Lucene search
K
ExploitdbRecent

47904 matches found

Exploit DB
Exploit DB
added 2019/02/19 12:0 a.m.57 views

XAMPP 5.6.8 - SQL Injection / Persistent Cross-Site Scripting

!-- Exploit Title: Cross Site Scripting in XAMPP 5.6.8 and previous Date: 17-02-2019 Exploit Author: Rafael Pedrero Vendor Homepage: https://sourceforge.net/projects/xampp/files/XAMPP%20Windows/5.6.8/ Software Link: https://sourceforge.net/projects/xampp/files/XAMPP%20Windows/5.6.8/ Version: XAMP...

9.8CVSS8.1AI score0.05665EPSS
Exploits7
Exploit DB
Exploit DB
added 2019/02/19 12:0 a.m.83 views

MaxxAudio Drivers WavesSysSvc64.exe 1.6.2.0 - Local Privilege Escalation

Exploit Title: MaxxAudio Drivers WavesSysSvc64.exe File Permissions SYSTEM Privilege Escalation Google Dork: Date: 2/18/2019 Exploit Author: Mike Siegel @mlsiegel Vendor Homepage: https://maxx.com Software Link: Version: 1.6.2.0 May affect other versions Tested on: Win 10 64 bit CVE :...

7.8CVSS7.9AI score0.00935EPSS
Exploits3
Exploit DB
Exploit DB
added 2019/02/18 12:0 a.m.82 views

WordPress Plugin WooCommerce - GloBee (cryptocurrency) Payment Gateway 1.1.1 - Payment Bypass / Unauthorized Order Status Spoofing

?php Exploit Title: WordPress WooCommerce - GloBee cryptocurrency Payment Gateway Plugin Payment Bypass / Unauthorized Order Status Spoofing Discovery Date: 14.12.2018 Public Disclosure Date: 14.02.2019 Exploit Author: GeekHack Contact: https://t.me/GeekHack Vendor Homepage: https://globee.com/...

7.5CVSS7.8AI score0.10009EPSS
Exploits5
Exploit DB
Exploit DB
added 2019/02/18 12:0 a.m.39 views

Oracle Java Runtime Environment - Heap Out-of-Bounds Read During TTF Font Rendering in AlternateSubstitutionSubtable::process

A heap-based out-of-bounds read was observed in Oracle Java Runtime Environment version 8u202 latest at the time of this writing while fuzz-testing the processing of TrueType fonts. It manifests itself in the form of the following or similar crash: --- cut --- $ bin/java -cp . DisplaySfntFont...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/02/18 12:0 a.m.67 views

mIRC < 7.55 - 'Custom URI Protocol Handlers' Remote Command Execution

Exploit Title: RCE on mIRC 7.55 using argument injection through custom URI protocol handlers Date: 18/02/2019 Exploit Author: https://twitter.com/proofofcalc/ Vendor Homepage: https://www.mirc.com Software Link: https://www.mirc.com/get.php Version: 7.55 Tested on: Windows CVE : CVE-2019-6453 RC...

8.1CVSS8.2AI score0.71776EPSS
Exploits8
Exploit DB
Exploit DB
added 2019/02/18 12:0 a.m.40 views

Comodo Dome Firewall 2.7.0 - Cross-Site Scripting

Exploit Title: Comodo Dome Firewall 2.7.0 | Cross-Site Scripting Date: 18.02.2019 Exploit Author: Ozer Goker Vendor Homepage: https://cdome.comodo.com/firewall/ Software Link: https://secure.comodo.com/home/purchase.php?pid=106&license=try&track=9278&af=9278 Version: 2.7.0 Introduction Comodo Dom...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/02/18 12:0 a.m.71 views

ArangoDB Community Edition 3.4.2-1 - Cross-Site Scripting

Exploit Title: ArangoDB Community Edition 3.4.2-1 | Cross-Site Scripting Date: 17.02.2019 Exploit Author: Ozer Goker Vendor Homepage: https://www.arangodb.com Software Link: https://www.arangodb.com/download-major/ Version: 3.4.2-1 Introduction ArangoDB is a native multi-model, open-source databa...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/02/18 12:0 a.m.40 views

Oracle Java Runtime Environment - Heap Out-of-Bounds Read During TTF Font Rendering in OpenTypeLayoutEngine::adjustGlyphPositions

A heap-based out-of-bounds read was observed in Oracle Java Runtime Environment version 8u202 latest at the time of this writing while fuzz-testing the processing of TrueType fonts. It manifests itself in the form of the following or similar crash: --- cut --- $ bin/java -cp . DisplaySfntFont...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/02/18 12:0 a.m.63 views

