bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
2242 commits 1 branch 0 tags 267 MiB
Commit graph

559 commits

Author SHA1 Message Date
Offensive Security
3cad5bf9ad DB: 2020-11-03 
6 changes to exploits/shellcodes

Foxit Reader 9.7.1 - Remote Command Execution (Javascript API)
Quick N Easy FTP Service 3.2 - Unquoted Service Path
Apache Flink 1.9.x - File Upload RCE (Unauthenticated)
WordPress Plugin Simple File List 5.4 - Arbitrary File Upload
Monitorr 1.7.6m - Remote Code Execution (Unauthenticated)
Monitorr 1.7.6m - Authorization Bypass
 2020-11-03 05:02:04 +00:00
Offensive Security
d852416732 DB: 2020-10-31 
5 changes to exploits/shellcodes

CSE Bookstore 1.0 - 'quantity' Persistent Cross-site Scripting
DedeCMS v.5.8 - _keyword_ Cross-Site Scripting
Citadel WebCit < 926 - Session Hijacking Exploit
Online Job Portal 1.0 - 'userid' SQL Injection
Simple College Website 1.0 - 'username' SQL Injection / Remote Code Execution
 2020-10-31 05:02:05 +00:00
Offensive Security
48bd7b3ea6 DB: 2020-10-30 
4 changes to exploits/shellcodes

Online Examination System 1.0 - 'name' Stored Cross Site Scripting
Mailman 1.x > 2.1.23 - Cross Site Scripting (XSS)
WebLogic Server 10.3.6.0.0 / 12.1.3.0.0 / 12.2.1.3.0 / 12.2.1.4.0 / 14.1.1.0.0 - Unauthenticated RCE via GET request
Genexis Platinum-4410 P4410-V2-1.28 - Cross Site Request Forgery to Reboot
 2020-10-30 05:02:03 +00:00
Offensive Security
e178c80d85 DB: 2020-10-29 
10 changes to exploits/shellcodes

PackageKit < 1.1.13 - File Existence Disclosure
aptdaemon < 1.1.1 - File Existence Disclosure
Blueman < 2.1.4 - Local Privilege Escalation
Exploit - EPSON 1.124 - 'seksmdb.exe' Unquoted Service Path
Program Access Controller v1.2.0.0 - 'PACService.exe' Unquoted Service Path
Prey 1.9.6 - _CronService_ Unquoted Service Path
IP Watcher v3.0.0.30 - 'PACService.exe' Unquoted Service Path
Nagios XI 5.7.3 - 'mibs.php' Remote Command Injection (Authenticated)
CSE Bookstore 1.0 - Authentication Bypass
Oracle Business Intelligence Enterprise Edition 5.5.0.0.0 / 12.2.1.3.0 / 12.2.1.4.0 - 'getPreviewImage' Directory Traversal/Local File Inclusion
 2020-10-29 05:02:08 +00:00
Offensive Security
17bbfdaf38 DB: 2020-10-28 
6 changes to exploits/shellcodes

TDM Digital Signage PC Player 4.1 - Insecure File Permissions
Adtec Digital Multiple Products - Default Hardcoded Credentials Remote Root
GoAhead Web Server 5.1.1 - Digest Authentication Capture Replay Nonce Reuse

InoERP 0.7.2 - Remote Code Execution (Unauthenticated)
Sentrifugo 3.2 - File Upload Restriction Bypass (Authenticated)
Client Management System 1.0 - 'searchdata' SQL injection
Sphider Search Engine 1.3.6 - 'word_upper_bound' RCE (Authenticated)
 2020-10-28 05:02:08 +00:00
Offensive Security
7ce71393bb DB: 2020-10-27 
9 changes to exploits/shellcodes

CMS Made Simple 2.1.6 - 'cntnt01detailtemplate' Server-Side Template Injection
Online Health Care System 1.0 - Multiple Cross Site Scripting (Stored)
InoERP 0.7.2 - Remote Code Execution (Unauthenticated)
PDW File Browser 1.3 - 'new_filename' Cross-Site Scripting (XSS)
Genexis Platinum-4410 - 'SSID' Persistent XSS
ReQuest Serious Play Media Player 3.0 - Directory Traversal File Disclosure
ReQuest Serious Play F3 Media Server 7.0.3 - Debug Log Disclosure
ReQuest Serious Play F3 Media Server 7.0.3 - Remote Denial of Service
ReQuest Serious Play F3 Media Server 7.0.3 - Remote Code Execution (Unauthenticated)
 2020-10-27 05:02:17 +00:00
Offensive Security
99b2cc4c13 DB: 2020-10-24 
17 changes to exploits/shellcodes

