Lucene search
+L
ExploitdbRecent

47904 matches found

exploitdb
exploitdb
added 2017/12/08 12:0 a.m.27 views

Co-work Space Search Script 1.0 - 'city' SQL Injection

Exploit Title: Co-work Space Search Script 1.0 - SQL Injection Dork: N/A Date: 08.12.2017 Vendor Homepage: https://www.phpscriptsmall.com/ Software Link: https://www.phpscriptsmall.com/product/co-work-space-search-script/ Demo: http://ordermanagementscript.com/demo/co-work-space/ Version: 1.0...

7.4AI score
Exploits0
exploitdb
exploitdb
added 2017/12/08 12:0 a.m.30 views

Nearbuy Clone Script 3.2 - 'search' SQL Injection

Exploit Title: Nearbuy Clone Script 3.2 - SQL Injection Dork: N/A Date: 08.12.2017 Vendor Homepage: https://www.phpscriptsmall.com/ Software Link: https://www.phpscriptsmall.com/product/nearbuy-clone/ Demo: http://www.fxwebsolution.com/demo/arthi/nearby/ Version: 3.2 Category: Webapps Tested on:...

7.4AI score
Exploits0
exploitdb
exploitdb
added 2017/12/08 12:0 a.m.18 views

Child Care Script 1.0 - 'city' SQL Injection

Exploit Title: Child Care Script 1.0 - SQL Injection Dork: N/A Date: 08.12.2017 Vendor Homepage: https://www.phpscriptsmall.com/ Software Link: https://www.phpscriptsmall.com/product/child-care-script/ Demo: http://ordermanagementscript.com/demo/childcare/ Version: 1.0 Category: Webapps Tested on...

7.4AI score
Exploits0
exploitdb
exploitdb
added 2017/12/08 12:0 a.m.23 views

Chartered Accountant Booking Script 1.0 - 'city' SQL Injection

Exploit Title: Chartered Accountant Booking Script 1.0 - SQL Injection Dork: N/A Date: 08.12.2017 Vendor Homepage: https://www.phpscriptsmall.com/ Software Link: https://www.phpscriptsmall.com/product/chartered-accountant-booking-script/ Demo: http://fxwebsolution.com/demo/chartered-accountant/...

7.4AI score
Exploits0
exploitdb
exploitdb
added 2017/12/08 12:0 a.m.30 views

Cab Booking Script 1.0 - 'city' SQL Injection

Exploit Title: Cab Booking Script 1.0 - SQL Injection Dork: N/A Date: 08.12.2017 Vendor Homepage: https://www.phpscriptsmall.com/ Software Link: https://www.phpscriptsmall.com/product/cab-booking-script-2/ Demo: http://fxwebsolution.com/demo/cabbooking/ Version: 1.0 Category: Webapps Tested on:...

7.4AI score
Exploits0
exploitdb
exploitdb
added 2017/12/08 12:0 a.m.27 views

Entrepreneur Dating Script 2.0.1 - 'marital' / 'gender' / 'country' / 'profileid' SQL Injection

Exploit Title: Entrepreneur Dating Script 2.0.1 - SQL Injection Dork: N/A Date: 08.12.2017 Vendor Homepage: https://www.phpscriptsmall.com/ Software Link: https://www.phpscriptsmall.com/product/entrepreneur-dating-script/ Demo: http://198.38.86.159/datingscript/ Version: 2.0.1 Category: Webapps...

7.4AI score
Exploits0
exploitdb
exploitdb
added 2017/12/07 12:0 a.m.91 views

Microsoft Windows Defender - Controlled Folder Bypass Through UNC Path

/ Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1418 Windows Defender: Controlled Folder Bypass through UNC Path Platform: Windows 10 1709 + Antimalware client version 4.12.16299.15 Class: Security Feature Bypass Summary: You can bypass the controlled folder feature in Defende...

7.4AI score
Exploits0
exploitdb
exploitdb
added 2017/12/07 12:0 a.m.167 views

Linux Kernel 4.10.5 / < 4.14.3 (Ubuntu) - DCCP Socket Use-After-Free

/ This is an announcement for CVE-2017-8824 which is a use-after-free vulnerability I found in Linux DCCP socket. It can be used to gain kernel code execution from unprivileged processes. You’ll find in attachment the proof of concept code and the kernel panic log. BUG DETAILS When a socket sock...

