Lucene search
K
ExploitdbRecent

47904 matches found

Exploit DB
Exploit DB
added 2019/04/02 12:0 a.m.167 views

CMS Made Simple < 2.2.10 - SQL Injection

!/usr/bin/env python Exploit Title: Unauthenticated SQL Injection on CMS Made Simple = 2.2.9 Date: 30-03-2019 Exploit Author: Daniele Scanu @ Certimeter Group Vendor Homepage: https://www.cmsmadesimple.org/ Software Link: https://www.cmsmadesimple.org/downloads/cmsms/ Version: = 2.2.9 Tested on:...

8.1CVSS8.1AI score0.55958EPSS
Exploits38
Exploit DB
Exploit DB
added 2019/04/02 12:0 a.m.100 views

AIDA64 Extreme / Engineer / Network Audit 5.99.4900 - SEH Buffer Overflow (EggHunter)

!/usr/bin/python Exploit Title: AIDA64 Extreme 5.99.4900 - SEH Buffer Overflow EggHunter Date: 2019-04-01 Vendor Homepage: https://www.aida64.com Software Link: http://download.aida64.com/aida64extreme599.exe Mirror Link : https://www.nikktech.com/main/downloads/finalwire/aida64extreme599.exe...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/04/02 12:0 a.m.65 views

Inout RealEstate - 'city' SQL Injection

Exploit Title: Inout RealEstate - SQL Injection Date: 29.03.2019 Exploit Author: Ahmet Ümit BAYRAM Vendor Homepage: https://www.inoutscripts.com/products/inout-realestate/ Demo Site: http://inout-realestate.demo.inoutscripts.net/ Version: Lastest Tested on: Kali Linux CVE: N/A ----- PoC: SQLi ---...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/04/02 12:0 a.m.66 views

Inout EasyRooms - SQL Injection

Exploit Title: Inout EasyRooms Ultimate Edition - SQL Injection Date: 29.03.2019 Exploit Author: Ahmet Ümit BAYRAM Vendor Homepage: https://www.inoutscripts.com/products/inout-easyrooms/ Demo Site: http://inout-easyrooms.demo.inoutscripts.net/ Version: v1.0 Tested on: Kali Linux CVE: N/A ----- Po...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/04/02 12:0 a.m.128 views

LimeSurvey < 3.16 - Remote Code Execution

!/usr/bin/python Description: LimeSurvey shell.php" -p phar -o /tmp/exploit.jpg PHAR = "\x3c\x3f\x70\x68\x70\x20\x5f\x5f\x48\x41\x4c\x54\x5f\x43\x4f\x4d\x50\x49\x4c\x45\x52\x28\x29\x3b\x20\x3f\x3e\x0d\x0a\x38"...

9.8CVSS9.3AI score0.26172EPSS
Exploits7
Exploit DB
Exploit DB
added 2019/04/02 12:0 a.m.94 views

JioFi 4G M2S 1.0.2 - Cross-Site Request Forgery

Exploit Title: JioFi 4G M2S 1.0.2 devices have CSRF via the SSID name and Security Key field under Edit Wi-Fi Settings aka a SetWiFiSetting request to cgi-bin/qcmapwebcgi Exploit Author: Vikas Chaudhary Date: 21-01-2019 Vendor Homepage: https://www.jio.com/ Hardware Link:...

6.5CVSS6.5AI score0.0196EPSS
Exploits5
Exploit DB
Exploit DB
added 2019/04/02 12:0 a.m.101 views

phpFileManager 1.7.8 - Local File Inclusion

Exploit Title: phpFileManager 1.7.8 - Local File Inclusion Date: 01.04.2019 Exploit Author: Murat Kalafatoglu Vendor Homepage: https://sourceforge.net/projects/phpfm/ Software Demo: https://phpfm-demo.000webhostapp.com/ Version: v1.7.8 Category: Webapps Tested on: XAMPP for Linux Description: Any...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/04/02 12:0 a.m.102 views

WordPress Plugin PayPal Checkout Payment Gateway 1.6.8 - Parameter Tampering

Exploit Title: cgi-bin/webscr?cmd=cart in the WooCommerce PayPal Checkout Payment Gateway plugin 1.6.8 for WordPress allows Parameter Tampering in an amount parameter such as amount1, as demonstrated by purchasing an item for lower than the intended price Date: 27.01.2019 Product Title :Woocommer...

