Lucene search
K
ExploitdbRecent

47904 matches found

Exploit DB
Exploit DB
added 2018/02/27 12:0 a.m.68 views

Asterisk chan_pjsip 15.2.0 - 'INVITE' Denial of Service

''' Crash occurs when sending a repeated number of INVITE messages over TCP or TLS transport - Authors: - Alfred Farrugia - Sandro Gauci - Latest vulnerable version: Asterisk 15.2.0 running chanpjsip installed with --with-pjproject-bundled - References: AST-2018-005, CVE-2018-7286 - Enable Securi...

6.5CVSS7AI score0.38858EPSS
Exploits5
Exploit DB
Exploit DB
added 2018/02/27 12:0 a.m.24 views

Chrome V8 - 'TranslatedState::MaterializeCapturedObjectAt' Type Confusion

/ Here'a snippet of TranslatedState::MaterializeCapturedObjectAt. case JSSETKEYVALUEITERATORTYPE: case JSSETVALUEITERATORTYPE: Handle object = Handle::cast isolate-factory-NewJSObjectFromMapmap, NOTTENURED; Handle properties = materializer.FieldAtvalueindex; Handle elements =...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/02/27 12:0 a.m.92 views

Sony Playstation 4 (PS4) 4.55 - 'Jailbreak' 'setAttributeNodeNS' WebKit 5.02 / 'bpf' Kernel Loader 4.55

PS4 4.55 Kernel Exploit --- Summary In this project you will find a full implementation of the "bpf" kernel exploit for the PlayStation 4 on 4.55. It will allow you to run arbitrary code as kernel, to allow jailbreaking and kernel-level modifications to the system. This release however, does not...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/02/27 12:0 a.m.59 views

Concrete5 CMS < 8.3.0 - Username / Comments Enumeration

!/usr/bin/env python3 Concrete5 8.3 vulnerable to Authorization Bypass Through User-Controlled Key IDOR CVE-2017-18195 Chapman R3naissance Schleiss from queue import Queue from threading import Thread from bs4 import BeautifulSoup from tabulate import tabulate import argparse import requests impo...

5.3CVSS5.3AI score0.11123EPSS
Exploits6
Exploit DB
Exploit DB
added 2018/02/27 12:0 a.m.33 views

Transmission - Integer Overflows Parsing Torrent Files

I took a look at torrent file parsing in libtransmission, there are a few integer overflows because the trnew/trnew0 allocation wrappers don't handle overflow. define trnewstructtype, nstructs \ structtype trmalloc sizeof structtype sizetnstructs define trnew0structtype, nstructs \ structtype...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2018/02/27 12:0 a.m.37 views

Schools Alert Management Script 2.0.2 - Authentication Bypass

Schools Alert Management Script 2.0.2 - Authentication Bypass. CVE-2018-6859. Webapps exploit for PHP platform Exploit Title: Schools Alert Management Script - 2.0.2 - Authentication Bypass Date: 07.02.2018 Vendor Homepage: https://www.phpscriptsmall.com/ Software Link:...

9.8CVSS9.4AI score0.01739EPSS
Exploits4
Exploit DB
Exploit DB
added 2018/02/27 12:0 a.m.27 views

Chrome V8 - 'PropertyArray' Integer Overflow

/ Here's a snippet of the MigrateFastToFast function which is used to create a new PropertyArray object. int numberoffields = newmap-NumberOfFields; int inobject = newmap-GetInObjectProperties; int unused = newmap-UnusedPropertyFields; ... int totalsize = numberoffields + unused; int external =...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2018/02/26 12:0 a.m.79 views

CloudMe Sync 1.10.9 - Stack-Based Buffer Overflow (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'CloudMe Sync v1.10.9', 'Description' = %q This module exploits a stack-based buffer overflow vulnerability in CloudMe Sync v1.10.9 client...

