Lucene search
K
ExploitdbRecent

47904 matches found

Exploit DB
Exploit DB
added 2018/08/29 12:0 a.m.41 views

Windows/x64 (10) - WoW64 Egghunter (w00tw00t) Shellcode (50 bytes)

Windows/x64 10 - WoW64 Egghunter w00tw00t Shellcode 50 bytes. Shellcode exploit for Windowsx86-64 platform include include include include using namespace std; / Title: WoW64Egghunter for Windows 10 32bit apps on 64bit Windows 10 Size: 50 bytes Date: 26/08/2018 Author: n30m1nd -...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/08/28 12:0 a.m.33 views

Instagram App 41.1788.50991.0 - Denial of Service (PoC)

Exploit Title: Instagram App 41.1788.50991.0 - Denial of Service PoC Exploit Author : Ali Alipour Date: 2018-08-25 Vendor Homepage : https://www.instagram.com/ Software Link Download : https://www.microsoft.com/en-us/p/instagram/9nblggh5l9xt?ocid=blitzwindowsblog&activetab=pivot%3aoverviewtab Abo...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/08/28 12:0 a.m.51 views

Microsoft Windows - Advanced Local Procedure Call (ALPC) Local Privilege Escalation

Note: PoC will now hijack the print spooler service - spoolsv.exe - as it required less code then hijacking printfilterpipelinesvc.exe, which was shown in the original video demo Description of the vulnerability The task scheduler service has an alpc endpoint, supporting the method...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/08/28 12:0 a.m.45 views

Microsoft Windows - JScript RegExp.lastIndex Use-After-Free

alert'start'; var vars = ; var r = new RegExp; forvar i=0; i20000; i++ varsi = "aaaaa"; r.lastIndex = "aaaaa"; for...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/08/28 12:0 a.m.30 views

Cisco Network Assistant 6.3.3 - 'Cisco Login' Denial of Service (PoC)

Exploit Title: Cisco Network Assistant 6.3.3 - 'Cisco Login' Denial of Service PoC Discovery by: Luis Martinez Discovery Date: 2018-08-27 Vendor Homepage: https://www.cisco.com/ Software Link : https://software.cisco.com/download/home/286277276/type/280775097/release/6.3.3 Tested Version: 6.3.3...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/08/28 12:0 a.m.83 views

VirtualBox 5.2.6.r120293 - VM Escape

Oracle fixed some of the issues I reported in VirtualBox during the Oracle Critical Patch Update - April 2018. CVE-2018-2844 was an interesting double fetch vulnerability in VirtualBox Video Acceleration VBVA feature affecting Linux hosts. VBVA feature works on top of VirtualBox Host-Guest Shared...

8.8CVSS7AI score0.01058EPSS
Exploits3
Exploit DB
Exploit DB
added 2018/08/27 12:0 a.m.41 views

CuteFTP 5.0 - Buffer Overflow

Exploit Title: CuteFTP 5.0 - Buffer Overflow Author: Matteo Malvica Date: 2018-08-26 Vendor homepage: www.globalscape.com Software: CuteFTP 5.0.4 XP - build 54.8.6.1 Software Link: http://installer.globalscape.com/pub/cuteftp/archive/english/cuteftp50.exe Tested on: Windows XP Profesional SP3...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/08/27 12:0 a.m.35 views

Firefox 55.0.3 - Denial of Service (PoC)

Exploit Title: Firefox 55.0.3 - Denial of Service PoC Date: 2018-08-26 Exploit Author: L0RD Vendor Homepage: mozilla.org Software Link: https://www.mozilla.org/en-US/firefox/55.0.3/releasenotes/ Version: 55.0.3 Tested on: Windows 10 CVE: N/A Description : An issue was discovered in firefox 55.0.3...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/08/27 12:0 a.m.64 views

RICOH MP C4504ex Printer - Cross-Site Request Forgery (Add Admin)

Exploit Title: RICOH MP C4504ex Printer - Cross-Site Request Forgery Add Admin Date: 2018-08-21 Exploit Author: Ismail Tasdelen Vendor Homepage: https://www.ricoh.com/ Hardware Link :...

