Lucene search
K
ExploitdbRecent

47904 matches found

Exploit DB
Exploit DB
•added 2018/02/16 12:0 a.m.•62 views

Joomla! Component Gallery WD 1.3.6 - SQL Injection

Exploit Title: Joomla! Component Gallery WD 1.3.6 - SQL Injection Dork: N/A Date: 16.02.2018 Vendor Homepage: https://web-dorado.com/ Software Link: https://extensions.joomla.org/extensions/extension/photos-a-images/galleries/gallery-wd/ Software Download:...

9.8CVSS7AI score0.02703EPSS
Exploits5
Exploit DB
Exploit DB
•added 2018/02/16 12:0 a.m.•43 views

Joomla! Component File Download Tracker 3.0 - SQL Injection

Exploit Title: Joomla! Component File Download Tracker 3.0 - SQL Injection Dork: N/A Date: 16.02.2018 Vendor Homepage: http://techsolsystem.com/ Software Link: https://extensions.joomla.org/extensions/extension/directory-a-documentation/downloads/file-download-tracker/ Version: 3.0 Category:...

9.8CVSS9.8AI score0.02703EPSS
Exploits5
Exploit DB
Exploit DB
•added 2018/02/16 12:0 a.m.•43 views

Joomla! Component Aist 2.0 - 'id' SQL Injection

Exploit Title: Joomla! Component Aist = 2.0 - SQL Injection Dork: N/A Date: 16.02.2018 Vendor Homepage: http://aist.bmstu.ru/ Software Link: http://aist.bmstu.ru/ Version: = 2.0 Category: Webapps Tested on: WiN7x64/KaLiLinuXx64 CVE: CVE-2018-5993 Exploit Author: Ihsan Sencan POC: 1...

9.8CVSS9.8AI score0.02703EPSS
Exploits5
Exploit DB
Exploit DB
•added 2018/02/16 12:0 a.m.•67 views

Joomla! Component Google Map Landkarten 4.2.3 - SQL Injection

Exploit Title: Joomla! Component Google Map Landkarten = 4.2.3 - SQL Injection Dork: N/A Date: 16.02.2018 Vendor Homepage: http://www.joomla-24.de/ Software Link: https://extensions.joomla.org/extensions/extension/maps-a-weather/maps-a-locations/google-map-landkarten/ Software Download:...

9.8CVSS9.8AI score0.23973EPSS
Exploits5
Exploit DB
Exploit DB
•added 2018/02/16 12:0 a.m.•49 views

Joomla! Component DT Register 3.2.7 - 'id' SQL Injection

Exploit Title: Joomla! Component DT Register 3.2.7 - SQL Injection Dork: N/A Date: 16.02.2018 Vendor Homepage: https://www.dthdevelopment.com/ Software Link: https://extensions.joomla.org/extensions/extension/calendars-a-events/events/dt-register/ Version: 3.2.7 Category: Webapps Tested on:...

9.8CVSS9.8AI score0.03872EPSS
Exploits5
Exploit DB
Exploit DB
•added 2018/02/16 12:0 a.m.•35 views

Joomla! Component AllVideos Reloaded 1.2.x - 'divid' SQL Injection

Exploit Title: Joomla! Component AllVideos Reloaded 1.2.x - SQL Injection Dork: N/A Date: 16.02.2018 Vendor Homepage: http://allvideos.fritz-elfert.de Software Link: http://joomlacode.org/gf/project/allvideos15/frs/?action=FrsReleaseBrowse&frspackageid=3564 Version: 1.2.x Category: Webapps Tested...

9.8CVSS7AI score0.02703EPSS
Exploits5
Exploit DB
Exploit DB
•added 2018/02/16 12:0 a.m.•39 views

Joomla! Component Advertisement Board 3.1.0 - 'catname' SQL Injection

Exploit Title: Joomla! Component Advertisement Board 3.1.0 - SQL Injection Dork: N/A Date: 16.02.2018 Vendor Homepage: http://ordasoft.com/ Software Link: https://extensions.joomla.org/extensions/extension/ads-a-affiliates/classified-ads/advertisement-board/ Version: 3.1.0 Category: Webapps Teste...

