Lucene search
K
ExploitdbRecent

47904 matches found

Exploit DB
Exploit DB
•added 2018/04/10 12:0 a.m.•33 views

iScripts Easycreate 3.2.1 - Stored Cross-Site Scripting

Exploit Title: iScripts Easycreate 3.2.1 - Stored Cross-Site Scripting Date: 02/04/2018 Exploit Author: ManhNho Vendor Homepage: https://www.iscripts.com Demo Page: https://www.demo.iscripts.com/easycreate/demo/ Version: 3.2.1 Tested on: Windows 10 Category: Webapps CVE: CVE-2018-9236 CVE:...

5.4CVSS5.5AI score0.01882EPSS
Exploits5
Exploit DB
Exploit DB
•added 2018/04/10 12:0 a.m.•39 views

WUZHI CMS 4.1.0 - Cross-Site Request Forgery (Add User)

Exploit Title: WUZHI CMS 4.1.0 CSRF vulnerability add user account Date: 2018-04-10 Exploit Author: taoge Vendor Homepage: https://github.com/wuzhicms/wuzhicms Software Link: https://github.com/wuzhicms/wuzhicms Version: 4.1.0 CVE : CVE-2018-9927 An issue was discovered in WUZHI CMS...

8.8CVSS8.8AI score0.00709EPSS
Exploits5
Exploit DB
Exploit DB
•added 2018/04/10 12:0 a.m.•48 views

Dell EMC Avamar and Integrated Data Protection Appliance Installation Manager - Invalid Access Control

Exploit Title: Dell EMC Avamar and Integrated Data Protection Appliance Installation Manager Missing Access Control Vulnerability DSA-2018-025 Date: 24/11/2017 Exploit Author: SlidingWindow Vendor Homepage: https://store.Dell EMC.com/en-us/AVAMAR-PRODUCTS/Dell-DELL...

9.8CVSS9.6AI score0.46642EPSS
Exploits5
Exploit DB
Exploit DB
•added 2018/04/10 12:0 a.m.•36 views

DVD X Player Standard 5.5.3.9 - Buffer Overflow

Exploit Title: Buffer Overflow on DVD X Player Standard 5.5.3.9 Date: 29.03.2018 Vendor Homepage: http://www.dvd-x-player.com Software Link: http://www.dvd-x-player.com/download/DVDXPlayerSetup- Standard.exe Category: Local SEH Based Exploit Credit: Prasenjit Kanti Paul Web:...

7.8CVSS7.7AI score0.04878EPSS
Exploits8
Exploit DB
Exploit DB
•added 2018/04/10 12:0 a.m.•44 views

WordPress Plugin File Upload 4.3.3 - Stored Cross-Site Scripting (PoC)

Exploit Title: WordPress Plugin WordPress File Upload 4.3.3 - Stored XSS Date: 06/04/2018 Exploit Author: ManhNho Vendor Homepage: https://www.iptanus.com/ Software Link: https://downloads.wordpress.org/plugin/wp-file-upload.zip Version: 4.3.3 Tested on: Windows 7 / Cent OS 6.5 CVE : CVE-2018-984...

6.1CVSS7AI score0.03844EPSS
Exploits6
Exploit DB
Exploit DB
•added 2018/04/09 12:0 a.m.•65 views

GoldWave 5.70 - Local Buffer Overflow (SEH Unicode)

!/usr/bin/python Exploit Author: bzyo Twitter: @bzyo Exploit Title: GoldWave 5.70 - Local Buffer Overflow SEH Unicode Date: 04-05-2018 Vulnerable Software: GoldWave 5.70 Vendor Homepage: https://www.goldwave.com/ Version: 5.70 Software Link: http://goldwave.com//downloads/gwave570.exe Tested...

