Lucene search
K
ExploitdbRecent

47904 matches found

Exploit DB
Exploit DB
added 2019/05/16 12:0 a.m.242 views

DeepSound 1.0.4 - SQL Injection

=========================================================================================== Exploit Title: DeepSound 1.0.4 - SQL Inj. Dork: N/A Date: 15-05-2019 Exploit Author: Mehmet EMIROGLU Vendor Homepage: https://codecanyon.net/item/deepsound-the-ultimate-php-music-sharing-platform/23609470...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/05/16 12:0 a.m.194 views

Axessh 4.2 - 'Log file name' Denial of Service (PoC)

Exploit Title: Axessh 4.2 'Log file name' - Denial of Service PoC Discovery by: Victor Mondragón Discovery Date: 2019-05-14 Vendor Homepage: http://www.labf.com Software Link: http://www.labf.com/download/axessh.exe Tested Version: 4.2 Tested on: Windows 7 Service Pack 1 x32 Steps to produce the...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/05/15 12:0 a.m.210 views

Legrand BTicino Driver Manager F454 1.0.51 - Cross-Site Request Forgery / Cross-Site Scripting

input type="submit" value="Submit requ...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/05/15 12:0 a.m.92 views

Tomabo MP4 Converter 3.25.22 - Denial of Service (PoC)

-- coding: utf-8 -- Exploit Title: MP4 Converter 3.25.22 - 'Name' Denial of Service PoC Date: 14/05/2019 Author: Alejandra Sánchez Vendor Homepage: http://www.tomabo.com/ Software: http://www.tomabo.com/downloads/mp4-converter-setup.exe Version: 3.25.22 Tested on: Windows 10 Proof of Concept: 1.-...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/05/15 12:0 a.m.110 views

CommSy 8.6.5 - SQL injection

Title: ====== CommSy 8.6.5 - SQL injection Researcher: =========== Jens Regel, Schneider & Wulf EDV-Beratung GmbH & Co. KG CVE-ID: ======= CVE-2019-11880 Timeline: ========= 2019-04-15 Vulnerability discovered 2019-04-15 Asked for security contact and PGP key 2019-04-16 Send details to the vendor...

7.5CVSS7.6AI score0.02031EPSS
Exploits4
Exploit DB
Exploit DB
added 2019/05/15 12:0 a.m.89 views

Microsoft Windows - 'Win32k' Local Privilege Escalation

CVE-2019-0803 Win32k Elevation of Privilege Poc Reference ----------------------------- steal Security token https://github.com/mwrlabs/CVE-2016-7255 EDB Note: Download https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/46920.zip...

7.8CVSS8.8AI score0.80968EPSS
Exploits46
Exploit DB
Exploit DB
added 2019/05/14 12:0 a.m.91 views

TwistedBrush Pro Studio 24.06 - 'Script Recorder' Denial of Service (PoC)

-- coding: utf-8 -- Exploit Title: TwistedBrush Pro Studio 24.06 - 'Script Recorder' Denial of Service PoC Date: 13/05/2019 Author: Alejandra Sánchez Vendor Homepage: http://www.pixarra.com Software Link http://www.pixarra.com/uploads/9/4/6/3/94635436/tbrusha.exe Version: 24.06 Tested on: Windows...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/05/14 12:0 a.m.110 views

PHP-Fusion 9.03.00 - 'Edit Profile' Remote Code Execution (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "PHP-Fusion %q This module exploits command execution vulnerability in PHP-Fusion 9.03.00 and prior versions. It is possible to execute commands i...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/05/14 12:0 a.m.198 views

Sales ERP 8.1 - Multiple SQL Injection

=========================================================================================== Exploit Title: SalesERP v.8.1 SQL Inj. Dork: N/A Date: 13-05-2019 Exploit Author: Mehmet EMIROGLU Vendor Homepage: https://codecanyon.net/category/php-scripts?term=sales%20erp Version: v8.1 Category: Webap...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/05/14 12:0 a.m.293 views

Schneider Electric U.Motion Builder 1.3.4 - 'track_import_export.php object_id' Unauthenticated Command Injection

RCE Security Advisory https://www.rcesecurity.com 1. ADVISORY INFORMATION ======================= Product: Schneider Electric U.Motion Builder Vendor URL: www.schneider-electric.com Type: OS Command Injection CWE-78 Date found: 2018-11-15 Date published: 2019-05-13 CVSSv3 Score: 9.8...