6.5CVSS6.5AI score0.05939EPSS
Exploits5
Exploit DB
Exploit DB
added 2019/03/29 12:0 a.m.52 views

CentOS Web Panel 0.9.8.789 - NameServer Field Persistent Cross-Site Scripting

Exploit Title: CentOS Web Panel 0.9.8.789 - NameServer Field Stored Cross-Site Scripting Vulnerability Google Dork: N/A Date: 28 - March - 2019 Exploit Author: DKM Vendor Homepage: http://centos-webpanel.com Software Link: http://centos-webpanel.com Version: 0.9.8.789 Tested on: CentOS 7 CVE :...

4.8CVSS5.2AI score0.02381EPSS
Exploits5
Exploit DB
Exploit DB
added 2019/03/28 12:0 a.m.54 views

Job Portal 3.1 - 'job_submit' SQL Injection

=========================================================================================== Exploit Title: NewJobPortal v3.1 - 'jobsubmit' SQL Inj. Dork: N/A Date: 25-03-2019 Exploit Author: Mehmet EMIROGLU Vendor Homepage: https://codecanyon.net/item/job-portal/15330095 Version: v3.1 Category:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/03/28 12:0 a.m.42 views

Base64 Decoder 1.1.2 - Local Buffer Overflow (SEH Egghunter)

!/usr/bin/env python Exploit Title: Base64 Decoder 1.1.2 Local Buffer Overflow SEH + Egghunter Date: 28.03.2019 Exploit Author: Paolo Perego - [email protected] Vendor Homepage: http://4mhz.de/b64dec.html Software Link: http://4mhz.de/download.php?file=b64dec-1-1-2.zip Version: Base64 Decoder...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2019/03/28 12:0 a.m.58 views

Microsoft Visio 2016 16.0.4738.1000 - 'Log in accounts' Denial of Service

-⋆- coding: utf-8 -⋆- Created on Thu Feb 21 01:32:50 2019 @author: César """ Exploit Title: Microsoft Visio 2016 16.0.4738.1000 "Log in accounts" allows go on whit email formed by one thousand A in every of its parts [email protected] Descovered by: César Adrián Coronado Llanos Descovered...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/03/28 12:0 a.m.41 views

Airbnb Clone Script - Multiple SQL Injection

Exploit Title: Homey BNB Airbnb Clone Script - Multiple SQL Injection Date: 27.03.2019 Exploit Author: Ahmet Ümit BAYRAM Vendor Homepage: https://www.doditsolutions.com/airbnb-clone-script/ Demo Site: http://sitedemos.in/homeybnb/ Version: V4 Tested on: Kali Linux CVE: N/A ----- PoC 1: SQLi -----...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2019/03/28 12:0 a.m.63 views

WordPress Plugin Loco Translate 2.2.1 - Local File Inclusion

Exploit Title: Wordpress Loco Translate Version 2.2.1 Plugin LFI Google Dork: N/A Date: 03 / 26 / 2019 Exploit Author: Ali S. Ahmad S4R1N Vendor Homepage: https://localise.biz/ Software Link: https://wordpress.org/plugins/loco-translate/ Version: Version 2.2.1 Tested on: Debian GNU/Linux 9 Docker...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/03/28 12:0 a.m.106 views

CMS Made Simple (CMSMS) Showtime2 - File Upload Remote Code Execution (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "CMS Made Simple CMSMS Showtime2 File Upload RCE", 'Description' = %q This module exploits a File Upload vulnerability that lead in a RCE in...

