bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
2893 commits 1 branch 0 tags 356 MiB
Commit graph

4 commits

Author SHA1 Message Date
Offensive Security
36c084c351 DB: 2021-09-03 
45419 changes to exploits/shellcodes

2 new exploits/shellcodes

Too many to list!
 2021-09-03 13:39:06 +00:00
Offensive Security
092f2f0697 DB: 2021-04-27 
6 changes to exploits/shellcodes

SEO Panel 4.8.0 - 'order_col' Blind SQL Injection
SEO Panel 4.8.0 - 'order_col' Blind SQL Injection (1)

Hasura GraphQL 1.3.3 - Remote Code Execution
OpenPLC 3 - Remote Code Execution (Authenticated)
SEO Panel 4.8.0 - 'order_col' Blind SQL Injection (2)
 2021-04-27 05:02:00 +00:00
Offensive Security
37baf23611 DB: 2021-04-24 
7 changes to exploits/shellcodes

Moodle 3.10.3 - 'url' Persistent Cross Site Scripting
GetSimple CMS My SMTP Contact Plugin 1.1.2 - CSRF to Stored XSS to RCE
DzzOffice 2.02.1 - 'Multiple' Cross-Site Scripting (XSS)
Sipwise C5 NGCP CSC - 'Multiple' Stored/Reflected Cross-Site Scripting (XSS)
Sipwise C5 NGCP CSC - Click2Dial Cross-Site Request Forgery (CSRF)
 2021-04-24 05:01:56 +00:00
Offensive Security
7fa85628bd DB: 2021-04-22 
19 changes to exploits/shellcodes

Hasura GraphQL 1.3.3 - Denial of Service

Tenda D151 & D301 - Configuration Download (Unauthenticated)

rConfig 3.9.6 - Arbitrary File Upload to Remote Code Execution (Authenticated)
rConfig 3.9.6 - Arbitrary File Upload to Remote Code Execution (Authenticated) (1)
Multilaser Router RE018 AC1200 - Cross-Site Request Forgery (Enable Remote Access)
Fast PHP Chat 1.3 - 'my_item_search' SQL Injection
WordPress Plugin RSS for Yandex Turbo 1.29 - Stored Cross-Site Scripting (XSS)
BlackCat CMS 1.3.6 - 'Multiple' Stored Cross-Site Scripting (XSS)
Discourse 2.7.0 - Rate Limit Bypass leads to 2FA Bypass
RemoteClinic 2 - 'Multiple' Cross-Site Scripting (XSS)
rconfig 3.9.6 - Arbitrary File Upload to Remote Code Execution (Authenticated) (2)
OpenEMR 5.0.2.1 - Remote Code Execution
Adtran Personal Phone Manager 10.8.1 - 'emailAddress' Stored Cross-Site Scripting (XSS)
Adtran Personal Phone Manager 10.8.1 - 'Multiple' Reflected Cross-Site Scripting (XSS)
Adtran Personal Phone Manager 10.8.1 - DNS Exfiltration
GravCMS 1.10.7 - Unauthenticated Arbitrary YAML Write/Update (Metasploit)
Hasura GraphQL 1.3.3 - Local File Read
Hasura GraphQL 1.3.3 - Service Side Request Forgery (SSRF)
 2021-04-22 05:01:54 +00:00