Lucene search
+L
ExploitdbRecent

47904 matches found

exploitdb
exploitdb
added 2017/12/26 12:0 a.m.87 views

Biometric Shift Employee Management System 3.0 - Local File Disclosure

Exploit Title: Biometric Shift Employee Management System 3.0 - Local File Download Dork: N/A Date: 24.12.2017 Vendor Homepage: https://www.shiftsystems.net/ Software Link: https://codecanyon.net/item/white-label-shift-employee-management-system/21061908 Version: 3.0 Category: Webapps Tested on:...

7.5CVSS7.6AI score0.09542EPSS
Exploits5
exploitdb
exploitdb
added 2017/12/26 12:0 a.m.29 views

Sendroid < 6.5.0 - SQL Injection

Exploit Title: Sendroid - Bulk SMS Portal, Marketing Script 5.0.0 - 6.5.0 - SQL Injection Google Dork: "welcome to SMS portal" Date: 22/12/2017 Exploit Author: Onwuka Gideon Contact: http://twitter.com/@gideononwuka Vendor Homepage: http://ynetinteractive.com/ Software Buy:...

7.4AI score
Exploits0
exploitdb
exploitdb
added 2017/12/26 12:0 a.m.75 views

GetGo Download Manager 5.3.0.2712 - Buffer Overflow

Exploit Title: Buffer overflow vulnerability in GetGo Download Manager 5.3.0.2712 CVE: CVE-2017-17849 Date: 22-12-2017 Tested on Windows 10 32 bits Exploit Author: Aloyce J. Makalanga Contact: https://twitter.com/aloycemjr Software Link: http://www.getgosoft.com/getgodm/ Category: webapps Attack...

10CVSS9.6AI score0.19015EPSS
Exploits9
exploitdb
exploitdb
added 2017/12/26 12:0 a.m.133 views

Ubiquiti UniFi Video 3.7.3 - Local Privilege Escalation

RCE Security Advisory https://www.rcesecurity.com 1. ADVISORY INFORMATION ======================= Product: Ubiquiti UniFi Video Windows Vendor URL: https://www.ubnt.com Type: Improper Handling of Insufficient Permissions or Privileges CWE-280 Date found: 2016-05-24 Date published: 2017-12-20 CVSS...

7.8CVSS7AI score0.01161EPSS
Exploits5
exploitdb
exploitdb
added 2017/12/26 12:0 a.m.515 views

Oracle WebLogic Server 10.3.6.0.0 / 12.x - Remote Command Execution

import requests import sys urlin = sys.argv1 payloadurl = urlin + "/wls-wsat/CoordinatorPortType" payloadheader = 'content-type': 'text/xml' def payloadcommand commandin: htmlescapetable = "&": "&", '"': """, "'": "'", "": "", ""+"".joinhtmlescapetable.getc, c for c in commandin+"" payload1 = " \...

7.5CVSS7.9AI score0.99993EPSS
Exploits45
exploitdb
exploitdb
added 2017/12/25 12:0 a.m.93 views

Huawei Router HG532 - Arbitrary Command Execution

import threading, sys, time, random, socket, re, os, struct, array, requests from requests.auth import HTTPDigestAuth ips = opensys.argv1, "r".readlines cmd = "" Your MIPS SSHD rm = "\n \n \n $" + cmd + "\n$echo HUAWEIUPNP\n\n \n " class exploitthreading.Thread: def init self, ip:...

7.4AI score
Exploits0
exploitdb
exploitdb
added 2017/12/23 12:0 a.m.40 views

Iopsys Router - 'dhcp' Remote Code Execution

!/usr/bin/python import json import sys import subprocess import socket import os from time import sleep from websocket import createconnection def ubusAuthhost, username, password: ws = createconnection"ws://" + host, header = "Sec-WebSocket-Protocol: ubus-json" req =...

7.4AI score
Exploits0
exploitdb
exploitdb
added 2017/12/22 12:0 a.m.37 views

Vitek - Remote Command Execution / Information Disclosure (PoC)

STX Subject: Vitek RCE and Information Disclosure and possible other OEM Attack vector: Remote Authentication: Anonymous no credentials needed Researcher: bashis December 2017 PoC: https://github.com/mcw0/PoC Release date: December 22, 2017 Full Disclosure: 0-day heap: Executable + Non-ASLR stack...

