Lucene search
K
ExploitdbRecent

47904 matches found

Exploit DB
Exploit DB
added 2019/02/13 12:0 a.m.294 views

snapd < 2.37 (Ubuntu) - 'dirty_sock' Local Privilege Escalation (1)

!/usr/bin/env python3 """ dirtysock: Privilege Escalation in Ubuntu via snapd In January 2019, current versions of Ubuntu Linux were found to be vulnerable to local privilege escalation due to a bug in the snapd API. This repository contains the original exploit POC, which is being made available...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/02/13 12:0 a.m.96 views

Apple macOS 10.13.5 - Local Privilege Escalation

import import import import import import import "offsets.h" //utils define ENFORCEa, label \ do \ if builtinexpect!a, 0 \ \ timedlog"! %s is false l.%d\n", a, LINE; \ goto label; \ \ while 0 // from https://stackoverflow.com/questions/4415524/common-array-length-macro-for-c define COUNTOFx...

7.4CVSS7.6AI score0.05715EPSS
Exploits6
Exploit DB
Exploit DB
added 2019/02/12 12:0 a.m.97 views

Ubuntu snapd < 2.37.1 - Local Privilege Escalation

dirtysock: Privilege Escalation in Ubuntu via snapd In January 2019, current versions of Ubuntu Linux were found to be vulnerable to local privilege escalation due to a bug in the snapd API. This repository contains the original exploit POC, which is being made available for research and educatio...

10CVSS0.4AI score0.61075EPSS
Exploits10
Exploit DB
Exploit DB
added 2019/02/12 12:0 a.m.99 views

Skyworth GPON HomeGateways and Optical Network Terminals - Stack Overflow

''' ======================================================== Unauthenticated Stack Overflow in Multiple Gpon Devices ======================================================== . contents:: Table Of Content Overview ======== Title:- StackOverflow in Multiple Skyworth GPON HomeGateways and Optical...

10CVSS9.7AI score0.50523EPSS
Exploits5
Exploit DB
Exploit DB
added 2019/02/12 12:0 a.m.349 views

BlogEngine.NET 3.3.6 - Directory Traversal / Remote Code Execution

Exploit Title: BlogEngine.NET = 3.3.6 Directory Traversal RCE Date: 02-11-2019 Exploit Author: Dustin Cobb Vendor Homepage: https://github.com/rxtur/BlogEngine.NET/ Software Link: https://github.com/rxtur/BlogEngine.NET/releases/download/v3.3.6.0/3360.zip Version: = 3.3.6 Tested on: Windows 2016...

9.8CVSS9.3AI score0.31725EPSS
Exploits7
Exploit DB
Exploit DB
added 2019/02/12 12:0 a.m.81 views

Android - binder Use-After-Free via fdget() Optimization

This bug report describes two different issues in different branches of the binder kernel code. The first issue is in the upstream Linux kernel, commit 7f3dc0088b98 "binder: fix proc-files use-after-free"; the second issue is in the wahoo kernel and maybe elsewhere? but at least the android commo...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/02/12 12:0 a.m.44 views

Android - binder Use-After-Free of VMA via race Between reclaim and munmap

The following bug report solely looks at the situation on the upstream master branch; while from a cursory look, at least the wahoo kernel also looks affected, I have only properly tested this on upstream master. There is a race condition between the direct reclaim path enters binder through the...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/02/12 12:0 a.m.138 views

Jenkins 2.150.2 - Remote Command Execution (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class MetasploitModule 'Jenkins %q This module can run commands on the system using Jenkins users who has JOB creation and BUILD privileges. The...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/02/12 12:0 a.m.157 views

OPNsense < 19.1.1 - Cross-Site Scripting

Exploit Title: OPNsense 19.1 | Cross-Site Scripting Date: 01.02.2019 Exploit Author: Ozer Goker Vendor Homepage: https://opnsense.org Software Link: http://mirror.ams1.nl.leaseweb.net/opnsense/releases/19.1/OPNsense-19.1-OpenSSL-dvd-amd64.iso.bz2 Version: 19.1 Introduction OPNsense is an open...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/02/12 12:0 a.m.64 views

runc < 1.0-rc6 (Docker < 18.09.2) - Container Breakout (1)

