exploit-db-mirror

bpmcdevitt/exploit-db-mirror

Fork 0

Commit graph

Author	SHA1	Message	Date
Exploit-DB	668314bbda	DB: 2023-05-03 19 changes to exploits/shellcodes/ghdb FS-S3900-24T4S - Privilege Escalation Virtual Reception v1.0 - Web Server Directory Traversal admidio v4.2.5 - CSV Injection Companymaps v8.0 - Stored Cross Site Scripting (XSS) GLPI 9.5.7 - Username Enumeration OpenEMR v7.0.1 - Authentication credentials brute force PHP Restaurants 1.0 - SQLi Authentication Bypass & Cross Site Scripting PHPFusion 9.10.30 - Stored Cross-Site Scripting (XSS) PHPJabbers Simple CMS 5.0 - SQL Injection PHPJabbers Simple CMS V5.0 - Stored Cross-Site Scripting (XSS) phpMyFAQ v3.1.12 - CSV Injection projectSend r1605 - Private file download revive-adserver v5.4.1 - Cross-Site Scripting (XSS) Serendipity 2.4.0 - File Inclusion RCE SoftExpert (SE) Suite v2.1.3 - Local File Inclusion Advanced Host Monitor v12.56 - Unquoted Service Path MilleGPG5 5.9.2 (Gennaio 2023) - Local Privilege Escalation / Incorrect Access Control	2023-05-03 00:16:23 +00:00
Exploit-DB	42ade901fe	DB: 2023-03-31 22 changes to exploits/shellcodes/ghdb LISTSERV 17 - Insecure Direct Object Reference (IDOR) LISTSERV 17 - Reflected Cross Site Scripting (XSS) Router ZTE-H108NS - Stack Buffer Overflow (DoS) Router ZTE-H108NS - Authentication Bypass Boa Web Server v0.94.14 - Authentication Bypass Covenant v0.5 - Remote Code Execution (RCE) Dreamer CMS v4.0.0 - SQL Injection Shoplazza 1.1 - Stored Cross-Site Scripting (XSS) Virtual Reception v1.0 - Web Server Directory Traversal 4images 1.9 - Remote Command Execution (RCE) ClicShopping v3.402 - Cross-Site Scripting (XSS) Concrete5 CME v9.1.3 - Xpath injection Device Manager Express 7.8.20002.47752 - Remote Code Execution (RCE) Ecommerse v1.0 - Cross-Site Scripting (XSS) Eve-ng 5.0.1-13 - Stored Cross-Site Scripting (XSS) myBB forums 1.8.26 - Stored Cross-Site Scripting (XSS) WPForms 1.7.8 - Cross-Site Scripting (XSS) CrowdStrike Falcon AGENT 6.44.15806 - Uninstall without Installation Token Lavasoft web companion 4.1.0.409 - 'DCIservice' Unquoted Service Path Zillya Total Security 3.0.2367.0 - Local Privilege Escalation	2023-03-31 00:16:26 +00:00

Author

SHA1

Message

Date

Exploit-DB

668314bbda

DB: 2023-05-03

19 changes to exploits/shellcodes/ghdb

FS-S3900-24T4S - Privilege Escalation

Virtual Reception v1.0 - Web Server Directory Traversal

admidio v4.2.5 - CSV Injection

Companymaps v8.0 - Stored Cross Site Scripting (XSS)

GLPI 9.5.7 - Username Enumeration

OpenEMR v7.0.1 - Authentication credentials brute force

PHP Restaurants 1.0 - SQLi Authentication Bypass & Cross Site Scripting

PHPFusion 9.10.30 - Stored Cross-Site Scripting (XSS)
PHPJabbers Simple CMS 5.0 - SQL Injection
PHPJabbers Simple CMS V5.0 - Stored Cross-Site Scripting (XSS)

phpMyFAQ v3.1.12 - CSV Injection

projectSend r1605 - Private file download

revive-adserver v5.4.1 - Cross-Site Scripting (XSS)

Serendipity 2.4.0 - File Inclusion RCE

SoftExpert (SE) Suite v2.1.3 - Local File Inclusion

Advanced Host Monitor v12.56 - Unquoted Service Path

MilleGPG5 5.9.2 (Gennaio 2023) - Local Privilege Escalation / Incorrect Access Control

2023-05-03 00:16:23 +00:00

Exploit-DB

42ade901fe

DB: 2023-03-31

22 changes to exploits/shellcodes/ghdb

LISTSERV 17 - Insecure Direct Object Reference (IDOR)
LISTSERV 17 - Reflected Cross Site Scripting (XSS)

Router ZTE-H108NS - Stack Buffer Overflow (DoS)

Router ZTE-H108NS - Authentication Bypass

Boa Web Server v0.94.14 - Authentication Bypass

Covenant v0.5 - Remote Code Execution (RCE)

Dreamer CMS v4.0.0 - SQL Injection

Shoplazza 1.1 - Stored Cross-Site Scripting (XSS)

Virtual Reception v1.0 - Web Server Directory Traversal

4images 1.9 - Remote Command Execution (RCE)

ClicShopping v3.402 - Cross-Site Scripting (XSS)

Concrete5 CME v9.1.3 - Xpath injection

Device Manager Express 7.8.20002.47752 - Remote Code Execution (RCE)

Ecommerse v1.0 - Cross-Site Scripting (XSS)

Eve-ng 5.0.1-13 - Stored Cross-Site Scripting (XSS)

myBB forums 1.8.26 - Stored Cross-Site Scripting (XSS)

WPForms 1.7.8 - Cross-Site Scripting (XSS)

CrowdStrike Falcon AGENT  6.44.15806  - Uninstall without Installation Token

Lavasoft web companion 4.1.0.409 - 'DCIservice' Unquoted Service Path

Zillya Total Security 3.0.2367.0  - Local Privilege Escalation

2023-03-31 00:16:26 +00:00

2 commits