Lucene search
K
ExploitdbRecent

47904 matches found

Exploit DB
Exploit DB
added 2019/08/15 12:0 a.m.178 views

Microsoft Font Subsetting - DLL Heap-Based Out-of-Bounds read in GetGlyphIdx

-----===== Background =====----- The Microsoft Font Subsetting DLL fontsub.dll is a default Windows helper library for subsetting TTF fonts; i.e. converting fonts to their more compact versions based on the specific glyphs used in the document where the fonts are embedded. It is used by Windows G...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/08/15 12:0 a.m.192 views

Microsoft Font Subsetting - DLL Returning a Dangling Pointer via MergeFontPackage

-----===== Background =====----- The Microsoft Font Subsetting DLL fontsub.dll is a default Windows helper library for subsetting TTF fonts; i.e. converting fonts to their more compact versions based on the specific glyphs used in the document where the fonts are embedded. It is used by Windows G...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/08/15 12:0 a.m.301 views

Adobe Acrobat CoolType (AFDKO) - Call from Uninitialized Memory due to Empty FDArray in Type 1 Fonts

-----===== Background =====----- AFDKO Adobe Font Development Kit for OpenType is a set of tools for examining, modifying and building fonts. The core part of this toolset is a font handling library written in C, which provides interfaces for reading and writing Type 1, OpenType, TrueType to some...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/08/15 12:0 a.m.114 views

Microsoft Font Subsetting - DLL Double Free in MergeFormat12Cmap / MakeFormat12MergedGlyphList

-----===== Background =====----- The Microsoft Font Subsetting DLL fontsub.dll is a default Windows helper library for subsetting TTF fonts; i.e. converting fonts to their more compact versions based on the specific glyphs used in the document where the fonts are embedded. It is used by Windows G...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/08/15 12:0 a.m.304 views

Adobe Acrobat CoolType (AFDKO) - Memory Corruption in the Handling of Type 1 Font load/store Operators

-----===== Background =====----- AFDKO Adobe Font Development Kit for OpenType is a set of tools for examining, modifying and building fonts. The core part of this toolset is a font handling library written in C, which provides interfaces for reading and writing Type 1, OpenType, TrueType to some...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/08/15 12:0 a.m.390 views

Microsoft Windows Text Services Framework MSCTF - Multiple Vulnerabilities

The msctf subsystem is part of the Text Services Framework, The TSF manages things like input methods, keyboard layouts, text processing and so on. There are two main components, the ctfmon server and the msctf client. The ctfmon service creates an ALPC port in a well known location, to which...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/08/15 12:0 a.m.141 views

NSKeyedUnarchiver - Info Leak in Decoding SGBigUTF8String

There is an info leak when decoding the SGBigUTF8String class using SGBigUTF8String initWithCoder:. This class initializes the string using SGBigUTF8String initWithUTF8DataNullTerminated: even though there is no guarantee the bytes provided to the decoder are null terminated. It should use...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/08/15 12:0 a.m.140 views

Adobe Acrobat Reader DC for Windows - Double Free due to Malformed JP2 Stream

We have observed the following crash in the latest version of Adobe Acrobat Reader DC for Windows, when opening a malformed PDF file: --- cut --- ======================================= VERIFIER STOP 00000007: pid 0x2C1C: Heap block already freed. 0C441000 : Heap handle for the heap owning the...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/08/15 12:0 a.m.189 views

Adobe Acrobat Reader DC for Windows - Heap-Based Buffer Overflow due to Malformed Font Stream

We have observed the following access violation exception in the latest version of Adobe Acrobat Reader DC for Windows, when opening a malformed PDF file: --- cut --- 50a8.4100: Access violation - code c0000005 first chance First chance exceptions are reported before any exception handling. This...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/08/15 12:0 a.m.263 views

Adobe Acrobat Reader DC for Windows - Static Buffer Overflow due to Malformed Font Stream

We have observed the following access violation exception in the latest version of Adobe Acrobat Reader DC for Windows, when opening a malformed PDF file: --- cut --- 188c.47fc: Access violation - code c0000005 first chance First chance exceptions are reported before any exception handling. This...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/08/15 12:0 a.m.166 views

Adobe Acrobat Reader DC for Windows - Heap-Based Buffer Overflow in CoolType.dll

We have observed the following access violation exception in the latest version of Adobe Acrobat Reader DC for Windows, when opening a malformed PDF file: --- cut --- 3fb8.2ac4: Access violation - code c0000005 first chance First chance exceptions are reported before any exception handling. This...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/08/15 12:0 a.m.235 views

