Lucene search
K
ExploitdbMost viewed

47904 matches found

Exploit DB
Exploit DB
added 2024/07/01 12:0 a.m.284 views

Azon Dominator Affiliate Marketing Script - SQL Injection

Exploit Title: Azon Dominator - Affiliate Marketing Script - SQL Injection Date: 2024-06-03 Exploit Author: Buğra Enis Dönmez Vendor: https://www.codester.com/items/12775/azon-dominator-affiliate-marketing-script Demo Site: https://azon-dominator.webister.net/ Tested on: Arch Linux CVE: N/A Reque...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2024/02/26 12:0 a.m.284 views

Wyrestorm Apollo VX20 < 1.3.58 - Incorrect Access Control 'DoS'

Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/WYRESTORMAPOLLOVX20INCORRECTACCESSCONTROLDOSCVE-2024-25736.txt + twitter.com/hyp3rlinx + ISR: ApparitionSec Vendor www.wyrestorm.com Product APOLLO VX20 1.3.58 Vulnerability...

7.5CVSS7.6AI score0.04343EPSS
Exploits4
Exploit DB
Exploit DB
added 2023/05/02 12:0 a.m.284 views

Serendipity 2.4.0 - File Inclusion RCE

Exploit Title: Serendipity 2.4.0 - File Inclusion RCE Author: nu11secur1ty Date: 04.26.2023 Vendor: https://docs.s9y.org/index.html Software: https://github.com/s9y/Serendipity/releases/tag/2.4.0 Reference: https://portswigger.net/web-security/file-upload Reference:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/04/06 12:0 a.m.284 views

Purchase Order Management-1.0 - Local File Inclusion

Title: Purchase Order Management-1.0 - Local File Inclusion Author: nu11secur1ty Date: 03.06.2023 Vendor: https://www.sourcecodester.com/user/257130/activity Software: https://www.sourcecodester.com/php/14935/purchase-order-management-system-using-php-free-source-code.html Reference:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2022/05/11 12:0 a.m.284 views

TCQ - ITeCProteccioAppServer.exe - Unquoted Service Path

Exploit Title: TCQ - 'ITeCProteccioAppServer.exe' Unquoted Service Path Discovery by: Edgar Carrillo Egea - https://twitter.com/ecarrilloeg Discovery Date: 2022-04-25 Vendor Homepage: https://itec.es/programas/ Vulnerability Type: Unquoted Service Path Privilege Escalation Tested on OS: Microsoft...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2022/01/05 12:0 a.m.284 views

Dixell XWEB 500 - Arbitrary File Write

Exploit Title: Dixell XWEB-500 - Arbitrary File Write Google Dork: inurl:"xweb500.cgi" Date: 03/01/2022 Exploit Author: Roberto Palamaro Vendor Homepage: https://climate.emerson.com/it-it/shop/1/dixell-electronics-sku-xweb500-evo-it-it Version: XWEB-500 Tested on: Dixell XWEB-500 References:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/09/13 12:0 a.m.284 views

ECOA Building Automation System - Hidden Backdoor Accounts and backdoor() Function

Exploit Title: ECOA Building Automation System - Hidden Backdoor Accounts and backdoor Function Date: 25.06.2021 Exploit Author: Neurogenesia Vendor Homepage: http://www.ecoa.com.tw ECOA Building Automation System Hidden Backdoor Accounts and backdoor Function Vendor: ECOA Technologies Corp...

0.8AI score
Exploits0
Exploit DB
Exploit DB
added 2021/04/21 12:0 a.m.284 views

Adtran Personal Phone Manager 10.8.1 - DNS Exfiltration

Exploit Title: Adtran Personal Phone Manager 10.8.1 - DNS Exfiltration Date: 1/21/2021 Exploit Author: 3ndG4me Vendor Homepage: https://adtran.com/web/page/portal/Adtran/wphome Version: v10.8.1 Tested on: NetVanta 7060 and NetVanta 7100 CVE : CVE-2021-25681 CVE-2021-25681 - AdTran Personal Phone...