Online Library Management System 1.0 - Arbitrary File Upload
Ajenti 2.1.36 - Remote Code Execution (Authenticated)
Stock Management System 1.0 - 'brandId and categoriesId' SQL Injection
Car Rental Management System 1.0 - Arbitrary File Upload
User Registration & Login and User Management System 2.1 - SQL Injection
Point of Sales 1.0 - 'id' SQL Injection
Lot Reservation Management System 1.0 - Authentication Bypass
Lot Reservation Management System 1.0 - Cross-Site Scripting (Stored)
Gym Management System 1.0 - 'id' SQL Injection
Point of Sales 1.0 - 'username' SQL Injection
School Faculty Scheduling System 1.0 - 'id' SQL Injection
School Faculty Scheduling System 1.0 - 'username' SQL Injection
Gym Management System 1.0 - Authentication Bypass
Gym Management System 1.0 - Stored Cross Site Scripting
Bludit 3.9.2 - Auth Bruteforce Bypass
TextPattern CMS 4.8.3 - Remote Code Execution (Authenticated)
 2020-10-24 05:02:08 +00:00
Offensive Security
1539c20e48 DB: 2020-10-22 
8 changes to exploits/shellcodes

Hrsale 2.0.0 - Local File Inclusion
School Faculty Scheduling System 1.0 - Stored Cross Site Scripting POC
School Faculty Scheduling System 1.0 - Authentication Bypass POC
GOautodial 4.0 - Authenticated Shell Upload
Stock Management System 1.0 - 'Product Name' Persistent Cross-Site Scripting
Stock Management System 1.0 - 'Categories Name' Persistent Cross-Site Scripting
Stock Management System 1.0 - 'Brand Name' Persistent Cross-Site Scripting
Tiki Wiki CMS Groupware 21.1 - Authentication Bypass
 2020-10-22 05:02:10 +00:00
Offensive Security
5aa3bfc759 DB: 2020-10-21 
12 changes to exploits/shellcodes

Comtrend AR-5387un router - Persistent XSS (Authenticated)
Loan Management System 1.0 - Multiple Cross Site Scripting (Stored)
Wordpress Plugin WP Courses < 2.0.29 - Broken Access Controls leading to Courses Content Disclosure
Visitor Management System in PHP 1.0 - SQL Injection (Authenticated)
Ultimate Project Manager CRM PRO Version 2.0.5 - SQLi (Authenticated)
WordPress Plugin HS Brand Logo Slider 2.1 - 'logoupload' File Upload
User Registration & Login and User Management System With admin panel 2.1 - Persistent XSS
RiteCMS 2.2.1 - Remote Code Execution (Authenticated)
Mobile Shop System v1.0 - SQL Injection Authentication Bypass
Apache Struts 2 - DefaultActionMapper Prefixes OGNL Code Execution
WordPress Plugin Rest Google Maps < 7.11.18 - SQL Injection
WordPress Plugin Colorbox Lightbox v1.1.1 - Persistent Cross-Site Scripting (Authenticated)
 2020-10-21 05:02:11 +00:00
Offensive Security
ae14b71248 DB: 2020-10-20 
16 changes to exploits/shellcodes

Tourism Management System 1.0 - Arbitrary File Upload
Nagios XI 5.7.3 - 'Contact Templates' Persistent Cross-Site Scripting
Nagios XI 5.7.3 - 'Manage Users' Authenticated SQL Injection
Nagios XI 5.7.3 - 'SNMP Trap Interface' Authenticated SQL Injection
Online Student's Management System 1.0 - Remote Code Execution (Authenticated)
Online Discussion Forum Site 1.0 - XSS in Messaging System
Online Job Portal 1.0 - Cross Site Scripting (Stored)
HiSilicon Video Encoders - Unauthenticated file disclosure via path traversal
HiSilicon Video Encoders - RCE via unauthenticated command injection
HiSilicon video encoders - RCE via unauthenticated upload of malicious firmware
HiSilicon Video Encoders - Full admin access via backdoor password
HiSilicon Video Encoders - Unauthenticated RTSP buffer overflow (DoS)
Jenkins 2.63 - Sandbox bypass in pipeline: Groovy plug-in
Hostel Management System 2.1 - Cross Site Scripting (Multiple Fields)
Typesetter CMS 5.1 - Arbitrary Code Execution (Authenticated)
Textpattern CMS 4.6.2 - Cross-site Request Forgery
 2020-10-20 05:02:13 +00:00
Offensive Security
97ece9d27b DB: 2020-10-17 
11 changes to exploits/shellcodes