9.8CVSS7.4AI score0.93597EPSS
Exploits29
Exploit DB
Exploit DB
added 2018/02/26 12:0 a.m.124 views

AsusWRT LAN - Remote Code Execution (Metasploit)

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'AsusWRT LAN Unauthenticated Remote Code Execution', 'Description' = %q The HTTP server in AsusWRT has a flaw where it allows an unauthenticated...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/02/26 12:0 a.m.31 views

Sony Playstation 4 (PS4) 4.07 < 4.55 - 'bpf' Local Kernel Code Execution (PoC)

function stage4 function mallocsz var backing = new Uint8Array1000+sz; window.nogc.pushbacking; var ptr = p.read8p.leakvalbacking.add320x10; ptr.backing = backing; return ptr; function malloc32sz var backing = new Uint8Array0x1000+sz4; window.nogc.pushbacking; var ptr =...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/02/26 12:0 a.m.479 views

Disk Savvy Enterprise 10.4.18 - Stack-Based Buffer Overflow (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Disk Savvy Enterprise v10.4.18', 'Description' = %q This module exploits a stack-based buffer overflow vulnerability in Disk Savvy Enterprise...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/02/25 12:0 a.m.57 views

Papenmeier WiFi Baby Monitor Free & Lite < 2.02.2 - Remote Audio Record

Whilst analysing a number of free communication based applications on the Google Play Store, I took a look at WiFi Baby Monitor: Free & Lite the free version of WiFi Baby Monitor. Although the premium version offered users the ability to specify a password to be used in the pairing process, the...

5.3CVSS5.3AI score0.00948EPSS
Exploits5
Exploit DB
Exploit DB
added 2018/02/25 12:0 a.m.58 views

Papenmeier WiFi Baby Monitor Free & Lite < 2.02.2 - Remote Audio Record

Papenmeier WiFi Baby Monitor Free & Lite 2.02.2 - Remote Audio Record. CVE-2018-7661. Remote exploit for Android platform Whilst analysing a number of free communication based applications on the Google Play Store, I took a look at WiFi Baby Monitor: Free & Lite the free version of WiFi Baby...

5.3CVSS5.3AI score0.00948EPSS
Exploits5
Exploit DB
Exploit DB
added 2018/02/22 12:0 a.m.38 views

Parallels Remote Application Server 15.5 - Path Traversal

Parallels Remote Application Server 15.5 - Path Traversal. CVE-2017-9447. Webapps exploit for Windows platform Exploit Title: Parallels Remote Application Server RAS 15.5 Path Traversal Date: 22-02-2018 Exploit Author: Nicolas Markitanis - RUNESEC Reviewers: Simon Loizides and Marios Nicolaides -...

7.5CVSS0.02015EPSS
Exploits5
Exploit DB
Exploit DB
added 2018/02/22 12:0 a.m.37 views

Learning and Examination Management System - Cross-Site Scripting

Learning and Examination Management System - Cross-Site Scripting. CVE-2018-6866. Webapps exploit for PHP platform Exploit Title: Learning and Examination Management System Script 2.3.1 – Stored XSS Date: 09.02.2018 Vendor Homepage: https://www.phpscriptsmall.com/ Software Link:...

5.4CVSS5.9AI score0.01511EPSS
Exploits4
Exploit DB
Exploit DB
added 2018/02/22 12:0 a.m.43 views

Groupon Clone Script 3.0.2 - Cross-Site Scripting

Groupon Clone Script 3.0.2 - Cross-Site Scripting. CVE-2018-6868. Webapps exploit for PHP platform Exploit Title: Slickdeals/DealNews/Groupon Clone Script 3.0.2 – Stored XSS Date: 09.02.2018 Vendor Homepage: https://www.phpscriptsmall.com/ Software Link:...

5.4CVSS5.9AI score0.00554EPSS
Exploits5
Exploit DB
Exploit DB
added 2018/02/22 12:0 a.m.36 views

Parallels Remote Application Server 15.5 - Path Traversal

Exploit Title: Parallels Remote Application Server RAS 15.5 Path Traversal Date: 22-02-2018 Exploit Author: Nicolas Markitanis - RUNESEC Reviewers: Simon Loizides and Marios Nicolaides - RUNESEC Vendor Homepage: https://www.parallels.com/ Affected: Parallels Remote Application Server RAS 15.5 Bui...