Usage Edit HOST inside payload.c, compile with make. Start nc and run pwn.sh inside the container. Notes - This exploit is destructive: it'll overwrite /usr/bin/docker-runc binary on the host with the payload. It'll also overwrite /bin/sh inside the container. - Tested only on Debian 9. - No...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2019/02/12 12:0 a.m.45 views

LayerBB 1.1.2 - Cross-Site Scripting

Exploit Title: LayerBB 1.1.2 - Cross-Site Scripting Date: 11/19/2018 Author: 0xB9 Twitter: @0xB9Sec Contact: 0xB9atpm.me Software Link: https://forum.layerbb.com/downloads.php?view=file&id=28 Version: 1.1.2 Tested on: Ubuntu 18.04 CVE: CVE-2019-7688 1. Description: LayerBB is a free open-source...

6.8AI score
Exploits0
Exploit DB
Exploit DB
added 2019/02/11 12:0 a.m.59 views

AirDroid 4.2.1.6 - Denial of Service

!/bin/bash Author: Marcelo Vázquez aka s4vitar AirDroid Denial of Service DoS & System Crash + Forced Reboot Exploit Title: AirDroid Remote Denial of Service DoS & System Crash + Forced Reboot Date: 2019-02-13 Exploit Author: Marcelo Vázquez aka s4vitar Collaborators: Victor Lasa aka vowkin Vendo...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/02/11 12:0 a.m.59 views

Webiness Inventory 2.3 - 'email' SQL Injection

=========================================================================================== Exploit Title: Webiness Inventory 2.3 - 'email' SQL Vulnerability Dork: N/A Date: 10-02-2019 Exploit Author: Mehmet EMIROGLU Vendor Homepage: https://sourceforge.net/projects/webinessinventory/files/...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/02/11 12:0 a.m.50 views

MyBB Bans List 1.0 - Cross-Site Scripting

Exploit Title: MyBB Bans List - Cross Site Scripting Date: 7/25/2018 Author: 0xB9 Twitter: @0xB9Sec Contact: 0xB9atpm.me Software Link: https://community.mybb.com/mods.php?action=view&pid=423 Version: 1.0 Tested on: Ubuntu 18.04 CVE: CVE-2018-14724 1. Description: Adds bans.php page, showing a li...

5.4CVSS5.5AI score0.00691EPSS
Exploits5
Exploit DB
Exploit DB
added 2019/02/11 12:0 a.m.110 views

Indusoft Web Studio 8.1 SP2 - Remote Code Execution

Exploit Title: Indusoft Web Studio Unauthenticated RCE Date: 02/04/2019 Exploit Author: Jacob Baines Vendor Homepage: http://www.indusoft.com/ Software http://www.indusoft.com/Products-Downloads/Download-Library Version: 8.1 SP2 and below Tested on: Windows 7 running the Web Studio 8.1 SP2 demo a...

10CVSS8.7AI score0.17287EPSS
Exploits6
Exploit DB
Exploit DB
added 2019/02/11 12:0 a.m.80 views

Evince - CBT File Command Injection (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'rex/zip' class MetasploitModule 'Evince CBT File Command Injection', 'Description' = %q This module exploits a command injection vulnerability in Evince before...

7.8CVSS7.7AI score0.50826EPSS
Exploits9
Exploit DB
Exploit DB
added 2019/02/11 12:0 a.m.67 views

NUUO NVRmini - upgrade_handle.php Remote Command Execution (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'NUUO NVRmini upgradehandle.php Remote Command Execution', 'Description' = %q This exploits a vulnerability in the web application of NUUO NVRmini...

