Lucene search
K
ExploitdbRecent

47904 matches found

Exploit DB
Exploit DB
added 2018/03/12 12:0 a.m.56 views

TextPattern 4.6.2 - 'qty' SQL Injection

============================================= MGC ALERT 2018-002 - Original release date: February 12, 2018 - Last revised: March 12, 2018 - Discovered by: Manuel García Cárdenas - Severity: 7,1/10 CVSS Base Score - CVE-ID: CVE-2018-7474 ============================================= I...

9.8CVSS9.8AI score0.06588EPSS
Exploits5
Exploit DB
Exploit DB
added 2018/03/12 12:0 a.m.34 views

Eclipse Equinoxe OSGi Console - Command Execution (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'base64' class MetasploitModule 'Eclipse Equinoxe OSGi Console Command Execution', 'Description' = %q Exploit Eclipse Equinoxe OSGi Open Service Gateway initiati...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/03/12 12:0 a.m.62 views

Advantech WebAccess < 8.3 - Directory Traversal / Remote Code Execution

!/usr/bin/python2.7 Exploit Title: Advantech WebAccess 8.3 webvrpcs Directory Traversal RCE Vulnerability Date: 03-11-2018 Exploit Author: Chris Lyne @lynerc Vendor Homepage: www.advantech.com Software Link:...

10CVSS9.8AI score0.50321EPSS
Exploits5
Exploit DB
Exploit DB
added 2018/03/12 12:0 a.m.30 views

SC 7.16 - Stack-Based Buffer Overflow

Exploit Author: Juan Sacco - http://www.exploitpack.com Bug found using Exploit Pack - Local fuzzer feature. Tested on: GNU/Linux - Kali Linux Filename: pool/main/s/sc/sc7.16-4+b2i386.deb Description: SC v7.16 is prone to a basic stack-based buffer overflow vulnerability because the application...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/03/12 12:0 a.m.54 views

Allok QuickTime to AVI MPEG DVD Converter 3.6.1217 - Buffer Overflow

Exploit Title: Allok Video Converter - Buffer Overflow Vulnerability Windows XP SP3 Date: 06-03-2018 Exploit Author: Mohan Ravichandran & Velayutham Selvaraj Organization : TwinTech Solutions Vulnerable Software: Allok Video Converter Vendor Homepage: http://www.alloksoft.com Version: 4.6.1217...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/03/10 12:0 a.m.43 views

Sony Playstation 4 (PS4) 4.55 < 5.50 - WebKit Code Execution (PoC)

window.didload = 0; window.didpost = 0; window.onload = function window.didload = 1; if window.didpost == 1 window.stage2; window.postExpl = function window.didpost = 1; if window.didload == 1 window.stage2; function makeid var text = ""; var possible =...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/03/09 12:0 a.m.39 views

Bacula-Web < 8.0.0-rc2 - SQL Injection

Exploit Title: Multiple SQL injection vulnerabilities in Bacula-Web Date: 2018-03-07 Software Link: http://bacula-web.org/ Exploit Author: Gustavo Sorondo Contact: http://twitter.com/iampuky Website: http://cintainfinita.com/ CVE: CVE-2017-15367 Category: webapps 1. Description Bacula-web before...

9.8CVSS9.8AI score0.23471EPSS
Exploits5
Exploit DB
Exploit DB
added 2018/03/09 12:0 a.m.47 views

WebLog Expert Enterprise 9.4 - Denial of Service

Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/WEBLOG-EXPERT-WEB-SERVER-ENTERPRISE-v9.4-DENIAL-OF-SERVICE.txt + ISR: Apparition Security Vendor: ======= www.weblogexpert.com Product: ========= WebLog Expert Web Server...

7.5CVSS7.8AI score0.37636EPSS
Exploits5
Exploit DB
Exploit DB
added 2018/03/09 12:0 a.m.43 views

WebLog Expert Enterprise 9.4 - Authentication Bypass

Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/WEBLOG-EXPERT-WEB-SERVER-ENTERPRISE-v9.4-AUTHENTICATION-BYPASS.txt + ISR: Apparition Security Vendor: ======== www.weblogexpert.com Product: ======== WebLog Expert Web Server...

