Lucene search
K
ExploitdbRecent

47904 matches found

Exploit DB
Exploit DB
added 2018/04/26 12:0 a.m.23 views

Allok AVI to DVD SVCD VCD Converter 4.0.1217 - Buffer Overflow (SEH)

Exploit Title: Allok AVI to DVD SVCD VCD Converter 4.0.1217 - Buffer Overflow SEH Date: 25.04.2018 Exploit Author:T3jv1l Vendor Homepage:http://www.alloksoft.com/ Software: www.alloksoft.com/allokavi2dvd.exe Category:Local Contact:https://twitter.com/T3jv1l Version: Allok AVI to DVD SVCD VCD...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/04/26 12:0 a.m.29 views

GitList 0.6 - Remote Code Execution

''' Exploit Title: GitList 0.6 Unauthenticated RCE Date: 25-04-2018 Software Link: https://github.com/klaussilveira/gitlist Exploit Author: Kacper Szurek Contact: https://twitter.com/KacperSzurek Website: https://security.szurek.pl/ Category: remote 1. Description Bypass/Exploit escapeshellarg...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2018/04/26 12:0 a.m.31 views

MyBB Threads to Link Plugin 1.3 - Cross-Site Scripting

Exploit Title: MyBB Threads to Link Plugin v1.3 - Persistent XSS Date: 3/15/2018 Author: 0xB9 Contact: luxorforums.com/User-0xB9 or 0xB9atprotonmail.com Software Link: https://community.mybb.com/mods.php?action=view&pid=1065 Version: v1.3 Tested on: Ubuntu 17.10 CVE: CVE-2018-10365 1. Description...

5.4CVSS5.6AI score0.01581EPSS
Exploits3
Exploit DB
Exploit DB
added 2018/04/26 12:0 a.m.39 views

SickRage < v2018.03.09 - Clear-Text Credentials HTTP Response

Exploit Title: SickRage v2018.03.09 - Clear-Text Credentials HTTP Response Date: 2018-04-01 Exploit Author: Sven Fassbender Vendor Homepage: https://sickrage.github.io Software Link: https://github.com/SickRage/SickRage Version: v2018.03.09-1 CVE : CVE-2018-9160 Category: webapps 1. Background...

9.8CVSS9.6AI score0.76519EPSS
Exploits7
Exploit DB
Exploit DB
added 2018/04/26 12:0 a.m.43 views

Jfrog Artifactory < 4.16 - Arbitrary File Upload / Remote Command Execution

Exploit Title: Jfrog Artifactory alert/Vulnerable/" within the file app.html : POST /artifactory/ui/artifact/upload HTTP/1.1 Host: removed User-Agent: removed Accept: text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate...

9.8CVSS9.7AI score0.24218EPSS
Exploits5
Exploit DB
Exploit DB
added 2018/04/26 12:0 a.m.96 views

WordPress Plugin WP with Spritz 1.0 - Remote File Inclusion

Exploit Title: WordPress Plugin WP with Spritz 1.0 - Remote File Inclusion Date: 2018-04-25 Exploit Author: Wadeek Software Link: https://downloads.wordpress.org/plugin/wp-with-spritz.zip Software Version: 1.0 Google Dork: intitle:"Spritz Login Success" AND...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/04/25 12:0 a.m.39 views

Shopy Point of Sale 1.0 - CSV Injection

Exploit Title: Shopy Point of Sale v1.0 - CSV Injection Date: 2018-04-23 Exploit Author: 8bitsec CVE: CVE-2018-10258 Vendor Homepage: https://codecanyon.net/ Software Link: https://codecanyon.net/item/shopy-point-of-sales/21730225 Version: 1.0 Tested on: Kali Linux 2.0 | Mac OS 10.13 Release Date...