10CVSS7.4AI score0.93746EPSS
Exploits5
Exploit DB
Exploit DB
added 2019/02/11 12:0 a.m.34 views

River Past Video Cleaner 7.6.3 - Local Buffer Overflow (SEH)

Exploit Title: River Past Video Cleaner Buffer Overflow SEH Date: 9-2-2019 Exploit Author: crashmanucoot Contact: twitter.com/crashmanucoot Software Link: https://river-past-video-cleaner.softonic.com/ Version: 7.6.3 Tested on: Windows 10 Pro x64 SPANISH Category: Windows Local Exploit How to...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/02/11 12:0 a.m.51 views

FutureDj Pro 1.7.2.0 - Denial of Service

Exploit Title: FutureDj Pro Local Dos Exploit Date: 07.02.2019 Vendor Homepage: https://www.xylio.com Software Link: https://www.xylio.com/future-dj-pro-a-new-level-of-mixing-perfection/ Exploit Author: Achilles Tested Version: 1.7.2.0 32bit Tested on: Windows 7 SP1 Ultimate 1.- Run python code :...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/02/11 12:0 a.m.82 views

Coship Wireless Router 4.0.0.x/5.0.0.x - WiFi Password Reset

Exploit Title: Coship Wireless Router – Wireless SSID Unauthenticated Password Reset Date: 07.02.2019 Exploit Author: Adithyan AK Vendor Homepage: http://en.coship.com/ Category: Hardware WiFi Router Affected Versions : Coship RT3052 - 4.0.0.48, Coship RT3050 - 4.0.0.40, Coship WM3300 - 5.0.0.54,...

9.8CVSS9.7AI score0.0305EPSS
Exploits5
Exploit DB
Exploit DB
added 2019/02/11 12:0 a.m.167 views

IP-Tools 2.5 - 'Log to file' Local Buffer Overflow (SEH) (Egghunter)

!/usr/bin/env python ------------------------------------------------------------------------------------------------------------------------------------ Exploit: IP-Tools 2.5 - Local Buffer OverflowEggHunter Date: 2019-02-06 Author: Juan Prescotto Tested Against: Win7 Pro SP1 64 bit Software...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/02/11 12:0 a.m.71 views

VA MAX 8.3.4 - (Authenticated) Remote Code Execution

root@nippur:/home/c/src/nippur cat vamax3.py !/usr/bin/env python quick poc for postauth rce bug in va max 8.3.4 more: https://code610.blogspot.com 10.02.2019 p.s. listening on any 4444 ... 192.168.1.126: inverse host lookup failed: Unknown host connect to 192.168.1.160 from UNKNOWN 192.168.1.126...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/02/11 12:0 a.m.39 views

River Past Cam Do 3.7.6 - Local Buffer Overflow (SEH)

Exploit Title: River Past CamDo SEH Local Exploit Date: 07.02.2019 Vendor Homepage:www.riverpast.com Software Link: https://en.softonic.com/download/river-past-cam-do/windows/post-download?sl=1 Exploit Author: Achilles Tested Version: 3.7.6 Tested on: Windows XP SP3 EN 1.- Run python code :...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2019/02/11 12:0 a.m.49 views

NordVPN 6.19.6 - Denial of Service (PoC)

-- coding: utf-8 -- Exploit Title: NordVPN 6.19.6 - Denial of Service PoC Date: 07/02/2019 Author: Alejandra Sánchez Vendor Homepage: https://nordvpn.com/ Software Link: https://downloads.nordcdn.com/apps/windows/10/NordVPN/latest/NordVPNSetup.exe Version: 6.19.6 Tested on: Windows 10 Proof of...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/02/11 12:0 a.m.77 views

Avast Anti-Virus < 19.1.2360 - Local Credentials Disclosure

Exploit Title: Avast Anti-Virus Local Credentials Disclosure 19.1.2360 Date: 01/18/2019 Exploit Author: Nathu Nandwani Website: http://nandtech.co/ Version: before 19.1.2360 build 19.1.4142.0 Tested on: Windows 10 x64 CVE: CVE-2018-12572 Based on LiquidWorm's and Yakir Wizman's proof of concepts...

7.8CVSS7.7AI score0.00314EPSS
Exploits5
Exploit DB
Exploit DB
added 2019/02/11 12:0 a.m.647 views

Adobe Flash Player - DeleteRangeTimelineOperation Type Confusion (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Adobe Flash Player DeleteRangeTimelineOperation Type-Confusion', 'Description' = %q This module exploits a type confusion on Adobe Flash Player,...