9.8CVSS9.8AI score0.02703EPSS
Exploits5
Exploit DB
Exploit DB
•added 2018/02/16 12:0 a.m.•80 views

Siemens SIPROTEC 4 and SIPROTEC Compact EN100 Ethernet Module < 4.25 - Denial of Service

Exploit Title: Siemens SIPROTEC 4 and SIPROTEC Compact EN100 Ethernet Module V4.25 - Denial of Service Date: 14.02.2018 Exploit Author: M. Can Kurnaz Contact: https://twitter.com/0x43414e Vendor Homepage: https://www.siemens.com Version: All devices that include the EN100 Ethernet module version...

7.8CVSS9.8AI score0.74323EPSS
Exploits7
Exploit DB
Exploit DB
•added 2018/02/16 12:0 a.m.•61 views

Joomla! Component Kubik-Rubik Simple Image Gallery Extended (SIGE) 3.2.3 - Cross-Site Scripting

Exploit Title: Joomla! Component SIGE version 3. Solution: Update to version 3.3.0 https://downloads.kubik-rubik.de/joomla-extensions/plgsigev3.3.0.zip...

6.1CVSS6.5AI score0.02227EPSS
Exploits5
Exploit DB
Exploit DB
•added 2018/02/16 12:0 a.m.•43 views

Joomla! Component JTicketing 2.0.16 - SQL Injection

Exploit Title: Joomla! Component JTicketing 2.0.16 - SQL Injection Dork: N/A Date: 16.02.2018 Vendor Homepage: https://techjoomla.com/ Software Link: https://extensions.joomla.org/extensions/extension/calendars-a-events/events/jticketing/ Version: 2.0.16 Category: Webapps Tested on:...

9.8CVSS9.8AI score0.02703EPSS
Exploits5
Exploit DB
Exploit DB
•added 2018/02/16 12:0 a.m.•52 views

Joomla! Component Realpin 1.5.04 - SQL Injection

Exploit Title: Joomla! Component Realpin = 1.5.04 - SQL Injection Dork: N/A Date: 16.02.2018 Vendor Homepage: http://realpin.frumania.com/ Software Link: https://extensions.joomla.org/extensions/extension/multimedia/multimedia-display/realpin/ Software Download:...

9.8CVSS7AI score0.02703EPSS
Exploits5
Exploit DB
Exploit DB
•added 2018/02/16 12:0 a.m.•46 views

Joomla! Component Project Log 1.5.3 - 'search' SQL Injection

Exploit Title: Joomla! Component Project Log 1.5.3 - SQL Injection Dork: N/A Date: 16.02.2018 Vendor Homepage: https://extensions.thethinkery.net/ Software Link: https://extensions.joomla.org/extensions/extension/clients-a-communities/project-a-task-management/project-log/ Version: 1.5.3 Category...

9.8CVSS9.8AI score0.03108EPSS
Exploits5
Exploit DB
Exploit DB
•added 2018/02/16 12:0 a.m.•58 views

Joomla! Component JS Jobs 1.1.9 - SQL Injection

Exploit Title: Joomla! Component JS Jobs 1.1.9 - SQL Injection Dork: N/A Date: 16.02.2018 Vendor Homepage: http://www.joomsky.com/ Software Link: https://extensions.joomla.org/extensions/extension/ads-a-affiliates/jobs-a-recruitment/js-jobs/ Software Download:...

9.8CVSS9.8AI score0.02703EPSS
Exploits5
Exploit DB
Exploit DB
•added 2018/02/16 12:0 a.m.•41 views

Joomla! Component MediaLibrary Free 4.0.12 - SQL Injection

Exploit Title: Joomla! Component MediaLibrary Free 4.0.12 - SQL Injection Dork: N/A Date: 16.02.2018 Vendor Homepage: http://ordasoft.com/ Software Link: https://extensions.joomla.org/extensions/extension/living/education-a-culture/medialibrary-basic/ Software Download:...

