Lucene search
K

1670 matches found

Exploit DB
Exploit DB
added 2021/05/18 12:0 a.m.256 views

EgavilanMedia PHPCRUD 1.0 - 'First Name' SQL Injection

Exploit Title: EgavilanMedia PHPCRUD 1.0 - 'First Name' SQL Injection Date: 5/17/2021 Exploit Author: Dimitrios Mitakos Vendor Homepage: https://egavilanmedia.com Software Link: https://egavilanmedia.com/crud-operation-with-php-mysql-bootstrap-and-dompdf/ Version: 1.0 Tested on: Debian GNU/Linux ...

7.4AI score
Exploits0
OSV
OSV
added 2021/02/17 10:15 p.m.31 views

CVE-2021-26720

avahi-daemon-check-dns.sh in the Debian avahi package through 0.8-4 is executed as root via /etc/network/if-up.d/avahi-daemon, and allows a local attacker to cause a denial of service or create arbitrary empty files via a symlink attack on files under /run/avahi-daemon. NOTE: this only affects th...

7.8CVSS6.7AI score0.00395EPSS
Exploits0References10
Kitploit
Kitploit
added 2020/07/08 9:30 p.m.53 views

Harbian-Audit - Hardened Debian GNU/Linux Distro Auditing

Hardened Debian GNU/Linux and CentOS 8 distro auditing. The main test environment is in debian GNU/Linux 9/10 and CentOS 8, and other versions are not fully tested. There are no implementations of desktop and SELinux related items in this release. The code framework is based on the OVH-debian-cis...

7.4AI score
Exploits0References20
0day.today
0day.today
added 2020/02/11 12:0 a.m.119 views

OpenSMTPD 6.6.1 - Local Privilege Escalation Exploit

Exploit Title: OpenSMTPD 6.6.1 - Local Privilege Escalation Date: 2020-02-02 Exploit Author: Marco Ivaldi Vendor Homepage: https://www.opensmtpd.org/ Version: OpenSMTPD 6.4.0 - 6.6.1 Tested on: OpenBSD 6.6, Debian GNU/Linux bullseye/sid with opensmtpd 6.6.1p1-1 CVE: CVE-2020-7247 !/usr/bin/perl...

10CVSS9.2AI score0.98946EPSS
Exploits27
CERT
CERT
added 2020/01/31 12:0 a.m.67 views

OpenSMTPD vulnerable to local privilege escalation and remote code execution

Overview Qualys Research Labs found that the smtpmailaddr function in OpenSMTPD version 6.6 does not properly sanitize user input, which could allow a local attacker to escalate their privileges, and allow either a local or remote attacker to execute arbitrary code as root. Description OpenSMTPD ...

10CVSS9.6AI score0.98946EPSS
Exploits27References9
BDU FSTEC
BDU FSTEC
added 2019/11/11 12:0 a.m.3 views

The vulnerability of the NSS-LDAP operating system packages for Astra Linux and Debian GNU/Linux allows a hacker to obtain the server LDAP administrator password.

The vulnerability of the NSS-LDAP operating system packages for Astra Linux and Debian GNU/Linux is related to privilege management errors. Exploiting this vulnerability could allow a malicious individual to obtain the server LDAP administrator password...

6.2CVSS5.9AI score0.00925EPSS
Exploits2References7Affected Software2
0day.today
0day.today
added 2019/10/07 12:0 a.m.391 views

logrotten 3.15.1 - Privilege Escalation Exploit

Exploit Title: logrotten 3.15.1 - Privilege Escalation Exploit Author: Wolfgang Hotwagner Vendor Homepage: https://github.com/logrotate/logrotate Software Link: https://github.com/logrotate/logrotate/releases/tag/3.15.1 Version: all versions through 3.15.1 Tested on: Debian GNU/Linux 9.5 stretch...

0.6AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2019/07/16 12:0 a.m.6 views

The vulnerability of the IRC client Irssi for Debian GNU/Linux and Ubuntu systems, related to the use of memory after it is freed, allows a hacker to trigger a service failure or execute arbitrary code.

The vulnerability of the IRC client Irssi for Debian GNU/Linux and Ubuntu stems from the use of memory after it is freed during the disconnection of a node from the previously created network or between two nodes. Exploiting this vulnerability can allow a malicious actor to cause service failures...

10CVSS5.8AI score0.02429EPSS
Exploits0References6Affected Software3
Packet Storm
Packet Storm
added 2019/06/17 12:0 a.m.254 views

Exim 4.91 Local Privilege Escalation

!/bin/bash raptoreximwiz - "The Return of the WIZard" LPE exploit Copyright c 2019 Marco Ivaldi A flaw was found in Exim versions 4.87 to 4.91 inclusive. Improper validation of recipient address in delivermessage function in /src/deliver.c may lead to remote command execution. CVE-2019-10149 This...

7.5CVSS0.9AI score0.99961EPSS
Exploits27
Exploit DB
Exploit DB
added 2019/06/17 12:0 a.m.601 views

Exim 4.87 - 4.91 - Local Privilege Escalation

!/bin/bash raptoreximwiz - "The Return of the WIZard" LPE exploit Copyright c 2019 Marco Ivaldi A flaw was found in Exim versions 4.87 to 4.91 inclusive. Improper validation of recipient address in delivermessage function in /src/deliver.c may lead to remote command execution. CVE-2019-10149 This...

