Lucene search
K
ExploitdbRecent

47904 matches found

Exploit DB
Exploit DB
added 2018/04/23 12:0 a.m.39 views

Monstra cms 3.0.4 - Persitent Cross-Site Scripting

Exploit Title: Monstra cms 3.0.4 - Persitent Cross-Site Scripting Date: 2018-04-14 Exploit Author: Wenming Jiang Vendor Homepage: https://github.com/monstra-cms/monstra Software Link: https://github.com/monstra-cms/monstra Version: 3.0.4 Tested on: php 5.6, apache2.2.29, macos 10.12.6 CVE...

4.8CVSS5.5AI score0.02195EPSS
Exploits5
Exploit DB
Exploit DB
added 2018/04/23 12:0 a.m.49 views

Drupal avatar_uploader v7.x-1.0-beta8 - Arbitrary File Disclosure

Title: Drupal avataruploader v7.x-1.0-beta8 - Arbitrary File Disclosure Author: Larry W. Cashdollar Date: 2018-03-30 CVE-ID: CVE-2018-9205 Download Site: https://www.drupal.org/project/avataruploader Vendor: https://www.drupal.org/u/robbinzhao Vendor Notified: 2018-04-02 Vendor Contact:...

7.5CVSS7.6AI score0.56924EPSS
Exploits6
Exploit DB
Exploit DB
added 2018/04/22 12:0 a.m.184 views

Oracle Weblogic Server 10.3.6.0 / 12.1.3.0 / 12.2.1.2 / 12.2.1.3 - Deserialization Remote Command Execution

-- coding: utf-8 -- Oracle Weblogic Server 10.3.6.0, 12.1.3.0, 12.2.1.2, 12.2.1.3 Deserialization Remote Command Execution Vulnerability CVE-2018-2628 IMPORTANT: Is provided only for educational or information purposes. Credit: Thanks by Liao Xinxi of NSFOCUS Security Team Reference:...

9.8CVSS9.6AI score0.99448EPSS
Exploits69
Exploit DB
Exploit DB
added 2018/04/20 12:0 a.m.42 views

Cobub Razor 0.8.0 - Physical Path Leakage

Exploit Title: Cobub Razor 0.8.0 Physical path Leakage Vulnerability Date: 2018-04-19 Exploit Author: Kyhvedn Vendor Homepage: http://www.cobub.com/ Software Link: https://github.com/cobub/razor Version: 0.8.0 CVE : CVE-2018-8770 PoC: URL: http://localhost/export.php HTTP Method: GET URL:...

5.3CVSS5.3AI score0.60586EPSS
Exploits5
Exploit DB
Exploit DB
added 2018/04/18 12:0 a.m.40 views

MySQL Squid Access Report 2.1.4 - SQL Injection / Cross-Site Scripting

Exploit Title: MySQL Squid Access Report 2.1.4 Multiple Vulnerabilities Date: 14-13-2018 Software Link: https://sourceforge.net/projects/mysar/ Exploit Author: Keerati T. Version: 2.1.4 Tested on: Linux 1. Description SQL injection and Cross site script vulnerabilities are found on ALL parameter ...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/04/18 12:0 a.m.25 views

PDFunite 0.41.0 - '.pdf' Local Buffer Overflow

Exploit Title: PDFunite Malformed pdf buffer overflow Date: 17 April 2018 Exploit Author: Hamm3r.py Vendor Homepage: https://launchpad.net/ubuntu/artful/+package/poppler-utils Software Link: https://launchpad.net/ubuntu/+source/poppler/0.57.0-2ubuntu4.2 Version: 0.41.0 Tested on: Ubuntu CVE :...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/04/18 12:0 a.m.61 views

WordPress Plugin Caldera Forms 1.5.9.1 - Cross-Site Scripting

Exploit Title: CalderaForms 1.5.9.1 - multiple XSS Date: 02-03-2018 Exploit Author: Federico Scalco fscalco at mentat dot is @mindpr00f Vendor Homepage: https://calderaforms.com/ Software Link: https://wordpress.org/plugins/caldera-forms/ Vulnerable App:...

4.8CVSS5.1AI score0.04578EPSS
Exploits4
Exploit DB
Exploit DB
added 2018/04/18 12:0 a.m.37 views

Match Clone Script 1.0.4 - Cross-Site Scripting

Exploit Title: Match Clone Script 1.0.4 - Cross-Site Scripting Date: 23.02.2018 Vendor Homepage: https://www.phpscriptsmall.com/ Software Link: https://www.phpscriptsmall.com/product/match-clone/ Category: Web Application Exploit Author: ManhNho Version: 1.0.4 Tested on: Window 10 / Kali Linux CV...