6.5CVSS7.4AI score0.45896EPSS
Exploits7
Exploit DB
Exploit DB
added 2019/03/28 12:0 a.m.49 views

WordPress Plugin Anti-Malware Security and Brute-Force Firewall 4.18.63 - Local File Inclusion (PoC)

Exploit Title: Wordpress Anti-Malware Security and Bruteforce Firewall - Local File Inclusion Google Dork: N/A Date: 03 / 26 / 2019 Exploit Author: Ali S. Ahmad S4R1N Vendor Homepage: N/A Software Link: https://wordpress.org/plugins/gotmls/ Version: Version 4.18.63 Tested on: Debian GNU/Linux 9...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/03/28 12:0 a.m.64 views

gnutls 3.6.6 - 'verify_crt()' Use-After-Free

Description of problem: This is a critical memory corruption vulnerability in any API backed by verifycrt, including gnutlsx509trustlistverifycrt and related routines. I suspect any client or server that verifies X.509 certificates with GnuTLS is likely affected and can be compromised by a...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2019/03/28 12:0 a.m.73 views

BigTree 4.3.4 CMS - Multiple SQL Injection

=========================================================================================== Exploit Title: BigTree CMS - 'parent' SQL Inj. Dork: N/A Date: 24-03-2019 Exploit Author: Mehmet EMIROGLU Vendor Homepage: https://www.bigtreecms.org/ Software Link: https://www.bigtreecms.org/download/cor...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/03/28 12:0 a.m.71 views

Thomson Reuters Concourse & Firm Central < 2.13.0097 - Directory Traversal / Local File Inclusion

''' Exploit Title: Thomson Reuters Concourse & Firm Central 2.13.0097 - Directory Traversal & Local File Inclusion Date: 02/13/2019 Exploit Author: 0v3rride Vendor Homepage: https://www.thomsonreuters.com/en.html Software Link: Firm Central...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/03/28 12:0 a.m.80 views

i-doit 1.12 - 'qr.php' Cross-Site Scripting

Exploit Title: i-doit 1.12 Cross Site Scripting on qr.php file Date: 28-03-2019 Software Link: https://www.i-doit.org/ Version: 1.12 Exploit Author: BlackFog Team Contact: [email protected] Website: https://securelayer7.net Category: webapps Tested on: Firefox in Kali Linux. CVE: CVE-2019-696...

6.1CVSS6.3AI score0.02518EPSS
Exploits4
Exploit DB
Exploit DB
added 2019/03/28 12:0 a.m.56 views

Fat Free CRM 0.19.0 - HTML Injection

Exploit Title: Fat Free CRM v0.19.0 - HTML Injection Date: 2019-03-20 Exploit Author: Ismail Tasdelen Vendor Homepage: http://www.fatfreecrm.com/ Source Code : https://github.com/fatfreecrm Software : Fat Free CRM Product Version: v0.19.0 Vulnerability Type : Code Injection Vulnerability : HTML...

5.4CVSS5.5AI score0.04702EPSS
Exploits4
Exploit DB
Exploit DB
added 2019/03/28 12:0 a.m.162 views

Oracle Weblogic Server Deserialization RCE - Raw Object (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core/exploit/powershell' class MetasploitModule 'Oracle Weblogic Server Deserialization RCE - Raw Object', 'Description' = %q An unauthenticated attacker wi...

9.8CVSS7.4AI score0.96032EPSS
Exploits17
Exploit DB
Exploit DB
added 2019/03/28 12:0 a.m.43 views

Jettweb PHP Hazır Rent A Car Sitesi Scripti V2 - 'arac_kategori_id' SQL Injection

Exploit Title: Jettweb PHP Hazır Rent A Car Sitesi Scripti V2 - 'arackategoriid' SQL Injection Date: 28.03.2019 Exploit Author: Ahmet Ümit BAYRAM Vendor Homepage: https://jettweb.net/u-4-php-hazir-rent-a-car-sitesi-scripti-v2.html Demo Site: http://rentv2.proemlaksitesi.net/ Version: V2 Tested on...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/03/27 12:0 a.m.37 views

Jettweb Hazır Rent A Car Scripti V4 - SQL Injection

Exploit Title: Jettweb Hazır Rent A Car Scripti V4 - SQL Injection Date: 26.03.2019 Exploit Author: Ahmet Ümit BAYRAM Vendor Homepage: https://jettweb.net/u-46-php-hazir-rent-a-car-scripti-v4.html Demo Site: http://rentv4.proemlaksitesi.net/ Version: V4 Tested on: Kali Linux CVE: N/A ----- PoC 1:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/03/26 12:0 a.m.125 views

Spidermonkey - IonMonkey Type Inference is Incorrect for Constructors Entered via OSR

/ A bug in IonMonkeys type inference system when JIT compiling and entering a constructor function via on-stack replacement OSR allows the compilation of JITed functions that cause type confusions between arbitrary objects. Prerequisites: 1. Spidermonkey can represent "plain" objects either as...

