Lucene search
K
ExploitdbRecent

47904 matches found

Exploit DB
Exploit DB
added 2018/10/09 12:0 a.m.477 views

Free MP3 CD Ripper 2.8 - '.wma' Buffer Overflow (SEH) (DEP Bypass)

Exploit Title: Free MP3 CD Ripper 2.8 - '.wma' Buffer Overflow SEH DEP Bypass Date: 2018-10-08 Exploit Author: Matteo Malvica Vendor: Cleanersoft Software Software Link: http://www.commentcamarche.net/download/telecharger-34082200-free-mp3-cd-ripper Tested Version: 2.8 Tested on OS: Windows 7 -...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/10/09 12:0 a.m.73 views

Delta Electronics Delta Industrial Automation COMMGR 1.08 - Stack Buffer Overflow (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Delta Electronics Delta Industrial Automation COMMGR 1.08 Stack Buffer Overflow', 'Description' = %q This module exploits a stack based buffer...

9.8CVSS7.4AI score0.68957EPSS
Exploits10
Exploit DB
Exploit DB
added 2018/10/08 12:0 a.m.37 views

Zahir Enterprise Plus 6 - Stack Buffer Overflow (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "Zahir Enterprise Plus 6 Stack Buffer Overflow", 'Description' = %q This module exploits a stack buffer overflow in Zahir Enterprise Plus version ...

7.8CVSS7.4AI score0.18968EPSS
Exploits8
Exploit DB
Exploit DB
added 2018/10/08 12:0 a.m.87 views

360 3.5.0.1033 - Sandbox Escape

360 3.5.0.1033 - Sandbox Escape. Local exploit for Windows platform Exploit Title: 360 3.5.0.1033 - Sandbox Escape Date: 2018-10-08 Exploit Author: vrsystem Vendor Homepage: https://www.360.cn/ Software Link: https://dl.360safe.com/360/inst.exe Version: 3.5.0.1033 Tested on: 3.5.0.1033 CVE : None...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/10/08 12:0 a.m.53 views

net-snmp 5.7.3 - (Unauthenticated) Denial of Service (PoC)

Exploit Title: net-snmp 5.7.3 - Unauthenticated Denial of Service PoC Date: 2018-10-08 Exploit Author: Magnus Klaaborg Stubman Website: https://dumpco.re/blog/net-snmp-5.7.3-remote-dos Vendor Homepage: http://www.net-snmp.org/ Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/10/08 12:0 a.m.31 views

Linux - Kernel Pointer Leak via BPF

/ Commit 82abbf8d2fc46d79611ab58daa7c608df14bb3ee "bpf: do not allow root to mangle valid pointers", first in v4.15 included the following snippet: ========= @@ -2319,43 +2307,29 @@ static int adjustregminmaxvalsstruct bpfverifierenv env, if srcreg-type != SCALARVALUE if dstreg-type != SCALARVALU...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/10/08 12:0 a.m.58 views

Unitrends UEB - HTTP API Remote Code Execution (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Unitrends UEB http api remote code execution', 'Description' = %q It was discovered that the api/storage web interface in Unitrends Backup UB...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2018/10/08 12:0 a.m.47 views

Android - sdcardfs Changes current->fs Without Proper Locking

Tested on a Pixel 2 walleye: ro.build.abupdate: true ro.build.characteristics: nosdcard ro.build.date: Mon Jun 4 22:10:18 UTC 2018 ro.build.date.utc: 1528150218 ro.build.description: walleye-user 8.1.0 OPM2.171026.006.G1 4820017 release-keys ro.build.display.id: OPM2.171026.006.G1...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/10/08 12:0 a.m.48 views

net-snmp 5.7.3 - (Authenticated) Denial of Service (PoC)

/ | | | / / | | -| || -| | | . | ||/ ||||| ||||||| | || 2018-10-08 NET-SNMP REMOTE DOS =================== Second bug is remotely exploitable only with knowledge of the community string in this case "public" leading to Denial of Service: echo -n...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/10/08 12:0 a.m.32 views

Navigate CMS - (Unauthenticated) Remote Code Execution (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Navigate CMS Unauthenticated Remote Code Execution', 'Description' = %q This module exploits insufficient sanitization in the database::protect...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/10/08 12:0 a.m.110 views

Microsoft Windows - Net-NTLMv2 Reflection DCOM/RPC (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core/post/windows/reflectivedllinjection' class MetasploitModule 'Windows Net-NTLMv2 Reflection DCOM/RPC', 'Description' = %q Module utilizes the Net-NTLMv2...