7.5CVSS7.6AI score0.10792EPSS
Exploits5
Exploit DB
Exploit DB
added 2021/03/09 12:0 a.m.284 views

FreeLAN 2.2 - 'FreeLAN Service' Unquoted Service Path

Exploit Title: FreeLAN 2.2 - 'FreeLAN Service' Unquoted Service Path Date: 2021-1-20 Exploit Author: Mohammed Alshehri Vendor Homepage: www.freelan.org Software Link: https://github.com/freelan-developers/freelan/releases/download/2.2/freelan-2.2.0-x86-install.exe Version: Version 2.2 Tested on:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/11/09 12:0 a.m.284 views

Motorola Device Manager 2.5.4 - 'MotoHelperService.exe' Unquoted Service Path

Exploit Title: Motorola Device Manager 2.5.4 - 'MotoHelperService.exe' Unquoted Service Path Discovery by: Angel Canseco Discovery Date: 2020-11-07 Vendor Homepage: https://motorola-device-manager.programas-gratis.net/descarga-completada Tested Version: 2.5.4 Vulnerability Type: Unquoted Service...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/06/04 12:0 a.m.284 views

Clinic Management System 1.0 - Authenticated Arbitrary File Upload

Exploit Title: Clinic Management System 1.0 - Authenticated Arbitrary File Upload Google Dork: N/A Date: 2020-06-02 Exploit Author: BKpatron Vendor Homepage: https://www.sourcecodester.com/php/14243/open-source-clinic-management-system-php-full-source-code.html Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/11/11 12:0 a.m.284 views

Adobe Acrobat Reader DC for Windows - Use of Uninitialized Pointer due to Malformed OTF Font (CFF Table)

We have observed the following access violation exception in the latest version of Adobe Acrobat Reader DC for Windows, when opening a malformed PDF file: --- cut --- 5708.4564: Access violation - code c0000005 first chance First chance exceptions are reported before any exception handling. This...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/11/06 12:0 a.m.284 views

Smartwares HOME easy 1.0.9 - Database Backup Information Disclosure

Title: Smartwares HOME easy 1.0.9 - Database Backup Information Disclosure Author: LiquidWorm Date: 2019-11-05 Vendor: Smartwares Product web page: https://www.smartwares.eu Affected version: =1.0.9 Advisory ID: ZSL-2019-5541 Advisory URL:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/07/24 12:0 a.m.284 views

Trend Micro Deep Discovery Inspector IDS - Security Bypass

Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/TREND-MICRO-DEEP-DISCOVERY-INSPECTOR-PERCENT-ENCODING-IDS-BYPASS.txt + ISR: Apparition Security Vendor www.trendmicro.com Product Deep Discovery Inspector Deep Discovery...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/05/23 12:0 a.m.284 views

Visual Voicemail for iPhone - IMAP NAMESPACE Processing Use-After-Free

Visual Voicemail VVM is a feature of mobile devices that allows voicemail to be read in an email-like format. Carriers set up a Visual Voicemail server that supports IMAP, and the device queries this server for new email. Visual Voicemail is configured over SMS, and carriers inform devices of the...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2024/03/11 12:0 a.m.283 views

Adobe ColdFusion versions 2018,15 (and earlier) and 2021,5 and earlier - Arbitrary File Read

Exploit Title: File Read Arbitrary Exploit for CVE-2023-26360 Google Dork: not Date: 12/28/2023 Exploit Author: Youssef Muhammad Vendor Homepage: https://helpx.adobe.com/coldfusion/kb/coldfusion-downloads.html Software Link: https://drive.google.com/drive/folders/17ryBnFhswxiE1sHrNByxMVPKfUnwqmp0...

