ElasticSearch 7.13.3 Memory Disclosure
Authored by r0ny
ElasticSearch version 7.13.3 memory disclosure exploit.
advisories | CVE-2021-22145
Change Mirror Download
# Exploit Title: ElasticSearch 7.13.3 - Memory disclosure # Date: 21/07/2021# Exploit Author: r0ny# Vendor Homepage: https://www.elastic.co/# Software...
KevinLAB BEMS 1.0 Authenticated File Path Traversal / Information Disclosure
Authored by LiquidWorm | Site zeroscience.mk
KevinLAB BEMS version 1.0 suffers from an authenticated arbitrary file disclosure vulnerability. Input passed through the page GET parameter in index.php is not properly...
Vehicle Parking Management System 1.0 Cross Site Scripting
Authored by faisalfs10x
Vehicle Parking Management System version 1.0 suffers from a persistent cross site scripting vulnerability. Original discovery of persistent cross site scripting in this version is attributed to...
Vehicle Parking Management System 1.0 SQL Injection
Authored by faisalfs10x
Vehicle Parking Management System version 1.0 suffers from a remote SQL injection vulnerability. Original discovery of SQL injection in this version is attributed to gh1mau in July...
Trojan-Spy.Win32.SpyEyes.hqd Insecure Permissions
Authored by malvuln | Site malvuln.com
Trojan-Spy.Win32.SpyEyes.hqd malware suffers from an insecure permissions vulnerability.
Change Mirror Download
Discovery / credits: Malvuln - malvuln.com (c) 2021Original source: https://malvuln.com/advisory/6f484fea8f6bb3974185fc856f37541b.txtContact: [email protected]: twitter.com/malvulnThreat: Trojan-Spy.Win32.SpyEyes.hqdVulnerability: Insecure Permissions...
WordPress Mimetic Books 0.2.13 Cross Site Scripting
Authored by Vikas Srivastava
WordPress Mimetic Books plugin version 0.2.13 suffers from a persistent cross site scripting vulnerability.
Change Mirror Download
# Exploit Title: WordPress Plugin Mimetic Books 0.2.13 - 'Default Publisher...
Backdoor.Win32.IRCBot.gen Remote Command Execution
Authored by malvuln | Site malvuln.com
Backdoor.Win32.IRCBot.gen malware suffers from an unauthenticated remote command execution vulnerability.
Change Mirror Download
Discovery / credits: Malvuln - malvuln.com (c) 2021Original source: https://malvuln.com/advisory/96f5cdfa5b3416c819d76060f11dc88d.txtContact: [email protected]: twitter.com/malvulnThreat: Backdoor.Win32.IRCBot.genVulnerability:...
WordPress KN Fix Your Title 1.0.1 Cross Site Scripting
Authored by Aakash Choudhary
WordPress KN Fix Your Title plugin version 1.0.1 suffers from a cross site scripting vulnerability.
Change Mirror Download
# Exploit Title: WordPress Plugin KN Fix Your Title 1.0.1...
Webmin 1.973 Cross Site Request Forgery
Authored by Mesh3l_911, Z0ldyck
Webmin version 1.973 cross site request forgery exploit that loads a reverse shell.
advisories | CVE-2021-31761
Change Mirror Download
# Exploit Title: Webmin 1.973 - 'run.cgi' Cross-Site Request Forgery...
Microsoft Windows WFP Default Rules AppContainer Capability Bypass Privilege Escalation
Authored by James Forshaw, Google Security Research
The default rules for the WFP connect layers permit certain executables to connect TCP sockets in AppContainers without capabilities leading to elevation of...
