Lucene search
K
ExploitdbRecent

47904 matches found

Exploit DB
Exploit DB
•added 2018/03/23 12:0 a.m.•27 views

WM Recorder 16.8.1 - Denial of Service

!/usr/bin/python Exploit Author: bzyo Twitter: @bzyo Exploit Title: WM Recorder 16.8.1 - Denial of Service Date: 03-20-2018 Vulnerable Software: WM Recorder 16.8.1 Vendor Homepage: http://wmrecorder.com/home/ Version: 16.8.1 Software Link: http://wmrecorder.com/download/wm-recorder/ Tested On:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
•added 2018/03/23 12:0 a.m.•18 views

Linux/x86 - EggHunter + Null-Free Shellcode (11 Bytes)

Linux/x86 - EggHunter + Null-Free Shellcode 11 Bytes. Shellcode exploit for Linuxx86 platform / Title: Linux/x86 - EggHunter Shellcode 11 Bytes Author: Anurag Srivastava Tested on: i686 GNU/Linux Shellcode Length: 11 Description: Smallest Null-Free Egg Hunter Shellcode - 11 Bytes Details: 1. Work...

Exploits0
Exploit DB
Exploit DB
•added 2018/03/23 12:0 a.m.•37 views

Easy Avi Divx Xvid to DVD Burner 2.9.11 - '.avi' Denial of Service

!/usr/bin/python Exploit Title : Easy Avi Divx Xvid to DVD Burner v2.9.11 - Local Denial of Service Exploit Author : Hashim Jawad Twitter : @ihack4falafel Author Website : ihack4falafel.com Vendor Homepage : http://www.divxtodvd.net/index.htm Vulnerable Software:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
•added 2018/03/23 12:0 a.m.•67 views

Android Bluetooth - BNEP bnep_data_ind() Remote Heap Disclosure

import os import sys import struct import bluetooth BNEPPSM = 15 BNEPFRAMECOMPRESSEDETHERNET = 0x02 LEAKATTEMPTS = 20 def leaksrcbdaddr, dst: bnep = bluetooth.BluetoothSocketbluetooth.L2CAP bnep.settimeout5 bnep.bindsrcbdaddr, 0 print 'Connecting to BNEP...' bnep.connectdst, BNEPPSM...

7.4AI score
Exploits0
Exploit DB
Exploit DB
•added 2018/03/23 12:0 a.m.•32 views

Dell EMC NetWorker - Denial of Service

''' Exploit Title: Dell EMC NetWorker DoS PoC Date: 18.03.2018 Exploit Author: Marek Cybul Vendor Homepage: https://www.emc.com/data-protection/networker.htm Versions: Dell EMC NetWorker versions prior to 9.2.1.1 Dell EMC NetWorker versions prior to 9.1.1.6 Dell EMC NetWorker 9.0.x Dell EMC...

7.5CVSS7.6AI score0.13954EPSS
Exploits5
Exploit DB
Exploit DB
•added 2018/03/23 12:0 a.m.•44 views

Allok Quicktime to AVI MPEG DVD Converter 4.6.1217 - Stack-Based Buffer Overflow

SWAMI KARUPASAMI THUNAI Exploit Title: Allok Video Converter - Buffer Overflow Vulnerability Windows XP SP3 Date: 06-03-2018 Exploit Author: Mohan Ravichandran & Velayutham Selvaraj Organization : TwinTech Solutions Vulnerable Software: Allok Video Converter Vendor Homepage:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
•added 2018/03/23 12:0 a.m.•45 views

MyBB Plugin Last User's Threads in Profile Plugin 1.2 - Persistent Cross-Site Scripting

Exploit Title: MyBB Last User's Threads in Profile Plugin v1.2 - Persistent XSS Date: 3/19/2018 Author: 0xB9 Contact: luxorforums.com/User-0xB9 or 0xB9atprotonmail.com Software Link: https://community.mybb.com/mods.php?action=view&pid=910 Version: v1.2 Tested on: Ubuntu 17.10 1. Description:...