Employee Management System 1.0 - Cross Site Scripting (Stored)
Employee Management System 1.0 - Authentication Bypass
Alumni Management System 1.0 - Authentication Bypass
Company Visitor Management System (CVMS) 1.0 - Authentication Bypass
Restaurant Reservation System 1.0 - 'date' SQL Injection (Authenticated)
aaPanel 6.6.6 - Privilege Escalation & Remote Code Execution (Authenticated)
Seat Reservation System 1.0 - Remote Code Execution (Unauthenticated)
Hotel Management System 1.0 - Remote Code Execution (Authenticated)
Seat Reservation System 1.0 - Unauthenticated SQL Injection
CS-Cart 1.3.3 - 'classes_dir' LFI
CS-Cart 1.3.3 - authenticated RCE
 2020-10-17 05:02:09 +00:00
Offensive Security
cbf3e02444 DB: 2020-10-16 
4 changes to exploits/shellcodes

Vehicle Parking Management System 1.0 - Authentication Bypass
rConfig 3.9.5 - Remote Code Execution (Unauthenticated)
Simple Grocery Store Sales And Inventory System 1.0 - Authentication Bypass
Zoo Management System 1.0 - Authentication Bypass
 2020-10-16 05:02:09 +00:00
Offensive Security
a3aad6c41a DB: 2020-10-15 
3 changes to exploits/shellcodes

Guild Wars 2 - Insecure Folder Permissions

TimeClock Software 0.995 - Multiple SQL Injections
TimeClock Software 0.995 - (Authenticated ) Multiple SQL Injections
TimeClock Software 1.01 0 - (Authenticated) Time-Based SQL Injection
NodeBB Forum 1.12.2-1.14.2 - Account Takeover
 2020-10-15 05:02:06 +00:00
Offensive Security
973a669c08 DB: 2020-10-14 
2 changes to exploits/shellcodes

Battle.Net 1.27.1.12428 - Insecure File Permissions

berliCRM 1.0.24 - 'src_record' SQL Injection
 2020-10-14 05:02:04 +00:00
Offensive Security
14fcd4863f DB: 2020-10-13 
5 changes to exploits/shellcodes

Small CRM 2.0 - 'email' SQL Injection
MedDream PACS Server 6.8.3.751 - Remote Code Execution (Unauthenticated)
Liman 0.7 - Cross-Site Request Forgery (Change Password)
Online Students Management System 1.0 - 'username' SQL Injections
Cisco ASA and FTD 9.6.4.42 - Path Traversal
 2020-10-13 05:02:09 +00:00
Offensive Security
0aa8d538e2 DB: 2020-10-10 
3 changes to exploits/shellcodes

Kentico CMS 9.0-12.0.49 - Persistent Cross Site Scripting
DynPG 4.9.1 - Persistent Cross-Site Scripting (Authenticated)
openMAINT 1.1-2.4.2 - Arbitrary File Upload
 2020-10-10 05:02:11 +00:00
Offensive Security
b45931e440 DB: 2020-10-09 
2 changes to exploits/shellcodes

SEO Panel 4.6.0 - Remote Code Execution
D-Link DSR-250N 3.12 - Denial of Service (PoC)
 2020-10-09 05:02:05 +00:00
Offensive Security
1fbf4d267e DB: 2020-10-08 
2 changes to exploits/shellcodes

BACnet Test Server 1.01 - Remote Denial of Service (PoC)

Textpattern CMS 4.6.2 - 'body' Persistent Cross-Site Scripting
 2020-10-08 05:02:12 +00:00
Offensive Security
1569af9b59 DB: 2020-10-06 
2 changes to exploits/shellcodes

MOVEit Transfer 11.1.1 - 'token' Unauthenticated SQL Injection
SpamTitan 7.07 - Unauthenticated Remote Code Execution
 2020-10-06 05:02:05 +00:00
Offensive Security
9772f1e7c0 DB: 2020-10-03 
2 changes to exploits/shellcodes

