Lucene search
K

11967 matches found

hackapp
hackapp
added 2017/03/08 6:37 p.m.14 views

Fastest Mini Browser - Customized SSL, WebView SSL handling enabled, WebView code execution vulnerabilities

HackApp vulnerability scanner discovered that application Fastest Mini Browser published at the 'play' market has multiple vulnerabilities...

1.1AI score
Exploits0References1Affected Software1
Packet Storm
Packet Storm
added 2017/03/06 12:0 a.m.41 views

Groupon Clone Script 3.01 SQL Injection

Exploit Title: Groupon Clone Script v3.01 - SQL Injection Google Dork: N/A Date: 06.03.2017 Vendor Homepage: http://www.phpscriptsmall.com/ Software : http://www.phpscriptsmall.com/product/groupon-clone-script/ Demo: http://phpscriptsmall.info/demo/groupon-deal/ Version: 3.01 Tested on: Win7 x64,...

Exploits0
Exploit DB
Exploit DB
added 2017/03/06 12:0 a.m.35 views

Single Theater Booking Script - 'newsid' SQL Injection

Exploit Title: Single Theater Booking Script - SQL Injection Google Dork: N/A Date: 06.03.2017 Vendor Homepage: http://www.phpscriptsmall.com/ Software : http://www.phpscriptsmall.com/product/single-theater-booking-script/ Demo:...

7.4AI score
Exploits0
Cisco Threats
Cisco Threats
added 2017/03/03 2:12 p.m.12 views

Threat Outbreak Alert RuleID28106: Email Messages Distributing Malicious Software on March 3, 2017

Medium Alert ID: 52866 First Published: 2017 March 3 14:12 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages distributing malicious software. Email messages that are related to this threat RuleID28106 may contain the following files: Name | Siz...

0.2AI score
Exploits0
Exploit DB
Exploit DB
added 2017/03/03 12:0 a.m.139 views

WordPress Core < 4.7.1 - Username Enumeration

!usr/bin/php...

7.4AI score
Exploits0
ThreatPost
ThreatPost
added 2017/03/02 1:3 p.m.15 views

132 Google Play Apps Booted For Having Malicious IFrames

Google removed 132 apps infected with malicious iFrames from its Google Play store after security researchers discovered a development platform used to create the apps was infected with malware and in turn compromised the apps. Palo Alto Networks’ Unit 42 researchers said the apps were infected...

7.1AI score
Exploits0References3
Openbugbounty
Openbugbounty
added 2017/03/01 2:53 a.m.11 views

arlington.wickedlocal.com XSS vulnerability

Open Bug Bounty ID: OBB-216524 Description| Value ---|--- Affected Website:| arlington.wickedlocal.com Open Bug Bounty Program:| Not created yet Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

6.3AI score
Exploits0
Packet Storm
Packet Storm
added 2017/02/27 12:0 a.m.128 views

Linux Kernel 4.4.0 Ubuntu DCCP Double-Free Crash

// A trigger for CVE-2017-6074, crashes kernel. // Tested on 4.4.0-62-generic 83-Ubuntu kernel. // https://github.com/xairy/kernel-exploits/tree/master/CVE-2017-6074 // // Andrey Konovalov define GNUSOURCE include include include include include include include include include include include...

9.3CVSS0.4AI score0.0596EPSS
Exploits13
Openbugbounty
Openbugbounty
added 2017/02/25 1:8 p.m.13 views

bdarchitectuur.nl XSS vulnerability

Vulnerable URL: http://www.bdarchitectuur.nl/zoeken?q='"--!confirmOPENBUGBOUNTY...

6.9AI score
Exploits0
Metasploit
Metasploit
added 2017/02/24 10:18 a.m.43 views

Jboss Credential Collector

This module can be used to extract the Jboss admin passwords for version 4,5 and 6. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'nokogiri' class MetasploitModule 'Jboss Credential Collector', 'Description'...