8.8CVSS8.9AI score0.07459EPSS
Exploits5
Exploit DB
Exploit DB
added 2018/04/25 12:0 a.m.29 views

Chrome V8 JIT - 'AwaitedPromise' Update Bug

/ Here's a snippet of AsyncGeneratorReturn. https://cs.chromium.org/chromium/src/v8/src/builtins/builtins-async-generator-gen.cc?rcl=bcd1365cf7fac0d7897c43b377c143aae2d22f92&l=650 Node const context = ParameterDescriptor::kContext; Node const outerpromise = LoadPromiseFromAsyncGeneratorRequestreq...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/04/25 12:0 a.m.30 views

HRSALE The Ultimate HRM 1.0.2 - Local File Inclusion

Exploit Title: HRSALE The Ultimate HRM v1.0.2 - Local File Inclusion Date: 2018-04-23 Exploit Author: 8bitsec CVE: CVE-2018-10260 Vendor Homepage: https://codecanyon.net/ Software Link: https://codecanyon.net/item/hrsale-the-ultimate-hrm/21665619 Version: 1.0.2 Tested on: Kali Linux 2.0 | Mac OS...

8.8CVSS8.8AI score0.05751EPSS
Exploits5
Exploit DB
Exploit DB
added 2018/04/25 12:0 a.m.36 views

HRSALE The Ultimate HRM 1.0.2 - 'award_id' SQL Injection

Exploit Title: HRSALE The Ultimate HRM v1.0.2 - 'awardid' SQL Injection Date: 2018-04-23 Exploit Author: 8bitsec CVE: CVE-2018-10256 Vendor Homepage: https://codecanyon.net/ Software Link: https://codecanyon.net/item/hrsale-the-ultimate-hrm/21665619 Version: 1.0.2 Tested on: Kali Linux 2.0 | Mac ...

8.8CVSS8.8AI score0.02582EPSS
Exploits5
Exploit DB
Exploit DB
added 2018/04/25 12:0 a.m.42 views

HRSALE The Ultimate HRM 1.0.2 - (Authenticated) Cross-Site Scripting

Exploit Title: HRSALE The Ultimate HRM 1.0.2 - Authenticated Cross Site Scripting Date: 2018-04-23 Exploit Author: 8bitsec CVE: CVE-2018-10259 Vendor Homepage: https://codecanyon.net/ Software Link: https://codecanyon.net/item/hrsale-the-ultimate-hrm/21665619 Version: 1.0.2 Tested on: Kali Linux...

5.4CVSS5.6AI score0.01613EPSS
Exploits5
Exploit DB
Exploit DB
added 2018/04/25 12:0 a.m.43 views

Blog Master Pro 1.0 - CSV Injection

Exploit Title: Blog Master Pro v1.0 - CSV Injection Date: 2018-04-23 Exploit Author: 8bitsec CVE: CVE-2018-10255 Vendor Homepage: https://codecanyon.net/ Software Link: https://codecanyon.net/item/blog-master-pro/21689781 Version: 1.0 Tested on: Kali Linux 2.0 | Mac OS 10.13 Release Date:...

8.8CVSS8.8AI score0.071EPSS
Exploits4
Exploit DB
Exploit DB
added 2018/04/25 12:0 a.m.46 views

HRSALE The Ultimate HRM 1.0.2 - CSV Injection

Exploit Title: HRSALE The Ultimate HRM 1.0.2 - CSV Injection Date: 2018-04-23 Exploit Author: 8bitsec CVE: CVE-2018-10257 Vendor Homepage: https://codecanyon.net/ Software Link: https://codecanyon.net/item/hrsale-the-ultimate-hrm/21665619 Version: 1.0.2 Tested on: Kali Linux 2.0 | Mac OS 10.13...

8.8CVSS8.8AI score0.04333EPSS
Exploits4
Exploit DB
Exploit DB
added 2018/04/25 12:0 a.m.38 views

Chrome V8 JIT - Arrow Function Scope Fixing Bug

/ When the parser parses the parameter list of an arrow function contaning destructuring assignments, it can't distinguish whether the assignments will be actually in the parameter list or just assignments until it meets a "=" token. So it first assigns the destructuring assignments to the outer...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/04/25 12:0 a.m.152 views

Drupal < 7.58 - 'Drupalgeddon3' (Authenticated) Remote Code Execution (PoC)

This is a sample of exploit for Drupal 7 new vulnerability SA-CORE-2018-004 / CVE-2018-7602. You must be authenticated and with the power of deleting a node. Some other forms may be vulnerable : at least, all of forms that is in 2-step form then confirm. POST...

