Lucene search
K

28 matches found

GithubExploit
GithubExploit
โ€ขadded 2022/05/02 11:56 p.m.โ€ข284 views

Exploit for Incorrect Authorization in Polkit_Project Polkit

Exploit for CVE-2021-3560 Polkit - Local Privilege Escalatio...

7.8CVSS8AI score0.22193EPSS
Exploits37
Packet Storm
Packet Storm
โ€ขadded 2021/12/16 12:0 a.m.โ€ข298 views

Arunna 1.0.0 Cross Site Request Forgery

Exploit Title: Arunna 1.0.0 - 'Multiple' Cross-Site Request Forgery CSRF Date: November 29, 2021 Exploit Author: =LL= Detailed Bug Description: https://lyhinslab.org/index.php/2021/11/29/how-white-box-hacking-works-xss-csrf-in-arunna/ Vendor Homepage: https://github.com/arunna Software Link:...

1AI score
Exploits0
Huntr
Huntr
โ€ขadded 2021/11/18 5:49 p.m.โ€ข34 views

Heap-based Buffer Overflow in vim/vim

Description Greetings, A Heap-based Buffer Overflow issue was discovered in Vim. The POC file is reduced to the absolute minimum to reproduce the problem. Please see sanitizer output and the "trimmed" POC file link below. System info OS version : Ubuntu 20.04.2 LTS + Clang 12 with ASan Vim Versio...

6.8CVSS7.8AI score0.01461EPSS
Exploits1References1
Huntr
Huntr
โ€ขadded 2021/10/24 11:10 p.m.โ€ข39 views

Heap-based Buffer Overflow in vim/vim

Description Greetings, A Heap-based Buffer Overflow issue was discovered in Vim. The POC file is reduced to the absolute minimum to reproduce the problem. Please see sanitizer output and the "trimmed" POC file link below. System info OS version : Ubuntu 20.04.2 LTS + Clang 12 with ASan Vim Versio...

4.6CVSS7.5AI score0.00601EPSS
Exploits1References1
Huntr
Huntr
โ€ขadded 2021/10/24 10:44 p.m.โ€ข37 views

None in vim/vim

Description Greetings, A Use After Free issue was discovered in Vim. The POC file is reduced to the absolute minimum to reproduce the problem. Please see sanitizer output and the "trimmed" POC file link below. System info OS version : Ubuntu 20.04.2 LTS + Clang 12 with ASan Vim Version :...

6.8CVSS7.6AI score0.01273EPSS
Exploits1References1
Exploit DB
Exploit DB
โ€ขadded 2021/10/18 12:0 a.m.โ€ข298 views

Support Board 3.3.4 - 'Message' Stored Cross-Site Scripting (XSS)

Exploit Title: Support Board 3.3.4 - 'Message' Stored Cross-Site Scripting XSS Date: 16/10/2021 Exploit Author: John Jefferson Li Vendor Homepage: https://board.support/ Software Link: https://codecanyon.net/item/support-board-help-desk-and-chat/20359943 Version: 3.3.4 Tested on: Ubuntu 20.04.2...

7.4AI score
Exploits0
0day.today
0day.today
โ€ขadded 2021/10/18 12:0 a.m.โ€ข314 views

Support Board 3.3.4 - (Message) Stored Cross-Site Scripting Vulnerability

Exploit Title: Support Board 3.3.4 - 'Message' Stored Cross-Site Scripting XSS Exploit Author: John Jefferson Li Vendor Homepage: https://board.support/ Software Link: https://codecanyon.net/item/support-board-help-desk-and-chat/20359943 Version: 3.3.4 Tested on: Ubuntu 20.04.2 LTS, Windows 10 PO...

7.4AI score
Exploits0
0day.today
0day.today
โ€ขadded 2021/09/15 12:0 a.m.โ€ข195 views

Support Board 3.3.3 - Multiple SQL Injection (Unauthenticated) Vulnerability

Exploit Title: Support Board 3.3.3 - 'Multiple' SQL Injection Unauthenticated Exploit Author: John Jefferson Li Vendor Homepage: https://board.support/ Software Link: https://codecanyon.net/item/support-board-help-desk-and-chat/20359943 Version: 3.3.3 Tested on: Ubuntu 20.04.2 LTS ----- PoC 1:...

0.6AI score
Exploits0
Exploit DB
Exploit DB
โ€ขadded 2021/08/04 12:0 a.m.โ€ข425 views

Client Management System 1.1 - 'cname' Stored Cross-site scripting (XSS)

Exploit Title: Client Management System 1.1 - 'cname' Stored Cross-site scripting XSS Date: 2021-08-04 Exploit Author: Mohammad Koochaki Vendor Homepage: https://phpgurukul.com/client-management-system-using-php-mysql/ Software Link: https://phpgurukul.com/?smdprocessdownload=1&downloadid=10841...

7.4AI score
Exploits0
0day.today
0day.today
โ€ขadded 2021/08/04 12:0 a.m.โ€ข113 views

Client Management System 1.1 - (cname) Stored Cross-site scripting Vulnerability

Exploit Title: Client Management System 1.1 - 'cname' Stored Cross-site scripting XSS Exploit Author: Mohammad Koochaki Vendor Homepage: https://phpgurukul.com/client-management-system-using-php-mysql/ Software Link: https://phpgurukul.com/?smdprocessdownload=1&downloadid=10841 Version: 1.1 Teste...

