nu11secur1ty

102 exploits Active since Dec 2015
CVE-2021-44228 NOMISEC CRITICAL WORKING POC
Log4Shell HTTP Header Injection
Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) JNDI features used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints. An attacker who can control log messages or log message parameters can execute arbitrary code loaded from LDAP servers when message lookup substitution is enabled. From log4j 2.15.0, this behavior has been disabled by default. From version 2.16.0 (along with 2.12.2, 2.12.3, and 2.3.1), this functionality has been completely removed. Note that this vulnerability is specific to log4j-core and does not affect log4net, log4cxx, or other Apache Logging Services projects.
1 stars
CVSS 10.0
CVE-2016-5195 GITLAB HIGH WRITEUP
Canonical Ubuntu Linux < 3.2.83 - Race Condition
Race condition in mm/gup.c in the Linux kernel 2.x through 4.x before 4.8.3 allows local users to gain privileges by leveraging incorrect handling of a copy-on-write (COW) feature to write to a read-only memory mapping, as exploited in the wild in October 2016, aka "Dirty COW."
CVSS 7.0
CVE-2022-37706 NOMISEC HIGH WORKING POC
Ubuntu Enlightenment Mount Priv Esc
enlightenment_sys in Enlightenment before 0.25.4 allows local users to gain privileges because it is setuid root, and the system library function mishandles pathnames that begin with a /dev/.. substring.
CVSS 7.8
CVE-2021-43420 WRITEUP CRITICAL WRITEUP
Sourcecodester Online Payment Hub - SQL Injection
SQL injection vulnerability in Login.php in Sourcecodester Online Payment Hub v1 by oretnom23, allows attackers to execute arbitrary SQL commands via the username parameter.
CVSS 9.8
CVE-2023-33140 WRITEUP MEDIUM WORKING POC
Microsoft OneNote - SSRF
Microsoft OneNote Spoofing Vulnerability
CVSS 6.5
CVE-2023-53985 EXPLOITDB MEDIUM text WORKING POC
Zstore 6.5.4 - XSS
Zstore, now referred to as Zippy CRM, 6.5.4 contains a reflected cross-site scripting vulnerability that allows attackers to inject malicious scripts through unvalidated input parameters. Attackers can submit crafted payloads in manual insertion points to execute arbitrary JavaScript code in victim's browser context.
CVSS 6.1
CVE-2023-53957 EXPLOITDB CRITICAL text WORKING POC
Kimai <1.30.10 - XSS
Kimai 1.30.10 contains a SameSite cookie vulnerability that allows attackers to steal user session cookies through malicious exploitation. Attackers can trick victims into executing a crafted PHP script that captures and writes session cookie information to a file, enabling potential session hijacking.
CVSS 9.8
CVE-2023-53951 EXPLOITDB CRITICAL text WORKING POC
Ever Gauzy <0.281.9 - Auth Bypass
Ever Gauzy v0.281.9 contains a JWT authentication vulnerability that allows attackers to exploit weak HMAC secret key implementation. Attackers can leverage the exposed JWT token to authenticate and gain unauthorized access with administrative permissions.
CVSS 9.8
CVE-2023-53900 EXPLOITDB HIGH text WORKING POC
Spip 4.1.10 - XSS
Spip 4.1.10 contains a file upload vulnerability that allows attackers to upload malicious SVG files with embedded external links. Attackers can trick administrators into clicking a crafted SVG logo that redirects to a potentially dangerous URL through improper file upload filtering.
CVSS 8.8
CVE-2023-53878 EXPLOITDB text WORKING POC
Member Login Script 3.3 - SSRF
Member Login Script 3.3 contains a client-side desynchronization vulnerability that allows attackers to manipulate HTTP request handling by exploiting Content-Length header parsing. Attackers can send crafted POST requests with smuggled secondary requests to potentially bypass server-side request processing controls.
CVE-2023-53877 EXPLOITDB CRITICAL text WORKING POC
Bus Reservation System 1.1 - SQL Injection
Bus Reservation System 1.1 contains a SQL injection vulnerability in the pickup_id parameter that allows attackers to manipulate database queries. Attackers can exploit boolean-based, error-based, and time-based blind SQL injection techniques to steal information from the database.