9.8CVSS9.9AI score0.99236EPSS
Exploits14
Exploit DB
Exploit DB
added 2018/04/24 12:0 a.m.30 views

Linux/x86 - execve(/bin/sh) + ROT-13 + RShift-2 + XOR Encoded Shellcode (44 bytes)

Linux/x86 - execve/bin/sh + ROT-13 + RShift-2 + XOR Encoded Shellcode 44 bytes. Shellcode exploit for Linuxx86 platform / ; Title : Execve /bin/sh Shellcode encoded with ROT-13 + RShift-2 + XOR ; Date : April, 2018 ; Author : Nuno Freitas ; Blog Post :...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/04/24 12:0 a.m.193 views

Linux/x86 - Edit /etc/sudoers (ALL ALL=(ALL) NOPASSWD: ALL) For Full Access + Null-Free Shellcode (79 bytes)

Linux/x86 - Edit /etc/sudoers ALL ALL=ALL NOPASSWD: ALL For Full Access + Null-Free Shellcode 79 bytes. Shellcode exploit for Linuxx86 platform / Title: Edit /etc/sudoers with NOPASSWD for ALL Date: 2018-04-19 Author: absolomb Website: https://www.sploitspren.com SLAE-ID: 1208 Purpose: edit...

0.2AI score
Exploits0
Exploit DB
Exploit DB
added 2018/04/24 12:0 a.m.32 views

Linux/x86 - Reverse (127.1.1.1:5555/TCP) Shell Shellcode (73 Bytes)

Linux/x86 - Reverse 127.1.1.1:5555/TCP Shell Shellcode 73 Bytes. Shellcode exploit for Linuxx86 platform / Linux x86 Reverse TCP shellcode 127.1.1.1/5555 Shellcode Author: Anurag Srivastava Shellcode Length: 73 Student-ID: SLAE-1219 Note...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/04/24 12:0 a.m.74 views

Linux/x86 - chmod 4755 /bin/dash Shellcode (33 bytes)

Linux/x86 - chmod 4755 /bin/dash Shellcode 33 bytes. Shellcode exploit for Linuxx86 platform / Title: chmod 4755 /bin/dash Author: absolomb Website: https://www.sploitspren.com SLAE-ID: 1208 Purpose: setuid bit on /bin/dash Tested On: Ubuntu 14.04 Arch: x86 Size: 33 bytes global start section .te...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/04/24 12:0 a.m.47 views

Linux/x86 - execve(cp /bin/sh /tmp/sh; chmod +s /tmp/sh) + Null-Free Shellcode (74 bytes)

Linux/x86 - execvecp /bin/sh /tmp/sh; chmod +s /tmp/sh + Null-Free Shellcode 74 bytes. Shellcode exploit for Linuxx86 platform / Title: Linux/x86 - cp /bin/sh /tmp/sh; chmod +s /tmp/sh Author: absolomb Website: https://www.sploitspren.com SLAE-ID: 1208 Purpose: cp shell into /tmp and setuid Teste...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/04/24 12:0 a.m.67 views

Microsoft Windows - Local Privilege Escalation

include "stdafx.h" define PML4BASE 0xFFFFF6FB7DBED000 define PDPBASE 0xFFFFF6FB7DA00000 define PDBASE 0xFFFFF6FB40000000 define PTBASE 0xFFFFF68000000000 typedef LARGEINTEGER PHYSICALADDRESS, PPHYSICALADDRESS; pragma packpush,4 typedef struct CMPARTIALRESOURCEDESCRIPTOR UCHAR Type; UCHAR...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/04/24 12:0 a.m.29 views

Chrome V8 JIT - 'NodeProperties::InferReceiverMaps' Type Confusion

/ https://cs.chromium.org/chromium/src/v8/src/compiler/node-properties.cc?rcl=df84e87191022bf6914f9570069908f10b303245&l=416 Here's a snippet of NodeProperties::InferReceiverMaps. case IrOpcode::kJSCreate: if IsSamereceiver, effect HeapObjectMatcher mtargetGetValueInputeffect, 0; HeapObjectMatche...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2018/04/24 12:0 a.m.36 views

Microsoft Internet Explorer 11.371.16299.0 (Windows 10) - Denial Of Service

''' + Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/MICROSOFT-INTERNET-EXPLORER-Win-10-DENIAL-OF-SERVICE.txt + ISR: ApparitionSec Vendor: ======= www.microsoft.com Product: ======== Internet Explorer Windows 10...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/04/24 12:0 a.m.18 views

Adobe Flash - Out-of-Bounds Write in blur Filtering

The attached swf file causes and out-of-bounds write in blur filtering. This PoC crashes reliably in Firefox for Linux. Proof of Concept: https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/44529.zip...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/04/24 12:0 a.m.67 views

WSO2 Carbon / WSO2 Dashboard Server 5.3.0 - Persistent Cross-Site Scripting

SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Multiple Stored XSS Vulnerabilities product: WSO2 Carbon, WSO2 Dashboard Server vulnerable version: WSO2 Identity Server 5.3.0 fixed version: WSO2 Identity Server 5.5.0 C...

