Lucene search
+L
ExploitdbRecent

47904 matches found

Exploit DB
Exploit DB
added 2017/04/05 12:0 a.m.65 views

HelpDEZK 1.1.1 - Cross-Site Request Forgery / Code Execution

Exploit Title: Multiple CSRF Remote Code Execution Vulnerability on HelpDEZK 1.1.1 Date: 05-April-2017 Exploit Author: @runggareksya, @yokoacc, @AdyWikradinata, @dickysofficial, @dvnrcy Vendor Homepage: http://www.helpdezk.org/ Software Link: https://codeload.github.com/albandes/helpdezk/zip/v1.1...

8.8CVSS8.7AI score0.03487EPSS
Exploits6
Exploit DB
Exploit DB
added 2017/04/05 12:0 a.m.68 views

D-Link DIR-615 - Cross-Site Request Forgery

Title: ==== D-Link DIR 615 HW: T1 FW:20.09 is vulnerable to Cross-Site Request Forgery CSRF vulnerability Credit: ====== Name: Pratik S. Shah Reference: ========= CVE Details: CVE-2017-7398. Date: ==== 1-04-2017 Vendor: ====== D-Link wireless router Product: ======= DIR-615...

8.8CVSS8.8AI score0.03006EPSS
Exploits4
Exploit DB
Exploit DB
added 2017/04/05 12:0 a.m.74 views

Sweepstakes Pro Software - SQL Injection

Exploit Title: Sweepstakes Pro Software - SQL Injection Google Dork: N/A Date: 05.04.2017 Vendor Homepage: http://bimedia.info/ Software: http://bimedia.info/sweepstakes-pro-software/ Demo: http://mysweepstakespro.com/demo/ Version: N/A Tested on: Win7 x64, Kali Linux x64 Exploit Author: Ihsan...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2017/04/05 12:0 a.m.36 views

Premium Penny Auction Script - SQL Injection

Exploit Title: Premium Penny Auction Script - SQL Injection Google Dork: N/A Date: 05.04.2017 Vendor Homepage: http://bimedia.info/ Software: http://bimedia.info/premium-penny-auction-script/ Demo: http://pennyauction.clonedemo.com/ Version: N/A Tested on: Win7 x64, Kali Linux x64 Exploit Author:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2017/04/05 12:0 a.m.30 views

ImagePro Lazygirls Clone Script - SQL Injection

Exploit Title: ImagePro Lazygirls Clone Script - SQL Injection Google Dork: N/A Date: 05.04.2017 Vendor Homepage: http://bimedia.info/ Software: http://bimedia.info/8-2/ Demo: http://imagepro.clonedemo.com/ Version: N/A Tested on: Win7 x64, Kali Linux x64 Exploit Author: Ihsan Sencan Author Web:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2017/04/04 12:0 a.m.49 views

Apple Webkit - Universal Cross-Site Scripting by Accessing a Named Property from an Unloaded Window

document auto& htmlDocument = downcastdocument; auto atomicPropertyName = propertyName.publicName; if atomicPropertyName && htmlDocument.hasWindowNamedItematomicPropertyName JSValue namedItem; if UNLIKELYhtmlDocument.windowNamedItemContainsMultipleElementsatomicPropertyName Ref collection =...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2017/04/04 12:0 a.m.44 views

Apple macOS Kernel 10.12.3 (16D32) - Use-After-Free Due to Double-Release in posix_spawn

/ Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1104 exechandleportactions is responsible for handling the xnu port actions extension to posixspawn. It supports 4 different types of port PSPASPECIAL, PSPAEXCEPTION, PSPAAUSESSION and PSPAIMPWATCHPORTS For the special, exception...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2017/04/04 12:0 a.m.26 views

Apple WebKit 10.0.2(12602.3.12.0.1) - 'Frame::setDocument (1)' Universal Cross-Site Scripting