7.5CVSS7.6AI score0.02015EPSS
Exploits5
Exploit DB
Exploit DB
added 2018/02/22 12:0 a.m.29 views

NoMachine &lt; 6.0.80 (x64) - &#039;nxfuse&#039; Privilege Escalation

from ctypes import from ctypes.wintypes import import struct import sys import os MEMCOMMIT = 0x00001000 MEMRESERVE = 0x00002000 PAGEEXECUTEREADWRITE = 0x00000040 GENERICREAD = 0x80000000 GENERICWRITE = 0x40000000 OPENEXISTING = 0x3 STATUSINVALIDHANDLE = 0xC0000008 shellcodelen = 90 s = “” s +=...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2018/02/22 12:0 a.m.54 views

Joomla! Component OS Property Real Estate 3.12.7 - SQL Injection

Exploit Title: Joomla! Component OS Property Real Estate 3.12.7 - SQL Injection Dork: N/A Date: 22.02.2018 Vendor Homepage: https://www.joomdonation.com/ Software Link: https://extensions.joomla.org/extensions/extension/vertical-markets/real-estate/os-property/ Version: 3.12.7 Category: Webapps...

9.8CVSS9.6AI score0.02018EPSS
Exploits5
Exploit DB
Exploit DB
added 2018/02/22 12:0 a.m.118 views

Trend Micro Email Encryption Gateway 5.5 (Build 1111.00) - Multiple Vulnerabilities

Core Security - Corelabs Advisory http://corelabs.coresecurity.com/ Trend Micro Email Encryption Gateway Multiple Vulnerabilities 1. Advisory Information Title: Trend Micro Email Encryption Gateway Multiple Vulnerabilities Advisory ID: CORE-2017-0006 Advisory URL:...

10CVSS6.2AI score0.10813EPSS
Exploits16
Exploit DB
Exploit DB
added 2018/02/22 12:0 a.m.38 views

Armadito Antivirus 0.12.7.2 - Detection Bypass

/ Title: Armadito Antivirus - Malware Detection Bypass Date: 21/02/2018 Author: Souhail Hammou Author's website: http://rce4fun.blogspot.com Vendor Homepage: http://www.teclib-edition.com/en/ Version: 0.12.7.2 CVE: CVE-2018-7289 Details: -------- An issue was discovered in...

4.3CVSS3.9AI score0.01756EPSS
Exploits5
Exploit DB
Exploit DB
added 2018/02/22 12:0 a.m.80 views

Joomla! Component Proclaim 9.1.1 - Arbitrary File Upload

Exploit Title: Joomla! Component Proclaim 9.1.1 - Arbitrary File Upload Dork: N/A Date: 22.02.2018 Vendor Homepage: https://www.christianwebministries.org/ Software Link: https://extensions.joomla.org/extensions/extension/living/religion/proclaim/ Software Download:...

9.8CVSS9.6AI score0.08213EPSS
Exploits5
Exploit DB
Exploit DB
added 2018/02/22 12:0 a.m.49 views

Joomla! Component CheckList 1.1.1 - SQL Injection

Exploit Title: Joomla! Component CheckList 1.1.1 - SQL Injection Dork: N/A Date: 22.02.2018 Vendor Homepage: https://www.joomplace.com/ Software Link: https://extensions.joomla.org/extensions/extension/living/personal-life/checklist/ Version: 1.1.1 Category: Webapps Tested on: WiN7x64/KaLiLinuXx6...

9.8CVSS9.6AI score0.08708EPSS
Exploits5
Exploit DB
Exploit DB
added 2018/02/22 12:0 a.m.65 views

Joomla! Component CW Tags 2.0.6 - SQL Injection

Exploit Title: Joomla! Component CW Tags 2.0.6 - SQL Injection Dork: N/A Date: 22.02.2018 Vendor Homepage: http://www.cwjoomla.com/ Software Link: https://extensions.joomla.org/extensions/extension/search-a-indexing/tags-a-clouds/cw-tags/ Version: 2.0.6 Category: Webapps Tested on:...

9.8CVSS9.6AI score0.19493EPSS
Exploits5
Exploit DB
Exploit DB
added 2018/02/22 12:0 a.m.55 views

Joomla! Component Alexandria Book Library 3.1.2 - &#039;letter&#039; SQL Injection

Exploit Title: Joomla! Component Alexandria Book Library 3.1.2 - SQL Injection Dork: N/A Date: 22.02.2018 Vendor Homepage: https://alexandriabooklibrary.org/ Software Link: https://extensions.joomla.org/extensions/extension/living/education-a-culture/alexandria-book-library/ Software Download:...