7.4AI score
Exploits0
exploitdb
exploitdb
added 2017/12/20 12:0 a.m.60 views

Conarc iChannel - Improper Access Restrictions

Exploit Title: Conarc iChannel - Unauthenticated Access/Default Webserver Misconfiguration allows for compromise of server Date: 2017-12-19 Exploit Author: Information Paradox CVE : CVE-2017-17759 https://affectedserver/wc.dll?wwMaintEditConfig The customized webserver used by iChannel is based o...

10CVSS9.7AI score0.11292EPSS
Exploits3
exploitdb
exploitdb
added 2017/12/20 12:0 a.m.64 views

Microsoft Windows Kernel - 'NtQueryVirtualMemory(MemoryMappedFilenameInformation)' Double-Write Ring-0 Address Leak

/ Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1456 We have discovered that it is possible to disclose addresses of kernel-mode Paged Pool allocations via a race-condition in the implementation of the NtQueryVirtualMemory system call information class 2,...

7.4AI score
Exploits0
exploitdb
exploitdb
added 2017/12/20 12:0 a.m.68 views

BEIMS ContractorWeb 5.18.0.0 - SQL Injection

Exploit Title: SQL Injection Date: 18 December, 2017 Exploit Author: Rajwinder Singh Vendor Homepage: http://www.beims.com/products/ Software Link: http://www.beims.com/optional-modules/ccw Version: BEIMS ContractorWeb .NET System 5.18.0.0 CVE : 2017-17721 Vulnerability Details:...

9.8CVSS9.7AI score0.03596EPSS
Exploits4
exploitdb
exploitdb
added 2017/12/20 12:0 a.m.45 views

Ability Mail Server 3.3.2 - Cross-Site Scripting

Exploit Title: Ability Mail Server 3.3.2 Persistent Cross Site Scripting XSS CVE: CVE-2017-17752 Date: 19-12-2017 Software Link: http://download.codecrafters.com/ams3.exe Exploit Author: Aloyce J. Makalanga Contact: https://twitter.com/aloycemjr Vendor Homepage: http://www.codecrafters.com...

6.1CVSS6.3AI score0.01383EPSS
Exploits5
exploitdb
exploitdb
added 2017/12/20 12:0 a.m.116 views

Samsung Internet Browser - SOP Bypass (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Samsung Internet Browser SOP Bypass', 'Description' = %q This module takes advantage of a Same-Origin Policy SOP bypass vulnerability in the...

7.5CVSS7.4AI score0.78843EPSS
Exploits7
exploitdb
exploitdb
added 2017/12/19 12:0 a.m.21 views

Linux/x64 - Custom Encoded XOR + Polymorphic + execve(/bin/sh) Shellcode (Generator)

Linux/x64 - Custom Encoded XOR + Polymorphic + execve/bin/sh Shellcode Generator. Shellcode exploit for Generator platform !/usr/bin/python from random import randint encoded = "" encoded2 = "" badchars = 0x00 shellcode = "\x90" +...

7.1AI score
Exploits0
exploitdb
exploitdb
added 2017/12/19 12:0 a.m.72 views

Ichano AtHome IP Cameras - Multiple Vulnerabilities

Vulnerabilities Summary The following advisory describes three 3 vulnerabilities found in Ichano IP Cameras. AtHome Camera is “a remote video surveillance app which turns your personal computer, smart TV/set-top box, smart phone, and tablet into a professional video monitoring system in a minute....

10CVSS9.7AI score0.07214EPSS
Exploits3
exploitdb
exploitdb
added 2017/12/19 12:0 a.m.48 views

Microsoft Windows - 'jscript!NameTbl::GetValDef' Use-After-Free

var vars = new Array100; forvar i=0;i !-- ============================================ PoC for WPAD might require page heap to trigger the crash: ============================================ function FindProxyForURLurl,...

7.4AI score
Exploits0
exploitdb
exploitdb
added 2017/12/19 12:0 a.m.55 views

Jenkins - XStream Groovy classpath Deserialization (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Jenkins XStream Groovy classpath Deserialization Vulnerability', 'Description' = %q This module exploits CVE-2016-0792 a vulnerability in Jenkins...

