Lucene search
K
ExploitdbRecent

47904 matches found

Exploit DB
Exploit DB
added 2020/01/06 12:0 a.m.296 views

Adaware Web Companion 4.9.2159 - 'WCAssistantService' Unquoted Service Path

Exploit Title: Adaware Web Companion 4.9.2159 - 'WCAssistantService' Unquoted Service Path Exploit Author : ZwX Exploit Date: 2020-01-05 Vendor Homepage : http://webcompanion.com/ Link Software :...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/01/06 12:0 a.m.150 views

BlueAuditor 1.7.2.0 - 'Name' Denial of Service (PoC)

Exploit Title: BlueAuditor 1.7.2.0 - 'Name' Denial of Service PoC Exploit Author : Ismail Tasdelen Exploit Date: 2020-01-06 Vendor Homepage : http://www.nsauditor.com/ Link Software : http://www.nsauditor.com/downloads/blueauditorsetup.exe Tested on OS: Windows 10 CVE : N/A ''' Proof of Concept...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/01/06 12:0 a.m.177 views

Office Product Key Finder 1.5.4 - Denial of Service (PoC)

Exploit Title: Office Product Key Finder 1.5.4 - Denial of Service PoC Date: 2020-01-06 Vendor Homepage: http://www.nsauditor.com/ Software Link: http://www.nsauditor.com/downloads/officeproductkeyfindersetup.exe Exploit Author: Gokkul Tested Version: v1.5.4 Tested on: Windows 7 x64 Software...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/01/06 12:0 a.m.25 views

SpotFTP FTP Password Recovery 3.0.0.0 - 'Key' Denial of Service (PoC)

Exploit Title: SpotFTP FTP Password Recovery 3.0.0.0 - 'Key' Denial of Service PoC Exploit Author : Ismail Tasdelen Exploit Date: 2020-01-06 Vendor Homepage : http://www.nsauditor.com/ Link Software : http://www.nsauditor.com/downloads/spotftpsetup.exe Tested on OS: Windows 10 CVE : N/A ''' Proof...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/01/06 12:0 a.m.208 views

TextCrawler Pro3.1.1 - Denial of Service (PoC)

Exploit Title: TextCrawler Pro3.1.1 - Denial of Service PoC Date: 2020-05-01 Vendor Homepage:https://www.digitalvolcano.co.uk/index.html Software Link: https://www.digitalvolcano.co.uk/download/TextCrawlerPro=setup.exe Exploit Author: Achilles Tested Version: 3.1.1 Tested on: Windows 7 x64 1.- Ru...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/01/06 12:0 a.m.185 views

NetShareWatcher 1.5.8.0 - 'Key' Denial of Service (PoC)

Exploit Title: NetShareWatcher 1.5.8.0 - 'Key' Denial of Service PoC Exploit Author : Ismail Tasdelen Exploit Date: 2020-01-06 Vendor Homepage : http://www.nsauditor.com/ Link Software : http://netsharewatcher.nsauditor.com/downloads/NetShareWatchersetup.exe Tested on OS: Windows 10 CVE : N/A '''...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/01/06 12:0 a.m.210 views

FTPGetter Professional 5.97.0.223 - Denial of Service (PoC)

Exploit Title: FTPGetter Professional 5.97.0.223 - Denial of Service PoC Google Dork: N/A Date: 2020-01-03 Exploit Author: FULLSHADE Vendor Homepage: https://www.ftpgetter.com/ Software Link: https://www.ftpgetter.com/ftpgetterprosetup.exe Version: v.5.97.0.223 Tested on: Windows 7 CVE : N/A...