Exploits0
Exploit DB
Exploit DB
โ€ขadded 2021/08/02 12:0 a.m.โ€ข685 views

Online Hotel Reservation System 1.0 - 'Multiple' Cross-site scripting (XSS)

Exploit Title: Online Hotel Reservation System 1.0 - 'Multiple' Cross-site scripting XSS Date: 2021-08-02 Exploit Author: Mohammad Koochaki Vendor Homepage: https://www.sourcecodester.com/php/13492/online-hotel-reservation-system-phpmysqli.html Software Link:...

7.4AI score
Exploits0
0day.today
0day.today
โ€ขadded 2021/08/01 12:0 a.m.โ€ข149 views

Online Hotel Reservation System 1.0 - (Multiple) Cross-site scripting Vulnerability

Exploit Title: Online Hotel Reservation System 1.0 - 'Multiple' Cross-site scripting XSS Exploit Author: Mohammad Koochaki Vendor Homepage: https://www.sourcecodester.com/php/13492/online-hotel-reservation-system-phpmysqli.html Software Link:...

0.2AI score
Exploits0
Huntr
Huntr
โ€ขadded 2021/06/23 1:44 p.m.โ€ข6 views

in lavv17/lftp

โœ๏ธ Description Whilst testing lftp built from commit d67fc1 with Clang 13 +ASan on Ubuntu 20.04.2 LTS, we discovered a crafted file which triggers a null pointer dereference and segfault. ๐Ÿ•ต๏ธโ€โ™‚๏ธ Proof of Concept echo "aiYgAQEBNA==" | base64 -d /tmp/file.fuzz && ./lftp -f /tmp/file.fuzz The above POC...

0.9AI score
Exploits0
Huntr
Huntr
โ€ขadded 2021/06/19 12:41 p.m.โ€ข14 views

Heap-based Buffer Overflow in squell/id3

โœ๏ธ Description While testing id3 built from commit 0de713 with Clang 13 +ASan on Ubuntu 20.04.2, we discovered a POC which triggers a heap-buffer-overflow in tag::unbinarize. This particular flaw was discovered with the help of honggfuzz. ๐Ÿ•ต๏ธโ€โ™‚๏ธ Proof of Concept echo...

Exploits0
Huntr
Huntr
โ€ขadded 2021/06/09 12:53 p.m.โ€ข5 views

Heap-based Buffer Overflow in rup0rt/pcapfix

โœ๏ธ Description Whilst testing the 'devel' branch of pcapfix, specifically commit fb723ccompiled with clang-13 and -fsanitize=address on Ubuntu 20.04.2 LTS, we discovered a POC which triggers a heap-buffer-overflow. ๐Ÿ•ต๏ธโ€โ™‚๏ธ Proof of Concept git clone https://github.com/Rup0rt/pcapfix cd pcapfix...

0.1AI score
Exploits0
Huntr
Huntr
โ€ขadded 2021/06/06 8:44 p.m.โ€ข12 views

Heap-based Buffer Overflow in rup0rt/pcapfix

โœ๏ธ Description Whilst testing pcapfix built from commit 5c2965 with Clang 13 +ASan on Ubuntu 20.04.2 LTS, we discovered a PCAPNG file which triggers a heap-buffer-overflow during a memcpy operation. ๐Ÿ•ต๏ธโ€โ™‚๏ธ Proof of Concept echo "Cg0NCgAAAADT1MOysvgUAAAAAEpaggAAoPWPsvgUAAAAAAAAAAAA" | base64 -d...

7AI score
Exploits0
Huntr
Huntr
โ€ขadded 2021/06/04 1:15 p.m.โ€ข9 views

Heap-based Buffer Overflow in squell/id3

โœ๏ธ Description Archive.org is a worthy cause to support. ๐Ÿ‘ During testing of id3 compiled from commit a899ea with Clang 13+ASan on Ubuntu 20.04.2, we discovered a payload which triggers a heap-buffer-overflow in ID3put. This particular bug was found using the AFL fuzzer. ๐Ÿ•ต๏ธโ€โ™‚๏ธ Proof of Concept echo...

0.2AI score
Exploits0
Huntr
Huntr
โ€ขadded 2021/06/04 1:7 p.m.โ€ข15 views

in squell/id3

โœ๏ธ Description Archive.org is a worthy cause to support. ๐Ÿ‘ During testing of id3 compiled from commit a899ea with Clang 13+ASan on Ubuntu 20.04.2, we discovered a payload which triggers a negative-size-param: size=-4 error when calling memcpy. This particular bug was discovered with the AFL fuzzer...

0.3AI score
Exploits0
Huntr
Huntr
โ€ขadded 2021/05/25 10:34 p.m.โ€ข20 views

in thisistherk/fast_obj

โœ๏ธ Description Whilst experimenting with the test code built from commit d97389 with Clang 11 +UBSan on Ubuntu 20.04.2 LTS, we discovered an OBJ file which produces a signed integer overflow and a pointer overflow followed by a SIGSEGV ๐Ÿ•ต๏ธโ€โ™‚๏ธ Proof of Concept echo...

2.8AI score
Exploits0
0day.today
0day.today
โ€ขadded 2021/05/24 12:0 a.m.โ€ข35 views

PHP 8.1.0-dev Backdoor Remote Command Injection Exploit

Exploit Title: PHP 8.1.0-dev backdoor | Remote Command Injection Unauthenticated Exploit Author: Richard Jones Vendor Homepage: https://www.php.net/ Software Link: https://github.com/vulhub/vulhub/tree/master/php/8.1-backdoor Version: PHP 8.1.0-dev Tested on: Linux Ubuntu 20.04.2 LTS...

0.1AI score
Exploits0
Rows per page
Query Builder