10CVSS9.8AI score0.94354EPSS
Exploits6
Exploit DB
Exploit DB
added 2019/02/11 12:0 a.m.63 views

Smoothwall Express 3.1-SP4 - Cross-Site Scripting

Exploit Title: Smoothwall Express 3.1-SP4-polar-x8664-update9 | Cross-Site Scripting Date: 06.02.2019 Exploit Author: Ozer Goker Vendor Homepage: http://www.smoothwall.org Software Link: https://sourceforge.net/projects/smoothwall/files/SmoothWall/3.1%20SP4/Express-3.1-SP4-x8664.iso/download...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/02/11 12:0 a.m.63 views

CentOS Web Panel 0.9.8.763 - Persistent Cross-Site Scripting

Exploit Title: CentOS Web Panel 0.9.8.763 - Stored Cross-Site Scripting Vulnerability Google Dork: N/A Date: 10 - January - 2019 Exploit Author: DKM Vendor Homepage: http://centos-webpanel.com Software Link: http://centos-webpanel.com Version: v0.9.8.763 Tested on: CentOS 7 CVE : CVE-2019-7646...

4.8CVSS5.2AI score0.07246EPSS
Exploits5
Exploit DB
Exploit DB
added 2019/02/11 12:0 a.m.117 views

IPFire 2.21 - Cross-Site Scripting

Exploit Title: IPFire 2.21 - Core Update 127 | Cross-Site Scripting Date: 08.02.2019 Exploit Author: Ozer Goker Vendor Homepage: https://www.ipfire.org Software Link: https://downloads.ipfire.org/releases/ipfire-2.x/2.21-core127/ipfire-2.21.x8664-full-core127.iso Version: IPFire 2.21 - Core Updat...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/02/06 12:0 a.m.42 views

osCommerce 2.3.4.1 - 'currency' SQL Injection

Exploit Title: osCommerce 2.3.4.1 - 'currency' SQL Vulnerabilities Dork: N/A Date: 05-02-2019 Exploit Author: Mehmet EMIROGLU Vendor Homepage: https://www.oscommerce.com Software Link: https://www.oscommerce.com/Products Version: 2.3.4.1 Category: Webapps Tested on: Wampp @Win CVE: N/A Software...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/02/06 12:0 a.m.48 views

osCommerce 2.3.4.1 - 'products_id' SQL Injection

Exploit Title: osCommerce 2.3.4.1 - 'productsid' SQL Vulnerabilities Dork: N/A Date: 05-02-2019 Exploit Author: Mehmet EMIROGLU Vendor Homepage: https://www.oscommerce.com Software Link: https://www.oscommerce.com/Products Version: 2.3.4.1 Category: Webapps Tested on: Wampp @Win CVE: N/A Software...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/02/06 12:0 a.m.104 views

Skia - Incorrect Convexity Assumptions Leading to Buffer Overflows

I was looking into the root cause of https://bugs.chromium.org/p/chromium/issues/detail?id=850350. In that bug, due to precision errors, Skia generated a concave RRect, but declared it convex. Later, the RRect was transformed with an affine transform and used as a clipping region for drawing...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/02/06 12:0 a.m.50 views

osCommerce 2.3.4.1 - 'reviews_id' SQL Injection

Exploit Title: osCommerce 2.3.4.1 - 'reviewsid' SQL Vulnerabilities Dork: N/A Date: 05-02-2019 Exploit Author: Mehmet EMIROGLU Vendor Homepage: https://www.oscommerce.com Software Link: https://www.oscommerce.com/Products Version: 2.3.4.1 Category: Webapps Tested on: Wampp @Win CVE: N/A Software...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2019/02/06 12:0 a.m.149 views

River Past Audio Converter 7.7.16 - Buffer Overflow (SEH)