9.8CVSS9.6AI score0.02703EPSS
Exploits5
Exploit DB
Exploit DB
added 2018/02/22 12:0 a.m.46 views

Joomla! Component Ek Rishta 2.9 - SQL Injection

Exploit Title: Joomla! Component Ek Rishta 2.9 - SQL Injection Dork: N/A Date: 22.02.2018 Vendor Homepage: https://www.joomlaextensions.co.in/ Software Link: https://extensions.joomla.org/extensions/extension/living/dating-a-relationships/ek-rishta/ Version: 2.9 Category: Webapps Tested on:...

9.8CVSS9.6AI score0.02703EPSS
Exploits5
Exploit DB
Exploit DB
added 2018/02/22 12:0 a.m.45 views

Joomla! Component PrayerCenter 3.0.2 - &#039;sessionid&#039; SQL Injection

Exploit Title: Joomla! Component PrayerCenter 3.0.2 - SQL Injection Dork: N/A Date: 22.02.2018 Vendor Homepage: http://www.mlwebtechnologies.com/ Software Link: https://extensions.joomla.org/extensions/extension/living/religion/prayercenter/ Software Download:...

9.8CVSS9.6AI score0.58373EPSS
Exploits6
Exploit DB
Exploit DB
added 2018/02/22 12:0 a.m.80 views

Joomla! Component Proclaim 9.1.1 - Backup File Download

Exploit Title: Joomla! Component Proclaim 9.1.1 - Backup Download Dork: N/A Date: 22.02.2018 Vendor Homepage: https://www.christianwebministries.org/ Software Link: https://extensions.joomla.org/extensions/extension/living/religion/proclaim/ Software Download:...

7.5CVSS7.7AI score0.08069EPSS
Exploits5
Exploit DB
Exploit DB
added 2018/02/22 12:0 a.m.41 views

NoMachine &lt; 6.0.80 (x86) - &#039;nxfuse&#039; Privilege Escalation

include “stdafx.h” include define DEVICE L”\\.\nxfs-709fd562-36b5-48c6-9952-302da6218061″ define DEVICE2 L”\\.\nxfs-net-709fd562-36b5-48c6-9952-302da6218061709fd562-36b5-48c6-9952-302da6218061” define IOCTL 0x00222014 define IOCTL2 0x00222030 define OUTSIZE 0x90 define INSIZE 0x10 define...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/02/22 12:0 a.m.47 views

Alibaba Clone Script 1.0.2 - Cross-Site Scripting

Alibaba Clone Script 1.0.2 - Cross-Site Scripting. CVE-2018-6867. Webapps exploit for PHP platform Exploit Title: Alibaba Clone Script 1.0.2 – Stored XSS Date: 09.02.2018 Vendor Homepage: https://www.phpscriptsmall.com/ Software Link: https://www.phpscriptsmall.com/product/alibaba-clone/ Category...

5.4CVSS5.9AI score0.00674EPSS
Exploits4
Exploit DB
Exploit DB
added 2018/02/21 12:0 a.m.46 views

Disk Savvy Enterprise 10.4.18 - Buffer Overflow (SEH)

Exploit Title: Disk Savvy Enterprise v10.4.18 Server - Unauthenticated Remote Buffer Overflow SEH Date: 01/02/2018 Exploit Author: Daniel Teixeira Vendor Homepage: http://www.disksavvy.com/ Software Link: http://www.disksavvy.com/setups/disksavvyentsetupv10.4.18.exe Version: 10.4.18 CVE:...

9.8CVSS9.7AI score0.19732EPSS
Exploits6
Exploit DB
Exploit DB
added 2018/02/21 12:0 a.m.49 views

Disk Pulse Enterprise 10.4.18 - &#039;Import Command&#039; Buffer Overflow (SEH)

!/usr/bin/env python Exploit Title: Disk Pulse Enterprise v10.4.18 - 'Import Command' Buffer Overflow SEH Date: 2018-01-22 Exploit Author: Daniel Teixeira Author Homepage: www.danielteixeira.com Vendor Homepage: http://www.diskpulse.com Software Link:...