7.8CVSS7.7AI score0.01344EPSS
Exploits5
exploitdb
exploitdb
added 2017/12/07 12:0 a.m.100 views

OpenEMR 5.0.0 - OS Command Injection / Cross-Site Scripting

SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: OS Command Injection & Reflected Cross Site Scripting product: OpenEMR vulnerable version: 5.0.0 fixed version: 5.0.0 Patch 2 or higher CVE number: - impact: Critical...

7.5CVSS7.6AI score0.01253EPSS
Exploits5
exploitdb
exploitdb
added 2017/12/07 12:0 a.m.79 views

Polycom Shell HDX Series - Traceroute Command Execution (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Polycom Shell HDX Series Traceroute Command Execution', 'Description' = %q Within Polycom command shell, a command execution flaw exists in lan...

7.4AI score
Exploits0
exploitdb
exploitdb
added 2017/12/07 12:0 a.m.100 views

Wireshark 2.4.0 < 2.4.2 / 2.2.0 < 2.2.10 - CIP Safety Dissector Crash

Summary Name: CIP Safety dissector crash Docid: wnpa-sec-2017-49 Date: November 30, 2017 Affected versions: 2.4.0 to 2.4.2, 2.2.0 to 2.2.10 Fixed versions: 2.4.3, 2.2.11 References: Wireshark bug 14250 Details Description The CIP Safety dissector could crash. Impact It may be possible to make...

7.4AI score
Exploits0
exploitdb
exploitdb
added 2017/12/07 12:0 a.m.94 views

FS IMDB Clone - 'id' SQL Injection

Exploit Title: FS IMDB Clone - 'id' SQL Injection Date: 2017-12-06 Exploit Author: Dan° Vendor Homepage: https://fortunescripts.com/ Software Link: https://fortunescripts.com/product/imdb-clone/ Version: 2017-12-06 Tested on: Kali Linux 2.0 PoC: SQL Injection on GET parameter = id...

7.4AI score
Exploits0
exploitdb
exploitdb
added 2017/12/07 12:0 a.m.200 views

Claymore Dual ETH + DCR/SC/LBC/PASC GPU Miner - Stack Buffer Overflow / Path Traversal

!/usr/bin/env python -- coding: UTF-8 -- github.com/tintinweb optional: pip install pysocks https://pypi.python.org/pypi/PySocks ''' API overview: nc -L -p 3333 "id":0,"jsonrpc":"2.0","method":"minergetstat1" "id":0,"jsonrpc":"2.0","method":"minerfile","params":"epools.txt",""...

7.4AI score
Exploits0
exploitdb
exploitdb
added 2017/12/07 12:0 a.m.78 views

FS Facebook Clone - 'token' SQL Injection

Exploit Title: FS Facebook Clone - 'token' SQL Injection Date: 2017-12-06 Exploit Author: Dan° Vendor Homepage: https://fortunescripts.com/ Software Link: https://fortunescripts.com/product/facebook-clone/ Version: 2017-12-06 Tested on: Kali Linux 2.0 PoC: SQL Injection on GET parameter = token...

7.4AI score
Exploits0
exploitdb
exploitdb
added 2017/12/07 12:0 a.m.189 views

LaCie 5big Network 2.2.8 - Command Injection

!/usr/bin/python Exploit Title: LaCie 5big Network 2.2.8 Command Injection Date: 2017-12-04 Exploit Author: Timo Sablowski Contact: [email protected] Vendor Homepage: http://www.lacie.com Software Link: http://www.lacie.com/files/lacie-content/download/drivers/5%20Big%20Network.zip Version:...

7.4AI score
Exploits0
exploitdb
exploitdb
added 2017/12/07 12:0 a.m.74 views

Apple macOS High Sierra 10.13 - 'ctl_ctloutput-leak' Information Leak

/ ctlctloutput-leak.c Brandon Azad CVE-2017-13868 While looking through the source code of XNU version 4570.1.46, I noticed that the function ctlctloutput in the file bsd/kern/kerncontrol.c does not check the return value of sooptcopyin, which makes it possible to leak the uninitialized contents ...