&& newDocument ASSERT!newDocument || newDocument-frame == this; if mdoc && mdoc-pageCacheState != Document::InPageCache mdoc-prepareForDestruction; mdoc = newDocument.copyRef; ... The function |prepareForDestruction| only called when the cache state is not |Document::InPageCache|. So the frame wi...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2017/04/04 12:0 a.m.58 views

Apple macOS Kernel 10.12.2 (16C67) - Memory Disclosure Due to Lack of Bounds Checking in AppleIntelCapriController::getDisplayPipeCapability

/ Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1069 MacOS kernel memory disclosure due to lack of bounds checking in AppleIntelCapriController::getDisplayPipeCapability Selector 0x710 of IntelFBClientControl ends up in AppleIntelCapriController::getDisplayPipeCapability. This...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2017/04/04 12:0 a.m.77 views

Apple macOS/iOS Kernel 10.12.3 (16D32) - Bad Locking in necp_open Use-After-Free

/ Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1116 necpopen is a syscall used to obtain a new necp file descriptor The necp file's fp's fgdata points to a struct necpfddata allocated on the heap. Here's the relevant code from necpopen: error = fallocp, &fp, &fd,...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2017/04/04 12:0 a.m.76 views

Apple macOS Kernel 10.12.3 (16D32) - 'audit_pipe_open' Off-by-One Memory Corruption

/ Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1126 MacOS kernel memory corruption due to off-by-one in auditpipeopen auditpipeopen is the special file open handler for the auditpipe device major number 10. Here's the code: static int auditpipeopendevt dev, unused int flags,...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2017/04/04 12:0 a.m.96 views

Apple macOS/iOS Kernel 10.12.3 (16D32) - 'bpf' Heap Overflow

/ Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1125 The bpf ioctl BIOCSBLEN allows userspace to set the bpf buffer length: case BIOCSBLEN: / uint / if d-bdbif != 0 error = EINVAL; else uint size; bcopyaddr, &size, sizeof size; if size bpfmaxbufsize size = bpfmaxbufsize; else ...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2017/04/04 12:0 a.m.58 views

Apple macOS Kernel 10.12.2 (16C67) - 'AppleIntelCapriController::GetLinkConfig' Code Execution Due to Lack of Bounds Checking

/ Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1071 Selector 0x921 of IntelFBClientControl ends up in AppleIntelCapriController::GetLinkConfig This method takes a structure input and output buffer. It reads an attacker controlled dword from the input buffer which it uses to...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2017/04/04 12:0 a.m.29 views

Apple WebKit - 'RenderLayer' Use-After-Free

function go div.style.setProperty"-webkit-flow-into", "foo"; document.execCommand"fontSize", false, 6; window.requestAnimationFramecb; h1.attachShadowmode: "open"; h1.replaceWith"foo"; function cb var a; //trigger garbage collector forvar i=0;i !--...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2017/04/04 12:0 a.m.73 views

Broadcom Wi-Fi SoC - 'dhd_handle_swc_evt' Heap Overflow

Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1061 Broadcom produces Wi-Fi HardMAC SoCs which are used to handle the PHY and MAC layer processing. These chips are present in both mobile devices and Wi-Fi routers, and are capable of handling many Wi-Fi related events without...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2017/04/04 12:0 a.m.50 views

Apple macOS/iOS Kernel 10.12.3 (16D32) - Double-Free Due to Bad Locking in fsevents Device

/ Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1129 fseventsfioctl handles ioctls on fsevent fds acquired via FSEVENTSCLONE64 on /dev/fsevents Heres the code for the FSEVENTSDEVICEFILTER64 ioctl: case FSEVENTSDEVICEFILTER64: if !procis64bitvfscontextprocctx ret = EINVAL; brea...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2017/04/04 12:0 a.m.219 views

Broadcom Wi-Fi SoC - TDLS Teardown Request Remote Heap Overflow

Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1046 https://googleprojectzero.blogspot.ca/2017/04/over-air-exploiting-broadcoms-wi-fi4.html Broadcom produces Wi-Fi HardMAC SoCs which are used to handle the PHY and MAC layer processing. These chips are present in both mobile...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2017/04/04 12:0 a.m.33 views

