Lucene search
+L
ExploitdbRecent

47904 matches found

Exploit DB
Exploit DB
added 2017/04/25 12:0 a.m.44 views

Apple Safari - Array concat Memory Corruption

!-- Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1095 There is an out-of-bounds memcpy in Array.concat that can lead to memory corruption. In builtins/ArrayPrototype.js, the function concatSlowPath calls a native method @appendMemcpy with a parameter resultIndex that is handl...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2017/04/25 12:0 a.m.371 views

Microsoft Windows 2003 SP2 - 'ERRATICGOPHER' SMB Remote Code Execution

!/usr/bin/env python -- coding: utf-8 -- By Victor Portal vportal for educational porpouse only This exploit is the python version of the ErraticGopher exploit probably with some modifications. ErraticGopher exploits a memory corruption seems to be a Heap Overflow in the Windows DCE-RPC Call...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2017/04/25 12:0 a.m.89 views

October CMS 1.0.412 - Multiple Vulnerabilities

October CMS v1.0.412 several vulnerabilities Information =========== Name: October CMS v1.0.412 build 412 Homepage: http://octobercms.com Vulnerability: several issues, including PHP code execution Prerequisites: attacker has to be authenticated user with media or asset management permission CVE:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2017/04/25 12:0 a.m.172 views

Realtek Audio Driver 6.0.1.7898 (Windows 10) - Dolby Audio X2 Service Privilege Escalation

Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1075 Windows: Dolby Audio X2 Service Elevation of Privilege Platform: Windows 10 + Realtek Audio Driver version 6.0.1.7898 on a Lenovo P50. Version of the service binary 0.7.2.61 built on 7/18/2016. Class: Elevation of Privilege...

10CVSS7.6AI score0.23425EPSS
Exploits11
Exploit DB
Exploit DB
added 2017/04/25 12:0 a.m.68 views

Oracle VirtualBox Guest Additions 5.1.18 - Unprivileged Windows User-Mode Guest Code Double-Free

/ Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1227 We have discovered a heap double-free vulnerability in the latest version of VirtualBox 5.1.18, with Guest Additions and more specifically shared folders enabled in the guest operating system. The heap memory corruption take...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2017/04/25 12:0 a.m.804 views

Microsoft Office Word - '.RTF' Malicious HTA Execution (Metasploit)

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class MetasploitModule "Microsoft Office Word Malicious Hta Execution", 'Description' = %q This module creates a malicious RTF file that when opened in...

9.3CVSS8.4AI score0.99933EPSS
Exploits29
Exploit DB
Exploit DB
added 2017/04/25 12:0 a.m.52 views

PrivateTunnel Client 2.8 - Local Buffer Overflow (SEH)

!/usr/bin/python Exploit Title : Private Tunnel VPN Client 2.8 - Local Buffer Overflow SEH Date : 25/04/2017 Exploit Author : Muhann4d Vendor Homepage : https://www.privatetunnel.com Software Link : https://swupdate.openvpn.org/privatetunnel/client/privatetunnel-win-2.8.exe Affected Versions : 2....

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2017/04/25 12:0 a.m.185 views

Oracle PeopleSoft - 'PeopleSoftServiceListeningConnector' XML External Entity via DOCTYPE

Application: Oracle PeopleSoft Versions Affected: PeopleSoft HCM 9.2 on PeopleTools 8.55 Vendor URL: http://oracle.com Bug: XXE Reported: 23.12.2016 Vendor response: 24.12.2016 Date of Public Advisory: 18.04.2017 Reference: Oracle CPU April 2017 Author: Nadya Krivdyuk ERPScan Description 1...

6.5CVSS6.7AI score0.25832EPSS
Exploits9
Exploit DB
Exploit DB
added 2017/04/25 12:0 a.m.36 views

WordPress Plugin Wow Viral Signups 2.1 - SQL Injection

Exploit Title: Wow Viral Signups v2.1 WordPress Plugin SQL Injection Date: 29/03/2017 Exploit Author: TAD GROUP Vendor Homepage: http://wow-company.com/ Software Link: https://wordpress.org/plugins/mwp-viral-signup/ Version: 2.1 Contact: infoattad.group Website: https://tad.group Category: Web...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2017/04/25 12:0 a.m.51 views

WordPress Plugin Car Rental System 2.5 - SQL Injection

Exploit Title: Car Rental System v2.5 Date: 28/03/2017 Exploit Author: TAD GROUP Vendor Homepage: https://www.bestsoftinc.com/ Software Link: https://www.bestsoftinc.com/car-rental-system.html Version: 2.5 Contact: infoattad.group Website: https://tad.group Category: Web Application Exploits 1...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2017/04/25 12:0 a.m.135 views

