:: Deepquest ::

Local privilege escalation root exploit for Polkit’s pkexec vulnerability as described in CVE-2021-4034 and known as PwnKit. Written in Go.

Local privilege escalation exploit for a Linux kernel slab out-of-bounds write vulnerability. This exploit has been tested in an Ubuntu 21.04 Hirsute with kernel 5.11.0.

This archive contains demo exploits for CVE-2022-0185. There are two versions here. The non-kctf version (fuse version) specifically targets Ubuntu with kernel version 5.11.0-44. It does not directly return a root shell, but makes /bin/bash suid, which will lead to trivial privilege escalation. Adjusting the single_start and modprobe_path offsets should allow it to work on […]

Oracle WebLogic Server 14.1.1.0.0 – Local File Inclusion

WordPress Plugin Modern Events Calendar V 6.1 – SQL Injection (Unauthenticated)

WordPress Plugin RegistrationMagic V 5.0.1.5 – SQL Injection (Authenticated)

WordPress Plugin Mortgage Calculators WP 1.52 – Stored Cross-Site Scripting (XSS) (Authenticated)

TYPO3 femanager extension versions 6.0.0 through 6.0.3 and 5.5.0 and below suffer from a persistent cross site scripting vulnerability.

The H2 Database console suffers from an unauthenticated remote code execution vulnerability.

Online Project Time Management System version 1.0 suffers from multiple persistent cross site scripting vulnerabilities.