Lucene search
K
ExploitdbRecent

47904 matches found

Exploit DB
Exploit DB
added 2018/10/24 12:0 a.m.21 views

Adult Filter 1.0 - Denial of Service (PoC)

Exploit Title: ADULT FILTER 1.0 - Denial of Service PoC Date: 2018-10-28 Exploit Author: Beren Kuday GÖRÜN Vendor Homepage: http://www.armcode.com/adult-filter/ Software Link: http://www.armcode.com/downloads/adult-filter.exe Version: 1.0 Build 2007-Mar-12 Tested on OS: Windows XP Professional...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/10/24 12:0 a.m.25 views

Apache OFBiz 16.11.04 - XML External Entity Injection

Exploit Title: Apache OFBiz 16.11.04 - XML External Entity Injection Date: 2018-10-15 Exploit Author: Jamie Parfet Vendor Homepage: https://ofbiz.apache.org/ Software Link: https://archive.apache.org/dist/ofbiz/ Version: xXx xXx """ if lensys.argv = 1: print' Apache OFBiz 16.11.04 XXE' print' Use...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/10/23 12:0 a.m.31 views

SIM-PKH 2.4.1 - Arbitrary File Upload

Exploit Title: SIM-PKH 2.4.1 - Arbitrary File Upload Dork: N/A Date: 2018-10-22 Exploit Author: Ihsan Sencan Vendor Homepage: https://simpkh.sourceforge.io/ Software Link: https://sourceforge.net/projects/simpkh/files/latest/download Version: 2.4.1 Category: Webapps Tested on: WiN7x64/KaLiLinuXx6...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/10/23 12:0 a.m.48 views

ServersCheck Monitoring Software 14.3.3 - Arbitrary File Write

Exploit Title: ServersCheck Monitoring Software 14.3.3 - Denial of Service PoC Author: John Page aka hyp3rlinx Date: 2018-10-23 Vendor: www.serverscheck.com Software Link: http://downloads.serverscheck.com/monitoringsoftware/setup.exe CVE: N/A References:...

6.5CVSS6.5AI score0.02677EPSS
Exploits5
Exploit DB
Exploit DB
added 2018/10/23 12:0 a.m.14 views

Appsource School Management System 1.0 - 'student_id' SQL Injection

Exploit Title: Appsource School Management System 1.0 - 'studentid' SQL Injection Dork: N/A Date: 2018-10-19 Exploit Author: Ihsan Sencan Vendor Homepage: http://www.appsource.ug/school/ Software Link: https://sourceforge.net/p/appsource-school-system/code/ Version: 1.0 Category: Webapps Tested o...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/10/23 12:0 a.m.36 views

SIM-PKH 2.4.1 - 'id' SQL Injection

Exploit Title: SIM-PKH 2.4.1 - 'id' SQL Injection Dork: N/A Date: 2018-10-22 Exploit Author: Ihsan Sencan Vendor Homepage: https://simpkh.sourceforge.io/ Software Link: https://sourceforge.net/projects/simpkh/files/latest/download Version: 2.4.1 Category: Webapps Tested on: WiN7x64/KaLiLinuXx64...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/10/23 12:0 a.m.31 views

Microsoft Data Sharing - Local Privilege Escalation (PoC)

Bug description: RpcDSSMoveFromSharedFilehandle,L"token",L"c:\blah1\pci.sys"; This function exposed over alpc, has a arbitrary delete vuln. Hitting the timing was pretty annoying. But my PoC will keep rerunning until c:\windows\system32\drivers\pci.sys is deleted. I believe it's impossible to hit...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2018/10/23 12:0 a.m.23 views

School ERP Pro+Responsive 1.0 - 'fid' SQL Injection

Exploit Title: School ERP Pro+Responsive 1.0 - 'fid' SQL Injection Dork: N/A Date: 2018-10-23 Exploit Author: Ihsan Sencan Vendor Homepage: http://www.arox.in/ Software Link: https://sourceforge.net/projects/school-management-system-php/files/latest/download Software Link: http://erp.arox.in/...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/10/23 12:0 a.m.1723 views