9.8CVSS9.8AI score0.02703EPSS
Exploits6
Exploit DB
Exploit DB
•added 2018/02/16 12:0 a.m.•58 views

Joomla! Component InviteX 3.0.5 - 'invite_type' SQL Injection

Exploit Title: Joomla! Component InviteX 3.0.5 - SQL Injection Dork: N/A Date: 16.02.2018 Vendor Homepage: http://techjoomla.com/ Software Link: https://extensions.joomla.org/extensions/extension/content-sharing/bookmark-a-recommend/invitex/ Version: 3.0.5 Category: Webapps Tested on:...

9.8CVSS9.4AI score0.02703EPSS
Exploits5
Exploit DB
Exploit DB
•added 2018/02/16 12:0 a.m.•43 views

Joomla! Component jGive 2.0.9 - SQL Injection

Exploit Title: Joomla! Component JGive 2.0.9 - SQL Injection Dork: N/A Date: 16.02.2018 Vendor Homepage: http://techjoomla.com/ Software Link: https://extensions.joomla.org/extensions/extension/e-commerce/donations/jgive/ Version: 2.0.9 Category: Webapps Tested on: WiN7x64/KaLiLinuXx64 CVE:...

9.8CVSS9.8AI score0.02703EPSS
Exploits5
Exploit DB
Exploit DB
•added 2018/02/16 12:0 a.m.•52 views

Joomla! Component JS Autoz 1.0.9 - SQL Injection

Exploit Title: Joomla! Component JS Autoz 1.0.9 - SQL Injection Dork: N/A Date: 16.02.2018 Vendor Homepage: http://www.joomsky.com/ Software Link: https://extensions.joomla.org/extensions/extension/vertical-markets/vehicles/js-autoz/ Software Download: http://joomsky.com/js-autoz-download.html...

9.8CVSS9.8AI score0.19493EPSS
Exploits5
Exploit DB
Exploit DB
•added 2018/02/16 12:0 a.m.•53 views

Joomla! Component JquickContact 1.3.2.2.1 - SQL Injection

Exploit Title: Joomla! Component JquickContact 1.3.2.2.1 - SQL Injection Dork: N/A Date: 16.02.2018 Vendor: http://coderspirit.blogspot.com.tr/2011/07/jquickcontact.html Software: https://extensions.joomla.org/extensions/extension/contacts-and-feedback/contact-forms/jquickcontact/ Download:...

9.8CVSS9.8AI score0.02703EPSS
Exploits5
Exploit DB
Exploit DB
•added 2018/02/16 12:0 a.m.•39 views

Joomla! Component Form Maker 3.6.12 - SQL Injection

Exploit Title: Joomla! Component Form Maker 3.6.12 - SQL Injection Dork: N/A Date: 16.02.2018 Vendor Homepage: http://demo.web-dorado.com/ Software Link: https://extensions.joomla.org/extensions/extension/contacts-and-feedback/forms/form-maker/ Version: 3.6.12 Category: Webapps Tested on:...

9.8CVSS9.8AI score0.02703EPSS
Exploits5
Exploit DB
Exploit DB
•added 2018/02/16 12:0 a.m.•46 views

Joomla! Component Saxum Numerology 3.0.4 - SQL Injection

Exploit Title: Joomla! Component Saxum Numerology 3.0.4 - SQL Injection Dork: N/A Date: 16.02.2018 Vendor Homepage: http://www.saxum2003.hu/ Software Link: http://www.saxum2003.hu/en/downloadsen/category/7-saxumnumerology-komponens.html Software Download:...

9.8CVSS9.8AI score0.02703EPSS
Exploits5
Exploit DB
Exploit DB
•added 2018/02/16 12:0 a.m.•47 views

Joomla! Component Timetable Responsive Schedule For Joomla! 1.5 - 'alias' SQL Injection

Exploit Title: Joomla! Component Timetable Responsive Schedule For Joomla 1.5 - SQL Injection Dork: N/A Date: 16.02.2018 Vendor Homepage: http://quanticalabs.com/joomla/ Software Link: https://extensions.joomla.org/extensions/extension/calendars-a-events/timetable-responsive-schedule-for-joomla/...