WordPress Plugin KittyCatfish 2.2 - SQL Injection

Exploit Title: KittyCatfish 2.2 Plugin for WordPress - SQL Injection Date: 20/03/2017 Exploit Author: TAD GROUP Vendor Homepage: https://wordpress.org/plugins-wp/kittycatfish/ Software Link: https://wordpress.org/plugins-wp/kittycatfish/ Version: 2.2 Contact: infoattad.group Website:...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2017/04/25 12:0 a.m.100 views

LightDM (Ubuntu 16.04/16.10) - 'Guest Account' Local Privilege Escalation

Source: https://blogs.securiteam.com/index.php/archives/3134 Vulnerability Summary The following advisory describes a local privilege escalation via LightDM found in Ubuntu versions 16.10 / 16.04 LTS. Ubuntu is an open source software platform that runs everywhere from IoT devices, the smartphone...

7.3CVSS7.1AI score0.02669EPSS
Exploits5
Exploit DB
Exploit DB
added 2017/04/25 12:0 a.m.38 views

FlySpray 1.0-rc4 - Cross-Site Scripting / Cross-Site Request Forgery

Exploit Title: XSRF Stored FlySpray 1.0-rc4 XSS2CSRF add admin account Date: 19/04/2017 Exploit Author: Cyril Vallicari / HTTPCS / ZIWIT : https://www.openoffice.org Version: 1.0-rc4 Tested on: Windows 7 x64 SP1 / Kali Linux Description : A vulnerability has been discovered in Flyspray , which ca...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2017/04/25 12:0 a.m.66 views

Dell Customer Connect 1.3.28.0 - Local Privilege Escalation

Exploit Dell Customer Connect 1.3.28.0 Privilege Escalation Date: 25.04.2017 Software Link: http://www.dell.com/ Exploit Author: Kacper Szurek Contact: https://twitter.com/KacperSzurek Website: https://security.szurek.pl/ Category: local 1. Description DCCService.exe is running on autostart as...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2017/04/25 12:0 a.m.95 views

HPE OpenCall Media Platform (OCMP) 4.3.2 - Cross-Site Scripting / Remote File Inclusion

Source: https://blogs.securiteam.com/index.php/archives/3087 SSD Advisory – HPE OpenCall Media Platform OCMP Multiple Vulnerabilities Want to get paid for a vulnerability similar to this one? Contact us at: [email protected] Vulnerabilities Summary The following advisory describes Reflected...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2017/04/24 12:0 a.m.84 views

Flexispy

Flexispy. Papers exploit for Multiple platform / // / / /| |/ / / // \ / // / / / / / / / | / / / / / / / / / / / / / / / / / / | / / / // // / / / // //// //||//////// brought to you by / / / / / / // -/ \ / / // // / / |/ / // / /// // ./,/// ,/ // /, / // // / / / // / / ,/////,/ / /...

7.5AI score
Exploits0
Exploit DB
Exploit DB
added 2017/04/24 12:0 a.m.44 views

Joomla! Component Myportfolio 3.0.2 - 'pid' SQL Injection

Exploit Title: Joomla Component Myportfolio 3.0.2 - SQL Injection Exploit Author: Persian Hack Team Discovered by : Mojtaba Kazemi Mojtaba MobhaM Home : https://extensions.joomla.org/extensions/extension/directory-a-documentation/portfolio/myportfolio/ Home : http://persian-team.ir/ Telegram...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2017/04/24 12:0 a.m.23 views

LogRhythm Network Monitor - Authentication Bypass / Command Injection

Exploit Title: LogRhythm Network Monitor Auth Bypass Root RCE Public Disclosure Date: 24 Apr 2017 Author: Francesco Oddo Reference: http://security-assessment.com/files/documents/advisory/Logrhythm-NetMonitor-Advisory.pdf Software Link: https://logrhythm.com/network-monitor-freemium/ Version:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2017/04/23 12:0 a.m.235 views

SquirrelMail < 1.4.22 - Remote Code Execution

!/bin/bash int='\03394m / / / / / / / / / / / / / / / / / / // / / / /// / / / / // / // / // / / / / // / // , / / / ///, /,// // //,///||// // // SquirrelMail = 1.4.23 Remote Code Execution PoC Exploit CVE-2017-7692 SquirrelMailRCEexploit.sh ver. 1.1 Discovered and coded by Dawid Golunski...

