Lucene search
K

5908 matches found

Exploit DB
Exploit DB
added 2018/12/04 12:0 a.m.42 views

KeyBase Botnet 1.5 - SQL Injection

Exploit Title: KeyBase Botnet v1.5 - SQL Injection Vulnerability Google Dork: intitle:"KeyBase: Login" + intext:" Login to get access to your logs " Date: 3/12/2018 Exploit Author: n4pst3r Vendor Homepage: unkn0wn Software Link: unkn0wn Version: v1.5 Tested on: Windows 10, debian 7 CVE : n/a...

7AI score
Exploits0
NVD
NVD
added 2018/11/29 9:29 p.m.21 views

CVE-2018-15537

Unrestricted file upload with remote code execution in OCS Inventory NG ocsreports allows a privileged user to gain access to the server via crafted HTTP requests...

8.8CVSS8.9AI score0.05023EPSS
Exploits2References2
Cvelist
Cvelist
added 2018/11/29 9:0 p.m.27 views

CVE-2018-15537

Unrestricted file upload with remote code execution in OCS Inventory NG ocsreports allows a privileged user to gain access to the server via crafted HTTP requests...

8.9AI score0.05023EPSS
Exploits2References2
Debian CVE
Debian CVE
added 2018/11/29 9:0 p.m.18 views

CVE-2018-15537

Unrestricted file upload with remote code execution in OCS Inventory NG ocsreports allows a privileged user to gain access to the server via crafted HTTP requests...

8.8CVSS8.8AI score0.05023EPSS
Exploits2
CNVD
CNVD
added 2018/11/29 12:0 a.m.2 views

Denial of Service Vulnerability in Multiple Schneider Electric Products (CNVD-2018-24634)

Schneider Electric Modicon M340, etc. are programmable logic controller products of Schneider Electric France. A denial of service vulnerability exists in the embedded web server in several Schneider Electric products, which can be exploited by an attacker to cause a denial of service by sending ...

7.5CVSS7.4AI score0.02423EPSS
Exploits1References1
Kitploit
Kitploit
added 2018/11/22 8:33 p.m.133 views

ZIP File Raider - Burp Extension For ZIP File Payload Testing

ZIP File Raider is a Burp Suite extension for attacking web application with ZIP file upload functionality. You can easily inject Burp Scanner/Repeater payloads in ZIP content of the HTTP requests which is not feasible by default. This extension helps to automate the extraction and compression...

7.2AI score
Exploits0References2
n0where
n0where
added 2018/11/21 7:19 p.m.108 views

Endpoint for Out-of-Band Exfiltration: Arecibo

In the process of identifying and exploiting vulnerabilities, it is sometimes necessary to resort to Out of Band OOB techniques in order to exfiltrate information through DNS resolutions or HTTP requests. To address this kind of situation the faster and simpler solution can be the use of a Burp...

7.4AI score
Exploits0References1
Exploit DB
Exploit DB
added 2018/11/21 12:0 a.m.34 views

Synaccess netBooter NP-0801DU 7.4 - Cross-Site Request Forgery (Add Admin)

Title: Synaccess netBooter NP-0801DU 7.4 - Cross-Site Request Forgery Add Admin Author: Gjoko 'LiquidWorm' Krstic @zeroscience Exploit Date: 2018-11-17 Vendor: Synaccess Networks Inc. Product web page: https://www.synaccess-net.com Affected version: NP-0801DU HW6.0 BL1.5 FW7.23 WF7.4 Tested on:...

7AI score
Exploits0
0day.today
0day.today
added 2018/11/20 12:0 a.m.34 views

Synaccess netBooter NP-0801DU 7.4 Cross Site Request Forgery Vulnerability

Exploit for hardware platform in category web applications 0day.today 2018-12-12...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2018/11/19 12:0 a.m.270 views

Synaccess netBooter NP-0801DU 7.4 Cross Site Request Forgery

...