6.1CVSS6.3AI score0.02273EPSS
Exploits5
Exploit DB
Exploit DB
added 2018/04/18 12:0 a.m.55 views

Easy File Sharing Web Server 7.2 - Stack Buffer Overflow

Exploit Title: Easy File Sharing Web Server 7.2 stack buffer overflow Date: 03/24/2018 Exploit Author: rebeyond - http://www.rebeyond.net Vendor Homepage: http://www.sharing-file.com/ Software Link: http://www.sharing-file.com/efssetup.exe Version: 7.2 CVE: CVE-2018-9059 Tested on: Windows XP...

9.8CVSS9.6AI score0.77319EPSS
Exploits6
Exploit DB
Exploit DB
added 2018/04/18 12:0 a.m.42 views

Rvsitebuilder CMS - Database Backup Download

Exploit Title: Rvsitebuilder CMS Database Backup Download Exploit Author: Hesam Bazvand Contact: [email protected] Software Link: http://www.rvsitebuilder.com Version: All Version Tested on: Windows 7 / Kali Linux Category: WebApps Dork : inurl:rvsindex.php & /rvsindex.php?/user/login Explo...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/04/18 12:0 a.m.47 views

Geist WatchDog Console 3.2.2 - Multiple Vulnerabilities

Exploit Author: bzyo CVE: CVE-2018-10077, CVE-2018-10078, CVE-2018-10079 Twitter: @bzyo Exploit Title: Geist WatchDog Console 3.2.2 - Multiple Vulnerabilities Date: 04-17-18 Vulnerable Software: WatchDog Console - 3.2.2 Vendor Homepage: http://www.itwatchdogs.com/ Version: 3.2.2 Software Link:...

7.8CVSS5.4AI score0.08296EPSS
Exploits7
Exploit DB
Exploit DB
added 2018/04/18 12:0 a.m.29 views

VX Search 10.6.18 - 'directory' Local Buffer Overflow

!/usr/bin/python Title: VX Search 10.6.18 Local Buffer Overflow Author: Kevin McGuigan Twitter: @h3xagram Author Website: https://www.7elements.co.uk Vendor Website: http://www.vxsearch.com Version: 10.6.18 Date: 18/04/2018 Tested on: Windows 7 32-bit Vendor did not respond to advisory. Copy the...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/04/18 12:0 a.m.29 views

RSVG 2.40.13 / 2.42.2 - '.svg' Buffer Overflow

Exploit Title: Buffer-overflow in RSVG while converting a malformed svg Date: 17 April 2018 Exploit Author: Hamm3r.py Vendor Homepage: https://launchpad.net/ubuntu/xenial/+package/librsvg2-bin Software Link: https://launchpad.net/ubuntu/xenial/+package/librsvg2-bin Version: Ubuntu: 2.40.13 Defaul...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/04/18 12:0 a.m.37 views

Lutron Quantum 2.0 - 3.2.243 - Information Disclosure

''' Exploit Title: Login bypass and data leak - Lutron Quantum 2.0 - 3.2.243 firmware Date: 20-03-2018 Exploit Author: David Castro Contact: https://twitter.com/SadFud75 Vendor Homepage: http://www.lutron.com Software Link:...

7.5CVSS7.6AI score0.14047EPSS
Exploits5
Exploit DB
Exploit DB
added 2018/04/18 12:0 a.m.49 views

Joomla! Component JS Jobs 1.2.0 - Cross-Site Request Forgery

Exploit Title: Joomla! Component Js Jobs - Multiple Cross Site Request Forgery Vulnerabilities Google Dork: N/A Date: 17-04-2018 Exploit Author: Sureshbabu Narvaneni Author Blog : http://nullnews.in Vendor Homepage: https://www.joomsky.com Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/04/18 12:0 a.m.65 views

Kodi 17.6 - Persistent Cross-Site Scripting

============================================= MGC ALERT 2018-003 - Original release date: March 19, 2018 - Last revised: April 16, 2018 - Discovered by: Manuel Garcia Cardenas - Severity: 4,8/10 CVSS Base Score - CVE-ID: CVE-2018-8831 ============================================= I. VULNERABILITY...

