Lucene search
K
ExploitdbRecent

47904 matches found

Exploit DB
Exploit DB
added 2019/12/09 12:0 a.m.437 views

Omron PLC 1.0.0 - Denial of Service (PoC)

Exploit Title: Omron PLC 1.0.0 - Denial of Service PoC Google Dork: n/a Date: 2019-12-06 Exploit Author: n0b0dy Vendor Homepage: https://automation.omron.com, ia.omron.com Software Link: n/a Version: 1.0.0 Tested on: PLC f/w rev.: CJ2M v2.01 CWE-412 : Unrestricted Externally Accessible Lock CVE :...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/12/09 12:0 a.m.428 views

Snipe-IT Open Source Asset Management 4.7.5 - Persistent Cross-Site Scripting

Exploit Title: Snipe-IT Open Source Asset Management 4.7.5 - Persistent Cross-Site Scripting Exploit Author: Metin Yunus Kandemir kandemir Vendor Homepage: https://snipeitapp.com/ Software Link: https://github.com/snipe/snipe-it/releases/tag/v4.7.5 Version: 4.7.5 Category: Webapps Tested on: Xamp...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/12/09 12:0 a.m.360 views

SpotAuditor 5.3.2 - 'Base64' Local Buffer Overflow (SEH)

Exploit Title: SpotAuditor 5.3.2 - 'Base64' Local Buffer Overflow SEH Exploit Author: Kirill Nikolaev Date: 2019-12-06 Vulnerable Software: SpotAuditor Vendor Homepage: http://www.nsauditor.com/ Version: 5.3.2 Software Link: http://spotauditor.nsauditor.com/downloads/spotauditorsetup.exe Tested...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/12/09 12:0 a.m.293 views

Oracle Siebel Sales 8.1 - Persistent Cross-Site Scripting

Exploit Title : Oracle Siebel Sales 8.1 - Persistent Cross-Site Scripting Exploit Author : omurugur Software link: https://www.oracle.com/tr/applications/siebel/ Effective version : Oracle Siebel Sales 8.1 CVE: N/A Examples Request; POST /salesADMINtrk/start.swe HTTP/1.1 Content-Type:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/12/09 12:0 a.m.270 views

Alcatel-Lucent Omnivista 8770 - Remote Code Execution

Exploit Title: Alcatel-Lucent Omnivista 8770 - Remote Code Execution Google Dork: inurl:php-bin/webclient.php Date: 2019-12-01 Author: 0x1911 Vendor Homepage: https://www.al-enterprise.com/ Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/12/08 12:0 a.m.201 views

Microsoft Windows - Multiple UAC Protection Bypasses

Windows 10 UAC bypass for all executable files which are autoelevate true. https://heynowyouseeme.blogspot.com/2019/08/windows-10-lpe-uac-bypass-in-windows.html Download https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/47753.zip...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/12/07 12:0 a.m.460 views

Mozilla FireFox (Windows 10 x64) - Full Chain Client Side Attack

// Axel '0vercl0k' Souchet - November 19 2019 // EDB Note: Download https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/47752.zip // 0:000 ? xul!sAutomationPrefIsSet - xul // Evaluate expression: 85724947 = 00000000051c0f13 const XulsAutomationPrefIsSet = 0x051c0f13n;...

9.8AI score
Exploits0
Exploit DB
Exploit DB
added 2019/12/06 12:0 a.m.602 views

Integard Pro NoJs 2.2.0.9026 - Remote Buffer Overflow

Exploit Title: Integard Pro NoJs 2.2.0.9026 - Remote Buffer Overflow Date: 2019-09-22 Exploit Author: purpl3f0xsecur1ty Vendor Homepage: https://www.tucows.com/ Software Link: http://www.tucows.com/preview/519612/Integard-Home Version: Pro 2.2.0.9026 / Home 2.0.0.9021 Tested on: Windows XP / Win7...