7.5CVSS7.8AI score0.02013EPSS
Exploits5
Exploit DB
Exploit DB
added 2020/01/06 12:0 a.m.140 views

SpotFTP FTP Password Recovery 3.0.0.0 - 'Name' Denial of Service (PoC)

Exploit Title: SpotFTP FTP Password Recovery 3.0.0.0 - 'Name' Denial of Service PoC Exploit Author : Ismail Tasdelen Exploit Date: 2020-01-06 Vendor Homepage : http://www.nsauditor.com/ Link Software : http://www.nsauditor.com/downloads/spotftpsetup.exe Tested on OS: Windows 10 CVE : N/A ''' Proo...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2020/01/06 12:0 a.m.197 views

elaniin CMS 1.0 - Authentication Bypass

Exploit Title: elaniin CMS 1.0 - Authentication Bypass Author: riamloo Date: 2020-01-02 Vendor Homepage: https://elaniin.com/ github == https://github.com/elaniin/ Software Link: https://github.com/elaniin/CMS/archive/master.zip Version: 1 CVE: N/A Tested on: Win 10 Discription: Open-source Conte...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/01/06 12:0 a.m.193 views

ShareAlarmPro Advanced Network Access Control - 'Key' Denial of Service (PoC)

Exploit Title: ShareAlarmPro Advanced Network Access Control - 'Key' Denial of Service PoC Exploit Author : Ismail Tasdelen Exploit Date: 2020-01-06 Vendor Homepage : http://www.nsauditor.com/ Link Software : http://www.nsauditor.com/downloads/networksleuthsetup.exe Tested on OS: Windows 10 CVE :...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/01/06 12:0 a.m.22 views

SpotDialup 1.6.7 - 'Key' Denial of Service (PoC)

Exploit Title: SpotDialup 1.6.7 - 'Key' Denial of Service PoC Exploit Author : Ismail Tasdelen Exploit Date: 2020-01-06 Vendor Homepage : http://www.nsauditor.com/ Link Software : http://www.nsauditor.com/downloads/spotdialupsetup.exe Tested on OS: Windows 10 CVE : N/A ''' Proof of Concept PoC:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/01/06 12:0 a.m.211 views

Microsoft Outlook VCF cards - Denial of Service (PoC)

Exploit Title: Microsoft Outlook VCF cards - Denial of Service PoC Date: 2020-01-04 Exploit Author: hyp3rlinx Vendor Homepage: www.microsoft.com + Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/01/06 12:0 a.m.233 views

Codoforum 4.8.3 - Persistent Cross-Site Scripting

Exploit Title: Codoforum 4.8.3 - Persistent Cross-Site Scripting Google Dork: intext:"Powered by Codoforum" Date: 2020-01-03 Exploit Author: Prasanth c41m, Vyshnav Vizz Vendor Homepage: https://codoforum.com/index.php Software Link: https://codoforum.com/buy Version: Codoforum 4.8.3 Tested on:...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2020/01/06 12:0 a.m.169 views

RemShutdown 2.9.0.0 - 'Name' Denial of Service (PoC)

Exploit Title: RemShutdown 2.9.0.0 - 'Name' Denial of Service PoC Exploit Author : Ismail Tasdelen Exploit Date: 2020-01-06 Vendor Homepage : http://www.nsauditor.com/ Link Software : http://www.nsauditor.com/downloads/remshutdownsetup.exe Tested on OS: Windows 10 CVE : N/A ''' Proof of Concept...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/01/03 12:0 a.m.279 views

Plantronics Hub 3.13.2 - Local Privilege Escalation

Exploit Title: Plantronics Hub 3.13.2 - Local Privilege Escalation Date: 2020-01-2 Exploit Author: Markus Krell - @MarkusKrell Vendor Homepage: https://support.polycom.com/content/dam/polycom-support/global/documentation/plantronics-hub-local-privilege-escalation-vulnerability.pdf Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/01/03 12:0 a.m.232 views

Karakuzu ERP Management Web 5.7.0 - 'k_adi_duz' SQL Injection

Exploit Title: Karakuzu ERP Management Web 5.7.0 - 'kadiduz' SQL Injection Discovery Date: 2019-09-20 Exploit Author: Hakan TAŞKÖPRÜ Vendor Homepage: http://karakuzu.info/ Effected Version = 5.7.0 Vulnerability 1: Unauthenticated SQL Injection ==================================================...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/01/03 12:0 a.m.313 views

Online Course Registration 2.0 - Remote Code Execution

Exploit Title: Online Course Registration 2.0 - Remote Code Execution Exploit Author: Metin Yunus Kandemir Vendor Homepage: https://phpgurukul.com/ Software Link: https://phpgurukul.com/online-course-registration-free-download/ Version: v2.0 Category: Webapps Tested on: Xampp for Windows...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/01/02 12:0 a.m.167 views

Hospital Management System 4.0 - 'searchdata' SQL Injection

Exploit Title: Hospital Management System 4.0 - 'searchdata' SQL Injection Google Dork: N/A Date: 2020-01-02 Exploit Author: FULLSHADE Vendor Homepage: https://phpgurukul.com/ Software Link: https://phpgurukul.com/hospital-management-system-in-php/ Version: v4.0 Tested on: Windows CVE :...