9.8CVSS8.8AI score0.97339EPSS
Exploits13
Exploit DB
Exploit DB
added 2023/07/31 12:0 a.m.283 views

Joomla Solidres 2.13.3 - Reflected XSS

Exploit Title: Joomla Solidres 2.13.3 - Reflected XSS Exploit Author: CraCkEr Date: 28/07/2023 Vendor: Solidres Team Vendor Homepage: http://solidres.com/ Software Link: https://extensions.joomla.org/extension/vertical-markets/booking-a-reservations/solidres/ Demo: http://demo.solidres.com/joomla...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/07/20 12:0 a.m.283 views

Boom CMS v8.0.7 - Cross Site Scripting

Exploit Title: Boom CMS v8.0.7 - Cross Site Scripting References Source: https://www.vulnerability-lab.com/getcontent.php?id=2274 Release Date: 2023-07-03 Vulnerability Laboratory ID VL-ID: 2274 Product & Service Introduction: =============================== Boom is a fully featured, easy to use...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/05/02 12:0 a.m.283 views

admidio v4.2.5 - CSV Injection

Exploit Title: admidio v4.2.5 - CSV Injection Application: admidio Version: 4.2.5 Bugs: CSV Injection Technology: PHP Vendor URL: https://www.admidio.org/ Software Link: https://www.admidio.org/download.php Date of found: 26.04.2023 Author: Mirabbas Ağalarov Tested on: Windows 2. Technical Detail...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/04/06 12:0 a.m.283 views

atrocore 1.5.25 User interaction - Unauthenticated File upload - RCE

Exploit Title: atrocore 1.5.25 User interaction - Unauthenticated File upload - RCE Author: nu11secur1ty Date: 02.16.2023 Vendor: https://atropim.com/ Software: https://github.com/atrocore/atrocore/releases/tag/1.5.25 Reference: https://portswigger.net/web-security/file-upload Description: The...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2022/03/10 12:0 a.m.283 views

WOW21 5.0.1.9 - 'Service WOW21_Service' Unquoted Service Path

Exploit Title: WOW21 5.0.1.9 - 'Service WOW21Service' Unquoted Service Path Exploit Author: Antonio Cuomo arkantolo Exploit Date: 2022-03-09 Vendor : ilwebmaster21 Version : WOW21Service 5.0.1.9 Vendor Homepage : https://wow21.life/ Tested on OS: Windows 10 Pro x64 PoC : ============== C:\sc qc...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2022/02/28 12:0 a.m.283 views

Cobian Reflector 0.9.93 RC1 - 'Password' Denial of Service (PoC)

Exploit Title: Cobian Reflector 0.9.93 RC1 - 'Password' Denial of Service PoC Discovery by: Luis Martinez Discovery Date: 2022-02-16 Vendor Homepage: https://www.cobiansoft.com/ Software Link: https://files.cobiansoft.com/programs/crSetup-0.9.93-RC1.exe Tested Version: 0.9.93 RC1 Vulnerability...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2022/02/08 12:0 a.m.283 views

FileBrowser 2.17.2 - Cross Site Request Forgery (CSRF) to Remote Code Execution (RCE)

Exploit Title: FileBrowser 2.17.2 - Cross Site Request Forgery CSRF to Remote Code Execution RCE Date: 5/2/2022 Exploit Author: FEBIN MON SAJI Vendor Homepage: https://filebrowser.org/ Software Link: https://github.com/filebrowser/filebrowser Version: FileBrowser setTimeoutfunction...

8.8CVSS9AI score0.06663EPSS
Exploits6
Exploit DB
Exploit DB
added 2021/09/13 12:0 a.m.283 views

ECOA Building Automation System - Hard-coded Credentials SSH Access

Exploit Title: ECOA Building Automation System - Hard-coded Credentials SSH Access Date: 25.06.2021 Exploit Author: Neurogenesia Vendor Homepage: http://www.ecoa.com.tw ECOA Building Automation System Hard-coded Credentials SSH Access Vendor: ECOA Technologies Corp. Product web page:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/07/02 12:0 a.m.283 views

Garbage Collection Management System 1.0 - SQL Injection (Unauthenticated)

Exploit Title: Garbage Collection Management System 1.0 - SQL Injection Unauthenticated Exploit Author: ircashem Date 02.07.2021 Vendor Homepage: https://www.sourcecodester.com/ Software Link: https://www.sourcecodester.com/php/14854/garbage-collection-management-system-php.html Version 1.0 Teste...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/04/30 12:0 a.m.283 views

GNU Wget < 1.18 - Arbitrary File Upload (2)

Exploit Title: GNU Wget 1.18 - Arbitrary File Upload / Remote Code Execution 2 Original Exploit Author: Dawid Golunski Exploit Author: liewehacksie Version: GNU Wget 1.18 CVE: CVE-2016-4971 import http.server import socketserver import socket import sys class...

