CVE-2025-2011.zip
4.9 KB
CVE-2025-2011
Author: Ashwesker
The Slider & Popup Builder by Depicter plugin for WordPress is vulnerable to generic SQL Injection via the ‘s' parameter in all versions up to, and including, 3.6.1 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.
GitHub Link:
https://github.com/Ashwesker/Blackash-CVE-2025-2011
Author: Ashwesker
The Slider & Popup Builder by Depicter plugin for WordPress is vulnerable to generic SQL Injection via the ‘s' parameter in all versions up to, and including, 3.6.1 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.
GitHub Link:
https://github.com/Ashwesker/Blackash-CVE-2025-2011
CVE-2024-20666.zip
8.4 KB
CVE-2024-20666
Author: tazxtazxedu
BitLocker Security Feature Bypass Vulnerability
GitHub Link:
https://github.com/tazxtazxedu/WinRE-Fix
Author: tazxtazxedu
BitLocker Security Feature Bypass Vulnerability
GitHub Link:
https://github.com/tazxtazxedu/WinRE-Fix
CVE-2023-26360.zip
4.9 KB
CVE-2023-26360
Author: RyanRodrigues880
Adobe ColdFusion versions 2018 Update 15 (and earlier) and 2021 Update 5 (and earlier) are affected by an Improper Access Control vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue does not require user interaction.
GitHub Link:
https://github.com/RyanRodrigues880/CVE-2023-26360
Author: RyanRodrigues880
Adobe ColdFusion versions 2018 Update 15 (and earlier) and 2021 Update 5 (and earlier) are affected by an Improper Access Control vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue does not require user interaction.
GitHub Link:
https://github.com/RyanRodrigues880/CVE-2023-26360
CVE-2018-10933.zip
1010 B
CVE-2018-10933
Author: opsifiz
A vulnerability was found in libssh's server-side state machine before versions 0.7.6 and 0.8.4. A malicious client could create channels without first performing authentication, resulting in unauthorized access.
GitHub Link:
https://github.com/opsifiz/CVE-2018-10933
Author: opsifiz
A vulnerability was found in libssh's server-side state machine before versions 0.7.6 and 0.8.4. A malicious client could create channels without first performing authentication, resulting in unauthorized access.
GitHub Link:
https://github.com/opsifiz/CVE-2018-10933
CVE-2018-17254.zip
2.5 KB
CVE-2018-17254
Author: 7amzahard
The JCK Editor component 6.4.4 for Joomla! allows SQL Injection via the jtreelink/dialogs/links.php parent parameter.
GitHub Link:
https://github.com/7amzahard/script-python-to-detect-CVE-2018-17254
Author: 7amzahard
The JCK Editor component 6.4.4 for Joomla! allows SQL Injection via the jtreelink/dialogs/links.php parent parameter.
GitHub Link:
https://github.com/7amzahard/script-python-to-detect-CVE-2018-17254