9CVSS8.8AI score0.32156EPSS
Exploits7
Exploit DB
Exploit DB
added 2017/04/22 12:0 a.m.86 views

Linux/x86 - Egg-hunter Shellcode (18 bytes)

Linux/x86 - Egg-hunter Shellcode 18 bytes. Shellcode exploit for Linx86 platform // Description: a 18 bytes egg hunter on contigous memory segments // // You are free to do whatever you want of this shellcode // // @phacktul / global start section .text start: mov eax, start ; we set a valid .tex...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2017/04/20 12:0 a.m.37 views

Oracle VM VirtualBox - 'virtio-net' Guest-to-Host Out-of-Bounds Write

Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1136 This is a vulnerability that affects VirtualBox VMs that use a virtio network adapter which is a non-standard configuration. It permits the guest kernel to write up to 4GB of controlled data out of bounds in the trusted userla...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2017/04/20 12:0 a.m.41 views

Oracle VM VirtualBox - Environment and ioctl Unprivileged Host User to Host Kernel Privilege Escalation

Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1091 This bug report describes two separate issues that, when combined, allow any user on a Linux host system on which VirtualBox is installed to gain code execution in the kernel. Since I'm not sure which one of these issues cross...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2017/04/20 12:0 a.m.61 views

Oracle VM VirtualBox - Guest-to-Host Privilege Escalation via Broken Length Handling in slirp Copy

Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1086 There is a vulnerability in VirtualBox that permits an attacker with root privileges in a virtual machine with a NAT network interface to corrupt the memory of the userspace host process and leak memory contents from the...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2017/04/20 12:0 a.m.48 views

Microsoft Windows 10 - Runtime Broker ClipboardBroker Privilege Escalation

Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1079 Windows: Runtime Broker ClipboardBroker EoP Platform: Windows 10 10586/14393 not tested 8.1 Update 2 Class: Elevation of Privilege Summary: The Runtime Broker’s Clipboard Broker allows any low IL/AppContainer such as Edge or I...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2017/04/20 12:0 a.m.37 views

Microsoft Windows 10 (Build 10586) - 'IEETWCollector' Arbitrary Directory/File Deletion Privilege Escalation

/ Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1093 Windows: IEETWCollector Arbitrary Directory/File Deletion EoP Platform: Windows 10 10586 not tested on anything else Class: Elevation of Privilege Summary: When cleaning up an ETW session the IEETWCollector service deletes i...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2017/04/20 12:0 a.m.18 views

Apple WebKit / Safari 10.0.2(12602.3.12.0.1) - 'operationSpreadGeneric' Universal Cross-Site Scripting

'use strict'; function spreada return ...a; let arr = Object.create1, 2, 3, 4; for let i = 0; i f.onload = null; try spreadf.contentWindow; catch e e.constructor.constructor'alertlocation'; ; f.src = 'https://abc.xyz/';...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2017/04/20 12:0 a.m.125 views

Microsoft Windows - ManagementObject Arbitrary .NET Serialization Remote Code Execution

Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1081 Windows: ManagementObject Arbitrary .NET Serialization RCE Platform: .NET 4.6, Powershell 4. Tested between Server 2016 and Windows 10 Anniversary Edition Class: Remote Code Execution Summary: Accessing a compromised WMI serve...

10CVSS7.6AI score0.23425EPSS
Exploits11
Exploit DB
Exploit DB
added 2017/04/20 12:0 a.m.18 views

Apple WebKit / Safari 10.0.2(12602.3.12.0.1) - 'PrototypeMap::createEmptyStructure' Universal Cross-Site Scripting

jsCallee // newTarget may be an InternalFunction if we were called from Reflect.construct. JSFunction targetFunction = jsDynamicCastnewTarget; if LIKELYtargetFunction ... return targetFunction-rareDatavm-createInternalFunctionAllocationStructureFromBasevm, prototype, baseClass; ... else ... retur...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2017/04/20 12:0 a.m.54 views

Oracle VM VirtualBox 5.0.32 r112930 (x64) - Windows Process COM Injection Privilege Escalation

Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1103 VirtualBox: Windows Process COM Injection EoP Platform: VirtualBox v5.0.32 r112930 x64 Tested on Windows 10 Class: Elevation of Privilege Summary: The process hardening implemented by the VirtualBox driver can be circumvented ...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2017/04/20 12:0 a.m.51 views