8.8CVSS9.1AI score0.1681EPSS
Exploits3
Exploit DB
Exploit DB
added 2020/01/02 12:0 a.m.130 views

MSN Password Recovery 1.30 - Denial of Service (PoC)

Exploit Title: MSN Password Recovery 1.30 - Denial of Service PoC Date: 2020-01-02 Vendor Homepage: https://www.top-password.com/ Software Link: https://www.top-password.com/download/MSNPRSetup.exe Exploit Author: Gokkulraj Tested Version: v1.30 Tested on: Windows 7 x64 1.- Download and install M...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/01/02 12:0 a.m.254 views

Hospital Management System 4.0 - Persistent Cross-Site Scripting

Exploit Title: Hospital Management System 4.0 - Persistent Cross-Site Scripting Google Dork: N/A Date: 2020-01-02 Exploit Author: FULLSHADE Vendor Homepage: https://phpgurukul.com/ Software Link: https://phpgurukul.com/hospital-management-system-in-php/ Version: v4.0 Tested on: Windows CVE :...

6.1CVSS6.6AI score0.0552EPSS
Exploits3
Exploit DB
Exploit DB
added 2020/01/02 12:0 a.m.303 views

BloodX 1.0 - Authentication Bypass

Exploit Title: BloodX 1.0 - Authentication Bypass Author: riamloo Date: 2019-12-31 Vendor Homepage: https://github.com/diveshlunker/BloodX Software Link: https://github.com/diveshlunker/BloodX/archive/master.zip Version: 1 CVE: N/A Tested on: Win 10 Discription: An standalone platform which lets...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/01/02 12:0 a.m.154 views

Microsoft Windows - Shell COM Server Registrar Local Privilege Escalation

// Axel '0vercl0k' Souchet - December 28 2019 // References: // - Found by an anonymous researcher, written up by Simon '@HexKitchen' Zuckerbraun // - https://www.zerodayinitiative.com/blog/2019/12/19/privilege-escalation-via-the-core-shell-com-registrar-object // -...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/01/01 12:0 a.m.406 views

Hospital Management System 4.0 - Authentication Bypass

Exploit Title: Hospital Management System 4.0 - Authentication Bypass Exploit Author: Metin Yunus Kandemir kandemir Vendor Homepage: https://phpgurukul.com/ Software Link: https://phpgurukul.com/hospital-management-system-in-php/ Version: v4.0 Category: Webapps Tested on: Xampp for Windows...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/01/01 12:0 a.m.322 views

IBM InfoPrint 4247-Z03 Impact Matrix Printer - Directory Traversal

Exploit Title: IBM InfoPrint 4247-Z03 Impact Matrix Printer - Directory Traversal Date: 2020-01-01 Exploit Author: Raif Berkay Dincel Vendor Homepage: ibm.com Software https://www-01.ibm.com/common/ssi/cgi-bin/ssialias?subtype=ca&infotype=an&appname=iSource&supplier=897&letternum=ENUS107-295...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/01/01 12:0 a.m.1122 views

Shopping Portal ProVersion 3.0 - Authentication Bypass

Exploit Title: Shopping Portal ProVersion 3.0 - Authentication Bypass Exploit Author: Metin Yunus Kandemir kandemir Vendor Homepage: https://phpgurukul.com/ Software Link: https://phpgurukul.com/shopping-portal-free-download/ Version: v4.0 Category: Webapps Tested on: Xampp for Windows Descriptio...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/01/01 12:0 a.m.239 views