7.8CVSS7.9AI score0.01127EPSS
Exploits5
Exploit DB
Exploit DB
added 2018/03/08 12:0 a.m.43 views

Memcached 1.5.5 - 'Memcrashed ' Insufficient Control of Network Message Volume Denial of Service With Shodan API

-- coding: utf8 -- !/usr/bin/python Download: https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/44265.zip import sys, os, time, shodan from pathlib import Path from scapy.all import from contextlib import contextmanager starttime=time.time @contextmanager def...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/03/07 12:0 a.m.31 views

Redaxo CMS Addon MyEvents 2.2.1 - SQL Injection

Exploit Title: Redaxo CMS Addon MyEvents SQL Injection Backend Date: 01.03.2018 Exploit Author: h0n1gsp3cht Vendor Homepage: http://www.github.com/wende60/myevents Version: 2.2.1 Last Version Tested on: LinuxMint More: Login Required GET Vuln Code + redaxo/src/addons/myevents/pages/eventadd.php...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/03/07 12:0 a.m.42 views

antMan 0.9.0c - Authentication Bypass

Exploit Title: antMan and the password to a url-encoded linefeed %0a, we can force the authentication script to produce return values not anticipated by the developer. To exploit these defects, use a web proxy to intercept the login attempt and modify the POST parameters as follows:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/03/06 12:0 a.m.57 views

Softros Network Time System Server 2.3.4 - Denial of Service

Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/SOFTROS-NETWORK-TIME-SYSTEM-SERVER-v2.3.4-DENIAL-OF-SERVICE.txt + ISR: Apparition Security Vendor: ============= www.softros.com https://nts.softros.com/downloads/ Product:...

7.5CVSS7.7AI score0.39779EPSS
Exploits5
Exploit DB
Exploit DB
added 2018/03/06 12:0 a.m.30 views

Chrome V8 JIT - Empty BytecodeJumpTable Out-of-Bounds Read

/ In the current implementation, the bytecode generator also emits empty jump tables. https://cs.chromium.org/chromium/src/v8/src/interpreter/bytecode-array-writer.cc?rcl=111e990462823c9faeee06b67c0dcf05749d4da8&l=89 So the bytecode for the example code would be generated as follows: Code: functi...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2018/03/06 12:0 a.m.35 views

Chrome V8 JIT - 'GetSpecializationContext' Type Confusion

PoC: function optarg = = arg let tmp = opt.x; // LdaNamedProperty for ;; arg; yield; function inner tmp; break; for let i = 0; i arg; this; , opt let tmp = arg.x; for ;; arg; yield; tmp = inner tmp; ; for let i = 0; i 10000; i++ opt; What happened: 1. The LdaNamedProperty operation "opt.x" was...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/03/06 12:0 a.m.21 views

Chrome V8 JIT - JSBuiltinReducer::ReduceObjectCreate Fails to Ensure that the Prototype is "null"

/ I think this commit has introduced the bug. https://chromium.googlesource.com/v8/v8/+/ff7063c7d5d8ad8eafcce3da59e65d7fe2b4f915%5E%21/F2 According to the description, Object.create is supposed to be inlined only when the prototype given as the parameter is "null". The following check has to...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/03/06 12:0 a.m.32 views

Chrome V8 JIT - Simplified-lowererer IrOpcode::kStoreField, IrOpcode::kStoreElement Optimization Bug

/ I think this commit has introduced the bugs: https://chromium.googlesource.com/v8/v8/+/c22ca7f73ba92f22d0cd29b06bb2944a545a8d3e%5E%21/F0 Here's a snippet. case IrOpcode::kStoreField: FieldAccess access = FieldAccessOfnode-op; Node valuenode = node-InputAt1; NodeInfo inputinfo = GetInfovaluenode...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/03/06 12:0 a.m.57 views

Bravo Tejari Web Portal - Cross-Site Request Forgery

Exploit Title: Bravo Tejari Web Portal-CSRF CVE-ID: CVE-2018-7216 Vulnerability Type: Cross Site Request Forgery CSRF Vendor of Product: Tejari Affected Product Code Base: Bravo Solution Affected Component: Web Interface Management. Attack Type: Local - Authenticated Impact: Unauthorised Access...