8AI score
Exploits0
Exploit DB
Exploit DB
added 2018/10/08 12:0 a.m.71 views

Imperva SecureSphere 13 - Remote Command Execution

Title: Imperva SecureSphere 13 - Remote Command Execution Author: rsp3ar Date: 2018-10-08 Vendor: https://www.imperva.com/products/securesphere/ CVE: N/A Version: 13.0.10, 13.1.10, 13.2.10 Tested on: SecureSphere Virtual Appliance Description PWS is a component in SecureSphere v13, which consists...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/10/08 12:0 a.m.72 views

FLIR Thermal Traffic Cameras 1.01-0bb5b27 - Information Disclosure

Title: FLIR Thermal Traffic Cameras 1.01-0bb5b27 - Information Disclosure Author: Gjoko 'LiquidWorm' Krstic Date: 2018-10-06 Vendor: FLIR Systems, Inc. Link: https://www.flir.com Tested on: nginx/1.12.1, nginx/1.10.2, nginx/1.8.0, Websocket/13 RFC 6455 Affected firmware version: V1.01-0bb5b27...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/10/08 12:0 a.m.53 views

Linux/x86 - execve(/bin/sh) + MMX/ROT13/XOR Shellcode (Encoder/Decoder) (104 bytes)

Linux/x86 - execve/bin/sh + MMX/ROT13/XOR Shellcode Encoder/Decoder 104 bytes. Shellcode exploit for Linuxx86 platform Title: Linux/x86 - execve/bin/sh + MMX/ROT13/XOR Shellcode Encoder/Decoder 104 bytes Author: Kartik Durg Date: 201-10-04 Shellcode Length: 104 BYTES Student-ID: SLAE-1233 Write-u...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/10/08 12:0 a.m.54 views

Linux/MIPS (Big Endian) - execve(/bin/sh) + Reverse TCP 192.168.2.157/31337 Shellcode (181 bytes)

Linux/MIPS Big Endian - execve/bin/sh + Reverse TCP 192.168.2.157/31337 Shellcode 181 bytes. Shellcode exploit for LinuxMIPS platform / Linux/MIPS Big Endian - execve/bin/sh + Reverse TCP 192.168.2.157/31337 Shellcode 181 bytes Author: cq674350529 Date: 2018-10-07 - execve'/bin/sh', tcp -...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/10/06 12:0 a.m.42 views

FLIR Thermal Traffic Cameras 1.01-0bb5b27 - RTSP Stream Disclosure

Exploit Title: FLIR Thermal Traffic Cameras 1.01-0bb5b27 - RTSP Stream Disclosure Author: Gjoko 'LiquidWorm' Krstic Date: 2018-10-06 Vendor: https://www.flir.com Link: https://www.flir.com/security/best-practices-for-cybersecurity/ CVE: N/A Tested on: nginx/1.12.1, nginx/1.10.2, nginx/1.8.0,...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/10/06 12:0 a.m.22 views

Chamilo LMS 1.11.8 - 'firstname' Cross-Site Scripting

Exploit Title: Chamilo LMS 1.11.8 - 'firstname' Cross-Site Scripting Author: Cakes Discovery Date: 2018-10-06 Vendor Homepage: https://chamilo.org Software Link: https://github.com/chamilo/chamilo-lms/releases/download/v1.11.8/chamilo-1.11.8-php5.zip Tested Version: 1.11.8 for php5 Tested on OS:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/10/05 12:0 a.m.114 views

Git Submodule - Arbitrary Code Execution (PoC)

These releases fix a security flaw CVE-2018-17456, which allowed an attacker to execute arbitrary code by crafting a malicious .gitmodules file in a project cloned with --recurse-submodules. When running "git clone --recurse-submodules", Git parses the supplied .gitmodules file for a URL field an...