7AI score
Exploits0
0day.today
0day.today
added 2017/02/18 12:0 a.m.63 views

dotCMS 3.6.1 Blind Boolean SQL Injection Vulnerability

Exploit for php platform in category web applications Blind Boolean SQL Injection in dotCMS = 3.6.1 CVE-2017-5344 Product Description dotCMS is a scalable, java based, open source content management system CMS that has been designed to manage and deliver personalized, permission based content...

7.5CVSS9.2AI score0.06304EPSS
Exploits6
Hacker One
Hacker One
added 2017/02/16 1:1 p.m.18 views

ownCloud: HTML injection in Desktop Client

Problem There are HTML injections throughout the ownCloud desktop client. A good example of this can be seen in accountsettings.cpp line 641 to 705. For reference purposes this is a trimmed down and slightly commented version of the code: cpp void AccountSettings::refreshSelectiveSyncStatus QStri...

0.4AI score
Exploits0
exploitpack
exploitpack
added 2017/02/14 12:0 a.m.25 views

ntfs-3g - Unsanitized modprobe Environment Privilege Escalation

ntfs-3g - Unsanitized modprobe Environment Privilege Escalation Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1072 ntfs-3g is installed by default e.g. on Ubuntu and comes with a setuid root program /bin/ntfs-3g. When this program is invoked on a system whose kernel does not...

0.3AI score
Exploits0
exploitpack
exploitpack
added 2017/02/12 12:0 a.m.29 views

Itech B2B Script 4.29 - Multiple Vulnerabilities

Itech B2B Script 4.29 - Multiple Vulnerabilities Exploit Title : Itech scripts B2B Script v4.29 - Multiple Vulnerability Google Dork : - Date : 12/02/2017 Exploit Author : Marc Castejon Vendor Homepage : http://itechscripts.com/b2b-script/ Software Link: http://b2b.itechscripts.com Type : webapps...

0.4AI score
Exploits0
exploitpack
exploitpack
added 2017/02/10 12:0 a.m.27 views

HP Smart Storage Administrator 2.30.6.0 - Remote Command Injection (Metasploit)

HP Smart Storage Administrator 2.30.6.0 - Remote Command Injection Metasploit This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 "HP Smart Storage Administrator Remote Command...

7.9AI score0.1704EPSS
Exploits8
Fedora
Fedora
added 2017/02/07 12:54 a.m.11 views

[SECURITY] Fedora 24 Update: phpMyAdmin-4.6.6-1.fc24

phpMyAdmin is a tool written in PHP intended to handle the administration of MySQL over the World Wide Web. Most frequently used operations are supported by the user interface managing databases, tables, fields, relations, index es, users, permissions, while you still have the ability to directly...

1.3AI score
Exploits0
Hacker One
Hacker One
added 2017/02/05 11:51 a.m.16 views

shopify-scripts: forgot to add the patch

The patch of the report https://hackerone.com/reports/192896 you forgot to add here https://github.com/Shopify/mruby-engine...

7AI score
Exploits0
Source Incite
Source Incite
added 2017/02/02 12:0 a.m.32 views

SRC-2017-0002 : Adobe Acrobat Pro DC ImageConversion TIFF Parsing Use-After-Free Read Remote Code Execution Vulnerability

Vulnerability Details: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Acrobat Pro DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw...

9.3CVSS8.9AI score0.04069EPSS
Exploits1
Packet Storm
Packet Storm
added 2017/02/01 12:0 a.m.64 views

TrueOnline / Billion 5200W-T Router Unauthenticated Command Injection

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class MetasploitModule 'TrueOnline / Billion 5200W-T Router Unauthenticated Command Injection', 'Description' = %q TrueOnline is a major ISP in Thailan...

0.8AI score
Exploits0
Veracode
Veracode
added 2017/01/31 8:47 a.m.25 views

Denial Of Service (DoS) Through Integer Overflow

ImageMagick is vulnerable to integer overflow through the computing the pixel scaling table. A malicious user can use this to cause the system to crash and perform a denial of service DoS attack...

9.8CVSS8.8AI score0.05445EPSS
Exploits1References2Affected Software1
Rows per page
Query Builder