8.8CVSS8.9AI score0.45935EPSS
Exploits8
Exploit DB
Exploit DB
added 2020/12/15 12:0 a.m.283 views

Task Management System 1.0 - 'page' Local File Inclusion

Exploit Title: Task Management System 1.0 - 'page' Local File Inclusion Exploit Author: İsmail BOZKURT Date: 2020-12-15 Vendor Homepage: https://www.sourcecodester.com/php/14615/task-management-system-using-phpmysqli-source-code.html Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/04/06 12:0 a.m.283 views

Memu Play 7.1.3 - Insecure Folder Permissions

Exploit Title: Memu Play 7.1.3 - Insecure Folder Permissions Discovery by: chuyreds Discovery Date: 2020-03-08 Vendor Homepage: https://www.memuplay.com/ Software Link : https://www.memuplay.com/download-en.php?filename=Memu-Setup&from=officialrelease Tested Version: 7.1.3 Vulnerability Type: Loc...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2019/11/04 12:0 a.m.283 views

Apple macOS 10.15.1 - Denial of Service (PoC)

Exploit Title: Apple macOS 10.15.1 - Denial of Service PoC Date: 2019-11-02 Exploit Author: 08Tc3wBB Vendor Homepage: Apple Software Link: Version: Apple macOS msghlocalport, msg1.msghsize, msg4.msghreserved, unsigned intmsg4.msghid, QWORD &msg1.msghreserved, // inputmem1 msg2.msghsize 2, //...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/10/09 12:0 a.m.283 views

Foscam Video Management System 1.1.6.6 - 'UID' Denial of Service (PoC)

Exploit Title: Foscam Video Management System 1.1.6.6 - 'UID' Denial of Service PoC Author: Alessandro Magnosi Date: 2019-10-09 Vendor Homepage: https://www.foscam.com/ Software Link : https://www.foscam.com/downloads/appsoftware.html?id=5 Tested Version: 1.1.6.6 Vulnerability Type: Denial of...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/09/03 12:0 a.m.283 views

Cisco Data Center Network Manager - Unauthenticated Remote Code Execution (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Cisco Data Center Network Manager Unauthenticated Remote Code Execution', 'Description' = %q DCNM exposes a file upload servlet FileUploadServlet...

9.8CVSS7AI score0.82815EPSS
Exploits8
Exploit DB
Exploit DB
added 2018/10/16 12:0 a.m.283 views

VLC Media Player - MKV Use-After-Free (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'VLC Media Player MKV Use After Free', 'Description' = %q This module exploits a use after free vulnerability in VideoLAN VLC = MSFLICENSE, 'Autho...

8CVSS8.1AI score0.40612EPSS
Exploits10
Exploit DB
Exploit DB
added 2018/01/09 12:0 a.m.283 views

Microsoft Office - 'Composite Moniker Remote Code Execution

What? This repo contains a Proof of Concept exploit for CVE-2017-8570, a.k.a the "Composite Moniker" vulnerability. This demonstrates using the Packager.dll trick to drop an sct file into the %TEMP% directory, and then execute it using the primitive that the vulnerability provides. Download:...