Exploit Title: RiverPastAudioConverter - Buffer Overflow SEH Date: 06.02.2019 Vendor Homepage: www.riverpast.com Software Link: https://en.softonic.com/download/river-past-audio-converter/windows/post-download?sl=3D1 Exploit Author: Matteo Malvica Tested Version: 7.7.16 Tested on: Windows 10 -...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/02/05 12:0 a.m.109 views

BEWARD N100 H.264 VGA IP Camera M2.1.6 - Cross-Site Request Forgery (Add Admin)

BEWARD N100 H.264 VGA IP Camera M2.1.6 CSRF Add Admin Exploit Vendor: Beward R&D Co., Ltd Product web page: https://www.beward.net Affected version: M2.1.6.04C014 Summary: The N100 compact color IP camera with support for a more efficient compression format is optimized for low-speed networks,...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/02/05 12:0 a.m.83 views

BEWARD N100 H.264 VGA IP Camera M2.1.6 - Remote Code Execution

BEWARD N100 H.264 VGA IP Camera M2.1.6 Root Remote Code Execution Vendor: Beward R&D Co., Ltd Product web page: https://www.beward.net Affected version: M2.1.6.04C014 Summary: The N100 compact color IP camera with support for a more efficient compression format is optimized for low-speed networks...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/02/05 12:0 a.m.73 views

River Past Audio Converter 7.7.16 - Denial of Service (PoC)

Exploit Title: RiverPastAudioConverterDoS Date: 05.02.2019 Vendor Homepage:www.riverpast.com Software Link :https://en.softonic.com/download/river-past-audio-converter/windows/post-download?sl=3D1 Exploit Author: Achilles Tested Version: 7.7.16 Tested on: Windows XP SP3 Vulnerability Type: Denial...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/02/05 12:0 a.m.71 views

BEWARD N100 H.264 VGA IP Camera M2.1.6 - RTSP Stream Disclosure

BEWARD N100 H.264 VGA IP Camera M2.1.6 Unauthenticated RTSP Stream Disclosure Vendor: Beward R&D Co., Ltd Product web page: https://www.beward.net Affected version: M2.1.6.04C014 Summary: The N100 compact color IP camera with support for a more efficient compression format is optimized for...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/02/05 12:0 a.m.76 views

OpenMRS Platform < 2.24.0 - Insecure Object Deserialization

Insecure Object Deserialization on the OpenMRS Platform Vulnerability Details CVE ID: CVE-2018-19276 Access Vector: Remote Security Risk: Critical Vulnerability: CWE-502 CVSS Base Score: 10.0 CVSS vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N JAVA 8 ENVIRONMENT By injecting an XML payload ...

10CVSS9.6AI score0.98811EPSS
Exploits10
Exploit DB
Exploit DB
added 2019/02/05 12:0 a.m.83 views

devolo dLAN 550 duo+ Starter Kit - Remote Code Execution

devolo dLAN 550 duo+ Starter Kit Remote Code Execution Vendor: devolo AG Product web page: https://www.devolo.com Affected version: dLAN 500 AV Wireless+ 3.1.0-1 i386 Summary: Devolo dLAN® 550 duo+ Starter Kit is Powerlineadapter which is a cost-effective and helpful networking alternative for an...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/02/05 12:0 a.m.112 views

BEWARD N100 H.264 VGA IP Camera M2.1.6 - Arbitrary File Disclosure

BEWARD N100 H.264 VGA IP Camera M2.1.6 Arbitrary File Disclosure Vendor: Beward R&D Co., Ltd Product web page: https://www.beward.net Affected version: M2.1.6.04C014 Summary: The N100 compact color IP camera with support for a more efficient compression format is optimized for low-speed networks,...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/02/05 12:0 a.m.78 views

Device Monitoring Studio 8.10.00.8925 - Denial of Service (PoC)

Exploit Title: Device Monitoring Studio 8.10.00.8925 - Denial of Service PoC Discovery by: Victor Mondragón Discovery Date: 2019-02-04 Tested Version: 8.10.00.8925 Tested on: Windows 7 Service Pack 1 x64 Steps to produce the crash: 1.- Run python code: DeviceMonitoringStudio8.10.00.8925.py 2.- Op...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/02/05 12:0 a.m.126 views

Zyxel VMG3312-B10B DSL-491HNU-B1B v2 Modem - Cross-Site Request Forgery

Exploit Title: Zyxel VMG3312-B10B DSL-491HNU-B1B v2 modem CSRF Exploit Version: Zyxel VMG3312-B10B Tested on : Parrot Os Author: Yusuf Furkan Twitter: h1yusuf CVE: CVE-2019-7391 model name: DSL-491HNU-B1B v2 history.pushState'', '', '/'...