9.8CVSS10AI score0.19762EPSS
Exploits6
Exploit DB
Exploit DB
added 2019/03/26 12:0 a.m.26 views

Jettweb Php Hazır İlan Sitesi Scripti V2 - SQL Injection

Exploit Title: Jettweb Php Hazır İlan Sitesi Scripti V2 - SQL Injection Date: 25.03.2019 Exploit Author: Ahmet Ümit BAYRAM Vendor Homepage: https://jettweb.net/c-23-ilan-Siteleri.html Demo Site: http://ilanv2.proemlaksitesi.net Version: V2 Tested on: Kali Linux CVE: N/A ----- PoC : SQLi -----...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/03/26 12:0 a.m.35 views

SJS Simple Job Script - SQL Injection / Cross-Site Scripting

Exploit Title: Simple Job Script - Multiple Vulnerabilities Date: 26.03.2019 Exploit Author: Ahmet Ümit BAYRAM Vendor Homepage: https://simplejobscript.com/ Download Link: https://github.com/niteosoft/simplejobscript/archive/master.zip Demo Site: https://demo.simplejobscript.com Version: Lastest...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/03/26 12:0 a.m.51 views

Rukovoditel ERP & CRM 2.4.1 - 'path' Cross-Site Scripting

Exploit Title: Rukovoditel ERP & CRM 2.4.1 - 'path' Cross-Site Scripting Exploit Author: Javier Olmedo Website: https://hackpuntes.com Date: 2019-03-24 Google Dork: N/A Vendor: Rukovoditel Software Link: https://sourceforge.net/projects/rukovoditel/ Affected Version: 2.4.1 and possibly before...

6.1CVSS6.3AI score0.05559EPSS
Exploits5
Exploit DB
Exploit DB
added 2019/03/26 12:0 a.m.42 views

XooDigital - 'p' SQL Injection

Exploit Title: XooDigital - 'p' SQL Injection Date: 26.03.2019 Exploit Author: Ahmet Ümit BAYRAM Vendor Homepage: https://xooscripts.com/product/digital-download-protection-script.html Demo Site: http://xooscripts.com/demos/xoodigital/ Version: Lastest Tested on: Kali Linux CVE: N/A ----- PoC :...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/03/26 12:0 a.m.56 views

Firefox < 66.0.1 - 'Array.prototype.slice' Buffer Overflow

let size = 64; garr = ; j = 0; function gc var tmp = ; forlet i = 0;i...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/03/26 12:0 a.m.81 views

Microsoft Windows 7/2008 - 'Win32k' Denial of Service (PoC)

Exploit Title: Microsoft Windows Win32k CVE-2019-0808 Local Privilege Escalation Vulnerability Date: 24/03/2019 Exploit Author: ze0r Vendor Homepage: www.microsoft.com Version: Microsoft Windows 7/ Server 2008 CVE : CVE-2019-0808...

7.8CVSS7.8AI score0.53298EPSS
Exploits10
Exploit DB
Exploit DB
added 2019/03/26 12:0 a.m.53 views

Titan FTP Server Version 2019 Build 3505 - Directory Traversal / Local File Inclusion

Exploit Title: Titan FTP Server Version 2019 Build 3505 Directory Traversal/Local File Inclusion Google Dork: N/A Date: 3/26/2019 Exploit Author: Kevin Randall Vendor Homepage: https://titanftp.com/ Software Link: https://titanftp.com/download Version: Firmware: Titan FTP Server Version 2019 Buil...