0.2AI score
Exploits0
Zero Science Lab
Zero Science Lab
added 2018/11/17 12:0 a.m.337 views

Synaccess netBooter NP-0801DU 7.4 CSRF Add Admin Exploit

Summary netBooter™ NP-0801DU and NP-0801DUH PDUs provide secured remote power source management of 8 independent outlets. Includes true RMS AC current reading and environment temperature monitoring via TCP/IP networks or local direct connection. Description The application interface allows users ...

5.1CVSS5.8AI score0.00145EPSS
Exploits1
Cvelist
Cvelist
added 2018/11/15 3:0 p.m.17 views

CVE-2018-0685

SQL injection vulnerability in the Denbun POP version V3.3P R4.0 and earlier allows remote authenticated attackers to execute arbitrary SQL commands via HTTP requests for mail search...

9.3AI score0.01244EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2018/11/05 12:0 a.m.29 views

WordPress 4.6.x < 4.6.4 Multiple Vulnerabilities

According to its self-reported version number, the detected WordPress application is affected by multiple vulnerabilities : - A cross-site scripting XSS vulnerability exists in the wpplaylistshortcode function within the /wp-includes/media.php script due to a failure to validate input passed via...

6.5CVSS6.4AI score0.03124EPSS
Exploits2References8
Tenable Nessus
Tenable Nessus
added 2018/11/05 12:0 a.m.29 views

Drupal 8.3.x < 8.3.0-rc2 Multiple Vulnerabilities

According to its self-reported version number, the detected Drupal application is affected by multiple vulnerabilities : - A security bypass vulnerability exists in the editor module due to a failure to properly check access restrictions when adding private files with a configured text editor e.g...

8.1CVSS8.5AI score0.03901EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2018/11/05 12:0 a.m.28 views

Drupal 8.x < 8.2.7 Multiple Vulnerabilities

According to its self-reported version number, the detected Drupal application is affected by multiple vulnerabilities : - A security bypass vulnerability exists in the editor module due to a failure to properly check access restrictions when adding private files with a configured text editor e.g...

8.1CVSS8.5AI score0.03901EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2018/11/02 12:0 a.m.21 views

F5 Networks BIG-IP : BIG-IP ASM vulnerability (K12403422)

When the BIG-IP ASM system processes HTTP requests, an unusually large number of parameters can cause excessive CPU usage in the BIG-IP ASM bd process. CVE-2018-5541 Impact BIG-IP When this vulnerability is exploited, the BIG-IP ASM system may experience a denial of service DoS. BIG-IP systems th...

7.8CVSS7.3AI score0.01841EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2018/10/26 12:0 a.m.56 views

EulerOS Virtualization 2.5.0 : ruby (EulerOS-SA-2018-1347)

According to the version of the ruby packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerability : - It was found that WEBrick could be forced to use an excessive amount of memory during the processing of HTTP requests, leading to a...

7.5CVSS7.9AI score0.04636EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2018/10/26 12:0 a.m.16 views

Ubuntu: Security Advisory (USN-3585-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.3CVSS5.3AI score0.02406EPSS
Exploits0References2
Kitploit
Kitploit
added 2018/10/25 8:48 p.m.89 views

Httplab - Inspect HTTP Requests And Forge Responses

The interactive web server. HTTPLabs let you inspect HTTP requests and forge responses. Install Golang go get github.com/gchaincl/httplab go install github.com/gchaincl/httplab/cmd/httplab Archlinux yaourt httplab Snap FIXME On systems where snap is supported: snap install httplab Binary...

7.2AI score
Exploits0References5
NVD
NVD
added 2018/10/17 8:29 p.m.14 views

CVE-2018-15402

A vulnerability in Cisco Enterprise NFV Infrastructure Software NFVIS could allow an unauthenticated, remote attacker to conduct cross-site request forgery CSRF attacks. The vulnerability is due to improper validation of Origin headers on HTTP requests within the management interface. An attacker...

8.8CVSS6.6AI score0.00481EPSS
Exploits0References2
Rows per page
Query Builder