usrsctp COOKIE-ECHO Use-After-Free
Authored by Google Security Research, Tim Willis
usrsctp suffers from a use-after-free write when handling a malicious COOKIE-ECHO.
Microsoft Windows splWOW64 Privilege Escalation
Authored by Google Security Research, Maddie Stone
CVE-2020-0986, which was exploited in the wild, was not fixed. The vulnerability still exists, just the exploitation method had to change. A low...
GitLab 11.4.7 Remote Code Execution
Authored by Sam Redmond
GitLab version 11.4.7 authenticated remote code execution exploit. Original discovery of this issue attributed to Mohin Paramasivam in December of 2020.
advisories | CVE-2018-19571, CVE-2018-19585
Change Mirror Download
#...
WordPress WP-PostRatings 1.86 Cross Site Scripting
Authored by Park Won Seok
WordPress WP-PostRatings plugin version 1.86 suffers from a cross site scripting vulnerability.
Change Mirror Download
# Exploit Title: WordPress Plugin WP-PostRatings 1.86 - 'postratings_image' Cross-Site Scripting# Date:...
WordPress Adning Advertising 1.5.5 Shell Upload
Authored by spacehen
Adning Advertising plugin version 1.5.5 suffers from a remote shell upload vulnerability.
Change Mirror Download
# Exploit Title: WordPress Plugin Adning Advertising 1.5.5 - Arbitrary File Upload# Google Dork:...
10-Strike Network Inventory Explorer Pro 9.05 Buffer Overflow
Authored by Florian Gassner
10-Strike Network Inventory Explorer Pro version 9.05 SEH buffer overflow exploit.
Change Mirror Download
# Exploit Title: 10-Strike Network Inventory Explorer Pro 9.05 - Buffer Overflow (SEH)# Date:...
Baby Care System 1.0 SQL Injection
Authored by Vijay Sachdeva
Baby Care System version 1.0 suffers from a remote SQL injection vulnerability.
Change Mirror Download
# Exploit Title: Baby Care System 1.0 - 'roleid' SQL Injection# Exploit Author:...
Class Scheduling System 1.0 Cross Site Scripting
Authored by Aakash Madaan
Class Scheduling System version 1.0 suffers from multiple persistent cross site scripting vulnerabilities.
Change Mirror Download
# Exploit Title: Class Scheduling System 1.0 - Multiple Stored XSS#...
Faculty Evaluation System 1.0 Cross Site Scripting
Authored by Vijay Sachdeva
Faculty Evaluation System version 1.0 suffers from a persistent cross site scripting vulnerability.
Change Mirror Download
# Exploit Title: Faculty Evaluation System 1.0 - Stored XSS# Exploit Author:...
SUPREMO 4.1.3.2348 Privilege Escalation
Authored by Victor Gil, Adan Alvarez
SUPREMO version 4.1.3.2348 suffers from a privilege escalation vulnerability.
advisories | CVE-2020-25106
Change Mirror Download
Details=======Subject: Local Privilege EscalationProduct: SUPREMO by Nanosystems S.r.l.Vendor Homepage: https://www.supremocontrol.com/Vendor Status:...
