Mirror Download
# Exploit Title: WordPress Plugin Motopress Hotel Booking Lite 4.2.4...
Linux FUSE Use-After-Free
Authored by Jann Horn, Google Security Research
Linux suffers from a vulnerability where FUSE allows use-after-free reads of write() buffers, allowing theft of (partial) /etc/shadow hashes.
advisories | CVE-2022-1011