9CVSS6.9AI score0.82697EPSS
Exploits23
exploitdb
exploitdb
added 2017/12/19 12:0 a.m.38 views

Microsoft Windows - 'jscript!JsArraySlice' Uninitialized Variable

var x = new URIErrornew Array, undefined, undefined; String.prototype.localeCompare.callx, new Date0, 0, 0, 0, 0, 0, undefined; Array.prototype.slice.call1; !-- ============================================ Technical details: The issue is in jscript!JsArraySlice Array.prototype.slice.call in the P...

7AI score
Exploits0
exploitdb
exploitdb
added 2017/12/19 12:0 a.m.65 views

Intel Content Protection HECI Service - Type Confusion Privilege Escalation

Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1358 Intel Content Protection HECI Service Type Confusion EoP Platform: Tested on Windows 10, service version 9.0.2.117 Class: Elevation of Privilege Summary: The Intel Content Protection HECI Service exposes a DCOM object to all...

7.4AI score
Exploits0
exploitdb
exploitdb
added 2017/12/19 12:0 a.m.63 views

Microsoft Windows - 'jscript!RegExpFncObj::LastParen' Out-of-Bounds Read

function go var r= new RegExpArray100.join''; ''.searchr; alertRegExp.lastParen; go; r rax=0000000000000063 rbx=000000000476fd90 rcx=0000000000000063 rdx=0000000000000064 rsi=000000000476fd90 rdi=000007fef23d37d0 rip=000007fef23d3813 rsp=00000000130f9090 rbp=00000000130f9148 r8=00000000130f9210...

7AI score
Exploits0
exploitdb
exploitdb
added 2017/12/19 12:0 a.m.66 views

Microsoft Internet Explorer 11 - 'jscript!JSONStringifyObject' Use-After-Free

var o1 = toJSON:function alert'o1'; return o2; var o2 = toJSON:function alert'o2'; CollectGarbage; return 'x'; JSON.stringifyo1; g df8.e48: Access violation - code c0000005 first chance First chance exceptions are reported before any exception handling. This exception may be expected and handled...

7.4AI score
Exploits0
exploitdb
exploitdb
added 2017/12/19 12:0 a.m.58 views

BrightSign Digital Signage - Multiple Vulnerablities

Exploit Title: BrightSign Digital Signage Multiple Vulnerabilities Date: 12/15/17 Exploit Author: [email protected] Vectors: XSS, Directory Traversal, File Modification, Information Leakage The BrightSign Digital Signage 4k242 device Firmware 6.2.63 and below suffers from multiple...

7.4AI score
Exploits0
exploitdb
exploitdb
added 2017/12/19 12:0 a.m.94 views

Trend Micro Smart Protection Server - Session Hijacking / Log File Disclosure / Remote Command Execution / Cron Job Injection / Local File Inclusion / Stored Cross-Site Scripting / Improper Access Control

Trend Micro Smart Protection Server Multiple Vulnerabilities 1. Advisory Information Title:: Trend Micro Smart Protection Server Multiple Vulnerabilities Advisory ID: CORE-2017-0008 Advisory URL: http://www.coresecurity.com/advisories/trend-micro-smart-protection-server-multiple-vulnerabilities...

9.8CVSS7.4AI score0.19369EPSS
Exploits10
exploitdb
exploitdb
added 2017/12/19 12:0 a.m.59 views

Tuleap 9.6 - Second-Order PHP Object Injection (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Tuleap 9.6 Second-Order PHP Object Injection', 'Description' = %q This module exploits a Second-Order PHP Object Injection vulnerability in Tulea...

8.8CVSS7.4AI score0.66632EPSS
Exploits6
exploitdb
exploitdb
added 2017/12/19 12:0 a.m.54 views

Microsoft Windows - 'jscript!RegExpComp::Compile' Heap Overflow Through IE or Local Network via WPAD

var s = 'a'; forvar i=0;i !-- ============================================...

7.4AI score
Exploits0
exploitdb
exploitdb
added 2017/12/19 12:0 a.m.79 views

Microsoft Windows - jscript.dll 'Array.sort' Heap Overflow

var vars = new Array100; var arr = new Array1000; forvar i=1;i !-- ========================================= Technical details: Array.sort is implemented in JsArraySort which, depending if a comparison function was specified or not, calls JsArrayStringHeapSort or JsArrayFunctionHeapSort. These...