CVSS 9.8
CVE-2023-53871 EXPLOITDB CRITICAL text WORKING POC
Soosyze 2.0.0 - Code Injection
Soosyze 2.0.0 contains a file upload vulnerability that allows attackers to upload arbitrary HTML files with embedded PHP code to the application. Attackers can exploit the broken file upload mechanism to potentially view sensitive file paths and execute malicious PHP scripts on the server.
CVSS 9.8
CVE-2023-53870 EXPLOITDB text WORKING POC
Jorani 1.0.3 - XSS
Jorani 1.0.3 contains a reflected cross-site scripting vulnerability in the language parameter that allows attackers to inject malicious scripts. Attackers can craft XSS payloads in the language parameter to execute arbitrary JavaScript and potentially steal user session information.
CVE-2023-53869 EXPLOITDB text WORKING POC
WEBIGniter 28.7.23 - RCE
WEBIGniter 28.7.23 contains a file upload vulnerability that allows authenticated attackers to upload and execute dangerous PHP files through the media function. Attackers can leverage any created account to upload malicious PHP scripts that enable remote code execution on the application server.
CVE-2023-53734 EXPLOITDB text WRITEUP
dawa-pharma-1.0 - SQL Injection
dawa-pharma-1.0 allows unauthenticated attackers to execute SQL queries on the server, allowing them to access sensitive information and potentially gain administrative access.
CVE-2022-50895 EXPLOITDB CRITICAL text WORKING POC
Aero CMS 0.0.1 - SQL Injection
Aero CMS 0.0.1 contains a SQL injection vulnerability in the author parameter that allows attackers to manipulate database queries. Attackers can exploit boolean-based, error-based, time-based, and UNION query techniques to extract sensitive database information and potentially compromise the system.
CVSS 9.8
CVE-2023-54333 EXPLOITDB HIGH text WORKING POC
Social-Share-Buttons 2.2.3 - SQL Injection
Social-Share-Buttons 2.2.3 contains a critical SQL injection vulnerability in the project_id parameter that allows attackers to manipulate database queries. Attackers can exploit this vulnerability by sending crafted POST requests with malicious SQL payloads to retrieve and potentially steal entire database contents.
CVSS 8.2
CVE-2023-54328 EXPLOITDB MEDIUM text WORKING POC
Aimonesoft Aimone Video Converter - Buffer Overflow
AimOne Video Converter 2.04 Build 103 contains a buffer overflow vulnerability in its registration form that causes application crashes. Attackers can generate a 7000-byte payload to trigger the denial of service and potentially exploit the software's registration mechanism.
CVSS 6.5
CVE-2022-50805 EXPLOITDB HIGH text WORKING POC
Senayan Library Management System 9.0.0 - SQL Injection
Senayan Library Management System 9.0.0 contains a SQL injection vulnerability in the 'class' parameter that allows attackers to inject malicious SQL queries. Attackers can exploit the vulnerability by submitting crafted payloads to manipulate database queries and potentially extract sensitive information.
CVSS 8.2
CVE-2025-2783 EXPLOITDB HIGH text WORKING POC
Mojo in Google Chrome <134.0.6998.177 - RCE
Incorrect handle provided in unspecified circumstances in Mojo in Google Chrome on Windows prior to 134.0.6998.177 allowed a remote attacker to perform a sandbox escape via a malicious file. (Chromium security severity: High)
CVSS 8.3
CVE-2022-21907 EXPLOITDB CRITICAL text WORKING POC
HTTP Protocol Stack - RCE
HTTP Protocol Stack Remote Code Execution Vulnerability
CVSS 9.8
CVE-2025-47166 EXPLOITDB HIGH text WORKING POC
Microsoft Sharepoint Enterprise Server - Insecure Deserialization
Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.
CVSS 8.8
CVE-2025-49741 EXPLOITDB HIGH text WORKING POC
Microsoft Edge Chromium < 135.0.3179.98 - Information Disclosure
No cwe for this issue in Microsoft Edge (Chromium-based) allows an unauthorized attacker to disclose information over a network.
CVSS 7.4
CVE-2015-6176 EXPLOITDB text WORKING POC
Microsoft Edge - XSS
Microsoft Edge mishandles HTML attributes in HTTP responses, which allows remote attackers to bypass a cross-site scripting (XSS) protection mechanism via unspecified vectors, aka "Microsoft Edge XSS Filter Bypass Vulnerability."
CVE-2025-47165 EXPLOITDB HIGH python WORKING POC
Microsoft 365 Apps < 16.0.10417.20018 - Use After Free
Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
CVSS 7.8