7AI score
Exploits0
Exploit DB
Exploit DB
•added 2018/03/23 12:0 a.m.•38 views

TL-WR720N 150Mbps Wireless N Router - Cross-Site Request Forgery

/ Exploit Title: TL-WR720N 150Mbps Wireless N Router - CSRF Date: 21-3-2018 Exploit Author: Mans van Someren Vendor Homepage: https://www.tp-link.com/ Software Link: https://static.tp-link.com/resources/software/TL-WR720NV1130719.zip Version: All versions because its a 0day Testen on: Google Chro...

7.4AI score
Exploits0
Exploit DB
Exploit DB
•added 2018/03/23 12:0 a.m.•150 views

WordPress Plugin Site Editor 1.1.1 - Local File Inclusion

Product: Site Editor Wordpress Plugin - https://wordpress.org/plugins/site-editor/ Vendor: Site Editor Tested version: 1.1.1 CVE ID: CVE-2018-7422 CVE description A Local File Inclusion vulnerability in the Site Editor plugin through 1.1.1 for WordPress allows remote attackers to retrieve arbitra...

7.5CVSS7.6AI score0.63102EPSS
Exploits7
Exploit DB
Exploit DB
•added 2018/03/23 12:0 a.m.•28 views

Easy CD DVD Copy 1.3.24 - Local Buffer Overflow (SEH)

!/usr/bin/python Exploit Title : Easy CD DVD Copy v1.3.24 - Local Buffer Overflow SEH Exploit Author : Hashim Jawad Twitter : @ihack4falafel Author Website : ihack4falafel.com Vendor Homepage : http://www.divxtodvd.net/index.htm Vulnerable Software: http://www.divxtodvd.net/easycddvdcopy.exe Test...

7.4AI score
Exploits0
Exploit DB
Exploit DB
•added 2018/03/23 12:0 a.m.•112 views

Hikvision IP Camera versions 5.2.0 - 5.3.9 (Builds 140721 < 170109) - Access Control Bypass

Exploit Title: Hikvision IP Camera versions 5.2.0 - 5.3.9 Builds: 140721 - 170109 Backdoor Date: 15-03-2018 Vendor Homepage: http://www.hikvision.com/en/ Exploit Author: Matamorphosis Category: Web Apps Description: Exploits a backdoor in Hikvision camera firmware versions 5.2.0 - 5.3.9 Builds:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
•added 2018/03/23 12:0 a.m.•50 views

Android Bluetooth - BNEP BNEP_SETUP_CONNECTION_REQUEST_MSG Out-of-Bounds Read

import os import sys import struct import bluetooth BNEPPSM = 15 BNEPFRAMECONTROL = 0x01 Control types parsed by bnepprocesscontrolpacket in bneputils.cc BNEPSETUPCONNECTIONREQUESTMSG = 0x01 def oobreadsrcbdaddr, dst: bnep = bluetooth.BluetoothSocketbluetooth.L2CAP bnep.settimeout5...

7.4AI score
Exploits0
Exploit DB
Exploit DB
•added 2018/03/23 12:0 a.m.•28 views

Crashmail 1.6 - Stack-Based Buffer Overflow (ROP)

Exploit author: Juan Sacco Website: http://exploitpack.com Description: Crashmail is prone to a stack-based buffer overflow because the application fails to perform adequate boundary checks on user supplied input. Impact: An attacker could exploit this vulnerability to execute arbitrary code in t...

7AI score
Exploits0
Exploit DB
Exploit DB
•added 2018/03/23 12:0 a.m.•246 views

XenForo 2 - CSS Loader Denial of Service

Exploit Title: XenForo CSS Loader DoS Google Dork: intext:"Forum software by XenForoâ„¢" inurl:css.php ext:php Date: 22-03-18 Exploit Author: LockedByte Vendor Homepage: https://xenforo.com/ Software Link: https://xenforo.com/help/installation/ Version: XenForo 2 Tested on: Linux...