Adobe Acrobat Reader DC for Windows - Heap-Based Memory Corruption due to Malformed TTF Font

We have observed the following access violation exception in the latest version of Adobe Acrobat Reader DC for Windows, when opening a malformed PDF file: --- cut --- 4c84.1e3c: Access violation - code c0000005 first chance First chance exceptions are reported before any exception handling. This...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/08/15 12:0 a.m.191 views

Adobe Acrobat Reader DC for Windows - Use-After-Free due to Malformed JP2 Stream

We have observed the following access violation exception in the latest version of Adobe Acrobat Reader DC for Windows, when opening a malformed PDF file: --- cut --- 2040.5034: Access violation - code c0000005 first chance First chance exceptions are reported before any exception handling. This...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/08/15 12:0 a.m.176 views

Microsoft Font Subsetting - DLL Heap Corruption in FixSbitSubTables

-----===== Background =====----- The Microsoft Font Subsetting DLL fontsub.dll is a default Windows helper library for subsetting TTF fonts; i.e. converting fonts to their more compact versions based on the specific glyphs used in the document where the fonts are embedded. It is used by Windows G...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/08/14 12:0 a.m.211 views

SugarCRM Enterprise 9.0.0 - Cross-Site Scripting

Exploit Title: 0Day UnauthenticatedXSS SugarCRM Enterprise Google Dork: N/A Date: 11.08.2019 Exploit Author: Ilca Lucian Florin Vendor Homepage: https://www.sugarcrm.com Version: 9.0.0 Tested on: Windows 7 / Internet Explorer 11 / Google Chrome 76 CVE : 2019-14974 The application fails to sanitiz...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/08/14 12:0 a.m.338 views

D-Link DIR-600M - Authentication Bypass (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'CVE-2019-13101 D-Link DIR-600M Incorrect Access Control', 'Description' = %q This module attempts to find D-Link router DIR-600M which is...

9.8CVSS9.8AI score0.67091EPSS
Exploits2
Exploit DB
Exploit DB
added 2019/08/14 12:0 a.m.363 views

WordPress Plugin Download Manager 2.5 - Cross-Site Request Forgery

Exploit Title: CSRF vulnerabilities in WordPress Download Manager Plugin 2.5 Google Dork: inurl:"/wp-content/plugins/download-manager Date: 24 may, 2019 Exploit Author: Princy Edward Exploit Author Blog : https://prinyedward.blogspot.com/ Vendor Homepage: https://www.wpdownloadmanager.com/ Softwa...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/08/14 12:0 a.m.389 views

TortoiseSVN 1.12.1 - Remote Code Execution

Document Title: =============== TortoiseSVN v1.12.1 - Remote Code Execution Vulnerability References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2188 Product:...

8.8CVSS9AI score0.16391EPSS
Exploits6
Exploit DB
Exploit DB
added 2019/08/14 12:0 a.m.140 views

Joomla! Component JS Jobs (com_jsjobs) 1.2.5 - 'customfields.php' SQL Injection

Exploit Title: Joomla! component comjsjobs - 'customfields.php' SQL Injection Dork: inurl:"index.php?option=comjsjobs" Date: 13.08.19 Exploit Author: qw3rTyTy Vendor Homepage: https://www.joomsky.com/ Software Link: https://www.joomsky.com/5/download/1 Version: 1.2.5 Tested on: Debian/nginx/jooml...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/08/14 12:0 a.m.367 views

Microsoft Windows PowerShell - Unsanitized Filename Command Execution

''' + Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/MICROSOFT-WINDOWS-POWERSHELL-UNSANITIZED-FILENAME-COMMAND-EXECUTION.txt + ISR: Apparition Security Vendor www.microsoft.com Product Windows PowerShell Windows PowerShell...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/08/14 12:0 a.m.159 views

ABC2MTEX 1.6.1 - Command Line Stack Overflow

Exploit Title: ABC2MTEX 1.6.1 - Command Line Stack Overflow Date: 2019-08-13 Exploit Author: Carter Yagemann Vendor Homepage: https://abcnotation.com/abc2mtex/ Software Link: https://github.com/mudongliang/source-packages/raw/master/CVE-2004-1257/abc2mtex1.6.1.tar.gz Version: 1.6.1 Tested on:...