8CVSS7AI score0.02912EPSS
Exploits5
Exploit DB
Exploit DB
added 2018/03/05 12:0 a.m.40 views

Netgear - 'TelnetEnable' Magic Packet (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'NETGEAR TelnetEnable', 'Description' = %q This module sends a magic packet to a NETGEAR device to enable telnetd. Upon successful connect, a root...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/03/05 12:0 a.m.42 views

Sophos UTM 9.410 - 'loginuser' 'confd' Service Privilege Escalation

KL-001-2018-007 : Sophos UTM 9 loginuser Privilege Escalation via confd Service Title: Sophos UTM 9 loginuser Privilege Escalation via confd Service Advisory ID: KL-001-2018-007 Publication Date: 2018.03.02 Publication URL: https://www.korelogic.com/Resources/Advisories/KL-001-2018-007.txt 1...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/03/05 12:0 a.m.30 views

Dup Scout Enterprise 10.5.12 - 'Share Username' Local Buffer Overflow

!/usr/bin/python Exploit Author: bzyo Twitter: @bzyo Exploit Title: Dup Scout Enterprise 10.5.12 - Local Buffer Overflow Date: 02-22-2018 Vulnerable Software: Dup Scout Enterprise v10.5.12 Vendor Homepage: http://www.dupscout.com Version: 10.5.12 Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/03/05 12:0 a.m.32 views

Memcached 1.5.5 - 'Memcrashed' Insufficient Control Network Message Volume Denial of Service (2)

Written by Alex Conrey Download: https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/44254.zip This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, eithe...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/03/05 12:0 a.m.44 views

ActivePDF Toolkit < 8.1.0.19023 - Multiple Memory Corruptions

ActivePDF Toolkit 8.1.0 multiple RCE Introduction ============ The ActivePDF Toolkit is a Windows library which enhances business processes to stamp, stitch, merge, form-fill, add digital signatures, barcodes to PDF. Both .NET and native APIs are provided. Amongst many other operations, this...

9.8CVSS9.6AI score0.12542EPSS
Exploits5
Exploit DB
Exploit DB
added 2018/03/05 12:0 a.m.54 views

Suricata < 4.0.4 - IDS Detection Bypass

----------------------------------------------------- Vulnerability Type: Detection Bypass Affected Product: Suricata Vulnerable version: SYN Seq=0 Ack= 0 - Evil Server Client ACK Seq=1 Ack= 84 - Evil Server Client - PSH, ACK Seq=1 Ack= 84 - Evil Server IDS signature checks for tcp stream or http...

5.3CVSS5.6AI score0.24712EPSS
Exploits4
Exploit DB
Exploit DB
added 2018/03/05 12:0 a.m.33 views

Xion 1.0.125 - '.m3u' Local SEH-Based Unicode Venetian Exploit

!/usr/bin/perl Title: Xion 1.0.125 .m3u File Local SEH-based Unicode The “Venetian” Exploit Vulnerability Type: Execute Code, Overflow UTF-16LE buffer, Memory corruption Date: Feb 18, 2018 Author: James Anderson synthetic Original Advisory: http://www.exploit-db.com/exploits/14517 hadji samir...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/03/05 12:0 a.m.53 views

ClipBucket < 4.0.0 - Release 4902 - Command Injection / File Upload / SQL Injection

SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: OS command injection, arbitrary file upload & SQL injection product: ClipBucket vulnerable version: 4.0.0 - Release 4902 fixed version: 4.0.0 - Release 4902 CVE number: -...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/03/05 12:0 a.m.45 views

Memcached 1.5.5 - 'Memcrashed' Insufficient Control Network Message Volume Denial of Service (1)