5.5CVSS6.6AI score0.0471EPSS
Exploits4
exploitdb
exploitdb
added 2017/12/06 12:0 a.m.80 views

Dasan Networks GPON ONT WiFi Router H640X 12.02-01121 / 2.77p1-1124 / 3.03p2-1146 - Remote Code Execution

Vulnerability Summary The following advisory describes a buffer overflow that leads to remote code execution found in Dasan Networks GPON ONT WiFi Router H640X versions 12.02-01121 / 2.77p1-1124 / 3.03p2-1146 Dasan Networks GPON ONT WiFi Router “is indoor type ONT dedicated for FTTH Fibre to the...

7.4AI score
Exploits0
exploitdb
exploitdb
added 2017/12/06 12:0 a.m.79 views

Hashicorp vagrant-vmware-fusion 4.0.23 - Local Privilege Escalation

A couple of weeks ago I disclosed a local root privesc in Hashicorp's vagrant-vmware-fusion plugin: https://m4.rkw.io/blog/cve20177642-local-root-privesc-in-hashicorp-vagrantvmw... The initial patch they released was 4.0.21 which unfortunately contained a bug that prevented it from working at all...

7.4AI score
Exploits0
exploitdb
exploitdb
added 2017/12/06 12:0 a.m.78 views

FS Shaadi Clone - 'token' SQL Injection

Exploit Title: FS Shaadi Clone - SQL Injection Date: 2017-12-05 Exploit Author: Dan° Vendor Homepage: https://fortunescripts.com/ Software Link: https://fortunescripts.com/product/shaadi-clone/ Version: 2017-12-05 Tested on: Kali Linux 2.0 PoC: SQL Injection on GET parameter = token...

7.4AI score
Exploits0
exploitdb
exploitdb
added 2017/12/06 12:0 a.m.75 views

Arq 5.9.6 - Local Privilege Escalation

Arq Backup from Haystack Software is a great application for backing up macs and windows machines. Unfortunately versions of Arq for mac before 5.9.7 are vulnerable to a local root privilege escalation exploit. The updater binary has a "setpermissions" function which sets the suid bit and root...

7AI score
Exploits0
exploitdb
exploitdb
added 2017/12/06 12:0 a.m.73 views

FS Makemytrip Clone - 'id' SQL Injection

Exploit Title: FS Makemytrip Clone - SQL Injection Date: 2017-12-05 Exploit Author: Dan° Vendor Homepage: https://fortunescripts.com/ Software Link: https://fortunescripts.com/product/makemytrip-clone/ Version: 2017-12-05 Tested on: Kali Linux 2.0 PoC: SQL Injection on GET parameter = id...

7.4AI score
Exploits0
exploitdb
exploitdb
added 2017/12/06 12:0 a.m.80 views

WinduCMS 3.1 - Local File Disclosure

!/usr/bin/python Exploit Title: WinduCMS = 3.1 - Local File Disclosure Date: 2017-12-03 Exploit Author: Maciek Krupa Vendor Homepage: http://windu.org Version: 3.1 Tested on: Linux Debian 9 // Description // Local File Disclosure vulnerability exists in WinduCMS through a vulnerable PHPMailer...

7.4AI score
Exploits0
exploitdb
exploitdb
added 2017/12/06 12:0 a.m.115 views

Proxifier for Mac 2.19 - Local Privilege Escalation

With CVE-2017-7643 I disclosed a command injection vulnerablity in the KLoader binary that ships with Proxifier = 2.18. Unfortunately 2.19 is also vulnerable to a slightly different attack that yields the same result. When Proxifier is first run, if the KLoader binary is not suid root it gets...

7.8CVSS7.7AI score0.00965EPSS
Exploits8
exploitdb
exploitdb
added 2017/12/06 12:0 a.m.75 views

Hashicorp vagrant-vmware-fusion 5.0.0 - Local Privilege Escalation

After three CVEs and multiple exploits disclosed to Hashicorp they have finally upped their game with this plugin. Now the previously vulnerable non-root-owned ruby code that get executed as root by the sudo helper is no more and the sudo helper itself is one static Go binary with...