Apple WebKit 10.0.2 (12602.3.12.0.1, r210800) - 'constructJSReadableStreamDefaultReader' Type Confusion

exec.argument0; if !stream return throwArgumentTypeErrorexec, scope, 0, "stream", "ReadableStreamReader", nullptr, "ReadableStream"; JSValue jsFunction = stream-get&exec, Identifier::fromString&exec, "getReader"; let rs = new ReadableStream; let cons = rs.getReader.constructor; rs.getReader =...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2017/04/04 12:0 a.m.54 views

Apple WebKit 10.0.2 (12602.3.12.0.1) - 'disconnectSubframes' Universal Cross-Site Scripting

frameOwners; if policy == RootAndDescendants if isroot frameOwners.appenddowncastroot; collectFrameOwnersframeOwners, root; // Must disable frame loading in the subtree so an unload handler cannot // insert more frames and create loaded frames in detached subtrees. SubframeLoadingDisabler...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2017/04/04 12:0 a.m.43 views

Apple Webkit - 'JSCallbackData' Universal Cross-Site Scripting

globalObject-vm, callback JSC::JSObject callback return mcallback.get; JSDOMGlobalObject globalObject return JSC::jsCastmcallback-globalObject; JSC::JSValue invokeCallbackJSC::MarkedArgumentBuffer& args, CallbackType callbackType, JSC::PropertyName functionName, NakedPtr& returnedException return...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2017/04/04 12:0 a.m.39 views

Maian Greetings 2.1 - 'cat' SQL Injection

Exploit Title: Maian Greetings v2.1 - SQL Injection Google Dork: N/A Date: 04.04.2017 Vendor Homepage: http://www.maiansoftware.com/ Software: http://www.maiangreetings.com/?dl=yes Demo: http://www.maiansoftware.com/demos/greetings/ Version: 2.1 Tested on: Win7 x64, Kali Linux x64 Exploit Author:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2017/04/04 12:0 a.m.52 views

Apple macOS/iOS Kernel 10.12.3 (16D32) - SIOCGIFORDER Socket ioctl Off-by-One Memory Corruption

/ Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1111 SIOCSIFORDER and SIOCGIFORDER allow userspace programs to build and maintain the ifnetorderedhead linked list of interfaces. SIOCSIFORDER clears the existing list and allows userspace to specify an array of interface indexes...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2017/04/04 12:0 a.m.36 views

Maian Survey 1.1 - 'survey' SQL Injection

Exploit Title: Maian Survey v1.1 - SQL Injection Google Dork: N/A Date: 04.04.2017 Vendor Homepage: http://www.maiansoftware.com/ Software: http://www.maiansurvey.com/?dl=yes Demo: http://www.maiansoftware.com/demos/survey/ Version: 1.1 Tested on: Win7 x64, Kali Linux x64 Exploit Author: Ihsan...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2017/04/04 12:0 a.m.40 views

Maian Uploader 4.0 - 'user' SQL Injection

Exploit Title: Maian Uploader Script v4.0 - SQL Injection Google Dork: N/A Date: 04.04.2017 Vendor Homepage: http://www.maiansoftware.com/ Software: http://www.maianuploader.com/?dl=yes Demo: http://www.maiansoftware.com/demos/uploader/ Version: 4.0 Tested on: Win7 x64, Kali Linux x64 Exploit...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2017/04/04 12:0 a.m.50 views

Apple WebKit - 'table' Use-After-Free

-webkit-border-image: urlfoo 1 5 1 63 repeat; -webkit-flow-into: foo function eventhandler var a; document.execCommand"selectAll", false; output.slot = "foo"; table.deleteCaption; //trigger garbage collector forvar i=0;i foo !-- ================================================================= AS...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2017/04/04 12:0 a.m.54 views