7.4AI score
Exploits0
Exploit DB
Exploit DB
•added 2018/04/09 12:0 a.m.•48 views

H2 Database - 'Alias' Arbitrary Code Execution

''' Exploit Title: H2 Database Alias Abuse Date: 05/04/2018 Exploit Author: gambler Vendor Homepage:www.h2database.com Software Link: http://www.h2database.com/html/download.html Version: all versions Tested on: Linux, Mac OS ''' import sys import argparse import html import requests Blogpost abo...

7.4AI score
Exploits0
Exploit DB
Exploit DB
•added 2018/04/09 12:0 a.m.•42 views

WordPress Plugin Simple Fields 0.2 - 0.3.5 - Local/Remote File Inclusion / Remote Code Execution

Exploit Title: Simple Fields 0.2 - 0.3.5 LFI/RFI/RCE Date: 2018-04-08 Exploit Author: Graeme Robinson Contact: @Grasec Vendor Homepage: http://simple-fields.com Software Link: https://downloads.wordpress.org/plugin/simple-fields.0.3.5.zip Version: 0.2 - 0.3.5 Tested on: Ubuntu 16.04.4 + PHP 5.3.0...

7.4AI score
Exploits0
Exploit DB
Exploit DB
•added 2018/04/09 12:0 a.m.•38 views

Yahei PHP Prober 0.4.7 - Cross-Site Scripting

Exploit title: Yahei-PHP Proberv0.4.7 - Cross-Site Scripting Google Dork: intitle:"Proberv0." | inurl:/proberv.php Date: 23/03/2018 Exploit Author: ManhNho Vendor Homepage: http://www.yahei.net/ Software Link: www.yahei.net/tz/tze.zip Version: 0.4.7 CVE: CVE-2018-9238 Tested on: Windows 10 / Kali...

6.1CVSS6.3AI score0.02273EPSS
Exploits5
Exploit DB
Exploit DB
•added 2018/04/09 12:0 a.m.•28 views

MyBB Plugin Recent Threads On Index - Cross-Site Scripting

Exploit Title: MyBB Recent threads Date: 4th April 2018 Exploit Author: Perileos Software Link: https://community.mybb.com/mods.php?action=view&pid=191 Version: 17.0 Tested on: Windows 10 1. Description: This plugin shows recent threads in the side bar on your MyBB forum. 2. Proof of concept:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
•added 2018/04/09 12:0 a.m.•23 views

WooCommerce CSV-Importer-Plugin 3.3.6 - Remote Code Execution

Exploit Title: Plugin Woocommerce CSV importer 3.3.6 – RCE – Unlink Date: 08/04/2018 Exploit Author: Lenon Leite Vendor Homepage: https://wordpress.org/plugins/woocommerce-csvimport/ Software Link: https://wordpress.org/plugins/woocommerce-csvimport/ Contact: http://twitter.com/lenonleite Website...

7.4AI score
Exploits0
Exploit DB
Exploit DB
•added 2018/04/09 12:0 a.m.•26 views

WordPress Plugin Google Drive 2.2 - Remote Code Execution

Exploit Title: Plugin Google Drive for WordPress 2.2 – RCE – Unlik Date: 08/04/2018 Exploit Author: Lenon Leite Vendor Homepage: https://wordpress.org/plugins/wp-google-drive/ Software Link: https://wordpress.org/plugins/wp-google-drive/ Contact: http://twitter.com/lenonleite Website:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
•added 2018/04/09 12:0 a.m.•21 views

Buddypress Xprofile Custom Fields Type 2.6.3 - Remote Code Execution

Exploit Title: Plugin Buddypress Xprofile Custom Fields Type 2.6.3 RCE – Unlink Date: 08/04/2018 Exploit Author: Lenon Leite Vendor Homepage: https://wordpress.org/plugins/buddypress-xprofile-custom-fields-type/ Software Link: https://wordpress.org/plugins/buddypress-xprofile-custom-fields-type/...