8.8CVSS8.8AI score0.02505EPSS
Exploits5
Exploit DB
Exploit DB
added 2018/08/27 12:0 a.m.52 views

Trend Micro Enterprise Mobile Security 2.0.0.1700 - 'Servidor' Denial of Service (PoC)

Exploit Title: Trend Micro Enterprise Mobile Security 2.0.0.1700 - 'Servidor' Denial of Service PoC Discovery by: Luis Martinez Discovery Date: 2018-08-26 Vendor Homepage: https://www.trendmicro.com/ense/business/products/user-protection/sps/mobile.html Software Link: App Store for iOS devices...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/08/27 12:0 a.m.64 views

Libpango 1.40.8 - Denial of Service (PoC)

Exploit Title: Libpango 1.40.8 - Denial of Service PoC Date: 2018-08-06 Exploit Author: Jeffery M Vendor Homepage: https://www.pango.org/ Software Link: http://ftp.gnome.org/pub/GNOME/sources/pango/1.40/pango-1.40.9.tar.xz Version: 1.40.8+ Tested on: Windows 7, Gentoo CVE : CVE-2018-15120 Patch :...

6.5CVSS6.8AI score0.11499EPSS
Exploits5
Exploit DB
Exploit DB
added 2018/08/27 12:0 a.m.50 views

Electron WebPreferences - Remote Code Execution

CVE-2018-15685 - Electron WebPreferences Remote Code Execution This is a minimal Electron application with a POC for CVE-2018-15685. A remote code execution vulnerability has been discovered affecting apps with the ability to open nested child windows on Electron versions 3.0.0-beta.6, 2.0.7,...

8.1CVSS7AI score0.10427EPSS
Exploits4
Exploit DB
Exploit DB
added 2018/08/27 12:0 a.m.31 views

Adobe Flash - AVC Processing Out-of-Bounds Read

The attached fuzz file causes an out-of-bounds read in AVC processing. To reproduce the issue, put both attached files on a server, and vist: http://127.0.0.1/LoadMP4.swf?file=transpose.mp4 This issue reproduces on Chrome and Firefox for Linux. Proof of Concept:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/08/27 12:0 a.m.197 views

Foxit PDF Reader 9.0.1.1049 - Pointer Overwrite Use-After-Free (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Foxit PDF Reader Pointer Overwrite UAF', 'Description' = %q Foxit PDF Reader v9.0.1.1049 has a Use-After-Free vulnerability in the Text Annotatio...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/08/27 12:0 a.m.99 views

LiteCart 2.1.2 - Arbitrary File Upload

Exploit Title: LiteCart 2.1.2 - Arbitrary File Upload Date: 2018-08-27 Exploit Author: Haboob Team Software Link: https://www.litecart.net/downloading?version=2.1.2 Version: 2.1.2 CVE : CVE-2018-12256 1. Description admin/vqmods.app/vqmods.inc.php in LiteCart 2.1.2 allows remote authenticated...

8.8CVSS8.8AI score0.02599EPSS
Exploits4
Exploit DB
Exploit DB
added 2018/08/27 12:0 a.m.41 views

Sentrifugo HRMS 3.2 - 'deptid' SQL Injection

Exploit Title: Sentrifugo HRMS 3.2 - 'deptid' SQL Injection Exploit Author: Javier Olmedo Website: https://hackpuntes.com Date: 2018-08-26 Google Dork: N/A Vendor: http://www.sapplica.com Software Link: http://www.sentrifugo.com/download Affected Version: 3.2 and possibly before Patched Version:...

9.8CVSS9.7AI score0.01135EPSS
Exploits5
Exploit DB
Exploit DB
added 2018/08/27 12:0 a.m.59 views

HP Jetdirect - Path Traversal Arbitrary Code Execution (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require "rex/proto/pjl" class MetasploitModule 'HP Jetdirect Path Traversal Arbitrary Code Execution', 'Description' = %q The module exploits a path traversal via...

10CVSS7.4AI score0.84614EPSS
Exploits6
Exploit DB
Exploit DB
added 2018/08/27 12:0 a.m.60 views

Responsive FileManager < 9.13.4 - Directory Traversal

The following vulnerabilities were fixed in the version 9.13.4. https://responsivefilemanager.com 1 Path Traversal Allows to Read Any File Reserved CVE: CVE-2018-15535 Discovered By: Simon Uvarov Vendor Status: Fixed Details: The following request allows a user to read any file on the system. GET...