9.8CVSS7AI score0.19493EPSS
Exploits5
Exploit DB
Exploit DB
•added 2018/02/16 12:0 a.m.•49 views

Joomla! Component Solidres 2.5.1 - SQL Injection

Exploit Title: Joomla! Component Solidres 2.5.1 - SQL Injection Dork: N/A Date: 16.02.2018 Vendor Homepage: http://solidres.com/ Software Link: https://extensions.joomla.org/extensions/extension/vertical-markets/booking-a-reservations/solidres/ Version: 2.5.1 Category: Webapps Tested on:...

9.8CVSS8.1AI score0.03872EPSS
Exploits5
Exploit DB
Exploit DB
•added 2018/02/16 12:0 a.m.•43 views

Joomla! Component Staff Master 1.0 RC 1 - SQL Injection

Exploit Title: Joomla! Component Staff Master = 1.0 RC 1 - SQL Injection Dork: N/A Date: 16.02.2018 Vendor Homepage: http://www.systemsunited.net/ Software Link: http://www.systemsunited.net/ Version: = 1.0 RC 1 Category: Webapps Tested on: WiN7x64/KaLiLinuXx64 CVE: CVE-2018-5992 Exploit Author:...

9.8CVSS9.8AI score0.02703EPSS
Exploits5
Exploit DB
Exploit DB
•added 2018/02/16 12:0 a.m.•42 views

Joomla! Component ccNewsletter 2.x.x 'id' - SQL Injection

Exploit Title: Joomla Component ccNewsletter 2.x.x 'id' - SQL Injection Dork: N/A Date: 16.02.2018 Vendor Homepage: https://www.chillcreations.com/ Software Link: https://extensions.joomla.org/extension/ccnewsletter/ Version: 2.x Stable Category: Webapps Tested on: WiN7x64/KaLiLinuXx64 CVE:...

9.8CVSS9.8AI score0.02607EPSS
Exploits5
Exploit DB
Exploit DB
•added 2018/02/16 12:0 a.m.•57 views

Joomla! Component Smart Shoutbox 3.0.0 - SQL Injection

Exploit Title: Joomla! Component Smart Shoutbox 3.0.0 - SQL Injection Dork: N/A Date: 16.02.2018 Vendor Homepage: https://thekrotek.com/ Software Link: https://extensions.joomla.org/extension/smart-shoutbox/ Version: 3.0.0 Category: Webapps Tested on: WiN7x64/KaLiLinuXx64 CVE: CVE-2018-5975 Explo...

9.8CVSS9.8AI score0.02703EPSS
Exploits5
Exploit DB
Exploit DB
•added 2018/02/16 12:0 a.m.•85 views

Joomla! Component SimpleCalendar 3.1.9 - SQL Injection

Exploit Title: Joomla! Component SimpleCalendar 3.1.9 - SQL Injection Dork: N/A Date: 16.02.2018 Vendor Homepage: http://albonico.ch/ Software Link: http://software.albonico.ch/downloads/file/3-simplecalendar-3-1-9.html Version: 3.1.9 Category: Webapps Tested on: WiN7x64/KaLiLinuXx64 CVE:...

9.8CVSS9.8AI score0.02703EPSS
Exploits5
Exploit DB
Exploit DB
•added 2018/02/16 12:0 a.m.•49 views

Joomla! Component Saxum Picker 3.2.10 - SQL Injection

Exploit Title: Joomla! Component Saxum Picker 3.2.10 - SQL Injection Dork: N/A Date: 16.02.2018 Vendor Homepage: http://www.saxum2003.hu/ Software Link: https://extensions.joomla.org/extensions/extension/sports-a-games/games/saxumpicker/ Software Download:...

