CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

3100 matches found

0day.today•added 2018/08/13 12:0 a.m.•121 views

PostgreSQL 9.4-0.5.3 - Privilege Escalation Exploit

Exploit for linux platform in category local exploits Exploit Title: PostgreSQL 9.4-0.5.3 - Privilege Escalation Exploit Author: Johannes Segitz Vendor Homepage: https://bugzilla.suse.com/showbug.cgi?id=1062722 Software Link: - Version: Before postgresql-init-9.4-0.5.3.1 Tested on: SUSE Linux...

6.9CVSS0.2AI score0.00813EPSS

Exploits4

Packet Storm•added 2018/08/09 12:0 a.m.•37 views

TP-Link C50 Wireless Router 3 Information Disclosure Cross Site Request Forgery

Exploit Title: TP-Link C50 Wireless Router 3 - Cross-Site Request Forgery Information Disclosure Date: 2018-08-09 Exploit Author: Wadeek Vendor Homepage: https://www.tp-link.com/ Hardware Version: Archer C50 v3 00000001 Firmware Link: https://www.tp-link.com/download/Archer-C50V3.htmlFirmware...

7.4AI score

Exploits0

0day.today•added 2018/08/09 12:0 a.m.•267 views

Linux Kernel 4.14.7 ( Ubuntu 16.04 / CentOS 7) Arbitrary File Read Exploit

Exploit for linux platform in category local exploits // A proof-of-concept exploit for CVE-2017-18344. // Includes KASLR and SMEP bypasses. No SMAP bypass. // No support for 1 GB pages or 5 level page tables. // Tested on Ubuntu xenial 4.4.0-116-generic and 4.13.0-38-generic // and on CentOS 7...

6.8AI score0.11608EPSS

Exploits8

exploitpack•added 2018/07/31 12:0 a.m.•10 views

LG NAS 3718.510.a0 - Remote Command Execution

LG NAS 3718.510.a0 - Remote Command Execution LG NAS 3718.510.a0 - Remote Command Execution Author: @0x616163 Date: 2018-07-29 Credits: https://www.vpnmentor.com/blog/critical-vulnerability-found-majority-lg-nas-devices/ CVE: N/A Firmware Version: 3718.510.a0 !/usr/bin/env python import sys impor...

0.2AI score

Exploits0

Exploit DB•added 2018/07/27 12:0 a.m.•55 views

Online Trade 1 - Information Disclosure

Exploit Title: Online Trade 1 - Information Disclosure Exploit Author: Dhamotharan Date: 2018-07-17 Vendor Homepage: https://codecanyon.net/item/online-trade-online-forex-and-cryptocurrency-investment-system/21987193?srank=14 CVE : CVE-2018-14328 Version: 1 Tested on: Kali Linux Description :...

9.8CVSS9.7AI score0.17044EPSS

Exploits5

0day.today•added 2018/07/25 12:0 a.m.•20 views

10-Strike LANState 8.8 - Local Buffer Overflow (SEH) Exploit

Exploit for windows platform in category local exploits Exploit Title: 10-Strike LANState 8.8 - Local Buffer Overflow SEH Exploit Author: absolomb Vendor Homepage: https://www.10-strike.com/products.shtml Software Link: https://www.10-strike.com/lanstate/download.shtml Version 8.8 Tested on:...

0.3AI score

Exploits0

Exploit DB•added 2018/07/24 12:0 a.m.•40 views

D-link DAP-1360 - Path Traversal / Cross-Site Scripting

Exploit Title: D-Link DAP-1360 File path traversal and Cross site scriptingreflected can lead to Authentication Bypass easily. Date: 20-07-2018 Exploit Author: r3m0t3nu11 Contact : http://twitter.com/r3m0t3nu11 Vendor : www.dlink.com Version: Hardware version: F1 Firmware version: 6.O5 Tested...

7.4AI score

Exploits0

Exploit DB•added 2018/07/20 12:0 a.m.•46 views

Touchpad / Trivum WebTouch Setup 2.53 build 13163 - Authentication Bypass

Exploit Title: Touchpad / Trivum WebTouch Setup V9 V2.53 build 13163 - Unauthorized Authentication Reset Date: 2018-07-20 Software Link: https://world.trivum-shop.de Version: 2.56 build 13381 - 12-07-2018 Category: webapps Tested on: Touchpad / Trivum WebTouch Setup V9 V2.53 build 13163 of Apr 6...

9.8CVSS9.7AI score0.48817EPSS

Exploits3

wpexploit•added 2018/07/20 12:0 a.m.•22 views

Multi Step Form <= 1.2.5 - Multiple Unauthenticated Reflected XSS

WordPress Plugin Multi Step Form before 1.2.5 allows remote users to execute JavaScript code through Reflected XSS attacks. This issue can be exploited by unauthenticated attackers, by the use of CSRF, for example. The following parameters are vulnerable in fwsenddata function: fwdataid1 fwdataid...