9.8CVSS7AI score0.72486EPSS
Exploits6
Exploit DB
Exploit DB
added 2019/05/14 12:0 a.m.111 views

TwistedBrush Pro Studio 24.06 - '.srp' Denial of Service (PoC)

-- coding: utf-8 -- Exploit Title: TwistedBrush Pro Studio 24.06 - '.srp' Denial of Service PoC Date: 13/05/2019 Author: Alejandra Sánchez Vendor Homepage: http://www.pixarra.com Software Link http://www.pixarra.com/uploads/9/4/6/3/94635436/tbrusha.exe Version: 24.06 Tested on: Windows 10 Proof o...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/05/14 12:0 a.m.88 views

Selfie Studio 2.17 - 'Resize Image' Denial of Service (PoC)

-- coding: utf-8 -- Exploit Title: Selfie Studio 2.17 - 'Resize Image' Denial of Service PoC Date: 13/05/2019 Author: Alejandra Sánchez Vendor Homepage: http://www.pixarra.com Software Link http://www.pixarra.com/uploads/9/4/6/3/94635436/tbselfiestudioinstall.exe Version: 2.17 Tested on: Windows ...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/05/14 12:0 a.m.95 views

PasteShr 1.6 - Multiple SQL Injection

=========================================================================================== Exploit Title: PasteShr - SQL İnj. Dork: N/A Date: 14-05-2019 Exploit Author: Mehmet EMIROGLU Vendor Homepage: https://codecanyon.net/item/pasteshr-text-hosting-sharing-script/23019437 Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/05/14 12:0 a.m.207 views

D-Link DWL-2600AP - Multiple OS Command Injection

Document Title: =============== D-Link DWL-2600AP - Authenticated OS Command Injection Restore Configuration Product & Service Introduction: =============================== The D-Link DWL-2600AP has a web interface for configuration. You can use any web browser you like to login to the D-Link...

7.8CVSS7.8AI score0.97109EPSS
Exploits9
Exploit DB
Exploit DB
added 2019/05/14 12:0 a.m.84 views

TwistedBrush Pro Studio 24.06 - 'Resize Image' Denial of Service (PoC)

-- coding: utf-8 -- Exploit Title: TwistedBrush Pro Studio 24.06 - 'Resize Image' Denial of Service PoC Date: 13/05/2019 Author: Alejandra Sánchez Vendor Homepage: http://www.pixarra.com Software Link http://www.pixarra.com/uploads/9/4/6/3/94635436/tbrusha.exe Version: 24.06 Tested on: Windows 10...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/05/13 12:0 a.m.135 views

OpenProject 5.0.0 - 8.3.1 - SQL Injection

SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Unauthenticated SQL Injection vulnerability product: OpenProject vulnerable version: 5.0.0 - 8.3.1 fixed version: 8.3.2 & 9.0.0 CVE number: CVE-2019-11600 impact: Critica...

8.1CVSS8.1AI score0.79956EPSS
Exploits5
Exploit DB
Exploit DB
added 2019/05/13 12:0 a.m.92 views

XOOPS 2.5.9 - SQL Injection

Sql Injection on XOOPS CMS v.2.5.9 + Date: 12/05/2019 + Risk: High + CWE Number : CWE-89 + Author: Felipe Andrian Peixoto + Vendor Homepage: https://xoops.org/ + Contact: [email protected] + Tested on: Windows 7 and Gnu/Linux + Dork: inurl:gerarpdf.php inurl:modules // use your brain ; +...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/05/13 12:0 a.m.265 views

SOCA Access Control System 180612 - Cross-Site Request Forgery (Add Admin)

