Lucene search
+L

3592 matches found

Exploit DB
Exploit DB
added 2021/02/02 12:0 a.m.194 views

Solaris 10 (Intel) - 'dtprintinfo' Local Privilege Escalation (2)

Exploit Title: Solaris 10 1/13 Intel - 'dtprintinfo' Local Privilege Escalation 2 Date: 2021-02-01 Exploit Author: Marco Ivaldi Vendor Homepage: https://www.oracle.com/solaris/solaris10/ Version: Solaris 10 Tested on: Solaris 10 1/13 Intel / raptordtprintcheckdirintel.c - Solaris/Intel 0day? LPE...

7.4AI score
Exploits0
Metasploit
Metasploit
added 2021/01/12 5:42 p.m.74 views

WordPress AIT CSV Import Export Unauthenticated Remote Code Execution

The AIT CSV Import/Export plugin use exploit/multi/http/wpaitcsvrce msf exploitwpaitcsvrce show targets ...targets... msf exploitwpaitcsvrce set TARGET msf exploitwpaitcsvrce show options ...show and set options... msf exploitwpaitcsvrce exploit This module requires Metasploit:...

9.8CVSS7.8AI score0.04655EPSS
Exploits2
ATTACKERKB
ATTACKERKB
added 2021/01/08 12:0 a.m.36 views

CVE-2020-16013

Inappropriate implementation in V8 in Google Chrome prior to 86.0.4240.198 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Recent assessments: gwillcox-r7 at November 22, 2020 2:37am UTC reported: Reported as exploited in the wild as part of Google’s 2020...

9.6CVSS8.7AI score0.02826EPSS
In wildExploits0References3
ATTACKERKB
ATTACKERKB
added 2021/01/08 12:0 a.m.43 views

CVE-2020-16017

Use after free in site isolation in Google Chrome prior to 86.0.4240.198 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Recent assessments: gwillcox-r7 at November 22, 2020 2:37am UTC reported: Reported as...

9.6CVSS9.1AI score0.02747EPSS
In wildExploits0References3
0day.today
0day.today
added 2021/01/03 12:0 a.m.734 views

Adobe Acrobat Reader Silent PDF Exploit 0day

0day PDF Exploit. All Chrome, Edge, Opera, Firefox, Microsoft Internet Explorer, Yandex, tested. Running smoothly Latest version. Adobe Acrobat Reader Works Seamlessly with All Versions of DC Latest version. Windows 7, Windows 8, Windows 8.1, Windows 10 Tested Works in the latest versions. All Ma...

1.8AI score
Exploits0
ATTACKERKB
ATTACKERKB
added 2020/12/29 12:0 a.m.273 views

CVE-2020-10148 SolarWinds Orion API authentication bypass and RCE

The SolarWinds Orion API is vulnerable to an authentication bypass that could allow a remote attacker to execute API commands. This vulnerability could allow a remote attacker to bypass authentication and execute API commands which may result in a compromise of the SolarWinds instance. SolarWinds...

9.8CVSS10AI score0.9198EPSS
In wildExploits3References4
HackRead
HackRead
added 2020/12/24 3:2 p.m.25 views

Google reveals unpatched 0day vulnerability in Microsoft’s API

By Sudais Asif Apparently, Microsoft released a patch to fix the vulnerability in June but it did not work the way it was supposed to and reminds unpatched to date. This is a post from HackRead.com Read the original post: Google reveals unpatched 0day vulnerability in Microsofts API...

2AI score
Exploits0
0day.today
0day.today
added 2020/12/18 12:0 a.m.225 views

Microsoft Office Word (2003/2007/2010/2013 +2016) Universal Silent 0day Exploit

Office 2016+2013+2010+2007+2003 versions are running smoothly. Combines your exe file with your word file. When word file is opened, your exe file opens quietly. This module exploits a stack buffer overflow in SCOMCTL.OCX. It uses a malicious RTF to embed the specially crafted...

4AI score
Exploits0
HackRead
HackRead
added 2020/10/31 7:37 p.m.28 views

Google reveals details on active vulnerability affecting Windows 10, 7

By Waqas Google Project Zero has disclosed a Windows 0day vulnerability that lets attackers to escape Chrome sandboxes and run malware on Windows. This is a post from HackRead.com Read the original post: Google reveals details on active vulnerability affecting Windows 10, 7...

5.2AI score
Exploits0
0day.today
0day.today
added 2020/10/07 12:0 a.m.807 views

Facebook steal Group 0day Exploit

Exploit can steal facebook Group and delete the old administrator and create a new administrator...