Realterm Serial Terminal 2.0.0.70 - Local Buffer Overflow (SEH)

-- coding: utf-8 -- Exploit Title: RealTerm: Serial Terminal 2.0.0.70 - 'Echo Port' Overflow Crash SEH PoC Date: 16/02/2019 Author: Alejandra Sánchez Vendor Homepage: https://realterm.sourceforge.io/ Software Link: https://sourceforge.net/projects/realterm/files/ Version: 2.0.0.70 Tested on:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/02/18 12:0 a.m.112 views

qdPM 9.1 - 'type' Cross-Site Scripting

=========================================================================================== Exploit Title: qdPM 9.1 - 'type' XSS Injection CVE: CVE-2019-8391. Date: 14-02-2019 Exploit Author: Mehmet EMIROGLU Vendor Homepage: http://qdpm.net Software Link:...

6.1CVSS6.3AI score0.03342EPSS
Exploits5
Exploit DB
Exploit DB
added 2019/02/18 12:0 a.m.51 views

Oracle Java Runtime Environment - Heap Out-of-Bounds Read During OTF Font Rendering in glyph_CloseContour

A heap-based out-of-bounds read was observed in Oracle Java Runtime Environment version 8u202 latest at the time of this writing while fuzz-testing the processing of OpenType fonts. It manifests itself in the form of the following crash with AFL's libdislocator: --- cut --- gdb$ c Continuing...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/02/18 12:0 a.m.81 views

M/Monit 3.7.2 - Privilege Escalation

!/usr/env/python3 """ Vulnerability title: M/Monit = 3.7.2 - Privilege Escalation Author: Dolev Farhi Vulnerable version: 2.0.151021 Link: https://mmonit.com Date: 2/17/2019 """ import sys import requests MMONITURL = 'http://ip.add.re.ss:8080' MMONITUSER = 'monit' Default built in unprivileged us...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/02/18 12:0 a.m.34 views

NBMonitor 1.6.5.0 - 'Key' Denial of Service (PoC)

-- coding: utf-8 -- Exploit Title: NBMonitor 1.6.5 - 'Key' Denial of Service PoC Date: 15/02/2019 Author: Alejandra Sánchez Vendor Homepage: http://www.nsauditor.com/ Software Link: http://www.nbmonitor.com/downloads/nbmonitorsetup.exe Version: 1.6.5.0 Tested on: Windows 10 Proof of Concept: 1.-...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/02/18 12:0 a.m.77 views

qdPM 9.1 - 'search[keywords]' Cross-Site Scripting

=========================================================================================== Exploit Title: qdPM 9.1 - 'searchkeywords' XSS Injection CVE: CVE-2019-8390 Date: 14-02-2019 Exploit Author: Mehmet EMIROGLU Vendor Homepage: http://qdpm.net Software Link:...

6.1CVSS6.5AI score0.09836EPSS
Exploits5
Exploit DB
Exploit DB
added 2019/02/18 12:0 a.m.101 views

Zoho ManageEngine ServiceDesk Plus (SDP) < 10.0 build 10012 - Arbitrary File Upload

Exploit Title: Zoho ManageEngine ServiceDesk Plus SDP before 10.0 build 10012 - arbitrary file upload Date: 18-02-2019 Exploit Author: Dao Duy Hung [email protected] Vendor Homepage: https://www.manageengine.com/products/service-desk/ Software Link:...

7.5CVSS7AI score0.64051EPSS
Exploits5
Exploit DB
Exploit DB
added 2019/02/18 12:0 a.m.39 views

Apache CouchDB 2.3.0 - Cross-Site Scripting

Exploit Title: Apache CouchDB 2.3.0 | Cross-Site Scripting Date: 17.02.2019 Exploit Author: Ozer Goker Vendor Homepage: http://couchdb.apache.org Software Link: http://couchdb.apache.org/download Version: 2.3.0 Introduction A CouchDB server hosts named databases, which store documents. Each...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/02/18 12:0 a.m.42 views

Webiness Inventory 2.3 - 'ProductModel' Arbitrary File Upload

=========================================================================================== Exploit Title: Webiness Inventory 2.3 - 'ProductModel' Arbitrary File Upload Dork: N/A Date: 10-02-2019 Exploit Author: Mehmet EMIROGLU Vendor Homepage:...