/ memcached-PoC memcached Proof of Concept Amplification via spoofed source UDP packets. Repo includes source code for PoC and approximately 17,000 AMP hosts. memcached.c - Source code https://pastebin.com/raw/ZiUeinae memecache-amp-03-05-2018-rd.list - List of memcached servers as of 03-05-2018...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/03/02 12:0 a.m.75 views

D-Link DIR-600M Wireless - Cross-Site Scripting

Exploit Title: D-Link DIR-600M Wireless - Persistent Cross Site Scripting Date: 11.02.2018 Vendor Homepage: http://www.dlink.co.in Hardware Link: http://www.dlink.co.in/products/?pid=DIR-600M Category: Hardware Exploit Author: Prasenjit Kanti Paul Web: http://hack2rule.wordpress.com/ Hardware...

5.4CVSS5.5AI score0.02186EPSS
Exploits5
Exploit DB
Exploit DB
added 2018/03/02 12:0 a.m.70 views

uWSGI < 2.0.17 - Directory Traversal

Exploit Title: uWSGI PHP Plugin Directory Traversal Date: 01-03-2018 Exploit Author: Marios Nicolaides - RUNESEC Reviewers: Simon Loizides and Nicolas Markitanis - RUNESEC Vendor Homepage: https://uwsgi-docs.readthedocs.io Affected Software: uWSGI PHP Plugin before 2.0.17 Tested on: uWSGI 2.0.12...

7.5CVSS7.7AI score0.69907EPSS
Exploits5
Exploit DB
Exploit DB
added 2018/03/02 12:0 a.m.26 views

antMan < 0.9.1a - Authentication Bypass

Exploit Title: antMan and the password to a url-encoded linefeed %0a, we can force the authentication script to produce return values not anticipated by the developer. To exploit these defects, use a web proxy to intercept the login attempt and modify the POST parameters as follows:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/03/02 12:0 a.m.61 views

IrfanView 4.50 Email Plugin - Buffer Overflow (SEH Unicode)

!/usr/bin/python Exploit Author: bzyo Twitter: @bzyo Exploit Title: IrfanView 4.50 Email PlugIn - Local Buffer Overflow SEH Unicode Date: 02-07-2018 Vulnerable Software: IrfanView 4.50 Email PlugIn Vendor Homepage: http://www.irfanview.com/ Version: 4.50 Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/03/02 12:0 a.m.74 views

SEGGER embOS/IP FTP Server 3.22 - Denial of Service

Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/SEGGER-embOS-FTP-SERVER-v3.22-FTP-COMMANDS-DENIAL-OF-SERVICE.txt + ISR: Apparition Security Vendor: ============= www.segger.com Product: =========== embOS/IP FTP Server v3.22...

7.5CVSS7.6AI score0.07648EPSS
Exploits5
Exploit DB
Exploit DB
added 2018/03/02 12:0 a.m.60 views

DualDesk 20 - 'Proxy.exe' Denial of Service

Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/DUALDESK-v20-DENIAL-OF-SERVICE.txt + ISR: Apparition Security Vendor: =============== www.dualdesk.com Product: =========== DualDesk v20 DualDesk is powerful, easy to use...

7.5CVSS7.6AI score0.39518EPSS
Exploits5
Exploit DB
Exploit DB
added 2018/03/02 12:0 a.m.56 views

IrfanView 4.44 Email Plugin - Buffer Overflow (SEH)

!/usr/bin/python Exploit Author: bzyo Twitter: @bzyo Exploit Title: IrfanView 4.44 Email PlugIn - Local Buffer Overflow SEH Date: 02-07-2018 Vulnerable Software: IrfanView 4.44 Email PlugIn Vendor Homepage: http://www.irfanview.com/ Version: 4.44 Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/03/02 12:0 a.m.99 views

TestLink Open Source Test Management < 1.9.16 - Remote Code Execution

Title: TestLink Open Source Test Management comment out skip-networking as well as bind-address if any present in my.cnf i.e change line skip-netw...

