Microsoft Internet Explorer 11 (Windows 10) - VBScript Memory Corruption (MS16-051)

Microsoft Internet Explorer 11 Windows 10 - VBScript Memory Corruption MS16-051 Source: https://github.com/theori-io/cve-2016-0189 CVE-2016-0189 Proof-of-Concept exploit for CVE-2016-0189 VBScript Memory Corruption in IE11 Tested on Windows 10 IE11. Write-up http://theori.io/research/cve-2016-018...

Microsoft Internet Explorer 11 (Windows 10) - VBScript Memory Corruption (MS16-051)

Source: https://github.com/theori-io/cve-2016-0189 CVE-2016-0189 Proof-of-Concept exploit for CVE-2016-0189 VBScript Memory Corruption in IE11 Tested on Windows 10 IE11. Write-up http://theori.io/research/cve-2016-0189 To run 1. Download support/.dll or compile .cpp for yourself and exploit/.html...

Nagios XI Multiple Vulnerabilities (Jun 2016)

Nagios XI is prone to multiple vulnerabilities. This VT has been deprecated and replaced by the VT with the OID: 1.3.6.1.4.1.25623.1.0.105749. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right...

Centreon 'POST' Parameter Multiple Vulnerabilities

Centreon is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:centreon:centreon"; ifdescription...

Microsoft Windows 7 - 'WebDAV' Local Privilege Escalation (MS16-016) (2)

Exploit Title: WebDAV Elevation of Privilege Vulnerability MS16-2 Date: 8/5/2016 Exploit Author: hex0r Version:WebDAV on Windows 7 84x CVE : CVE-2016-0051 Intro: Credits go to koczkatama for coding a PoC, however if you run this exploit from shell connection, not a remote desktop, the result will...

CVE-2016-4535

creationtimestamp| type| source ---|---|--- 2016-05-04 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/39770...

Multiple CCTV-DVR Vendors RCE Vulnerability - Active Check

The remote CCTV-DVR system is prone to a remote code execution RCE vulnerability. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

WPN-XM Server Stack Multiple Vulnerabilities

WPN-XM Server Stack is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:wpnxmserverstack:wpnxm"...

AKIPS Network Monitor OS Command Injection

AKIPS Network Monitor is prone to an OS Command Injection SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:akips:networkmonitor";...

WordPress DZS Videogallery Plugin Multiple Vulnerabilities

WordPress DZS Videogallery Plugin is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Netwrix Auditor 7.1.322.0 ActiveX (sourceFile) Stack Buffer Overflow Vulnerability

Summary Netwrix Auditor is an IT audit software that maximizes visibility of IT infrastructure changes and data access. The product provides actionable audit data about who changed what, when and where and who has access to what. Description The application suffers from a stack-based buffer...

Schneider Electric StruxureWare Building Operation Automation Server msh bypass

Added: 03/14/2016 CVE: CVE-2016-2278 Background The Schneider Electric StruxureWare Building Operation software suite provides integrated monitoring, control, and management of energy, HVAC, lighting and fire safety. The Automation Server is a building automation system for small and medium-sized...

Schneider Electric StruxureWare Building Operation Automation Server msh bypass

Added: 03/14/2016 CVE: CVE-2016-2278 Background The Schneider Electric StruxureWare Building Operation software suite provides integrated monitoring, control, and management of energy, HVAC, lighting and fire safety. The Automation Server is a building automation system for small and medium-sized...

Centreon web interface command injection

Added: 02/29/2016 Background Centreon is a suite of enterprise monitoring products written in PHP. Problem A command injection vulnerability in the Centreon web interface allows remote attackers to execute arbitrary commands by sending a specially crafted useralias parameter in a POST request. Th...

Centreon web interface command injection

Added: 02/29/2016 Background Centreon is a suite of enterprise monitoring products written in PHP. Problem A command injection vulnerability in the Centreon web interface allows remote attackers to execute arbitrary commands by sending a specially crafted useralias parameter in a POST request. Th...

CVE-2016-1839

creationtimestamp| type| source ---|---|--- 2016-02-24 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/39491...

D-Link DCS-930L 远程代码执行漏洞

参考：https://www.exploit-db.com/exploits/39437/...

Atlassian Confluence XSS and Insecure Direct Object Reference Vulnerabilities

Atlassian Confluence is prone to cross site scripting and insecure direct object reference vulnerabilities. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...

Chinese Caidao Backdoor Bruteforce

This module attempts to bruteforce chinese caidao asp/php/aspx backdoor. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'metasploit/framework/credentialcollection' require...

CVE-2010-4417

creationtimestamp| type| source ---|---|--- 2015-12-03 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/38859 2018-05-29 15:50:33+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/http/oraclebeehiveevaluation.rb 2025-02-06 03:13:40+00:0...