6.1CVSS6.3AI score0.53883EPSS
Exploits5
Exploit DB
Exploit DB
added 2018/04/17 12:0 a.m.43 views

Brave Browser < 0.13.0 - 'window.close(self)' Denial of Service

Exploit Title:Brave Browser Brave Window Object Remote Denial of Service. Brave Window Object Remote Denial of Service Proof of Concept Click the below link to Trigger the Vulnerability.. Brave Window Object DoS Test POC...

7.5CVSS7.6AI score0.12888EPSS
Exploits4
Exploit DB
Exploit DB
added 2018/04/17 12:0 a.m.38 views

Brave Browser < 0.13.0 - 'long alert() argument' Denial of Service

Exploit Title:Brave Browser...

6.5CVSS6.6AI score0.05114EPSS
Exploits5
Exploit DB
Exploit DB
added 2018/04/17 12:0 a.m.37 views

Reaper 5.78 - Local Buffer Overflow

Exploit Title: Reaper 5.78 - Local Buffer Overflow Exploit Author: bzyo CVE: CVE-2018-9131 Date: 2018-03-30 Vulnerable Software: Reaper 5.78 Vendor Homepage: https://www.reaper.fm/ Version: 5.78 Software Link: https://www.reaper.fm/download.php Tested On: Windows 7 x86 lots of bad chars, use...

7AI score
Exploits2
Exploit DB
Exploit DB
added 2018/04/17 12:0 a.m.51 views

Joomla! Component jDownloads 3.2.58 - Cross Site Scripting

Exploit Title: Joomla! Component jDownloads 3.2.58 - Cross Site Scripting Google Dork: N/A Date: 14-04-2018 Exploit Author: Sureshbabu Narvaneni Author Blog : http://nullnews.in Vendor Homepage: http://www.jdownloads.com/ Software Link:...

6.1CVSS6.3AI score0.04073EPSS
Exploits4
Exploit DB
Exploit DB
added 2018/04/17 12:0 a.m.56 views

Ultra MiniHTTPd 1.2 - 'GET' Remote Stack Buffer Overflow (PoC)

Exploit Title: Ultra MiniHTTPd 1.2 - 'GET' Remote Stack Buffer Overflow Date: 2018-04-14 Exploit Author: jollymongrel Vendor Homepage: http://www.vector.co.jp Software Link: http://www.vector.co.jp/soft/winnt/net/se275154.html Version: 1.2 Tested on: Windows 7 32-bit CVE : CVE-2013-5019 import sy...

10CVSS6.6AI score0.64393EPSS
Exploits4
Exploit DB
Exploit DB
added 2018/04/17 12:0 a.m.49 views

D-Link DIR-615 Wireless Router - Persistent Cross Site Scripting

Exploit Title: D-Link DIR-615 Wireless Router - Persistent Cross Site Scripting XSS Date: 14.04.2018 Exploit Author: Sayan Chatterjee Vendor Homepage: http://www.dlink.co.in Hardware Link: http://www.dlink.co.in/products/?pid=678 Category: Hardware Wi-fi Router Hardware Version: T1 Firmware...

4.8CVSS5.1AI score0.03503EPSS
Exploits5
Exploit DB
Exploit DB
added 2018/04/17 12:0 a.m.214 views

Drupal < 8.3.9 / < 8.4.6 / < 8.5.1 - 'Drupalgeddon2' Remote Code Execution (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Drupalgeddon2', 'Description' = %q CVE-2018-7600 / SA-CORE-2018-002 Drupal before 7.58, 8.x before 8.3.9, 8.4.x before 8.4.6, and 8.5.x before...

9.8CVSS10AI score0.99993EPSS
Exploits46
Exploit DB
Exploit DB
added 2018/04/16 12:0 a.m.51 views

Microsoft Windows - 'nt!NtQueryVolumeInformationFile' Kernel Stack Memory Disclosure

/ We have discovered that the nt!NtQueryVolumeInformationFile system call invoked against certain kernel objects discloses uninitialized kernel stack memory to user-mode clients. The vulnerability affects Windows 10 32/64-bit; other versions were not tested. The paths that we have observed to...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2018/04/16 12:0 a.m.31 views

Microsoft Windows - 'nt!NtQueryFullAttributesFile' Kernel Stack Memory Disclosure

/ We have discovered that the nt!NtQueryFullAttributesFile system call invoked with paths of certain kernel objects discloses uninitialized kernel stack memory to user-mode clients. The vulnerability affects Windows 7 to 10, 32/64-bit. The paths that we have observed to trigger the leak in our te...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/04/16 12:0 a.m.50 views