7.4AI score
Exploits0
exploitdb
exploitdb
added 2017/12/19 12:0 a.m.56 views

Joomla! Component NextGen Editor 2.1.0 - 'plname' SQL Injection

Exploit Title: Joomla! Component NextGen Editor 2.1.0 - SQL Injection Dork: N/A Date: 19.12.2017 Vendor Homepage: hhttp://nextgeneditor.com/ Software Link: https://extensions.joomla.org/extension/nextgen-editor/ Software Download:...

7.4AI score
Exploits0
exploitdb
exploitdb
added 2017/12/18 12:0 a.m.66 views

Joomla! Component Guru Pro - 'promocode' SQL Injection

Exploit Title: Joomla! Component Guru Pro 'promocode'- SQL Injection Dork: N/A Date: 17.12.2017 Vendor Homepage: https://www.ijoomla.com/ Software Link: https://www.ijoomla.com/component/digistore/products/47-joomla-add-ons/119-guru-pro/189?Itemid=189 Version: N/A Category: Webapps Tested on:...

7.4AI score
Exploits0
exploitdb
exploitdb
added 2017/12/18 12:0 a.m.464 views

GoAhead Web Server 2.5 < 3.6.5 - HTTPd 'LD_PRELOAD' Remote Code Execution

!/usr/bin/python GoAhead httpd/2.5 to 3.6.5 LDPRELOAD remote code execution exploit EDB Note: Payloads https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/43360.zip EDB Note: Source https://www.elttam.com.au/blog/goahead/ EDB Note: Source...

8.1CVSS8.1AI score0.96327EPSS
Exploits15
exploitdb
exploitdb
added 2017/12/18 12:0 a.m.37 views

Joomla! Component My Projects 2.0 - SQL Injection

Exploit Title: Joomla! Component My Projects 2.0 - SQL Injection Dork: N/A Date: 18.12.2017 Vendor Homepage: http://www.gegabyte.org/ Software Link: https://extensions.joomla.org/extensions/extension/directory-a-documentation/portfolio/my-projects/ Version: 2.0 Category: Webapps Tested on:...

7.4AI score
Exploits0
exploitdb
exploitdb
added 2017/12/18 12:0 a.m.39 views

Outlook for Android - Attachment Download Directory Traversal

''' There is a directory traversal issue in attachment downloads in Outlook for Android. There is no path sanitization on the attachment filename in the app. If the email account is a Hotmail account, this will be sanitized by the server, but for other accounts it will not be. This allows a file ...

7.4AI score
Exploits0
exploitdb
exploitdb
added 2017/12/18 12:0 a.m.81 views

Zoom Linux Client 2.0.106600.0904 - Stack-Based Buffer Overflow (PoC)

CONVISO-17-002 - Zoom Linux Client Stack-based Buffer Overflow Vulnerability 1. Advisory Information Conviso Advisory ID: CONVISO-17-002 CVE ID: CVE-2017-15048 CVSS v2: 6.8, AV:N/AC:M/Au:N/C:P/I:P/A:P Date: 2017-10-01 2. Affected Components Zoom client for Linux, version 2.0.106600.0904...

8.8CVSS8.8AI score0.10163EPSS
Exploits5
exploitdb
exploitdb
added 2017/12/18 12:0 a.m.37 views

CDex 1.96 - Buffer Overflow (PoC)

!/usr/bin/python Exploit Author: bzyo Twitter: @bzyo Exploit Title: CDex 1.96 - Local Stack Buffer Overflow Date: 17-12-2017 Vulnerable Software: CDex 1.96 Unicode Build Vendor Homepage: http://cdex.mu/ Version: v1.96 Software Link: http://cdex.mu/?q=download Tested On: Windows 7 x32 PoC: generat...

7.4AI score
Exploits0
exploitdb
exploitdb
added 2017/12/18 12:0 a.m.72 views

Zoom Linux Client 2.0.106600.0904 - Command Injection

CONVISO-17-003 - Zoom Linux Client Command Injection Vulnerability RCE 1. Advisory Information Conviso Advisory ID: CONVISO-17-003 CVE ID: CVE-2017-15049 CVSS v2: 10, AV:N/AC:L/Au:N/C:C/I:C/A:C Date: 2017-10-01 2. Affected Components Zoom client for Linux, version 2.0.106600.0904 zoomamd64.deb...