MedDream PACS Server 6.8.3.751 - Remote Code Execution (Authenticated)
Photo Share Website 1.0 - Persistent Cross-Site Scripting
 2020-10-03 05:02:10 +00:00
Offensive Security
f697a81a18 DB: 2020-10-02 
12 changes to exploits/shellcodes

Sony IPELA Network Camera 1.82.01 - 'ftpclient.cgi' Remote Stack Buffer Overflow
BrightSign Digital Signage Diagnostic Web Server 8.2.26 - Server-Side Request Forgery (Unauthenticated)
BrightSign Digital Signage Diagnostic Web Server 8.2.26 - File Delete Path Traversal
SpinetiX Fusion Digital Signage 3.4.8 - Database Backup Disclosure
SpinetiX Fusion Digital Signage 3.4.8 - Cross-Site Request Forgery (Add Admin)
SpinetiX Fusion Digital Signage 3.4.8 - Username Enumeration
MonoCMS Blog 1.0 - Arbitrary File Deletion (Authenticated)
WebsiteBaker 2.12.2 - 'display_name' SQL Injection (authenticated)
GetSimple CMS 3.3.16 - Persistent Cross-Site Scripting (Authenticated)
CMS Made Simple 2.2.14 - Persistent Cross-Site Scripting (Authenticated)
Typesetter CMS 5.1 - 'Site Title' Persistent Cross-Site Scripting

Exhibitor Web UI 1.7.1 - Remote Code Execution
 2020-10-02 05:02:08 +00:00
Offensive Security
fdab02c0ff DB: 2020-09-30 
3 changes to exploits/shellcodes

BearShare Lite 5.2.5 - 'Advanced Search'Buffer Overflow in (PoC)
CloudMe 1.11.2 - Buffer Overflow ROP (DEP_ASLR)

WebsiteBaker 2.12.2 - Remote Code Execution
 2020-09-30 05:02:05 +00:00
Offensive Security
18829b7a22 DB: 2020-09-26 
4 changes to exploits/shellcodes

BigTree CMS 4.4.10 - Remote Code Execution
Anchor CMS 0.12.7 - Persistent Cross-Site Scripting (Authenticated)
B-swiss 3 Digital Signage System 3.6.5 - Cross-Site Request Forgery (Add Maintenance Admin)
B-swiss 3 Digital Signage System 3.6.5 -  Database Disclosure
 2020-09-26 05:02:04 +00:00
Offensive Security
72506f63c2 DB: 2020-09-25 
2 changes to exploits/shellcodes

Simple Online Food Ordering System 1.0 - 'id' SQL Injection (Unauthenticated)
Visitor Management System in PHP 1.0 - Persistent Cross-Site Scripting
 2020-09-25 05:02:10 +00:00
Offensive Security
00b27610c8 DB: 2020-09-24 
2 changes to exploits/shellcodes

Online Food Ordering System 1.0 - Remote Code Execution
 2020-09-24 05:02:05 +00:00
Offensive Security
1a8b74a305 DB: 2020-09-23 
2 changes to exploits/shellcodes

Comodo Unified Threat Management Web Console 2.7.0 - Remote Code Execution
Flatpress Add Blog 1.0.3 - Persistent Cross-Site Scripting
 2020-09-23 05:02:05 +00:00
Offensive Security
87f49d4427 DB: 2020-09-22 
6 changes to exploits/shellcodes

ForensiTAppxService 2.2.0.4 - 'ForensiTAppxService.exe' Unquoted Service Path
Online Shop Project 1.0 - 'p' SQL Injection
BlackCat CMS 1.3.6 - Cross-Site Request Forgery
Seat Reservation System 1.0 - 'id' SQL Injection
Mida eFramework 2.9.0 - Back Door Access
B-swiss 3 Digital Signage System 3.6.5 - Remote Code Execution
 2020-09-22 05:02:05 +00:00
Offensive Security
0d8101f1a1 DB: 2020-09-19 
2 changes to exploits/shellcodes

SpamTitan 7.07 - Remote Code Execution (Authenticated)
Mantis Bug Tracker 2.3.0 - Remote Code Execution (Unauthenticated)
 2020-09-19 05:02:05 +00:00
Offensive Security
3080c3ca18 DB: 2020-09-17 
2 changes to exploits/shellcodes

