Petrol Pump Management Software 1.0 Shell Upload
Authored by SoSPiro
Petrol Pump Management Software version 1.0 suffers from a remote shell upload vulnerability.
Change Mirror Download
# Exploit Title: Petrol pump management software - File Upload Remote Code Execution...
Microsoft Windows Defender / Detection Bypass Part 3
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org
This is additional research regarding a mitigation bypass in Windows Defender. Back in 2022, the researcher disclosed how it could be easily bypassed by...
User Registration And Login And User Management System 3.1 SQL Injection
Authored by SoSPiro
User Registration and Login and User Management System version 3.1 suffers from a remote SQL injection vulnerability.
Change Mirror Download
#Exploit Title: User Registration & Login and User Management...
WonderCMS 4.3.2 Cross Site Scripting / Remote Code Execution
Authored by prodigiousMind
WonderCMS version 4.3.2 remote exploit that leverages cross site scripting to achieve remote code execution.
Change Mirror Download
# Author: prodigiousMind# Exploit: Wondercms 4.3.2 XSS to RCEimport sysimport requestsimport...
Chrome chrome.pageCapture.saveAsMHTML() Extension API Blocked Origin Bypass
Authored by Jann Horn, Google Security Research
Chrome has an issue where the chrome.pageCapture.saveAsMHTML() extension API can be used on blocked origins due to a racy access check.
advisories | CVE-2024-0811
Adapt CMS 3.0.3 Cross Site Scripting / Shell Upload
Authored by Andrey Stoykov
Adapt CMS version 3.0.3 suffers from persistent cross site scripting and remote shell upload vulnerabilities.
Change Mirror Download
# Exploit Title: Stored XSS and RCE - adaptcmsv3.0.3# Date:...
Statamic CMS Cross Site Scripting
Authored by Niklas Schilling | Site sec-consult.com
Statamic CMS versions prior to 4.46.0 and 3.4.17 suffer from multiple persistent cross site scripting vulnerabilities.
advisories | CVE-2024-24570
Change Mirror Download
SEC Consult Vulnerability Lab...
DS Wireless Communication Code Execution
Authored by MikeIsAStar | Site github.com
Proof of concept code for a flaw in DS Wireless Communication (DWC) with DWC_VERSION_3 and DWC_VERSION_11 that allows remote attackers to execute arbitrary code...
Metabase 0.46.6 Remote Code Execution
Authored by Musyoka Ian
Metabase version 0.46.6 pre-authentication remote code execution exploit.
advisories | CVE-2023-38646
Change Mirror Download
# Exploit Title: metabase 0.46.6 - Pre-Auth Remote Code Execution# Google Dork: N/A# Date: 13-10-2023#...
WyreStorm Apollo VX20 Incorrect Access Control
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org
An issue was discovered on WyreStorm Apollo VX20 versions prior to 1.3.58. Remote attackers can restart the device via a /device/reboot HTTP GET request.
advisories...