Microsoft Windows - 'nt!NtQueryAttributesFile' Kernel Stack Memory Disclosure

/ We have discovered that the nt!NtQueryAttributesFile system call invoked with paths of certain kernel objects discloses uninitialized kernel stack memory to user-mode clients. The vulnerability affects Windows 7 to 10, 32/64-bit. The paths that we have observed to trigger the leak in our test...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/04/16 12:0 a.m.42 views

Barco ClickShare CSE-200 - Remote Denial of Service

!/usr/bin/python Exploit Title: Barco ClickShare CSE-200 - Remote Denial of Service Date: 11-04-2018 Hardware Link: https://www.barco.com/de/product/clickshare-cse-200 Exploit Author: Florian Hauser Contact: florian DOT g DOT hauser AT gmail DOT com CVE: requested by Barco Category: Hardware...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/04/16 12:0 a.m.43 views

SysGauge Pro 4.6.12 - Local Buffer Overflow (SEH)

!/usr/bin/python Exploit Title : SysGauge Pro v4.6.12 - Local Buffer Overflow SEH Exploit Author : Hashim Jawad Twitter : @ihack4falafel Author Website : ihack4falafel.com Vendor Homepage : http://www.sysgauge.com/ Vulnerable Software : http://www.sysgauge.com/setups/sysgaugeprosetupv4.6.12.exe...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/04/16 12:0 a.m.253 views

Microsoft Windows - 'nt!NtQuerySystemInformation (SystemPageFileInformation(Ex))' Kernel 64-bit Stack Memory Disclosure

/ We have discovered that the nt!NtQuerySystemInformation system call invoked with the SystemPageFileInformation 0x12 and SystemPageFileInformationEx 0x90 information classes discloses uninitialized kernel stack memory to user-mode clients. The vulnerability affects 64-bit versions of Windows 7 t...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/04/16 12:0 a.m.113 views

Microsoft Windows - 'nt!NtQueryVirtualMemory (Memory(Privileged)BasicInformation)' Kernel 64-bit Stack Memory Disclosure

/ We have discovered that the nt!NtQueryVirtualMemory system call invoked with the MemoryBasicInformation 0x0 and MemoryPrivilegedBasicInformation 0x8 information classes discloses uninitialized kernel stack memory to user-mode clients. The vulnerability affects 64-bit versions of Windows 7 to 10...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2018/04/16 12:0 a.m.51 views

CloudMe Sync 1.11.0 - Local Buffer Overflow

Exploit Title: Local Buffer Overflow on CloudMe Sync v1.11.0 Date: 08.03.2018 Vendor Homepage: https://www.cloudme.com/en Software Link: https://www.cloudme.com/downloads/CloudMe1110.exe Category: Local Exploit Discovery: Prasenjit Kanti Paul Web: http://hack2rule.wordpress.com/ Version: 1.11.0...

7.8CVSS7.7AI score0.02059EPSS
Exploits5
Exploit DB
Exploit DB
added 2018/04/16 12:0 a.m.21 views

Zortam MP3 Media Studio 23.45 - Local Buffer Overflow (SEH)

!/usr/bin/python Title: Zortam Mp3 Media Studio Local Buffer Overflow SEH Author: Kevin McGuigan Twitter: @h3xagram Author Website: https://www.7elements.co.uk Vendor Website: http://www.zortam.com/ Version: 23.45 Tested on: Windows 7 32 bit Date: 12/04/2018 Vendor did not respond to advisory Fil...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/04/16 12:0 a.m.102 views

Microsoft Windows - 'CiSetFileCache' TOCTOU Incomplete Fix

Windows: CiSetFileCache TOCTOU CVE-2017-11830 Incomplete Fix Platform: Windows 10 1709 including Win10S Class: Security Feature Bypass Summary: The fix for CVE-2017-11830 is insufficient to prevent a normal user application adding a cached signing level to an unsigned file by exploiting a TOCTOU ...

5.3CVSS6.4AI score0.0257EPSS
Exploits8
Exploit DB
Exploit DB
added 2018/04/16 12:0 a.m.54 views

Sophos Cyberoam UTM CR25iNG - 10.6.3 MR-5 - Direct Object Reference

Exploit Title: Sophos Cyberoam UTM - Privilege Escalation Date: 31/08/2016 Exploit Author: Chintan Gurjar Frogy Vendor Homepage: http://www.sophos.com/ Software Link: https://www.cyberoam.com/downloads/datasheet/CR25iNG.html Version: Cyberoam CR25iNG - 10.6.3 MR-5 CVE : CVE-2016-7786 Category :...