7.4AI score
Exploits0
Exploit DB
Exploit DB
•added 2018/03/22 12:0 a.m.•70 views

Linux Kernel < 4.15.4 - 'show_floppy' KASLR Address Leak

include include include include include include include include include include static int driveselectorint head return head 2; void fdrecalibrateint fd struct floppyrawcmd rawcmd; int tmp; rawcmd.flags = FDRAWINTR; rawcmd.cmdcount = 2; // set up the command rawcmd.cmdrawcmd.cmdcount++ = 0x07;...

7.4AI score
Exploits0
Exploit DB
Exploit DB
•added 2018/03/20 12:0 a.m.•3341 views

OpenSSH < 6.6 SFTP - Command Execution

OpenSSH 8 else 32 print "+ bit libc mapped @ -, path: ".formatBITS, addr0, addr1, path libcbase = intaddr0, 16 libcpath = path if "stack" in line: addr = addr.split"-" saddrstart = intaddr0, 16 saddrend = intaddr1, 16 print "+ Stack mapped @ -".formataddr0,...

7.4AI score
Exploits0
Exploit DB
Exploit DB
•added 2018/03/20 12:0 a.m.•61 views

Cisco node-jos < 0.11.0 - Re-sign Tokens

!/usr/bin/env python3 import base64 from urllib.parse import quoteplus import rsa import sys zi0Black ''' EDB Note: This has been updated https://github.com/offensive-security/exploitdb/pull/139 POC of CVE-2018-0114 Cisco node-jose = 8 return b::-1 def generateheaderpayloadpayload,pubkey: create...

7.5CVSS7.5AI score0.42651EPSS
Exploits6
Exploit DB
Exploit DB
•added 2018/03/20 12:0 a.m.•47 views

Coship RT3052 Wireless Router - Persistent Cross-Site Scripting

Exploit Title: Coship RT3052 Wireless Router - Persistent Cross Site Scripting XSS Date: 2018-03-18 Exploit Author: Sayan Chatterjee Vendor Homepage: http://en.coship.com/ Category: Hardware Wifi Router Version: 4.0.0.48 Tested on: Windows 10 CVE: CVE-2018-8772 Proof of Concept =================...

6.1CVSS6.4AI score0.01849EPSS
Exploits3
Exploit DB
Exploit DB
•added 2018/03/20 12:0 a.m.•41 views

Vehicle Sales Management System - Multiple Vulnerabilities

Exploit Title: VSMS Multiple Vulnerabilities Google Dork: N/A Date: 16-3-2018 Exploit Author: Sing Vendor Homepage: https://sourceforge.net/projects/vsms-php/?source=typredirect Software Link: https://sourceforge.net/projects/vsms-php/?source=typredirect Version: 07/2017 possible v1.2 Tested on:...

9.8CVSS7AI score0.02127EPSS
Exploits4
Exploit DB
Exploit DB
•added 2018/03/20 12:0 a.m.•37 views

Google Software Updater macOS - Unsafe use of Distributed Objects Privilege Escalation

/ Google software updater ships with Chrome on MacOS and installs a root service com.google.Keystone.Daemon.UpdateEngine which lives here: /Library/Google/GoogleSoftwareUpdate/GoogleSoftwareUpdate.bundle/Contents/MacOS/GoogleSoftwareUpdateDaemon This service vends a Distributed Object which expos...

7.4AI score
Exploits0
Exploit DB
Exploit DB
•added 2018/03/20 12:0 a.m.•29 views

Microsoft Windows Kernel - 'NtQueryVirtualMemory(MemoryMappedFilenameInformation)' 64-bit Pool Memory Disclosure

/ We have discovered that the nt!NtQueryVirtualMemory system call invoked with the 2 information class MemoryMappedFilenameInformation discloses portions of uninitialized kernel pool memory to user-mode clients. The vulnerability affects 64-bit versions of Windows 7 to 10. The output buffer for...

