Lucene search
K
ExploitdbRecent

47904 matches found

Exploit DB
Exploit DB
added 2020/01/24 12:0 a.m.204 views

TP-Link TP-SG105E 1.0.0 - Unauthenticated Remote Reboot

Exploit Title: TP-Link TP-SG105E 1.0.0 - Unauthenticated Remote Reboot Date: 2020-01-20 Exploit Author: PCEumel Vendor Homepage: https://www.tp-link.com/ Software Link: https://www.tp-link.com/us/support/download/tl-sg105e/Firmware Version: TP-Link TP-SG105E V4 Tested on: TP-SG105E V4 1.0.0 Build...

7.8CVSS7.7AI score0.37821EPSS
Exploits3
Exploit DB
Exploit DB
added 2020/01/24 12:0 a.m.321 views

Genexis Platinum-4410 2.1 - Authentication Bypass

Exploit Title: Genexis Platinum-4410 2.1 - Authentication Bypass Date: 20220-01-08 Exploit Author: Husinul Sanub Author Contact: https://www.linkedin.com/in/husinul-sanub-658239106/ Vulnerable Product: Genexis Platinum-4410 v2.1 Home Gateway Router https://genexis.co.in/product/ont/ Firmware...

9.8CVSS9.7AI score0.07329EPSS
Exploits5
Exploit DB
Exploit DB
added 2020/01/24 12:0 a.m.248 views

OLK Web Store 2020 - Cross-Site Request Forgery

Exploit Title: OLK Web Store 2020 - Cross-Site Request Forgery Google Dork: intext:"TopManage ® 2002 - 2020" Date: 2020-01-13 Exploit Author: Joel Aviad Ossi Vendor Homepage: http://www.topmanage.com/ Software Link: http://www.topmanage.com/microsites/olk-web-store/ Version: 2020 Tested on: N/A C...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/01/24 12:0 a.m.477 views

Webtareas 2.0 - 'id' SQL Injection

Exploit Title: Webtareas 2.0 - 'id' SQL Injection Date: 2020-01-23 Exploit Author: Greg.Priest Vendor Homepage: http://webtareas.sourceforge.net/general/home.php Software Link: http://webtareas.sourceforge.net/general/home.php Version: Webtareas v2.0 Tested on: Windows CVE : N/A Webtareas v2.0...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/01/23 12:0 a.m.52 views

Remote Desktop Gateway - 'BlueGate' Denial of Service (PoC)

include "BlueGate.h" / EDB Note: - Download Source - Download Binary / void errorconst char msg printf"ERROR: %s\n", msg; exitEXITFAILURE; void SOCKInit WSADATA wsaData; int res; res = WSAStartupMAKEWORD2, 2, &wsaData; if res != 0 error"WSAStartup failed"; void DTLSInit SSLlibraryinit;...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/01/23 12:0 a.m.332 views

Reliable Datagram Sockets (RDS) - rds_atomic_free_op NULL pointer dereference Privilege Escalation (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Reliable Datagram Sockets RDS rdsatomicfreeop NULL pointer dereference Privilege Escalation', 'Description' = %q This module attempts to gain roo...

5.5CVSS7.4AI score0.07679EPSS
Exploits5
Exploit DB
Exploit DB
added 2020/01/23 12:0 a.m.216 views

BOOTP Turbo 2.0 - Denial of Service (SEH)(PoC)

Exploit Title: BOOTP Turbo 2.0 - Denial of Service SEHPoC Exploit Author: boku Date: 2020-01-22 Software Vendor: Wierd Solutions Vendor Homepage: https://www.weird-solutions.com Software Link: https://www.weird-solutions.com/download/products/bootptdemoIA32.exe Version: BOOTP Turbo x86 Version 2....

7AI score
Exploits0
Exploit DB
Exploit DB
added 2020/01/23 12:0 a.m.245 views

qdPM 9.1 - Remote Code Execution

Exploit Title: qdPM 9.1 - Remote Code Execution Google Dork: intitle:qdPM 9.1. Copyright © 2020 qdpm.net Date: 2020-01-22 Exploit Author: Rishal Dwivedi Loginsoft Vendor Homepage: http://qdpm.net/ Software Link: http://qdpm.net/download-qdpm-free-project-management Version: =1.9.1 Tested on:...

