Lucene search
K
ExploitdbRecent

47904 matches found

Exploit DB
Exploit DB
added 2019/12/30 12:0 a.m.150 views

FreeBSD-SA-19:15.mqueuefs - Privilege Escalation

Exploit: FreeBSD-SA-19:15.mqueuefs - Privilege Escalation Author: Karsten König of Secfault Security Date: 2019-12-30 Change line 719 to choose which vulnerability is targeted libmap.conf primitive inspired by kcope's 2005 exploit for Qpopper Exploit for FreeBSD-SA-19:15.mqueuefs and...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/12/30 12:0 a.m.147 views

Domain Quester Pro 6.02 - Stack Overflow (SEH)

Exploit Title: Domain Quester Pro 6.02 - Stack Overflow SEH Date: 2019-12-26 Exploit Author: boku Software Vendor: http://www.internet-soft.com/ Software Link: http://www.internet-soft.com/DEMO/questerprosetup.exe Version: Version 6.02 Tested on: Microsoft Windows 7 Enterprise - 6.1.7601 Service...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/12/30 12:0 a.m.131 views

Heatmiser Netmonitor 3.03 - HTML Injection

Exploit Title: Heatmiser Netmonitor 3.03 - HTML Injection Date: 2019-12-22 Exploit Author: Ismail Tasdelen Vendor Homepage: https://www.heatmiser.com/en/ Hardware Link: https://www.zoneregeling.nl/heatmiser/netmonitor-handleiding.pdf Software: Netmonitor v3.03 Product Version: Netmonitor v3.03...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/12/30 12:0 a.m.127 views

FreeBSD-SA-19:02.fd - Privilege Escalation

Exploit: FreeBSD-SA-19:02.fd - Privilege Escalation Date: 2019-12-30 Author: Karsten König of Secfault Security Twitter: @gr4yf0x Kudos: Maik, greg and Dirk for discussion and inspiration CVE: CVE-2019-5596 libmap.conf primitive inspired by kcope's 2005 exploit for Qpopper !/bin/sh echo "+ Root...

8.8CVSS9AI score0.01229EPSS
Exploits4
Exploit DB
Exploit DB
added 2019/12/30 12:0 a.m.134 views

RICOH SP 4510SF Printer - HTML Injection

Exploit Title: RICOH SP 4510SF Printer - HTML Injection Date: 2019-05-06 Exploit Author: Ismail Tasdelen Vendor Homepage: https://www.ricoh.com/ Hardware Link: http://support.ricoh.com/bb/html/drute/re1/model/sp4510/sp4510.htm Software: RICOH Printer Product Version: SP 4510SF Vulernability Type:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/12/30 12:0 a.m.217 views

MyDomoAtHome REST API Domoticz ISS Gateway 0.2.40 - Information Disclosure

Exploit: MyDomoAtHome REST API Domoticz ISS Gateway 0.2.40 - Information Disclosure Date: 2019-12-30 Author: LiquidWorm Vendor: Emmanuel Product web page: https://github.com/empierre/MyDomoAtHome https://www.domoticz.com/wiki/ImperiHome https://docs.imperihome.com/app/iss Affected version: 0.2.40...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/12/30 12:0 a.m.152 views

AVE DOMINAplus 1.10.x - Unauthenticated Remote Reboot

Exploit: AVE DOMINAplus 1.10.x - Unauthenticated Remote Reboot Date: 2019-12-30 Author: LiquidWorm Vendor: AVE S.p.A. Product web page: https://www.ave.it | https://www.domoticaplus.it Affected version: Web Server Code 53AB-WBS - 1.10.62 Advisory ID: ZSL-2019-5548 Advisory URL:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/12/30 12:0 a.m.217 views

AVE DOMINAplus 1.10.x - Cross-Site Request Forgery (enable/disable alarm)

Exploit: AVE DOMINAplus 1.10.x - Cross-Site Request Forgery enable/disable alarm Date: 2019-12-30 Author: LiquidWorm Vendor: AVE S.p.A. Product web page: https://www.ave.it | https://www.domoticaplus.it Affected version: Web Server Code 53AB-WBS - 1.10.62 Advisory ID: ZSL-2019-5547 Advisory URL:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/12/24 12:0 a.m.155 views

Django < 3.0 < 2.2 < 1.11 - Account Hijack

EDB Note Download: https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/47879.zip djangocve201919844poc PoC for CVE-2019-19844 Requirements - Python 3.7.x - PostgreSQL 9.5 or higher Setup 1. Create databasee.g. djangocve201919844poc 1. Set the database name to the...