Oracle VM VirtualBox 5.1.14 r112924 - Unprivileged Host User to Host Kernel Privilege Escalation via ALSA config

/ Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1141 This is another way to escalate from an unprivileged userspace process into the VirtualBox process, which has an open file descriptor to the privileged device /dev/vboxdrv and can use that to compromise the host kernel. The...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2017/04/19 12:0 a.m.53 views

Dmitry 1.3a - Local Buffer Overflow (PoC)

Exploit Title: DmitryDeepmagic Information Gathering Tool Local Stack Buffer Overflow CVE: CVE-2017-7938 CWE: CWE-119 Exploit Author: Hosein Askari FarazPajohan Vendor HomePage: http://mor-pah.net/software/dmitry-deepmagic-information-gathering-tool/ Version : 1.3a Unix Exploit Tested on: Parrot ...

9.8CVSS7.9AI score0.04987EPSS
Exploits5
Exploit DB
Exploit DB
added 2017/04/19 12:0 a.m.72 views

Huawei HG532n - Command Injection (Metasploit)

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' require 'base64' class MetasploitModule 'Huawei HG532n Command Injection', 'Description' = %q This module exploits a command injection vulnerability in...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2017/04/18 12:0 a.m.564 views

Microsoft Word - '.RTF' Remote Code Execution

!/usr/bin/env python ''' Exploit toolkit CVE-2017-0199 - v4.0 https://github.com/bhdresh/CVE-2017-0199 Download: https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/41894.zip ''' import os,sys,thread,socket,sys,getopt,binascii,shutil,tempfile from random import randin...

9.3CVSS8.4AI score0.99933EPSS
Exploits29
Exploit DB
Exploit DB
added 2017/04/18 12:0 a.m.54 views

pinfo 0.6.9 - Local Buffer Overflow (PoC)

Title: pinfo v0.6.9 - Local Buffer Overflow Author: Nassim Asrir Researcher at: Henceforth Author contact: [email protected] || https://www.linkedin.com/in/nassim-asrir-b73a57122/ CVE: N/A Download $ apt-get install pinfo POC For any Question or discussion about this vuln:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2017/04/18 12:0 a.m.28 views

Tenable Appliance < 4.5 - Root Remote Code Execution

!/bin/bash : ' According to http://static.tenable.com/proddocs/upgradeappliance.html they fixed two security vulnerabilities in the web interface in release 4.5 so I guess previous version are also vulnerable. Exploit Title: Unauthenticated remote root code execution on Tenable Appliance Date:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2017/04/17 12:0 a.m.1506 views

Microsoft Windows - SMB Remote Code Execution Scanner (MS17-010) (Metasploit)

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework auxiliary/scanner/smb/smbms17010 require 'msf/core' class MetasploitModule 'MS17-010 SMB RCE Detection', 'Description' = %q Uses information disclosure to determine if...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2017/04/16 12:0 a.m.50 views

WinSCP 5.9.4 - 'LIST' Denial of Service (Metasploit)

Exploit Title: WinSCP 5.9.4 - LIST Command Denial of service Crush application Date: 4-4-2017 mm.dd.yy Exploit Author: M.Ibrahim [email protected] E-Mail: vulnbug gmail.com Vendor Home Page: https://winscp.net/eng/index.php Vendor download link: https://winscp.net/download/WinSCP-5.9.4-Setup.exe...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2017/04/16 12:0 a.m.102 views

Mantis Bug Tracker 1.3.0/2.3.0 - Password Reset

Credits: John Page a.k.a hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/MANTIS-BUG-TRACKER-PRE-AUTH-REMOTE-PASSWORD-RESET.txt + ISR: ApparitionSec Vendor: ================ www.mantisbt.org Product: ================== Mantis Bug Tracker v1.3.0 /...

8.8CVSS8.8AI score0.90856EPSS
Exploits10
Exploit DB
Exploit DB
added 2017/04/15 12:0 a.m.102 views

Linux Kernel 4.8.0 UDEV < 232 - Local Privilege Escalation

/ Title: Linux Kernel 4.8.0 udev 232 - Privilege Escalation Author: Nassim Asrir Researcher at: Henceforth Author contact: [email protected] || https://www.linkedin.com/in/nassim-asrir-b73a57122/ The full Research: https://www.facebook.com/asrirnassim/ CVE: CVE-2017-7874 Exp first of all we need...