9.8CVSS9.8AI score0.10746EPSS
Exploits5
Exploit DB
Exploit DB
added 2019/12/06 12:0 a.m.239 views

Trend Micro Deep Security Agent 11 - Arbitrary File Overwrite

Exploit Title: Trend Micro Deep Security Agent 11 - Arbitrary File Overwrite Exploit Author : Peter Lapp Exploit Date: 2019-12-05 Vendor Homepage : https://www.trendmicro.com/enus/business.html Link Software : https://help.deepsecurity.trendmicro.com/software.html?regs=NABU&prodid=1716 Tested on...

7.1CVSS7.2AI score0.01311EPSS
Exploits4
Exploit DB
Exploit DB
added 2019/12/06 12:0 a.m.334 views

Verot 2.0.3 - Remote Code Execution

Exploit Title: Verot 2.0.3 - Remote Code Execution Date: 2019-12-05 Exploit Author: Jinny Ramsmark Vendor Homepage: https://www.verot.net/phpclassupload.htm Software Link: https://github.com/verot/class.upload.php Version: '; $quality = "85"; $baseurl = "http://lorempixel.com"; echo "-=Imagejpeg...

9.8CVSS9.8AI score0.26184EPSS
Exploits7
Exploit DB
Exploit DB
added 2019/12/05 12:0 a.m.444 views

Broadcom CA Privilged Access Manager 2.8.2 - Remote Command Execution

Title: Broadcom CA Privilged Access Manager 2.8.2 - Remote Command Execution Author: Peter Lapp Date: 2019-12-05 Vendor: https://techdocs.broadcom.com/us/product-content/recommended-reading/security-notices/ca20180614-01--security-notice-for-ca-privileged-access-manager.html CVE: CVE-2018-9021 an...

9.8CVSS9.8AI score0.20391EPSS
Exploits6
Exploit DB
Exploit DB
added 2019/12/05 12:0 a.m.364 views

Amiti Antivirus 25.0.640 - Unquoted Service Path

Exploit Title: Amiti Antivirus 25.0.640 - Unquoted Service Path Exploit Author : ZwX Exploit Date: 2019-12-04 Vendor Homepage : http://www.netgate.sk/ Link Software : https://www.netgate.sk/download/download.php?id=11 Tested on OS: Windows 7 Analyze PoC : ============== C:\Users\ZwXsc qc...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2019/12/05 12:0 a.m.322 views

NETGATE Data Backup 3.0.620 - 'NGDatBckpSrv' Unquoted Service Path

Exploit Title: NETGATE Data Backup 3.0.620 - 'NGDatBckpSrv' Unquoted Service Path Exploit Author : ZwX Exploit Date: 2019-12-04 Vendor Homepage : http://www.netgate.sk/ Link Software : http://www.netgate.sk/download/download.php?id=5 Tested on OS: Windows 7 Analyze PoC : ==============...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/12/04 12:0 a.m.428 views

SSDWLAB 6.1 - Authentication Bypass

Exploit Title: SSDWLAB 6.1 - Authentication Bypass Date: 2019-10-01 Exploit Author: Luis Buendía exoticpayloads Vendor Homepage: http://www.sbpsoftware.com/ Version: 6.1 Tested on: IIS 7.5 CVE : Pending Description: By injection on the SOAP function in the EditUserPassword function, it is possibl...

0.7AI score
Exploits0
Exploit DB
Exploit DB
added 2019/12/04 12:0 a.m.190 views

Microsoft Visual Basic 2010 Express - XML External Entity Injection

Exploit Title: Microsoft Visual Basic 2010 Express - XML External Entity Injection Exploit Author: ZwX Exploit Date: 2019-12-03 Version Software : 10.0.30319.1 RTMRel Vendor Homepage : https://www.microsoft.com/ Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/12/04 12:0 a.m.230 views

OwnCloud 8.1.8 - Username Disclosure

Exploit Title: OwnCloud 8.1.8 - Username Disclosure Exploit Author : Daniel Moreno Exploit Date: 2019-11-29 Vendor Homepage : https://owncloud.org/ Link Software : https://ftp.icm.edu.pl/packages/owncloud/ old version. Download at your own risk Tested on OS: CentOS PoC: 1. Create an account in...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/12/04 12:0 a.m.242 views

Cisco WLC 2504 8.9 - Denial of Service (PoC)

Exploit Title: Cisco WLC 2504 8.9 - Denial of Service PoC Google Dork: N/A Date: 2019-11-25 Exploit Author: SecuNinja Vendor Homepage: cisco.com Software Link: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191106-wlc-dos Version: 8.4 to 8.9 Tested on: not...

