Exploit-DB Updates

[remote] TELSAT marKoni FM Transmitter 1.9.5 - Root Command Injection

TELSAT marKoni FM Transmitter 1.9.5 - Root Command Injection

Exploit-DB Updates

[webapps] WEBIGniter v28.7.23 - Stored XSS

WEBIGniter v28.7.23 - Stored XSS

Exploit-DB Updates

[webapps] Quick.CMS 6.7 - SQL Injection Login Bypass

Quick.CMS 6.7 - SQL Injection Login Bypass

Exploit-DB Updates

[webapps] Atlassian Confluence < 8.5.3 - Remote Code Execution

Atlassian Confluence

Exploit-DB Updates

[webapps] xbtitFM 4.1.18 - Multiple Vulnerabilities

xbtitFM 4.1.18 - Multiple Vulnerabilities

Exploit-DB Updates

[webapps] TYPO3 11.5.24 - Path Traversal (Authenticated)

TYPO3 11.5.24 - Path Traversal (Authenticated)

Exploit-DB Updates

[webapps] Backdrop CMS 1.23.0 - Stored XSS

Backdrop CMS 1.23.0 - Stored XSS

Exploit-DB Updates

[webapps] WordPress File Upload Plugin < 4.23.3 - Stored XSS

WordPress File Upload Plugin

Exploit-DB Updates

[webapps] Winter CMS 1.2.3 - Server-Side Template Injection (SSTI) (Authenticated)

Winter CMS 1.2.3 - Server-Side Template Injection (SSTI) (Authenticated)

Exploit-DB Updates

[webapps] Karaf v4.4.3 Console - RCE

Karaf v4.4.3 Console - RCE

Exploit-DB Updates

[local] LaborOfficeFree 19.10 - MySQL Root Password Calculator

LaborOfficeFree 19.10 - MySQL Root Password Calculator

Exploit-DB Updates

[webapps] UPS Network Management Card 4 - Path Traversal

UPS Network Management Card 4 - Path Traversal

Exploit-DB Updates

[local] vm2 - sandbox escape

vm2 - sandbox escape

Exploit-DB Updates

[webapps] Nokia BMC Log Scanner - Remote Code Execution

Nokia BMC Log Scanner - Remote Code Execution

Exploit-DB Updates

[remote] Viessmann Vitogate 300 2.1.3.0 - Remote Code Execution (RCE)

Viessmann Vitogate 300 2.1.3.0 - Remote Code Execution (RCE)

Exploit-DB Updates

[local] KiTTY 0.76.1.13 - 'Start Duplicated Session Username' Buffer Overflow

KiTTY 0.76.1.13 - 'Start Duplicated Session Username' Buffer Overflow

Exploit-DB Updates

[remote] JetBrains TeamCity 2023.05.3 - Remote Code Execution (RCE)

JetBrains TeamCity 2023.05.3 - Remote Code Execution (RCE)

Exploit-DB Updates

[remote] Honeywell PM43 < P10.19.050004 - Remote Code Execution (RCE)

Honeywell PM43

Exploit-DB Updates

[local] KiTTY 0.76.1.13 - 'Start Duplicated Session Hostname' Buffer Overflow

KiTTY 0.76.1.13 - 'Start Duplicated Session Hostname' Buffer Overflow

Exploit-DB Updates

[remote] GitLab CE/EE < 16.7.2 - Password Reset

GitLab CE/EE

Exploit-DB Updates

[remote] Ruijie Switch PSG-5124 26293 - Remote Code Execution (RCE)

Ruijie Switch PSG-5124 26293 - Remote Code Execution (RCE)

Exploit-DB Updates

[local] KiTTY 0.76.1.13 - Command Injection

KiTTY 0.76.1.13 - Command Injection

Exploit-DB Updates

[remote] SolarView Compact 6.00 - Command Injection

SolarView Compact 6.00 - Command Injection

Exploit-DB Updates

[remote] VMware Cloud Director 10.5 - Bypass identity verification

VMware Cloud Director 10.5 - Bypass identity verification

Exploit-DB Updates

[webapps] OSGi v3.8-3.18 Console - RCE

OSGi v3.8-3.18 Console - RCE

Exploit-DB Updates

[webapps] SnipeIT 6.2.1 - Stored Cross Site Scripting

SnipeIT 6.2.1 - Stored Cross Site Scripting

Exploit-DB Updates

[webapps] Client Details System 1.0 - SQL Injection

Client Details System 1.0 - SQL Injection

Exploit-DB Updates

[webapps] OSGi v3.7.2 (and below) Console - RCE

OSGi v3.7.2 (and below) Console - RCE

Exploit-DB Updates

[webapps] Cisco Firepower Management Center < 6.6.7.1 - Authenticated RCE

Cisco Firepower Management Center

Exploit-DB Updates

[webapps] Human Resource Management System 1.0 - 'employeeid' SQL Injection

Human Resource Management System 1.0 - 'employeeid' SQL Injection

Exploit-DB Updates

[webapps] Sitecore - Remote Code Execution v8.2

Sitecore - Remote Code Execution v8.2

Exploit-DB Updates

[webapps] WordPress Plugin Duplicator < 1.5.7.1 - Unauthenticated Sensitive Data Exposure to Account Takeover