6.5CVSS6.7AI score0.08018EPSS
Exploits5
Exploit DB
Exploit DB
added 2019/02/18 12:0 a.m.142 views

Realterm Serial Terminal 2.0.0.70 - Denial of Service

-- coding: utf-8 -- Exploit Title: RealTerm: Serial Terminal 2.0.0.70 - 'Port' Denial of Service PoC Date: 15/02/2019 Author: Alejandra Sánchez Vendor Homepage: https://realterm.sourceforge.io/ Software Link: https://sourceforge.net/projects/realterm/files/ Version: 2.0.0.70 Tested on: Windows 10...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/02/18 12:0 a.m.48 views

Master IP CAM 01 3.3.4.2103 - Remote Command Execution

Exploit Title: Master IP CAM 01 Remote Command Execution Date: 09-02-2019 Remote: Yes Exploit Authors: Raffaele Sabato Contact: https://twitter.com/syrion89 Vendor: Master IP CAM Version: 3.3.4.2103 CVE: CVE-2019-8387 import sys import requests if lensys.argv " print "- Example: python...

9.8CVSS9.8AI score0.55721EPSS
Exploits5
Exploit DB
Exploit DB
added 2019/02/18 12:0 a.m.50 views

CMSsite 1.0 - 'post' SQL Injection

Exploit Title: CMSsite 1.0 - 'post' SQL Injection Exploit Author: Mr Winst0n Author E-mail: [email protected] Discovery Date: February 17, 2019 Vendor Homepage: https://github.com/VictorAlagwu/CMSsite Software Link : https://github.com/VictorAlagwu/CMSsite/archive/master.zip Tested Versio...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/02/18 12:0 a.m.49 views

Oracle Java Runtime Environment - Heap Out-of-Bounds Read During TTF Font Rendering in ExtractBitMap_blocClass

A heap-based out-of-bounds read was observed in Oracle Java Runtime Environment version 8u202 latest at the time of this writing while fuzz-testing the processing of TrueType fonts. It manifests itself in the form of the following or similar crash: --- cut --- Iteration 0,0 Iteration 0,1 A fatal...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2019/02/18 12:0 a.m.54 views

MISP 2.4.97 - SQL Command Execution via Command Injection in STIX Module

--coding:utf-8-- Exploit Title: SQL command execution via command injection in STIX module Date: 2019-17-02 Exploit Author: Tm9jdGlz Vendor Homepage: https://www.misp-project.org/ Software link: https://www.misp-project.org/download/ Version: 2.4.90 - 2.4.99 Tested on: 2.4.97 CVE: CVE-2018-19908...

9CVSS9AI score0.1716EPSS
Exploits5
Exploit DB
Exploit DB
added 2019/02/15 12:0 a.m.105 views

Linux - 'kvm_ioctl_create_device()' NULL Pointer Dereference

kvmioctlcreatedevice contains the following code: dev = kzallocsizeofdev, GFPKERNEL; if !dev return -ENOMEM; dev-ops = ops; dev-kvm = kvm; mutexlock&kvm-lock; ret = ops-createdev, cd-type; if ret lock; kfreedev; return ret; listadd&dev-vmnode, &kvm-devices; mutexunlock&kvm-lock; if ops-init...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/02/15 12:0 a.m.72 views

qdPM 9.1 - 'search_by_extrafields[]' SQL Injection

=========================================================================================== Exploit Title: qdPM 9.1 - 'searchbyextrafields' SQL Injection Date: 14-02-2019 Exploit Author: Mehmet EMIROGLU Vendor Homepage: http://qdpm.net Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/02/15 12:0 a.m.48 views

Free IP Switcher 3.1 - 'Computer Name' Denial of Service (PoC)

Exploit Title: Free IP Switcher 3.1 - Denial of Service PoC Discovery by: Victor Mondragón Discovery Date: 2018-02-14 Vendor Homepage: http://www.eusing.com/index.html Software Link: http://www.eusing.com/ipscan/freeipscanner.htm Tested Version: 3.1 Tested on: Windows 10 Single Language x64 /...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/02/15 12:0 a.m.95 views

Jinja2 2.10 - 'from_string' Server Side Template Injection

''' Exploit Title: Jinja2 Command injection fromstring function Date: date Exploit Author: JameelNabbo Website: Ordina.nl Vendor Homepage: http://jinja.pocoo.org Software Link: https://pypi.org/project/Jinja2/files Version: 2.10 Tested on: Kali Linux CVE-2019-8341 // fromstring function is prone ...