7.5CVSS6.4AI score0.45242EPSS
Exploits6
Exploit DB
Exploit DB
added 2018/08/27 12:0 a.m.53 views

WordPress Plugin Plainview Activity Monitor 20161228 - (Authenticated) Command Injection

!-- Wordpress Plainview Activity Monitor RCE + Version: 20161228 and possibly prior + Description: Combine OS Commanding and CSRF to get reverse shell + Author: LydAcric LEFEBVRE + CVE-ID: CVE-2018-15877 + Usage: Replace 127.0.0.1 & 9999 with you ip...

9CVSS7AI score0.7699EPSS
Exploits11
Exploit DB
Exploit DB
added 2018/08/27 12:0 a.m.47 views

Seagate Personal Cloud SRN21C 4.3.16.0 / 4.3.18.0 - SQL Injection

------------------------------------------------------------------------ Seagate Media Server multiple SQL injection vulnerabilities ------------------------------------------------------------------------ Yorick Koster, September 2017...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/08/27 12:0 a.m.60 views

Gleez CMS 1.2.0 - Cross-Site Request Forgery (Add Admin)

Exploit Title: Gleez CMS 1.2.0 - Cross-Site Request Forgery Add Admin Date: 2018-08-24 Exploit Author: GunEggWang Vendor Homepage: https://gleezcms.org/ Software Link: https://github.com/gleez/cms Version: 1.2.0 CVE : CVE-2018-15845 Description: There is a CSRF vulnerability that can add an...

8.8CVSS8.8AI score0.02331EPSS
Exploits4
Exploit DB
Exploit DB
added 2018/08/26 12:0 a.m.40 views

WordPress Plugin Gift Voucher 1.0.5 - (Authenticated) 'template_id' SQL Injection

Exploit Title: WordPress Plugin Gift Voucher 1.0.5 - 'templateid' SQL Injection Google Dork: intext:"/wp-content/plugins/gift-voucher/" Date: 2018-08-23 Exploit Author: Renos Nikolaou Software Link: https://wordpress.org/plugins/gift-voucher/ Vendor Homepage: http://www.codemenschen.at/ Version:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/08/26 12:0 a.m.64 views

ManageEngine ADManager Plus 6.5.7 - Cross-Site Scripting

Exploit Title: ManageEngine ADManager Plus 6.5.7 - Cross-Site Scripting Date: 2018-08-21 Exploit Author: Ismail Tasdelen Vendor Homepage: https://www.manageengine.com/ Hardware Link : https://www.manageengine.com/products/ad-manager/ Software : ZOHO Corp ManageEngine ADManager Plus Product Versio...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/08/26 12:0 a.m.135 views

Apache Struts 2.3 < 2.3.34 / 2.5 < 2.5.16 - Remote Code Execution (1)

!/usr/bin/env python3 coding=utf-8 struts-pwn: Apache Struts CVE-2018-11776 Exploit Author: Mazin Ahmed This code uses a payload from: https://github.com/jas502n/St2-057 import argparse import random import requests import sys try: from urllib import parse as urlparse except ImportError: import...

9.3CVSS8.5AI score0.99993EPSS
Exploits41
Exploit DB
Exploit DB
added 2018/08/25 12:0 a.m.44 views

ManageEngine ADManager Plus 6.5.7 - HTML Injection

Exploit Title: ManageEngine ADManager Plus 6.5.7 - HTML Injection Date: 2018-08-21 Exploit Author: Ismail Tasdelen Vendor Homepage: https://www.manageengine.com/ Hardware Link : https://www.manageengine.com/products/ad-manager/ Software : ZOHO Corp ManageEngine ADManager Plus Product Version: 6.5...