MGB OpenSource Guestbook 0.7.0.2 - 'id' SQL Injection

Exploit Title: MGB OpenSource Guestbook 0.7.0.2 - 'id' SQL Injection Dork: N/A Date: 2018-10-23 Exploit Author: Ihsan Sencan Vendor Homepage: http://www.m-gb.org/ Software Link: https://sourceforge.net/projects/mopzz-gb/files/latest/download Version: 0.7.0.2 Category: Webapps Tested on:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/10/23 12:0 a.m.36 views

ServersCheck Monitoring Software 14.3.3 - 'id' SQL Injection

Exploit Title: ServersCheck Monitoring Software 14.3.3 - 'id' SQL Injection Author: John Page aka hyp3rlinx Date: 2018-10-23 Vendor: www.serverscheck.com Software link: http://downloads.serverscheck.com/monitoringsoftware/setup.exe CVE: N/A References:...

8.8CVSS8.9AI score0.00928EPSS
Exploits4
Exploit DB
Exploit DB
added 2018/10/23 12:0 a.m.25 views

School ERP Pro+Responsive 1.0 - Arbitrary File Download

Exploit Title: School ERP Pro+Responsive 1.0 - Arbitrary File Download Dork: N/A Date: 2018-10-23 Exploit Author: Ihsan Sencan Vendor Homepage: http://www.arox.in/ Software Link: https://sourceforge.net/projects/school-management-system-php/files/latest/download Software Link: http://erp.arox.in/...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/10/22 12:0 a.m.43 views

Apple Intel GPU Driver - Use-After-Free/Double-Delete due to bad Locking

/ This PoC file might look familiar; this bug is a trivial variant of CVE-2016-1744 Apple bug id 635599405. That report showed the bug in the unmapusermemory external methods; a variant also exists in the mapusermemory external methods. The intel graphics drivers have their own hash table type...

9.3CVSS6.4AI score0.04157EPSS
Exploits4
Exploit DB
Exploit DB
added 2018/10/22 12:0 a.m.40 views

Keybase keybase-redirector - '$PATH' Local Privilege Escalation

keybase-redirector is a setuid root binary. keybase-redirector calls the fusermount binary using a relative path and the application trusts the value of $PATH. This allows a local, unprivileged user to trick the application to executing a custom fusermount binary as root. Environment CentOS Linux...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/10/22 12:0 a.m.24 views

Viva Visitor & Volunteer ID Tracking 0.95.1 - 'fname' SQL Injection

Exploit Title: Viva Visitor & Volunteer ID Tracking 0.95.1 - 'fname' SQL Injection Dork: N/A Date: 2018-10-19 Exploit Author: Ihsan Sencan Vendor Homepage: https://viva-visitor.sourceforge.io/ Software Link: https://sourceforge.net/projects/viva-visitor/files/latest/download Version: 0.95.1...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/10/22 12:0 a.m.114 views

Microsoft Windows - SetImeInfoEx Win32k NULL Pointer Dereference (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Windows SetImeInfoEx Win32k NULL Pointer Dereference', 'Description' = %q This module exploits elevation of privilege vulnerability that exists i...

7.2CVSS7.3AI score0.73721EPSS
Exploits18
Exploit DB
Exploit DB
added 2018/10/22 12:0 a.m.20 views

Apple iOS/macOS - Sandbox Escape due to mach Message sent from Shared Memory

iohideventsystem sets up a shared memory event queue; at the end of this shared memory buffer it puts a mach message which it sends whenever it wants to notify a client that there's data available in the queue. As a client we can modify this mach message such that the server hidd on MacOS,...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/10/22 12:0 a.m.81 views

Apple iOS/macOS - Kernel Memory Corruption due to Integer Overflow in IOHIDResourceQueue::enqueueReport

/ IOHIDResourceQueue inherits from IOSharedDataQueue and adds its own ::enqueueReport method, which seems to be mostly copy-pasted from IOSharedDataQueue and IODataQueue's ::enqueue methods. I reported a bunch of integer overflows in IODataQueue over four years ago CVE-2014-4389, apple issue...