9.3CVSS8.8AI score0.17048EPSS
Exploits5
exploitdb
exploitdb
added 2017/12/18 12:0 a.m.71 views

Western Digital MyCloud - 'multi_uploadify' File Upload (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'HEAD', :uri = '/web/', :pattern = /Apache/ include Msf::Exploit::Remote::HttpClient include Msf::Exploit::FileDropper def initializeinfo=...

10CVSS7.4AI score0.73404EPSS
Exploits6
exploitdb
exploitdb
added 2017/12/18 12:0 a.m.46 views

Joomla! Component User Bench 1.0 - 'userid' SQL Injection

Exploit Title: Joomla! Component User Bench 1.0 - SQL Injection Dork: N/A Date: 18.12.2017 Vendor Homepage: http://www.gegabyte.org/ Software Link: https://extensions.joomla.org/extensions/extension/directory-a-documentation/directory/user-bench/ Version: 1.0 Category: Webapps Tested on:...

7.4AI score
Exploits0
exploitdb
exploitdb
added 2017/12/18 12:0 a.m.63 views

Joomla! Component JB Visa 1.0 - 'visatype' SQL Injection

Exploit Title: Joomla! Component JB Visa 1.0 - SQL Injection Dork: N/A Date: 17.12.2017 Vendor Homepage: http://joombooking.com/ Software Link: https://extensions.joomla.org/extensions/extension/vertical-markets/booking-a-reservations/jb-visa/ Version: 1.0 Category: Webapps Tested on:...

7.4AI score
Exploits0
exploitdb
exploitdb
added 2017/12/18 12:0 a.m.23 views

Ciuis CRM 1.0.7 - SQL Injection

Exploit Title: Ciuis CRM v 1.0.7 Sql Injection Google Dork: if applicable Date: 12/15/2017 Exploit Author: Zahid Abbasi Contact: http://twitter.com/zahidsec Website: http://zahidabbasi.com Vendor Homepage: http://ciuis.com/ Software Link: https://codecanyon.net/item/ciuis-crm/20473489 Version:...

7.4AI score
Exploits0
exploitdb
exploitdb
added 2017/12/18 12:0 a.m.23 views

Cells Blog 3.5 - 'bgid' / 'fmid' / 'fnid' SQL Injection

Exploit Title: Cells Blog 3.5 - SQL Injection Dork: N/A Date: 16.12.2017 Vendor Homepage: http://www.cells.tw/ Software Link: http://www.cells.tw/cells/ Version: 3.5 Category: Webapps Tested on: WiN7x64/KaLiLinuXx64 CVE: N/A Exploit Author: Ihsan Sencan Author Web: http://ihsan.net Author Social:...

7.4AI score
Exploits0
exploitdb
exploitdb
added 2017/12/18 12:0 a.m.185 views

Monstra CMS 3.0.4 - (Authenticated) Arbitrary File Upload / Remote Code Execution

Exploit Title: Monstra CMS - 3.0.4 RCE Vendor Homepage: http://monstra.org/ Software Link: https://bitbucket.org/Awilum/monstra/downloads/monstra-3.0.4.zip Discovered by: Ishaq Mohammed Contact: https://twitter.com/securityprince Website: https://about.me/security-prince Category: webapps Platfor...

7.4AI score
Exploits0
exploitdb
exploitdb
added 2017/12/16 12:0 a.m.41 views

Linux/x64 - Custom Encoded XOR + execve(/bin/sh) Shellcode

Linux/x64 - Custom Encoded XOR + execve/bin/sh Shellcode. Shellcode exploit for Linuxx86-64 platform global start section .text start: jmp findaddress ; jmp short by default decoder: ; Get the address of the string pop rdi push rdi pop rbx ; get the first byte and bruteforce till you get the toke...

7.1AI score
Exploits0
exploitdb
exploitdb
added 2017/12/15 12:0 a.m.129 views

Linux kernel < 4.10.15 - Race Condition Privilege Escalation

/ PoC for CVE-2017-10661, triggers UAF with KASan enabled in kernel 4.10 / include include include include include include include include include include include include include include include include include define RACETIME 1000000 int fd; int fddumb; int count=0; void listaddthreadvoid arg in...

