Exploit-DB Updates

[webapps] Roxy WI v6.1.0.0 - Unauthenticated Remote Code Execution (RCE)

Roxy WI v6.1.0.0 - Unauthenticated Remote Code Execution (RCE)

Exploit-DB Updates

[webapps] Art Gallery Management System Project v1.0 - SQL Injection (sqli) authenticated

Art Gallery Management System Project v1.0 - SQL Injection (sqli) authenticated

Exploit-DB Updates

[webapps] GLPI 4.0.2 - Unauthenticated Local File Inclusion on Manageentities plugin

GLPI 4.0.2 - Unauthenticated Local File Inclusion on Manageentities plugin

Exploit-DB Updates

[local] HotKey Clipboard 2.1.0.6 - Privilege Escalation Unquoted Service Path

HotKey Clipboard 2.1.0.6 - Privilege Escalation Unquoted Service Path

Exploit-DB Updates

[local] sleuthkit 4.11.1 - Command Injection

sleuthkit 4.11.1 - Command Injection

Exploit-DB Updates

[webapps] ChiKoi v1.0 - SQL Injection

ChiKoi v1.0 - SQL Injection

Exploit-DB Updates

[local] Grand Theft Auto III/Vice City Skin File v1.1 - Buffer Overflow

Grand Theft Auto III/Vice City Skin File v1.1 - Buffer Overflow

Exploit-DB Updates

[local] Windows 11 10.0.22000 - Backup service Privilege Escalation

Windows 11 10.0.22000 - Backup service Privilege Escalation

Exploit-DB Updates

[webapps] Active eCommerce CMS 6.5.0 - Stored Cross-Site Scripting (XSS)

Active eCommerce CMS 6.5.0 - Stored Cross-Site Scripting (XSS)

Exploit-DB Updates

[webapps] GLPI Cartography Plugin v6.0.0 - Unauthenticated Remote Code Execution (RCE)

GLPI Cartography Plugin v6.0.0 - Unauthenticated Remote Code Execution (RCE)

Exploit-DB Updates

[webapps] GLPI Glpiinventory v1.0.1 - Unauthenticated Local File Inclusion

GLPI Glpiinventory v1.0.1 - Unauthenticated Local File Inclusion

Exploit-DB Updates

[local] sudo 1.8.0 to 1.9.12p1 - Privilege Escalation

sudo 1.8.0 to 1.9.12p1 - Privilege Escalation

Exploit-DB Updates

[webapps] GLPI v10.0.2 - SQL Injection (Authentication Depends on Configuration)

GLPI v10.0.2 - SQL Injection (Authentication Depends on Configuration)

Exploit-DB Updates

[webapps] AmazCart CMS 3.4 - Cross-Site-Scripting (XSS)

AmazCart CMS 3.4 - Cross-Site-Scripting (XSS)

Exploit-DB Updates

[webapps] MyBB 1.8.32 - Remote Code Execution (RCE) (Authenticated)

MyBB 1.8.32 - Remote Code Execution (RCE) (Authenticated)

Exploit-DB Updates

[local] Solaris 10 libXm - Buffer overflow Local privilege escalation

Solaris 10 libXm - Buffer overflow Local privilege escalation

Exploit-DB Updates

[local] Microsoft Exchange Active Directory Topology 15.02.1118.007 - 'Service MSExchangeADTopology' Unquoted Service Path

Microsoft Exchange Active Directory Topology 15.02.1118.007 - 'Service MSExchangeADTopology' Unquoted Service Path

Exploit-DB Updates

[webapps] SQL Monitor 12.1.31.893 - Cross-Site Scripting (XSS)

SQL Monitor 12.1.31.893 - Cross-Site Scripting (XSS)

Exploit-DB Updates

[webapps] GLPI Activity v3.1.0 - Authenticated Local File Inclusion on Activity plugin

