Lucene search
K

11967 matches found

Packet Storm
Packet Storm
added 2014/10/05 12:0 a.m.25 views

AutoWeb 3.0 SQL Injection

!/usr/bin/env python -- coding:utf-8 -- Title : AutoWeb v3.0 noticias.php idcat SQL Injection Exploit Author : ZoRLu / [email protected] / [email protected] Home : http://milw00rm.com / its online Download : http://www.multdivision.com.br Demo : http://www.cbnmogi.com.br Other Vuln. :...

0.1AI score
Exploits0
Exploit DB
Exploit DB
added 2014/10/01 12:0 a.m.79 views

IPFire - CGI Web Interface (Authenticated) Bash Environment Variable Code Injection

!/usr/bin/env python Exploit Title : IPFire = 2.15 core 82 Authenticated cgi Remote Command Injection ShellShock Exploit Author : Claudio Viviani Vendor Homepage : http://www.ipfire.org Software Link: http://downloads.ipfire.org/releases/ipfire-2.x/2.15-core82/ipfire-2.15.i586-full-core82.iso Dat...

10CVSS10AI score0.99999EPSS
Exploits130
Vulnerability Lab
Vulnerability Lab
added 2014/09/29 12:0 a.m.18 views

PayPal Inc BB #53 - Multiple Persistent Vulnerabilities

Document Title: =============== PayPal Inc BB 53 - Multiple Persistent Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=835 Release Date: ============= 2014-09-29 Vulnerability Laboratory ID VL-ID: ==================================== 835...

0.4AI score
Exploits0
Exploit DB
Exploit DB
added 2014/09/25 12:0 a.m.38 views

Linux/x86 - Add map in /etc/hosts file

Linux/x86 - Add map in /etc/hosts file. Shellcode exploit for linx86 platform / ;modifyhosts.asm ;this program add a new entry in hosts file pointing google.com to 127.1.1.1 ;author Javier Tejedor ;date 24/09/2014 global start section .text start: xor ecx, ecx mul ecx mov al, 0x5 push ecx push...

Exploits0
Vulnerability Lab
Vulnerability Lab
added 2014/09/24 12:0 a.m.13 views

PayPal Inc BB #71 PPM - Persistent Filter Vulnerability

Document Title: =============== PayPal Inc BB 71 PPM - Persistent Filter Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=870 PayPal Security UID: Roc83bl Release Date: ============= 2014-09-24 Vulnerability Laboratory ID VL-ID:...

0.2AI score
Exploits0
seebug.org
seebug.org
added 2014/09/18 12:0 a.m.32 views

Wordpress WP Support Plus Responsive Ticket System 2.0 Plugin - Multiple Vulnerabilities

No description provided by source. Exploit Title: Wordpress WP Support Plus Responsive Ticket System 2.0 Plugin - Multiple Vulnerabilities Google Dork: N/A Date: 09.09.2014 Exploit Author: Fikri Fadzil - [email protected] Vendor Homepage - http://wpsuportplus.byethost7.com/ Softwar...

7.1AI score
Exploits0
Exploit DB
Exploit DB
added 2014/09/13 12:0 a.m.23 views

Comodo Internet Security - HIPS/Sandbox Escape

Exploit: http://www.joxeankoret.com/download/comodosandboxescape/sandboxtest1.tar.gz Mirror: https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/34648.tar.gz sandboxtest1.tar.gz Video: http://www.joxeankoret.com/download/comodosandboxescape/video/sandboxescape1.htm...

7.4AI score
Exploits0
The Coalfire Blog
The Coalfire Blog
added 2014/09/11 6:48 p.m.8 views

Two final thoughts from the PCI Community Meeting

The 2014 North American PCI Community Meeting has drawn to a close, but the messages and lessons learned will continue to resonate with me long after Ive returned home to Denver. There were two messages from the SSC this week that really struck a chord with me and I wanted to expand on why I thin...

7.2AI score
Exploits0
Exploit DB
Exploit DB
added 2014/09/09 12:0 a.m.29 views

ALCASAR 2.8 - Remote Code Execution

!/usr/bin/env python -- coding: utf-8 -- ALCASAR = 2.8 Remote Root Code Execution Vulnerability Author: eF Date : 2014-02-10 db 88 ,ad8888ba, db ad88888ba db 88888888ba d88b 88 d8"' "8b d88b d8" "8b d88b 88 "8b d8'8b 88 d8' d8'8b Y8, d8'8b 88 ,8P d8' 8b 88 88 d8' 8b Y8aaaaa, d8' 8b 88aaaaaa8P'...

7.4AI score
Exploits0
seebug.org
seebug.org
added 2014/09/04 12:0 a.m.41 views

WooCommerce Store Exporter 1.7.5 - Multiple XSS Vulnerabilities

No description provided by source. Exploit Title: WooCommerce Store Exporter v1.7.5 Stored XSS Google Dork: inurl:"woocommerce-exporter" Date: 26/08/2014 Exploit Author: Mike Manzotti @ Dionach Vendor Homepage: http://www.visser.com.au/plugins/store-exporter/ Software Link:...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2014/09/01 12:0 a.m.23 views

Arachni Web Application Scanner 0.4.7 Cross Site Scripting

Title: Arachni Web Application Scanner Web UI Stored XSS Vulnerability CVE: 2014-5469 Vendor Homepage: http://www.arachni-scanner.com/ Author: Prakhar Prasad Author Homepage: https://prakharprasad.com Reference: https://github.com/Arachni/arachni-ui-web/issues/71 Affected Version: Arachni...

