Lucene search
K

7082 matches found

Kitploit
Kitploit
added 2021/02/18 11:30 a.m.537 views

Ghidra_Kernelcache - A Ghidra Framework For iOS Kernelcache Reverse Engineering

This framework is the end product of my experience in reverse engineering iOS kernelcache,I do manually look for vulnerabilities in the kernel and have automated most of the things I really wanted to see in Ghidra to speed up the process of reversing, and this proven to be effective and saves a l...

6.8AI score
Exploits0References12
Packet Storm
Packet Storm
added 2021/02/18 12:0 a.m.242 views

Apport 2.20 Privilege Escalation

Exploit Title: Apport 2.20 - Local Privilege Escalation Date: 18/02/21 Exploit Author: Gr33nh4t Vendor Homepage: https://ubuntu.com/ Version: Apport: Ubuntu 20.10 - Before 2.20.11-0ubuntu50.5 Apport: Ubuntu 20.04 - Before 2.20.11-0ubuntu27.16 Apport: Ubuntu 18.04 - Before 2.20.9-0ubuntu7.23 Appor...

0.4AI score
Exploits0
0day.today
0day.today
added 2021/02/18 12:0 a.m.50 views

Apport 2.20 - Local Privilege Escalation Exploit

Exploit Title: Apport 2.20 - Local Privilege Escalation Exploit Author: Gr33nh4t Vendor Homepage: https://ubuntu.com/ Version: Apport: Ubuntu 20.10 - Before 2.20.11-0ubuntu50.5 Apport: Ubuntu 20.04 - Before 2.20.11-0ubuntu27.16 Apport: Ubuntu 18.04 - Before 2.20.9-0ubuntu7.23 Apport: Ubuntu 16.04...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/02/18 12:0 a.m.288 views

Apport 2.20 - Local Privilege Escalation

Exploit Title: Apport 2.20 - Local Privilege Escalation Date: 18/02/21 Exploit Author: Gr33nh4t Vendor Homepage: https://ubuntu.com/ Version: Apport: Ubuntu 20.10 - Before 2.20.11-0ubuntu50.5 Apport: Ubuntu 20.04 - Before 2.20.11-0ubuntu27.16 Apport: Ubuntu 18.04 - Before 2.20.9-0ubuntu7.23 Appor...

7.4AI score
Exploits0
NVD
NVD
added 2021/02/15 9:15 p.m.14 views

CVE-2021-3239

E-Learning System 1.0 suffers from an unauthenticated SQL injection vulnerability, which allows remote attackers to execute arbitrary code on the hosting web server and gain a reverse shell...

9.8CVSS0.17933EPSS
Exploits1References5
OSV
OSV
added 2021/02/15 9:15 p.m.5 views

CVE-2021-3239

E-Learning System 1.0 suffers from an unauthenticated SQL injection vulnerability, which allows remote attackers to execute arbitrary code on the hosting web server and gain a reverse shell...

9.8CVSS7.7AI score0.17933EPSS
Exploits1References5
Prion
Prion
added 2021/02/15 9:15 p.m.17 views

Sql injection

E-Learning System 1.0 suffers from an unauthenticated SQL injection vulnerability, which allows remote attackers to execute arbitrary code on the hosting web server and gain a reverse shell...

7.5CVSS10AI score0.17933EPSS
Exploits1References5Affected Software1
Cvelist
Cvelist
added 2021/02/15 8:39 p.m.15 views

CVE-2021-3239

E-Learning System 1.0 suffers from an unauthenticated SQL injection vulnerability, which allows remote attackers to execute arbitrary code on the hosting web server and gain a reverse shell...

10AI score0.17933EPSS
Exploits1References5
Packet Storm
Packet Storm
added 2021/02/15 12:0 a.m.183 views

Klog Server 2.4.1 Command Injection

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Klog Server authenticate.php user Unauthenticated Command Injection', 'Description' = %q This module exploits an unauthenticated command injectio...