9.8CVSS9.5AI score0.4478EPSS
Exploits5
Exploit DB
Exploit DB
added 2019/02/15 12:0 a.m.54 views

VSCO 1.1.1.0 - Denial of Service (PoC)

Exploit Title: VSCO 1.1.1.0 - Denial of Service PoC Date: 2/14/2018 Author: 0xB9 Twitter: @0xB9Sec Contact: 0xB9atpm.me Software Link: https://www.microsoft.com/store/productId/9NC1RLNH76PB Version: 1.1.1.0 Tested on: Windows 10 Proof of Concept: Run the python script, it will create a new file...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/02/15 12:0 a.m.124 views

Navicat for Oracle 12.1.15 - "Password" Denial of Service (PoC)

Exploit Title: Navicat for Oracle 12.1.15 - "Password" Denial of Service PoC Discovery by: Victor Mondragón Discovery Date: 2019-02-14 Vendor Homepage: https://www.navicat.com/es/ Software Link: https://www.navicat.com/es/download/navicat-for-oracle Tested Version: 12.1.15 Tested on: Windows 10...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/02/15 12:0 a.m.67 views

UniSharp Laravel File Manager 2.0.0-alpha7 - Arbitrary File Upload

Exploit Title: UniSharp Laravel File Manager - Arbitrary File Upload Google Dork: inurl:"laravel-filemanager?type=Files" -site:github.com -site:github.io Exploit Author: Mohammad Danish Vendor Homepage: https://github.com/UniSharp/laravel-filemanager Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/02/15 12:0 a.m.73 views

AirMore 1.6.1 - Denial of Service (PoC)

!/usr/bin/python coding: utf-8 Author: Marcelo Vázquez aka s4vitar AirMore 1.6.1 Remote Denial of Service DoS & System Freeze Exploit Title: AirMore 1.6.1 Remote Denial of Service DoS & System Freeze Date: 2019-02-14 Exploit Author: Marcelo Vázquez aka s4vitar Vendor Homepage: https://airmore.com...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/02/15 12:0 a.m.78 views

MyBB Trash Bin Plugin 1.1.3 - Cross-Site Scripting / Cross-Site Request Forgery

Exploit Title: MyBB Trash Bin Plugin 1.1.3 - Cross-Site Scripting / CSRF Date: 7/17/2018 Author: 0xB9 Twitter: @0xB9Sec Contact: 0xB9atpm.me Software Link: https://community.mybb.com/mods.php?action=view&pid=957 Version: 1.1.3 Tested on: Ubuntu 18.04 CVE: CVE-2018-14575 1. Description: Creates a...

8.8CVSS8.8AI score0.02377EPSS
Exploits5
Exploit DB
Exploit DB
added 2019/02/14 12:0 a.m.3625 views

WordPress Plugin Booking Calendar 8.4.3 - (Authenticated) SQL Injection

Exploit Title: Wordpress Booking Calendar v8.4.3 - Authenticated SQL Injection Vulnerability Date: 2018-12-28 Exploit Author: B0UG Vendor Homepage: https://wpbookingcalendar.com/ Software Link: https://wordpress.org/plugins/booking/ Version: Tested on version 8.4.3 older versions may also be...

8.8CVSS8.8AI score0.18906EPSS
Exploits5
Exploit DB
Exploit DB
added 2019/02/14 12:0 a.m.45 views

DomainMOD 4.11.01 - 'assets/add/dns.php' Cross-Site Scripting

Exploit Title: DomainMOD 4.11.01 - Cross-Site Scripting Date: 2018-11-22 Exploit Author: Mohammed Abdul Kareem Vendor Homepage: domainmod https://domainmod.org/ Software Link: domainmod https://github.com/DomainMod/DomainMod Version: v4.09.03 to v4.11.01 CVE : CVE-2018-19914 A Stored Cross-site...

4.8CVSS5.5AI score0.03316EPSS
Exploits5
Exploit DB
Exploit DB
added 2019/02/14 12:0 a.m.65 views

DomainMOD 4.11.01 - 'assets/edit/host.php?whid=5' Cross-Site Scripting

Exploit Title: DomainMOD 4.11.01 - Cross-Site Scripting Date: 2018-11-22 Exploit Author: Mohammed Abdul Kareem Vendor Homepage: domainmod https://domainmod.org/ Software Link: domainmod https://github.com/DomainMod/DomainMod Version: v4.09.03 to v4.11.01 CVE : CVE-2018-19915 A Stored Cross-site...