7.8CVSS7.6AI score0.53651EPSS
Exploits11
Exploit DB
Exploit DB
added 2018/02/21 12:0 a.m.39 views

Wavpack 5.1.0 - Denial of Service

Exploit title: Wavpack 5.1.0 - Denial of Service Date: 20.02.2018 Exploit Author: r4xis https://github.com/r4xis Vendor Homepage: http://www.wavpack.com/ Software Links: http://www.wavpack.com/downloads.html https://github.com/dbry/WavPack Version: Wavpack 5.1.0 Tested on: Debian 9.3.0 64 bit...

7.8CVSS6.5AI score0.09905EPSS
Exploits4
Exploit DB
Exploit DB
added 2018/02/21 12:0 a.m.40 views

EChat Server 3.1 - &#039;CHAT.ghp&#039; Buffer Overflow

Exploit Author: Juan Sacco Vulnerability found using Exploit Pack v10 - http://exploitpack.com Impact: An attacker could exploit this vulnerability to execute arbitrary code in the context of the application. Failed exploit attempts will result in adenial-of-service condition. Program description...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/02/20 12:0 a.m.371 views

μTorrent (uTorrent) Classic/Web - JSON-RPC Remote Code Execution / Information Disclosure

By default, utorrent create an HTTP RPC server on port 10000 uTorrent classic or 19575 uTorrent web. There are numerous problems with these RPC servers that can be exploited by any website using XMLHTTPRequest. To be clear, visiting any website is enough to compromise these applications. uTorrent...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2018/02/20 12:0 a.m.51 views

Microsoft Windows - Global Reparse Point Security Feature Bypass/Elevation of Privilege

Windows: Global Reparse Point Security Feature Bypass/Elevation of Privilege Platform: Windows 10 1709 functionality not present prior to this version Class: Security Feature Bypass/Elevation of Privilege Summary: It’s possible to use the new Global Reparse Point functionality introduced in Windo...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/02/20 12:0 a.m.60 views

Microsoft Windows - NPFS Symlink Security Feature Bypass/Elevation of Privilege/Dangerous Behavior

Windows: NPFS Symlink Security Feature Bypass/Elevation of Privilege/Dangerous Behavior Platform: Windows 10 1709 functionality not present prior to this version Class: Security Feature Bypass/Elevation of Privilege/Dangerous Behavior Summary: It’s possible to create NPFS symlinks as a low IL or...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/02/20 12:0 a.m.70 views

MagniComp SysInfo - mcsiwrapper Privilege Escalation (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'MagniComp SysInfo mcsiwrapper Privilege Escalation', 'Description' = %q This module attempts to gain root privileges on systems running MagniComp...

7.2CVSS6.5AI score0.0529EPSS
Exploits5
Exploit DB
Exploit DB
added 2018/02/20 12:0 a.m.69 views

Microsoft Windows - Constrained Impersonation Capability Privilege Escalation

Windows: Constrained Impersonation Capability EoP Platform: Windows 10 1703/1709 not tested earlier versions Class: Elevation of Privilege Summary: It’s possible to use the constrained impersonation capability added in Windows 10 to impersonate a lowbox SYSTEM token leading to EoP. Description:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/02/20 12:0 a.m.44 views

Microsoft Windows Kernel - &#039;nt!RtlpCopyLegacyContextX86&#039; Stack Memory Disclosure

/ We have discovered a new Windows kernel memory disclosure vulnerability in the creation and copying of a CONTEXT structure to user-mode memory. Two previous bugs in the nearby code area were reported in issues 1177 and 1311 ; in fact, the problem discussed here appears to be a variant of 1177 b...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/02/20 12:0 a.m.84 views

Microsoft Windows - StorSvc SvcMoveFileInheritSecurity Arbitrary File Creation Privilege Escalation

Windows: StorSvc SvcMoveFileInheritSecurity Arbitrary File Creation EoP Platform: Windows 10 1709 not tested earlier versions Class: Elevation of Privilege Summary: The SvcMoveFileInheritSecurity RPC method in StorSvc can be used to move an arbitrary file to an arbitrary location resulting in...