7.5CVSS7.5AI score0.06238EPSS
Exploits9
Exploit DB
Exploit DB
added 2018/03/02 12:0 a.m.61 views

iSumsoft ZIP Password Refixer 3.1.1 - Buffer Overflow

author = ''' Created: ScrR1pTK1dd13 Name: Greg Priest Mail: [email protected] Exploit Title:iSumsoft Local Buffer Overflow Vuln. 0daySEH Date: 2018.03.02 Exploit Author: Greg Priest Version: iSumsoft ZIP Password Refixer Version 3.1.1 Tested on: Windows7 x64 HUN/ENG Professional '''...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/03/01 12:0 a.m.55 views

Microsoft Windows Kernel (7 x86) - Local Privilege Escalation (MS16-039)

include include include include pragma commentlib, "psapi.lib" define POCDEBUG 0 if POCDEBUG == 1 define POCDEBUGBREAK getchar elif POCDEBUG == 2 define POCDEBUGBREAK DebugBreak else define POCDEBUGBREAK endif static HBITMAP hBmpHunted = NULL; static HBITMAP hBmpExtend = NULL; static DWORD...

7.8CVSS7AI score0.13841EPSS
Exploits2
Exploit DB
Exploit DB
added 2018/02/28 12:0 a.m.40 views

Routers2 2.24 - Cross-Site Scripting

Exploit Title: Routers2 2.24 - Reflected Cross-Site Scripting Date: 18-01-18 Vendor Homepage: http://www.steveshipway.org/software/ Software Link: https://github.com/sshipway/routers2 Version: 2.24 CVE: CVE-2018-6193 Platform: Perl Category: webapps Exploit Author: Lorenzo Di Fuccia Contact:...

4.7CVSS4.8AI score0.02121EPSS
Exploits5
Exploit DB
Exploit DB
added 2018/02/28 12:0 a.m.38 views

Apple iOS 11.2.5 / watchOS 4.2.2 / tvOS 11.2.5 - 'bluetoothd' Memory Corruption

// // main.m // bluetoothdPoC // // Created by Rani Idan. // Copyright © 2018 zLabs. All rights reserved. // import "AppDelegate.h" include extern kernreturnt bootstraplookupmachportt bs, const char servicename, machportt service; / When hijacking session between bluetoothd and client, add callba...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/02/27 12:0 a.m.119 views

Joomla! Component K2 2.8.0 - Arbitrary File Download

Joomla! Component K2 2.8.0 - Arbitrary File Download. CVE-2018-7482. Webapps exploit for PHP platform Exploit Title: Joomla! Component K2 2.8.0 - Arbitrary File Download Dork: N/A Date: 26.02.2018 Vendor Homepage: http://www.joomlaworks.net/ Software Link:...

7.5CVSS7.7AI score0.02353EPSS
Exploits3
Exploit DB
Exploit DB
added 2018/02/27 12:0 a.m.147 views

CMS Made Simple 2.1.6 - Remote Code Execution

Exploit Title: CMS Made Simple 2.1.6 - Remote Code Execution Date: 2018-02-26 Exploit Author: Keerati T. Vendor Homepage: http://www.cmsmadesimple.org/ Software Link: http://s3.amazonaws.com/cmsms/downloads/13570/cmsms-2. 1.6-install.zip Version: 2.1.6 CVE: CVE-2018-7448 Tested on: Linux...

8.5CVSS7.7AI score0.12994EPSS
Exploits5
Exploit DB
Exploit DB
added 2018/02/27 12:0 a.m.83 views

Sony Playstation 4 (PS4) 5.01 < 5.05 - WebKit Code Execution (PoC)

PS4 5.01 WebKit Exploit PoC =========================== Based on: - CVE-2017-7005 - PegaSwitch Copyright 2017 ReSwitched Team - 4.0x exploit by qwertyoruiopz This exploit supports 5.01 maybe others! Installation ============ 1. Install the latest version of node from nodejs.org 2. Clone this...