8.8CVSS8.7AI score0.83235EPSS
Exploits16
Exploit DB
Exploit DB
added 2020/01/23 12:0 a.m.398 views

Pachev FTP Server 1.0 - Path Traversal

Exploit Title: Pachev FTP Server 1.0 - Path Traversal Date: 2020-01-23 Vulnerability: Path Traversal Exploit Author: 1F98D Vendor Homepage: https://github.com/pachev/pachevftp from ftplib import FTP ip = rawinput"Target IP: " port = intrawinput"Target Port: " ftp = FTP ftp.connecthost=ip, port=po...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/01/23 12:0 a.m.234 views

Remote Desktop Gateway - 'BlueGate' Denial of Service (PoC)

include "BlueGate.h" / EDB Note: - Download Binary https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/47964-1.exe - Download Source https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/47964-2.zip / void errorconst char msg printf"ERROR:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/01/22 12:0 a.m.852 views

Citrix XenMobile Server 10.8 - XML External Entity Injection

Exploit Title: Citrix XenMobile Server 10.8 - XML External Entity Injection Google Dork: inurl:zdm logon Date: 2019-11-28 Exploit Author: Jonas Lejon Vendor Homepage: https://www.citrix.com Software Link: Version: XenMobile Server 10.8 before RP2 and 10.7 before RP3 Tested on: XenMobile CVE :...

9.8CVSS7AI score0.06801EPSS
Exploits4
Exploit DB
Exploit DB
added 2020/01/22 12:0 a.m.357 views

KeePass 2.44 - Denial of Service (PoC)

Exploit Title : KeePass 2.44 - Denial of Service PoC Product : KeePass Password Safe Version : Help About KeePass Help any local help area Drag&Drop HTML File Save the contents to html. Payload-1: DoS & Run Cmd //=0;i-- tryo+=x.c" + "harAti;catchereturn o;f"\"function fx,yvar i,o=\"\\\""+...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/01/22 12:0 a.m.179 views

Ricoh Printer Drivers - Local Privilege Escalation

/ This proof of concept code monitors file changes on Ricoh's driver DLL files and overwrites a DLL file before the library is loaded CVE-2019-19363. Written by Pentagrid AG, 2019. Cf. https://pentagrid.ch/en/blog/local-privilege-escalation-in-ricoh-printer-drivers-for-windows-cve-2019-19363/...

7.8CVSS7.8AI score0.04566EPSS
Exploits8
Exploit DB
Exploit DB
added 2020/01/21 12:0 a.m.766 views

ManageEngine Network Configuration Manager 12.2 - 'apiKey' SQL Injection

Exploit Title: ManageEngine Network Configuration Manager 12.2 - 'apiKey' SQL Injection discovery Date: 2019-01-24 published : 2020-01-20 Exploit Author: AmirHadi Yazdani Vendor Homepage: https://www.manageengine.com/network-configuration-manager/ Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/01/21 12:0 a.m.136 views

Microsoft SharePoint - Deserialization Remote Code Execution

!/usr/bin/env python3 -- coding: utf-8 -- import requests import sys from xml.sax.saxutils import escape from lxml import html import codecs import readline from clint.arguments import Args import signal def serializecommandcmd: total = "" for x in cmd: a = codecs.encodex,"utf-16be" b =...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/01/21 12:0 a.m.213 views

NEOWISE CARBONFTP 1.4 - Weak Password Encryption

Exploit Title: NEOWISE CARBONFTP 1.4 - Weak Password Encryption discovery Date: 2019-01-24 published : 2020-01-20 Exploit Author: hyp3rlinx Vendor Homepage: https://www.neowise.com Software Link: https://www.neowise.com/freeware/ Version: 1.4 + Credits: John Page aka hyp3rlinx + Website:...