GLPI Activity v3.1.0 - Authenticated Local File Inclusion on Activity plugin

Exploit-DB Updates

[webapps] Roxy WI v6.1.0.0 - Improper Authentication Control

Roxy WI v6.1.0.0 - Improper Authentication Control

Exploit-DB Updates

[webapps] Metform Elementor Contact Form Builder v3.1.2 - Unauthenticated Stored Cross-Site Scripting (XSS)

Metform Elementor Contact Form Builder v3.1.2 - Unauthenticated Stored Cross-Site Scripting (XSS)

Exploit-DB Updates

[webapps] Roxy WI v6.1.1.0 - Unauthenticated Remote Code Execution (RCE) via ssl_cert Upload

Roxy WI v6.1.1.0 - Unauthenticated Remote Code Execution (RCE) via ssl_cert Upload

Exploit-DB Updates

[webapps] WP-file-manager v6.9 - Unauthenticated Arbitrary File Upload leading to RCE

WP-file-manager v6.9 - Unauthenticated Arbitrary File Upload leading to RCE

Exploit-DB Updates

[webapps] Nacos 2.0.3 - Access Control vulnerability

Nacos 2.0.3 - Access Control vulnerability

Exploit-DB Updates

[webapps] ManageEngin AMP 4.3.0 - File-path-traversal

ManageEngin AMP 4.3.0 - File-path-traversal

Exploit-DB Updates

[webapps] Art Gallery Management System Project v1.0 - Reflected Cross-Site Scripting (XSS)

Art Gallery Management System Project v1.0 - Reflected Cross-Site Scripting (XSS)

Exploit-DB Updates

[webapps] pimCore v5.4.18-skeleton - Sensitive Cookie with Improper SameSite Attribute

pimCore v5.4.18-skeleton - Sensitive Cookie with Improper SameSite Attribute

Exploit-DB Updates

[webapps] ERPGo SaaS 3.9 - CSV Injection

ERPGo SaaS 3.9 - CSV Injection

Exploit-DB Updates

[webapps] GLPI v10.0.1 - Unauthenticated Sensitive Data Exposure

GLPI v10.0.1 - Unauthenticated Sensitive Data Exposure

Exploit-DB Updates

[webapps] Art Gallery Management System Project v1.0 - SQL Injection (sqli) Unauthenticated

Art Gallery Management System Project v1.0 - SQL Injection (sqli) Unauthenticated

Exploit-DB Updates

[webapps] perfSONAR v4.4.5 - Partial Blind CSRF

perfSONAR v4.4.5 - Partial Blind CSRF

Exploit-DB Updates

[local] NetIQ/Microfocus Performance Endpoint v5.1 - remote root/SYSTEM exploit

NetIQ/Microfocus Performance Endpoint v5.1 - remote root/SYSTEM exploit

Exploit-DB Updates

[remote] Hughes Satellite Router HX200 v8.3.1.14 - Remote File Inclusion

Hughes Satellite Router HX200 v8.3.1.14 - Remote File Inclusion

Exploit-DB Updates

[webapps] Yahoo User Interface library (YUI2) TreeView v2.8.2 - Multiple Reflected Cross Site Scripting (XSS)

Yahoo User Interface library (YUI2) TreeView v2.8.2 - Multiple Reflected Cross Site Scripting (XSS)

Exploit-DB Updates

[remote] AD Manager Plus 7122 - Remote Code Execution (RCE)

AD Manager Plus 7122 - Remote Code Execution (RCE)

Exploit-DB Updates

[remote] TP-Link TL-WR902AC firmware 210730 (V3) - Remote Code Execution (RCE) (Authenticated)

TP-Link TL-WR902AC firmware 210730 (V3) - Remote Code Execution (RCE) (Authenticated)

Exploit-DB Updates

[dos] AimOne Video Converter V2.04 Build 103 - Buffer Overflow (DoS)

AimOne Video Converter V2.04 Build 103 - Buffer Overflow (DoS)

Exploit-DB Updates

[webapps] SugarCRM 12.2.0 - Remote Code Execution (RCE)

SugarCRM 12.2.0 - Remote Code Execution (RCE)

Exploit-DB Updates

[remote] Nexxt Router Firmware 42.103.1.5095 - Remote Code Execution (RCE) (Authenticated)