Exploits0
Packet Storm
Packet Storm
added 2014/08/27 12:0 a.m.29 views

Furniture Site Manager SQL Injection

Furniture Site Manager = Remote productid SQL Injection Vulnerability My + Author : KnocKout Contact : [email protected] onlymail HomePage : http://h4x0resec.blogspot.com - http://cyber-warrior.org GREETZ : DaiMon,BARCOD3UnDeRTaKeR Say: Görmeyeli nasýlsýnýz beyler? xoron hala buralarý takip...

0.3AI score
Exploits0
0day.today
0day.today
added 2014/08/27 12:0 a.m.55 views

glibc Off-by-One NUL Byte gconv_translit_find Exploit

glibc gconvtranslitfind single-fixed-byte heap metadata overflow local root exploit for Fedora 20 32-bit. This issue is not specific to Fedora, but the proof of concept is specifically for Fedora 20 32-bit. // --------------------------------------------------- // CVE-2014-5119 glibc...

7.5CVSS0.1AI score0.18099EPSS
Exploits4
securityvulns
securityvulns
added 2014/08/26 12:0 a.m.111 views

Pro Chat Rooms v8.2.0 - Multiple Vulnerabilities

Exploit Title: Pro Chat Rooms v8.2.0 - Multiple Vulnerabilities Google Dork: intitle:"Powered by Pro Chat Rooms" Date: 5 August 2014 Exploit Author: Mike Manzotti @ Dionach Ltd Vendor Homepage: http://prochatrooms.com Software Link: http://prochatrooms.com/software.php Version: v8.2.0 Tested on:...

7.4AI score
Exploits0
Prion
Prion
added 2014/08/14 2:55 p.m.18 views

Sql injection

Multiple SQL injection vulnerabilities in TestLink 1.9.3, 1.8.5b, and earlier allow remote authenticated users with certain permissions to execute arbitrary SQL commands via the rootnode parameter in the displaychildren function to 1 getrequirementnodes.php or 2 gettprojectnodes.php in lib/ajax/;...

6.5CVSS8.7AI score0.05837EPSS
Exploits3References9Affected Software1
seebug.org
seebug.org
added 2014/08/05 12:0 a.m.19 views

CmsEasy最新版5.5_UTF-8_20140802绕过四次补丁继续SQL注入

简要描述: CmsEasy最新版5.5UTF-820140802绕过四次补丁继续SQL注入 详细说明: CmsEasy最新版5.5UTF-820140802,前面被雨神饶了三次 WooYun: cmseasy绕过补丁SQL注入一枚 WooYun: 继续绕过cmseasy补丁继续注入 WooYun: 持续绕过cmseasy两次补丁继续注入 最新的里面也修复了,但是修复不完整,这是第四次补丁了 继续绕过,进行SQL注入 来看看文件:archiveact.php function respondaction includeonce ROOT . '/lib/plugins/pay/'...

7AI score
Exploits0
0day.today
0day.today
added 2014/08/01 12:0 a.m.59 views

Ubiquiti UbiFi / mFi / AirVision - CSRF Vulnerability

Exploit for hardware platform in category web applications function sendCSRF var urlbase = "https://192.168.0.106:8443/api/add/admin" var postdata="%7B%22name%22%3A%22csrf%22%2C%22lang%22%3A%22enUS%22%2C%22xpassword%22%3A%22csrf%22%7D" var xmlhttp; xmlhttp = new XMLHttpRequest; xmlhttp.open"POST"...

3.7CVSS0.4AI score0.01284EPSS
Exploits6
0day.today
0day.today
added 2014/08/01 12:0 a.m.39 views

D-Link AP 3200 Multiple Vulnerabilities

Exploit for hardware platform in category web applications Those vulnerabilities have only been tested on the D-Link AP 3200 serie but other series 8600, 7700, 2700, .. might also be vulnerable. 1. Unauthenticated request to change Wireless settings To do so, you just need to craft a specific POS...

6.7AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2014/07/25 12:0 a.m.37 views

Cisco IOS XE PPPoE Packet DoS (CSCuo55180)

According to its self-reported version, the remote IOS device is affected by a denial of service vulnerability. The issue is due to improper processing of malformed PPPoE packets. A remote attacker, with a specially crafted PPPoE packet, could cause the device to reboot. TRUSTED...

6.1CVSS5.5AI score0.01207EPSS
Exploits0References3
0day.today
0day.today
added 2014/07/24 12:0 a.m.20 views

Lian Li NAS - Multiple Vulnerabilities

Exploit for hardware platform in category web applications Exploit Title: Lian Li NAS Multiple vulnerabilities Date: 21/07/2014 Exploit Author: pws Vendor Homepage: http://www.lian-li.com/en/dtportfoliocategory/nas/ Firmware Link: https://www.dropbox.com/s/imvkndl8m5yj7qp/G5S604121826700.tar.gz...

7.1AI score
Exploits0
Rows per page
Query Builder