Windows TCPIP Finger Command - C2 Channel and Bypassing Security Software

Piwigo 2.10.1 - Cross Site Scripting
 2020-09-17 05:02:05 +00:00
Offensive Security
e23028b045 DB: 2020-09-16 
2 changes to exploits/shellcodes

ThinkAdmin 6 -  Arbitrarily File Read
Tailor MS 1.0 - Reflected Cross-Site Scripting
 2020-09-16 05:02:06 +00:00
Offensive Security
903280c17b DB: 2020-09-15 
6 changes to exploits/shellcodes

Rapid7 Nexpose Installer 6.6.39 - 'nexposeengine' Unquoted Service Path
Pearson Vue VTS 2.3.1911 Installer - 'VUEApplicationWrapper' Unquoted Service Path
RAD SecFlow-1v SF_0290_2.3.01.26  - Persistent Cross-Site Scripting
RAD SecFlow-1v SF_0290_2.3.01.26 - Cross-Site Request Forgery (Reboot)
Joomla! paGO Commerce 2.5.9.0 - SQL Injection (Authenticated)
 2020-09-15 05:02:06 +00:00
Offensive Security
421c99f9e3 DB: 2020-09-11 
3 changes to exploits/shellcodes

Tiandy IPC and NVR 9.12.7 - Credential Disclosure
CuteNews 2.1.2 - Remote Code Execution
ZTE Router F602W - Captcha Bypass
 2020-09-11 05:02:04 +00:00
Offensive Security
73dd822b51 DB: 2020-09-10 
4 changes to exploits/shellcodes

Input Director 1.4.3 - 'Input Director' Unquoted Service Path
Audio Playback Recorder 3.2.2 - Local Buffer Overflow (SEH)
Tailor Management System - 'id' SQL Injection
Scopia XT Desktop 8.3.915.4 - Cross-Site Request Forgery (change admin password)
 2020-09-10 05:02:04 +00:00
Offensive Security
f288c52ef9 DB: 2020-09-08 
3 changes to exploits/shellcodes

Cabot 0.11.12 - Persistent Cross-Site Scripting
grocy 2.7.1 - Persistent Cross-Site Scripting
ManageEngine Applications Manager 14700 - Remote Code Execution (Authenticated)
 2020-09-08 05:02:07 +00:00
Offensive Security
0d540768a4 DB: 2020-09-04 
5 changes to exploits/shellcodes

BarracudaDrive v6.5 - Insecure Folder Permissions
Savsoft Quiz Enterprise Version 5.5 - Persistent Cross-Site Scripting
BloodX CMS 1.0 - Authentication Bypass
Daily Tracker System 1.0 - Authentication Bypass
SiteMagic CMS 4.4.2 - Arbitrary File Upload (Authenticated)
 2020-09-04 05:02:06 +00:00
Offensive Security
4784c1aeb4 DB: 2020-09-03 
1 changes to exploits/shellcodes

Stock Management System 1.0 - Cross-Site Request Forgery (Change Username)
 2020-09-03 05:02:09 +00:00
Offensive Security
38929aaab6 DB: 2020-09-02 
2 changes to exploits/shellcodes

Mara CMS 7.5 - Remote Code Execution (Authenticated)
moziloCMS 2.0 - Persistent Cross-Site Scripting (Authenticated)
 2020-09-02 05:02:05 +00:00
Offensive Security
d6bcc3b093 DB: 2020-09-01 
5 changes to exploits/shellcodes

BlazeDVD 7.0 Professional - '.plf' Local Buffer Overflow (SEH_ASLR_DEP)
Online Book Store 1.0 - 'id' SQL Injection
Mara CMS  7.5 - Reflective Cross-Site Scripting
Fuel CMS 1.4.8 - 'fuel_replace_id' SQL Injection (Authenticated)
CMS Made Simple 2.2.14 - Arbitrary File Upload (Authenticated)
 2020-09-01 05:02:09 +00:00
Offensive Security
abfd379775 DB: 2020-08-29 
4 changes to exploits/shellcodes

Online Shopping Alphaware 1.0 - 'id' SQL Injection
Nagios Log Server 2.1.6 - Persistent Cross-Site Scripting
SymphonyCMS 3.0.0 - Persistent Cross-Site Scripting
Eibiz i-Media Server Digital Signage 3.8.0 - Privilege Escalation
 2020-08-29 05:01:59 +00:00
Offensive Security
2621b3c52e DB: 2020-08-28 
3 changes to exploits/shellcodes