Nexxt Router Firmware 42.103.1.5095 - Remote Code Execution (RCE) (Authenticated)

Exploit-DB Updates

[webapps] XCMS v1.83 - Remote Command Execution (RCE)

XCMS v1.83 - Remote Command Execution (RCE)

Exploit-DB Updates

[webapps] Reprise Software RLM v14.2BL4 - Cross-Site Scripting (XSS)

Reprise Software RLM v14.2BL4 - Cross-Site Scripting (XSS)

Exploit-DB Updates

[webapps] Apache 2.4.x - Buffer Overflow

Apache 2.4.x - Buffer Overflow

Exploit-DB Updates

[local] Splashtop 8.71.12001.0 - Unquoted Service Path

Splashtop 8.71.12001.0 - Unquoted Service Path

Exploit-DB Updates

[webapps] Prizm Content Connect v10.5.1030.8315 - XXE

Prizm Content Connect v10.5.1030.8315 - XXE

Exploit-DB Updates

[webapps] Centos Web Panel 7 v0.9.8.1147 - Unauthenticated Remote Code Execution (RCE)

Centos Web Panel 7 v0.9.8.1147 - Unauthenticated Remote Code Execution (RCE)

Exploit-DB Updates

[webapps] ELSI Smart Floor V3.3.3 - Stored Cross-Site Scripting (XSS)

ELSI Smart Floor V3.3.3 - Stored Cross-Site Scripting (XSS)

Exploit-DB Updates

[webapps] Ecommerse v1.0 - Cross-Site Scripting (XSS)

Ecommerse v1.0 - Cross-Site Scripting (XSS)

Exploit-DB Updates

[webapps] ClicShopping v3.402 - Cross-Site Scripting (XSS)

ClicShopping v3.402 - Cross-Site Scripting (XSS)

Exploit-DB Updates

[webapps] Virtual Reception v1.0 - Web Server Directory Traversal

Virtual Reception v1.0 - Web Server Directory Traversal

Exploit-DB Updates

[webapps] WPForms 1.7.8 - Cross-Site Scripting (XSS)

WPForms 1.7.8 - Cross-Site Scripting (XSS)

Exploit-DB Updates

[webapps] Shoplazza 1.1 - Stored Cross-Site Scripting (XSS)

Shoplazza 1.1 - Stored Cross-Site Scripting (XSS)

Exploit-DB Updates

[local] CrowdStrike Falcon AGENT 6.44.15806 - Uninstall without Installation Token

CrowdStrike Falcon AGENT 6.44.15806 - Uninstall without Installation Token

Exploit-DB Updates

[webapps] Dreamer CMS v4.0.0 - SQL Injection

Dreamer CMS v4.0.0 - SQL Injection

Exploit-DB Updates

[webapps] LISTSERV 17 - Insecure Direct Object Reference (IDOR)

LISTSERV 17 - Insecure Direct Object Reference (IDOR)

Exploit-DB Updates

[local] Lavasoft web companion 4.1.0.409 - 'DCIservice' Unquoted Service Path

Lavasoft web companion 4.1.0.409 - 'DCIservice' Unquoted Service Path

Exploit-DB Updates

[webapps] Eve-ng 5.0.1-13 - Stored Cross-Site Scripting (XSS)

Eve-ng 5.0.1-13 - Stored Cross-Site Scripting (XSS)

Exploit-DB Updates

[webapps] 4images 1.9 - Remote Command Execution (RCE)

4images 1.9 - Remote Command Execution (RCE)

Exploit-DB Updates

[webapps] Concrete5 CME v9.1.3 - Xpath injection

Concrete5 CME v9.1.3 - Xpath injection

Exploit-DB Updates

[dos] Router ZTE-H108NS - Stack Buffer Overflow (DoS)

Router ZTE-H108NS - Stack Buffer Overflow (DoS)

Exploit-DB Updates

[remote] Router ZTE-H108NS - Authentication Bypass

Router ZTE-H108NS - Authentication Bypass