Microsoft Windows .Group File - Code Execution

Exploit Title: Microsoft Windows .Group File - Code Execution Date: 2020-01-01 Exploit Author: hyp3rlinx Vendor Homepage: www.microsoft.com Version: 1.9.6 Tested on: Windows CVE : N/A + Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2020/01/01 12:0 a.m.318 views

nostromo 1.9.6 - Remote Code Execution

Exploit Title: nostromo 1.9.6 - Remote Code Execution Date: 2019-12-31 Exploit Author: Kr0ff Vendor Homepage: Software Link: http://www.nazgul.ch/dev/nostromo-1.9.6.tar.gz Version: 1.9.6 Tested on: Debian CVE : CVE-2019-16278 cve201916278.py !/usr/bin/env python import sys import socket art = """...

9.8CVSS9.8AI score0.99057EPSS
Exploits24
Exploit DB
Exploit DB
added 2019/12/31 12:0 a.m.101 views

WordPress Plugin Ultimate Addons for Beaver Builder 1.2.4.1 - Authentication Bypass

Exploit Title: Wordpress Ultimate Addons for Beaver Builder 1.2.4.1 - Authentication Bypass Date: 2019-12-21 Exploit Authors: Raphael Karger & Nathan Hrncirik Vendor Homepage: https://www.ultimatebeaver.com/ Version: Ultimate Addons for Beaver Builder | || | |/| / /| / //\ | /|//|||| / / / /...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2019/12/31 12:0 a.m.348 views

NextVPN v4.10 - Insecure File Permissions

Exploit Title: NextVPN v4.10 - Insecure File Permissions Date: 2019-12-23 Exploit Author: SajjadBnd Contact: [email protected] Vendor Homepage: https://vm3max.site Software Link:http://dl.spacevm.com/NextVPNSetup-v4.10.exe Version: 4.10 Tested on: Win10 Professional x64 Description The NextVPN...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/12/31 12:0 a.m.183 views

Sony Playstation 4 (PS4) < 6.72 - WebKit Code Execution (PoC)

/ badhoist ============ Exploit implementation of CVE-2018-4386. Obtains addrof/fakeobj and arbitrary read/write primitives. Supports PS4 consoles on 6.XX. May also work on older firmware versions, but I am not sure. Bug was fixed in firmware 7.00. EDB Note Download:...

8.8CVSS8.3AI score0.06463EPSS
Exploits6
Exploit DB
Exploit DB
added 2019/12/30 12:0 a.m.217 views

MyDomoAtHome REST API Domoticz ISS Gateway 0.2.40 - Information Disclosure

Exploit: MyDomoAtHome REST API Domoticz ISS Gateway 0.2.40 - Information Disclosure Date: 2019-12-30 Author: LiquidWorm Vendor: Emmanuel Product web page: https://github.com/empierre/MyDomoAtHome https://www.domoticz.com/wiki/ImperiHome https://docs.imperihome.com/app/iss Affected version: 0.2.40...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/12/30 12:0 a.m.99 views

XEROX WorkCentre 7830 Printer - Cross-Site Request Forgery (Add Admin)

Exploit Title: XEROX WorkCentre 7830 Printer - Cross-Site Request Forgery Add Admin Date: 2018-12-19 Exploit Author: Ismail Tasdelen Vendor Homepage: https://www.xerox.com/ Hardware Link : https://www.office.xerox.com/en-us/multifunction-printers/workcentre-7800-series Software : Xerox Printer...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/12/30 12:0 a.m.131 views

Heatmiser Netmonitor 3.03 - Hardcoded Credentials

Exploit Title: Heatmiser Netmonitor 3.03 - Hardcoded Credentials Date: 2019-12-22 Exploit Author: Ismail Tasdelen Vendor Homepage: https://www.heatmiser.com/en/ Hardware Link: https://www.zoneregeling.nl/heatmiser/netmonitor-handleiding.pdf Software: Netmonitor v3.03 Product Version: Netmonitor...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/12/30 12:0 a.m.107 views

AVE DOMINAplus 1.10.x - Authentication Bypass

Exploit: AVE DOMINAplus 1.10.x - Authentication Bypass Date: 2019-12-30 Author: LiquidWorm Vendor: AVE S.p.A. Product web page: https://www.ave.it | https://www.domoticaplus.it Affected version: Web Server Code 53AB-WBS - 1.10.62 Advisory ID: ZSL-2019-5549 Advisory URL:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/12/30 12:0 a.m.161 views