7CVSS8.3AI score0.02501EPSS
Exploits4
Exploit DB
Exploit DB
added 2018/02/20 12:0 a.m.60 views

Microsoft Internet Explorer 11 - &#039;Js::RegexHelper::RegexReplace&#039; Use-After-Free

var vars = new Array2; function main vars0 = Array1000000.joinString.fromCharCode0x41; vars1 = String.prototype.substring.callvars0, 1, vars0.length; String.prototype.replace.callvars1, RegExp, f; function farg1, arg2, arg3 alertarg3; vars0 = 1; CollectGarbage; return 'a'; main; +0x122e5d:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/02/19 12:0 a.m.124 views

Linux/ARM - Bind TCP (4444/TCP) Shell (/bin/sh) + IP Controlled (192.168.1.190) + Null-Free Shellcode (168 bytes)

Linux/ARM - Bind TCP 4444/TCP Shell /bin/sh + IP Controlled 192.168.1.190 + Null-Free Shellcode 168 bytes. Shellcode exploit for ARM platform / Title: Linux/ARM - IP Controlled Bind Shell TCP /bin/sh. Null free shellcode 168 bytes Date: 2018-02-17 Tested: armv7l Raspberry Pi v3 and armv6l Raspber...

7.1AI score
Exploits0
Exploit DB
Exploit DB
added 2018/02/19 12:0 a.m.58 views

Aastra 6755i SIP SP4 - Denial of Service

Exploit Title: Aastra 6755i SIP SP4 | Unauthorized Remote Reboot Date: 17/02/2018 Exploit Author: Wadeek Hardware Version: 6755i Firmware Version: 3.3.1.4053 SP4 Vendor Homepage: http://www.aastra.sg/ Firmware Link:...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2018/02/19 12:0 a.m.146 views

Mobile Application Hacking Diary Ep.2

Mobile Application Hacking Diary Ep.2 |=--------------------------------------------------------------------=| |=------------= Mobile Application Hacking Diary Ep.2=--------------=| |=------------------------= 18 February 2018 =----------------------=| |=----------------------= By CWH Underground...

7.1AI score
Exploits0
Exploit DB
Exploit DB
added 2018/02/19 12:0 a.m.53 views

October CMS &lt; 1.0.431 - Cross-Site Scripting

​​ Exploit Title: October CMS Stored Code Injection Date: 16-02-2018 Exploit Author: Samrat Das Contact: http://twitter.com/SamratDas93 Website: https://securitywarrior9.blogspot.in/ Vendor Homepage: https://octobercms.com/ Version: All versions till date from 1.0.431 CVE : CVE- 2018-7198 Categor...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/02/16 12:0 a.m.40 views

UserSpice 4.3 - Blind SQL Injection

!/usr/env/python """ Application UserSpice PHP user management Vulnerability UserSpice = 4.3 Blind SQL Injection exploit URL https://userspice.com Date 1.2.2018 Author Dolev Farhi About the App: What makes userspice different from almost any other PHP User Management Framework is that it has been...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2018/02/16 12:0 a.m.44 views

Twig &lt; 2.4.4 - Server Side Template Injection

Vulnerability details: Exploit Title: Twig Output: 16 2. POC: http://localhost/search?searchkey=44 OUTPUT: 4 http://localhost/search?searchkey=ls OUTPUT: list of files/directories etc…...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/02/16 12:0 a.m.40 views

Microsoft Edge - &#039;UnmapViewOfFile&#039; ACG Bypass

Background: To implement ACG https://blogs.windows.com/msedgedev/2017/02/23/mitigating-arbitrary-native-code-execution/VM4y5oTSGCRde3sk.97, Edge uses a separate process for JIT compiling. This JIT Process is also responsible for mapping native code into the requesting Content Process. In order to...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/02/16 12:0 a.m.59 views

Joomla! Component JB Bus 2.3 - &#039;order_number&#039; SQL Injection

Exploit Title: Joomla! Component JB Bus 2.3 - SQL Injection Dork: N/A Date: 16.02.2018 Vendor Homepage: http://joombooking.com/ Software Link: https://extensions.joomla.org/extensions/extension/vertical-markets/booking-a-reservations/jbtransport/ Version: 2.3 Category: Webapps Tested on:...

9.8CVSS9.8AI score0.02703EPSS
Exploits5
Total number of security vulnerabilities47904