5.5CVSS5.5AI score0.00967EPSS
Exploits8
Exploit DB
Exploit DB
added 2020/01/20 12:0 a.m.707 views

Adive Framework 2.0.8 - Persistent Cross-Site Scripting

Exploit Title: Adive Framework 2.0.8 - Persistent Cross-Site Scripting Exploit Author: Sarthak Saini Dork: N/A Date: 2020-01-18 Vendor Link : https://www.adive.es/ Software Link: https://github.com/ferdinandmartin/adive-php7 Version: 2.0.8 Category: Webapps Tested on: windows64bit / mozila firefo...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/01/20 12:0 a.m.271 views

Sysax Multi Server 5.50 - Denial of Service (PoC)

Exploit Title: Sysax Multi Server 5.50 - Denial of Service PoC Google Dork: NA Date: 2020-01-20 Exploit Author: Shailesh Kumavat Vendor Homepage: https://www.sysax.com/ Software Link: https://www.sysax.com/download.htmsysaxserv Version: Sysax Multi Server 5.50 Tested on: WIndow 7 CVE : if...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/01/20 12:0 a.m.190 views

Centreon 19.04 - Authenticated Remote Code Execution (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "Centreon Authenticated Macro Expression Location Setting Handler Code Execution", "Description" = %q Authenticated Remote Code Execution on...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/01/20 12:0 a.m.171 views

Easy XML Editor 1.7.8 - XML External Entity Injection

Exploit Title: Easy XML Editor 1.7.8 - XML External Entity Injection Exploit Author: Javier Olmedo Date: 2018-11-21 Vendor: Richard Wuerflein Software Link: https://www.edit-xml.com/EasyXMLEditor.exe Affected Version: 1.7.8 and before Patched Version: unpatched Category: Local Platform: XML Teste...

8.1CVSS8.2AI score0.05163EPSS
Exploits5
Exploit DB
Exploit DB
added 2020/01/17 12:0 a.m.157 views

GTalk Password Finder 2.2.1 - 'Key' Denial of Service (PoC)

Exploit Title: GTalk Password Finder 2.2.1 - 'Key' Denial of Service PoC Exploit Author: Ismail Tasdelen Exploit Date: 2020-01-16 Vendor Homepage : http://www.nsauditor.com/ Link Software : http://www.nsauditor.com/downloads/gpwdfindersetup.exe Tested on OS: Windows 10 CVE : N/A ''' Proof of...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2020/01/17 12:0 a.m.494 views

Trend Micro Maximum Security 2019 - Arbitrary Code Execution

Exploit Title: Trend Micro Maximum Security 2019 - Arbitrary Code Execution Date: 2020-1-16 Exploit Author: hyp3rlinx Vendor Homepage: www.trendmicro.com Version: Platform Microsoft Windows, Premium Security 2019 v15, Maximum Security 2019 v15 Internet Security 2019 v15, Antivirus + Security 2019...

7.2CVSS6.6AI score0.00818EPSS
Exploits5
Exploit DB
Exploit DB
added 2020/01/17 12:0 a.m.180 views

Plantronics Hub 3.13.2 - SpokesUpdateService Privilege Escalation (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Plantronics Hub SpokesUpdateService Privilege Escalation', 'Description' = %q The Plantronics Hub client application for Windows makes use of an...

7.8CVSS7.4AI score0.04979EPSS
Exploits5
Exploit DB
Exploit DB
added 2020/01/17 12:0 a.m.220 views

Trend Micro Maximum Security 2019 - Privilege Escalation

Exploit Title: Trend Micro Maximum Security 2019 - Privilege Escalation Date: 2020-1-16 Exploit Author: hyp3rlinx Vendor Homepage: www.trendmicro.com Version: Platform Microsoft Windows, Premium Security 2019 v15, Maximum Security 2019 v15 Internet Security 2019 v15, Antivirus + Security 2019 v15...

