SyncBreeze 10.0.28 Denial Of Service
Authored by Ahmed Elkhressy
SyncBreeze version 10.0.28 suffers from a denial of service vulnerability.
Change Mirror Download
# Exploit Title: SyncBreeze 10.0.28 - 'login' Denial of Service (Poc)# Data: 18-Dec-2020# Exploit Author:...
Jenkins 2.251 / LTS 2.235.3 Cross Site Scripting
Authored by gx1
Jenkins versions 2.251 and below and LTS 2.235.3 and below suffer from a persistent cross site scripting vulnerability.
advisories | CVE-2020-2231
Change Mirror Download
# Exploit Title: Jenkins Stored XSS...
WordPress Yet Another Stars Rating PHP Object Injection
Authored by gx1, Paul Dannewitz | Site metasploit.com
This Metasploit module affects WordPress Yet Another Stars Rating plugin versions prior to 1.8.7 and demonstrates a PHP object injection vulnerability.
Change Mirror...
Pulse Secure VPN Remote Code Execution
Authored by h00die, Spencer McIntyre, Richard Warren, David Cash | Site metasploit.com
The Pulse Connect Secure appliance versions prior to 9.1R9 suffer from an uncontrolled gzip extraction vulnerability which allows...
Xeroneit Library Management System 3.1 Cross Site Scripting
Authored by Kislay Kumar
Xeroneit Library Management System version 3.1 suffers from a persistent cross site scripting vulnerability.
Change Mirror Download
# Exploit Title: Xeroneit Library Management System 3.1 - "Add...
WordPress Duplicator 1.3.26 Directory Traversal / File Read
Authored by Hoa Nguyen, Ramuel Gall | Site metasploit.com
This Metasploit module exploits an unauthenticated directory traversal vulnerability in WordPress Duplicator plugin versions 1.3.24 through 1.3.26, allowing arbitrary file read...
Victor CMS 1.0 SQL Injection
Authored by Furkan Goksel
Victor CMS version 1.0 suffers from multiple authenticated remote SQL injection vulnerabilities. SQL injection was originally discovered in this version in May of 2020 by BKpatron.
Change...
Employee Record System 1.0 Cross Site Scripting
Authored by Saeed Bala Ahmed
Employee Record System version 1.0 suffers from multiple persistent cross site scripting vulnerabilities.
Change Mirror Download
# Exploit Title: Employee Record System 1.0 - Multiple Stored XSS#...
Online Health Card System 1.0 SQL Injection
Authored by Valerio Alessandroni
Online Health Care System version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
advisories | CVE-2020-28074
Change Mirror Download
# Exploit Title: Authentication Bypass...
PHPJabbers Appointment Scheduler 2.3 Cross Site Scripting
Authored by Andrea Intilangelo
PHPJabbers Appointment Scheduler version 2.3 suffers from a cross site scripting vulnerability.
advisories | CVE-2020-35416
Change Mirror Download
# Exploit Title: PHPJabbers Appointment Scheduler 2.3 - Reflected XSS (Cross-Site...