6.1CVSS6.3AI score0.0247EPSS
Exploits3
Exploit DB
Exploit DB
added 2018/08/25 12:0 a.m.68 views

UltimatePOS 2.5 - Remote Code Execution

Exploit Title: UltimatePOS 2.5 - Remote Code Execution Google Dork: intext:"UltimatePOS" Date: 2018-08-22 Exploit Author: Renos Nikolaou Vendor Homepage: http://ultimatefosters.com/ Software Link: https://codecanyon.net/item/saas-superadmin-module-for-ultimatepos-advance/22394431 Version: 2.5...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/08/25 12:0 a.m.74 views

Apache Struts 2.3 < 2.3.34 / 2.5 < 2.5.16 - Remote Code Execution (2)

!/usr/bin/python -- coding: utf-8 -- hook-s3c github.com/hook-s3c, @hooks3c on twitter import sys import urllib import urllib2 import httplib def exploithost,cmd: print "Execute: ".formatcmd ognlpayload = "$" ognlpayload += "memberAccess'allowStaticMethodAccess'=true." ognlpayload +=...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/08/24 12:0 a.m.63 views

Vox TG790 ADSL Router - Cross-Site Request Forgery (Add Admin)

Title: Vox TG790 ADSL Router - Cross-Site Request Forgery Add Admin Author: Cakes Exploit Date: 2018-08-01 Vendor: Vox Telecom Link: https://www.vox.co.za/ Firmware Version: 6.2.W.1 CVE: N/A Description Due to improper session management low privilege users are able to create administrator accoun...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/08/24 12:0 a.m.67 views

SkypeApp 12.8.487.0 - 'Cuenta de Skype o Microsoft' Denial of Service (PoC)

Exploit Title: SkypeApp 12.8.487.0 - 'Cuenta de Skype o Microsoft' Denial of Service PoC Discovery by: Luis Martinez Discovery Date: 2018-08-23 Vendor Homepage: https://www.skype.com/es/home/ Tested Version: 12.8.487.0 Vulnerability Type: Denial of Service DoS Local Tested on OS: Windows 10 Pro x...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/08/23 12:0 a.m.38 views

StyleWriter 4 1.0 - Denial of Service (PoC)

Exploit Title: StyleWriter 4 1.0 - Denial of Service PoC Author: Gionathan "John" Reale Discovey Date: 2018-08-23 Homepage: http://www.editorsoftware.com Software Link: http://www.editorsoftware.com/StyleWriterDownload.php Tested Version: 1.0 Tested on OS: Windows 7 32-bit Steps to Reproduce: Run...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/08/23 12:0 a.m.62 views

Twitter-Clone 1 - 'code' SQL Injection

Exploit Title: Twitter-Clone 1 - 'code' SQL Injection Date: 2018-08-22 Exploit Author: L0RD Vendor Homepage: https://github.com/Fyffe/PHP-Twitter-Clone/ Version: 1 CVE: N/A Tested on: Win 10 vulnerable files : mailactivation.php , stalkers.php , search.php vulnerable parameters : name , code , id...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/08/23 12:0 a.m.24 views

PCViewer vt1000 - Directory Traversal

Exploit Title: PCViewer vt1000 - Directory Traversal Exploit Author: Berk Dusunur Google Dork: N/A Type: Hardware Date: 2018-07-21 Vendor Homepage: N/A Software Link: http://www.softpedia.com/get/System/File-Management/Pc-Viewer.shtml Affected Version: vt1000 Tested on: Parrot OS CVE : N/A Proof ...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/08/23 12:0 a.m.40 views

CuteFTP 8.3.1 - Denial of Service (PoC)

Exploit Title : CuteFTP 8.3.1 - Denial Of Service PoC Exploit Author : Ali Alipour WebSite : Alipour.it Date: 2018-08-22 Vendor Homepage : http://www.cuteftp.com/ Software Link Download : https://filehippo.com/downloadcuteftppro/4518/ Tested on : Windows 10 - 64-bit Steps to Reproduce Run the...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2018/08/23 12:0 a.m.58 views

Epiphany Web Browser 3.28.1 - Denial of Service (PoC)

Exploit Title: Epiphany Web Browser 3.28.1 - Denial of Service PoC Author: Dhiraj Mishra Date: 2018-08-23 Software: https://projects-old.gnome.org/epiphany/ Version: 3.28.1 CVE: N/A Tested on: Ubuntu 18 64bit Steps to reproduce: 1. Open epiphany browser 2. Bookmark any random page 3. Then navigat...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/08/22 12:0 a.m.30 views