WordPress Plugin Duplicator

Exploit-DB Updates

[local] Microsoft Windows Defender / Trojan.Win32/Powessere.G - Detection Mitigation Bypass

Microsoft Windows Defender / Trojan.Win32/Powessere.G - Detection Mitigation Bypass

Exploit-DB Updates

[webapps] Hitachi NAS (HNAS) System Management Unit (SMU) Backup & Restore < 14.8.7825.01 - IDOR

Hitachi NAS (HNAS) System Management Unit (SMU) Backup & Restore

Exploit-DB Updates

[webapps] Adobe ColdFusion versions 2018,15 (and earlier) and 2021,5 and earlier - Arbitrary File Read

Adobe ColdFusion versions 2018,15 (and earlier) and 2021,5 and earlier - Arbitrary File Read

Exploit-DB Updates

[webapps] DataCube3 v1.0 - Unrestricted file upload 'RCE'

DataCube3 v1.0 - Unrestricted file upload 'RCE'

Exploit-DB Updates

[webapps] Ladder v0.0.21 - Server-side request forgery (SSRF)

Ladder v0.0.21 - Server-side request forgery (SSRF)

Exploit-DB Updates

[webapps] Akaunting < 3.1.3 - RCE

Akaunting

Exploit-DB Updates

[webapps] Numbas < v7.3 - Remote Code Execution

Numbas

Exploit-DB Updates

[webapps] Hide My WP < 6.2.9 - Unauthenticated SQLi

Hide My WP

Exploit-DB Updates

[webapps] TP-Link TL-WR740N - Buffer Overflow 'DOS'

TP-Link TL-WR740N - Buffer Overflow 'DOS'

Exploit-DB Updates

[webapps] GLiNet - Router Authentication Bypass

GLiNet - Router Authentication Bypass

Exploit-DB Updates

[webapps] CSZ CMS Version 1.3.0 - Authenticated Remote Command Execution

CSZ CMS Version 1.3.0 - Authenticated Remote Command Execution

Exploit-DB Updates

[webapps] elFinder Web file manager Version - 2.1.53 Remote Command Execution

elFinder Web file manager Version - 2.1.53 Remote Command Execution

Exploit-DB Updates

[webapps] Lot Reservation Management System - Unauthenticated File Disclosure

Lot Reservation Management System - Unauthenticated File Disclosure

Exploit-DB Updates

[webapps] CVE-2023-50071 - Multiple SQL Injection

CVE-2023-50071 - Multiple SQL Injection

Exploit-DB Updates

[webapps] Lot Reservation Management System - Unauthenticated File Upload and Remote Code Execution

Lot Reservation Management System - Unauthenticated File Upload and Remote Code Execution

Exploit-DB Updates

[webapps] Solar-Log 200 PM+ 3.6.0 Build 99 - 15.10.2019 - Stored XSS

Solar-Log 200 PM+ 3.6.0 Build 99 - 15.10.2019 - Stored XSS

Exploit-DB Updates

[webapps] kk Star Ratings < 5.4.6 - Rating Tampering via Race Condition

kk Star Ratings

Exploit-DB Updates

[webapps] Neontext Wordpress Plugin - Stored XSS

Neontext Wordpress Plugin - Stored XSS

Exploit-DB Updates

[remote] TitanNit Web Control 2.01 / Atemio 7600 - Root Remote Code Execution

TitanNit Web Control 2.01 / Atemio 7600 - Root Remote Code Execution

Exploit-DB Updates

[remote] Simple Student Attendance System v1.0 - 'classid' Time Based Blind & Union Based SQL Injection

Simple Student Attendance System v1.0 - 'classid' Time Based Blind & Union Based SQL Injection

Exploit-DB Updates

[webapps] Easywall 0.3.1 - Authenticated Remote Command Execution

Easywall 0.3.1 - Authenticated Remote Command Execution

Exploit-DB Updates

[local] A-PDF All to MP3 Converter 2.0.0 - DEP Bypass via HeapCreate + HeapAlloc

A-PDF All to MP3 Converter 2.0.0 - DEP Bypass via HeapCreate + HeapAlloc

Exploit-DB Updates

[remote] TPC-110W - Missing Authentication for Critical Function

TPC-110W - Missing Authentication for Critical Function

Exploit-DB Updates

[remote] Simple Student Attendance System v1.0 - Time Based Blind SQL Injection

Simple Student Attendance System v1.0 - Time Based Blind SQL Injection

Exploit-DB Updates

[remote] GL.iNet AR300M v4.3.7 Remote Code Execution - CVE-2023-46454 Exploit

GL.iNet AR300M v4.3.7 Remote Code Execution - CVE-2023-46454 Exploit

Exploit-DB Updates

[remote] Petrol Pump Management Software v1.0 - 'Address' Stored Cross Site Scripting

Petrol Pump Management Software v1.0 - 'Address' Stored Cross Site Scripting

Exploit-DB Updates

[local] Windows PowerShell - Event Log Bypass Single Quote Code Execution

Windows PowerShell - Event Log Bypass Single Quote Code Execution

Exploit-DB Updates

[webapps] Magento ver. 2.4.6 - XSLT Server Side Injection

Magento ver. 2.4.6 - XSLT Server Side Injection