7AI score
Exploits0
Exploit DB
Exploit DB
•added 2018/04/09 12:0 a.m.•31 views

iScripts SonicBB 1.0 - Reflected Cross-Site Scripting (PoC)

Exploit Title: iScripts SonicBB 1.0 - Reflected Cross-Site Scripting Date: 02/04/2018 Exploit Author: ManhNho Vendor Homepage: https://www.iscripts.com Demo Page: https://www.demo.iscripts.com/sonicbb/demo/ Version: 1.0 Tested on: Windows 10 Category: Webapps CVE: CVE-2018-9235 1. Description...

6.1CVSS6.3AI score0.02606EPSS
Exploits5
Exploit DB
Exploit DB
•added 2018/04/09 12:0 a.m.•80 views

CyberArk Password Vault Web Access < 9.9.5 / < 9.10 / 10.1 - Remote Code Execution

Advisory: CyberArk Password Vault Web Access Remote Code Execution The CyberArk Password Vault Web Access application uses authentication tokens which consist of serialized .NET objects. By crafting manipulated tokens, attackers are able to gain unauthenticated remote code execution on the web...

9.8CVSS9.7AI score0.17336EPSS
Exploits5
Exploit DB
Exploit DB
•added 2018/04/09 12:0 a.m.•65 views

CyberArk Password Vault < 9.7 / < 10 - Memory Disclosure

Advisory: CyberArk Password Vault Memory Disclosure Data in the CyberArk Password Vault may be accessed through a proprietary network protocol. While answering to a client's logon request, the vault discloses around 50 bytes of its memory to the client. Details ======= Product: CyberArk Password...

5.3CVSS5.2AI score0.14116EPSS
Exploits12
Exploit DB
Exploit DB
•added 2018/04/09 12:0 a.m.•30 views

WebKit - WebAssembly Parsing Does not Correctly Check Section Order

When a WebAssembly binary is parsed in ModuleParser::parse, it is expected to contain certain sections in a certain order, but can also contain custom sections that can appear anywhere in the binary. The ordering check validateOrder does not adequately check that sections are in the correct order...

7.4AI score
Exploits0
Exploit DB
Exploit DB
•added 2018/04/09 12:0 a.m.•48 views

KYOCERA Multi-Set Template Editor 3.4 - Out-Of-Band XML External Entity Injection

Vendor: KYOCERA Corporation Product https://global.kyocera.com Affected version: 3.4.0906 Summary: KYOCERA Net Admin is Kyocera's unified device management software that uses a web-based platform to give network administrators easy and uncomplicated control to handle a fleet for up to 10,000...

7.4AI score
Exploits0
Exploit DB
Exploit DB
•added 2018/04/09 12:0 a.m.•39 views

KYOCERA Net Admin 3.4 - Cross-Site Request Forgery (Add Admin)

Vendor: KYOCERA Corporation Product https://global.kyocera.com Affected version: 3.4.0906 Summary: KYOCERA Net Admin is Kyocera's unified device management software that uses a web-based platform to give network administrators easy and uncomplicated control to handle a fleet for up to 10,000...

7.4AI score
Exploits0
Exploit DB
Exploit DB
•added 2018/04/09 12:0 a.m.•47 views

PMS 0.42 - Local Stack-Based Overflow (ROP)

Exploit Author: Juan Sacco - http://exploitpack.com Tested on: Kali i686 GNU/Linux Description: PMS 0.42 is prone to a local unauthenticated stack-based overflow The vulnerability is due to an unproper filter of user supplied input while reading the configuration file and parsing the malicious...

7.4AI score
Exploits0
Exploit DB
Exploit DB
•added 2018/04/09 12:0 a.m.•32 views

Cobub Razor 0.7.2 - Add New Superuser Account

Exploit Title: Cobub Razor 0.7.2 Add New Superuser User Date: 2018-03-07 Exploit Author: ppb([email protected]) Vendor Homepage: https://github.com/cobub/razor/ Software Link: https://github.com/cobub/razor/ Version: 0.72 CVE : CVE-2018-7745 There is a vulnerability that can add an admnistrator use...