7.4AI score
Exploits0
Exploit DB
Exploit DB
•added 2018/03/20 12:0 a.m.•41 views

Microsoft Windows Kernel - 'nt!NtWaitForDebugEvent' 64-bit Stack Memory Disclosure

/ We have discovered that the nt!NtWaitForDebugEvent system call discloses portions of uninitialized kernel stack memory to user-mode clients, on 64-bit versions of Windows 7 to Windows 10. The output buffer, and the corresponding temporary stack-based buffer in the kernel are 0xB8 184 bytes in...

7.4AI score
Exploits0
Exploit DB
Exploit DB
•added 2018/03/20 12:0 a.m.•44 views

Intelbras Telefone IP TIP200 LITE - Local File Disclosure

Exploit Title: INTELBRAS TELEFONE IP TIP200/200 LITE Local File Include Google Dork: Date: 16/03/2018 Exploit Author: Matheus Goncalves - anhax0r Vendor Homepage: https://www.facebook.com/anhaxteam/ Software Link: Version: 60.0.75.29 REQUIRED Tested on: Debian CVE : if applicable Remember that yo...

7.4AI score
Exploits0
Exploit DB
Exploit DB
•added 2018/03/20 12:0 a.m.•62 views

Microsoft Windows - Desktop Bridge Virtual Registry Arbitrary File Read/Write Privilege Escalation

Windows: Windows: Desktop Bridge Virtual Registry Arbitrary File Read/Write EoP Platform: Windows 1709 not tested earlier version Class: Elevation of Privilege Summary: The handling of the virtual registry for desktop bridge applications can allow an application to create arbitrary files as syste...

7.4AI score
Exploits0
Exploit DB
Exploit DB
•added 2018/03/20 12:0 a.m.•46 views

Microsoft Windows Kernel - 'nt!KiDispatchException' 64-bit Stack Memory Disclosure

/ We have discovered a new Windows kernel memory disclosure vulnerability in the creation and copying of a EXCEPTIONRECORD structure to user-mode memory while passing execution to a user-mode exception handler. The vulnerability affects 64-bit versions of Windows 7 to 10. The leak was originally...

7AI score
Exploits0
Exploit DB
Exploit DB
•added 2018/03/20 12:0 a.m.•59 views

Microsoft Windows - Desktop Bridge VFS Privilege Escalation

Windows: Windows: Desktop Bridge VFS EoP Platform: Windows 1709 not tested earlier version Class: Elevation of Privilege Summary: The handling of the VFS for desktop bridge applications can allow an application to create virtual files in system folder which can result in EoP. Description: The...

7AI score
Exploits0
Exploit DB
Exploit DB
•added 2018/03/20 12:0 a.m.•61 views

Microsoft Windows Kernel - 'NtQueryInformationThread(ThreadBasicInformation)' 64-bit Stack Memory Disclosure

/ We have discovered that the nt!NtQueryInformationThread system call invoked with the 0 information class ThreadBasicInformation discloses portions of uninitialized kernel stack memory to user-mode clients. The vulnerability affects 64-bit versions of Windows 7 to 10. The specific layout of the...

7.4AI score
Exploits0
Exploit DB
Exploit DB
•added 2018/03/20 12:0 a.m.•503 views

Linux/x86 - execve(/bin/sh) Shellcode (18 bytes)

Linux/x86 - execve/bin/sh Shellcode 18 bytes. Shellcode exploit for Linuxx86 platform / Linux/x86 - execve /bin/sh shellcode 18 bytes Author: Anurag Srivastava Tested on: i686 GNU/Linux Shellcode Length: 18 Disassembly of section .text: 08048060 : 8048060: 6a 0b push 0xb 8048062: 58 pop eax...

7.4AI score
Exploits0
Exploit DB
Exploit DB
•added 2018/03/20 12:0 a.m.•29 views

Internet Explorer - 'RegExp.lastMatch' Memory Disclosure

/ There is a vulnerability in Internet Explorer that could potentially be used for memory disclosure. This was tested on IE11 running on Window 7 64-bit with the latest patches applied. PoC: ========================================= / function main RegExp.input = toString: f; alertRegExp.lastMatc...