7.7CVSS6.9AI score0.46305EPSS
Exploits5
Exploit DB
Exploit DB
added 2019/12/04 12:0 a.m.197 views

Online Clinic Management System 2.2 - HTML Injection

Exploit Title: Online Clinic Management System 2.2 - HTML Injection Date: 2019-11-29 Exploit Author: Cemal Cihad ÇİFTÇİ Vendor Homepage: https://bigprof.com Software Download Link : https://bigprof.com/appgini/applications/online-clinic-management-system Software : Online Clinic Management System...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/12/03 12:0 a.m.225 views

Microsoft Windows Media Center 2002 - XML External Entity MotW Bypass

Exploit Title: Microsoft Windows Media Center 2002 - XML External Entity MotW Bypass Discovery by: hyp3rlinx Date: 2019-12-03 Vendor Homepage: www.microsoft.com CVE: N/A + Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/12/03 12:0 a.m.341 views

Intelbras Router RF1200 1.1.3 - Cross-Site Request Forgery

Exploit Title: Intelbras Router RF1200 1.1.3 - Cross-Site Request Forgery Date: 2019-11-06 Exploit Author: Joas Antonio Vendor Homepage: intelbras.com.br Software Link: https://www.intelbras.com/pt-br/roteador-wireless-smart-dual-band-action-rf-1200 Version: 1.1.3 REQUIRED Tested on: Windows CVE ...

6.5CVSS6.7AI score0.09632EPSS
Exploits5
Exploit DB
Exploit DB
added 2019/12/03 12:0 a.m.321 views

Online Invoicing System 2.6 - 'description' Persistent Cross-Site Scripting

Exploit Title: Online Invoicing System 2.6 - 'description' Persistent Cross-Site Scripting Date: 2019-11-29 Exploit Author: Cemal Cihad ÇİFTÇİ Vendor Homepage: https://bigprof.com Software Download Link : https://github.com/bigprof-software/online-invoicing-system Software : Online Invoicing Syst...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/12/03 12:0 a.m.295 views

Revive Adserver 4.2 - Remote Code Execution

Exploit Title: Revive Adserver 4.2 - Remote Code Execution Google Dork: "inurl:www/delivery filetype:php" Exploit Author: crlf Vendor Homepage: https://www.revive-adserver.com/ Software Link: https://www.revive-adserver.com/download/archive/ Version: 4.1.x '' : @list$x, $url, $code = $argv;...

9.8CVSS9.4AI score0.57022EPSS
Exploits7
Exploit DB
Exploit DB
added 2019/12/02 12:0 a.m.204 views

Visual Studio 2008 - XML External Entity Injection

Exploit Title: Visual Studio 2008 - XML External Entity Injection Discovery by: hyp3rlinx Date: 2019-12-02 Vendor Homepage: www.microsoft.com Software Link: Visual Studio 2008 Express IDE Tested Version: 2008 CVE: N/A + Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/12/02 12:0 a.m.292 views

Nsauditor 3.1.8.0 - 'Name' Denial of Service (PoC)

Exploit Title: Nsauditor 3.1.8.0 - 'Name' Denial of Service PoC Discovery by: SajjadBnd Date: 2019-11-30 Vendor Homepage: http://www.nsauditor.com Software Link: http://www.nsauditor.com/downloads/nsauditorsetup.exe Tested Version: 3.1.8.0 Vulnerability Type: Denial of Service DoS Local Tested on...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/12/02 12:0 a.m.340 views