7.5CVSS7.6AI score0.12111EPSS
Exploits5
Exploit DB
Exploit DB
•added 2018/04/09 12:0 a.m.•47 views

WolfCMS 0.8.3.1 - Open Redirection

Exploit Title: WolfCMS 0.8.3.1 Open Redirection Vulnerability Google Dork: N/A Date: 04-04-2018 Exploit Author: Sureshbabu Narvaneni Author Blog : http://nullnews.in Vendor Homepage: http://www.wolfcms.org Software Link: https://bitbucket.org/wolfcms/wolf-cms-downloads/downloads/wolfcms-0.8.3.1.z...

4.9CVSS5.1AI score0.03403EPSS
Exploits5
Exploit DB
Exploit DB
•added 2018/04/09 12:0 a.m.•57 views

WolfCMS 0.8.3.1 - Cross-Site Request Forgery

Exploit Title: WolfCMS 0.8.3.1 Cross Site Request Forgery Google Dork: N/A Date: 04-04-2018 Exploit Author: Sureshbabu Narvaneni Author Blog : http://nullnews.in Vendor Homepage: http://www.wolfcms.org Software Link: Affected Version: 0.8.3.1 Category: WebApps Tested on: Win7 Enterprise x86/Kali...

6.5CVSS6.5AI score0.0316EPSS
Exploits5
Exploit DB
Exploit DB
•added 2018/04/09 12:0 a.m.•60 views

WordPress Plugin Background Takeover < 4.1.4 - Directory Traversal

Exploit Title: WP Background Takeover, Directory Traversal = 4.1.4 Google Dork: inurl:/plugins/wpsite-background-takeover Date: 2018-03-08 Exploit Author: Colette Chamberland, Defiant, Inc. Vendor Homepage: https://99robots.com Software Link:...

7.5CVSS7.7AI score0.48158EPSS
Exploits4
Exploit DB
Exploit DB
•added 2018/04/06 12:0 a.m.•143 views

LineageOS 14.1 Blueborne - Remote Code Execution

Exploit Title: LineageOS 14.1 Android 7.1.2 Blueborne RCE CVE-2017-0781 Date: 04/01/2018 Exploit Author: Marcin Kozlowski Tested on: LinageOS 14.1 Android 7.1.2 without BlueBorne Patch CVE : CVE-2017-0781 Provided for legal security research and testing purposes ONLY. Code in exp4.py More info in...

8.8CVSS8.3AI score0.2285EPSS
Exploits13
Exploit DB
Exploit DB
•added 2018/04/06 12:0 a.m.•42 views

GNU Beep 1.3 - 'HoleyBeep' Local Privilege Escalation

!/usr/bin/env python3 E-DB Note https://gist.github.com/Arignir/0b9d45c56551af39969368396e27abe8/ec853f14afd6e86fb3f2efce2086e28f33039ddc E-DB Note https://sigint.sh//holeybeep This is an exploit for HoleyBeep. To use it, place any command you want root to execute in /tmp/x. $ cat /tmp/x echo PWN...

7.4AI score
Exploits0
Exploit DB
Exploit DB
•added 2018/04/06 12:0 a.m.•65 views

Adobe Flash < 28.0.0.161 - Use-After-Free

!/usr/bin/env python coding: UTF-8 import BaseHTTPServer import sys from SimpleHTTPServer import SimpleHTTPRequestHandler print "@Syfi2k" print "+ CVE-2018-4878 poc " print "--------------------------------" print "Calc.exe Shellcode via Msfvenom" print "Based on fixed version...

7.8CVSS8.9AI score0.89618EPSS
Exploits19
Exploit DB
Exploit DB
•added 2018/04/06 12:0 a.m.•51 views

Sophos Endpoint Protection Control Panel 10.7 - Weak Password Encryption

Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/SOPHOS-ENDPOINT-PROTECTION-CONTROL-PANEL-v10.7-INSECURE-CRYPTO-CVE-2018-9233.txt + ISR: Apparition Security Vendor: ========== www.sophos.com Product: =========== Sophos...