9.3CVSS5.6AI score0.03424EPSS
Exploits2
Exploit DB
Exploit DB
added 2018/10/22 12:0 a.m.21 views

Apple iOS - Kernel Stack Memory Disclosure due to Failure to Check copyin Return Value

Here's a code snippet from sleh.c with the second level exception handler for undefined instruction exceptions: static void handleuncategorizedarmsavedstatet state, booleant instrLen2 exceptiontypet exception = EXCBADINSTRUCTION; machexceptiondatatypet codes2 = EXCARMUNDEFINED; machmsgtypenumbert...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/10/22 12:0 a.m.43 views

Microsoft Windows 10 - Local Privilege Escalation (UAC Bypass)

!/usr/bin/env python Exploit Title: Windows 10 UAC Bypass by computerDefault Date: 2018-10-18 Exploit Author: Fabien DROMAS - Security consultant @ Synetis Twitter: st0rnpentest Vendor Homepage: www.microsoft.com Version: Version 10.0.17134.285 Tested on: Windows 10 pro Version 10.0.17134.285...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/10/22 12:0 a.m.93 views

Modbus Poll 7.2.2 - Denial of Service (PoC)

Exploit Title: Modbus Poll 7.2.2 - Denial of Service PoC Discovery by: Cemal Cihad ÇİFTÇİ Discovery Date: 2018-10-19 Tested Version: 7.2.2 Vulnerability Type: DOS Tested on OS: Windows XP Professional Service Pack 3 Vendor Homepage: https://www.modbustools.com Download Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/10/22 12:0 a.m.29 views

Apple iOS Kernel - Use-After-Free due to bad Error Handling in Personas

/ There was recently some cleanup in the persona code to fix some race conditions there, I don't think it was sufficient: In kpersonaallocsyscall if we provide an invalid userspace pointer for the ipd outptr we can cause this copyout to fail: error = copyout&persona-pnaid, idp, sizeofpersona-pnai...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/10/22 12:0 a.m.81 views

School ERP Ultimate 2018 - Arbitrary File Download

Exploit Title: School ERP Ultimate 2018 - Arbitrary File Download Dork: N/A Date: 2018-10-21 Exploit Author: Ihsan Sencan Vendor Homepage: http://freeschoolerp.com/ Software Link: http://freeschoolerp.com/schoolerp30Nov2017free.zip Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/10/22 12:0 a.m.85 views

MySQL Edit Table 1.0 - 'id' SQL Injection

Exploit Title: MySQL Edit Table 1.0 - 'id' SQL Injection Dork: N/A Date: 2018-10-18 Exploit Author: Ihsan Sencan Vendor Homepage: https://www.bookman.nl Software Link: https://sourceforge.net/projects/sql-edit-table/files/latest/download Version: 1.0 Category: Webapps Tested on:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/10/22 12:0 a.m.54 views

The Open ISES Project 3.30A - 'tick_lat' SQL Injection

Exploit Title: The Open ISES Project 3.30A - 'ticklat' SQL Injection Dork: N/A Date: 2018-10-18 Exploit Author: Ihsan Sencan Vendor Homepage: http://openises.sourceforge.net/ Software Link: https://sourceforge.net/projects/openises/files/latest/download Version: 3.30A050318 Category: Webapps Test...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2018/10/22 12:0 a.m.18 views

