Legrand BTicino Driver Manager F454 1.0.51 Authenticated Stored XSS Exploit

Summary Audio/video web server for the remote control of the system using web pages or the MY HOME portal. The device can operate as a gateway for the use of the MHVisual and Virtual Configurator software - 6 DIN modules. It replaces item F453 and F453AV. Description The application suffers from ...

Prinect Archive System 2015 Release 2.6 - Cross-Site Scripting

Prinect Archive System 2015 Release 2.6 - Cross-Site Scripting Details ================ Software: Prinect Archive System Version: v2015 Release 2.6 Homepage: https://www.heidelberg.com Advisory report: https://github.com/alt3kx/CVE-2019-10685 CVE:...

Prinect Archive System 2015 Release 2.6 - Cross-Site Scripting

Details ================ Software: Prinect Archive System Version: v2015 Release 2.6 Homepage: https://www.heidelberg.com Advisory report: https://github.com/alt3kx/CVE-2019-10685 CVE: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10685 CVSS: 6.1...

Base64 Decoder 1.1.2 - Local Buffer Overflow (SEH Egghunter)

!/usr/bin/env python Exploit Title: Base64 Decoder 1.1.2 Local Buffer Overflow SEH + Egghunter Date: 28.03.2019 Exploit Author: Paolo Perego - [email protected] Vendor Homepage: http://4mhz.de/b64dec.html Software Link: http://4mhz.de/download.php?file=b64dec-1-1-2.zip Version: Base64 Decoder...

WordPress Media File Manager Plugin < 1.4.4 Multiple Vulnerabilities

The WordPress plugin SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only if description scriptoid"1.3.6.1.4.1.25623.1.0.112533";...

WordPress Wise Chat Plugin < 2.7 Mashandling of External Links Vulnerability

The WordPress plugin Copyright C 2019 Greenbone Networks GmbH SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the...

CVE-2019-9194

creationtimestamp| type| source ---|---|--- 2019-03-04 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/46481 2019-03-11 20:19:00+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/unix/webapp/elfinderphpconnectorexiftrancmdinjection.rb 2019-03-...

DomainMOD 4.11.01 Custom Domain Cross Site Scripting

Exploit Title : DomainMOD 4.11.01 and before - Custom Domain Fields Cross-Site Scripting Author Discovered By : Mohammed Abdul Raheem Company Name : TrekShield IT Solutions Date : 04-12-2019 Vendor Homepage : https://domainmod.org/ Software Information Link : https://github.com/DomainMod/DomainMo...

DomainMOD 4.11.01 DisplayName Cross Site Scripting

Exploit Title : DomainMOD 4.11.01 and before - 'DisplayName' Cross-Site Scripting Author Discovered By : Mohammed Abdul Raheem Company Name : TrekShield IT Solutions Date : 09-12-2019 Vendor Homepage : https://domainmod.org/ Software Information Link : https://github.com/DomainMod/DomainMod...

RealTerm Serial Terminal 2.0.0.70 - &#039;Echo Port&#039; Buffer Overflow (SEH)

Exploit Title: RealTerm: Serial Terminal 2.0.0.70 - 'Echo Port' Buffer Overflow - SEH Date: 21.02.2019 Exploit Author: Matteo Malvica Vendor Homepage: https://realterm.sourceforge.io/ Software Link: https://sourceforge.net/projects/realterm/files/ Version: 2.0.0.70 Category: Local Contact:...

RealTerm Serial Terminal 2.0.0.70 - Echo Port Buffer Overflow (SEH) Exploit

Exploit for windows platform in category local exploits Exploit Title: RealTerm: Serial Terminal 2.0.0.70 - 'Echo Port' Buffer Overflow - SEH Date: 21.02.2019 Exploit Author: Matteo Malvica Vendor Homepage: https://realterm.sourceforge.io/ Software Link:...

RealTerm Serial Terminal 2.0.0.70 Echo Port Buffer Overflow

Exploit Title: RealTerm: Serial Terminal 2.0.0.70 - 'Echo Port' Buffer Overflow - SEH Date: 21.02.2019 Exploit Author: Matteo Malvica Vendor Homepage: https://realterm.sourceforge.io/ Software Link: https://sourceforge.net/projects/realterm/files/ Version: 2.0.0.70 Category: Local Contact:...

CVE-2019-3924

creationtimestamp| type| source ---|---|--- 2019-02-21 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/46444 2019-02-21 05:45:40+00:00| seen| Telegram/2E2dy9OYYaEYmhdkxDpQcX-ZNfT83PbwDTTfo0Aql9rM 2019-02-22 02:26:30+00:00| published-proof-of-concept|...

Flaw in snapd Allows Root Access to Linux Servers

A local privilege-escalation vulnerability in Canonical’s snapd package has been uncovered, which would allow any user to obtain administrator privileges and immediate root access to affected Linux system servers. Snapd is used by Linux users to download and install apps in the .snap file format...

Lua 5.3.5 - &#039;debug.upvaluejoin&#039; Use After Free

Exploit Title: Lua 5.3.5 Exploit Author: Fady Mohamed Osman https://twitter.com/fadyothman Exploit-db : http://www.exploit-db.com/author/?a=2986 Blog : https://blog.fadyothman.com/ Date: Jan. 10th 2019 Vendor Homepage: https://www.lua.org/ Software Link: https://www.lua.org/ftp/lua-5.3.5.tar.gz...

CloudMe Sync 1.11.2 - Buffer Overflow + Egghunt

CloudMe Sync 1.11.2 - Buffer Overflow + Egghunt Exploit Title: CloudMe Sync v1.11.2 Buffer Overflow + Egghunt Date: 23.04.2018 Exploit Author:T3jv1l Vendor Homepage:https://www.cloudme.com/en Software: https://www.cloudme.com/downloads/CloudMe1112.exe Category:Local...

CloudMe Sync 1.11.2 - Buffer Overflow + Egghunt Exploit

Exploit Title: CloudMe Sync v1.11.2 Buffer Overflow + Egghunt Exploit Author:T3jv1l Vendor Homepage:https://www.cloudme.com/en Software: https://www.cloudme.com/downloads/CloudMe1112.exe Category:Local Contact:https://twitter.com/T3jv1l Version: CloudMe Sync 1.11.2 - Buffer Overflow + Egghunt...

CloudMe Sync 1.11.2 - Buffer Overflow + Egghunt

Exploit Title: CloudMe Sync v1.11.2 Buffer Overflow + Egghunt Date: 23.04.2018 Exploit Author:T3jv1l Vendor Homepage:https://www.cloudme.com/en Software: https://www.cloudme.com/downloads/CloudMe1112.exe Category:Local Contact:https://twitter.com/T3jv1l Version: CloudMe Sync 1.11.2 - Buffer...

i-doit CMDB <= 1.12 Arbitrary File Download Vulnerability

i-doit CMDB is prone to an authenticated arbitrary file download vulnerability. Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program...

Leica Geosystems GR10/GR25/GR30/GR50 GNSS 4.30.063 Cross-Site Request Forgery

Summary The Leica GR10 is the next generation GNSS reference station receiver that combines the latest state-of-the-art technologies with a streamlined 'plug and play' workflow. Designed for a wide variety of GNSS reference station applications, the Leica GR10 offers new levels of simplicity,...