9.8CVSS9.6AI score0.3481EPSS
Exploits7
Exploit DB
Exploit DB
added 2019/12/23 12:0 a.m.43 views

XnConvert 1.82 - Denial of Service (PoC)

Exploit Title: XnConvert 1.82 - Denial of Service PoC Date: 2019-12-21 Vendor Homepage: https://www.xnview.com Software Link: https://www.xnview.com/en/apps/ Exploit Author: Gokkulraj TwinTech Solutions Tested Version: v1.82 Tested on: Windows 7 x64 1.- Download and install XnConvert 2.- Run pyth...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/12/23 12:0 a.m.102 views

Prime95 Version 29.8 build 6 - Buffer Overflow (SEH)

Exploit Title: Prime95 Version 29.8 build 6 - Buffer Overflow SEH Date: 2019-12-22 Vendor Homepage: https://www.mersenne.org Software Link: http://www.mersenne.org/ftproot/gimps/p95v298b6.win32.zip Exploit Author: Achilles Tested Version: 29.8 build 6 Tested on: Windows 7 x64 1.- Run python...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/12/20 12:0 a.m.193 views

Microsoft Windows 10 BasicRender.sys - Denial of Service (PoC)

Exploit Title: Microsoft Windows 10 BasicRender.sys - Denial of Service PoC Date: 2019-12-20 Exploit author: vportal Vendor homepage: http://www.microsoft.com Version: Windows 10 1803 x86 Tested on: Windows 10 1803 x86 CVE: N/A A Null pointer deference exists in the WARPGPUCMDSYNC function of the...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/12/20 12:0 a.m.261 views

FreeSWITCH 1.10.1 - Command Execution

Exploit Title: FreeSWITCH 1.10.1 - Command Execution Date: 2019-12-19 Exploit Author: 1F98D Vendor Homepage: https://freeswitch.com/ Software Link: https://files.freeswitch.org/windows/installer/x64/FreeSWITCH-1.10.1-Release-x64.msi Version: 1.10.1 Tested on: Windows 10 x64 FreeSWITCH listens on...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/12/20 12:0 a.m.128 views

phpMyChat-Plus 1.98 - 'pmc_username' Reflected Cross-Site Scripting

Exploit Title: phpMyChat-Plus 1.98 - 'pmcusername' Reflected Cross-Site Scripting Date: 2019-12-19 Exploit Author: Chris Inzinga Vendor Homepage: http://ciprianmp.com/latest/ Download: https://sourceforge.net/projects/phpmychat/ Tested On: Linux & Mac Version: 1.98 CVE: CVE-2019-19908 Description...

6.1CVSS6.5AI score0.21232EPSS
Exploits4
Exploit DB
Exploit DB
added 2019/12/19 12:0 a.m.29 views

SurfOffline Professional 2.2.0.103 - 'Project Name' Denial of Service (SEH)

Exploit Title: SurfOffline Professional 2.2.0.103 - 'Project Name' Denial of Service SEH Date: 2019-12-18 Exploit Author: Chris Inzinga Vendor Homepage: http://www.bimesoft.com/ Software Link: https://www.softpedia.com/get/Internet/Offline-Browsers/SurfOffline.shtml Version: 2.2.0.103 Tested on:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/12/19 12:0 a.m.238 views

Deutsche Bahn Ticket Vending Machine Local Kiosk - Privilege Escalation

Exploit Title: Deutsche Bahn Ticket Vending Machine Local Kiosk - Privilege Escalation Date: 2019-12-18 Exploit Author: Vulnerability-Lab Vendor Homepage: https://www.bahn.de/dbvertrieb/view/leistungen/automaten-fahrkartenentwerter.shtml Tested on: Windows XP Document Title: ===============...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/12/19 12:0 a.m.105 views

FTP Navigator 8.03 - 'Custom Command' Denial of Service (SEH)