7.8CVSS7.7AI score0.00732EPSS
Exploits5
Exploit DB
Exploit DB
added 2020/01/17 12:0 a.m.161 views

APKF Product Key Finder 2.5.8.0 - 'Name' Denial of Service (PoC)

Exploit Title: APKF Product Key Finder 2.5.8.0 - 'Name' Denial of Service PoC Exploit Author: Ismail Tasdelen Exploit Date: 2020-01-16 Vendor Homepage : http://www.nsauditor.com/ Link Software : http://www.nsauditor.com/downloads/apkfsetup.exe Tested on OS: Windows 10 CVE : N/A ''' Proof of Conce...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/01/17 12:0 a.m.176 views

Torrent FLV Converter 1.51 Build 117 - Stack Oveflow (SEH partial overwrite)

Exploit Title: Torrent FLV Converter 1.51 Build 117 - Stack Oveflow SEH partial overwrite Date: 2020-01-16 Exploit Author: antonio Vendor Homepage: http://www.torrentrockyou.com/ Software Link: http://www.torrentrockyou.com/download/trflvconverter.exe Version: 1.51 Build 117 Tested on: Windows 7...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/01/17 12:0 a.m.169 views

WordPress Plugin Time Capsule 1.21.16 - Authentication Bypass

Exploit Title: Wordpress Time Capsule Plugin 1.21.16 - Authentication Bypass Date: 2020-01-16 Exploit Author: B. Canavate Vendor Homepage: https://wptimecapsule.com/ Software Link: https://wptimecapsule.com/ Version: Wordpress Time Capsule Plugin 1.21.16 Tested on: LAMP stack with most recent...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/01/17 12:0 a.m.178 views

WordPress Plugin InfiniteWP Client 1.9.4.5 - Authentication Bypass

Exploit Title: Wordpress Plugin InfiniteWP Client 1.9.4.5 - Authentication Bypass Date: 2020-1-16 Exploit Author: Raphael Karger Vendor Homepage: https://infinitewp.com/ Version: InfiniteWP Client 1.9.4.5 !/usr/bin/python3 import requests import json import argparse import base64 import json impo...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/01/16 12:0 a.m.187 views

Rukovoditel Project Management CRM 2.5.2 - 'entities_id' SQL Injection

Exploit Title: Rukovoditel Project Management CRM 2.5.2 - 'entitiesid' SQL Injection Google Dork: N/A Date: 2020-01-15 Blog: https://fatihhcelik.blogspot.com/ Exploit Author: Fatih Çelik Vendor Homepage: https://www.rukovoditel.net/ Software Link: https://sourceforge.net/projects/rukovoditel/...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/01/16 12:0 a.m.277 views

Online Book Store 1.0 - Arbitrary File Upload

Exploit Title: Online Book Store 1.0 - Arbitrary File Upload Google Dork: N/A Date: 2020-01-16 Exploit Author: Or4nG.M4n aka S4udiExploit Vendor Homepage: https://projectworlds.in/free-projects/php-projects/online-book-store-project-in-php/ Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/01/16 12:0 a.m.161 views

Rukovoditel Project Management CRM 2.5.2 - 'filters' SQL Injection

Exploit Title: Rukovoditel Project Management CRM 2.5.2 - 'filters' SQL Injection Google Dork: N/A Date: 2020-01-15 Blog: https://fatihhcelik.blogspot.com/ Exploit Author: Fatih Çelik Vendor Homepage: https://www.rukovoditel.net/ Software Link: https://sourceforge.net/projects/rukovoditel/ Versio...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2020/01/16 12:0 a.m.155 views

Tautulli 2.1.9 - Denial of Service (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Tautulli v2.1.9 - Shutdown Denial of Service', 'Description' = 'Tautulli versions 2.1.9 and prior are vulnerable to denial of service via the...

6.5CVSS6.5AI score0.14706EPSS
Exploits9
Exploit DB
Exploit DB
added 2020/01/16 12:0 a.m.355 views

SunOS 5.10 Generic_147148-26 - Local Privilege Escalation

Exploit: SunOS 5.10 Generic147148-26 - Local Privilege Escalation Date: 2020-01-15 Author: Marco Ivaldi Vendor: www.oracle.com Software Link: https://www.oracle.com/technetwork/server-storage/solaris10/downloads/latest-release/index.html CVE: CVE-2020-2696 / raptordtsessionipa.c - CDE dtsession L...

