Windows Container Manager Service CmsRpcSrv_MapNamedPipeToContainer Privilege Escalation
Authored by James Forshaw, Google Security Research
The Container Manager Service does not configure STORVSP correctly when opening mapped named pipes leading to privilege escalation.
advisories | CVE-2021-31167
ZeroShell 3.9.0 Remote Command Execution
Authored by Fellipe Oliveira
ZeroShell version 3.9.0 remote command execution exploit.
advisories | CVE-2019-12725
Change Mirror Download
# Exploit Title: ZeroShell 3.9.0 - Remote Command Execution # Google Dork: N/A# Date: 10/05/2021# Exploit...
Dental Clinic Appointment Reservation System 1.0 SQL Injection
Authored by Mesut Cetin
Dental Clinic Appointment Reservation System version 1.0 suffers from multiple remote SQL injection vulnerabilities with one of them allowing for authentication bypass.
Change Mirror Download
# Exploit Title:...
Odoo 12.0.20190101 Unquoted Service Path
Authored by 1F98D
Odoo version 12.0.20190101 suffers from an unquoted service path vulnerability.
Change Mirror Download
# Exploit Title: Odoo 12.0.20190101 - 'nssm.exe' Unquoted Service Path# Exploit Author: 1F98D# Vendor Homepage: https://www.odoo.com/#...
Splinterware System Scheduler Professional 5.30 Unquoted Service Path
Authored by Andrea Intilangelo
Splinterware System Scheduler Professional version 5.30 suffers an unquoted service path vulnerability.
Change Mirror Download
# Exploit Title: Splinterware System Scheduler Professional 5.30 - Unquoted Service Path# Date:...
Android NFC nfa_rw_sys_disable Type Confusion
Authored by Google Security Research, nedwill
Android NFC suffers from a type confusion vulnerability in nfa_rw_sys_disable.
Chevereto 3.17.1 Cross Site Scripting
Authored by Akiner Kisa
Chevereto version 3.17.1 suffers from a persistent cross site scripting vulnerability.
Change Mirror Download
# Exploit Title: Chevereto 3.17.1 - Cross Site Scripting (Stored)# Google Dork: "powered by...
Backdoor.Win32.Delf.zho Authentication Bypass / Code Execution
Authored by malvuln | Site malvuln.com
Backdoor.Win32.Delf.zho malware suffers from bypass and code execution vulnerabilities.
Change Mirror Download
Discovery / credits: Malvuln - malvuln.com (c) 2021Original source: https://malvuln.com/advisory/6b9f5a0512af3ab33c26eaa4bdf94f1f.txtContact: [email protected]: twitter.com/malvulnThreat: Backdoor.Win32.Delf.zhoVulnerability: Authentication...
Windows Container Manager Service CmsRpcSrv_CreateContainer Privilege Escalation
Authored by James Forshaw, Google Security Research
The Container Manager Service accepts an access token provided by the user without verification allowing an arbitrary process to be created with another...
Windows Container Manager Service CmsRpcSrv_MapVirtualDiskToContainer Privilege Escalation
Authored by James Forshaw, Google Security Research
The Container Manager Service does not impersonate the caller when granting access to virtual disk images leading to privilege escalation.
advisories | CVE-2021-31168