Exploit Title: FTP Navigator 8.03 - 'Custom Command' Denial of Service SEH Date: 2019-12-18 Exploit Author: Chris Inzinga Vendor Homepage: http://www.internet-soft.com/ Software Link: https://www.softpedia.com/dyn-postdownload.php/5edd515b8045f156a9dd48599c2539e5/5dfa4560/d0c/0/1 Version: 8.03...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/12/18 12:0 a.m.100 views

XnView 2.49.1 - 'Research' Denial of Service (PoC)

Exploit Title: XnView 2.49.1 - 'Research' Denial of Service PoC Exploit Author : ZwX Exploit Date: 2019-12-17 Vendor Homepage : http://www.xnview.com Link Software : https://www.xnview.com/fr/xnview/downloads Tested on OS: Windows 7 ''' Proof of Concept PoC: ======================= 1.Download and...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/12/18 12:0 a.m.876 views

Telerik UI - Remote Code Execution via Insecure Deserialization

See the full write-up at Bishop Fox, CVE-2019-18935: https://know.bishopfox.com/research/cve-2019-18935-remote-code-execution-in-telerik-ui, for a complete walkthrough of vulnerability and exploit details for this issue along with patching instructions. Install git clone...

9.8CVSS9.8AI score0.99737EPSS
Exploits16
Exploit DB
Exploit DB
added 2019/12/18 12:0 a.m.129 views

AVS Audio Converter 9.1 - 'Exit folder' Buffer Overflow

Exploit Title: AVS Audio Converter 9.1 - 'Exit folder' Buffer Overflow Exploit Author : ZwX Exploit Date: 2019-12-17 Vendor Homepage : http://www.avs4you.com/ Link Software : http://www.avs4you.com/avs-audio-converter.aspx Tested on OS: Windows 7 ''' Technical Details & Description:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/12/18 12:0 a.m.256 views

Xerox AltaLink C8035 Printer - Cross-Site Request Forgery (Add Admin)

Exploit Title: Xerox AltaLink C8035 Printer - Cross-Site Request Forgery Add Admin Date: 2018-12-17 Exploit Author: Ismail Tasdelen Vendor Homepage: https://www.xerox.com/ Hardware Link : https://www.office.xerox.com/en-us/multifunction-printers/altalink-c8000-series Software : Xerox Printer...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/12/18 12:0 a.m.184 views

OpenMRS - Java Deserialization RCE (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'OpenMRS Java Deserialization RCE', 'Description' = %q OpenMRS is an open-source platform that supplies users with a customizable medical record...

10CVSS9.8AI score0.98811EPSS
Exploits10
Exploit DB
Exploit DB
added 2019/12/18 12:0 a.m.118 views

macOS 10.14.6 (18G87) - Kernel Use-After-Free due to Race Condition in wait_for_namespace_event()

The XNU function waitfornamespaceevent in bsd/vfs/vfssyscalls.c releases a file descriptor for use by userspace but may then subsequently destroy that file descriptor using fpfree, which unconditionally frees the fileproc and fileglob. This opens up a race window during which the process could...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/12/18 12:0 a.m.130 views

Tautulli 2.1.9 - Cross-Site Request Forgery (ShutDown)

Exploit Title: Tautulli 2.1.9 - Cross-Site Request Forgery ShutDown Date: 2018-12-17 Exploit Author: Ismail Tasdelen Vendor Homepage: https://tautulli.com/ Software : https://github.com/Tautulli/Tautulli Product Version: v2.1.9 Platform: Windows 10 10.0.18362 Python Version: 2.7.11...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/12/18 12:0 a.m.170 views

Rumpus FTP Web File Manager 8.2.9.1 - Reflected Cross-Site Scripting

Exploit Title: Rumpus FTP Web File Manager 8.2.9.1 - Reflected Cross-Site Scripting Google Dork: site:..com "Web File Manager" inurl:?login= Shodan Dork: Server: Rumpus Date: 2019-12-14 Exploit Author: Harshit Shukla, Sudeepto Roy Vendor Homepage: https://www.maxum.com/ Tested On: Windows & Mac...