7.8CVSS7.7AI score0.01744EPSS
Exploits5
Exploit DB
Exploit DB
•added 2018/04/06 12:0 a.m.•77 views

Sophos Endpoint Protection 10.7 - Tamper-Protection Bypass

Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/SOPHOS-ENDPOINT-PROTECTION-v10.7-TAMPER-PROTECTION-BYPASS-CVE-2018-4863.txt + ISR: Apparition Security Vendor: ============= www.sophos.com Product: =========== Sophos...

5.5CVSS7AI score0.01247EPSS
Exploits5
Exploit DB
Exploit DB
•added 2018/04/06 12:0 a.m.•34 views

Cobub Razor 0.7.2 - Cross-Site Request Forgery

Exploit Title: Cobub Razor 0.7.2 Cross Site Request Forgery Date: 2018-03-07 Exploit Author: ppb Vendor Homepage: https://github.com/cobub/razor/ Software Link: https://github.com/cobub/razor/ Version: 0.72 CVE : CVE-2018-7746 There is a vulnerability. Authentication is not required for...

8.8CVSS7AI score0.03154EPSS
Exploits5
Exploit DB
Exploit DB
•added 2018/04/06 12:0 a.m.•64 views

DotNetNuke DNNarticle Module 11 - Directory Traversal

Advisory Information Title: Directory Traversal Vulnerability in DNNarticle module Date published: n/a Date of last update: n/a Vendors contacted: zldnn.com Discovered by: Esmaeil Rahimian Severity: Critical 02. Vulnerability Information OVE-ID: CVE-2018-9126. 03. Introduction DNN Article is...

9.8CVSS9.7AI score0.50244EPSS
Exploits5
Exploit DB
Exploit DB
•added 2018/04/06 12:0 a.m.•67 views

FiberHome VDSL2 Modem HG 150-UB - Authentication Bypass

Exploit Title: FiberHome VDSL2 Modem HG 150-UB Authentication Bypass Date: 04/03/2018 Exploit Author: Noman Riffat Vendor Homepage: http://www.fiberhome.com/ CVE : CVE-2018-9248, CVE-2018-9248 The vulnerability exists in plain text & hard coded cookie. Using any cookie manager extension, an...

9.8CVSS9.7AI score0.15255EPSS
Exploits2
Exploit DB
Exploit DB
•added 2018/04/05 12:0 a.m.•64 views

Z-Blog 1.5.1.1740 - Full Path Disclosure

Exploit Title: Z-Blog 1.5.1.1740 Web Site physical path leakage Vulnerability Date: 2018-04-03 Exploit Author: zzw [email protected] Vendor Homepage: https://www.zblogcn.com/ Software Link: https://github.com/zblogcn/zblogphp Version: 1.5.1.1740 CVE : CVE-2018-7737 This is a WebSite physical path...

5.3CVSS5.3AI score0.08642EPSS
Exploits5
Exploit DB
Exploit DB
•added 2018/04/05 12:0 a.m.•36 views

WordPress Plugin Activity Log 2.4.0 - Cross-Site Scripting

Exploit Title : Activity Log Wordpress Plugin Stored Cross Site Scripting XSS Date: 25-02-2018 Exploit Author : Stefan Broeder Contact : https://twitter.com/stefanbroeder Vendor Homepage: https://pojo.me Software Link: https://wordpress.org/plugins/aryo-activity-log/ Version: 2.4.0 CVE :...

6.1CVSS6.3AI score0.0563EPSS
Exploits7
Exploit DB
Exploit DB
•added 2018/04/05 12:0 a.m.•45 views

GetSimple CMS 3.3.13 - Cross-Site Scripting

Exploit Title: GetSimple CMS 3.3.13 - Cross Site Scripting Vulnerability Google Dork: N/A Date: 03-04-2018 Exploit Author: Sureshbabu Narvaneni Author Blog : http://nullnews.in Vendor Homepage: http://get-simple.info/ Software Link: http://get-simple.info/download/ Affected Version: 3.3.13...

