Lucene search
K

21 matches found

GithubExploit
GithubExploit
added 2023/09/19 12:47 p.m.336 views

Exploit for Insufficient Verification of Data Authenticity in Rarlab Winrar

CVE-2023-38831 - Ejecución Remota de Código en WinRAR RCE exp...

7.8CVSS6.8AI score0.97798EPSS
Exploits49
OSV
OSV
added 2022/05/31 12:58 p.m.10 views

MAL-2022-5680 Malicious code in react-video-live-demo (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d468d734a18f047e43acca515c76ba9b95e8f540c2898360d01c8b8fe4e1a170 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
GithubExploit
GithubExploit
added 2019/09/24 12:47 p.m.72 views

Exploit for Cross-site Scripting in Kunena

CVE-2019-15120 Exploit for XSS via BBCode on Kunena extension...

5.4CVSS5.2AI score0.01355EPSS
Exploits2
0day.today
0day.today
added 2019/03/13 12:0 a.m.83 views

Microsoft Windows MSHTML Engine - (Edit) Remote Code Execution Exploit

Exploit for windows platform in category local exploits Exploit Title: Microsoft Windows CVE-2019-0541 MSHTML Engine "Edit" Remote Code Execution Vulnerability Google Dork: N/A Date: March, 13 2019 Exploit Author: Eduardo Braun Prado Vendor Homepage: http://www.microsoft.com/ Software Link:...

9.3CVSS0.1AI score0.53202EPSS
Exploits4
Hacker One
Hacker One
added 2018/12/20 9:33 p.m.37 views

Keybase: Local privilege escalation bug using Keybase redirector on macOS

There's a local privilege escalation bug in the latest version of Keybase for macOS. The issue is in the process of launching keybase-redirector. The process works as follows: 1. Copy keybase-redirector binary to a root-only location 2. Check its signature 3. Launch the binary Code ref. Note the...

7.2AI score
Exploits0
exploitpack
exploitpack
added 2018/08/28 12:0 a.m.27 views

Microsoft Windows - Advanced Local Procedure Call (ALPC) Local Privilege Escalation

Microsoft Windows - Advanced Local Procedure Call ALPC Local Privilege Escalation Note: PoC will now hijack the print spooler service - spoolsv.exe - as it required less code then hijacking printfilterpipelinesvc.exe, which was shown in the original video demo Description of the vulnerability The...

0.3AI score
Exploits0
Hacker One
Hacker One
added 2017/11/10 9:41 a.m.21 views

Urban Dictionary: Stored XSS on urbandictionary.com

hi team, I have found an XSS flaw on your site in add page. POC in this video...

6.2AI score
Exploits0
Hacker One
Hacker One
added 2017/09/27 3:28 a.m.30 views

Bitwarden: Export vault feature is vulnerable to CSV injection

Hello guys I don't know if you care about this issue but it seems that the export feature in your https://vault.bitwarden.com//tools is vulnerable to CSV injection. If a CSV contains a malicious command it may have big impact Even though there is a popup notification for users before opening the...

0.8AI score
Exploits0
Hacker One
Hacker One
added 2016/10/11 7:59 a.m.349 views

Nextcloud: URI scheme bypass in mail app lead to HTML content spoof and opener control

Bug When we load a HTML mail from mailbox via api, etc http://nextcloud/index.php/apps/mail/accounts//folders/SU5CT1g=/messages//html Our content will be passed to HTML Purifier to strip malicious XSS patterns. After that, an filter will apply to transform acceptable URI schemes http, https, ftp,...

Exploits0
Vulnerability Lab
Vulnerability Lab
added 2015/08/11 12:0 a.m.27 views

UBNT Bug Bounty #3 - Persistent Filename Vulnerability

Document Title: =============== UBNT Bug Bounty 3 - Persistent Filename Vulnerability References: =========== http://www.vulnerability-lab.com/getcontent.php?id=1468 View Video: https://www.youtube.com/watch?v=JeEWyV9VMpE Advisory: http://www.vulnerability-lab.com/getcontent.php?id=1467 Release...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2015/06/24 12:0 a.m.18 views

WordPress Plugin Huge-IT Slider 2.7.5 - Multiple Vulnerabilities

WordPress Plugin Huge-IT Slider 2.7.5 - Multiple Vulnerabilities Exploit Title: WordPress: wordpress huge-it-slider 2.7.5 & Persistent JS-HTML Code injection, Arbitrary slider deletion Date: 2015-06-23 Google Dork: intitle:"index of" intext:"/wp-content/plugins/slider-image/" Exploit Author:...