6.1CVSS6.5AI score0.2102EPSS
Exploits5
Exploit DB
Exploit DB
added 2019/12/17 12:0 a.m.187 views

Netgear R6400 - Remote Code Execution

Exploit Title: Netgear R6400 - Remote Code Execution Date: 2019-12-14 Exploit Author: Kevin Randall CVE: CVE-2016-6277 Vendor Homepage: https://www.netgear.com/ Category: Hardware Version: V1.0.7.21.1.93 PoC !/usr/bin/python import urllib2 IPADDR = "192.168.1.1" PROTOCOL = "http://" DIRECTORY =...

9.3CVSS8.9AI score0.99781EPSS
Exploits8
Exploit DB
Exploit DB
added 2019/12/17 12:0 a.m.137 views

NopCommerce 4.2.0 - Privilege Escalation

Vulnerability Title: NopCommerce 4.2.0 - Privilege Escalation Author: Alessandro Magnosi d3adc0de Date: 2019-07-07 Vendor Homepage: https://www.nopcommerce.com/ Software Link : https://www.nopcommerce.com/ Tested Version: 4.2.0 Vulnerability Type: Privilege Escalation Tested on OS: Windows 10,...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/12/17 12:0 a.m.155 views

Zendesk App SweetHawk Survey 1.6 - Persistent Cross-Site Scripting

Exploit Title: Zendesk App SweetHawk Survey 1.6 - Persistent Cross-Site Scripting Date: 2019-12-17 Exploit Author: MTK Vendor Homepage: https://sweethawk.co/zendesk/survey-app Software Link: https://www.zendesk.com/apps/support/survey/ Version: Up to v1.6 Tested on: Zendesk - Firefox/Windows...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/12/17 12:0 a.m.145 views

WordPress Core < 5.3.x - 'xmlrpc.php' Denial of Service

!/usr/bin/env python WordPress methodNamepingback.ping" entry += f"paramspingback/COUNT" entry += f"paramspingback/uuid.uuid4" entry += f"target/?p=1" entry += f"target/e" taxes DB more return entry def buildrequestpingback,target,entries: prefix = "system.multicall" suffix = "" request = prefix...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/12/16 12:0 a.m.170 views

D-Link DIR-615 - Privilege Escalation

Exploit Title: D-Link DIR-615 - Privilege Escalation Date: 2019-12-10 Exploit Author: Sanyam Chawla Vendor Homepage: http://www.dlink.co.in Category: Hardware Wi-fi Router Hardware Link: http://www.dlink.co.in/products/?pid=678 Hardware Version: T1 Firmware Version: 20.07 Tested on: Windows 10 an...

6.5CVSS7AI score0.08872EPSS
Exploits3
Exploit DB
Exploit DB
added 2019/12/16 12:0 a.m.123 views

D-Link DIR-615 Wireless Router  -  Persistent Cross-Site Scripting

Exploit Title: D-Link DIR-615 Wireless Router - Persistent Cross-Site Scripting Date: 2019-12-13 Exploit Author: Sanyam Chawla Vendor Homepage: http://www.dlink.co.in Category: Hardware Wi-fi Router Hardware Link: http://www.dlink.co.in/products/?pid=678 Hardware Version: T1 Firmware Version:...

4.8CVSS5.5AI score0.19834EPSS
Exploits3
Exploit DB
Exploit DB
added 2019/12/16 12:0 a.m.321 views

Linux 5.3 - Privilege Escalation via io_uring Offload of sendmsg() onto Kernel Thread with Kernel Creds

Since commit 0fa03c624d8f "iouring: add support for sendmsg", first in v5.3, iouring has support for asynchronously calling sendmsg. Unprivileged userspace tasks can submit IORINGOPSENDMSG submission queue entries, which cause sendmsg to be called either in syscall context in the original task, o...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/12/16 12:0 a.m.125 views

Roxy Fileman 1.4.5 - Directory Traversal

Exploit Title: Roxy Fileman 1.4.5 - Directory Traversal Author: Patrik Lantz Date: 2019-12-06 Software: Roxy Fileman Version: 1.4.5 Vendor Homepage: http://www.roxyfileman.com/ Software Link: http://www.roxyfileman.com/download.php?f=1.4.5-net CVE: CVE-2019-19731 Tested on: ASP.NET 4.0.30319 and...

7.5CVSS7.8AI score0.11617EPSS
Exploits5
Exploit DB
Exploit DB
added 2019/12/16 12:0 a.m.230 views

OpenBSD 6.x - Dynamic Loader Privilege Escalation

Qualys Security Advisory Local Privilege Escalation in OpenBSD's dynamic loader CVE-2019-19726 ============================================================================== Contents ============================================================================== Summary Analysis Demonstration...

