Lucene search
K

11967 matches found

Openbugbounty
Openbugbounty
added 2015/05/25 3:33 p.m.14 views

forklifts4sale.com XSS vulnerability

Vulnerable URL: http://www.forklifts4sale.com/search.php?txt=%3E%3C%2Ftitle%3E%3Cscript%3Ealert%28KCF%29%3C%2Fscript%3E%27%22%3E%3Cmarquee%3E%3Ch1%3Etest%3C%2Fh1%3E%3C%2Fmarquee%3E%3Csvg%2Fonload%3Dprompt%28%2FXSSPOSED%2F%29%3E=Choose...type=Choose...=Choose... Details: Description| Value ---|---...

6.3AI score
Exploits0
exploitpack
exploitpack
added 2015/05/19 12:0 a.m.78 views

Microsoft Windows 8.08.1 (x64) - TrackPopupMenu Local Privilege Escalation (MS14-058)

Microsoft Windows 8.08.1 x64 - TrackPopupMenu Local Privilege Escalation MS14-058 Windows 8.0 - 8.1 x64 TrackPopupMenu Privilege Escalation MS14-058 CVE-2014-4113 Privilege Escalation http://www.offensive-security.com Thx to Moritz Jodeit for the beautiful writeup...

7.2CVSS0.7AI score0.87042EPSS
Exploits22
exploitpack
exploitpack
added 2015/05/11 12:0 a.m.15 views

D-Link DSL-500B Gen 2 - Parental Control Configuration Panel Persistent Cross-Site Scripting

D-Link DSL-500B Gen 2 - Parental Control Configuration Panel Persistent Cross-Site Scripting !/usr/bin/perl Date dd-mm-aaaa: 13-02-2015 Exploit for D-Link DSL-500B G2 Cross Site Scripting XSS Injection Stored in todmngr.tod Developed by Mauricio Corrêa XLabs Information Security WebSite:...

Exploits0
exploitpack
exploitpack
added 2015/05/06 12:0 a.m.16 views

elFinder 2 - Remote Command Execution (via File Creation)

elFinder 2 - Remote Command Execution via File Creation + Author: TUNISIAN CYBER + Title: elFinder 2 Remote Command Execution Via File Creation Vulnerability + Date: 06-05-2015 + Vendor: https://github.com/Studio-42/elFinder + Type: WebAPP + Tested on: KaliLinux Debian + Twitter: @TCYB3R + Time...

0.6AI score
Exploits0
exploitpack
exploitpack
added 2015/04/27 12:0 a.m.47 views

MiniUPnPd 1.0 (MIPS) - Remote Stack Overflow Remote Code Execution for AirTies RT Series

MiniUPnPd 1.0 MIPS - Remote Stack Overflow Remote Code Execution for AirTies RT Series !/usr/bin/env python Exploit Title: MiniUPnPd 1.0 Stack Overflow RCE for AirTies RT Series Date: 26.04.2015 Exploit Author: Onur ALANBEL BGA Vendor Homepage: http://miniupnp.free.fr/ Version: 1.0 Architecture:...

10CVSS0.8AI score0.69151EPSS
Exploits14
exploitpack
exploitpack
added 2015/04/24 12:0 a.m.19 views

Free MP3 CD Ripper 2.6 2.8 (Windows 7) - .wav File Buffer Overflow (SEH) (DEP Bypass)

Free MP3 CD Ripper 2.6 2.8 Windows 7 - .wav File Buffer Overflow SEH DEP Bypass !/usr/bin/python original p0c https://www.exploit-db.com/exploits/36465/ credit to TUNISIAN CYBER modified SEH Exploit https://www.exploit-db.com/exploits/36826/ credit to ThreatActor at CoreRed.com Software Link:...

0.5AI score
Exploits0
myhack58
myhack58
added 2015/04/23 12:0 a.m.276 views

IP. Board <= 3.4.7 SQL Injection analysis-vulnerability warning-the black bar safety net

IPB stands for Invision Power Board is a PHP Development Forum program, foreign used more widely. In its 3. 4. 7 version and the previous presence of a SQL injection vulnerability, this article to its analysis. poc link http://seclists.org/fulldisclosure/2014/Nov/20 !/ usr/bin/env python Sunday,...

8.3AI score
Exploits0
Exploit DB
Exploit DB
added 2015/04/21 12:0 a.m.37 views

SevenIT SevDesk 3.10 - Multiple Web Vulnerabilities

Document Title: =============== SevenIT SevDesk 3.10 - Multiple Web Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1314 Release Date: ============= 2015-03-23 Vulnerability Laboratory ID VL-ID: ==================================== 1314...

7.4AI score
Exploits0
wpexploit
wpexploit
added 2015/04/20 12:0 a.m.18 views

Crayon Syntax Highlighter 2.0 - 2.6.10 - Defacement

The Crayon Syntax Highlighter plugin allows access to the AJAX method 'crayon-theme-editor-save' to any registered user. When called, the AJAX method ‘crayon-theme-editor-save’ will call the 'save' function within the CrayonThemeEditorWP class, defined in...