SOCA Access Control System 180612 CSRF Add Admin Exploit Vendor: SOCA Technology Co., Ltd Product web page: http://www.socatech.com Affected version: 180612, 170000 and 141007 Summary: The company's products include Proximity and Fingerprint access control system, Time and Attendance, Electric...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/05/13 12:0 a.m.114 views

SOCA Access Control System 180612 - Information Disclosure

SOCA Access Control System 180612 Information Disclosure Vendor: SOCA Technology Co., Ltd Product web page: http://www.socatech.com Affected version: 180612, 170000 and 141007 Summary: The company's products include proximity and fingerprint access control system, time and attendance, electric...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2019/05/13 12:0 a.m.143 views

SpotMSN 2.4.6 - Denial of Service (PoC)

Exploit Title: SpotMSN 2.4.6 - 'Name/Key' Denial of Service PoC Discovery by: Victor Mondragón Discovery Date: 2019-05-12 Vendor Homepage: www.nsauditor.com Software Link: http://www.nsauditor.com/downloads/spotmsnsetup.exe Tested Version: 2.4.6 Tested on: Windows Windows 10 Single Language x64 /...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/05/13 12:0 a.m.86 views

DNSS 2.1.8 - Denial of Service (PoC)

Exploit Title: DNSS Domain Name Search Software 2.1.8 - Denial of Service PoC Discovery by: Victor Mondragón Discovery Date: 2019-05-12 Vendor Homepage: www.nsauditor.com Software Link: http://www.nsauditor.com/downloads/dnsssetup.exe Tested Version: 2.1.8 Tested on: Windows Windows 10 Single...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/05/13 12:0 a.m.169 views

SOCA Access Control System 180612 - SQL Injection

SOCA Access Control System 180612 SQL Injection And Authentication Bypass Vendor: SOCA Technology Co., Ltd Product web page: http://www.socatech.com Affected version: 180612, 170000 and 141007 Summary: The company's products include proximity and fingerprint access control system, time and...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/05/13 12:0 a.m.175 views

Google Chrome V8 - Turbofan JSCallReducer::ReduceArrayIndexOfIncludes Out-of-Bounds Read/Write

!-- Since commit https://chromium.googlesource.com/v8/v8.git/+/c22bb466d8934685d897708119543d099b9d2a9a turbofan supports inlining calls to array.includes and array.indexOf. The logic of the function is roughly: 1. Check the set of possible Maps of the array type with...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/05/10 12:0 a.m.107 views

jetCast Server 2.0 - Denial of Service (PoC)

Exploit Title: jetCast Server 2.0 - Denial of Service PoC Discovery by: Victor Mondragón Discovery Date: 2019-05-09 Vendor Homepage: http://www.jetaudio.com/ Software Link: http://www.jetaudio.com/download/5fc01426-741d-41b8-a120-d890330ec672/jetAudio/Download/jetCast/build/JCS2000.exe Tested...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/05/10 12:0 a.m.207 views

dotCMS 5.1.1 - HTML Injection

Exploit Title: dotCMS 5.1.1 - HTML Injection Date: 2019-05-09 Exploit Author: Ismail Tasdelen Vendor Homepage: https://dotcms.com/ Software Link: https://github.com/dotCMS Software: dotCMS Product Version: 5.1.1 Vulernability Type: Code Injection Vulenrability: HTML Injection and Cross-site...

6.1CVSS6.3AI score0.00998EPSS
Exploits5
Exploit DB
Exploit DB
added 2019/05/10 12:0 a.m.119 views

PHPRunner 10.1 - Denial of Service (PoC)

Exploit Title: PHPRunner 10.1 - Denial of Service PoC Discovery by: Victor Mondragón Discovery Date: 2019-05-09 Vendor Homepage: https://xlinesoft.com/ Software Link: https://xlinesoft.com/phprunner/download.htm Tested Version: 10.1 Tested on: Windows 7 Service Pack 1 x64 Steps to produce the...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/05/10 12:0 a.m.150 views

CyberArk Enterprise Password Vault 10.7 - XML External Entity Injection

Exploit Title: CyberArk XML External Entity XXE Injection in SAML authentication Date: 10/05/2019 Exploit Author: Marcelo Toran @spamv Vendor Homepage: https://www.cyberark.com Version: =10.7 CVE : CVE-2019-7442 -----------Product description The CyberArk Enterprise Password Vault is a privileged...