10CVSS6.9AI score0.05954EPSS
Exploits5
Exploit DB
Exploit DB
added 2019/08/14 12:0 a.m.291 views

Agent Tesla Botnet - Arbitrary Code Execution (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "Tesla Agent Remote Code Execution", 'Description' = %q This module exploits the command injection vulnerability of tesla agent botnet panel. ,...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/08/14 12:0 a.m.335 views

ManageEngine opManager 12.3.150 - Authenticated Code Execution

!/usr/bin/env python3 Exploit Title: ManageEngine opManager Authenticated Code Execution Google Dork: N/A Date: 08/13/2019 Exploit Author: @kindredsec Vendor Homepage: https://www.manageengine.com/ Software Link: https://www.manageengine.com/network-monitoring/download.html Version: 12.3.150 Test...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/08/14 12:0 a.m.810 views

Microsoft Windows 10 AppXSvc Deployment Service - Arbitrary File Deletion

/ Author : Abdelhamid Naceri Discovered On : 13/08/2019 Description : An Elevation Of Privileges Exist when the microsoft AppXSvc Deployment Service Cannot Properly Handle The Folder Junction lead to an arbitrary file deletion from a low integrity user . Still Unpatched On 13/08/2019 Here Is A De...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/08/13 12:0 a.m.319 views

AZORult Botnet - SQL Injection

import requests import argparse import base64 Azorult 3.3.1 C2 SQLi by prsecurity For research purposes only. Don't pwn what you don't own. change GUID and XOR key to specific beacon, can be extracted from a sample guid =...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/08/13 12:0 a.m.108 views

Agent Tesla Botnet - Arbitrary Code Execution

import requests import argparse import base64 Agent Tesla C2 RCE by prsecurity For research purposes only. Don't pwn what you don't own. def getargs: parser = argparse.ArgumentParser prog="agentteslasploit.py", formatterclass=lambda prog: argparse.HelpFormatterprog, maxhelpposition=50, epilog= ''...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/08/12 12:0 a.m.217 views

Steam Windows Client - Local Privilege Escalation

$SteamRegKey = "HKLM:\SOFTWARE\WOW6432Node\Valve\Steam\NSIS" $MSIRegKey = "HKLM:\SYSTEM\CurrentControlSet\Services\msiserver" $RegDir = "C:\Windows\Temp\RegLN.exe" $PayDir = "C:\Windows\Temp\payload.exe" $Payload = "c:\windows\system32\cmd.exe /c c:\windows\temp\payload.exe 127.0.0.1 4444 -e...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2019/08/12 12:0 a.m.102 views

WebKit - UXSS via XSLT and Nested Document Replacements

VULNERABILITY DETAILS https://trac.webkit.org/browser/webkit/trunk/Source/WebCore/xml/XSLTProcessor.cppL66 Ref XSLTProcessor::createDocumentFromSourceconst String& sourceString, const String& sourceEncoding, const String& sourceMIMEType, Node sourceNode, Frame frame Ref...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/08/12 12:0 a.m.215 views

Linux - Use-After-Free Reads in show_numa_stats()

/ On NUMA systems, the Linux fair scheduler tracks information related to NUMA faults in taskstruct::numafaults and taskstruct::numagroup. Both of these have broken object lifetimes. Since commit 82727018b0d3 "sched/numa: Call tasknumafree from doexecve", first in v3.13, -numafaults is freed not...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/08/12 12:0 a.m.281 views

Mitsubishi Electric smartRTU / INEA ME-RTU - Unauthenticated OS Command Injection Bind Shell

!/usr/bin/python Exploit Title: Mitsubishi Electric smartRTU & INEA ME-RTU Unauthenticated OS Command Injection Date: 29 June 2019 Exploit Author: @xerubus | mogozobo.com Vendor Homepage: https://eu3a.mitsubishielectric.com/fa/en/products/cnt/plcccl/items/smartRTU/local Vendor Homepage:...

10CVSS9.8AI score0.5766EPSS
Exploits3
Exploit DB
Exploit DB
added 2019/08/12 12:0 a.m.123 views

Joomla! Component JS Jobs (com_jsjobs) 1.2.5 - 'cities.php' SQL Injection

Exploit Title: Joomla! component comjsjobs - SQL Injection Dork: inurl:"index.php?option=comjsjobs" Date: 11.08.19 Exploit Author: qw3rTyTy Vendor Homepage: https://www.joomsky.com/ Software Link: https://www.joomsky.com/5/download/1 Version: 1.2.5 Tested on: Debian/nginx/joomla 3.9.0 Vulnerabili...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2019/08/12 12:0 a.m.491 views

VxWorks 6.8 - TCP Urgent Pointer = 0 Integer Underflow

Exploit Title: VxWorks TCP Urgent pointer = 0 integer underflow vulnerability Discovered By: Armis Security PoC Author: Zhou Yu twitter: @504137480 Vendor Homepage: https://www.windriver.com Tested on: VxWorks 6.8 CVE: CVE-2019-12255 More Details:...