Apple WebKit - 'WebCore::toJS' Use-After-Free

function freememory var a; forvar i=0;i !-- ================================================================= ASan log: ================================================================= ==25184==ERROR: AddressSanitizer: heap-use-after-free on address 0x61a000076e80 at pc 0x000115bea4e0 bp...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2017/04/04 12:0 a.m.32 views

Apple WebKit - 'ComposedTreeIterator::traverseNextInShadowTree' Use-After-Free

function go d.open = false; d.innerHTML = "foo"; d.open = true; foo !-- ================================================================= ASan log: ================================================================= ==570==ERROR: AddressSanitizer: heap-use-after-free on address 0x607000065058 at pc...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2017/04/04 12:0 a.m.57 views

Apple WebKit 10.0.2 - HTMLInputElement Use-After-Free

function eventhandler1 input.type = "foo"; function eventhandler2 input.selectionStart = 25; !-- ================================================================= ASAN log from WebKit nightly on Mac: ================================================================= ==26782==ERROR: AddressSanitize...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2017/04/04 12:0 a.m.46 views

Apple WebKit - 'FormSubmission::create' Use-After-Free

function go object.name = "foo"; input.autofocus = true; output.appendChildinput; form.submit; function eventhandler forvar i=0;i a !-- ================================================================= Preliminary analysis: The bug is in FormSubmission::create. This function traverses the vector ...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2017/04/04 12:0 a.m.91 views

Broadcom Wi-Fi SoC - Heap Overflow 'wlc_tdls_cal_mic_chk' Due to Large RSN IE in TDLS Setup Confirm Frame

Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1047 Broadcom produces Wi-Fi HardMAC SoCs which are used to handle the PHY and MAC layer processing. These chips are present in both mobile devices and Wi-Fi routers, and are capable of handling many Wi-Fi related events without...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2017/04/04 12:0 a.m.44 views

Apple WebKit - Negative-Size memmove in HTMLFormElement

function go var iframe = document.getElementById"iframe"; var iframeWindow = window0; var toInsert = div; var iframeBody = iframeWindow.document.body; iframeBody.beforedocument.body; iframe.aftertoInsert; aaaaaaaa !-- ================================================================= Preliminary...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2017/04/04 12:0 a.m.64 views

Apple macOS/iOS Kernel 10.12.3 (16D32) - SIOCSIFORDER Socket ioctl Memory Corruption Due to Bad Bounds Checking

/ Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1108 SIOCSIFORDER is a new ioctl added in iOS 10. It can be called on a regular tcp socket, so from pretty much any sandbox. it falls through to calling: ifnetresetorderorderedindices, ifo-ifocount where orderedindicies points to...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2017/04/04 12:0 a.m.456 views

Apache Tomcat 6/7/8/9 - Information Disclosure

Exploit Title:Apache Tomcat CVE-2016-6816 Security Bypass Vulnerability Date: 4th March 2017 Exploit Author: justpentest Vendor Homepage: tomcat.apache.org Version: Apache Tomcat 9.0.0.M1 through 9.0.0.M11, 8.5.0 through 8.5.6, 8.0.0.RC1 through 8.0.38, 7.0.0 through 7.0.72 and 6.0.0 through 6.0....

7.1CVSS8.8AI score0.39633EPSS
Exploits6
Exploit DB
Exploit DB
added 2017/04/03 12:0 a.m.24 views

GeoMoose < 2.9.2 - Directory Traversal

Exploit Title: GeoMoose = 2.9.2 Local File Disclosure Exploit Author: Sander 'dsc' Ferdinand Date: 2017-03-4 Version: = 2.9.2 Blog: https://ced.pwned.systems/advisories-geomoose-local-file-disclosure-2-9-2.html Vendor Homepage: geomoose.org Reported: 4-3-2017 Vendor response:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2017/04/03 12:0 a.m.53 views

Bluecoat ASG 6.6/CAS 1.3 - OS Command Injection (Metasploit)

Exploit Title: OS Command Injection Vulnerability in BlueCoat ASG and CAS Date: April 3, 2017 Exploit Authors: Chris Hebert, Peter Paccione and Corey Boyd Contact: chrisdhebertatgmail.com Vendor Security Advisory: https://bto.bluecoat.com/security-advisory/sa138 Version: CAS 1.3 prior to 1.3.7.4 ...