7.8CVSS7.8AI score0.03522EPSS
Exploits12
Exploit DB
Exploit DB
added 2019/12/13 12:0 a.m.403 views

NVMS 1000 - Directory Traversal

Title: NVMS-1000 - Directory Traversal Date: 2019-12-12 Author: Numan Türle Vendor Homepage: http://en.tvt.net.cn/ Version : N/A Software Link : http://en.tvt.net.cn/products/188.html POC --------- GET /../../../../../../../../../../../../windows/win.ini HTTP/1.1 Host: 12.0.0.1 Accept:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/12/13 12:0 a.m.212 views

FTP Commander Pro 8.03 - Local Stack Overflow

Exploit Title: FTP Commander Pro 8.03 - Local Stack Overflow Date: 2019-12-12 Exploit Author: boku Discovered by: UNNON Original DoS: FTP Commander 8.02 - Overwrite SEH Original DoS Link: https://www.exploit-db.com/exploits/37810 Software Vendor: http://www.internet-soft.com/ Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/12/12 12:0 a.m.70 views

ManageEngine Desktop Central - 'FileStorage getChartImage' Deserialization / Unauthenticated Remote Code Execution

!/usr/bin/python3 """ ManageEngine Desktop Central FileStorage getChartImage Deserialization of Untrusted Data Remote Code Execution Vulnerability Download: https://www.manageengine.com/products/desktop-central/download-free.html File ...: ManageEngineDesktopCentral64bit.exe SHA1 ...:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/12/12 12:0 a.m.245 views

Bullwark Momentum Series JAWS 1.0 - Directory Traversal

Title: Bullwark Momentum Series JAWS 1.0 - Directory Traversal Date: 2019-12-11 Author: Numan Türle Vendor Homepage: http://www.bullwark.net/ Version : Bullwark Momentum Series Web Server JAWS/1.0 Software Link : http://www.bullwark.net/Kategoriler.aspx?KategoriID=24 POC --------- GET...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/12/12 12:0 a.m.832 views

OpenNetAdmin 18.1.1 - Command Injection Exploit (Metasploit)

class MetasploitModule 'OpenNetAdmin Ping Command Injection', 'Description' = %q This module exploits a command injection in OpenNetAdmin between 8.5.14 and 18.1.1. , 'Author' = 'mattpascoe', Vulnerability discovery 'Onur ER ' Metasploit module , 'References' = 'EDB', '47691' , 'DisclosureDate' =...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/12/12 12:0 a.m.291 views

Lenovo Power Management Driver 1.67.17.48 - 'pmdrvs.sys' Denial of Service (PoC)

Exploit Title: Lenovo Power Management Driver 1.67.17.48 - 'pmdrvs.sys' Denial of Service PoC Date: 2019-12-11 Exploit Author: Nassim Asrir CVE: CVE-2019-6192 Tested On: Windows 1064bit | ThinkPad T470p Vendor : https://www.lenovo.com/us/en/ Ref :...

4.4CVSS5.1AI score0.01742EPSS
Exploits5
Exploit DB
Exploit DB
added 2019/12/11 12:0 a.m.383 views

Product Key Explorer 4.2.0.0 - 'Name' Denial of Service (POC)

Exploit Title: Product Key Explorer 4.2.0.0 - 'Name' Denial of Service POC Discovery by: SajjadBnd Date: 2019-12-10 Vendor Homepage: http://www.nsauditor.com Software Link: http://www.nsauditor.com/downloads/productkeyexplorersetup.exe Tested Version: 4.2.0.0 Vulnerability Type: Denial of Service...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/12/11 12:0 a.m.383 views

AppXSvc 17763 - Arbitrary File Overwrite (DoS)

Exploit Title: AppXSvc 17763 - Arbitrary File Overwrite DoS Date: 2019-10-28 Exploit Author: Gabor Seljan Vendor Homepage: https://www.microsoft.com/ Version: 17763.1.amd64fre.rs5release.180914-1434 Tested on: Windows 10 Version 1809 for x64-based Systems CVE: CVE-2019-1476 Summary: AppXSvc...