7.5AI score
Exploits0
securityvulns
securityvulns
added 2015/03/22 12:0 a.m.42 views

Vulnerability in the Dropbox SDK for Android (CVE-2014-8889)

Hi, We have recently discovered a vulnerability in the Dropbox SDK for Android. This vulnerability may enable theft of sensitive information from apps that use the vulnerable Dropbox SDK both locally by malware and also remotely by using drive-by exploitation techniques. The vulnerability is...

2.6CVSS0.3AI score0.05829EPSS
Exploits0
exploitpack
exploitpack
added 2014/10/20 12:0 a.m.62 views

Microsoft Windows - OLE Package Manager SandWorm

Microsoft Windows - OLE Package Manager SandWorm !/usr/bin/env python import os import zipfile import sys ''' Full Exploit: https://github.com/offensive-security/exploitdb-bin-sploits/raw/master/bin-sploits/35019.tar.gz Very quick and ugly SandWorm CVE-2014-4114 exploit builder Exploit Title:...

9.3CVSS8AI score0.81628EPSS
Exploits22
0day.today
0day.today
added 2014/09/19 12:0 a.m.243 views

WordPress Theme Konzept Arbitrary File Upload Vulnerability

Exploit for php platform in category web applications Exploit Title : WordPress Theme Konzept Arbitrary File Upload Vulnerability Exploit Author : NULLPointer Contact : https://www.facebook.com/xenith.gianni Date : 19/09/2014 Vendor Homepage :...

7.1AI score
Exploits0
myhack58
myhack58
added 2014/07/15 12:0 a.m.48 views

Facebook SDK vulnerability threatening millions of mobile phone users accounts-vulnerability warning-the black bar safety net

From MetaIntell the smartphone leadership risk management(MRM)security researchers, found a latest version of Facebook SDK vulnerability in the vulnerability exposes millions of Facebook user's authentication token, it still sounds very scary. ! Facebook for Android and IOS SDK provides the use o...

0.4AI score
Exploits0
Exploit DB
Exploit DB
added 2013/11/01 12:0 a.m.23 views

Watermark Master 2.2.23 - Local Buffer Overflow (SEH)

!/usr/bin/python Exploit Title:Watermark Master Buffer Overflow SEH Date found: 31.10.2013 Exploit Author: metacom URL:http://www.videocharge.com/download.php Software Link:www.videocharge.com/download/WatermarkMasterInstall.exe Version: 2.2.23 Vulnerable products:Watermark Master and Watermark...

7.4AI score
Exploits0
Vulnerability Lab
Vulnerability Lab
added 2013/10/02 12:0 a.m.26 views

Apple iOS v7.0.2 5S - Denial of Service Vulnerability (PoC)

Document Title: =============== Apple iOS v7.0.2 5S - Denial of Service Vulnerability PoC References: =========== http://www.vulnerability-lab.com/getcontent.php?id=1106 Video: https://www.youtube.com/watch?v=jf4t0yFoSD8 Release Date: ============= 2013-10-02 Vulnerability Laboratory ID VL-ID:...

0.1AI score
Exploits0
Kitploit
Kitploit
added 2013/03/20 4:13 a.m.32 views

[XSSF v.3.0] Cross-Site Scripting Framework

The Cross-Site Scripting Framework XSSF is a security tool designed to turn the XSS vulnerability exploitation task into a much easier work. The XSSF project aims to demonstrate the real dangers of XSS vulnerabilities, vulgarizing their exploitation. This project is created solely for education,...

6.1AI score
Exploits0
Vulnerability Lab
Vulnerability Lab
added 2012/02/18 12:0 a.m.18 views

PHP Webbots Technic via File Include & Webshell VD

Document Title: =============== PHP Webbots Technic via File Include & Webshell VD References: =========== Download: http://www.vulnerability-lab.com/resources/videos/445.wmv View: http://www.youtube.com/watch?v=pwkUVZPxEmQ Release Date: ============= 2012-02-18 Vulnerability Laboratory ID VL-ID:...

0.4AI score
Exploits0
The Hacker News
The Hacker News
added 2011/05/10 4:52 a.m.9 views

French security firm VUPEN Say New Bugs Can Bypass Google Chrome Sandbox !

French security firm VUPEN Say New Bugs Can Bypass Google Chrome Sandbox ! Researchers at the French security firm VUPEN say that they have discovered several new vulnerabilities in Google Chrome that enable them to bypass the browser's sandbox, as well as ASLR and DEP and run arbitrary code on a...

7.4AI score
Exploits0
Rows per page
Query Builder