9.8CVSS9.8AI score0.7525EPSS
Exploits5
Exploit DB
Exploit DB
added 2019/08/12 12:0 a.m.226 views

Mitsubishi Electric smartRTU / INEA ME-RTU - Unauthenticated Configuration Download

!/usr/bin/python Exploit Title: Mitsubishi Electric smartRTU & INEA ME-RTU Unauthenticated Configuration Download Date: 29 June 2019 Exploit Author: @xerubus | mogozobo.com Vendor Homepage: https://eu3a.mitsubishielectric.com/fa/en/products/cnt/plcccl/items/smartRTU/local Vendor Homepage:...

7.5CVSS8AI score0.41847EPSS
Exploits3
Exploit DB
Exploit DB
added 2019/08/12 12:0 a.m.134 views

Ghidra (Linux) 9.0.4 - .gar Arbitrary Code Execution

import os import inspect import argparse import shutil from shutil import copyfile print"" print"" print"" print"" print"------------------CVE-2019-13623----------------" print"" print"" print"" print"-----------------Ghidra-Exploit-----------------" print"--Tested version: Ghidra Linux version =...

7.8CVSS7.9AI score0.04961EPSS
Exploits5
Exploit DB
Exploit DB
added 2019/08/12 12:0 a.m.1558 views

Webmin 1.920 - Unauthenticated Remote Code Execution (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Webmin 1.920 Unauthenticated RCE', 'Description' = %q This module exploits a backdoor in Webmin versions 1.890 through 1.920. Only the SourceForg...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/08/12 12:0 a.m.196 views

ManageEngine OpManager 12.4x - Unauthenticated Remote Command Execution (Metasploit)

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "ManageEngine OpManager v12.4x - Unauthenticated Remote Command Execution", 'Description' = %q This module bypasses the user password requirement i...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/08/12 12:0 a.m.408 views

ManageEngine Application Manager 14.2 - Privilege Escalation / Remote Command Execution (Metasploit)

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "ManageEngine Application Manager v14.2 - Privilege Escalation / Remote Command Execution", 'Description' = %q This module exploits sqli and comman...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/08/12 12:0 a.m.178 views

osTicket 1.12 - Formula Injection

Exploit Title: osTicket-v1.12 Formula Injection Vendor Homepage: https://osticket.com/ Software Link: https://osticket.com/download/ Exploit Author: Aishwarya Iyer Contact: https://twitter.com/aish9524 Website: https://about.me/aishiyer Category: webapps CVE: CVE-2019-14749 1. Description An issu...

8.8CVSS9AI score0.09612EPSS
Exploits4
Exploit DB
Exploit DB
added 2019/08/12 12:0 a.m.115 views

ManageEngine OpManager 12.4x - Privilege Escalation / Remote Command Execution (Metasploit)

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "ManageEngine OpManager 12.4x - Privilege Escalation / Remote Command Execution", 'Description' = %q This module exploits sqli and command injectio...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/08/12 12:0 a.m.245 views

osTicket 1.12 - Persistent Cross-Site Scripting via File Upload

Exploit Title: osTicket-v1.12 Stored XSS via File Upload Vendor Homepage: https://osticket.com/ Software Link: https://osticket.com/download/ Exploit Author: Aishwarya Iyer Contact: https://twitter.com/aish9524 Website: https://about.me/aishiyer Category: webapps CVE: CVE-2019-14748 1. Descriptio...

5.4CVSS6.2AI score0.02733EPSS
Exploits5
Exploit DB
Exploit DB
added 2019/08/12 12:0 a.m.131 views

osTicket 1.12 - Persistent Cross-Site Scripting

Exploit Title: osTicket-v1.12 Stored XSS Vendor Homepage: https://osticket.com/ Software Link: https://osticket.com/download/ Exploit Author: Aishwarya Iyer Contact: https://twitter.com/aish9524 Website: https://about.me/aishiyer Category: webapps CVE: CVE-2019-14750 1. Description An issue was...