SmartHouse Webapp 6.5.33 - Cross-Site Request Forgery

Exploit Title: SmartHouse Webapp 6.5.33 - Cross-Site Request Forgery Discovery by: LiquidWorm Date: 2019-12-02 Vendor Homepage: Tested Version: 6.5.33.17072501 CVE: N/A Advisory ID: ZSL-2019-5543 Advisory URL: https://www.zeroscience.mk/en/vulnerabilities/ZSL-2019-5543.php Carlo Gavazzi SmartHous...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/12/02 12:0 a.m.464 views

Microsoft Excel 2016 1901 - XML External Entity Injection

Exploit Title: Microsoft Excel 2016 1901 - XML External Entity Injection Discovery by: hyp3rlinx Date: 2019-12-02 Vendor Homepage: www.microsoft.com Tested Version: 2016 v1901 CVE: N/A + Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source:...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2019/12/02 12:0 a.m.184 views

Max Secure Anti Virus Plus 19.0.4.020 - Insecure File Permissions

Exploit Title: Max Secure Anti Virus Plus 19.0.4.020 - Insecure File Permissions Discovery by: hyp3rlinx Date: 2019-12-02 Vendor Homepage: www.maxpcsecure.com Tested Version: 19.0.4.020 CVE: N/A + Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/12/02 12:0 a.m.242 views

Dokuwiki 2018-04-22b - Username Enumeration

Exploit Title: Dokuwiki 2018-04-22b - Username Enumeration Date: 2019-12-01 Exploit Author: Talha ŞEN Vendor Homepage: https://www.dokuwiki.org/dokuwiki Software Link: https://download.dokuwiki.org/ Version: 2018-04-22b "Greebo" Tested on: Alpine Linux 3.5 docker image PHP 5.6.30 Apache/2.4.25 Un...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/12/02 12:0 a.m.207 views

Nsauditor 3.1.8.0 - 'Key' Denial of Service (PoC)

Exploit Title: Nsauditor 3.1.8.0 - 'Key' Denial of Service PoC Discovery by: SajjadBnd Date: 2019-11-30 Vendor Homepage: http://www.nsauditor.com Software Link: http://www.nsauditor.com/downloads/nsauditorsetup.exe Tested Version: 3.1.8.0 Vulnerability Type: Denial of Service DoS Local Tested on...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/12/02 12:0 a.m.212 views

Anviz CrossChex 4.3.12 - Local Buffer Overflow

Exploit Title: Anviz CrossChex 4.3.12 - Local Buffer Overflow Date: 2019-11-30 Exploit Author: Luis Catarino & Pedro Rodrigues Vendor Homepage: https://www.anviz.com/ Software Link: https://www.anviz.com/download.html Version: Crosschex Standard x86 = V4.3.12 Tested on: 4.3.8.0, 4.3.12 CVE : N/A...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/11/29 12:0 a.m.279 views

SpotAuditor 5.3.2 - 'Name' Denial of Service

Exploit Title: SpotAuditor 5.3.2 - 'Name' Denial Of Service Exploit Author : ZwX Exploit Date: 2019-11-28 Vendor Homepage : http://www.nsauditor.com/ Link Software : http://spotauditor.nsauditor.com/downloads/spotauditorsetup.exe Tested on OS: Windows 7 Social: twitter.com/ZwX2a contact:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/11/29 12:0 a.m.506 views

Bash 5.0 Patch 11 - SUID Priv Drop Exploit

Exploit Title : Bash 5.0 Patch 11 - SUID Priv Drop Exploit Date : 2019-11-29 Original Author: Ian Pudney , Chet Ramey Exploit Author : Mohin Paramasivam Shad0wQu35t Version : pwn.c cat pwn.c include include...

7.8CVSS8.1AI score0.02608EPSS
Exploits5
Exploit DB
Exploit DB
added 2019/11/29 12:0 a.m.917 views

Online Inventory Manager 3.2 - Persistent Cross-Site Scripting

Exploit Title: Online Inventory Manager 3.2 - Persistent Cross-Site Scripting Date: 2019-11-29 Exploit Author: Cemal Cihad ÇİFTÇİ Vendor Homepage: https://bigprof.com Software Link : https://bigprof.com/appgini/applications/online-inventory-manager Software : Online Inventory Manager Version : 3....