7.4AI score
Exploits0
exploitdb
exploitdb
added 2017/12/06 12:0 a.m.37 views

Apple macOS 10.13.1 (High Sierra) - Insecure Cron System Local Privilege Escalation

Recently I was working on an security issue in some other software that has yet to be disclosed which created a rather interesting condition. As a non-root user I was able to write to any file on the system that was not SIP-protected but the resulting file would not be root-owned, even if it...

7.4AI score
Exploits0
exploitdb
exploitdb
added 2017/12/06 12:0 a.m.77 views

Hashicorp vagrant-vmware-fusion 4.0.24 - Local Privilege Escalation

I have previously disclosed a couple of bugs in Hashicorp's vagrant-vmware-fusion plugin for vagrant. Unfortunately the 4.0.23 release which was supposed to fix the previous bug I reported didn't address the issue, so Hashicorp quickly put out another release - 4.0.24 - after that but didn't upda...

7AI score
Exploits0
exploitdb
exploitdb
added 2017/12/06 12:0 a.m.77 views

Hashicorp vagrant-vmware-fusion 5.0.3 - Local Privilege Escalation

Another day, another root privesc bug in this plugin. Not quite so serious this time - this one is only exploitable if the user has the plugin installed but VMware Fusion not installed. This is a fairly unlikely scenario but it's a straight to root privesc with no user interaction so isn't the ki...

7.4AI score
Exploits0
exploitdb
exploitdb
added 2017/12/06 12:0 a.m.96 views

Hashicorp vagrant-vmware-fusion 5.0.1 - Local Privilege Escalation

I recently blogged about how the installation process of version 5.0.0 of this plugin could be hihacked by a local attacker or malware in order to escalate privileges to root. Hashicorp pushed some mitigations for this issue fairly quickly but unfortunately 5.0.1 is still exploitable with a...

7.4AI score
Exploits0
exploitdb
exploitdb
added 2017/12/06 12:0 a.m.70 views

Murus 1.4.11 - Local Privilege Escalation

I recently blogged about the prevalence of escalation hijack vulnerabilities amongst macOS applications. One example of this is the latest version of Murus firewall. By design it requires the user to authenticate every time in order to obtain the access it needs to modify the firewall settings. I...

7.4AI score
Exploits0
exploitdb
exploitdb
added 2017/12/06 12:0 a.m.90 views

Arq 5.9.7 - Local Privilege Escalation

=begin As well as the other bugs affecting Arq " backupset = "0" 40 hmac = "0" 40 payload = sprintf "%s%s%s%s$%s%s\x00\x00\x00\x00\x01\x00\x00\x00\x00\x00\x00\x00\x02\x00\x00" +...

7AI score
Exploits0
exploitdb
exploitdb
added 2017/12/06 12:0 a.m.77 views

Sera 1.2 - Local Privilege Escalation / Password Disclosure

Sera is a free app for mac and iOS that lets you unlock your mac automatically when your iphone is within a configured proximity. Unfortunately to facilitate this it stores the users login password in their home directory at: /Library/Preferences/no.ignitum.SeraOSX.plist This makes root privilege...

7.4AI score
Exploits0
exploitdb
exploitdb
added 2017/12/06 12:0 a.m.255 views

Monstra CMS - Remote Code Execution

Monstra CMS - Remote Code Execution. CVE-2017-18048. Webapps exploit for PHP platform Vulnerabilities Summary The following advisory describes a vulnerability found in Monstra CMS. Monstra is “a modern and lightweight Content Management System. It is Easy to install, upgrade and use.” The...

8.8CVSS9AI score0.63355EPSS
Exploits6
exploitdb
exploitdb
added 2017/12/05 12:0 a.m.34 views

Readymade Classifieds Script 1.0 - SQL Injection

Exploit Title: Readymade Classifieds Script 1.0 - SQL Injection Dork: N/A Date: 02.12.2017 Vendor Homepage: http://www.scubez.net/ Software Link: http://www.posty.in/index.html Demo: http://www.posty.in/readymade-classifieds-demo.html Version: 1.0 Category: Webapps Tested on: WiN7x64/KaLiLinuXx64...