The Open ISES Project 3.30A - Arbitrary File Download

Exploit Title: The Open ISES Project 3.30A - Arbitrary File Download Dork: N/A Date: 2018-10-18 Exploit Author: Ihsan Sencan Vendor Homepage: http://openises.sourceforge.net/ Software Link: https://sourceforge.net/projects/openises/files/latest/download Version: 3.30A050318 Category: Webapps Test...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/10/22 12:0 a.m.20 views

eNdonesia Portal 8.7 - 'artid' SQL Injection

Exploit Title: eNdonesia Portal 8.7 - 'artid' SQL Injection Dork: N/A Date: 2018-10-21 Exploit Author: Ihsan Sencan Vendor Homepage: http://www.endonesia.org/ Software Link: https://sourceforge.net/projects/endonesia/files/latest/download Version: 8.7 Category: Webapps Tested on:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/10/22 12:0 a.m.27 views

Oracle Siebel CRM 8.1.1 - CSV Injection

Exploit Title: Oracle Siebel CRM 8.1.1 - CSV Injection Date: 2018-10-21 Exploit Author: Sarath Nair aka AceNeon13 Contact: @AceNeon13 Vendor Homepage: www.oracle.com Software Link: http://www.oracle.com/us/products/applications/siebel/siebel-crm-8-1-1-066196.html Version: Oracle Siebel CRM Versio...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/10/22 12:0 a.m.33 views

Audacity 2.3 - Denial of Service (PoC)

Exploit Title: AudaCity 2.3 - Denial of Service PoC Author: Kağan Çapar Discovery Date: 2018-10-19 Software Link: https://www.fosshub.com/Audacity.html Vendor Homepage : https://www.audacityteam.org Tested Version: 2.3 Tested on OS: Windows 10 x64/86 Normal use CPU & Windows 7 High CPU usage &...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/10/22 12:0 a.m.17 views

School ERP Ultimate 2018 - 'fid' SQL Injection

Exploit Title: School ERP Ultimate 2018 - 'fid' SQL Injection Dork: N/A Date: 2018-10-21 Exploit Author: Ihsan Sencan Vendor Homepage: http://freeschoolerp.com/ Software Link: http://freeschoolerp.com/schoolerp30Nov2017free.zip Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/10/22 12:0 a.m.25 views

Apple iOS/macOS - Sandbox Escape due to Trusted Length Field in Shared Memory used by HID Event Subsystem

iohideventsystem is a MIG service which provides proxy access to various HID devices for untrusted clients. On iOS it's hosted by backboardd and on MacOS by hidd. The actual implementation is in IOKit.framework. I, and also pangu jailbreak team, had previously found a few bugs in the kernel...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/10/20 12:0 a.m.97 views

LibSSH 0.7.6 / 0.8.4 - Unauthorized Access

!/usr/bin/env python3 import sys import paramiko import socket import logging pip3 install paramiko==2.0.8 logging.basicConfigstream=sys.stdout, level=logging.DEBUG logging.basicConfigstream=sys.stdout bufsize = 2048 def executehostname, port, command: sock = socket.socket try:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/10/18 12:0 a.m.92 views

Learning with Texts 1.6.2 - 'start' SQL Injection

Exploit Title: Learning with Texts 1.6.2 - 'start' SQL Injection Dork: N/A Date: 2018-10-18 Exploit Author: Ihsan Sencan Vendor Homepage: http://lwt.sourceforge.net/ Software Link: https://sourceforge.net/projects/lwt/files/latest/download Version: 1.6.2 Category: Webapps Tested on:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/10/18 12:0 a.m.128 views

libSSH - Authentication Bypass

!/usr/bin/env python3 import paramiko import socket import argparse from sys import argv, exit parser = argparse.ArgumentParserdescription="libSSH Authentication Bypass" parser.addargument'--host', help='Host' parser.addargument'-p', '--port', help='libSSH port', default=22...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2018/10/18 12:0 a.m.101 views

PHP-SHOP master 1.0 - Cross-Site Request Forgery (Add Admin)

Exploit Title: PHP-SHOP master 1.0 - Cross-Site Request Forgery Add admin Exploit Author : Alireza Norkazemi Date: 2018-10-15 Vendor Homepage : https://github.com/joeyrush/PHP-SHOP Software link: https://github.com/joeyrush/PHP-SHOP/archive/master.zip Version: 1.0 Tested on: Windows 10 CVE: N/A...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2018/10/18 12:0 a.m.88 views