9.8CVSS7AI score0.97356EPSS
Exploits12
Exploit DB
Exploit DB
added 2018/10/05 12:0 a.m.86 views

D-Link Central WiFiManager Software Controller 1.03 - Multiple Vulnerabilities

Core Security - Corelabs Advisory http://corelabs.coresecurity.com/ D-Link Central WiFiManager Software Controller Multiple Vulnerabilities 1. Advisory Information Title: D-Link Central WiFiManager Software Controller Multiple Vulnerabilities Advisory ID: CORE-2018-0010 Advisory URL:...

9.8CVSS7.4AI score0.3689EPSS
Exploits8
Exploit DB
Exploit DB
added 2018/10/05 12:0 a.m.21 views

Chamilo LMS 1.11.8 - Cross-Site Scripting

Exploit Title: Chamilo LMS 1.11.8 - Cross-Site Scripting Author: Cakes Discovery Date: 2018-10-05 Vendor Homepage: https://chamilo.org Software Link: https://github.com/chamilo/chamilo-lms/releases/download/v1.11.8/chamilo-1.11.8-php5.zip Tested Version: 1.11.8 for php5 Tested on OS: Kali Linux...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/10/05 12:0 a.m.30 views

Netis ADSL Router DL4322D RTK 2.1.1 - Cross-Site Request Forgery (Add Admin)

Exploit Title: Netis ADSL Router DL4322D RTK 2.1.1 - Cross-Site Request Forgery Add Admin Author: Cakes Discovery Date: 2018-10-01 Vendor Homepage: http://www.netis-systems.com Software Link: http://www.netis-systems.com/Home/detail/id/74.html Tested Version: RTK 2.1.1 Tested on OS: Kali Linux CV...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/10/05 12:0 a.m.25 views

ISPConfig < 3.1.13 - Remote Command Execution

Title: ISPConfig error'Invalid language.'; The regex checks if the language contains two lower-case characters. The problem is that everything that contains two a-z characters will match the regex. Developer probably missed the ^ $ on the regex to match the entire file. Since in the new versions ...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/10/04 12:0 a.m.26 views

virtualenv 16.0.0 - Sandbox Escape

Exploit Title: virtualenv 16.0.0 - Sandbox Escape Date: 2018-10-02 Exploit Author: vrsystem Vendor Homepage: https://virtualenv.pypa.io/en/stable/ Software Link: https://virtualenv.pypa.io/en/stable/ Version: 16.0.0 Tested on: kali linux CVE : CVE-2018-17793 1 Install root@kali:pip install...

6.6AI score
Exploits4
Exploit DB
Exploit DB
added 2018/10/04 12:0 a.m.47 views

Cisco Prime Infrastructure - (Unauthenticated) Remote Code Execution

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Cisco Prime Infrastructure Unauthenticated Remote Code Execution', 'Description' = %q Cisco Prime Infrastructure CPI contains two basic flaws that...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/10/04 12:0 a.m.66 views

LayerBB Forum 1.1.1 - 'search_query' SQL Injection

Exploit Title: LayerBB Forum 1.1.1 - 'searchquery' SQL Injection Exploit Author: Ihsan Sencan Dork: N/A Date: 2018-10-04 Vendor Homepage: https://layerbb.com/ Software Link: https://demo.layerbb.com/ Version: 1.1.1 Category: Webapps Tested on: WiN7x64/KaLiLinuXx64 CVE: N/A POC: 1 POST /search.php...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/10/04 12:0 a.m.21 views

NICO-FTP 3.0.1.19 - Buffer Overflow (SEH) (ASLR Bypass)

Title: NICO-FTP 3.0.1.19 - Buffer Overflow SEHASLR Date: 2018-10-04 Platforms: Windows Author: Miguel Mendez Z Vendor: Nico-FTP Version: 3.0.1.19 Tested on: Windows XPsp3 es/ Windows 7x86 eng !/usr/bin/python import struct Bad Byte: \x0a\x0b\x0c\x0d\x0e\x0f\x5d happy =...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/10/04 12:0 a.m.22 views

Linux/x86 - execve(/bin/sh) + NOT/SHIFT-N/XOR-N Encoded Shellcode (50 byes)