9.8CVSS9.8AI score0.03953EPSS
Exploits5
Exploit DB
Exploit DB
•added 2018/02/16 12:0 a.m.•60 views

Joomla! Component NeoRecruit 4.1 - SQL Injection

Exploit Title: Joomla! Component NeoRecruit 4.1 - SQL Injection Dork: N/A Date: 16.02.2018 Vendor Homepage: http://neojoomla.com/ Software Link: https://extensions.joomla.org/extensions/extension/ads-a-affiliates/jobs-a-recruitment/neorecruit/ Version: 4.1 Category: Webapps Tested on:...

9.8CVSS9.8AI score0.02703EPSS
Exploits5
Exploit DB
Exploit DB
•added 2018/02/16 12:0 a.m.•81 views

Joomla! Component Saxum Astro 4.0.14 - SQL Injection

Exploit Title: Joomla! Component Saxum Astro 4.0.14 - SQL Injection Dork: N/A Date: 16.02.2018 Vendor Homepage: http://www.saxum2003.hu/ Software Link: https://extensions.joomla.org/extensions/extension/living/astrology-a-horoscope/saxumastro/ Software Download:...

9.8CVSS9.8AI score0.02759EPSS
Exploits5
Exploit DB
Exploit DB
•added 2018/02/16 12:0 a.m.•44 views

Joomla! Pinterest Clone Social Pinboard 2.0 - SQL Injection

Exploit Title: Joomla! Pinterest Clone Social Pinboard 2.0 - SQL Injection Dork: N/A Date: 16.02.2018 Vendor Homepage: https://www.apptha.com/ Software Link: https://www.apptha.com/joomla/social-pinboard-script Version: 2.0 Category: Webapps Tested on: WiN7x64/KaLiLinuXx64 CVE: CVE-2018-5987...

9.8CVSS9.8AI score0.02703EPSS
Exploits5
Exploit DB
Exploit DB
•added 2018/02/16 12:0 a.m.•21 views

PHIMS - Hospital Management Information System - 'Password' SQL Injection

Exploit Title: PHIMS - Hospital Management Information System - 'Password' SQL Injection Dork: N/A Date: 2018-02-16 Exploit Author: Borna nematzadeh L0RD or [email protected] Vendor Homepage: https://codecanyon.net/item/phims/14974225?srank=1566 Version: All version Category: Webapps...

7AI score
Exploits0
Exploit DB
Exploit DB
•added 2018/02/16 12:0 a.m.•53 views

Joomla! Component SquadManagement 1.0.3 - SQL Injection

Exploit Title: Joomla! Component SquadManagement 1.0.3 - SQL Injection Dork: N/A Date: 16.02.2018 Vendor Homepage: http://www.larshildebrandt.de/ Software Link: https://extensions.joomla.org/extensions/extension/sports-a-games/sports/squadmanagement/ Software Download:...

9.8CVSS9.8AI score0.02703EPSS
Exploits5
Exploit DB
Exploit DB
•added 2018/02/16 12:0 a.m.•26 views

TV - Video Subscription - Authentication Bypass SQL Injection

Exploit Title: TV - Video Subscription - Authentication Bypass Dork: N/A Date: 2018-02-14 Exploit Author: Borna nematzadeh L0RD or [email protected] Vendor Homepage: https://codecanyon.net/item/tv-video-subscription/13966427?srank=1677 Version: All version Category: Webapps CVE: N/A...

7.4AI score
Exploits0
Exploit DB
Exploit DB
•added 2018/02/16 12:0 a.m.•63 views

JBoss Remoting 6.14.18 - Denial of Service

Exploit Title: Exploit Denial of Service JBoss Remoting 4447/9999 Date: 14-02-2018 Exploit Author: Frank Spierings Vendor Homepage: https://www.redhat.com/en/technologies/jboss-middleware/application-platform/get-started Software Link: http://ftp.redhat.com/pub/redhat/jboss/eap/ Version: JBoss EA...