OwnTicket 1.0 - 'TicketID' SQL Injection

Exploit Title: OwnTicket 1.0 - 'TicketID' SQL Injection Dork: N/A Date: 2018-10-18 Exploit Author: Ihsan Sencan Vendor Homepage: https://ownticket.sourceforge.io/ Software Link: https://sourceforge.net/projects/ownticket/files/latest/download Version: 1.0 Category: Webapps Tested on:...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2018/10/17 12:0 a.m.121 views

TP-Link TL-SC3130 1.6.18 - RTSP Stream Disclosure

Exploit Title: TP-Link TL-SC3130 1.6.18 - RTSP Stream Disclosure Author: Gjoko 'LiquidWorm' Krstic @zeroscience Date: 2018-10-17 Vendor: TP-LINK Technologies Co., Ltd. Product web page: http://www.tp-link.com Affected version: 1.6.18P12121101 Tested on: Boa/0.94.14rc21 CVE: N/A References: Adviso...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/10/17 12:0 a.m.93 views

BigTree CMS 4.2.23 - Cross-Site Scripting

Exploit Title: BigTree CMS 4.2.23 - Cross-Site Scripting Date: 2018-10-15 Exploit Author: Ismail Tasdelen Vendor Homepage: https://www.bigtreecms.org/ Software Link : https://github.com/bigtreecms/BigTree-CMS/ Software : BigTree CMS Version : 4.2.23 Vulernability Type : Cross-site Scripting...

6.1CVSS6.3AI score0.03648EPSS
Exploits4
Exploit DB
Exploit DB
added 2018/10/17 12:0 a.m.93 views

Time and Expense Management System 3.0 - 'table' SQL Injection

Exploit Title: Time and Expense Management System 3.0 - 'table' SQL Injection Dork: N/A Date: 2018-10-17 Exploit Author: Ihsan Sencan Vendor Homepage: http://www.initechs.com/ Software Link: http://sourceforge.net/projects/tems/files/latest Version: 3.0 Category: Webapps Tested on:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/10/17 12:0 a.m.96 views

Any Sound Recorder 2.93 - Buffer Overflow (SEH)

Exploit Title: Any Sound Recorder 2.93 - Buffer Overflow SEH Exploit Author: Abdullah Alic Discovery Date: 2018-10-16 Homepage: http://www.any-sound-recorder.com Software Link: http://www.any-sound-recorder.com/anysoundrecorder.exe Version: 2.93 Tested on: Windows XP Professional sp3 ENG Steps to...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/10/17 12:0 a.m.96 views

FLIR AX8 Thermal Camera 1.32.16 - Hard-Coded Credentials

Exploit Title: FLIR AX8 Thermal Camera 1.32.16 - Hard-Coded Credentials Author: Gjoko 'LiquidWorm' Krstic @zeroscience Date: 2018-10-14 Vendor: FLIR Systems, Inc Product web page: https://www.flir.com Affected version: Firmware: 1.32.16, 1.17.13, OS: necov1.8-0-g7ffe5b3 Hardware: Flir Systems Nec...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2018/10/17 12:0 a.m.94 views

Time and Expense Management System 3.0 - Cross-Site Request Forgery (Add Admin)

Exploit Title: Time and Expense Management System 3.0 - Cross-Site Request Forgery Add Admin Dork: N/A Date: 2018-10-17 Exploit Author: Ihsan Sencan Vendor Homepage: http://www.initechs.com/ Software Link: http://sourceforge.net/projects/tems/files/latest Version: 3.0 Category: Webapps Tested on:...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2018/10/16 12:0 a.m.154 views

Solaris - RSH Stack Clash Privilege Escalation (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Solaris RSH Stack Clash Privilege Escalation', 'Description' = %q This module exploits a vulnerability in RSH on unpatched Solaris systems which...