Softdisk 3.0.3 - Denial Of Service (PoC)

Exploit Title: Softdisk 3.0.3 - Denial Of Service PoC Author: Gionathan "John" Reale Discovey Date: 2018-08-22 Homepage: http://www.ezbsystems.com/ Software Link: https://www.ezbsystems.com/softdisc/download.htm Tested Version: 3.0.3 Tested on OS: Windows 7 32-bit Steps to Reproduce: Run the pyth...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/08/22 12:0 a.m.40 views

Geutebrueck re_porter 16 - Cross-Site Scripting

Exploit Title: Geutebrueck reporter 16 - Cross-Site Scripting Date: 2018-08-03 Exploit Author: Kamil Suska Vendor: https://www.geutebrueck.com/enUS.html Link: https://www.sourcesecurity.com/geutebruck-re-porter-16-technical-details.html Version: prior 7.8.974.20 CVE-2018-15533 Attack Vectors...

6.1CVSS6.3AI score0.02606EPSS
Exploits5
Exploit DB
Exploit DB
added 2018/08/22 12:0 a.m.44 views

KingMedia 4.1 - File Upload

Exploit Title: KingMedia 4.1 - Remote Code Execution Author: Efren Diaz Exploit Date: 2018-08-15 Software: KingMedia Version: 1.x, 2.x, 3.x, 4.1 Link: https://codecanyon.net/item/king-media-video-image-upload-and-share/7877877 CVE: N/A \n\n"; echo " -target: http://site.com/... required\n"; echo ...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2018/08/22 12:0 a.m.57 views

Ghostscript - Multiple Vulnerabilities

http://seclists.org/oss-sec/2018/q3/142 These are critical and trivial remote code execution bugs in things like ImageMagick, Evince, GIMP, and most other PDF/PS tools. ---- Hello, this was discussed on the distros list, but it was suggested to move discussion to oss-security. You might recall I...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2018/08/22 12:0 a.m.197 views

Microsoft Windows 10 - Diagnostics Hub Standard Collector Service Privilege Escalation

SystemCollector PoC for Privilege Escalation in Windows 10 Diagnostics Hub Standard Collector Service Affected Products Windows 10 Windows Server Windows Server 2016 Visual Studio 2015 Update 3 Visual Studio 2017 Summary The Diagnostics Hub Packaging library, used by Windows Standard Collector...

7.8CVSS7AI score0.06232EPSS
Exploits4
Exploit DB
Exploit DB
added 2018/08/22 12:0 a.m.86 views

Textpad 7.6.4 - Denial Of Service (PoC)

Exploit Title: Textpad 7.6.4 - Denial Of Service PoC Author: Gionathan "John" Reale Discovey Date: 2018-08-22 Homepage: https://textpad.com Software Link: https://textpad.com/download/v76/win32/txpeng764-32.zip Tested Version: 7.6.4 Tested on OS: Windows 7 32-bit Steps to Reproduce: Run the pytho...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/08/22 12:0 a.m.47 views

ZyXEL VMG3312-B10B - Cross-Site Scripting

Exploit Title: ZyXEL VMG3312-B10B - Cross-Site Scripting Date: 2018-08-21 Exploit Author: Samet ŞAHİN Vendor Homepage: https://www.zyxel.com/ Software Link: ftp://ftp.zyxel.com.tr/ZyXELURUNLERI/MODEMLER/VDSLMODEMLER/VMG3312-B10B/ Version: ZyXEL VMG3312-B10B Tested on: Mozilla Firefox 61.0.2 &...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/08/22 12:0 a.m.46 views

Easyboot 6.6.0 - Denial Of Service (PoC)

Exploit Title: Easyboot 6.6.0 - Denial Of Service PoC Author: Gionathan "John" Reale Discovey Date: 2018-08-22 Homepage: http://www.ezbsystems.com/ Software Link: http://www.ezbsystems.com/easyboot/download.htm Tested Version: 6.6.0 Tested on OS: Windows 7 32-bit Steps to Reproduce: Run the pytho...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/08/22 12:0 a.m.68 views

Geutebrueck re_porter 7.8.974.20 - Credential Disclosure

Exploit Title: Geutebrueck reporter 7.8.974.20 - Credential Disclosure Date: 2018-08-03 Exploit Author: Kamil Suska Vendor: https://www.geutebrueck.com/enUS.html Link: https://www.sourcesecurity.com/geutebruck-re-porter-16-technical-details.html Version: prior 7.8.974.20 CVE-2018-15534 PoC GET...