9CVSS8.9AI score0.06984EPSS
Exploits3
Exploit DB
Exploit DB
added 2018/04/16 12:0 a.m.37 views

Microsoft Windows - 'nt!NtQueryVirtualMemory (MemoryImageInformation)' Kernel 64-bit Stack Memory Disclosure

/ We have discovered that the nt!NtQueryVirtualMemory system call invoked with the MemoryImageInformation 0x6 information class discloses uninitialized kernel stack memory to user-mode clients. The vulnerability affects 64-bit versions of Windows 8 to 10. The layout of the corresponding output...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2018/04/16 12:0 a.m.50 views

Microsoft Windows - 'nt!NtQueryInformationProcess (ProcessImageFileName)' Kernel 64-bit Pool/Stack Memory Disclosure

/ We have discovered that the nt!NtQueryInformationProcess system call invoked with the ProcessImageFileName 0x1B information class discloses uninitialized kernel memory to user-mode clients. The vulnerability affects 64-bit versions of Windows 7 to 10. According to the ZwQueryInformationProcess...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/04/16 12:0 a.m.43 views

Microsoft Edge - 'OpenProcess()' ACG Bypass

Each Edge Content process MicrosoftEdgeCP.exe needs to call SetProcessMitigationPolicy on itself to enable ACG. The callstack when this happens is: 00 KERNELBASE!SetProcessMitigationPolicy 01 MicrosoftEdgeCP!SetProcessDynamicCodePolicy+0xc0 02 MicrosoftEdgeCP!StartContentProcessExe+0x164 03...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/04/16 12:0 a.m.48 views

Cobub Razor 0.8.0 - SQL injection

Exploit Title: Cobub Razor 0.8.0 SQL injection Vulnerability Date: 2018-04-16 Exploit Author: Kyhvedn([email protected][email protected]) Vendor Homepage: http://www.cobub.com/ Software Link: https://github.com/cobub/razor Version: 0.8.0 CVE : CVE-2018-8057 The string of the 'channelname'...

9.8CVSS9.5AI score0.22979EPSS
Exploits5
Exploit DB
Exploit DB
added 2018/04/16 12:0 a.m.86 views

Microsoft Windows - 'nt!NtQueryInformationTransactionManager (TransactionManagerRecoveryInformation)' Kernel Pool Memory Disclosure

/ We have discovered that the nt!NtQueryInformationTransactionManager system call invoked with the TransactionManagerRecoveryInformation 4 information class may disclose uninitialized kernel pool memory to user-mode clients. The vulnerability affects Windows 7 to 10, 32/64-bit. The output structu...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2018/04/15 12:0 a.m.27 views

AMD Plays.tv 1.27.5.0 - 'plays_service.exe' Arbitrary File Execution

http://support.amd.com/en-us/download?cmpid=CCCOffline - Click "Automatically Detect - Download Now" Installation Automatically Installs "Raptr, Inc Plays TV Service" OR https://plays.tv/download Target OS: Windows Any Privilege: SYSTEM Type: Arbitrary File Execution Notes: Second minor bug allow...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/04/13 12:0 a.m.84 views

Microsoft Credential Security Support Provider - Remote Code Execution

credssp This is a poc code for exploiting CVE-2018-0886. It should be used for educational purposes only. It relies on a fork of the rdpy projecthttps://github.com/preempt/rdpy, allowing also credssp relay. Written by Eyal Karni, Preempt [email protected] Build Instructions Linux If you are usin...

7.6CVSS6.7AI score0.82334EPSS
Exploits4
Exploit DB
Exploit DB
added 2018/04/13 12:0 a.m.66 views

MikroTik 6.41.4 - FTP daemon Denial of Service (PoC)

Title: MikroTik 6.41.4 Denial of service FTP daemon crash CVE: CVE-2018-10070 CWE: CWE-400 Exploit Author: Hosein Askari FarazPajohan Vendor HomePage: https://mikrotik.com/ Version : 6.41.4 Released 2018-Apr-05 | All Version Date: 13-05-2018 Category: Network Appliance Description: A vulnerabilit...