9.8CVSS9.7AI score0.40008EPSS
Exploits5
Exploit DB
Exploit DB
added 2019/05/10 12:0 a.m.112 views

SpotIM 2.2 - Denial of Service (PoC)

-- coding: utf-8 -- Exploit Title: SpotIM 2.2 - 'Name/Key' Denial of Service PoC Date: 09/05/2019 Author: Alejandra Sánchez Vendor Homepage: http://www.nsauditor.com Software Link http://www.nsauditor.com/downloads/spotimsetup.exe Version: 2.2 Tested on: Windows 10 Proof of Concept: 1.- Run the...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/05/10 12:0 a.m.182 views

RICOH SP 4520DN Printer - HTML Injection

Exploit Title: RICOH SP 4520DN Printer - HTML Injection Date: 2019-05-06 Exploit Author: Ismail Tasdelen Vendor Homepage: https://www.ricoh.com/ Hardware Link: https://www.ricoh-europe.com/products/office-printers-fax/single-function-printers/sp-4520dn.html Software: RICOH Printer Product Version...

6.1CVSS6.3AI score0.00964EPSS
Exploits4
Exploit DB
Exploit DB
added 2019/05/10 12:0 a.m.99 views

ASPRunner.NET 10.1 - Denial of Service (PoC)

Exploit Title: ASPRunner.NET 10.1 - Denial of Service PoC Discovery by: Victor Mondragón Discovery Date: 2019-05-09 Vendor Homepage: https://xlinesoft.com/ Software Link: https://xlinesoft.com/asprunnernet/download.htm Tested Version: 10.1 Tested on: Windows 7 Service Pack 1 x64 Steps to produce...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/05/10 12:0 a.m.105 views

SpotPaltalk 1.1.5 - Denial of Service (PoC)

-- coding: utf-8 -- Exploit Title: SpotPaltalk 1.1.5 - 'Name/Key' Denial of Service PoC Date: 09/05/2019 Author: Alejandra Sánchez Vendor Homepage: http://www.nsauditor.com Software Link http://www.nsauditor.com/downloads/spotpaltalksetup.exe Version: 1.1.5 Tested on: Windows 10 Proof of Concept:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/05/10 12:0 a.m.191 views

RICOH SP 4510DN Printer - HTML Injection

Exploit Title: RICOH SP 4510DN Printer - HTML Injection Date: 2019-05-06 Exploit Author: Ismail Tasdelen Vendor Homepage: https://www.ricoh.com/ Hardware Link: https://www.ricoh-europe.com/products/office-printers-fax/single-function-printers/sp-4520dn.html Software: RICOH Printer Product Version...

6.1CVSS6.3AI score0.00979EPSS
Exploits5
Exploit DB
Exploit DB
added 2019/05/10 12:0 a.m.363 views

Cortex Unshortenlink Analyzer < 1.1 - Server-Side Request Forgery

Exploit Title: Cortex Unshortenlink Analyzer 1.1 - Server-Side Request Forgery Date: 2/26/2019 Exploit Author: Alexandre Basquin Vendor Homepage: https://blog.thehive-project.org Software Link: https://github.com/TheHive-Project/Cortex Version: Cortex = 2.1.3 Tested on: 2.1.3 CVE : CVE-2019-7652...