7.8CVSS7AI score0.414EPSS
Exploits20
Exploit DB
Exploit DB
added 2019/12/11 12:0 a.m.233 views

Product Key Explorer 4.2.0.0 - 'Key' Denial of Service (PoC)

Exploit Title: Product Key Explorer 4.2.0.0 - 'Key' Denial of Service POC Discovery by: SajjadBnd Date: 2019-12-10 Vendor Homepage: http://www.nsauditor.com Software Link: http://www.nsauditor.com/downloads/productkeyexplorersetup.exe Tested Version: 4.2.0.0 Vulnerability Type: Denial of Service...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/12/11 12:0 a.m.428 views

Apache Olingo OData 4.0 - XML External Entity Injection

COMPASS SECURITY ADVISORY https://www.compass-security.com/research/advisories/ Product: Apache Olingo OData 4.0 Vendor: Apache Foundation CSNC ID: CSNC-2009-025 CVE ID: CVE-2019-17554 Subject: XML External Entity Resolution XXE Risk: High Effect: Remotely exploitable Author: Archibald Haddock...

5.5CVSS5.8AI score0.12245EPSS
Exploits5
Exploit DB
Exploit DB
added 2019/12/11 12:0 a.m.296 views

Adobe Acrobat Reader DC - Heap-Based Memory Corruption due to Malformed TTF Font

We have observed the following access violation exception in the latest version of Adobe Acrobat Reader DC for Windows, when opening a malformed PDF file: --- cut --- First chance exceptions are reported before any exception handling. This exception may be expected and handled. eax=707779e0...

9.8CVSS9.8AI score0.16837EPSS
Exploits3
Exploit DB
Exploit DB
added 2019/12/10 12:0 a.m.212 views

Inim Electronics Smartliving SmartLAN 6.x - Unauthenticated Server-Side Request Forgery

Exploit Title: Inim Electronics Smartliving SmartLAN 6.x - Unauthenticated Server-Side Request Forgery Author: LiquidWorm Date: 2019-12-09 Product web page: https://www.inim.biz Link: https://www.inim.biz/en/antintrusion-control-panels/home-automation/control-panel-smartliving? Version: 6.x...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/12/10 12:0 a.m.173 views

Inim Electronics Smartliving SmartLAN 6.x - Hard-coded Credentials

Exploit Title: Inim Electronics Smartliving SmartLAN 6.x - Hard-coded Credentials Exploit Author: LiquidWorm Date: 2019-12-09 Product web page: https://www.inim.biz Link: https://www.inim.biz/en/antintrusion-control-panels/home-automation/control-panel-smartliving? Advisory ID: ZSL-2019-5546...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/12/10 12:0 a.m.224 views

Inim Electronics Smartliving SmartLAN 6.x - Remote Command Execution

Exploit Title: Inim Electronics Smartliving SmartLAN 6.x - Remote Command Execution Author: LiquidWorm Date: 2019-12-09 Product web page: https://www.inim.biz Link: https://www.inim.biz/en/antintrusion-control-panels/home-automation/control-panel-smartliving? Version: 6.x Advisory ID: ZSL-2019-55...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2019/12/09 12:0 a.m.203 views

PRO-7070 Hazır Profesyonel Web Sitesi 1.0 - Authentication Bypass

Exploit Title: PRO-7070 Hazır Profesyonel Web Sitesi 1.0 - Authentication Bypass Date: 2019-12-08 Exploit Author: Ahmet Ümit BAYRAM Vendor Homepage: https://www.websitem.biz/hazir-site/pro-7070-hazir-mobil-tablet-uyumlu-web-sitesi Tested on: Kali Linux Version: 1.0 CVE: N/A ----- PoC:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/12/09 12:0 a.m.265 views

Yachtcontrol Webapplication 1.0 - Unauthenticated Remote Code Execution

Exploit Title: Yachtcontrol Webapplication 1.0 - Unauthenticated Remote Code Execution Google Dork: N/A Date: 2019-12-06 Exploit Author: Hodorsec Vendor Homepage: http://www.yachtcontrol.nl/en/ Version: 1.0 Software Link: http://download.yachtcontrol.nl/klant/Software/ &...

7.4AI score
Exploits0
Total number of security vulnerabilities47904