Linux/x86 - execve/bin/sh + NOT/SHIFT-N/XOR-N Encoded Shellcode 50 byes. Shellcode exploit for Linuxx86 platform / Title: Linux\x86 NOT +SHIFT-N+ XOR-N + encoded /bin/sh Shellcode 50 byes Author: Pedro Cabral Purpose: spawn /bin/sh shell Tested On: Ubuntu 16.04.01 LTS Arch: x86 Size: 50 bytes...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/10/03 12:0 a.m.29 views

Zechat 1.5 - 'uname' SQL Injection

Exploit Title: Zechat 1.5 - 'uname' SQL Injection Exploit Author: Ihsan Sencan Date: 2018-10-02 Dork: N/A Vendor Homepage: https://bylancer.com/ Software Link: https://bylancer.com/products/zechat-php-script/index.php Version: 1.5 Category: Webapps Tested on: WiN7x64/KaLiLinuXx64 CVE: N/A POC: 1...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/10/03 12:0 a.m.54 views

Airties AIR5342 1.0.0.18 - Cross-Site Scripting

Exploit Title: Airties AIR5342 1.0.0.18 - Cross-Site Scripting Date: 25-09-2018 Exploit Author: Ismail Tasdelen Vendor Homepage: https://www.airties.com/ Software http://www.airties.com.tr/support/dcenter/ Version: 1.0.0.18 Affected products: AIR5342, AIR5343v2, AIR5443v2, AIR5453, AIR5442,...

6.1CVSS6.2AI score0.02321EPSS
Exploits15
Exploit DB
Exploit DB
added 2018/10/03 12:0 a.m.38 views

RICOH MP C1803 JPN Printer - Cross-Site Scripting

Exploit Title: RICOH MP C1803 JPN Printer - Cross-Site Scripting Date: 2018-09-21 Exploit Author: Ismail Tasdelen Vendor Homepage: https://www.ricoh.com/ Hardware Link : https://www.ricoh.co.jp/mfp/mpc/1803/ Software : RICOH Printer Product Version: MP C1803 JPN Vulernability Type : Code Injectio...

6.1CVSS6.2AI score0.02324EPSS
Exploits9
Exploit DB
Exploit DB
added 2018/10/03 12:0 a.m.19 views

FTP Voyager 16.2.0 - Denial of Service (PoC)

Exploit Title: FTP Voyager 16.2.0 - Denial of Service PoC Author: Abdullah Alıç Discovey Date: 2018-10-2 Vendor notified : 2018-10-2 Homepage: https://www.serv-u.com/ Software Link: https://www.serv-u.com/ftp-voyager Tested Version: 16.2.0 Tested on OS: Windows XP Professional sp3 ENG Steps to...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/10/03 12:0 a.m.29 views

Joomla! Component Jimtawl 2.2.7 - 'id' SQL Injection

Exploit Title: Joomla! Component Jimtawl 2.2.7 - 'id' SQL Injection Exploit Author: Ihsan Sencan Dork: N/A Date: 2018-10-03 Vendor Homepage: https://janguo.de/ Software Link: https://extensions.joomla.org/extensions/extension/vertical-markets/thematic-directory/collection-factory/ Software...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/10/02 12:0 a.m.22 views

Coaster CMS 5.5.0 - Cross-Site Scripting

Exploit Title: Coaster CMS 5.5.0 - Cross-Site Scripting Date: 2018-10-01 Exploit Author: Ismail Tasdelen Vendor Homepage: https://www.web-feet.co.uk/ Software Link : https://github.com/Web-Feet/coastercms Software : Coaster CMS Product Version: v5.5.0 Vulernability Type : Cross-site Scripting...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/10/02 12:0 a.m.28 views

OPAC EasyWeb Five 5.7 - 'biblio' SQL Injection

Exploit Title: OPAC EasyWeb Five 5.7 - 'biblio' SQL Injection Dork: inurl:"index.php?scelta=campi" Date: 2018-10-02 Exploit Author: Dino Barlattani Vendor Homepage: http://www.nexusfi.it/ Software Link: http://www.nexusfi.it/easyweb.php Version: 5.7 Category: Webapps Platform: PHP CVE: N/A POC:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/10/02 12:0 a.m.28 views

