This Metasploit module targets a vulnerability in Tomcat versions 6, 7, and 8 on Debian-based distributions where these older versions provide a vulnerable tomcat init script that allows local attackers…
>> CATEGORY: exploit
Oracle Database version 12.1.0.2 suffers from a privilege escalation vulnerability that achieves DBA access via the Spatial component.
This Metasploit module creates a local user with a username/password and root-level privileges. Note that a root-level account is not required to do this, which makes it a privilege escalation…
Dirty Cow arbitrary file write local privilege escalation exploit for macOS.
This Metasploit module demonstrates how an incorrect access control for the Lenovo Diagnostics Driver allows a low-privileged user the ability to issue device IOCTLs to perform arbitrary physical/virtual memory reads…
Online Eyewear Shop version 1.0 suffers from a remote SQL injection vulnerability.
eCommerce Marketplace Platform CMS version 1.7 suffers from a cross site scripting vulnerability.
eCommerce Marketplace Platform CMS version 1.7 suffers from a remote SQL injection vulnerability.
If the vmwgfx driver fails to copy the fence_rep object to userland, it tries to recover by deallocating the (already populated) file descriptor. This is wrong, as the fd gets…
This Metasploit module exploits a bug in io_uring leading to an additional put_cred() that can be exploited to hijack credentials of other processes. This exploit will spawn SUID programs to…