Telerik Report Server Deserialization / Authentication Bypass
Authored by Sina Kheirkhah | Site summoning.team
Telerik Report Server deserialization and authentication bypass exploit chain that makes use of the vulnerabilities noted in CVE-2024-4358 and CVE-2024-1800.
advisories | CVE-2024-1800, CVE-2024-4358
Veeam Recovery Orchestrator Authentication Bypass
Authored by Sina Kheirkhah | Site summoning.team
Veeam Recovery Orchestrator authentication bypass proof of concept exploit.
advisories | CVE-2024-29855
Veeam Backup Enterprise Manager Authentication Bypass
Authored by Sina Kheirkhah | Site summoning.team
Veeam Backup Enterprise Manager authentication bypass proof of concept exploit. Versions prior to 12.1.2.172 are vulnerable.
advisories | CVE-2024-29849
VMWare Aria Operations For Networks Command Injection
Authored by Sina Kheirkhah | Site summoning.team
VMWare Aria Operations for Networks (vRealize Network Insight) is vulnerable to command injection when accepting user input through the Apache Thrift RPC interface....
ResidenceCMS 2.10.1 Cross Site Scripting
Authored by Jeremia Geraldi Sihombing
ResidenceCMS versions 2.10.1 and below suffer from a persistent cross site scripting vulnerability.
advisories | CVE-2024-39143
Change Mirror Download
# Exploit Title: ResidenceCMS <= 2.10.1 Stored Cross-Site Scripting...
Sharp Multi-Function Printer 18 Vulnerabilities
Authored by Pierre Kim | Site pierrekim.github.io
308 different models of Sharp Multi-Function Printers (MFP) are vulnerable to 18 different vulnerabilities including remote code execution, local file inclusion, credential disclosure,...
Zyxel parse_config.py Command Injection
Authored by jheysel-r7, SSD Secure Disclosure technical team | Site metasploit.com
This Metasploit module exploits vulnerabilities in multiple Zyxel devices including the VPN, USG and APT series. The affected firmware...
Toshiba Multi-Function Printers 40 Vulnerabilities
Authored by Pierre Kim | Site pierrekim.github.io
103 models of Toshiba Multi-Function Printers (MFP) are vulnerable to 40 different vulnerabilities including remote code execution, local privilege escalation, xml injection, and...
Helmholz Industrial Router REX100 / MBConnectline mbNET.mini 2.2.11 Command Injection
Authored by S. Dietz, Basic aGVsbWhvbHo6cm91dGVy | Site cyberdanube.com
Helmholz Industrial Router REX100 and MBConnectline mbNET.mini versions 2.2.11 and below suffer from a command injection vulnerability.
advisories | CVE-2024-5672
Change Mirror Download
CyberDanube...
Cinema Booking System 1.0 SQL Injection / Cross Site Request Forgery
Authored by bRpsd
Cinema Booking System version 1.0 suffers from remote SQL injection and cross site request forgery vulnerabilities.
Change Mirror Download
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ .:. Exploit Title > Cinema Booking System - Multiple...