2.2AI score
Exploits0
Zero Day Initiative
Zero Day Initiative
added 2020/09/08 12:0 a.m.19 views

(0Day) Fuji Electric Tellus Lite V-Simulator 6 V9 File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fuji Electric Tellus Lite. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

7.8CVSS5.2AI score
Exploits0
0day.today
0day.today
added 2020/08/20 12:0 a.m.308 views

PNPSCADA 2.200816204020 - (interf) SQL Injection (Authenticated) Vulnerability

Exploit for php platform in category web applications Exploit Title: PNPSCADA 2.200816204020 - 'interf' SQL Injection Authenticated Exploit Author: İsmail ERKEK Vendor Homepage: http://wiki.pnpscada.com/forumHome.jsp Version: 2.200816204020 Tested on: - 1. Description: ----------------------...

0.6AI score
Exploits0
Zero Day Initiative
Zero Day Initiative
added 2020/08/19 12:0 a.m.23 views

(0Day) Horde Groupware Webmail Edition Collection portal_layout Deserialization of Untrusted Data Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Horde Groupware Webmail Edition. Authentication is required to exploit this vulnerability. The specific flaw exists within Collection.php. When parsing the portallayout parameter, the process does no...

6.3CVSS5.2AI score
Exploits0
ATTACKERKB
ATTACKERKB
added 2020/08/17 12:0 a.m.31 views

CVE-2020-1571

An elevation of privilege vulnerability exists in Windows Setup in the way it handles permissions.A locally authenticated attacker could run arbitrary code with elevated system privileges, aka ‘Windows Setup Elevation of Privilege Vulnerability’. Recent assessments: gwillcox-r7 at September 01,...

7.8CVSS8.1AI score0.01076EPSS
Exploits0References2
0day.today
0day.today
added 2020/08/15 12:0 a.m.251 views

QiHang Media Web Digital Signage 3.0.9 Credential Disclosure Vulnerability

QiHang Media Web Digital Signage version 3.0.9 suffers from a clear-text credential disclosure vulnerability that allows an unauthenticated attacker to issue a request to an unprotected directory that hosts an XML file /xml/User/User.xml and obtain administrative login information that allows for...

7.1AI score
Exploits0
0day.today
0day.today
added 2020/07/30 12:0 a.m.872 views

Wordpress Maintenance Mode by SeedProd 5.1.1 Plugin - Persistent Cross-Site Scripting Vulnerability

Exploit for php platform in category web applications Exploit Title: Wordpress Plugin Maintenance Mode by SeedProd 5.1.1 - Persistent Cross-Site Scripting Vendor Homepage: https://www.seedprod.com/ Vendor Changelog: https://wordpress.org/plugins/coming-soon/developers Exploit Author: Jinson...

3.5CVSS5.5AI score0.03757EPSS
Exploits5
0day.today
0day.today
added 2020/07/30 12:0 a.m.498 views

Online Shopping Alphaware 1.0 - Authentication Bypass Vulnerability

Exploit for php platform in category web applications Title: Online Shopping Alphaware 1.0 - Authentication Bypass Exploit Author: Ahmed Abbas Vendor Homepage: https://www.sourcecodester.com/php/14368/online-shopping-alphaware-phpmysql.html Software Link:...

Exploits0
0day.today
0day.today
added 2020/07/27 12:0 a.m.377 views

Webtareas 2.1p - Arbitrary File Upload (Authenticated) Vulnerability

Exploit for php platform in category web applications Exploit Title: Webtareas 2.1p - Arbitrary File Upload Authenticated Author: AppleBois Exploit author : AppleBois Vendor Hompage:https://sourceforge.net/projects/webtareas/ Version: 2.1 && 2.1p Tested on: Window 10 64 bit environment || XAMPP...

7.4AI score
Exploits0
0day.today
0day.today
added 2020/07/23 12:0 a.m.469 views

UBICOD Medivision Digital Signage 1.5.1 - Authorization Bypass Vulnerability

Exploit for hardware platform in category web applications Title: UBICOD Medivision Digital Signage 1.5.1 - Authorization Bypass Author: LiquidWorm Product web page: http://www.medivision.co.kr CVE: N/A Vendor: UBICOD Co., Ltd. | MEDIVISION INC. Product web page: http://www.medivision.co.kr...

7.1AI score
Exploits0
0day.today
0day.today
added 2020/07/15 12:0 a.m.222 views

Infor Storefront B2B 1.0 - (usr_name) SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: Infor Storefront B2B 1.0 - 'usrname' SQL Injection Google Dork: inurl:storefrontb2bweb Exploit Author: ratboy Vendor Homepage: https://www.insitesoft.com/infor-storefront/ Version: Infor Storefront Tested on: Windows All Version...

7.1AI score
Exploits0
Rows per page
Query Builder