1AI score
Exploits0References1
0day.today
0day.today
added 2015/04/14 12:0 a.m.54 views

JBoss AS versions 3/4/5/6 - Remote Command Execution Exploit

Exploit for multiple platform in category web applications coding: utf-8 JexBoss v1.0. @autor: João Filho Matos Figueiredo email protected Updates: https://github.com/joaomatosf/jexboss Free for distribution and modification, but the authorship should be preserved. import httplib, sys, urllib, os...

7.1AI score
Exploits0
exploitpack
exploitpack
added 2015/04/14 12:0 a.m.23 views

Abrt (Fedora 21) - Race Condition

Abrt Fedora 21 - Race Condition include include include include include include include include include include include include include include include // // This is a race condition exploit for CVE-2015-1862, targeting Fedora. // // Note: It can take a few minutes to win the race condition. // /...

6.9CVSS6.9AI score0.03081EPSS
Exploits13
Cvelist
Cvelist
added 2015/04/10 7:0 p.m.17 views

CVE-2013-6152

...

Exploits0
Fedora
Fedora
added 2015/04/05 2:28 p.m.12 views

[SECURITY] Fedora 20 Update: mingw-qt5-qttranslations-5.4.1-1.fc20

This package contains the Qt software toolkit for developing cross-platform applications. This is the Windows version of Qt, for use in conjunction with the Fedora Windows cross-compiler...

4.3AI score
Exploits0
myhack58
myhack58
added 2015/04/04 12:0 a.m.28 views

PHP arbitrary file upload Vulnerability, CVE-2 0 1 5-2 3 4 8 analysis-vulnerability warning-the black bar safety net

Last night security news broke of a“PHP arbitrary file upload Vulnerability”, CVE number: CVE-2 0 1 5-2 3 4 8 in. At the time landlord is ready to pack up and go home, see this news my heart a surprised: the lost rivers and lakes for many years the 0 character truncation upload vulnerability and...

7.7AI score
Exploits0
exploitpack
exploitpack
added 2015/04/02 12:0 a.m.47 views

WordPress Plugin Simple Ads Manager - Multiple SQL Injections

WordPress Plugin Simple Ads Manager - Multiple SQL Injections Vulnerability title: Wordpress plugin Simple Ads Manager - SQL Injection Product: Wordpress plugin Simple Ads Manager Vendor: https://profiles.wordpress.org/minimus/ Affected version: Simple Ads Manager 2.5.94 and 2.5.96 Download link:...

7.5CVSS0.9AI score0.06259EPSS
Exploits6
0day.today
0day.today
added 2015/04/02 12:0 a.m.61 views

Adobe Flash Player ByteArray With Workers Use After Free Exploit

Exploit for windows platform in category remote exploits This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 'Adobe Flash Player ByteArray With Workers Use After Free', 'Description' = ...

10CVSS0.6AI score0.95683EPSS
Exploits9
Hacker One
Hacker One
added 2015/03/31 3:56 p.m.59 views

HackerOne: Reflected Filename Download

First of all congratulations on awesome bounty system. Big fan here! I found out that it's possible run a RFD attack on Hackerone. If we visit: https://hackerone.com/dsopas We see the normal HTML webpage. Nothing new here. But if we add ?format=json to the URL we can see the JSON file generated b...

Exploits0
seebug.org
seebug.org
added 2015/03/31 12:0 a.m.20 views

KPPW最新版本 绕过防护继续盲注

简要描述: KPPW2620150327UTF-8.zip 3月27 最新版本 详细说明: Url1: http://localhost/KPPW/index.php?do=user&view=message&op=detail&msgId=74&type=trends&intPage=1 Url2: http://localhost/KPPW/index.php?do=user&view=message&op=detail&type=trends&intPage=1&msgId=74%26%261%3D1 Url3:...

7AI score
Exploits0
seebug.org
seebug.org
added 2015/03/26 12:0 a.m.20 views

某政府系统#注入漏洞一枚

简要描述: RT 详细说明: 山东农友软件公司官网:http://www.nongyou.com.cn/ 案例如下: http://61.133.119.187:8091/newsymItemManage/Item1.aspx?id=1 http://222.135.76.147:8200/newsymItemManage/Item1.aspx?id=1 http://222.135.127.190:7200/newsymItemManage/Item1.aspx?id=1 http://221.2.149.47:8200/newsymItemManage/Item1.aspx?id=1...

7.1AI score
Exploits0
OpenVAS
OpenVAS
added 2015/03/25 12:0 a.m.13 views

IT-Grundschutz M4.020: Restriktive Attributvergabe bei Unix-Benutzerdateien und -verzeichnissen

IT-Grundschutz M4.020: Restriktive Attributvergabe bei Unix-Benutzerdateien und -verzeichnissen. Stand: 14. Ergaenzungslieferung 14. EL. Copyright C 2015 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holder...

7.3AI score
Exploits0References1
Rows per page
Query Builder