7.4AI score
Exploits0
Exploit DB
Exploit DB
•added 2018/03/20 12:0 a.m.•31 views

Microsoft Windows - Desktop Bridge Virtual Registry NtLoadKey Arbitrary File Read/Write Privilege Escalation

Windows: Desktop Bridge Virtual Registry NtLoadKey Arbitrary File Read/Write EoP Platform: Windows 1703 version 1709 seems to have fixed this bug Class: Elevation of Privilege Summary: The handling of the virtual registry NtLoadKey callback reloads registry hives insecurely leading to arbitrary...

7.4AI score
Exploits0
Exploit DB
Exploit DB
•added 2018/03/20 12:0 a.m.•46 views

Kamailio 5.1.1 / 5.1.0 / 5.0.0 - Off-by-One Heap Overflow

''' Off-by-one heap overflow in Kamailio - Authors: - Alfred Farrugia - Sandro Gauci - Fixed versions: Kamailio v5.1.2, v5.0.6 and v4.4.7 - References: no CVE assigned yet - Enable Security Advisory: - Tested vulnerable versions: 5.1.1, 5.1.0, 5.0.0 - Timeline: - Report date: 2018-02-10 - Kamaili...

7.4AI score
Exploits0
Exploit DB
Exploit DB
•added 2018/03/16 12:0 a.m.•547 views

Linux Kernel < 4.4.0-116 (Ubuntu 16.04.4) - Local Privilege Escalation

/ Ubuntu 16.04.4 kernel priv esc all credits to @bleidl - vnik / // Tested on: // 4.4.0-116-generic 140-Ubuntu SMP Mon Feb 12 21:23:04 UTC 2018 x8664 // if different kernel adjust CRED offset + check kernel stack size include include include include include include include include include include...

7.4AI score
Exploits0
Exploit DB
Exploit DB
•added 2018/03/16 12:0 a.m.•54 views

Unitrends UEB 10.0 - Root Remote Code Execution

Exploit Title: Unauthenticated root RCE for Unitrends UEB 10.0 Date: 10/17/2017 Exploit Authors: Cale Smith, Benny Husted, Jared Arave Contact: https://twitter.com/iotennui || https://twitter.com/BennyHusted || https://twitter.com/0xC413 Vendor Homepage: https://www.unitrends.com/ Software Link:...

10CVSS7AI score0.6552EPSS
Exploits11
Exploit DB
Exploit DB
•added 2018/03/16 12:0 a.m.•154 views

Firefox 44.0.2 - ASM.JS JIT-Spray Remote Code Execution

46.0.1 -- CVE-2016-1960 and ASM.JS JIT-Spray "use strict" var Exploit = function this.asmjs = new Asmjs this.heap = new Heap Exploit.prototype.go = function / target address of fake node object / var nodetargetaddr = 0x20200000 / target address of asm.js float pool payload/...

9.8CVSS8.1AI score0.33199EPSS
Exploits17
Exploit DB
Exploit DB
•added 2018/03/16 12:0 a.m.•63 views

Firefox 46.0.1 - ASM.JS JIT-Spray Remote Code Execution

CVE-2016-2819 and ASM.JS JIT-Spray "use strict" var Exploit = function this.asmjs = new Asmjs this.heap = new Heap Exploit.prototype.go = function / target address of fake node object / var nodetargetaddr = 0x5a500000 / target address of asm.js float pool payload/ var targeteip = 0x20200b58 / spr...

9.8CVSS9.7AI score0.33199EPSS
Exploits13
Exploit DB
Exploit DB
•added 2018/03/16 12:0 a.m.•43 views

Contec Smart Home 4.15 - Unauthorized Password Reset

Title : Contec smart home 4.15 Unauthorized Password Reset Shodan Dork : "content/smarthome.php" Vendor Homepage : http://contec.co.il Tested on : Google Chrome Tested version : 4.15 Date : 2018-03-14 Author : Z3ro0ne Contact : [email protected] Facebook Page : https://www.facebook.com/Z3ro0...