8.8CVSS8.8AI score0.00643EPSS
Exploits7
Exploit DB
Exploit DB
added 2020/01/16 12:0 a.m.301 views

Citrix Application Delivery Controller (ADC) and Gateway 13.0 - Path Traversal

Exploit Title: Citrix Application Delivery Controller ADC and Gateway 13.0 - Path Traversal Date: 2019-12-17 CVE: CVE-2019-19781 Vulenrability: Path Traversal Vulnerablity Discovery: Mikhail Klyuchnikov Exploit Author: Dhiraj Mishra Vulnerable Version: 10.5, 11.1, 12.0, 12.1, and 13.0 Vendor...

9.8CVSS10AI score0.99999EPSS
Exploits48
Exploit DB
Exploit DB
added 2020/01/16 12:0 a.m.209 views

Rukovoditel Project Management CRM 2.5.2 - 'reports_id' SQL Injection

Exploit Title: Rukovoditel Project Management CRM 2.5.2 - 'reportsid' SQL Injection Google Dork: N/A Date: 2020-01-15 Blog: https://fatihhcelik.blogspot.com/ Exploit Author: Fatih Çelik Vendor Homepage: https://www.rukovoditel.net/ Software Link: https://sourceforge.net/projects/rukovoditel/...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/01/16 12:0 a.m.164 views

Jenkins Gitlab Hook Plugin 1.4.2 - Reflected Cross-Site Scripting

Exploit Title: Jenkins Gitlab Hook Plugin 1.4.2 - Reflected Cross-Site Scripting Exploit Author: Ai Ho Vendor Homepage : https://jenkins.io/ Effective version : Gitlab Hook Plugin 1.4.2 and earlier References: https://jenkins.io/security/advisory/2020-01-15/ CVE: CVE-2020-2096 PoC:...

6.1CVSS6.5AI score0.89434EPSS
Exploits5
Exploit DB
Exploit DB
added 2020/01/16 12:0 a.m.450 views

WordPress Plugin Postie 1.9.40 - Persistent Cross-Site Scripting

Exploit Title: WordPress Plugin Postie 1.9.40 - Persistent Cross-Site Scripting Google Dork: inurl:/wp-content/plugins/postie/readme.txt Date: 2020-01-15 Exploit Author: V1n1v131r4 Vendor Homepage: https://postieplugin.com/ Software Link: https://wordpress.org/plugins/postie/developers Version:...

5.4CVSS5.6AI score0.03376EPSS
Exploits6
Exploit DB
Exploit DB
added 2020/01/15 12:0 a.m.336 views

Microsoft Windows - CryptoAPI (Crypt32.dll) Elliptic Curve Cryptography (ECC) Spoof Code-Signing Certificate

EDB Note Download: https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/47933.zip require 'openssl' raw = File.read "ca.crt" cacert = OpenSSL::X509::Certificate.newraw Parse public key from CA cakey = cacert.publickey if !cakey.instanceof? OpenSSL::PKey::EC then puts "...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/01/15 12:0 a.m.462 views

Barco WePresent - file_transfer.cgi Command Injection (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "Barco WePresent filetransfer.cgi Command Injection", 'Description' = %q This module exploits an unauthenticated remote command injection...

10CVSS7AI score0.98952EPSS
Exploits10
Exploit DB
Exploit DB
added 2020/01/15 12:0 a.m.188 views

Huawei HG255 - Directory Traversal (Metasploit)

This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. class MetasploitModule 'Huawei HG255 Directory Traversal', ‘Description’ = ‘Server Directory...

7.8CVSS7.4AI score0.073EPSS
Exploits6
Exploit DB
Exploit DB
added 2020/01/15 12:0 a.m.149 views

Online Book Store 1.0 - 'bookisbn' SQL Injection

Exploit Title: Online Book Store 1.0 - 'bookisbn' SQL Injection Google Dork: N/A Date: 2020-01-15 Exploit Author: AmirHadi Yazdani Ertebat Gostar Co. Vendor Homepage: https://projectworlds.in/free-projects/php-projects/online-book-store-project-in-php/ Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/01/15 12:0 a.m.142 views

Sagemcom F@ST 3890 (50_10_19-T1) Cable Modem - 'Cable Haunt' Remote Code Execution