7.8CVSS7.6AI score0.12987EPSS
Exploits5
Exploit DB
Exploit DB
added 2018/04/13 12:0 a.m.276 views

Drupal < 8.3.9 / < 8.4.6 / < 8.5.1 - 'Drupalgeddon2' Remote Code Execution (PoC)

!/usr/bin/env import sys import requests print '' print ' Proof-Of-Concept for CVE-2018-7600' print ' by Vitalii Rudnykh' print ' Thanks by AlbinoDrought, RicterZ, FindYanot, CostelSalanders' print ' https://github.com/a2u/CVE-2018-7600' print '' print 'Provided only for educational or informatio...

9.8CVSS10AI score0.99993EPSS
Exploits46
Exploit DB
Exploit DB
added 2018/04/13 12:0 a.m.602 views

Drupal < 7.58 / < 8.3.9 / < 8.4.6 / < 8.5.1 - 'Drupalgeddon2' Remote Code Execution

!/usr/bin/env ruby CVE-2018-7600 Drupal &1' ; " bashcmd = "echo " + Base64.strictencode64bashcmd + " | base64 -d" - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Function httprequest type data def httprequesturl, type="get", payload="", cookie="" puts verbose"HTTP -...

9.8CVSS10AI score0.99993EPSS
Exploits46
Exploit DB
Exploit DB
added 2018/04/12 12:0 a.m.41 views

Joomla! Convert Forms version 2.0.3 - Formula Injection (CSV Injection)

Exploit Title: Joomla Extension Convert Forms version 2.0.3 is vulnerable to Formula Injection CSV Injection Google Dork: N/A Date: 12-04-2018 Exploit Author: Jetty Sairam Software Link: https://extensions.joomla.org/extensions/extension/contacts-and-feedback/forms/convert-forms/ Affected Version...

7.8CVSS7.7AI score0.09568EPSS
Exploits5
Exploit DB
Exploit DB
added 2018/04/11 12:0 a.m.31 views

Linux/x64 - x64 Assembly Shellcode (Generator)

Linux/x64 - x64 Assembly Shellcode Generator. Shellcode exploit for Generator platform !/usr/bin/env python Features: - Linux shellcode x64 assembly code generation - stack based smaller payload size - execve based - supports long commands meaning bigger than an x64 register - 64 bits - supports...

0.1AI score
Exploits0
Exploit DB
Exploit DB
added 2018/04/10 12:0 a.m.29 views

Google Chrome V8 JIT - 'LoadElimination::ReduceTransitionElementsKind' Type Confusion

/ I think this commit has introduced the bug: https://chromium.googlesource.com/v8/v8.git/+/9884bc5dee488bf206655f07b8a487afef4ded9b Reduction LoadElimination::ReduceTransitionElementsKindNode node ... if objectmaps.containsZoneHandleSetsourcemap objectmaps.removesourcemap, zone;...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/04/10 12:0 a.m.42 views

WordPress Plugin File Upload 4.3.2 - Stored Cross-Site Scripting

Exploit Title: WordPress Plugin WordPress File Upload 4.3.2 - Stored XSS Date: 31/03/2018 Exploit Author: ManhNho Vendor Homepage: https://www.iptanus.com/ Software Link: https://downloads.wordpress.org/plugin/wp-file-upload.zip Version: 4.3.2 Tested on: CentOS 6.5 CVE : CVE-2018-9172 Category :...

5.4CVSS5.5AI score0.03244EPSS
Exploits5
Exploit DB
Exploit DB
added 2018/04/10 12:0 a.m.30 views

WUZHI CMS 4.1.0 - Cross-Site Request Forgery (Add Admin)

Exploit Title: WUZHI CMS 4.1.0 CSRF vulnerability add admin account Date: 2018-04-10 Exploit Author: taoge Vendor Homepage: https://github.com/wuzhicms/wuzhicms Software Link: https://github.com/wuzhicms/wuzhicms Version: 4.1.0 CVE : CVE-2018-9926 An issue was discovered in WUZHI CMS...

8.8CVSS8.8AI score0.03094EPSS
Exploits5
Exploit DB
Exploit DB
added 2018/04/10 12:0 a.m.43 views

WordPress Plugin File Upload 4.3.3 - Stored Cross-Site Scripting (PoC)

Exploit Title: WordPress Plugin WordPress File Upload 4.3.3 - Stored XSS Date: 06/04/2018 Exploit Author: ManhNho Vendor Homepage: https://www.iptanus.com/ Software Link: https://downloads.wordpress.org/plugin/wp-file-upload.zip Version: 4.3.3 Tested on: Windows 7 / Cent OS 6.5 CVE : CVE-2018-984...

6.1CVSS7AI score0.03844EPSS
Exploits6
Total number of security vulnerabilities47904