7.5CVSS8AI score0.15812EPSS
Exploits5
Exploit DB
Exploit DB
•added 2018/02/16 12:0 a.m.•63 views

EPIC MyChart - X-Path Injection

Exploit Title: Epic Systems Corporation MyChart X-Path Injection Google Dork: MyChartĀ® licensed from Epic Systems Corporation Date: 8/19/16 Exploit Author: Shayan Sadigh http://threat.tevora.com/author/shayan/ Vendor Homepage: https://www.epic.com/software Software Link: N/A Version: N/A Tested o...

7.5CVSS7.7AI score0.21255EPSS
Exploits5
Exploit DB
Exploit DB
•added 2018/02/16 12:0 a.m.•89 views

ABRT - 'raceabrt' Privilege Escalation (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'ABRT raceabrt Privilege Escalation', 'Description' = %q This module attempts to gain root privileges on Fedora systems with a vulnerable version ...

7.8CVSS6.4AI score0.04776EPSS
Exploits4
Exploit DB
Exploit DB
•added 2018/02/16 12:0 a.m.•32 views

PSNews Website 1.0.0 - 'Keywords' SQL Injection

Exploit Title: PSNews Website Same Backend with Mobile Apps 1.0.0 - 'Keywords' SQL Injection Dork: N/A Date: 2018-02-16 Exploit Author: Borna nematzadeh L0RD or [email protected] Vendor Homepage: https://codecanyon.net/item/psnews-website/21360354?srank=9 Version: 1.0.0 Category:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
•added 2018/02/16 12:0 a.m.•67 views

Oracle Primavera P6 Enterprise Project Portfolio Management - HTTP Response Splitting

Exploit Title: Oracle Primavera P6 Enterprise Project Portfolio Management HTTP Response Splitting Date: 16-02-2018 Exploit Author: Marios Nicolaides - RUNESEC Reviewers: Simon Loizides and Nicolas Markitanis - RUNESEC Vendor Homepage: https://www.oracle.com Affected Software: Oracle Primavera P6...

5.4CVSS5.9AI score0.03916EPSS
Exploits4
Exploit DB
Exploit DB
•added 2018/02/16 12:0 a.m.•43 views

Front Accounting ERP 2.4.3 - Cross-Site Request Forgery

...

8.8CVSS9AI score0.02392EPSS
Exploits5
Exploit DB
Exploit DB
•added 2018/02/16 12:0 a.m.•78 views

Joomla! Component Fastball 2.5 - 'season' SQL Injection

Exploit Title: Joomla! Component Fastball 2.5 - SQL Injection Dork: N/A Date: 16.02.2018 Vendor Homepage: http://www.fastballproductions.com/ Software Link: http://www.fastballproductions.com/ Version: 2.5 Category: Webapps Tested on: WiN7x64/KaLiLinuXx64 CVE: CVE-2018-6373 Exploit Author: Ihsan...

9.8CVSS9.8AI score0.01946EPSS
Exploits5
Exploit DB
Exploit DB
•added 2018/02/16 12:0 a.m.•71 views

Joomla! Component JomEstate PRO 3.7 - 'id' SQL Injection

Exploit Title: Joomla! Component JomEstate PRO = 3.7 - SQL Injection Dork: N/A Date: 16.02.2018 Vendor Homepage: http://comdev.eu/ Software Link: https://extensions.joomla.org/extensions/extension/vertical-markets/real-estate/jomestate-pro/ Version: = 3.7 Category: Webapps Tested on:...

9.8CVSS9.8AI score0.02703EPSS
Exploits4
Exploit DB
Exploit DB
•added 2018/02/15 12:0 a.m.•39 views

Pdfium - Pattern Shading Integer Overflows

This vulnerability relies on several minor oversights in the handling of shading patterns in pdfium, I'll try to detail all of the issues that could be fixed to harden the code against similar issues. The DrawXShading functions in cpdfrenderstatus.cpp rely on a helper function to compute the numb...