8.8CVSS8.2AI score0.06697EPSS
Exploits6
Exploit DB
Exploit DB
added 2018/02/27 12:0 a.m.18 views

netek 0.8.2 - Denial of Service

Exploit Title : netek 0.8.2 FTP Denial of Service Test on : windowsXPs3 + windows 7 software Link :https://sourceforge.net/projects/netek.berlios/ version : 0.8.2 author : Lawrence Amer site : lawrenceamer.me affected product uses default port 30817 , it can be chnaged also !/bin/python import...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2018/02/27 12:0 a.m.99 views

Asterisk chan_pjsip 15.2.0 - 'SUBSCRIBE' Stack Corruption

''' SUBSCRIBE message with a large Accept value causes stack corruption - Authors: - Alfred Farrugia - Sandro Gauci - Latest vulnerable version: Asterisk 15.2.0 running chanpjsip - Tested vulnerable versions: 15.2.0, 13.19.0, 14.7.5, 13.11.2 - References: AST-2018-004, CVE-2018-7284 - Advisory UR...

7.5CVSS7.5AI score0.58284EPSS
Exploits5
Exploit DB
Exploit DB
added 2018/02/27 12:0 a.m.23 views

GetGo Download Manager 5.3.0.2712 - Buffer Overflow (SEH)

!/usr/bin/python Exploit Author: bzyo Twitter: @bzyo Exploit Title: GetGo Download Manager 5.3.0.2712 - Remote Buffer Overflow SEH Date: 02-24-2018 Vulnerable Software: GetGo Download Manager 5.3.0.2712 Vendor Homepage: http://www.getgosoft.com/ Version: 5.3.0.2712 Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/02/27 12:0 a.m.22 views

MyBB My Arcade Plugin 1.3 - Cross-Site Scripting

Exploit Title: MyBB My Arcade Plugin v1.3 - Persistent XSS Date: 2/21/2018 Author: 0xB9 Contact: luxorforums.com/User-0xB9 or 0xB9atprotonmail.com Software Link: https://community.mybb.com/mods.php?action=view&pid=411 Version: 1.3 Tested on: Ubuntu 17.10 1. Description: The My Arcade plugin adds ...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/02/27 12:0 a.m.39 views

School Management Script 3.0.4 - Authentication Bypass

Exploit Title: SQL Injection exists in PHP Scripts Mall School Management Script 3.0.4. Date: 26/02/2018 Exploit Author: Samiran Santra Vendor Homepage: https://www.phpscriptsmall.com Software Link: https://www.phpscriptsmall.com/product/school-management-system Version: v3.0.4 Tested on: Windows...

9.8CVSS9.7AI score0.02703EPSS
Exploits5
Exploit DB
Exploit DB
added 2018/02/27 12:0 a.m.59 views

Asterisk chan_pjsip 15.2.0 - 'SDP fmtp' Denial of Service

''' Segmentation fault occurs in asterisk with an invalid SDP fmtp attribute - Authors: - Alfred Farrugia - Sandro Gauci - Latest vulnerable version: Asterisk 15.2.0 running chanpjsip - References: AST-2018-003 - Enable Security Advisory: - Vendor Advisory: - Timeline: - Issue reported to vendor:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/02/27 12:0 a.m.61 views

Microsoft Windows 8.1/2012 R2 - SMBv3 Null Pointer Dereference Denial of Service

Exploit Title: Microsoft Windows SMB Client Null Pointer Dereference Denial of Service Date: 26/02/2018 Exploit Author: Nabeel Ahmed Version: SMBv3 Tested on: Windows 8.1 x86, Windows Server 2012 R2 x64 CVE : CVE-2018-0833 import SocketServer from binascii import unhexlify payload =...

6.3CVSS5.5AI score0.40645EPSS
Exploits11
Exploit DB
Exploit DB
added 2018/02/27 12:0 a.m.112 views

Asterisk chan_pjsip 15.2.0 - 'SDP' Denial of Service

''' Segmentation fault occurs in Asterisk with an invalid SDP media format description - Authors: - Alfred Farrugia - Sandro Gauci - Latest vulnerable version: Asterisk 15.2.0 running chanpjsip - References: AST-2018-002 - Enable Security Advisory: - Vendor Advisory: - Tested vulnerable versions:...

7.4AI score
Exploits0
Total number of security vulnerabilities47904