6.1CVSS6.8AI score0.11687EPSS
Exploits4
Exploit DB
Exploit DB
added 2019/08/12 12:0 a.m.208 views

Joomla! Component JS Support Ticket (com_jssupportticket) 1.1.6 - 'ticket.php' Arbitrary File Deletion

Exploit Title: Joomla! component comjssupportticket - Authenticated Arbitrary File Deletion Dork: inurl:"index.php?option=comjssupportticket" Date: 10.08.19 Exploit Author: qw3rTyTy Vendor Homepage: https://www.joomsky.com/ Software Link: https://www.joomsky.com/46/download/1.html Version: 1.1.6...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/08/12 12:0 a.m.111 views

UNA 10.0.0 RC1 - 'polyglot.php' Persistent Cross-Site Scripting

Exploit Title: UNA - 10.0.0-RC1 stored XSS vuln. Date: 2019 08 10 Exploit Author: Greg.Priest Vendor Homepage: https://una.io/ Software Link: https://github.com/unaio/una/tree/master/studio Version: UNA - 10.0.0-RC1 Tested on: Windows/Linux CVE : CVE-2019-14804 UNA-v.10.0.0-RC1 Stored XSS...

4.8CVSS5.5AI score0.02672EPSS
Exploits4
Exploit DB
Exploit DB
added 2019/08/12 12:0 a.m.207 views

Joomla! Component JS Support Ticket (com_jssupportticket) 1.1.6 - 'ticketreply.php' SQL Injection

Exploit Title: Joomla! component comjssupportticket - Authenticated SQL Injection Dork: inurl:"index.php?option=comjssupportticket" Date: 10.08.19 Exploit Author: qw3rTyTy Vendor Homepage: https://www.joomsky.com/ Software Link: https://www.joomsky.com/46/download/1.html Version: 1.1.6 Tested on:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/08/12 12:0 a.m.501 views

Cisco Adaptive Security Appliance - Path Traversal (Metasploit)

require 'msf/core' class MetasploitModule "Cisco Adaptive Security Appliance - Path Traversal", 'Description' = %q Cisco Adaptive Security Appliance - Path Traversal CVE-2018-0296 A security vulnerability in Cisco ASA that would allow an attacker to view sensitive system information without...

7.5CVSS7.9AI score0.99903EPSS
Exploits18
Exploit DB
Exploit DB
added 2019/08/12 12:0 a.m.184 views

BSI Advance Hotel Booking System 2.0 - 'booking_details.php Persistent Cross-Site Scripting

Exploit Title:BSI Advance Hotel Booking System Persistent XSS Google Dork: intext:Hotel Booking System v2.0 © 2008 - 2012 Copyright Best Soft Inc Date: Wed Jun 4 2014 Exploit Author: Angelo Ruwantha Vendor Homepage: http://www.bestsoftinc.com Software Link:...

4.3CVSS6.9AI score0.03284EPSS
Exploits5
Exploit DB
Exploit DB
added 2019/08/08 12:0 a.m.189 views

Adive Framework 2.0.7 - Cross-Site Request Forgery

Exploit Title: Adive Framework 2.0.7 – Cross-Site Request Forgery CSRF Date:02/08/2019. Exploit Author: Pablo Santiago Vendor Homepage: https://adive.es Software Link: https://github.com/ferdinandmartin/adive-php7 Version: 2.0.7 Tested on: Windows and Kali linux CVE :2019-14346 1. Technical...

8.8CVSS9AI score0.02745EPSS
Exploits5
Exploit DB
Exploit DB
added 2019/08/08 12:0 a.m.153 views

Joomla! Component JS Support Ticket (component com_jssupportticket) 1.1.5 - Arbitrary File Download

Exploit Title: Joomla! component comjssupportticket - Arbitrary File Download Dork: inurl:"index.php?option=comjssupportticket" Date: 08.08.19 Exploit Author: qw3rTyTy Vendor Homepage: http://joomsky.com/ Software Link: https://www.joomsky.com/46/download/1.html Version: 1.1.5 Tested on:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/08/08 12:0 a.m.128 views

Joomla! Component JS Support Ticket (component com_jssupportticket) 1.1.5 - SQL Injection

Exploit Title: Joomla! component comjssupportticket - SQL Injection Dork: inurl:"index.php?option=comjssupportticket" Date: 08.08.19 Exploit Author: qw3rTyTy Vendor Homepage: https://www.joomsky.com/ Software Link: https://www.joomsky.com/46/download/1.html Version: 1.1.5 Tested on:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/08/08 12:0 a.m.261 views

Baldr Botnet Panel - Arbitrary Code Execution (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'net/http' class MetasploitModule "Baldr Botnet Panel Shell Upload Exploit", 'Description' = %q This module exploits the file upload vulnerability of baldr malwa...

7.4AI score
Exploits0
Total number of security vulnerabilities47904