7.4AI score
Exploits0
Exploit DB
Exploit DB
•added 2018/03/15 12:0 a.m.•154 views

Microsoft Windows Kernel (7 x86) - Local Privilege Escalation (MS17-017)

include include include include pragma commentlib, "psapi.lib" define POCDEBUG 0 if POCDEBUG == 1 define POCDEBUGBREAK getchar elif POCDEBUG == 2 define POCDEBUGBREAK DebugBreak else define POCDEBUGBREAK endif CONST LONG maxTimes = 2000; CONST LONG tmpTimes = 3000; static HBITMAP hbitmapmaxTimes ...

7.8CVSS7.8AI score0.57482EPSS
Exploits3
Exploit DB
Exploit DB
•added 2018/03/15 12:0 a.m.•38 views

Android DRM Services - Buffer Overflow

include include include include include include include include include include using namespace android; static sp getCrypto sp sm = defaultServiceManager; sp binder = sm-getServiceString16"media.drm"; sp service = interfacecastbinder; if service == NULL fprintfstderr, "Failed to retrieve...

7.4AI score
Exploits0
Exploit DB
Exploit DB
•added 2018/03/15 12:0 a.m.•143 views

MikroTik RouterOS < 6.41.3/6.42rc27 - SMB Buffer Overflow

!/usr/bin/env python import socket import struct import sys import telnetlib NETBIOSSESSIONMESSAGE = "\x00" NETBIOSSESSIONREQUEST = "\x81" NETBIOSSESSIONFLAGS = "\x00" trick from http://shell-storm.org/shellcode/files/shellcode-881.php will place the socket file descriptor in eax findsockfd =...

7.4AI score
Exploits0
Exploit DB
Exploit DB
•added 2018/03/15 12:0 a.m.•66 views

Spring Data REST < 2.6.9 (Ingalls SR9) / 3.0.1 (Kay SR1) - PATCH Request Remote Code Execution

// Exploit Title: RCE in PATCH requests in Spring Data REST // Date: 2018-03-10 // Exploit Author: Antonio Francesco Sardella // Vendor Homepage: https://pivotal.io/ // Software Link: https://projects.spring.io/spring-data-rest/ // Version: Spring Data REST versions prior to 2.6.9 Ingalls SR9,...

9.8CVSS7.6AI score0.74355EPSS
Exploits8
Exploit DB
Exploit DB
•added 2018/03/15 12:0 a.m.•44 views

WordPress Plugin Duplicator 1.2.32 - Cross-Site Scripting

Exploit Title : Duplicator Wordpress Migration Plugin Reflected Cross Site Scripting XSS Date: 25-02-2018 Exploit Author : Stefan Broeder Contact : https://twitter.com/stefanbroeder Vendor Homepage: https://snapcreek.com/ Software Link: https://wordpress.org/plugins/duplicator/ Version: 1.2.32 CV...

6.1CVSS6.5AI score0.03495EPSS
Exploits5
Exploit DB
Exploit DB
•added 2018/03/14 12:0 a.m.•77 views

SAP NetWeaver AS JAVA CRM - Log injection Remote Command Execution

!/usr/bin/env python import argparse import urllib import requests, random from bs4 import BeautifulSoup from requests.packages.urllib3.exceptions import InsecureRequestWarning requests.packages.urllib3.disablewarningsInsecureRequestWarning helpdesc = ''' PoC of Remote Command Execution via Log...

6.6CVSS7AI score0.28892EPSS
Exploits5
Exploit DB
Exploit DB
•added 2018/03/13 12:0 a.m.•50 views

Tuleap 9.17.99.189 - Blind SQL Injection

=============================================================================== title: Tuleap SQL Injection case id: CM-2018-01 product: Tuleap version 9.17.99.189 vulnerability type: Blind SQL injection - time based severity: High found: 2018-02-24 by: Cristiano Maruti @cmaruti...