10CVSS9.8AI score0.99961EPSS
Exploits27
Packet Storm
Packet Storm
added 2019/04/08 12:0 a.m.4242 views

CARPE (DIEM) Apache 2.4.x Local Privilege Escalation

?php CARPE DIEM: CVE-2019-0211 Apache Root Privilege Escalation Charles Fol @cfreal 2019-04-08 INFOS https://cfreal.github.io/carpe-diem-cve-2019-0211-apache-local-root.html USAGE 1. Upload exploit to Apache HTTP server 2. Send request to page 3. Await 6:25AM for logrotate to restart Apache 4...

0.5AI score0.65005EPSS
Exploits8
Exploit DB
Exploit DB
added 2019/04/08 12:0 a.m.4856 views

Apache 2.4.17 < 2.4.38 - 'apache2ctl graceful' 'logrotate' Local Privilege Escalation

?php CARPE DIEM: CVE-2019-0211 Apache Root Privilege Escalation Charles Fol @cfreal 2019-04-08 INFOS https://cfreal.github.io/carpe-diem-cve-2019-0211-apache-local-root.html USAGE 1. Upload exploit to Apache HTTP server 2. Send request to page 3. Await 6:25AM for logrotate to restart Apache 4...

7.8CVSS8.3AI score0.65005EPSS
Exploits8
exploitpack
exploitpack
added 2019/04/08 12:0 a.m.10527 views

Apache 2.4.17 2.4.38 - apache2ctl graceful logrotate Local Privilege Escalation

Apache 2.4.17 2.4.38 - apache2ctl graceful logrotate Local Privilege Escalation ?php CARPE DIEM: CVE-2019-0211 Apache Root Privilege Escalation Charles Fol @cfreal 2019-04-08 INFOS https://cfreal.github.io/carpe-diem-cve-2019-0211-apache-local-root.html USAGE 1. Upload exploit to Apache HTTP serv...

7.2CVSS0.8AI score0.65005EPSS
Exploits8
Packet Storm
Packet Storm
added 2019/03/29 12:0 a.m.47 views

WordPress Anti-Malware Security And Brute-Force Firewall 4.18.63 Local File Inclusion

Exploit Title: Wordpress Anti-Malware Security and Bruteforce Firewall - Local File Inclusion Google Dork: N/A Date: 03 / 26 / 2019 Exploit Author: Ali S. Ahmad S4R1N Vendor Homepage: N/A Software Link: https://wordpress.org/plugins/gotmls/ Version: Version 4.18.63 Tested on: Debian GNU/Linux 9...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2019/03/29 12:0 a.m.58 views

WordPress Loco Translate 2.2.1 Local File Inclusion

Exploit Title: Wordpress Loco Translate Version 2.2.1 Plugin LFI Google Dork: N/A Date: 03 / 26 / 2019 Exploit Author: Ali S. Ahmad S4R1N Vendor Homepage: https://localise.biz/ Software Link: https://wordpress.org/plugins/loco-translate/ Version: Version 2.2.1 Tested on: Debian GNU/Linux 9 Docker...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2019/03/28 12:0 a.m.31 views

WordPress Plugin Loco Translate 2.2.1 - Local File Inclusion

WordPress Plugin Loco Translate 2.2.1 - Local File Inclusion Exploit Title: Wordpress Loco Translate Version 2.2.1 Plugin LFI Google Dork: N/A Date: 03 / 26 / 2019 Exploit Author: Ali S. Ahmad S4R1N Vendor Homepage: https://localise.biz/ Software Link: https://wordpress.org/plugins/loco-translate...

7.3AI score
Exploits0
Exploit DB
Exploit DB
added 2019/01/28 12:0 a.m.116 views

MySQL User-Defined (Linux) (x86) - 'sys_exec' Local Privilege Escalation

Exploit Title: MySQL User-Defined Linux x32 / x8664 sysexec function local privilege escalation exploit Date: 24/01/2019 Exploit Author: d7x Vendor Homepage: https://www.mysql.com Software Link: www.mysql.com Version: MySQL 4.x/5.x Tested on: Debian GNU/Linux 8.11 / mysql Ver 14.14 Distrib 5.5.60...

7.4AI score
Exploits0
0day.today
0day.today
added 2019/01/28 12:0 a.m.61 views

MySQL User-Defined (Linux) x32 / x86_64 - sys_exec Function Local Privilege Escalation Exploit

Exploit for linux platform in category local exploits Exploit Title: MySQL User-Defined Linux x32 / x8664 sysexec function local privilege escalation exploit Date: 24/01/2019 Exploit Author: d7x Vendor Homepage: https://www.mysql.com Software Link: www.mysql.com Version: MySQL 4.x/5.x Tested on:...

0.3AI score
Exploits0
Veracode
Veracode
added 2019/01/15 8:52 a.m.34 views

Denial Of Service (DoS)

openipmi is vulnerable to denial of service DoS attacks. The vulnerability exists as ipmievd aka the IPMI event daemon in OpenIPMI, as used in the ipmitool package 1.8.11 in Red Hat Enterprise Linux RHEL 6, Debian GNU/Linux, Fedora 16, and other products uses 0666 permissions for its ipmievd.pid...

3.6CVSS5.7AI score0.00434EPSS
Exploits0References22Affected Software2
Tenable Nessus
Tenable Nessus
added 2018/11/05 12:0 a.m.272 views

lighttpd < 1.4.28 Insecure Temporary File Creation

According to its banner, the version of lighttpd running on the remote host is prior to 1.4.28. Therefore, it may be, affected by the following vulnerability : - The configuration file for the FastCGI PHP support for lighttpd before 1.4.28 on Debian GNU/Linux creates a socket file with a...

1.9CVSS7.1AI score0.00349EPSS
Exploits1References2
Rows per page
Query Builder