7.4AI score
Exploits0
exploitdb
exploitdb
added 2017/12/05 12:0 a.m.59 views

VX Search 10.2.14 - 'command_name' Buffer Overflow

!/usr/bin/python print " VX Search Enterprise v10.2.14 Buffer Overflow SEH \n" Exploit Title : VX Search Enterprise v10.2.14 Buffer Overflow SEH Discovery by : W01fier00t Twitter : @wolfieroot Discovery Date : 22/11/2017 Software Link : http://www.vxsearch.com/setups/vxsearchentsetupv10.2.14.exe...

7.4AI score
Exploits0
exploitdb
exploitdb
added 2017/12/05 12:0 a.m.85 views

Perspective ICM Investigation & Case 5.1.1.16 - Privilege Escalation

Exploit Title: Privilege Escalation - Perspective ICM Investigation & Case - 5.1.1.16 Date Reported to vendor: Jun 28, 2017 Date Accepted by vendor: Jun 11, 2017 Exploit Author: [email protected] Vendor Homepage: www.resolver.com Version: Perspective ICM Investigation & Case -...

8.8CVSS8.8AI score0.05564EPSS
Exploits4
exploitdb
exploitdb
added 2017/12/05 12:0 a.m.33 views

Techno Portfolio Management Panel - 'id' SQL Injection

Exploit Title: Techno - Portfolio Management Panel 1.0 - SQL Injection Dork: N/A Date: 02.12.2017 Vendor Homepage: https://codecanyon.net/user/engtechno Software Link: https://codecanyon.net/item/techno-portfolio-management-panel/20919551 Demo: http://dacy.esy.es/eng/ Version: 1.0 Category: Webap...

7.4AI score
Exploits0
exploitdb
exploitdb
added 2017/12/04 12:0 a.m.33 views

TeamViewer 11 < 13 (Windows 10 x86) - Inline Hooking / Direct Memory Modification Permission Change

TeamViewer Permissions Hook V1 --- A proof of concept injectable C++ DLL, that uses naked inline hooking and direct memory modification to change TeamViewer permissions. Features As the Server - Enables extra menu item options on the right side pop-up menu. Most useful so far to enable the "switc...

7.4AI score
Exploits0
exploitdb
exploitdb
added 2017/12/02 12:0 a.m.200 views

Ruby < 2.2.8 / < 2.3.5 / < 2.4.2 / < 2.5.0-preview1 - 'NET::Ftp' Command Injection

While using NET::Ftp I realised you could get command execution through "malicious" file names. The problem lies in the gettextfileremotefile, localfile = File.basenameremotefile method. When looking at the source code, you'll note: def gettextfileremotefile, localfile = File.basenameremotefile,...

9.3CVSS7.8AI score0.73829EPSS
Exploits5
exploitdb
exploitdb
added 2017/12/01 12:0 a.m.30 views

Socusoft Photo 2 Video Converter 8.0.0 - Local Buffer Overflow

Exploit Title: Socusoft Photo 2 Video Converter v8.0.0 Local Buffer Overflow Free and Professional variants Date: 01/12/2017 Exploit Author: Jason Magic ret2eax Vendor Homepage: www.socusoft.com Version: 8.0.0 Tested on: Windows Server 2008 R2 Socusoft's Photo 2 Video Converter v8.0.0 Free and...

7.4AI score
Exploits0
exploitdb
exploitdb
added 2017/12/01 12:0 a.m.96 views

Abyss Web Server < 2.11.6 - Heap Memory Corruption

Credits: John Page aka HyP3rlinX + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/ABYSS-WEB-SERVER-MEMORY-HEAP-CORRUPTION.txt + ISR: ApparitionSec Vendor: ========== aprelium.com Product: =========== Abyss Web Server v2.11.6 Vulnerability Type:...

7.4AI score
Exploits0
exploitdb
exploitdb
added 2017/12/01 12:0 a.m.93 views

Artica Web Proxy 3.06 - Remote Code Execution

Credits: John Page aka Hyp3rlinX + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/ARTICA-WEB-PROXY-v3.06-REMOTE-CODE-EXECUTION-CVE-2017-17055.txt + ISR: ApparitionSec Vendor: ======= www.articatech.com Product: ========= Artica Web Proxy v.3.06.112216...