6.6AI score
Exploits4
Exploit DB
Exploit DB
added 2017/04/14 12:0 a.m.34 views

Mozilla Firefox - Address Bar Spoofing

location=URL.createObjectURLnew Blob'Not Googleiflocation.href.indexOf"google"==-1location.pathname="https://www.google.com/"elsedocument.title="Google Search"', type: 'text/html'...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2017/04/14 12:0 a.m.77 views

Concrete5 CMS 8.1.0 - 'Host' Header Injection

Credits: John Page a.k.a hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/CONCRETE5-v8.1.0-HOST-HEADER-INJECTION.txt + ISR: ApparitionSec Vendor: ================== www.concrete5.org Product: ================ concrete5 v8.1.0 concrete5 is an...

6.1CVSS6.3AI score0.02752EPSS
Exploits5
Exploit DB
Exploit DB
added 2017/04/14 12:0 a.m.29 views

VirusChaser 8.0 - Local Buffer Overflow (SEH)

Exploit Title: Virus Chaser 8.0 - Scanner component, SEH Overflow Date: 14 April 2017 Exploit Author: 0x41Li [email protected] Vendor Homepage: https://www.viruschaser.com/ Software Link: https://www.viruschaser.com/download/VC80b32Setup.zip Tested on: Windows 7 Universal import os from struct...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2017/04/13 12:0 a.m.50 views

Linux/x86-64 - execve("/bin/sh") Shellcode (31 bytes)

Linux/x86-64 - execve"/bin/sh" Shellcode 31 bytes. Shellcode exploit for Linx86-64 platform Hi, This time I wanna to submit a shellcode whose length is 31Bytes , It's tested on Linux x86-64 ;=========================================================== ===================== ; The MIT License ; ;...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2017/04/13 12:0 a.m.103 views

Microsoft Windows Kernel - 'win32k.sys' Multiple 'NtGdiGetDIBitsInternal' System Call

Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1078 We have discovered two bugs in the implementation of the win32k!NtGdiGetDIBitsInternal system call, which is a part of the graphic subsystem in all modern versions of Windows. The issues can potentially lead to kernel pool...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2017/04/13 12:0 a.m.68 views

Adobe Creative Cloud Desktop Application < 4.0.0.185 - Local Privilege Escalation

Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/ADOBE-CREATIVE-CLOUD-PRIVILEGE-ESCALATION.txt + ISR: apparitionSec Vendor: ============== www.adobe.com Product: ======================================== Adobe Creative Cloud...

9CVSS8.8AI score0.10819EPSS
Exploits6
Exploit DB
Exploit DB
added 2017/04/13 12:0 a.m.324 views

Alienvault OSSIM/USM 5.3.4/5.3.5 - Remote Command Execution (Metasploit)

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class MetasploitModule 'AlienVault USM/OSSIM API Command Execution', 'Description' = %q This module exploits an unauthenticated command injection in...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2017/04/13 12:0 a.m.79 views

Microsoft Windows Kernel - 'win32kfull!SfnINLPUAHDRAWMENUITEM' Stack Memory Disclosure

/ Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1192 We have discovered that it is possible to disclose portions of uninitialized kernel stack memory to user-mode applications in Windows 10 indirectly through the win32k!NtUserPaintMenuBar system call, or more specifically,...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2017/04/13 12:0 a.m.39 views

GNS3 Mac OS-X 1.5.2 - 'ubridge' Local Privilege Escalation

!/bin/sh GNS-3 Mac OS-X LPE local root exploit ===================================== GNS-3 on OS-X bundles the "ubridge" binary as a setuid root file. This file can be used to read arbitary files using "-f" arguement but also as it runs as root can also write arbitrary files with "pcapfile"...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2017/04/13 12:0 a.m.40 views

agorum core Pro 7.8.1.4-251 - Persistent Cross-Site Scripting

!-- Source: https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2017-005.txt Advisory ID: SYSS-2017-005 Product: agorum core Pro Manufacturer: agorum Software GmbH Affected Versions: 7.8.1.4-251 Tested Versions: 7.8.1.4-251 Vulnerability Type: Persistent Cross-Site Scripting...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2017/04/13 12:0 a.m.39 views

agorum core Pro 7.8.1.4-251 - Cross-Site Request Forgery

!-- Source: https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2017-008.txt Advisory ID: SYSS-2017-008 Product: agorum core Pro Manufacturer: agorum Software GmbH Affected Versions: 7.8.1.4-251 Tested Versions: 7.8.1.4-251 Vulnerability Type: Cross-Site Request Forgery CWE-352...

7.4AI score
Exploits0
Total number of security vulnerabilities47904