5.4CVSS5.5AI score0.39332EPSS
Exploits5
Exploit DB
Exploit DB
added 2018/04/24 12:0 a.m.32 views

Adobe Flash - Info Leak in Image Inflation

The attached image causes an info leak in image inflation. It occasionally crashes when rendered, otherwise it displays uninitialized memory as pixels. To reproduce, put the attached images on a webserver and vist: http://127.0.0.1?img=inflate.png. Proof of Concept:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/04/24 12:0 a.m.25 views

Adobe Flash - Overflow in Slab Rendering

The attached fuzzed swf file causes heap or stack corruption depending on platform when rendering a slab. This PoC crashes a little bit unreliably, it is the most reliable in the standalone Flash player and Microsoft Edge. Proof of Concept:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/04/24 12:0 a.m.32 views

Adobe Flash - Overflow when Playing Sound

The attached fuzzed swf file causes heap overflow when playing a sound. This PoC crashes a little bit unreliably, it is the most reliable in the standalone Flash player and Microsoft Edge. Proof of Concept: https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/44526.zip...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/04/24 12:0 a.m.62 views

ASUS infosvr - Authentication Bypass Command Execution (Metasploit)

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'ASUS infosvr Auth Bypass Command Execution', 'Description' = %q This module exploits an authentication bypass vulnerability in the infosvr service...

10CVSS7.4AI score0.80731EPSS
Exploits12
Exploit DB
Exploit DB
added 2018/04/24 12:0 a.m.41 views

Kaspersky KSN for Linux 5.2 - Memory Corruption

''' Exploit Author: Juan Sacco - http://exploitpack.com Tested on: Kali i686 GNU/Linux CVE: NotYet Exploit description: Kaspersky KSN v5.2 is prone to a remote memory corruption because it fails to properly filter the input on the remote subscribers, this leads to heap segments overwrite and it...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/04/24 12:0 a.m.26 views

WordPress Plugin Woo Import Export 1.0 - Arbitrary File Deletion

...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/04/24 12:0 a.m.32 views

Easy File Sharing Web Server 7.2 - 'UserID' Remote Buffer Overflow (DEP Bypass)

!/usr/bin/env python --------------------------------------------------------------------------------------------------- Exploit Title : Easy File Sharing Web Server 7.2 - 'UserID' Remote Buffer Overflow DEP Bypass Date : 04/24/2018 Exploit Author : Hashim Jawad Twitter : @ihack4falafel Author...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/04/24 12:0 a.m.21 views

Allok Video to DVD Burner 2.6.1217 - Buffer Overflow (SEH)

Exploit Title: Buffer OverflowSEH on Allok Video to DVD Burner2.6.1217 Date: 23.04.2018 Exploit Author:T3jv1l Vendor Homepage:http://www.alloksoft.com/ Software: www.alloksoft.com/allokdvdburner.exe Category:Local Contact:https://twitter.com/T3jv1l Version: Allok Video to DVD Burner 2.6.1217 Test...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/04/24 12:0 a.m.45 views

RGui 3.4.4 - Local Buffer Overflow

!/usr/bin/python Exploit Author: bzyo CVE: CVE-2018-9060 Twitter: @bzyo Exploit Title: R 3.4.4 - Local Buffer Overflow Date: 03-27-2018 Vulnerable Software: R 3.4.4 Vendor Homepage: https://www.r-project.org/ Version: 3.4.4 Software Link: https://cloud.r-project.org/bin/windows/ Tested On: Window...