6.1CVSS7AI score0.02496EPSS
Exploits5
Exploit DB
Exploit DB
•added 2018/04/05 12:0 a.m.•102 views

Microsoft Windows Defender - 'mpengine.dll' Memory Corruption

Windows Defender inspects a variety of different archive formats, among others RAR. Inspection of mpengine.dll revealed that the code responsible for processing RAR archives appears to be a forked and modified version of the original unrar code; given that it still processes the VMSFUPCASE filter...

10CVSS7AI score0.10027EPSS
Exploits4
Exploit DB
Exploit DB
•added 2018/04/05 12:0 a.m.•27 views

Microsoft Windows - Multiple Use-After-Free Issues in jscript Array Methods

!-- There are multiple use-after-free issues in Array methods in jscript. When jscript executes an Array method such as Array.join, it first retrieves the length of an array. If the input is not an array but an object, then the length property of the object is going to be retrieved and converted ...

7AI score
Exploits0
Exploit DB
Exploit DB
•added 2018/04/05 12:0 a.m.•57 views

Z-Blog 1.5.1.1740 - Cross-Site Scripting

Exploit Title: Z-Blog 1.5.1.1740 XSS Vulnerability Date: 2018-04-03 Exploit Author: zzw [email protected] Vendor Homepage: https://www.zblogcn.com/ Software Link: https://github.com/zblogcn/zblogphp Version: 1.5.1.1740 CVE : CVE-2018-7736 This is a XSS vulnerability than can attack the users. poc:...

6.1CVSS6.3AI score0.03324EPSS
Exploits5
Exploit DB
Exploit DB
•added 2018/04/05 12:0 a.m.•47 views

YzmCMS 3.6 - Cross-Site Scripting

Exploit Title: YzmCMS 3.6 XSS Vulnerability Date: 2018-04-03 Exploit Author: zzw [email protected] Vendor Homepage: http://www.yzmcms.com/ Software Link: http://www.yzmcms.com/ Version: 3.6 CVE : CVE-2018-7653 This is a XSS vulnerability than can attack the users. poc:...

6.1CVSS6.3AI score0.08686EPSS
Exploits5
Exploit DB
Exploit DB
•added 2018/04/05 12:0 a.m.•39 views

MyBB Plugin Downloads 2.0.3 - Cross-Site Scripting

Exploit Title: MyBB Downloads Plugin v2.0.3 - Persistent XSS Date: 3/28/18 Author: 0xB9 Contact: luxorforums.com/User-0xB9 or 0xB9atprotonmail.com Software Link: https://community.mybb.com/mods.php?action=view&pid=854 Version: 2.0.3 Tested on: Ubuntu 17.10 1. Description: It is a plugin which add...

7.4AI score
Exploits0
Exploit DB
Exploit DB
•added 2018/04/05 12:0 a.m.•54 views

Joomla! Component JS Jobs 1.2.0 - Cross-Site Scripting

Exploit Title: Joomla! Component JS Jobs 1.2.0 - Cross Site Scripting Google Dork: N/A Date: 03-04-2018 Exploit Author: Sureshbabu Narvaneni Author Blog : http://nullnews.in Vendor Homepage: https://www.joomsky.com/products/js-jobs.html Software Link: https://www.joomsky.com/5/download/1.html...

5.4CVSS5.5AI score0.02314EPSS
Exploits5
Exploit DB
Exploit DB
•added 2018/04/05 12:0 a.m.•48 views

WebRTC - Private IP Leakage (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "Private IP Leakage to WebPage using WebRTC Function.", 'Description' = %q This module exploits a vulnerability in browsers using well-known...

4.3CVSS7.4AI score0.30144EPSS
Exploits7
Exploit DB
Exploit DB
•added 2018/04/04 12:0 a.m.•43 views

ProcessMaker - Plugin Upload (Metasploit)

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'ProcessMaker Plugin Upload', 'Description' = %q This module will generate and upload a plugin to ProcessMaker resulting in execution of PHP code a...

