Adtec Digital Products Hardcoded Credentials / Remote Root
Authored by LiquidWorm | Site zeroscience.mk
Adtec Digital is a leading manufacturer of Broadcast, Cable and IPTV products and solutions. Many of their devices utilize hard-coded and default credentials within...
Sentrifugo 3.2 Shell Upload / Restriction Bypass
Authored by Gurkirat Singh
Sentrifugo version 3.2 suffers from a restriction bypass vulnerability that allows for a remote shell upload.
advisories | CVE-2019-15813
Change Mirror Download
# Exploit Title: Sentrifugo 3.2 - File...
TDM Digital Signage PC Player 4.1 Insecure File Permissions
Authored by LiquidWorm | Site zeroscience.mk
TDM Digital Signage Windows Player version 4.1 suffers from an elevation of privileges vulnerability which can be used by a simple authenticated user that...
WordPress Colorbox Lightbox 1.1.1 Cross Site Scripting
Authored by n1x_
WordPress Colorbox Lightbox plugin version 1.1.1 suffers from a persistent cross site scripting vulnerability.
Change Mirror Download
# Exploit Title: WordPress Plugin Colorbox Lightbox v1.1.1 - Persistent Cross-Site Scripting...
Telerik UI ASP.NET AJAX RadAsyncUpload Deserialization
Authored by Spencer McIntyre, Oleksandr Mirosh, Markus Wulftange, Alvaro Munoz, Paul Taylor, Caleb Gross, straightblast | Site metasploit.com
This Metasploit module exploits the .NET deserialization vulnerability within the RadAsyncUpload (RAU)...
Hrsale 2.0.0 Local File Inclusion
Authored by Sosecure
Hrsale version 2.0.0 suffers from a local file inclusion vulnerability.
Change Mirror Download
# Exploit Title: Hrsale 2.0.0 - Local File Inclusion# Date: 10/21/2020# Exploit Author: Sosecure# Vendor Homepage:...
School Faculty Scheduling System 1.0 Cross Site Scripting
Authored by Jyotsna Adhana
School Faculty Scheduling System version 1.0 suffers from a persistent cross site scripting vulnerability.
Change Mirror Download
# Exploit Title: School Faculty Scheduling System 1.0 - Stored Cross...
School Faculty Scheduling System 1.0 SQL Injection
Authored by Jyotsna Adhana
School Faculty Scheduling System version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
Change Mirror Download
# Exploit Title: School Faculty Scheduling System...
GOautodial 4.0 Shell Upload
Authored by Balzabu
GOautodial version 4.0 suffers from a remote shell upload vulnerability.
Change Mirror Download
# Exploit Title: GOautodial 4.0 - Authenticated Shell Upload# Author: Balzabu# Discovery Date: 07-23-2020# Vendor Homepage:...
Libtaxii 1.1.117 / OpenTaxi 0.2.0 Server-Side Request Forgery
Authored by Owais Mehtab, Vijay Kota
Libtaxii versions 1.1.117 and below and OpenTaxi versions 0.2.0 and below suffer from a server-side request forgery vulnerability.
advisories | CVE-2020-27197
Change Mirror Download
Libtaxii version <=...