6.5CVSS6.5AI score0.11471EPSS
Exploits5
Exploit DB
Exploit DB
added 2019/03/26 12:0 a.m.54 views

XooGallery - Multiple SQL Injection

Exploit Title: XooGallery - Multiple SQL Injections Date: 26.03.2019 Exploit Author: Ahmet Ümit BAYRAM Vendor Homepage: https://xooscripts.com/product/html5-php-photo-gallery.html Demo Site: http://xooscripts.com/demos/xoogallery/ Version: Lastest Tested on: Kali Linux CVE: N/A ----- PoC 1: SQLi...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/03/25 12:0 a.m.251 views

Apache CouchDB 2.3.1 - Cross-Site Request Forgery / Cross-Site Scripting

Exploit Title: Apache CouchDB 2.3.1 | Cross-Site Request Forgery / Cross-Site Scripting Date: 22.03.2019 Exploit Author: Ozer Goker Vendor Homepage: http://couchdb.apache.org Software Link: http://couchdb.apache.org/download Version: 2.3.1 Introduction A CouchDB server hosts named databases, whic...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/03/25 12:0 a.m.52 views

Zeeways Jobsite CMS - 'id' SQL Injection

Exploit Title: Zeeways Jobsite CMS - 'id' SQL Injection Date: 25.03.2019 Exploit Author: Ahmet Ümit BAYRAM Vendor Homepage: http://www.zeeways.com/jobsite-cms/1/productdetail Demo Site: http://www.zeewayscms.com/jobsite/ Version: Lastest Tested on: Kali Linux CVE: N/A ----- PoC 1: SQLi -----...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/03/25 12:0 a.m.96 views

VMware Workstation 14.1.5 / VMware Player 15.0.2 - Host VMX Process Impersonation Hijack Privilege Escalation

VMware: Host VMX Process Impersonation Hijack EoP Platform: VMware Workstation Windows v14.1.5 on Windows 10. Also tested VMware Player 15.0.2. Class: Elevation of Privilege Summary: The creation of the VMX process on a Windows host can be hijacked leading to elevation of privilege. Description:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/03/25 12:0 a.m.51 views

Jettweb PHP Hazır Haber Sitesi Scripti V3 - SQL Injection

Exploit Title: Jettweb PHP Hazır Haber Sitesi Scripti V3 - Multiple Vulnerabilities Date: 25.03.2019 Exploit Author: Ahmet Ümit BAYRAM Vendor Homepage: https://jettweb.net/u-16-php-hazir-haber-sitesi-scripti-v3.html Demo Site: http://haberv3.proemlaksitesi.net Version: V3 Tested on: Kali Linux CV...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/03/25 12:0 a.m.40 views

Jettweb PHP Hazır Haber Sitesi Scripti V1 - SQL Injection

Exploit Title: Jettweb PHP Hazır Haber Sitesi Scripti V1 - Multiple Vulnerabilities Date: 23.03.2019 Exploit Author: Ahmet Ümit BAYRAM Vendor Homepage: https://jettweb.net/u-5-php-hazir-haber-sitesi-scripti-v1.html Demo Site: http://haberv1.proemlaksitesi.net Version: V1 Tested on: Kali Linux CVE...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2019/03/25 12:0 a.m.70 views

VMware Workstation 14.1.5 / VMware Player 15 - Host VMX Process COM Class Hijack Privilege Escalation

VMware: Host VMX Process COM Class Hijack EoP Platform: VMware Workstation Windows v14.1.5 on Windows 10. Also tested VMware Player 15. Class: Elevation of Privilege Summary: COM classes used by the VMX process on a Windows host can be hijacked leading to elevation of privilege. Description: The...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2019/03/25 12:0 a.m.63 views

Jettweb PHP Hazır Haber Sitesi Scripti V2 - SQL Injection (Authentication Bypass)

Exploit Title: Jettweb PHP Hazır Haber Sitesi Scripti V2 - Authentication Bypass Date: 25.03.2019 Exploit Author: Ahmet Ümit BAYRAM Vendor Homepage: https://jettweb.net/u-6-php-hazir-haber-sitesi-scripti-v2.html Demo Site: http://haberv2.proemlaksitesi.net Version: V2 Tested on: Kali Linux CVE: N...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/03/25 12:0 a.m.81 views

X-NetStat Pro 5.63 - Local Buffer Overflow

!/usr/bin/env python --------------------------------------------------------------------------------------------------------- Exploit: X-NetStat Pro 5.63 - Local Buffer Overflow EggHunter Date: 2019-03-23 Author: Peyman Forouzan Tested Against: Winxp SP2 32-64 bit - Win7 Enterprise SP1 32-64 bit...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/03/25 12:0 a.m.58 views

