3592 matches found
Microsoft Outlook Remote Code Execution 0day Exploit
Microsoft Outlook Remote Code Execution 0day Exploit - zero-click exploit leading to remote code execution when receiving/downloading emails in Outlook, without requiring any user interaction such as reading the malicious email message or opening an attachment...
Exploit for CVE-2022-44666
Microsoft Windows Contacts VCF/Contact/LDAP syslink control...
Microsoft Office Visio VSD Silent Builder Exploit
0day exploit is a program that injects any executable formatted file .exe into the desired visio .vsd file. The exe is automatically executed when the file.vsd is opened. Bypasses all antivirus programs...
Microsoft Releases Workaround for ‘One-Click’ 0Day Under Active Attack
Microsoft has released a workaround for a zero-day flaw that was initially flagged in April and that attackers already have used to target organizations in Russia and Tibet, researchers said. The remote control execution RCE flaw, tracked as CVE-2022-3019, is associated with the Microsoft Support...
Fronton IOT Botnet Packs Disinformation Punch
A fresh look at the Fronton DDoS-focused botnet reveals the criminal tool has more capabilities than previously known. The Fronton botnet first made the headline in March 2020. That is when, according to news reports, a hacktivist group called Digital Revolution said it obtained documents claimin...
Joomla! 4.1.2 Shell Upload 0day Exploit
...
School Club Application System 1.0 Local File Inclusion
Title: School Club Application System 1.0 LFI To RCE Author: Hejap Zairy Date: 08.04.2022 Vendor: https://www.sourcecodester.com/php/15266/school-club-application-system-phpoop-free-source-code.html Software: https://www.sourcecodester.com/sites/default/files/download/oretnom23/scas0.zip Referenc...
Spring-Spel-0Day-Poc - Spring-Cloud / spring-cloud-function, spring.cloud.function.routing-expression, RCE, 0day, 0-day, POC, EXP
spring-cloud/spring-cloud-function RCE EXP POC https://github.com/spring-cloud/spring-cloud-function header spring.cloud.function.routing-expression:Tjava.lang.Runtime.getRuntime.exec"open -a calculator.app" build wget...
Exploit for Code Injection in Vmware Spring_Cloud_Function
CVE-2022-22963 - Spring4shell To run the vulnerable SpringBoot...
Message System 1.0 Local File Inclusion Vulnerability
Title: Message System 1.0 LFI To RCE Author: Hejap Zairy Vendor: https://www.sourcecodester.com/php/15249/message-system-phpoop-free-source-code.html Software:https://www.sourcecodester.com/sites/default/files/download/oretnom23/pmms1.zip Reference: https://github.com/Matrix07ksa Tested on:...
Audio Conversion Wizard v2.01 - Buffer Overflow Exploit
Exploit Title: Audio Conversion Wizard v2.01 - Buffer Overflow Exploit Author: Hejap Zairy Software Link: https://www.litexmedia.com/acwizard.exe Tested Version: v2.01 Tested on: Windows 10 64bit 1.- Run python code : 0day-HejapZairy.py 2.- Open 0dayHejap.txt and copy All content to Clipboard 3.-...
(0Day) Ecava IntegraXor Inkscape EMF File Parsing Out-Of-Bound Read Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Ecava IntegraXor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsi...
Twitter reset account Private Method 0day Exploit
Twitter reset any Account Private Method Exploit...
WordPress 5.9.0 core Remote Code Execution 0day Exploit
This python exploit allow remote code execution, work with default installations and should not require any authentication or user interaction...
Hotmail.com reset account 0day Exploit
Hotmail.com 0day Exploit can reset any email account...
Log4j 0day mitigation update CVE-2021-44228
Wallarm has rolled out the update to detect and mitigate CVE-2021-44228. No additional actions are required from the customers Attempts at exploitation will be automatically blocked in a blocking mode When working in a monitoring mode, consider creating a virtual patch Log4Shell A 0-day exploit i...
Exploit for Path Traversal in Grafana
Grafana V8. Arbitrary File Reading Vulnerability – Multi-t...
Ericsson Network Location MPS GMPC21 Remote Code Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Ericsson Network Location MPS - Restrictions Bypass RCE Meow Variant', 'Description' = %q This module exploits an arbitrary command execution...
CVE-2021-37976
Inappropriate implementation in Memory in Google Chrome prior to 94.0.4606.71 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. Recent assessments: gwillcox-r7 at October 02, 2021 7:27pm UTC reported: More info will be available at...
(0Day) Fuji Electric Tellus Lite V9 File Parsing Memory Corruption Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fuji Electric Tellus Lite. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...