6.5AI score
Exploits4
Exploit DB
Exploit DB
added 2018/04/24 12:0 a.m.38 views

Open-AudIT 2.1 - CSV Macro Injection

Hi Guys, Exploit Title: Open-AudIT 2.1 - CSV Macro Injection Vulnerability Google Dork: N/A Date: 21-04-2018 Exploit Author: Sureshbabu Narvaneni Author Blog : http://nullnews.in Vendor Homepage: https://opmantek.com Software Link: https://www.open-audit.org/downloads.php Affected Version: 2.1...

6.8CVSS6.7AI score0.02839EPSS
Exploits5
Exploit DB
Exploit DB
added 2018/04/24 12:0 a.m.61 views

Monstra CMS 3.0.4 - Arbitrary Folder Deletion

Exploit Title: Monstra CMS 3.0.4 allows remote attackers to delete folder via an get request Date: 2018-03-26 Exploit Author: Wenming Jiang Vendor Homepage: https://github.com/monstra-cms/monstra Software Link: https://github.com/monstra-cms/monstra Version: 3.0.4 Tested on: macos 10.12.6, php 5....

6.5CVSS6.8AI score0.09813EPSS
Exploits3
Exploit DB
Exploit DB
added 2018/04/24 12:0 a.m.43 views

WUZHI CMS 4.1.0 - Cross-Site Request Forgery

Exploit Title: WUZHI CMS 4.1.0 - Cross-Site Request Forgery Date: 2018-04-23 Exploit Author: jiguang [email protected] Vendor Homepage: https://github.com/wuzhicms/wuzhicms Software Link: https://github.com/wuzhicms/wuzhicms Version: 4.1.0 CVE: CVE-2018-10312 An issue was discovered in WUZHI CMS 4.1....

8.8CVSS8.8AI score0.0248EPSS
Exploits5
Exploit DB
Exploit DB
added 2018/04/24 12:0 a.m.47 views

UK Cookie Consent - Persistent Cross-Site Scripting

Exploit Title: UK Cookie Consent v2.3.9 - Persistent Cross-Site Scripting Date: 2018-04-22 Exploit Author: B0UG Vendor Homepage: https://catapultthemes.com/ Software Link: https://en-gb.wordpress.org/plugins/uk-cookie-consent/description Version: Tested on version 2.3.9 older versions may also be...

5.4CVSS5.5AI score0.03892EPSS
Exploits5
Exploit DB
Exploit DB
added 2018/04/24 12:0 a.m.45 views

VLC Media Player/Kodi/PopcornTime 'Red Chimera' < 2.2.5 - Memory Corruption (PoC)

""" VLC Media Player/Kodi/PopcornTime 'Red Chimera' 2.2.5 Memory Corruption PoC Author: SivertPL [email protected] CVE: CVE-2017-8311 Infamous VLC/Kodi/PopcornTime subtitle attack in libsubtitleplugin.dll. This is the Proof of Concept of the reverse engineered heap corruption vulnerability...

7.8CVSS7.8AI score0.08765EPSS
Exploits4
Exploit DB
Exploit DB
added 2018/04/24 12:0 a.m.27 views

gif2apng 1.9 - '.gif' Stack Buffer Overflow

Exploit Title: gif2apng 1.9 '.gif' Stack-Buffer Overflow Date: 20 April 2018 Exploit Author: Hamm3r.py Vendor Homepage: http://gif2apng.sourceforge.net/ Version: 1.9 Tested on: Ubuntu 16.04 CVE : gif2apng is vulnerable to a stack based buffer overflow when a malformed gif is supplied. Following i...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/04/24 12:0 a.m.39 views

Ericsson-LG iPECS NMS A.1Ac - Cleartext Credential Disclosure

-- coding: utf-8 -- Exploit Title: Ericsson-LG iPECS NMS - Cleartext Cred. Dump Vendor Notification: 03-03-2018 - No response Initial CVE: 04-04-2018 Disclosure: 21-04-2018 Exploit Author: Berk Cem Göksel Contact: twitter.com/berkcgoksel || bgoksel.com Vendor Homepage: http://www.ipecs.com/...

10CVSS9.3AI score0.13229EPSS
Exploits4
Exploit DB
Exploit DB
added 2018/04/24 12:0 a.m.103 views

Interspire Email Marketer < 6.1.6 - Remote Admin Authentication Bypass

''' Exploit Title: Interspire Email Marketer - Remote Admin Authentication Bypass Google Dork: intitle:"Control Panel" + emailmarketer Date: 4-22-18 Exploit Author: devcoinfet Vendor Homepage: www.interspire.com/emailmarketer Software Link: Can't legally provide link but can be found on net...