4.8CVSS5.5AI score0.04008EPSS
Exploits5
Exploit DB
Exploit DB
added 2019/02/14 12:0 a.m.36 views

DomainMOD 4.11.01 - 'category.php CatagoryName, StakeHolder' Cross-Site Scripting

Exploit Title: DomainMOD 4.11.01 - Cross-Site Scripting Date: 2018-11-22 Exploit Author: Mohammed Abdul Raheem Vendor Homepage: domainmod https://domainmod.org/ Software Link: domainmod https://github.com/DomainMod/DomainMod Version: v4.09.03 to v4.11.01 CVE : CVE-2018-20011 A Stored Cross-site...

4.8CVSS5.5AI score0.04428EPSS
Exploits6
Exploit DB
Exploit DB
added 2019/02/14 12:0 a.m.53 views

DomainMOD 4.11.01 - 'ssl-provider-name' Cross-Site Scripting

Exploit Title: DomainMOD 4.11.01 - Cross-Site Scripting Date: 2018-11-22 Exploit Author: Mohammed Abdul Raheem Vendor Homepage: domainmod https://domainmod.org/ Software Link: domainmod https://github.com/DomainMod/DomainMod Version: v4.09.03 to v4.11.01 CVE : CVE-2018-20009 A Stored Cross-site...

4.8CVSS7AI score0.04428EPSS
Exploits6
Exploit DB
Exploit DB
added 2019/02/14 12:0 a.m.49 views

DomainMOD 4.11.01 - 'ssl-accounts.php username' Cross-Site Scripting

Exploit Title: DomainMOD 4.11.01 - Cross-Site Scripting Date: 2018-11-22 Exploit Author: Mohammed Abdul Raheem Vendor Homepage: domainmod https://domainmod.org/ Software Link: domainmod https://github.com/DomainMod/DomainMod Version: v4.09.03 to v4.11.01 CVE : CVE-2018-20010 A Stored Cross-site...

4.8CVSS5.5AI score0.04428EPSS
Exploits5
Exploit DB
Exploit DB
added 2019/02/14 12:0 a.m.31 views

Core FTP/SFTP Server 1.2 Build 589.42 - 'User domain' Denial of Service (PoC)

Exploit Title: Core FTP/SFTP Server 1.2 - Build 589.42 - Denial of Service PoC Discovery by: Victor Mondragón Discovery Date: 2019-02-13 Vendor Homepage: http://www.coreftp.com/ Software Link: http://www.coreftp.com/server/download/archive/CoreFTPServer589.42.exe Tested Version: v2-Build 673 Test...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/02/14 12:0 a.m.50 views

MediaMonkey 4.1.23 - '.mp3' URL Denial of Service (PoC)

-- coding: utf-8 -- Exploit Title: MediaMonkey 4.1.23 - URL Denial of Service PoC Date: 13/02/2019 Author: Alejandra Sánchez Vendor Homepage: https://www.mediamonkey.com/ Software Link: https://www.mediamonkey.com/sw/MediaMonkey4.1.23.1881.exe Version: 4.1.23.1881 Tested on: Windows 10 Proof of...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/02/14 12:0 a.m.65 views

LayerBB 1.1.2 - Cross-Site Request Forgery (Add Admin)

Exploit Title: LayerBB 1.1.2 - Cross-Site Request Forgery Date: 10/4/2018 Author: 0xB9 Twitter: @0xB9Sec Contact: 0xB9atpm.me Software Link: https://forum.layerbb.com Version: 1.1.2 Tested on: Ubuntu 18.04 CVE: CVE-2018-17996 1. Description: LayerBB is a free open-source forum software, the CSRF...

6.5CVSS6.5AI score0.03011EPSS
Exploits4
Exploit DB
Exploit DB
added 2019/02/14 12:0 a.m.95 views

exacqVision ESM 5.12.2 - Privilege Escalation

Exploit Title: exacqVision ESM 5.12.2 - Privilege Escalation Exploit Author: bzyo Twitter: @bzyo Date: 2019-02-13 Vulnerable Software: http://cdnpublic.exacq.com/5.12/exacqVisionEnterpriseSystemManager5.12.2.150128x86.exe Vendor Homepage: https://www.exacq.com Version: 5.12.2.150128 Tested Window...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/02/14 12:0 a.m.92 views

ApowerManager 3.1.7 - Phone Manager Remote Denial of Service (PoC)

!/usr/bin/python coding: utf-8 Author: Marcelo Vázquez aka s4vitar ApowerManager Remote Denial of Service DoS / Application Crash Exploit Title: ApowerManager - Phone Manager Remote Denial of Service DoS / Application Crash Date: 2019-02-14 Exploit Author: Marcelo Vázquez aka s4vitar Vendor...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/02/13 12:0 a.m.968 views

