Hotel Reservation System 1.0 SQL Injection
Authored by Nefrit ID
Hotel Reservation System version 1.0 suffers from a remote SQL injection vulnerability.
Change Mirror Download
# Exploit Title: Hotel Reservation System 1.0 - SQLi (Unauthenticated)# Google Dork: None#...
WordPress Simple Job Board 2.9.3 Local File Inclusion
Authored by Ven3xy
WordPress Simple Job Board plugin version 2.9.3 suffers from a local file inclusion vulnerability.
advisories | CVE-2020-35749
Change Mirror Download
# Exploit Title: Wordpress Plugin Simple Job Board 2.9.3 -...
Wing FTP Server 4.3.8 Remote Code Execution
Authored by notcos
Wing FTP Server versions 4.3.8 and below suffer from an authenticated remote code execution vulnerability.
Change Mirror Download
# Exploit Title: Wing FTP Server 4.3.8 - Remote Code Execution...
PHP Everywhere 2.0.3 Remote Code Execution
Authored by Ramuel Gall | Site wordfence.com
PHP Everywhere versions 2.0.3 and below suffer from multiple remote code execution vulnerabilities.
advisories | CVE-2022-24663, CVE-2022-24664, CVE-2022-24665
Change Mirror Download
On January 4, 2022, the...
Strapi CMS 3.0.0-beta.17.4 Privilege Escalation
Authored by WackyH4cker | Site metasploit.com
This Metasploit module exploits the mishandling of a password reset in JSON for Strapi CMS version 3.0.0-beta.17.4 to change the password of a privileged...
QEMU Monitor HMP migrate Command Execution
Authored by Brendan Coles | Site metasploit.com
This Metasploit module uses QEMU's Monitor Human Monitor Interface (HMP) TCP server to execute system commands using the migrate command. This module has...
WBCE CMS 1.5.2 Remote Code Execution
Authored by Antonio Cuomo
WBCE CMS version 1.5.2 authenticated remote code execution exploit.
Change Mirror Download
# Exploit Title: WBCE CMS 1.5.2 - Remote Code Execution (RCE) (Authenticated)# Date: 02/01/2022# Exploit Author:...
Servisnet Tessa Privilege Escalation
Authored by AkkuS | Site metasploit.com
This Metasploit module exploits privilege escalation in Servisnet Tessa triggered by the add new sysadmin user flow with any user authorization. An API request...
WAGO 750-8xxx PLC Denial Of Service / User Enumeration
Authored by Gerhard Hechenberger, Steffen Robertz | Site sec-consult.com
WAGO 750-8xxx PLC versions prior to Firmware 20 Patch 1 (v03.08.08) suffer from denial of service and user enumeration vulnerabilities.
advisories |...
Korenix Technology JetWave CSRF / Command Injection / Missing Authentication
Authored by T. Weber | Site sec-consult.com
Korenix Technology JetWave products JetWave 2212X, JetWave 2212S, JetWave 2212G, JetWave 2311, and JetWave 3220 suffer from unauthenticated device administration, cross site request...