HomeAutomation 3.3.2 - Persistent Cross-Site Scripting

Exploit: HomeAutomation 3.3.2 - Persistent Cross-Site Scripting Date: 2019-12-30 Author: LiquidWorm Vendor: Tom Rosenback and Daniel Malmgren Product web page: http://karpero.mine.nu/ha/ Affected version: 3.3.2 Tested on: Apache/2.4.41 centos OpenSSL/1.0.2k-fips Advisory ID: ZSL-2019-5556 Advisor...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/12/30 12:0 a.m.139 views

XEROX WorkCentre 7855 Printer - Cross-Site Request Forgery (Add Admin)

Exploit Title: XEROX WorkCentre 7855 Printer - Cross-Site Request Forgery Add Admin Date: 2018-12-19 Exploit Author: Ismail Tasdelen Vendor Homepage: https://www.xerox.com/ Hardware Link : https://www.office.xerox.com/en-us/multifunction-printers/workcentre-7800-series/ Software : Xerox Printer...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/12/30 12:0 a.m.302 views

Thrive Smart Home 1.1 - Authentication Bypass

Exploit: Thrive Smart Home 1.1 - Authentication Bypass Date: 2019-12-30 Author: LiquidWorm Vendor: Thrive Product web page: http://www.thrivesmarthomes.com Affected version: 1.1 Tested on: Apache/2.4.41 centos OpenSSL/1.0.2k-fips Advisory ID: ZSL-2019-5554 Advisory URL:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/12/30 12:0 a.m.84 views

FTP Navigator 8.03 - Stack Overflow (SEH)

Exploit Title: FTP Navigator 8.03 - Stack Overflow SEH Date: December 28th, 2019 Exploit Author: boku Discovered by: Chris Inzinga Original DoS: FTP Navigator 8.03 - 'Custom Command' Denial of Service SEH Original DoS Link: https://www.exploit-db.com/exploits/47794 Software Vendor:...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2019/12/30 12:0 a.m.235 views

WEMS BEMS 21.3.1 - Undocumented Backdoor Account

Exploit: WEMS BEMS 21.3.1 - Undocumented Backdoor Account Date: 2019-12-30 Author: LiquidWorm Vendor: WEMS Limited Product web page: https://www.wems.co.uk Advisory ID: ZSL-2019-5552 Advisory URL: https://www.zeroscience.mk/en/vulnerabilities/ZSL-2019-5552.php WEMS BEMS 21.3.1 Undocumented Backdo...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/12/30 12:0 a.m.218 views

AVE DOMINAplus 1.10.x - Cross-Site Request Forgery (enable/disable alarm)

Exploit: AVE DOMINAplus 1.10.x - Cross-Site Request Forgery enable/disable alarm Date: 2019-12-30 Author: LiquidWorm Vendor: AVE S.p.A. Product web page: https://www.ave.it | https://www.domoticaplus.it Affected version: Web Server Code 53AB-WBS - 1.10.62 Advisory ID: ZSL-2019-5547 Advisory URL:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/12/30 12:0 a.m.132 views

AVE DOMINAplus 1.10.x - Credential Disclosure

Exploit: AVE DOMINAplus 1.10.x - Credential Disclosure Date: 2019-12-30 Author: LiquidWorm Vendor: AVE S.p.A. Product web page: https://www.ave.it | https://www.domoticaplus.it Affected version: Web Server Code 53AB-WBS - 1.10.62 Advisory ID: ZSL-2019-5550 Advisory URL:...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2019/12/30 12:0 a.m.152 views

AVE DOMINAplus 1.10.x - Unauthenticated Remote Reboot

Exploit: AVE DOMINAplus 1.10.x - Unauthenticated Remote Reboot Date: 2019-12-30 Author: LiquidWorm Vendor: AVE S.p.A. Product web page: https://www.ave.it | https://www.domoticaplus.it Affected version: Web Server Code 53AB-WBS - 1.10.62 Advisory ID: ZSL-2019-5548 Advisory URL:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/12/30 12:0 a.m.131 views