9CVSS7.2AI score0.10126EPSS
Exploits8
Exploit DB
Exploit DB
added 2017/04/03 12:0 a.m.42 views

Bluecoat ASG 6.6/CAS 1.3 - Local Privilege Escalation (Metasploit)

Exploit Title: OS Command Injection Vulnerability in BlueCoat ASG and CAS Date: April 3, 2017 Exploit Authors: Chris Hebert, Peter Paccione and Corey Boyd Contact: chrisdhebertatgmail.com Vendor Security Advisory: https://bto.bluecoat.com/security-advisory/sa138 Version: CAS 1.3 prior to 1.3.7.4 ...

9CVSS7.2AI score0.10126EPSS
Exploits8
Exploit DB
Exploit DB
added 2017/04/03 12:0 a.m.37 views

Moxa AWK-3131A 1.4 < 1.7 - 'Username' OS Command Injection

!/usr/bin/env python2 import telnetlib import re import random import string Split string into chunks, of which each is /var/a' - 1 completed = temp = re.split'\n', script for content in temp: if lencontent != 0: for s in re.split' ', content: if ' ' in s: s = '\x20' if '\n' in s: s = '\n' else:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2017/04/02 12:0 a.m.120 views

Zyxel, EMG2926 < V1.00(AAQT.4)b8 - OS Command Injection

Exploit Title: Zyxel, EMG2926 /expert/maintenance/diagnostic/nslookup?nslookupbutton=nslookupbutton&pingip=google.ca%3b%20cat%20/etc/passwd&serverip= HTTP/1.1 Host: 192.168.0.1 Upgrade-Insecure-Requests: 1 User-Agent: Mozilla/5.0 Macintosh; Intel Mac OS X 10124 AppleWebKit/537.36 KHTML, like Geck...

9CVSS8.8AI score0.37634EPSS
Exploits5
Exploit DB
Exploit DB
added 2017/04/02 12:0 a.m.33 views

Pixie 1.0.4 - Arbitrary File Upload

Exploit Title: File Extension Filter Bypass in File Manager Pixie 1.0.4 With Low Privilege Google Dork: no Date: 02-April-2017 Exploit Author: @runggareksya, @dvnrcy, @dickysofficial Vendor Homepage: http://www.getpixie.co.uk Software Link:...

9.8CVSS7AI score0.05019EPSS
Exploits5
Exploit DB
Exploit DB
added 2017/04/02 12:0 a.m.33 views

BackBox OS - Denial of Service

//Exploited By Hosein Askari include include include include include ifdef FPASS include endif include include include include ifndef USEBSD define USEBSD endif ifndef FAVORBSD define FAVORBSD endif include include include include include include ifdef LINUX define FIXx htonsx else define FIXx x...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2017/04/02 12:0 a.m.27 views

Linux Kernel (PonyOS 4.0) - 'fluttershy' LD_LIBRARY_PATH Local Privilege Escalation

!/usr/bin/python PonyOS 4.0 has added several improvements over previous releases including support for setuid binaries and dynamic libraries. The run-time linker does not sanitize environment variables when running setuid files allowing for local root exploitation through manipulated...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2017/03/31 12:0 a.m.29 views

Linux/ARM - execve("/bin/sh", NULL, 0) Shellcode (34 bytes)

Linux/ARM - execve"/bin/sh", NULL, 0 Shellcode 34 bytes. Shellcode exploit for ARM platform / Title: Linux/ARM - execve"/bin/sh", NULL, 0 - 34 bytes Date: 2017-03-31 Tested: armv7l Author: Jonathan 'dummys' Borgeaud - twitter: @dummys1337 fapperz.org Shellcode ARM without 0x20, 0x0a and 0x00...