9.8CVSS9.8AI score0.04462EPSS
Exploits6
Exploit DB
Exploit DB
•added 2018/03/13 12:0 a.m.•64 views

SecurEnvoy SecurMail 9.1.501 - Multiple Vulnerabilities

SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Multiple Critical Vulnerabilities product: SecurEnvoy SecurMail vulnerable version: 9.1.501 fixed version: 9.2.501 or hotfix patch "1012018" CVE number: CVE-2018-7701,...

9.1CVSS6.9AI score0.14717EPSS
Exploits10
Exploit DB
Exploit DB
•added 2018/03/12 12:0 a.m.•39 views

ManageEngine Applications Manager 13.5 - Remote Code Execution (Metasploit)

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "ManageEngine Applications Manager Remote Code Execution", 'Description' = %q This module exploits command injection vulnerability in the...

10CVSS7.4AI score0.78815EPSS
Exploits8
Exploit DB
Exploit DB
•added 2018/03/12 12:0 a.m.•54 views

MikroTik RouterOS < 6.38.4 (x86) - 'Chimay Red' Stack Clash Remote Code Execution

!/usr/bin/env python2 Mikrotik Chimay Red Stack Clash Exploit by wsxarcher based on BigNerd95 POC tested on RouterOS 6.38.4 x86 ASLR enabled on libs only DEP enabled import socket, time, sys, struct from pwn import import ropgadget ASTSTACKSIZE = 0x800000 default stack size per thread 8 MB...

7.4AI score
Exploits0
Exploit DB
Exploit DB
•added 2018/03/12 12:0 a.m.•38 views

ACL Analytics 11.X - 13.0.0.579 - Arbitrary Code Execution

Exploit Title: Arbitrary Code Execution Google Dork: N/A Date: 03-07-2018 Exploit Author: Clutchisback1 Vendor Homepage: https://www.acl.com Software Link: https://www.acl.com/products/acl-analytics/ Version: 11.x - 13.0.0.579 Tested on: Windows 7 pro SP1 x86 Clutchisback1 ///\ I'll get OSCP one...

7.4AI score
Exploits0
Exploit DB
Exploit DB
•added 2018/03/12 12:0 a.m.•59 views

MikroTik RouterOS < 6.38.4 (MIPSBE) - 'Chimay Red' Stack Clash Remote Code Execution

!/usr/bin/env python3 Mikrotik Chimay Red Stack Clash Exploit by BigNerd95 Tested on RouterOS 6.38.4 mipsbe using a CRS109 Used tools: pwndbg, rasm2, mipsrop for IDA I used ropper only to automatically find gadgets ASLR enabled on libs only DEP NOT enabled import socket, time, sys, struct, re fro...

7.4AI score
Exploits0
Exploit DB
Exploit DB
•added 2018/03/12 12:0 a.m.•37 views

Prisma Industriale Checkweigher PrismaWEB 1.21 - Hard-Coded Credentials

Prisma Industriale Checkweigher PrismaWEB 1.21 Authentication Bypass Vendor: Prisma Industriale S.r.l. Product web page: https://www.prismaindustriale.com Affected version: 1.0 Rev 21, EPROM 202FWSAM ?? Summary: Web Administration of Machine. Desc: The vulnerability exists due to the disclosure o...

7.4AI score
Exploits0
Exploit DB
Exploit DB
•added 2018/03/12 12:0 a.m.•50 views

DEWESoft X3 SP1 (x64) - Remote Command Execution

Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/DEWESOFT-X3-REMOTE-INTERNAL-COMMAND-ACCESS.txt + ISR: Apparition Security Vendor: ============= www.dewesoft.com Product: =========== DEWESoft X3 SP1 64-bit installer - X3...

10CVSS9.8AI score0.62469EPSS
Exploits5
Total number of security vulnerabilities47904