Zeeways Matrimony CMS - SQL Injection

Exploit Title: Zeeways Matrimony CMS - SQL Injection Date: 25.03.2019 Exploit Author: Ahmet Ümit BAYRAM Vendor Homepage: http://www.zeeways.com/matrimony-cms/4/productdetail Demo Site: http://www.zeewayscms.com/matrimony/ Version: Lastest Tested on: Kali Linux CVE: N/A ----- PoC 1: SQLi -----...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/03/22 12:0 a.m.47 views

Inout Article Base CMS - SQL Injection

Exploit Title: Inout Article Base CMS - SQL Injection Date: 21.03.2019 Exploit Author: Ahmet Ümit BAYRAM Vendor Homepage: https://www.inoutscripts.com/products/inout-article-base/ Demo Site: http://www.inoutwebportal.com Version: Lastest Tested on: Kali Linux CVE: N/A ----- PoC 1: SQLi -----...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/03/22 12:0 a.m.97 views

Matri4Web Matrimony Website Script - Multiple SQL Injection

Exploit Title: Matrimony Website Script - Multiple SQL Injection Date: 22.03.2019 Exploit Author: Ahmet Ümit BAYRAM Vendor Homepage: https://www.matri4web.com Demo Site: https://www.matrimonydemo.com Version: M-Plus Tested on: Kali Linux CVE: N/A ----- PoC 1: SQLi ----- Request:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/03/22 12:0 a.m.36 views

Meeplace Business Review Script - 'id' SQL Injection

Exploit Title: Meeplace Business Review Script - 'id' SQL Injection Date: 22.03.2019 Dork: Exploit Author: Ahmet Ümit BAYRAM Vendor Homepage: http://www.meeplace.com Demo Site: http://demo.meeplace.com Version: Lastest Tested on: Kali Linux CVE: N/A ----- PoC: SQLi ----- Request:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/03/22 12:0 a.m.52 views

snap - seccomp BBlacklist for TIOCSTI can be Circumvented

/ snap uses a seccomp filter to prevent the use of the TIOCSTI ioctl; in the source code, this filter is expressed as follows: TIOCSTI allows for faking input man ttyioctl TODO: this should be scaled back even more ioctl - !TIOCSTI In the X86-64 version of the compiled seccomp filter, this result...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/03/21 12:0 a.m.62 views

Canarytokens 2019-03-01 - Detection Bypass

Exploit Title: Canarytokens 2019-03-01 - Detection Bypass Date: 20.03.2019 Exploit Author: Benjamin Zink Loft, Gionathan "John" Reale Vendor Homepage: https://thinkst.com/ Version: up to 2019-03-01 Software Link: https://github.com/thinkst/canarytokens Google Dork: N/A CVE: 2019-9768...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/03/21 12:0 a.m.78 views

Placeto CMS Alpha v4 - 'page' SQL Injection

Placeto CMS Alpha v4 - 'page' SQL Injection Title: Placeto CMS Date: 21.03.2019 Exploit Author: Abdullah Çelebi Vendor Homepage: https://sourceforge.net/projects/placeto/ Software Link: https://sourceforge.net/projects/placeto/files/alpha-rv.4/placeto.zip Version: Alpha rv.4 Category: Webapps...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/03/21 12:0 a.m.55 views

The Company Business Website CMS - Multiple Vulnerabilities

Exploit Title: The Company Business Website CMS - 'username' SQL Injection Date: 20.03.2019 Exploit Author: Ahmet Ümit BAYRAM Vendor Homepage: https://www.codester.com/items/6806/the-company-business-website-cms Demo Site: http://thecompany.morkocbilisim.com Version: Lastest Tested on: Kali Linux...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/03/21 12:0 a.m.71 views

Bootstrapy CMS - Multiple SQL Injection

Exploit Title: Bootstrapy CMS - Multiple SQL Injection Date: 21.03.2019 Exploit Author: Ahmet Ümit BAYRAM Vendor Homepage: http://bootstrapy.com Demo Site: http://bootstrapy.net/demo/ Version: Lastest Tested on: Kali Linux CVE: N/A ----- PoC 1: SQLi ----- Request:...

7.4AI score
Exploits0
Total number of security vulnerabilities47904