6AI score
Exploits0
Exploit DB
Exploit DB
added 2018/10/16 12:0 a.m.541 views

HotelDruid 2.2.4 - 'anno' SQL Injection

Exploit Title: HotelDruid 2.2.4 - 'anno' SQL Injection Dork: N/A Date: 2018-10-13 Exploit Author: Ihsan Sencan Vendor Homepage: http://www.hoteldruid.com/ Software Link: http://www.hoteldruid.com/en/download.html Version: 2.2.4 Category: Webapps Tested on: WiN7x64/KaLiLinuXx64 CVE: N/A POC: 1...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/10/16 12:0 a.m.553 views

Library CMS 2.1.1 - Cross-Site Scripting

Exploit Title: Library CMS 2.1.1 - Cross-Site Scripting Date: 2018-10-15 Exploit Author: Ismail Tasdelen Vendor Homepage: https://kaasoft.pro/ Software Link : https://library.kaasoft.pro/ Software : Library CMS - Powerful Book Management System Version : v 2.1.1 Vulernability Type : Cross-site...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2018/10/16 12:0 a.m.242 views

Git Submodule - Arbitrary Code Execution

CVE-2018-17456 I've gotten a couple of questions about exploitation for the recent RCE in Git. So here we go with some technical details. TL;DR Here is a PoC repository. EDB Note: Mirror https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/45631.zip Exploitation The...

9.8CVSS9.2AI score0.97356EPSS
Exploits12
Exploit DB
Exploit DB
added 2018/10/16 12:0 a.m.543 views

Rukovoditel Project Management CRM 2.3 - 'path' SQL Injection

Exploit Title: Rukovoditel Project Management CRM 2.3 - 'path' SQL Injection Dork: N/A Date: 2018-10-15 Exploit Author: Ihsan Sencan Vendor Homepage: https://www.rukovoditel.net/ Software Link: https://www.rukovoditel.net/download.php Version: 2.3 Category: Webapps Tested on: WiN7x64/KaLiLinuXx64...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/10/16 12:0 a.m.543 views

Navigate CMS 2.8.5 - Arbitrary File Download

Exploit Title: Navigate CMS 2.8.5 - Arbitrary File Download Dork: N/A Date: 2018-10-13 Exploit Author: Ihsan Sencan Vendor Homepage: https://www.navigatecms.com/ Software Link: http://master.dl.sourceforge.net/project/navigatecms/releases/navigate-2.8.5r1355.zip Version: 2.8.5 Category: Webapps...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/10/16 12:0 a.m.99 views

Microsoft Windows - 'FSCTL_FIND_FILES_BY_SID' Information Disclosure

Windows: FSCTLFINDFILESBYSID Information Disclosure Platform: Windows 10 1709, 1803 Class: Information Disclosure / Elevation of Privilege Summary: The FSCTLFINDFILESBYSID control code doesn’t check for permissions to list a directory leading to disclosure of file names when a user is not granted...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/10/16 12:0 a.m.283 views

VLC Media Player - MKV Use-After-Free (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'VLC Media Player MKV Use After Free', 'Description' = %q This module exploits a use after free vulnerability in VideoLAN VLC = MSFLICENSE, 'Autho...

8CVSS8.1AI score0.40612EPSS
Exploits10
Exploit DB
Exploit DB
added 2018/10/16 12:0 a.m.525 views

GIU Gallery Image Upload 0.3.1 - 'category' SQL Injection

Exploit Title: GIU Gallery Image Upload 0.3.1 - 'category' SQL Injection Dork: N/A Date: 2018-10-16 Exploit Author: Ihsan Sencan Vendor Homepage: http://tradesouthwest.com Software Link: https://sourceforge.net/projects/giugalleryimageupload/ Version: 0.3.1 Category: Webapps Tested on:...

7.4AI score
Exploits0
Total number of security vulnerabilities47904