Softing Secure Integration Server 1.22 Remote Code Execution
Authored by mr_me, Chris Anastasio, Imran E. Dawoodjee | Site metasploit.com
This Metasploit module chains two vulnerabilities to achieve authenticated remote code execution against Softing Secure Integration Server version 1.22....
Atlassian Confluence Administrator Code Macro Remote Code Execution
Authored by W01fh4cker, remmons-r7, Huong Kieu, Ankita Sawlani | Site metasploit.com
This Metasploit module exploits an authenticated administrator-level vulnerability in Atlassian Confluence, tracked as CVE-2024-21683. The vulnerability exists due to...
Confluence Template Injection Remote Code Execution
Authored by Jacob Baines | Site github.com
Atlassian Confluence suffers from a template injection vulnerability that leads to remote code execution. This repository has three go-exploit implementations of CVE-2023-22527 that...
Havoc C2 0.7 Server-Side Request Forgery
Authored by chebuya
Havoc C2 version 0.7 suffers from an unauthenticated server-side request forgery vulnerability.
Change Mirror Download
# Exploit Title: Havoc C2 0.7 Unauthenticated SSRF# Date: 2024-07-13# Exploit Author: @_chebuya# Software...
WordPress PZ Frontend Manager 1.0.5 Cross Site Request Forgery
Authored by Vuln Seeker Cybersecurity Team
WordPress PZ Frontend Manager plugin versions 1.0.5 and below suffer from a cross site request forgery vulnerability in the change user profile picture functionality.
Change...
Geoserver Unauthenticated Remote Code Execution
Authored by jheysel-r7, h00die-gr3y, Steve Ikeoka | Site metasploit.com
GeoServer is an open-source software server written in Java that provides the ability to view, edit, and share geospatial data. It...
Bonjour Service 3,0,0,10 Unquoted Service Path
Authored by bios
Bonjour Service version 3,0,0,10 suffers from an unquoted service path vulnerability.
Change Mirror Download
# Exploit Title: Bonjour Service - 'mDNSResponder.exe' Unquoted Service Path# Discovery by: bios# Discovery...
Hospital Management System Project In ASP.Net MVC 1 SQL Injection
Authored by 0xMykull
Hospital Management System Project in ASP.Net MVC version 1 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
advisories | CVE-2024-40502
Change Mirror Download
# Exploit Title:...
XenForo 2.2.15 Cross Site Request Forgery
Authored by EgiX | Site karmainsecurity.com
XenForo versions 2.2.15 and below suffer from a cross site request forgery vulnerability in Widget::actionSave.
advisories | CVE-2024-38457
Change Mirror Download
-------------------------------------------------------------------------------XenForo <= 2.2.15 (Widget::actionSave) Cross-Site Request...
Xenforo 2.2.15 Remote Code Execution
Authored by EgiX | Site karmainsecurity.com
XenForo versions 2.2.15 and below suffer from a remote code execution vulnerability in the Template system.
advisories | CVE-2024-38458
Change Mirror Download
-----------------------------------------------------------------------XenForo <= 2.2.15 (Template System)...
