CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

exploitpack•added 2016/03/22 12:0 a.m.•11 views

WordPress Plugin HB Audio Gallery Lite 1.0.0 - Arbitrary File Download

WordPress Plugin HB Audio Gallery Lite 1.0.0 - Arbitrary File Download Exploit Title: Wordpress Plugin HB Audio Gallery Lite - Arbitrary File Download Exploit Author: CrashBandicot Date: 2016-03-22 Google Dork : inurl:/wp-content/plugins/hb-audio-gallery-lite Vendor Homepage:...

7.3AI score

Exploit DB•added 2016/03/22 12:0 a.m.•27 views

WordPress Plugin HB Audio Gallery Lite 1.0.0 - Arbitrary File Download

Exploit Title: Wordpress Plugin HB Audio Gallery Lite - Arbitrary File Download Exploit Author: CrashBandicot Date: 2016-03-22 Google Dork : inurl:/wp-content/plugins/hb-audio-gallery-lite Vendor Homepage: https://fr.wordpress.org/plugins/hb-audio-gallery-lite/ Tested on: MSWin32 Version: 1.0.0...

wpexploit•added 2016/03/22 12:0 a.m.•8 views

Memphis Document Library Plugin <= 3.1.5 - Arbitrary File Download

The function "mdocsimgpreview" is in charge of downloading image previews previously uploaded by the administrator, but it does not sanitize the file path being downloaded, thus, allowing to download arbitrary files in the file system. The vulnerable GET parameter is "mdocs-img-preview". The...

0.9AI score

Exploits0References1

WPVulnDB•added 2016/03/22 12:0 a.m.•16 views

Memphis Document Library Plugin <= 3.1.5 - Arbitrary File Download

0.6AI score

Exploits0References1Affected Software1

Packet Storm•added 2016/03/22 12:0 a.m.•27 views

WordPress HB Audio Gallery Lite 1.0.0 Arbitrary File Download

Hacker One•added 2016/03/11 9:42 p.m.•12 views

Imgur: Local file read in image editor

Filepaths were able to traverse up outside of their intended directory when using the /edit/process API endpoint. Insufficient imageid filtration in image editor allowed an attacker to read arbitrary files. An attacker could read files by setting file path in imageid GET param in /edit/process AP...

1.9AI score

CNVD•added 2016/03/07 12:0 a.m.•2 views

Exim Configuration File Path Elevation of Privilege Vulnerability

Exim is an open source messaging agent MTA developed by the University of Cambridge in the UK that runs on Unix systems and is responsible for routing, forwarding and delivering mail. A security vulnerability exists in Exim that stems from an error in the program's handling of environment variabl...

7CVSS7.6AI score0.5677EPSS

Exploits13References1

exploitpack•added 2016/02/04 12:0 a.m.•33 views

D-Link DVGN5402SP - Multiple Vulnerabilities

D-Link DVGN5402SP - Multiple Vulnerabilities Exploit Title: DLink DVGN5402SP Multiple Vulnerabilities Discovered by: Karn Ganeshen Vendor Homepage: www.dlink.com/ Versions Reported: Multiple - See below CVE-IDs: CVE-2015-7245 + CVE-2015-7246 + CVE-2015-7247 DLink DVGN5402SP File Path Traversal...

10CVSS0.4AI score0.89373EPSS

0day.today•added 2016/02/04 12:0 a.m.•65 views

D-Link DVGN5402SP - Multiple Vulnerabilities

Exploit for hardware platform in category web applications Exploit Title: DLink DVGN5402SP Multiple Vulnerabilities Discovered by: Karn Ganeshen Vendor Homepage: www.dlink.com/ Versions Reported: Multiple - See below CVE-IDs: CVE-2015-7245 + CVE-2015-7246 + CVE-2015-7247 DLink DVGN5402SP File...

10CVSS0.4AI score0.89373EPSS

Exploit DB•added 2016/02/04 12:0 a.m.•45 views

D-Link DVGN5402SP - Multiple Vulnerabilities

Exploit Title: DLink DVGN5402SP Multiple Vulnerabilities Discovered by: Karn Ganeshen Vendor Homepage: www.dlink.com/ Versions Reported: Multiple - See below CVE-IDs: CVE-2015-7245 + CVE-2015-7246 + CVE-2015-7247 DLink DVGN5402SP File Path Traversal, Weak Credentials Management, and Sensitive...

10CVSS8.7AI score0.89373EPSS

myhack58•added 2016/01/29 12:0 a.m.•72 views

Ruby on Rails remote code execution vulnerability analysis (CVE-2 0 1 6-0 7 5 2)-vulnerability warning-the black bar safety net

If your application uses a dynamic rendering path, such as render params:id, and then unfortunately, the application currently by the presence of local file inclusion and lead to remote code execution vulnerabilities, please quickly move your Rails to update to the latest version, or for your...

4.3CVSS0.5271EPSS

Exploits2

NVD•added 2015/12/24 1:59 a.m.•9 views

CVE-2015-7934

The Java client in Adcon Telemetry A840 Telemetry Gateway Base Station allows remote attackers to discover log-file pathnames via unspecified vectors...

8.6CVSS8.9AI score0.00404EPSS

Exploits0References2

seebug.org•added 2015/12/24 12:0 a.m.•35 views

F5 Big-IP 10.2.4 Build 595.0 Hotfix HF3 文件读取漏洞

Exploit Title: F5 BigIP File Path Traversal Vulnerability Discovered by: Karn Ganeshen Reported on: April 27, 2015 New version released on: September 01, 2015 Vendor Homepage: www.f5.com Version Reported: F5 BIG-IP 10.2.4 Build 595.0 Hotfix HF3 CVE-2015-4040 https://vulners.com/cve/CVE-2015-4040...

4CVSS6.4AI score0.06773EPSS

Exploits5

Metasploit•added 2015/12/14 6:40 p.m.•33 views

Redis File Upload

This module can be used to leverage functionality exposed by Redis to achieve somewhat arbitrary file upload to a file and directory to which the user account running the redis instance has access. It is not totally arbitrary because the exact contents of the file cannot be completely controlled...

Exploit DB•added 2015/12/08 12:0 a.m.•41 views

SIMOGEO FileManager 2.3.0 - Multiple Vulnerabilities

Exploit Title: SIMOGEO FileManager 2.3.0 - Path Traversal Vulnerability Date: 2015-12-09 Exploit Author: HaHwul Exploit Author Blog: http://www.codeblack.net Vendor Homepage: https://github.com/simogeo/Filemanager Software Link: git clone http://github.com/simogeo/Filemanager.git Version: 2.3.0...

Prion•added 2015/11/17 3:59 p.m.•12 views

Design/Logic Flaw

sudoedit in Sudo before 1.8.15 allows local users to gain privileges via a symlink attack on a file whose full path is defined using multiple wildcards in /etc/sudoers, as demonstrated by "/home///file.txt."...

7.2CVSS6.8AI score0.05506EPSS

Exploits5References9Affected Software1

Packet Storm•added 2015/11/17 12:0 a.m.•30 views

LineNity WP Premium Theme Local File Inclusion

Document Title: =============== LineNity WP Premium Theme - File Include Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1645 Release Date: ============= 2015-11-15 Vulnerability Laboratory ID VL-ID: ==================================== 164...