Jiofi 4 (JMR 1140 Amtel_JMR1140_R12.07) - Cross-Site Request Forgery (Password Disclosure)

Exploit Title: Jiofi 4 JMR 1140 CSRF To View Wi-fi Password Date: 12.02.2019 Exploit Author: Ronnie T Baby Contact:https://www.linkedin.com/in/ronnietbaby Vendor Homepage: www.jio.com Hardware Link: https://www.jio.com/shop/en-in/jmr-1140/p/491193574 Category: Hardware Wifi Router Version: JMR-11...

9.8CVSS0.3AI score0.03807EPSS
Exploits2
Exploit DB
Exploit DB
added 2019/02/13 12:0 a.m.141 views

Jiofi 4 (JMR 1140 Amtel_JMR1140_R12.07) - Cross-Site Request Forgery (Admin Token Disclosure)

Exploit Title: Jiofi 4 JMR 1140 CSRF To Leak Admin Tokens to change wifi Password or Factory Reset Router Date: 12.02.2019 Exploit Author: Ronnie T Baby Contact:https://www.linkedin.com/in/ronnietbaby Vendor Homepage: www.jio.com Hardware Link: https://www.jio.com/shop/en-in/jmr-1140/p/491193574...

8.1CVSS8.2AI score0.01058EPSS
Exploits2
Exploit DB
Exploit DB
added 2019/02/13 12:0 a.m.95 views

Apple macOS 10.13.5 - Local Privilege Escalation

import import import import import import import "offsets.h" //utils define ENFORCEa, label \ do \ if builtinexpect!a, 0 \ \ timedlog"! %s is false l.%d\n", a, LINE; \ goto label; \ \ while 0 // from https://stackoverflow.com/questions/4415524/common-array-length-macro-for-c define COUNTOFx...

7.4CVSS7.6AI score0.05715EPSS
Exploits6
Exploit DB
Exploit DB
added 2019/02/13 12:0 a.m.46 views

Rukovoditel Project Management CRM 2.4.1 - Cross-Site Scripting

Exploit Title : Rukovoditel Project Management CRM 2.4.1 - XSS Vulnerability DOM BASED Author Discovered By : Mehmet EMIROGLU Date : 29/01/2019 Vendor Homepage : https://www.rukovoditel.net/ Software Link : https://sourceforge.net/projects/rukovoditel/ Affected Versions : 2.4.1 Tested On : Wampp,...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/02/13 12:0 a.m.43 views

PilusCart 1.4.1 - 'send' SQL Injection

Exploit Title: PilusCart 1.4.1 - 'send' SQL Vulnerability Dork: N/A Date: 10-02-2019 Exploit Author: Mehmet EMIROGLU Vendor Homepage: https://sourceforge.net/projects/pilus/ Software Link: https://sourceforge.net/projects/pilus/ Version: 1.4.1 Category: Webapps Tested on: Wampp @Win CVE: N/A...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/02/13 12:0 a.m.52 views

NetworkSleuth 3.0 - 'Name' Denial of Service (PoC)

-- coding: utf-8 -- Exploit Title: NetworkSleuth 3.0 - Denial of Service PoC Date: 12/02/2019 Author: Alejandra Sánchez Vendor Homepage: http://www.nsauditor.com/ Software Link: http://www.nsauditor.com/downloads/networksleuthsetup.exe Version: 3.0.0.0 Tested on: Windows 10 Proof of Concept: 1.-...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/02/13 12:0 a.m.293 views

snapd < 2.37 (Ubuntu) - 'dirty_sock' Local Privilege Escalation (1)

!/usr/bin/env python3 """ dirtysock: Privilege Escalation in Ubuntu via snapd In January 2019, current versions of Ubuntu Linux were found to be vulnerable to local privilege escalation due to a bug in the snapd API. This repository contains the original exploit POC, which is being made available...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/02/13 12:0 a.m.491 views

snapd < 2.37 (Ubuntu) - 'dirty_sock' Local Privilege Escalation (2)

!/usr/bin/env python3 """ dirtysock: Privilege Escalation in Ubuntu via snapd In January 2019, current versions of Ubuntu Linux were found to be vulnerable to local privilege escalation due to a bug in the snapd API. This repository contains the original exploit POC, which is being made available...

7AI score
Exploits0
Total number of security vulnerabilities47904