10CVSS9.6AI score0.36505EPSS
Exploits6
Exploit DB
Exploit DB
added 2018/04/24 12:0 a.m.25 views

Linux/x86 - Bind (1337/TCP) Shell (/bin/sh) + Null-Free Shellcode (92 bytes)

Linux/x86 - Bind 1337/TCP Shell /bin/sh + Null-Free Shellcode 92 bytes. Shellcode exploit for Linuxx86 platform / Linux x86 Bind TCP shellcode This shellcode will listen on port 1337 and give you /bin/sh Shellcode Author: Anurag Srivastava Shellcode Length: 92 Student-ID: SLAE-1219 Note...

Exploits0
Exploit DB
Exploit DB
added 2018/04/24 12:0 a.m.33 views

lastore-daemon D-Bus - Privilege Escalation (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'lastore-daemon D-Bus Privilege Escalation', 'Description' = %q This module attempts to gain root privileges on Deepin Linux systems by using...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/04/23 12:0 a.m.33 views

VMware Workstation 12.5.2 - Drag n Drop Use-After-Free (Pwn2Own 2017) (PoC)

char initialdnd = "tools.capability.dndversion 4"; static const int cbObj = 0x100; char seconddnd = "tools.capability.dndversion 2"; char chgver = "vmx.capability.dndversion"; char calltransport = "dnd.transport "; char readstring = "ToolsAutoInstallGetParams"; typedef struct DnDCPMsgHdrV4 char...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/04/23 12:0 a.m.67 views

PRTG Network Monitor < 18.1.39.1648 - Stack Overflow (Denial of Service)

Exploit Title: PRTG 18.1.39.1648 - Stack Overflow Date: 2018-04-21 Exploit Author: Lucas "luriel" Carmo Vendor Homepage: https://www.paessler.com/prtg Software Link: https://www.paessler.com/download/prtg-download Version: 18.1.39.1648 CVE : CVE-2018-10253 Post Reference:...

7.5CVSS7.6AI score0.07627EPSS
Exploits4
Exploit DB
Exploit DB
added 2018/04/23 12:0 a.m.32 views

Free Download Manager 2.0 Built 417 - Local Buffer Overflow (SEH)

Exploit Title: Free Download Manager 2.0 Built 417 - Local Buffer Overflow SEH Date: 2018-04-23 Exploit Author: Marwan Shamel Software Link: https://filehippo.com/downloadfreedownloadmanager/925/ Version: v2.0 Built 417 Tested on: Windows 7 Enterprise SP1 32 bit Special thanks to my wife Steps :...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/04/23 12:0 a.m.96 views

Apache CouchDB 1.7.0 / 2.x < 2.1.1 - Remote Privilege Escalation

!/usr/bin/env python ''' @author: r4wd3r @license: MIT License @contact: [email protected] ''' import argparse import re import sys import requests parser = argparse.ArgumentParser description='Exploits the Apache CouchDB JSON Remote Privilege Escalation Vulnerability' + ' CVE-2017-12635'...

10CVSS9.6AI score0.99838EPSS
Exploits21
Exploit DB
Exploit DB
added 2018/04/23 12:0 a.m.152 views

phpMyAdmin 4.8.0 < 4.8.0-1 - Cross-Site Request Forgery

Exploit Title: phpMyAdmin 4.8.0 Drop database 3. Solution: Upgrade to phpMyAdmin 4.8.0-1 or newer. 4. Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10188...

8.8CVSS8.7AI score0.04218EPSS
Exploits5
Exploit DB
Exploit DB
added 2018/04/23 12:0 a.m.40 views

Ncomputing vSpace Pro 10/11 - Directory Traversal

Exploit Title: Ncomputing vSpace Pro v10 and v11 - Directory Traversal Vulnerability Date: 2018-04-20 Software Vendor: NComputing Software Link: Author: Javier Bernardo Contact: [email protected] Website: http://www.kwell.net CVE: CVE-2018-10201 Category: Webapps Description It is possible to read...

7.5CVSS7.6AI score0.45627EPSS
Exploits5
Total number of security vulnerabilities47904