4.3CVSS0.6AI score0.00826EPSS

Exploits2References2

exploitpack•added 2018/07/11 12:0 a.m.•33 views

Instagram-Clone Script 2.0 - Cross-Site Scripting

Instagram-Clone Script 2.0 - Cross-Site Scripting Exploit Title: Instagram-clone Script 2.0 - Cross-Site Scripting Date: 2018-07-10 Exploit Author: L0RD Vendor Homepage: https://github.com/yTakkar/Instagram-clone Version: 2.0 CVE: CVE-2018-13849 Tested on: Kali linux POC : Persistent Cross site...

4.3CVSS6.1AI score0.00296EPSS

Exploits5

0day.today•added 2018/07/10 12:0 a.m.•71 views

Tor Browser < 0.3.2.10 - Use After Free (PoC ) Exploit

Tor Browser versions 0.3.2.x before 0.3.2.10 suffer from a use-after-free vulnerability that can result in a denial of service condition. Exploit Title: Tor Browser - Use After Free PoC Exploit Author: t4rkd3vilz Vendor Homepage: https://www.torproject.org/ Software Link:...

5CVSS7.4AI score0.10444EPSS

Exploits4

seebug.org•added 2018/06/29 12:0 a.m.•35 views

RabbitMQ Web Management < 3.7.6 - Cross-Site Request Forgery (Add Admin)

Add RabbitMQ Admin window.onload = rabbit.submit...

0.6AI score

Exploits0

seebug.org•added 2018/06/29 12:0 a.m.•24 views

BEESCMS 4.0 - Cross-Site Request Forgery (Add Admin)(CVE-2018-12739)

history.pushState'', '', '/'...

0.7AI score0.00236EPSS

Exploits6

Exploit DB•added 2018/06/21 12:0 a.m.•39 views

LFCMS 3.7.0 - Cross-Site Request Forgery (Add User)

Exploit Title: A CSRF vulnerability exists in LFCMS3.7.0: users can be added arbitrarily. Date: 2018-06-20 Exploit Author: bay0net Vendor Homepage: https://www.cnblogs.com/v1vvwv/p/9203740.html Software Link: http://www.lfdycms.com/home/down/index/id/26.html Version: 3.7.0 CVE : CVE-2018-12602 A...

8.8CVSS8.8AI score0.00262EPSS

Exploits5

exploitpack•added 2018/06/21 12:0 a.m.•26 views

LFCMS 3.7.0 - Cross-Site Request Forgery (Add User)

LFCMS 3.7.0 - Cross-Site Request Forgery Add User Exploit Title: A CSRF vulnerability exists in LFCMS3.7.0: users can be added arbitrarily. Date: 2018-06-20 Exploit Author: bay0net Vendor Homepage: https://www.cnblogs.com/v1vvwv/p/9203740.html Software Link:...

6.8CVSS0.2AI score0.00262EPSS

Exploits5

Exploit DB•added 2018/06/20 12:0 a.m.•57 views

TP-Link TL-WA850RE - Remote Command Execution

!/usr/bin/env python Exploit Title: TP-Link Technologies TL-WA850RE Wi-Fi Range Extender - Command Execution Date: 19/06/2018 Exploit Author: yoresongo - Advisability S.A.S Colombia www.advisability.co Vendor Homepage: https://www.tp-link.com/ Firmware Link:...

7.4AI score

Exploits0

Cvelist•added 2018/05/29 8:0 p.m.•13 views

CVE-2017-16047

mysqljs was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm...

7.5AI score0.00322EPSS

Exploits0References1

Exploit DB•added 2018/05/25 12:0 a.m.•178 views

Oracle WebCenter FatWire Content Server < 7 - Improper Access Control

Exploit Title: Oracle WebCenter FatWire Content Server 7 - Improper Access Control Dork: inurl:Satellite?pagename Date: 2017-10-17 Exploit Author: Sebastian Cornejo Olave Vendor Homepage: http://oracle.com Version: 5.5.2 ,7.5 = CVE: CVE-2017-10033 Category: Webapps Tested on: Kali linux...

4CVSS4.7AI score0.00613EPSS

Exploits3

0day.today•added 2018/05/24 12:0 a.m.•37 views

Timber 1.1 - Cross-Site Request Forgery Vulnerability

Exploit for php platform in category web applications Exploit Title: Timber - Ultimate Freelancer Platform 1.1 - Cross site request forgery Date: 2018-05-24 Exploit Author: L0RD or email protected Vendor Homepage: https://codecanyon.net/item/timber-ultimate-freelancer-platform/14747284?srank=1717...

7.4AI score

Exploits0

exploitpack•added 2018/05/24 12:0 a.m.•31 views

Timber 1.1 - Cross-Site Request Forgery

Timber 1.1 - Cross-Site Request Forgery Exploit Title: Timber - Ultimate Freelancer Platform 1.1 - Cross site request forgery Date: 2018-05-24 Exploit Author: L0RD or [email protected] Vendor Homepage: https://codecanyon.net/item/timber-ultimate-freelancer-platform/14747284?srank=1717...

0.5AI score

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by