ASX to MP3 converter 3.1.3.7.2010.11.05 - '.wax' Local Buffer Overflow (DEP_ASLR Bypass) (PoC)
Mida eFramework 2.9.0 - Remote Code Execution
Wordpress Plugin Autoptimize 2.7.6 - Arbitrary File Upload (Authenticated)
 2020-08-28 05:01:55 +00:00
Offensive Security
8bf2002f51 DB: 2020-08-27 
3 changes to exploits/shellcodes

Ericom Access Server x64 9.2.0 - Server-Side Request Forgery
Eibiz i-Media Server Digital Signage 3.8.0 - Directory Traversal
 2020-08-27 05:01:55 +00:00
Offensive Security
1567b7af86 DB: 2020-08-25 
3 changes to exploits/shellcodes

LimeSurvey 4.3.10 - 'Survey Menu' Persistent Cross-Site Scripting
Eibiz i-Media Server Digital Signage 3.8.0 - Authentication Bypass
Eibiz i-Media Server Digital Signage 3.8.0 - Configuration Disclosure
 2020-08-25 05:01:52 +00:00
Offensive Security
3b08fb4f1e DB: 2020-08-22 
3 changes to exploits/shellcodes

Complaint Management System 1.0 - 'cid' SQL Injection
Seowon SlC 130 Router - Remote Code Execution
vBulletin 5.1.2 < 5.1.9 - Unserialize Code Execution (Metasploit)
 2020-08-22 05:01:52 +00:00
Offensive Security
caf6833937 DB: 2020-08-21 
2 changes to exploits/shellcodes

ElkarBackup 1.3.3 - Persistent Cross-Site Scripting
PNPSCADA 2.200816204020 - 'interf' SQL Injection (Authenticated)
 2020-08-21 05:01:48 +00:00
Offensive Security
ec071bef5f DB: 2020-08-19 
2 changes to exploits/shellcodes

Pharmacy Medical Store and Sale Point 1.0  - 'catid' SQL Injection
Savsoft Quiz 5 - Stored Cross-Site Scripting
 2020-08-19 05:01:49 +00:00
Offensive Security
81f468c9ee DB: 2020-08-18 
6 changes to exploits/shellcodes

Bludit  3.9.2 - Authentication Bruteforce Mitigation Bypass
Microsoft SharePoint Server 2019 - Remote Code Execution
QiHang Media Web Digital Signage 3.0.9 - Cleartext Credential Disclosure
QiHang Media Web Digital Signage 3.0.9 - Unauthenticated Arbitrary File Deletion
QiHang Media Web Digital Signage 3.0.9 - Unauthenticated Arbitrary File Disclosure
QiHang Media Web Digital Signage 3.0.9 - Remote Code Execution (Unauthenticated)
 2020-08-18 05:01:50 +00:00
Offensive Security
e3b25a25ca DB: 2020-08-14 
2 changes to exploits/shellcodes

Artica Proxy 4.3.0 - Authentication Bypass
GetSimple CMS Plugin Multi User 1.8.2 - Cross-Site Request Forgery (Add Admin)
 2020-08-14 05:01:50 +00:00
Offensive Security
a999edcbb6 DB: 2020-08-13 
2 changes to exploits/shellcodes

CMS Made Simple 2.2.14 - Authenticated Arbitrary File Upload
vBulletin 5.6.2 - 'widget_tabbedContainer_tab_panel' Remote Code Execution
 2020-08-13 05:01:49 +00:00
Offensive Security
eea08c4481 DB: 2020-08-12 
1 changes to exploits/shellcodes

Fuel CMS 1.4.7 - 'col' SQL Injection (Authenticated)
 2020-08-12 05:01:48 +00:00
Offensive Security
ba30f5e257 DB: 2020-08-11 
3 changes to exploits/shellcodes

BarcodeOCR 19.3.6 - 'BarcodeOCR' Unquoted Service Path
Warehouse Inventory System 1.0 - Cross-Site Request Forgery (Change Admin Password)
ManageEngine ADSelfService Build prior to 6003 - Remote Code Execution (Unauthenticated)
 2020-08-11 05:01:48 +00:00