10CVSS0.1AI score0.87987EPSS
Exploits8
Positive Technologies
Positive Technologies
added 2021/02/15 12:0 a.m.12 views

PT-2021-19699

Name of the Vulnerable Software and Affected Versions: E-Learning System version 1.0 Description: The issue allows remote attackers to execute arbitrary code on the hosting web server and gain a reverse shell through an unauthenticated SQL injection. Recommendations: For E-Learning System version...

9.8CVSS6.2AI score0.17933EPSS
Exploits1References8
OpenVAS
OpenVAS
added 2021/02/15 12:0 a.m.8 views

'/WEB-INf./' Information Disclosure Vulnerability (HTTP)

Various application or web servers / products are prone to an information disclosure vulnerability. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...

7AI score
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2021/02/10 12:0 a.m.66 views

CVE-2020-28871

Remote code execution in Monitorr v1.7.6m in upload.php allows an unauthorized person to execute arbitrary code on the server-side via an insecure file upload. Recent assessments: noraj at June 22, 2021 4:56pm UTC reported: The uploaded file must have an image magic byte eg. GIF in order to match...

9.8CVSS4.9AI score0.85785EPSS
Exploits8References5
OSV
OSV
added 2021/02/09 9:15 p.m.3 views

CVE-2021-21476

SAP UI5 versions before 1.38.49, 1.52.49, 1.60.34, 1.71.31, 1.78.18, 1.84.5, 1.85.4, 1.86.1 allows an unauthenticated attacker to redirect users to a malicious site due to Reverse Tabnabbing vulnerabilities...

6.1CVSS5.9AI score0.00816EPSS
Exploits0References2
NVD
NVD
added 2021/02/09 9:15 p.m.7 views

CVE-2021-21478

SAP Web Dynpro ABAP allow an attacker to redirect users to a malicious site due to Reverse Tabnabbing vulnerabilities...

6.1CVSS0.0085EPSS
Exploits0References2
NVD
NVD
added 2021/02/09 9:15 p.m.9 views

CVE-2021-21476

SAP UI5 versions before 1.38.49, 1.52.49, 1.60.34, 1.71.31, 1.78.18, 1.84.5, 1.85.4, 1.86.1 allows an unauthenticated attacker to redirect users to a malicious site due to Reverse Tabnabbing vulnerabilities...

6.1CVSS0.00816EPSS
Exploits0References2
Prion
Prion
added 2021/02/09 9:15 p.m.17 views

Design/Logic Flaw

SAP UI5 versions before 1.38.49, 1.52.49, 1.60.34, 1.71.31, 1.78.18, 1.84.5, 1.85.4, 1.86.1 allows an unauthenticated attacker to redirect users to a malicious site due to Reverse Tabnabbing vulnerabilities...

5.8CVSS6.2AI score0.00816EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2021/02/09 9:15 p.m.13 views

Design/Logic Flaw

SAP Web Dynpro ABAP allow an attacker to redirect users to a malicious site due to Reverse Tabnabbing vulnerabilities...

5.8CVSS6.2AI score0.0085EPSS
Exploits0References2
Cvelist
Cvelist
added 2021/02/09 8:44 p.m.11 views

CVE-2021-21478

SAP Web Dynpro ABAP allow an attacker to redirect users to a malicious site due to Reverse Tabnabbing vulnerabilities...

4.7CVSS6.5AI score0.0085EPSS
Exploits0References2
CVE
CVE
added 2021/02/09 8:44 p.m.42 views

CVE-2021-21478

CVE-2021-21478 affects SAP Web Dynpro ABAP and enables an open redirect via reverse tabnabbing, allowing an attacker to redirect users to a malicious site. Concrete details across sources corroborate the impact as an open redirect and link to SAP notes (e.g., SAP Note 2974582) for remediation. Th...

6.1CVSS6.2AI score0.0085EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2021/02/09 8:44 p.m.16 views

CVE-2021-21476

SAP UI5 versions before 1.38.49, 1.52.49, 1.60.34, 1.71.31, 1.78.18, 1.84.5, 1.85.4, 1.86.1 allows an unauthenticated attacker to redirect users to a malicious site due to Reverse Tabnabbing vulnerabilities...

4.7CVSS6.5AI score0.00816EPSS
Exploits0References2
Rows per page
Query Builder