9.3CVSS8.2AI score0.89889EPSS
Exploits14
Exploit DB
Exploit DB
added 2010/06/03 12:0 a.m.284 views

Article Management System 2.1.2 - Reinstall

======================================================================================== | Title : ArticleMS Article Management System 2.1.2 Reinstall Vulnerability | Author : indoushka | email : [email protected] | Dork : Powered by ArticleMS from ArticleTrader | Tested on: windows SP2...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2024/06/26 12:0 a.m.282 views

Flatboard 3.2 - Stored Cross-Site Scripting (XSS) (Authenticated)

Exploit Title: Flatboard 3.2 - Stored Cross-Site Scripting XSS Authenticated Date: 2024-06-23 Exploit Author: tmrswrr Category : Webapps Vendor Homepage: https://flatboard.org/ Version: 3.2 PoC: 1-Login admin panel , go to this url : https://127.0.0.1//Flatboard/index.php/forum 2-Click Add Forum...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2024/04/21 12:0 a.m.282 views

SofaWiki 3.9.2 - Remote Command Execution (RCE) (Authenticated)

Exploit Title: SofaWiki 3.9.2 - Remote Command Execution RCE Authenticated Discovered by: Ahmet Ümit BAYRAM Discovered Date: 18.04.2024 Vendor Homepage: https://www.sofawiki.com Software Link: https://www.sofawiki.com/site/files/snapshot.zip Tested Version: v3.9.2 latest Tested on: MacOS import...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/04/06 12:0 a.m.282 views

ABUS Security Camera TVIP 20000-21150 - LFI, RCE and SSH Root Access

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Exploit Title: ABUS Security Camera TVIP 20000-21150 - LFI, RCE and SSH Root Access Date: 2023-02-16 Exploit Author: [email protected] for NetworkSEC NWSSA-001-2023 Vendor Homepage: https://www.abus.com Version/Model: TVIP...

7.2CVSS7AI score0.38722EPSS
Exploits5
Exploit DB
Exploit DB
added 2023/04/06 12:0 a.m.282 views

Osprey Pump Controller v1.0.1 - Unauthenticated Reflected XSS

Exploit Title: Osprey Pump Controller v1.0.1 - Unauthenticated Reflected XSS Exploit Author: LiquidWorm Vendor: ProPump and Controls, Inc. Product web page: https://www.propumpservice.com | https://www.pumpstationparts.com Affected version: Software Build ID 20211018, Production 10/18/2021 Mirage...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2022/04/19 12:0 a.m.282 views

Delta Controls enteliTOUCH 3.40.3935 - Cross-Site Request Forgery (CSRF)

Exploit Tile: Delta Controls enteliTOUCH 3.40.3935 - Cross-Site Request Forgery CSRF Exploit Author: LiquidWorm enteliTouch CSRF CSRF Add User: form action="http://192.168.0.210/deltaweb/hmiuseredit.asp?formActio...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2022/04/19 12:0 a.m.282 views

Verizon 4G LTE Network Extender - Weak Credentials Algorithm

Exploit Title: Verizon 4G LTE Network Extender - Weak Credentials Algorithm Exploit Author: LiquidWorm Vendor: Verizon Communications Inc. Product web page: https://www.verizon.com Affected version: GA4.38 - V0.4.038.2131 Summary: An LTE Network Extender enhances your indoor and 4G LTE data and...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2021/10/13 12:0 a.m.282 views

Online Learning System 2.0 - 'Multiple' SQLi Authentication Bypass

Exploit Title: Online Learning System 2.0 - 'Multiple' SQLi Authentication Bypass Date: 11.10.2021 Exploit Author: Oguzhan Kara Vendor Homepage: https://www.sourcecodester.com/php/14929/online-learning-system-v2-using-php-free-source-code.html Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/10/19 12:0 a.m.282 views

Typesetter CMS 5.1 - Arbitrary Code Execution (Authenticated)

Exploit Title: Typesetter CMS 5.1 - Arbitrary Code Execution Exploit Author: Rodolfo "t0gu" Tavares Contact: @t0guu TW Software Homepage: https://www.typesettercms.com/ Version : 5.1 Tested on: Linux / Apache Category: WebApp Google Dork: intext:"Powered by Typesetter" Date: 2020-09-29 CVE :...