Heatmiser Netmonitor 3.03 - HTML Injection

Exploit Title: Heatmiser Netmonitor 3.03 - HTML Injection Date: 2019-12-22 Exploit Author: Ismail Tasdelen Vendor Homepage: https://www.heatmiser.com/en/ Hardware Link: https://www.zoneregeling.nl/heatmiser/netmonitor-handleiding.pdf Software: Netmonitor v3.03 Product Version: Netmonitor v3.03...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/12/30 12:0 a.m.147 views

Domain Quester Pro 6.02 - Stack Overflow (SEH)

Exploit Title: Domain Quester Pro 6.02 - Stack Overflow SEH Date: 2019-12-26 Exploit Author: boku Software Vendor: http://www.internet-soft.com/ Software Link: http://www.internet-soft.com/DEMO/questerprosetup.exe Version: Version 6.02 Tested on: Microsoft Windows 7 Enterprise - 6.1.7601 Service...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/12/30 12:0 a.m.150 views

FreeBSD-SA-19:15.mqueuefs - Privilege Escalation

Exploit: FreeBSD-SA-19:15.mqueuefs - Privilege Escalation Author: Karsten König of Secfault Security Date: 2019-12-30 Change line 719 to choose which vulnerability is targeted libmap.conf primitive inspired by kcope's 2005 exploit for Qpopper Exploit for FreeBSD-SA-19:15.mqueuefs and...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/12/30 12:0 a.m.127 views

FreeBSD-SA-19:02.fd - Privilege Escalation

Exploit: FreeBSD-SA-19:02.fd - Privilege Escalation Date: 2019-12-30 Author: Karsten König of Secfault Security Twitter: @gr4yf0x Kudos: Maik, greg and Dirk for discussion and inspiration CVE: CVE-2019-5596 libmap.conf primitive inspired by kcope's 2005 exploit for Qpopper !/bin/sh echo "+ Root...

8.8CVSS9AI score0.01229EPSS
Exploits4
Exploit DB
Exploit DB
added 2019/12/30 12:0 a.m.140 views

RICOH Web Image Monitor 1.09 - HTML Injection

Exploit Title: RICOH Web Image Monitor 1.09 - HTML Injection Date: 2019-05-06 Exploit Author: Ismail Tasdelen Vendor Homepage: https://www.ricoh.com/ Hardware Link: http://support-download.com/services/device/webhlp/nb/gen/v140cc1/en/ptop010.html Software: RICOH Web Image Monitor Product Version:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/12/30 12:0 a.m.234 views

AVS Audio Converter 9.1.2.600 - Stack Overflow (PoC)

Exploit Title: AVS Audio Converter 9.1.2.600 - Stack Overflow PoC Date: December 2019-12-28 Exploit Author: boku Original DoS: https://www.exploit-db.com/exploits/47788 Original DoS Author: ZwX Software Vendor: http://www.avs4you.com/ Software Link: http://www.avs4you.com/avs-audio-converter.aspx...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/12/30 12:0 a.m.147 views

HomeAutomation 3.3.2 - Remote Code Execution

Exploit: HomeAutomation 3.3.2 - Remote Code Execution Date: 2019-12-30 Author: LiquidWorm Vendor: Tom Rosenback and Daniel Malmgren Product web page: http://karpero.mine.nu/ha/ Affected version: 3.3.2 Tested on: Apache/2.4.41 centos OpenSSL/1.0.2k-fips Advisory ID: ZSL-2019-5560 Advisory URL:...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2019/12/30 12:0 a.m.124 views

Wing FTP Server 6.0.7 - Unquoted Service Path

Exploit Title: Wing FTP Server 6.0.7 - Unquoted Service Path Date: 2019-12-30 Exploit Author: Nawaf Alkeraithe Vendor Homepage: https://www.wftpserver.com/ Version: 6.0.7 Tested on: Windows 10 CVE : N/A PoC: C:\Users\usersc qc "Wing FTP Server" SC QueryServiceConfig SUCCESS SERVICENAME: Wing FTP...

7.4AI score
Exploits0
Total number of security vulnerabilities47904