9CVSS9.2AI score0.08708EPSS
Exploits6
exploitdb
exploitdb
added 2017/12/01 12:0 a.m.80 views

MistServer 2.12 - Cross-Site Scripting

Credits: John Page aka Hyp3rlinX + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/MIST-SERVER-v2.12-UNAUTHENTICATED-PERSISTENT-XSS-CVE-2017-16884.txt + ISR: ApparitionSec Vendor: ============= mistserver.org Product: =========== MistServer v2.12 MistServer...

6.1CVSS6.3AI score0.04327EPSS
Exploits5
exploitdb
exploitdb
added 2017/11/30 12:0 a.m.28 views

Axis Communications MPQT/PACS - Heap Overflow / Information Leakage

STX Subject: Axis Communications MPQT/PACS Heap Overflow and Information Leakage. Attack vector: Remote Authentication: Anonymous no credentials needed Researcher: bashis August 2017 PoC: https://github.com/mcw0/PoC Release date: December 1, 2017 Full Disclosure: 90 days due to the large volume o...

7.4AI score
Exploits0
exploitdb
exploitdb
added 2017/11/30 12:0 a.m.210 views

Linux Kernel - 'The Huge Dirty Cow' Overwriting The Huge Zero Page (1)

// EDB Note: Source https://medium.com/bindecy/huge-dirty-cow-cve-2017-1000405-110eca132de0 // EDB Note: Source https://github.com/bindecy/HugeDirtyCowPOC // Author Note: Before running, make sure to set transparent huge pages to "always": // echo always | sudo tee...

7CVSS7.8AI score0.02841EPSS
Exploits9
exploitdb
exploitdb
added 2017/11/30 12:0 a.m.47 views

Jobs2Careers / Coroflot Clone - SQL Injection

Exploit Title: Jobs2Careers / Coroflot Clone - SQL Injection Date: 2017-11-30 Exploit Author: 8bitsec Vendor Homepage: http://www.i-netsolution.com/ Software Link: http://www.i-netsolution.com/product/jobs2careers-coroflot-jobs-clone-script/ Version: 30 November 17 Tested on: Kali Linux 2.0 | Mac...

7.4AI score
Exploits0
exploitdb
exploitdb
added 2017/11/30 12:0 a.m.83 views

Apple macOS 10.13.1 (High Sierra) - 'Blank Root' Local Privilege Escalation (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Mac OS X Root Privilege Escalation', 'Description' = %q This module exploits a serious flaw in MacOSX High Sierra. Any user can login with user...

7.4AI score
Exploits0
exploitdb
exploitdb
added 2017/11/29 12:0 a.m.31 views

Dup Scout Enterprise 10.0.18 - 'Input Directory' Local Buffer Overflow (SEH)

!/usr/bin/python import struct Exploit Author: Miguel Mendez Z Exploit Title: Dup Scout Enterprise v10.0.18 "Input Directory" Local Buffer Overflow - SEH Unicode Date: 29-11-2017 Software: Dup Scout Enterprise Version: v10.0.18 Vendor Homepage: http://www.dupscout.com Software Link:...

7.4AI score
Exploits0
exploitdb
exploitdb
added 2017/11/29 12:0 a.m.64 views

pfSense - (Authenticated) Group Member Remote Command Execution (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'pfSense authenticated group member RCE', 'Description' = %q pfSense, a free BSD based open source firewall distribution, version 's4squatch',...

7.4AI score
Exploits0
exploitdb
exploitdb
added 2017/11/29 12:0 a.m.49 views

QEMU - NBD Server Long Export Name Stack Buffer Overflow

Introduced in commit f37708f6b8 2.10. The NBD spec says a client can request export names up to 4096 bytes in length, even though they should not expect success on names longer than 256. However, qemu hard-codes the limit of 256, and fails to filter out a client that probes for a longer name; the...

7.4AI score
Exploits0
exploitdb
exploitdb
added 2017/11/29 12:0 a.m.56 views

HP iMC Plat 7.2 - Remote Code Execution (2)

!/opt/local/bin/python2.7 Exploit Title: HP iMC Plat 7.2 dbman Opcode 10008 Command Injection RCE Date: 11-29-2017 Exploit Author: Chris Lyne @lynerc Vendor Homepage: www.hpe.com Software Link:...

10CVSS7.6AI score0.86466EPSS
Exploits13
Total number of security vulnerabilities47904