7.7CVSS7.6AI score0.05155EPSS
Exploits5
Exploit DB
Exploit DB
added 2019/05/09 12:0 a.m.105 views

Lyric Maker 2.0.1.0 - Denial of Service (PoC)

-- coding: utf-8 -- Exploit Title: Lyric Maker 2.0.1.0 - Denial of Service PoC Date: 08/05/2019 Author: Alejandra Sánchez Vendor Homepage: http://www.jetaudio.com/ Software Link http://www.jetaudio.com/download/5fc01426-741d-41b8-a120-d890330ec672/jetAudio/JAD8107BASIC.exe Version: 2.0.1.0 Tested...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/05/09 12:0 a.m.104 views

Lyric Video Creator 2.1 - '.mp3' Denial of Service (PoC)

-- coding: utf-8 -- Exploit Title: Lyric Video Creator 2.1 - '.mp3' Denial of Service PoC Date: 08/05/2019 Author: Alejandra Sánchez Vendor Homepage: https://lyricvideocreator.com/ Software Link: https://lyricvideocreator.com/dwl/LyricVideoCreator.exe Version: 2.1 Tested on: Windows 10 Proof of...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2019/05/09 12:0 a.m.112 views

Zoho ManageEngine ADSelfService Plus 5.7 < 5702 build - Cross-Site Scripting

Zoho ManageEngine ADSelfService Plus 5.7 &searchType=contains&searchBy=ALLFIELDS&actionId=Search HTTP/1.1 &adscsrf= 4- Stored XSS in self-update layout implementation. /SelfService.do?meth...

6.1CVSS6.3AI score0.05273EPSS
Exploits4
Exploit DB
Exploit DB
added 2019/05/09 12:0 a.m.104 views

Convert Video jetAudio 8.1.7 - Denial of Service (PoC)

-- coding: utf-8 -- Exploit Title: Convert Video jetAudio 8.1.7 - Denial of Service PoC Date: 08/05/2019 Author: Alejandra Sánchez Vendor Homepage: http://www.jetaudio.com/ Software Link http://www.jetaudio.com/download/5fc01426-741d-41b8-a120-d890330ec672/jetAudio/JAD8107BASIC.exe Version: 8.1.7...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/05/08 12:0 a.m.345 views

PostgreSQL 9.3 - COPY FROM PROGRAM Command Execution (Metasploit)

\ This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core/exploit/postgres' class MetasploitModule 'PostgreSQL COPY FROM PROGRAM Command Execution', 'Description' = %q Installations running Postgres 9.3 and...

9CVSS7.4AI score0.91877EPSS
Exploits17
Exploit DB
Exploit DB
added 2019/05/08 12:0 a.m.59 views

Lotus Domino 8.5.3 - 'EXAMINE' Stack Buffer Overflow DEP/ASLR Bypass (NSA's EMPHASISMINE)

Here is a working version of the NSA's EMPHASISMINE for IMAP Server Lotus Domino 8.5.3 FP0 DEP/ASLR bypass Replace breakpoints with msfvenom payload ALPHANUMERIC I love you Alison Thompson OAM @ThirdWaveORG Author: Charles Truscott @r0ss1n1 import base64 import struct import socket import time...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/05/08 12:0 a.m.117 views

MiniFtp - 'parseconf_load_setting' Buffer Overflow

Exploit Title: MiniFtp parseconfloadsetting local-bufferoverflow 318 bytes Google Dork: None Date: 11.04.2019 Exploit Author: strider Vendor Homepage: https://github.com/skyqinsc/MiniFtp Software Link: https://github.com/skyqinsc/MiniFtp Tested on: Debian 9 Stretch i386/ Kali Linux i386 CVE : Non...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/05/08 12:0 a.m.97 views

Google Chrome 72.0.3626.119 - 'FileReader' Use-After-Free (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Chrome 72.0.3626.119 FileReader UaF exploit for Windows 7 x86', 'Description' = %q This exploit takes advantage of a use after free vulnerability...

6.5CVSS7AI score0.61537EPSS
Exploits10
Exploit DB
Exploit DB
added 2019/05/08 12:0 a.m.278 views

Oracle Weblogic Server - 'AsyncResponseService' Deserialization Remote Code Execution (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Oracle Weblogic Server Deserialization RCE - AsyncResponseService ', 'Description' = %q An unauthenticated attacker with network access to the...

