Google Chrome 80.0.3987.87 - Heap-Corruption Remote Denial of Service (PoC)

Exploit Title: Google Chrome 80.0.3987.87 - Heap-Corruption Remote Denial of Service PoC Google Dork: N/A Date: 2020-02-21 Exploit Author: Cem Onat Karagun of Diesec GmBH Vendor Homepage: https://www.google.com/ Version: Google Chrome 80.0.3987.87 Tested on: Windows x64 / Linux Debian x64 / MacOS...

Google Chrome Blink Resource Management Error Vulnerability (CNVD-2019-23112)

Google Chrome is a Web browser from Google, a U.S. company. Blink is a browser layout engine rendering engine jointly developed by Google and Norway's OperaSoftware. A resource management error vulnerability exists in Blink in versions prior to Google Chrome 74.0.3729.108, which arises from a...

UBUNTU-CVE-2017-5125

Heap buffer overflow in Skia in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

chromium-browser: out of bounds write in skia

Heap buffer overflow in Skia in Google Chrome prior to 63.0.3239.84 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

DigiAffiliate 1.4 - Cross-Site Request Forgery (Update Admin)

!/usr/local/bin/python Exploit Title: DigiAffiliate 1.4 - Cross-Site Request Forgery Update Admin Dork: N/A Date: 18.09.2017 Vendor Homepage: http://www.digiappz.com/ Software Link: http://www.digiappz.com/digiaffiliate.asp?id=7 Demo: http://www.digiappz.com/digiaffiliate/login.asp Version: 1.4...

XhP CMS 0.5.1 - Cross-Site Request Forgery Vulnerability

Exploit for php platform in category web applications Exploit Title: XhP CMS 0.5.1 - Cross-Site Request Forgery to Persistent Cross-Site Scripting Exploit Author: Ahsan Tahir Date: 19-10-2016 Software Link: https://sourceforge.net/projects/xhp/ Vendor: https://sourceforge.net/projects/xhp/ Google...

XhP CMS 0.5.1 Cross Site Request Forgery / Cross Site Scripting

Exploit Title: XhP CMS 0.5.1 - Cross-Site Request Forgery to Persistent Cross-Site Scripting Exploit Author: Ahsan Tahir Date: 19-10-2016 Software Link: https://sourceforge.net/projects/xhp/ Vendor: https://sourceforge.net/projects/xhp/ Google Dork: inurl:Powered by XHP CMS Contact:...

Internet Explorer 11 - Crash PoC

Exploit for windows platform in category dos / poc Exploit Title: Internet Explorer 11 - Crash PoC Google Dork: N/A Date: 19th May, 2015 Exploit Author: garage4hackers Vendor Homepage: http://garage4hackers.com/showthread.php?t=6246 Software Link: N/A Version: Tested on IE 11 Tested on: Windows 7...

AOL Instant Messenger AIM "Away" Message Remote Exploit

No description provided by source. / CAN-2004-0636 / / AIM Away Message Buffer Overflow Exploit Exploit by John Bissell A.K.A. HighT1mes Exploit: ======== drizzit.c Vulnerable Software: ==================== - AIM 5.5.3588 - AIM 5.5.3590 Beta - AIM 5.5.3591 - AIM 5.5.3595 and a couple others...

Mozilla Browser 0.8/0.9/1.x Refresh Security Property Spoofing Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/10796/info Mozilla and Firefox may permit malicious Web pages to spoof security properties of a trusted site. An attacker can exploit this issue to spoof the URI and SSL certificate of a site trusted by an unsuspecting...

Oracle Document Capture empop3.dll Insecure Methods

No description provided by source. Source: http://packetstormsecurity.org/files/view/97868/DSECRG-11-005.txt ActiveX components contain insecure methods. Digital Security Research Group DSecRG Advisory DSECRG-11-005 internal DSECRG-00154 Application: Oracle Document Capture Versions Affected:...

skyportal vrc6 Multiple Vulnerabilities

No description provided by source. WwW.BugReport.ir BugReport Security Research & Penetration Testing Group Title: Sky Portal Multiple SQL Injection Vulnerabilities Vendor: http://skyportal.net Exploitation: Remote with browser Fix Available: Patched In Last Version In Vendor Leaders : Shahin...

Microsoft Works 7 WkImgSrv.dll WKsPictureInterface() ActiveX Exploit

No description provided by source. $Id: msworkswkspictureinterface.rb 10477 2010-09-25 11:59:02Z mc $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and...

MKPortal 1.0/1.1 Admin.PHP Authentication Bypass Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/25515/info MKPortal is prone to an authentication-bypass vulnerability because it fails to restrict access to certain administrative functions. Attackers can exploit this issue to gain unauthorized access to the...

Pandora FMS 3.2.1 - Cross Site Request Forgery

No description provided by source. Exploit Title: Pandora FMS v3.2.1 Cross Site Request Forgery Google Dork: intitle:Pandora FMS - the Flexible Monitoring System intext:Your IP Date: 12-07-2011 Author: Mehdi Boukazoula Software Link: http://pandorafms.org/ Version: v 3.2.1 Tested on: v = 3.2.1...

MS14-012 Internet Explorer TextRange Use-After-Free

This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 "MS14-012 Internet Explorer TextRange Use-After-Free", 'Description' = %q This module exploits a use-after-free vulnerability found in...

Apple Quicktime 7 Invalid Atom Length Buffer Overflow

This module exploits a vulnerability found in Apple Quicktime. The flaw is triggered when Quicktime fails to properly handle the data length for certain atoms such as 'rdrf' or 'dref' in the Alis record, which may result a buffer overflow by loading a specially crafted .mov file, and allows...

RealPlayer 16.0.0.282 (.html) Memory Corruption

Exploit for windows platform in category dos / poc Title : RealPlayer 16.0.0.282 .html Memory Corruption Date: 2013-02-18 Softwares Link: http://fr.real.com/realplayer/ phone : +447024073406 Author: The Black Devils Tested on: Windows XP SP2 Home: www.arab47.com Greeting To : 3xp1r3 Cyber Army...

Weboptima CMS Add Administrator / Shell Upload

cs 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 + Site : 1337day.com 0 1 + Support e-mail :...

Attackers Targeting Windows Media Bug With Malware

Security researchers have seen attackers going after the newly patched CVE-2012-0003 vulnerability in the Windows Media Player. The flaw, which was patched earlier this month by Microsoft, is a critical one that can enable remote code execution, and it affects a wide range of Windows systems. Whe...