7.6CVSS7.8AI score0.13378EPSS
Exploits3
exploitdb
exploitdb
added 2017/12/15 12:0 a.m.35 views

Movie Guide 2.0 - SQL Injection

Exploit Title: Movie Guide 2.0 - SQL Injection Dork: N/A Date: 15.12.2017 Vendor Homepage: http://applebitemedia.com/ Software Link: http://applebitemedia.com/amwdl/AMMovieGuide.tar.gz Version: 2.0 Category: Webapps Tested on: WiN7x64/KaLiLinuXx64 CVE: N/A Exploit Author: Ihsan Sencan Author Web:...

7.4AI score
Exploits0
exploitdb
exploitdb
added 2017/12/15 12:0 a.m.60 views

Sync Breeze 10.2.12 - Denial of Service

============================================= MGC ALERT 2017-007 - Original release date: November 30, 2017 - Last revised: December 14, 2017 - Discovered by: Manuel García Cárdenas - Severity: 7,5/10 CVSS Base Score - CVE-ID: CVE-2017-17088 ============================================= I...

7.5CVSS7.6AI score0.06984EPSS
Exploits5
exploitdb
exploitdb
added 2017/12/15 12:0 a.m.61 views

ITGuard-Manager 0.0.0.1 - Remote Code Execution

Vulnerability Title: ITGuard-Manager V0.0.0.1 PreAuth Remote Code Execution Author: Nassim Asrir Contact: [email protected] / @asrirnassim CVE: Waiting ... CVSS: CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:H/E:H/MAV:P3.0/AV:P/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:H/E:H/MAV:P Vendor: http://www.innotube.co...

7.4AI score
Exploits0
exploitdb
exploitdb
added 2017/12/14 12:0 a.m.61 views

Multiple OEM - 'nsd' Remote Stack Format String (PoC)

STX Subject: Remote Stack Format String in 'nsd' binary from multiple OEM Attack vector: Remote Authentication: Anonymous no credentials needed Researcher: bashis December 2017 PoC: https://github.com/mcw0/PoC Release date: December 14, 2017 Full Disclosure: 0-Day - PoC - 1 $ curl...

7.4AI score
Exploits0
exploitdb
exploitdb
added 2017/12/14 12:0 a.m.48 views

Linksys WVBR0 - 'User-Agent' Remote Command Injection

!/usr/bin/python -- coding: utf-8 -- Author: Nixawk CVE-2017-17411 Linksys WVBR0 25 Command Injection """ $ python2.7 exploit-CVE-2017-17411.py Usage: python exploit-CVE-2017-17411.py $ python2.7 exploit-CVE-2017-17411.py http://example.com/ + Target is exploitable by CVE-2017-17411 """ import...

10CVSS9.6AI score0.87929EPSS
Exploits9
exploitdb
exploitdb
added 2017/12/14 12:0 a.m.137 views

Palo Alto Networks Firewalls - Root Remote Code Execution

This is a public advisory for CVE-2017-15944 which is a remote root code execution bug in Palo Alto Networks firewalls. Three separate bugs can be used together to remotely execute commands as root through the web management interface without authentication on: PAN-OS 6.1.18 and earlier, PAN-OS...

9.8CVSS9.6AI score0.9834EPSS
Exploits13
exploitdb
exploitdb
added 2017/12/14 12:0 a.m.38 views

Dup Scout Enterprise - 'Login' Buffer Overflow (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Dup Scout Enterprise Login Buffer Overflow', 'Description' = %q This module exploits a stack buffer overflow in Dup Scout Enterprise 10.0.18. The...

7.4AI score
Exploits0
exploitdb
exploitdb
added 2017/12/14 12:0 a.m.34 views

pfSense 2.4.1 - Cross-Site Request Forgery Error Page Clickjacking (Metasploit)

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Clickjacking Vulnerability In CSRF Error Page pfSense', 'Description' = %q This module exploits a Clickjacking vulnerability in pfSense 'Yorick...

7.4AI score
Exploits0
Total number of security vulnerabilities47904