7.4AI score
Exploits0
Exploit DB
Exploit DB
•added 2018/02/15 12:0 a.m.•28 views

Microsoft Edge Chakra JIT - 'LdThis' Type Confusion

/ LdThis instructions' value type is assumed to be "Object". Since "this" can be other objects like an array, it has to be assumed to be "LikelyObject", otherwise, operations to "this" will not be checked properly. PoC: / function optarr arr0 = 1.1; this0 = ; arr0 = 2.3023e-320; function main let...

7.4AI score
Exploits0
Exploit DB
Exploit DB
•added 2018/02/15 12:0 a.m.•34 views

Microsoft Edge Chakra JIT - 'NewScObjectNoCtor' Array Type Confusion

/ This is similar to the previous issues 1457, 1459 MSRC 42551, MSRC 42552. If a JavaScript function is used as a consturctor, it sets the new object's "proto" to its "prototype". The JIT compiler uses NewScObjectNoCtor instructions to perform it, but those instructions are not checked by...

7.4AI score
Exploits0
Exploit DB
Exploit DB
•added 2018/02/15 12:0 a.m.•39 views

Microsoft Edge Chakra JIT - 'Array.prototype.reverse' Array Type Confusion

/ This is simillar to the previous issue 1457. But this time, we use Array.prototype.reverse. Array.prototype.reverse can be inlined and may invoke EnsureNonNativeArray to convert the prototype of "this" to a Var array. Call flow: JavascriptArray::EntryReverse - FillFromPrototypes -...

7.4AI score
Exploits0
Exploit DB
Exploit DB
•added 2018/02/15 12:0 a.m.•48 views

Microsoft Edge Chakra JIT - ImplicitCallFlags Checks Bypass

/ Here's a snippet of ExecuteImplicitCall which is responsible for updating the ImplicitCallFlags flag. template inline Js::Var ExecuteImplicitCallJs::RecyclableObject function, Js::ImplicitCallFlags flags, Fn implicitCall ... Js::ImplicitCallFlags saveImplicitCallFlags = this-GetImplicitCallFlag...

7.4AI score
Exploits0
Exploit DB
Exploit DB
•added 2018/02/15 12:0 a.m.•27 views

Pdfium - Out-of-Bounds Read with Shading Pattern Backed by Pattern Colorspace

Related to issue 1490 . When parsing ShadingPatterns; according to the specification they shouldn't be permitted to have a pattern colorspace as their base colorspace, but this is not validated, leading to out-of-bounds reads when rendering using the malformed shading pattern. bool...

7AI score
Exploits0
Exploit DB
Exploit DB
•added 2018/02/15 12:0 a.m.•27 views

Chrome V8 - 'Runtime_RegExpReplace' Integer Overflow

/ Here's a snippet of the method. ASSIGNRETURNFAILUREONEXCEPTION isolate, captureslengthobj, Object::ToLengthisolate, captureslengthobj; const int captureslength = PositiveNumberToUint32captureslengthobj; ... if functionalreplace const int argc = hasnamedcaptures ? captureslength + 3 :...

7.4AI score
Exploits0
Exploit DB
Exploit DB
•added 2018/02/15 12:0 a.m.•52 views

Microsoft Edge Chakra JIT - Memory Corruption

/ Let's consider the following example code. function opt let arr = ; return arr'x'; // Optimize the "opt" function. for let i = 0; i inline Js::Var ExecuteImplicitCallJs::RecyclableObject function, Js::ImplicitCallFlags flags, Fn implicitCall // For now, we will not allow Function that is marked...

7.4AI score
Exploits0
Exploit DB
Exploit DB
•added 2018/02/15 12:0 a.m.•37 views

Microsoft Edge Chakra JIT - 'GlobOpt::OptTagChecks' Must Consider IsLoopPrePass Properly (2)

It seems this is the patch for the bug. https://github.com/Microsoft/ChakraCore/pull/4226/commits/874551dd00ff6f404e593c7e0162efb54b953f5a The following two cases will bypass the fix. 1: function opt let obj = new Number2.3023e-320; for let i = 0; i 1; i++ obj.x = 1; obj = +obj; obj.x = 1; functi...

7.4AI score
Exploits0
Total number of security vulnerabilities47904