7.4AI score
Exploits0
Exploit DB
Exploit DB
•added 2018/04/03 12:0 a.m.•29 views

Google Chrome V8 - 'ElementsAccessorBase::CollectValuesOrEntriesImpl' Type Confusion

/ Here's a snippet of the method. https://cs.chromium.org/chromium/src/v8/src/elements.cc?rcl=3cbf26e8a21aa76703d2c3c51adb9c96119500da&l=1051 static Maybe CollectValuesOrEntriesImpl Isolate isolate, Handle object, Handle valuesorentries, bool getentries, int nofitems, PropertyFilter filter ... fo...

7.4AI score
Exploits0
Exploit DB
Exploit DB
•added 2018/04/03 12:0 a.m.•36 views

Microsoft Edge Chakra JIT - Stack-to-Heap Copy (Incomplete Fix) (2)

/ Here's a snippet of JavascriptArray::BoxStackInstance. template T JavascriptArray::BoxStackInstanceT instance, bool deepCopy AssertThreadContext::IsOnStackinstance; // On the stack, the we reserved a pointer before the object as to store the boxed value T boxedInstanceRef = T instance - 1; T...

7.4AI score
Exploits0
Exploit DB
Exploit DB
•added 2018/04/03 12:0 a.m.•42 views

Google Chrome V8 - 'Genesis::InitializeGlobal' Out-of-Bounds Read/Write

/ Bug: The Genesis::InitializeGlobal method initializes the constructor of RegExp as follows: // Builtin functions for RegExp.prototype. Handle regexpfun = InstallFunction global, "RegExp", JSREGEXPTYPE, JSRegExp::kSize + JSRegExp::kInObjectFieldCount kPointerSize, JSRegExp::kInObjectFieldCount,...

7.4AI score
Exploits0
Exploit DB
Exploit DB
•added 2018/04/03 12:0 a.m.•36 views

Microsoft Edge Chakra JIT - Stack-to-Heap Copy (Incomplete Fix) (1)

/ Here's a snippet of JavascriptArray::BoxStackInstance. To fix issue 1420 , "deepCopy" was introduced. But it only deep-copies the array when "instance-head" is on the stack. So simply by adding a single line of code that allocates "head" to the heap, we can bypass the fix. template T...

7.4AI score
Exploits0
Exploit DB
Exploit DB
•added 2018/04/02 12:0 a.m.•45 views

OpenCMS 10.5.3 - Cross-Site Request Forgery

Exploit Title: OpenCMS 10.5.3 Multiple Cross Site Request Forgery Vulnerabilities Injection Google Dork: N/A Date: 02-04-2018 Exploit Author: Sureshbabu Narvaneni Author Blog : http://nullnews.in Vendor Homepage: http://www.opencms.org/en/ Software Link:...

8.8CVSS8.8AI score0.02228EPSS
Exploits5
Exploit DB
Exploit DB
•added 2018/04/02 12:0 a.m.•51 views

Secutech RiS-11/RiS-22/RiS-33 - Remote DNS Change

Secutech RiS-11/RiS-22/RiS-33 V5.07.52esFRI01 Remote DNS Change PoC Copyright 2018 c Todor Donev https://ethical-hacker.org/ https://facebook.com/ethicalhackerorg Once modified, systems use foreign DNS servers, which are usually set up by cybercriminals. Users with vulnerable systems or devices w...

7AI score
Exploits0
Exploit DB
Exploit DB
•added 2018/04/02 12:0 a.m.•43 views

LifeSize ClearSea 3.1.4 - Directory Traversal

''' Tittle: LifeSize ClearSea 3.1.4 Directory Traversal Vulnerabilities Author: rsp3ar Impact: Remote Code Execution Post-Authentication Recommendation: Use strong password for default 'admin' user and secure management access to the device. Please consult vendor for replacement/alternative...

7.4AI score
Exploits0
Total number of security vulnerabilities47904