7.1AI score
Exploits0
Exploit DB
Exploit DB
added 2017/03/31 12:0 a.m.96 views

Splunk Enterprise - Information Disclosure

Credits: John Page AKA hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/SPLUNK-ENTERPRISE-INFORMATION-THEFT.txt + ISR: ApparitionSec Vendor: =============== www.splunk.com Product: ================== Splunk Enterprise Splunk provides the leading...

3.5CVSS4.4AI score0.05853EPSS
Exploits6
Exploit DB
Exploit DB
added 2017/03/31 12:0 a.m.39 views

Membership Formula - 'order' SQL Injection

Exploit Title: Membership Formula - Best Membership Site PHP Script - SQL Injection Google Dork: N/A Date: 31.03.2017 Vendor Homepage: http://www.zeescripts.com/ Software: http://www.zeescripts.com/store/membership-formula-v1.0-best-membership-site-php-script.html Demo:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2017/03/31 12:0 a.m.42 views

Microsoft Xbox One 10.0.14393.2152 - Code Execution (PoC)

For Xbox-SystemOS version: 10.0.14393.2152 rs1xboxrel1610 161208-1218 fre, 12/14/2016 Other versions will most likely need modifications to the script. Credits: - https://github.com/theori-io/chakra-2016-11 - https://bugs.chromium.org/p/project-zero/issues/detail?id=952 -...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2017/03/30 12:0 a.m.68 views

Apple macOS/IOS 10.12.2 (16C67) - 'mach_msg' Heap Overflow

/ Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1083 When sending ool memory via |machmsg| with |deallocate| flag or |MACHMSGVIRTUALCOPY| flag, |machmsg| performs moving the memory to the destination process instead of copying it. But it doesn't consider the memory entry objec...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2017/03/29 12:0 a.m.39 views

Linux/x86 - execve(/bin/sh") Shellcode (19 bytes)

Linux/x86 - execve/bin/sh" Shellcode 19 bytes. Shellcode exploit for Linx86 platform ;================================================================================ ; The MIT License ; ; Copyright c ; ; Permission is hereby granted, free of charge, to any person obtaining a copy ; of this...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2017/03/29 12:0 a.m.54 views

Sync Breeze Enterprise 9.5.16 - 'GET' Remote Buffer Overflow (SEH)

!/usr/bin/env python Exploit Title: Sync Breeze Enterprise v9.5.16 - Remote buffer overflow SEH Date: 2017-03-29 Exploit Author: Daniel Teixeira Vendor Homepage: http://syncbreeze.com Software Link: http://www.syncbreeze.com/setups/syncbreezeentsetupv9.5.16.exe Version: 9.5.16 Tested on: Windows ...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2017/03/29 12:0 a.m.31 views

DiskBoss Enterprise 7.8.16 - 'Import Command' Local Buffer Overflow

!/usr/bin/env python Exploit Title: DiskBoss Enterprise v7.8.16 - 'Import Command' Buffer Overflow Date: 2017-03-29 Exploit Author: Daniel Teixeira Author Homepage: www.danielteixeira.com Vendor Homepage: http://www.diskboss.com Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2017/03/29 12:0 a.m.34 views

EyesOfNetwork (EON) 5.1 - SQL Injection

Exploit Title: EyesOfNetwork EON 5.1 Unauthenticated SQL Injection in eonweb leading to remote root Google Dork: intitle:EyesOfNetwork intext:"sponsored by AXIANS" Date: 29/03/2017 Exploit Author: Dany Bach Vendor Homepage: https://www.eyesofnetwork.com/ Software Link:...

7.4AI score
Exploits0
Total number of security vulnerabilities47904