9.8CVSS9.6AI score0.32447EPSS
Exploits5
Exploit DB
Exploit DB
added 2018/08/22 12:0 a.m.32 views

UltraISO 9.7.1.3519 - Denial Of Service (PoC)

Exploit Title : UltraISO 9.7.1.3519 - Denial Of Service PoC Exploit Author : Ali Alipour WebSite : Alipour.it Date: 2018-08-22 Vendor Homepage : https://www.ultraiso.com Software Link Download : https://www.ultraiso.com/download.html Tested on : Windows 10 - 64-bit Steps to Reproduce Run the pyth...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/08/22 12:0 a.m.60 views

Project64 2.3.2 - Buffer Overflow (SEH)

Exploit Title: Project64 2.3.2 - Local BufferOverflow SEH Date: 2018-08-21 Author: Shubham Singh Known As: Spirited Wolf Twitter: @Pwsecspirit Software Link:https://www.pj64-emu.com/download/project64-latest Tested Version: 2.3.2 Tested on OS: Windows XP Service Pack 3 x86 , Windows 7 ultimate x8...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/08/21 12:0 a.m.6550 views

OpenSSH 2.3 < 7.7 - Username Enumeration

Exploit: OpenSSH 7.7 - Username Enumeration Author: Justin Gardner Date: 2018-08-20 Software: https://ftp4.usa.openbsd.org/pub/OpenBSD/OpenSSH/openssh-7.7.tar.gz Affected Versions: OpenSSH version 7.7 CVE: CVE-2018-15473 / \ / / | | | | | | | | | | | || | | | | | ' \ / \ ' \ \ \ | | | || | | | /...

5.9CVSS6.3AI score0.98631EPSS
Exploits23
Exploit DB
Exploit DB
added 2018/08/21 12:0 a.m.51 views

WordPress Plugin Ninja Forms 3.3.13 - CSV Injection

Exploit Title: Wordpress Plugin Ninja Forms 3.3.13 - CSV Injection Exploit Author: Mostafa Gharzi Website: https://www.certcc.ir Date: 2018-08-19 Google Dork: N/A Vendor: The WP Ninjas Software Link: https://wordpress.org/plugins/ninja-forms/ Affected Version: 3.3.13 and before Active...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/08/21 12:0 a.m.25 views

Twitter-Clone 1 - 'userid' SQL Injection

Exploit Title: Twitter-Clone 1 - 'userid' SQL Injection Date: 2018-08-21 Exploit Author: L0RD Vendor Homepage: https://github.com/Fyffe/PHP-Twitter-Clone/ Version: 1 CVE: N/A Tested on: Win 10 POC : SQLi vulnerable files : follow.php , index.php vulnerable parameters : userid , username 1...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/08/21 12:0 a.m.39 views

Project64 2.3.2 - Denial Of Service (PoC)

Exploit Title: Project64 2.3.2 - Denial Of Service PoC. Author: Gionathan "John" Reale Discovey Date: 2018-08-21 Homepage: https://www.pj64-emu.com Software Link:https://www.pj64-emu.com/download/project64-latest Tested Version: 2.3.2 Tested on OS: Windows 7 32-bit Steps to Reproduce: Run the...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/08/21 12:0 a.m.27 views

Twitter-Clone 1 - Cross-Site Request Forgery (Delete Post)

Exploit Title: Twitter-Clone 1 - Cross-Site Request Forgery Delete Post Date: 2018-08-21 Exploit Author: L0RD Vendor Homepage: https://github.com/Fyffe/PHP-Twitter-Clone/ Version: 1 CVE: N/A Tested on: Win 10 Description : An issue was discovered in Twitter-Clone 1 which allows a remote attacker ...

7.4AI score
Exploits0
Total number of security vulnerabilities47904