BWL Advanced FAQ Manager 2.0.3 SQL Injection
Authored by Ivan Spiridonov
BWL Advanced FAQ Manager version 2.0.3 suffers from a remote SQL injection vulnerability.
advisories | CVE-2024-32136
Change Mirror Download
Exploit Title: BWL Advanced FAQ Manager 2.0.3 - Authenticated SQL...
Online Payment Hub System 1.0 SQL Injection
Authored by Hamit AvÅŸar
Online Payment Hub System version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
Change Mirror Download
# Exploit Title: Online Payment Hub System...
changedetection 0.45.20 Remote Code Execution
Authored by Zach Crosman
changedetection versions 0.45.20 and below suffer from a remote code execution vulnerability.
advisories | CVE-2024-32651
Change Mirror Download
# Exploit Title: changedetection <= 0.45.20 Remote Code Execution (RCE)# Date:...
Packet Storm New Exploits For May, 2024
Authored by Todd J. | Site packetstormsecurity.com
This archive contains all of the 68 exploits added to Packet Storm in May, 2024.
ElkArte Forum 1.1.9 Remote Code Execution
Authored by tmrswrr
ElkArte Forum version 1.1.9 suffers from a remote code execution vulnerability.
Change Mirror Download
# Exploit Title : ElkArte Forum 1.1.9 - Remote Code Execution (RCE) (Authenticated) # Date:...
Siemens CP-XXXX Series Exposed Serial Shell
Authored by Gerhard Hechenberger, Steffen Robertz, Constantin Schieber-Knoebl | Site sec-consult.com
Siemens CP-XXXX Series (CP-2014, CP-2016, CP-2017, CP-2019, CP-5014) expose serial shells on multiple PLCs. A serial interface can be...
HAWKI 1.0.0-beta.1 XSS / File Overwrite / Session Fixation
Authored by Thorger Jansen, Florian Stuhlmann | Site sec-consult.com
HAWKI version 1.0.0-beta.1 before commit 146967f suffers from cross site scripting, arbitrary file overwrite, and session fixation vulnerabilities.
advisories | CVE-2024-25975, CVE-2024-25976,...
Eclipse ThreadX Buffer Overflows
Authored by Marco Ivaldi | Site security.humanativaspa.it
Eclipse ThreadX versions prior to 6.4.0 suffers from a missing array size check causing a memory overwrite, missing parameter checks leading to integer...
Flowmon Unauthenticated Command Injection
Authored by Dave Yesland | Site metasploit.com
This Metasploit module exploits an unauthenticated command injection vulnerability in Progress Flowmon versions before v12.03.02.
advisories | CVE-2024-2389
Change Mirror Download
### This module requires Metasploit:...
ORing IAP-420 2.01e Cross Site Scripting / Command Injection
Authored by T. Weber | Site cyberdanube.com
ORing IAP-420 version 2.01e suffers from remote command injection and persistent cross site scripting vulnerabilities.
advisories | CVE-2024-5410, CVE-2024-5411
Change Mirror Download
CyberDanube Security Research 20240528-0-------------------------------------------------------------------------------...