9.8CVSS9AI score0.99964EPSS
Exploits35
Exploit DB
Exploit DB
added 2019/05/08 12:0 a.m.47 views

NetNumber Titan ENUM/DNS/NP 7.9.1 - Path Traversal / Authorization Bypass

Exploit Title: NetNumber Titan ENUM/DNS/NP - Path Traversal - Authorization Bypass Google Dork: N/A Date: 4/29/2019 Exploit Author: MobileNetworkSecurity Vendor Homepage: https://www.netnumber.com/products/data Software Link: N/A Version: Titan Master 7.9.1 Tested on: Linux CVE : N/A Type: WEBAPP...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/05/08 12:0 a.m.43 views

jetAudio 8.1.7.20702 Basic - 'Enter URL' Denial of Service (PoC)

Exploit Title: jetAudio 8.1.7.20702 Basic - Denial of Service PoC Discovery by: Victor Mondragón Discovery Date: 2019-05-07 Vendor Homepage: http://www.jetaudio.com/ Software Link: http://www.jetaudio.com/download/ Tested Version: 8.1.7.20702 Tested on: Windows 7 Service Pack 1 x64 / Windows 10...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/05/07 12:0 a.m.44 views

Admin Express 1.2.5.485 - 'Folder Path' Local SEH Alphanumeric Encoded Buffer Overflow

Title: Admin Express v1.2.5.485 'Folder Path' Local SEH Alphanumeric Encoded Buffer Overflow Date: May 6th, 2019 Author: Connor McGarr https://connormcgarr.github.io Vendor Homepage: https://admin-express.en.softonic.com/ Software Link: https://admin-express.en.softonic.com/download Version...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/05/07 12:0 a.m.101 views

Prinect Archive System 2015 Release 2.6 - Cross-Site Scripting

Details ================ Software: Prinect Archive System Version: v2015 Release 2.6 Homepage: https://www.heidelberg.com Advisory report: https://github.com/alt3kx/CVE-2019-10685 CVE: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10685 CVSS: 6.1...

6.1CVSS6.3AI score0.02261EPSS
Exploits5
Exploit DB
Exploit DB
added 2019/05/07 12:0 a.m.95 views

Easy Chat Server 3.1 - 'message' Denial of Service (PoC)

!/usr/bin/python --------------------------------------------------------- Title: Easy Chat Server Version 3.1 - DOS Date: 2019-05-07 Author: Miguel Mendez Z Team: www.exploiting.cl Vendor: http://www.echatserver.com Software Link: http://www.echatserver.com/ecssetup.exe Platforms: Windows Versio...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/05/06 12:0 a.m.72 views

NSClient++ 0.5.2.35 - Privilege Escalation

Exploit Author: bzyo Twitter: @bzyo Exploit Title: NSClient++ 0.5.2.35 - Privilege Escalation Date: 05-05-19 Vulnerable Software: NSClient++ 0.5.2.35 Vendor Homepage: http://nsclient.org/ Version: 0.5.2.35 Software Link: http://nsclient.org/download/ Tested on: Windows 10 x64 Details: When...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/05/06 12:0 a.m.219 views

microASP (Portal+) CMS - 'pagina.phtml?explode_tree' SQL Injection

Sql Injection on microASP Portal+ CMS + Date: 05/05/2019 + Risk: High + CWE Number : CWE-89 + Author: Felipe Andrian Peixoto + Vendor Homepage: http://www.microasp.it/ + Contact: [email protected] + Tested on: Windows 7 and Gnu/Linux + Dork: inurl:"/pagina.phtml?explodetree" // use your...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/05/06 12:0 a.m.183 views

ReadyAPI 2.5.0 / 2.6.0 - Remote Code Execution

https://twitter.com/gscamelo Vendor Homepage: https://smartbear.com/product/ready-api Software Link: https://smartbear.com/product/ready-api/overview/ Github: https://github.com/gscamelo/CVE-2018-20580 Version: 2.5.0 and 2.6.0 Tested on: Windows CVE : CVE-2018-20580 I found a new vulnerability in...

9.3CVSS8.8AI score0.09786EPSS
Exploits5
Total number of security vulnerabilities47904