OPAC EasyWeb Five 5.7 - 'nome' SQL Injection

Exploit Title: OPAC EasyWeb Five 5.7 - 'nome' SQL Injection Dork: N/A Exploit Author: Ihsan Sencan Date: 2018-10-02 Vendor Homepage: http://www.nexusfi.it/ Software Link: http://www.nexusfi.it/easyweb.php Version: 5.7 Category: Webapps Tested on: WiN7x64/KaLiLinuXx64 CVE: N/A POC: 1 POST...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2018/10/02 12:0 a.m.239 views

Linux Kernel < 4.11.8 - 'mq_notify: double sock_put()' Local Privilege Escalation

/ CVE-2017-11176: "mqnotify: double sockput" by LEXFO 2018. DISCLAIMER: The following code is for EDUCATIONAL purpose only. Do not use it on a system without authorizations. WARNING: The exploit WILL NOT work on your target, it requires modifications! Compile with: gcc -fpic -O0 -std=c99 -Wall...

7.8CVSS8.1AI score0.03631EPSS
Exploits8
Exploit DB
Exploit DB
added 2018/10/01 12:0 a.m.27 views

Binary MLM Software 1.0 - 'pid' SQL Injection

Exploit Title: Binary MLM Software 1.0 - 'pid' SQL Injection Dork: N/A Date: 2018-10-01 Exploit Author: Ihsan Sencan Vendor Homepage: http://mlmsoftwarez.in/ Software Link: http://mlmdemo.biz/binary/root.html Version: 1.0 Category: Webapps Tested on: WiN7x64/KaLiLinuXx64 CVE: N/A POC:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/10/01 12:0 a.m.20 views

Fork CMS 5.4.0 - Cross-Site Scripting

Exploit Title: Fork CMS 5.4.0 - Cross-Site Scripting Date: 2018-09-26 Exploit Author: Ismail Tasdelen Vendor Homepage: https://www.fork-cms.com/ Software Link : https://github.com/forkcms/forkcms Software : Fork 5.4.0 Product Version: 5.4.0 Vulernability Type : Code Injection Vulenrability : HTML...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/10/01 12:0 a.m.27 views

WUZHICMS 2.0 - Cross-Site Scripting

Title: WUZHICMS 2.0 - Cross-Site Scripting Author: Felipe "Renzi" Gabriel Date: 2018-10-01 Vendor: http://www.wuzhicms.com Software: WUZHICMS 2.0 CVE: CVE-2018-17832 Technical Details & Description: A Cross Site Scripting vulnerability has been discovered in the WUZHICMS 2.0 web-application. The...

6.1CVSS6.3AI score0.02273EPSS
Exploits5
Exploit DB
Exploit DB
added 2018/10/01 12:0 a.m.37 views

ManageEngine AssetExplorer 6.2.0 - Cross-Site Scripting

Exploit Title: ManageEngine AssetExplorer 6.2.0 - Cross-Site Scripting Date: 2018-09-26 Exploit Author: Ismail Tasdelen Vendor Homepage: https://www.manageengine.com/ Hardware Link : https://www.manageengine.com/products/asset-explorer/ Software : ZOHO Corp ManageEngine AssetExplorer 6.2.0 Produc...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2018/10/01 12:0 a.m.24 views

Snes9K 0.0.9z - Denial of Service (PoC)

Exploit Title: Snes9K 0.0.9z - Denial of Service PoC Date: 2018-09-28 Exploit Author: crashmanucoot Vendor Homepage: https://sourceforge.net/projects/snes9k/ Software Link: https://sourceforge.net/projects/snes9k/files/latest/download Version: 0.0.9z Tested on: Windows 7 Home Premium x86 SPANISH...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/10/01 12:0 a.m.20 views

Flippa Marketplace Clone 1.0 - 'date_started' SQL Injection

Exploit Title: Flippa Marketplace Clone 1.0 - 'datestarted' SQL Injection Dork: N/A Date: 2018-10-01 Exploit Author: Ihsan Sencan Vendor Homepage: http://scriptzee.com/ Software Link: http://scriptzee.com/products/details/15 Version: 1.0 Category: Webapps Tested on: WiN7x64/KaLiLinuXx64 CVE: N/A...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/10/01 12:0 a.m.20 views