7.2CVSS7AI score0.15578EPSS
Exploits3
Exploit DB
Exploit DB
added 2020/05/18 12:0 a.m.282 views

Online Examination System 1.0 - 'eid' SQL Injection

Exploit Title: Online Examination System 1.0 - 'eid' SQL Injection Google Dork: N/A Date: 2020-05-16 Exploit Author: BKpatron Vendor Homepage: https://www.sourcecodester.com/php/14210/online-examination-system-project-using-phpmysql.html Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/03/12 12:0 a.m.282 views

rConfig 3.9 - 'searchColumn' SQL Injection

Exploit Title: rConfig 3.9 - 'searchColumn' SQL Injection Exploit Author: vikingfr Date: 2020-03-03 CVE-2020-10220 Exploit link : https://github.com/v1k1ngfr/exploits-rconfig/blob/master/rconfigCVE-2020-10220.py Vendor Homepage: https://rconfig.com/ see also : https://github.com/rconfig/rconfig...

9.8CVSS9.5AI score0.99683EPSS
Exploits14
Exploit DB
Exploit DB
added 2020/03/02 12:0 a.m.282 views

TP LINK TL-WR849N - Remote Code Execution

Exploit Title: TP LINK TL-WR849N - Remote Code Execution Date: 2019-11-20 Exploit Author: Elber Tavares Vendor Homepage: https://www.tp-link.com/ Software Link: https://www.tp-link.com/br/support/download/tl-wr849n/Firmware Version: TL-WR849N 0.9.1 4.16 Tested on: linux, windows CVE : CVE-2020-93...

9.8CVSS9.7AI score0.42047EPSS
Exploits4
Exploit DB
Exploit DB
added 2019/10/10 12:0 a.m.282 views

Microsoft Windows Kernel - Out-of-Bounds Read in nt!MiParseImageLoadConfig While Parsing Malformed PE File

We have encountered a Windows kernel crash in memcpy called by nt!MiParseImageLoadConfig while trying to load a malformed PE image into the process address space as a data file i.e. LoadLibraryExLOADLIBRARYASDATAFILE | LOADLIBRARYASIMAGERESOURCE. An example crash log generated after triggering th...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/01/25 12:0 a.m.282 views

iOS/macOS - 'task_swap_mach_voucher()' Use-After-Free

/ voucherswap-poc.c Brandon Azad / if 0 iOS/macOS: taskswapmachvoucher does not respect MIG semantics leading to use-after-free The dangers of not obeying MIG semantics have been well documented: see issues 926 CVE-2016-7612, 954 CVE-2016-7633, 1417 CVE-2017-13861, asyncwake, 1520 CVE-2018-4139,...

6.8AI score
Exploits0
Exploit DB
Exploit DB
added 2017/06/07 12:0 a.m.282 views

Linux Kernel - 'ping' Local Denial of Service

// Source: https://raw.githubusercontent.com/danieljiang0415/androidkernelcrashpoc/master/panic.c include include include include static int sockfd = 0; static struct sockaddrin addr = 0; void fuzzvoid param while1 addr.sinfamily = 0;//rand%42; printf"sinfamily1 = %08lx\n", addr.sinfamily;...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2006/10/15 12:0 a.m.282 views

NuralStorm Webmail 0.98b - 'process.php' Remote File Inclusion

--------------------------------------------------------------------------- NuralStorm Webmail = 0.98b Remote File Include Vulnerability --------------------------------------------------------------------------- Discovered By Kw3RLn Romanian Security Team : hTTp://RST-CREW.net : Remote : Yes...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2000/07/13 12:0 a.m.282 views

Microsoft IIS 2.0/3.0/4.0/5.0/5.1 - Internal IP Address Disclosure

source: https://www.securityfocus.com/bid/1499/info When a remote user attempts to access an area protected by basic authentication with no realm defined, while specifying HTTP 1.0, Microsoft IIS will return an Access Denied error message containing the internal IP address of the host. Even if II...

7.4AI score
Exploits0
Total number of security vulnerabilities5000