8.8CVSS8.8AI score0.13609EPSS
Exploits5
Exploit DB
Exploit DB
added 2019/02/05 12:0 a.m.70 views

devolo dLAN 550 duo+ Starter Kit - Cross-Site Request Forgery

devolo dLAN 550 duo+ Starter Kit Cross-Site Request Forgery Vendor: devolo AG Product web page: https://www.devolo.com Affected version: dLAN 500 AV Wireless+ 3.1.0-1 i386 Summary: Devolo dLAN® 550 duo+ Starter Kit is Powerlineadapter which is a cost-effective and helpful networking alternative f...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/02/04 12:0 a.m.55 views

SuiteCRM 7.10.7 - 'record' SQL Injection

Exploit Title: SuiteCRM 7.10.7 - 'record' SQL Vulnerabilities Dork: N/A Date: 03-02-2019 Exploit Author: Mehmet EMIROGLU Vendor Homepage: https://suitecrm.com/ Software Link: https://suitecrm.com/download/ Version: 7.10.7 Category: Webapps Tested on: Wampp @Win CVE: N/A Software Description:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/02/04 12:0 a.m.111 views

pfSense 2.4.4-p1 - Cross-Site Scripting

Exploit Title: pfSense 2.4.4-p1 | Cross-Site Scripting Date: 28.01.2019 Exploit Author: Ozer Goker Vendor Homepage: https://www.pfsense.org Software Link: https://frafiles.pfsense.org/mirror/downloads/pfSense-CE-2.4.4-RELEASE-p1-amd64.iso.gz Version: 2.4.4-p1 Introduction pfSense® software is a...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/02/04 12:0 a.m.112 views

TaskInfo 8.2.0.280 - Denial of Service (PoC)

Exploit Title: TaskInfo v8.2.0.280 - Denial of Service PoC Discovery by: Rafael Pedrero Discovery Date: 2019-01-30 Vendor Homepage: http://www.iarsn.com/ Software Link : http://www.iarsn.com/ Tested Version: v8.2.0.280 Tested on: Windows XP SP3 Vulnerability Type: Denial of Service DoS Local Buff...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/02/04 12:0 a.m.65 views

SuiteCRM 7.10.7 - 'parentTab' SQL Injection

Exploit Title: SuiteCRM 7.10.7 - 'parentTab' SQL Vulnerabilities Dork: N/A Date: 03-02-2019 Exploit Author: Mehmet EMIROGLU Vendor Homepage: https://suitecrm.com/ Software Link: https://suitecrm.com/download/ Version: 7.10.7 Category: Webapps Tested on: Wampp @Win CVE: N/A Software Description:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/02/04 12:0 a.m.137 views

ResourceSpace 8.6 - 'watched_searches.php' SQL Injection

Exploit Title: ResourceSpace =8.6 'watchedsearches.php' SQL Injection Dork: intext:"Powered by ResourceSpace" Date: 2019-02-01 Exploit Author: dd [email protected] Vendor Homepage: https://www.resourcespace.com/ Software Link: https://www.resourcespace.com/get Version: Stable release: 8.6 Mino...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/02/04 12:0 a.m.122 views

Nessus 8.2.1 - Cross-Site Scripting

Exploit Title: Nessus 8.2.1 | Stored Cross-Site Scripting Date: 29.01.2019 Exploit Author: Ozer Goker Vendor Homepage: https://www.tenable.com Software Link: https://www.tenable.com/downloads/nessus Version: 8.2.1 Introduction Nessus is 1 For Vulnerability Assessment From the beginning, we've...

7.4AI score
Exploits0
Total number of security vulnerabilities47904