Hotel Booking Engine 1.0 - 'h_room_type' SQL Injection

Exploit Title: Hotel Booking Engine 1.0 - 'hroomtype' SQL Injection Dork: N/A Exploit Author: Ihsan Sencan Date: 2018-10-01 Vendor Homepage: http://scriptzee.com/ Software Link: http://scriptzee.com/products/details/35 Version: 1.0 Category: Webapps Tested on: WiN7x64/KaLiLinuXx64 CVE: CVE-N/A PO...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/10/01 12:0 a.m.17 views

Education Website 1.0 - 'subject' SQL Injection

Exploit Title: Education Website 1.0 - 'subject' SQL Injection Dork: N/A Date: 2018-10-01 Exploit Author: Ihsan Sencan Vendor Homepage: http://scriptzee.com/ Software Link: http://scriptzee.com/products/details/34 Version: 1.0 Category: Webapps Tested on: WiN7x64/KaLiLinuXx64 CVE: N/A POC:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/10/01 12:0 a.m.27 views

Billion ADSL Router 400G 20151105641 - Cross-Site Scripting

Exploit Title: Billion ADSL Router 400G 20151105641 - Cross-Site Scripting Author: Cakes Discovery Date: 2018-09-30 Vendor Homepage: http://www.billion.com Software Link: http://billionfirmware.co.za Tested Version: 20151105641 Tested on OS: Kali Linux CVE: N/A Description: Improper input...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/10/01 12:0 a.m.31 views

Singleleg MLM Software 1.0 - 'msg_id' SQL Injection

Exploit Title: Singleleg MLM Software 1.0 - 'msgid' SQL Injection Dork: N/A Date: 2018-10-01 Exploit Author: Ihsan Sencan Vendor Homepage: http://mlmsoftwarez.in/ Software Link: http://mlmdemo.biz/singleleg/root.html Software Link: http://mlmdemo.biz/autopool/root.html Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/10/01 12:0 a.m.54 views

Zahir Enterprise Plus 6 build 10b - Buffer Overflow (SEH)

Exploit Title: Zahir Enterprise Plus 6 build 10b - Buffer Overflow SEH Google Dork: - Date: 2018-09-28 Exploit Author: modpr0be Vendor Homepage: http://www.zahiraccounting.com/ Software Link: http://zahiraccounting.com/files/zahir-accounting-6-free-trial.zip Version: 6 build 10b - Download here:...

7.8CVSS7.7AI score0.18968EPSS
Exploits8
Exploit DB
Exploit DB
added 2018/10/01 12:0 a.m.67 views

H2 Database 1.4.196 - Remote Code Execution

Exploit Title: H2 Database 1.4.196 - Remote Code Execution Google Dork: N/A Date: 2018-09-24 Exploit Author: h4ckNinja Vendor Homepage: https://www.h2database.com/ Software Link: http://www.h2database.com/h2-2018-03-18.zip Version: 1.4.196 and 1.4.197 Tested on: macOS/Linux CVE: N/A This takes...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/09/28 12:0 a.m.34 views

PCProtect 4.8.35 - Privilege Escalation

Exploit Title: PCProtect 4.8.35 - Privilege Escalation Date: 2018-09-11 Exploit Author: Hashim Jawad - @ihack4falafel Vendor Homepage: https://www.pcprotect.com/ Vulnerable Software: https://www.pcprotect.com/download Tested on: Windows 7 Enterprise SP1 x64 Description: PCProtect Anti-Virus v4.8....

7AI score
Exploits0
Exploit DB
Exploit DB
added 2018/09/27 12:0 a.m.52 views

ManageEngine Desktop Central 10.0.271 - Cross-Site Scripting

Exploit Title: ManageEngine Desktop Central 10.0.271 - Cross-Site Scripting Date: 2018-09-11 Exploit Author: Ismail Tasdelen Vendor Homepage: https://www.manageengine.com/ Hardware Link : https://www.manageengine.com/products/desktop-central/ Software : ZOHO Corp ManageEngine Desktop Central 10...

6.1CVSS6.3AI score0.65406EPSS
Exploits6
Total number of security vulnerabilities47904