// EDB Note: Download https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/47936.zip function buf2hexbuffer // buffer is an ArrayBuffer return Array.prototype.map.callnew Uint8Arraybuffer, x = '00' + x.toString16.slice-2.join''; function insertAtarr, index, toInsert...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/01/14 12:0 a.m.265 views

VPN unlimited 6.1 - Unquoted Service Path

Exploit Title: VPN unlimited 6.1 - Unquoted Service Path Date: 2020-1-13 Exploit Author: Amin Rawah Vendor Homepage: https://www.vpnunlimitedapp.com Version: 6.1 Tested on: Windows 10 64bit C:\Users\Aminsc qc VPNUnlimitedService SC QueryServiceConfig SUCCESS SERVICENAME: VPNUnlimitedService TYPE ...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/01/14 12:0 a.m.127 views

IBM RICOH InfoPrint 6500 Printer - HTML Injection

Exploit Title: IBM RICOH InfoPrint 6500 Printer - HTML Injection Date: 2020-01-02 Exploit Author: Ismail Tasdelen Vendor Homepage: https://www.ibm.com/il-en Hardware Link: http://www-01.ibm.com/common/ssi/cgi-bin/ssialias?infotype=AN&subtype=CA&htmlfid=897/ENUS105-214 Firmware Version: 1.4.40.10...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/01/14 12:0 a.m.324 views

IBM RICOH 6400 Printer - HTML Injection

Exploit Title: IBM RICOH 6400 Printer - HTML Injection Date: 2020-01-02 Exploit Author: Ismail Tasdelen Vendor Homepage: https://www.ibm.com/il-en Hardware Link: https://www-01.ibm.com/common/ssi/cgi-bin/ssialias?infotype=AN&subtype=CA&htmlfid=649/ENUSA02-1405&appname=USN Firmware Version: 1.1.26...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/01/14 12:0 a.m.113 views

Redir 3.3 - Denial of Service (PoC)

Exploit Title: Redir 3.3 - Denial of Service PoC Date: 2020-01-14 Exploit Author: hieubl from HPT Cyber Security Vendor Homepage: https://github.com/troglobit/redir Software Link: https://github.com/troglobit/redir Version: 3.3 Tested on: Kali GNU/Linux Rolling 2019.4 CVE : if applicable The sour...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/01/14 12:0 a.m.111 views

WeChat - Memory Corruption in CAudioJBM::InputAudioFrameToJBM

There is a memory corruption vulnerability in audio processing during a voice call in WeChat. When an RTP packet is processed, there is a call to UnpacketRTP. This function decrements the length of the packet by 12 without checking that the packet has at least 12 bytes in it. This leads to a...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/01/14 12:0 a.m.170 views

Android - ashmem Readonly Bypasses via remap_file_pages() and ASHMEM_UNPIN

This bug report describes two ways in which an attacker can modify the contents of a read-only ashmem fd. I'm not sure at this point what the most interesting user of ashmem is in the current Android release, but there are various users, including Chrome and a bunch of utility classes. In AOSP...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/01/13 12:0 a.m.108 views

TaskCanvas 1.4.0 - 'Registration' Denial Of Service

Exploit Title: TaskCanvas 1.4.0 - 'Registration' Denial Of Service Exploit Author : Ismail Tasdelen Exploit Date: 2020-01-06 Vendor Homepage : https://www.digitalvolcano.co.uk/ Link Software : https://www.digitalvolcano.co.uk/taskcanvasdownload.html Tested on OS: Windows 10 CVE : N/A ''' Proof of...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/01/13 12:0 a.m.109 views

SpotOutlook 1.2.6 - 'Name' Denial of Service (PoC)

Exploit Title: SpotOutlook 1.2.6 - 'Name' Denial of Service PoC Exploit Author: Ismail Tasdelen Exploit Date: 2020-01-06 Vendor Homepage : http://www.nsauditor.com/ Link Software : http://www.nsauditor.com/downloads/spotoutlooksetup.exe Tested on OS: Windows 10 CVE : N/A ''' Proof of Concept PoC:...

7.4AI score
Exploits0
Total number of security vulnerabilities47904