7AI score
Exploits0
Exploit DB
Exploit DB
added 2019/11/29 12:0 a.m.288 views

SpotAuditor 5.3.2 - 'Key' Denial of Service

Exploit Title: SpotAuditor 5.3.2 - 'Key' Denial of Service Exploit Author : ZwX Exploit Date: 2019-11-28 Vendor Homepage : http://www.nsauditor.com/ Link Software : http://spotauditor.nsauditor.com/downloads/spotauditorsetup.exe Tested on OS: Windows 7 Social: twitter.com/ZwX2a ''' Proof of Conce...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/11/29 12:0 a.m.351 views

TexasSoft CyberPlanet 6.4.131 - 'CCSrvProxy' Unquoted Service Path

Exploit Title: TexasSoft CyberPlanet 6.4.131 - 'CCSrvProxy' Unquoted Service Path Date: 2019-11-28 Exploit Author: Cristian Ayala G Vendor Homepage: https://tenaxsoft.com/index.html Software Link: https://tenaxsoft.com/descargas.html Version: 6.4.131 Tested on: Windows 10 Pro x64 Step to discover...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/11/28 12:0 a.m.438 views

GHIA CamIP 1.2 for iOS - 'Password' Denial of Service (PoC)

Exploit Title: GHIA CamIP 1.2 for iOS - 'Password' Denial of Service PoC Discovery by: Ivan Marmolejo Discovery Date: 2019-11-27 Vendor Homepage: https://apps.apple.com/mx/app/ghia-camip/id1342090963 Software Link: App Store for iOS devices Tested Version: 1.2 Vulnerability Type: Denial of Servic...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/11/28 12:0 a.m.658 views

WordPress Core 5.3 - User Disclosure

Exploit Title : Wordpress 5.3 - User Disclosure Author: SajjadBnd Date: 2019-11-17 Software Link: https://wordpress.org/download/ version : wp ' vuln = url + "/wp-json/wp/v2/users/" while True: try: r = requests.getvuln,verify=False content = json.loadsr.text datacontent except...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/11/28 12:0 a.m.486 views

Mersive Solstice 2.8.0 - Remote Code Execution

Exploit Title: Mersive Solstice 2.8.0 - Remote Code Execution Google Dork: N/A Date: 2016-12-23 Exploit Author: Alexandre Teyar Vendor Homepage: https://www2.mersive.com/ Firmware Link: http://www.mersive.com/Support/Releases/SolsticeServer/SGE/Android/2.8.0/Solstice.apk Versions: 2.8.0 Tested On...

9CVSS9AI score0.1745EPSS
Exploits5
Exploit DB
Exploit DB
added 2019/11/27 12:0 a.m.267 views

Microsoft DirectX SDK 2010 - '.PIXrun' Denial Of Service (PoC)

Exploit Title: Microsoft DirectX SDK 2010 - '.PIXrun' Denial Of Service PoC Exploit Author : ZwX Exploit Date: 2019-11-26 Vendor Homepage : https://www.microsoft.com/ Link Software : https://www.microsoft.com/en-us/download/details.aspx?id=681 Tested on OS: Windows 7 Proof of Concept PoC:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/11/27 12:0 a.m.468 views

SpotAuditor 5.3.2 - 'Base64' Denial Of Service (PoC)

Exploit Title: SpotAuditor 5.3.2 - 'Base64' Denial Of Service PoC Exploit Author : ZwX Exploit Date: 2019-11-26 Vendor Homepage : http://www.nsauditor.com/ Link Software : http://spotauditor.nsauditor.com/downloads/spotauditorsetup.exe Tested on OS: Windows 7 ''' Proof of Concept PoC:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/11/26 12:0 a.m.273 views

InduSoft Web Studio 8.1 SP1 - "Atributos" Denial of Service (PoC)

Exploit Title: InduSoft Web Studio 8.1 SP1 - "Atributos" Denial of Service PoC Discovery by: chuyreds Discovery Date: 2019-11-23 Vendor Homepage: http://www.indusoft.com/ Software Link : http://www.indusoft.com/Products-Downloads Tested Version: 8.1 SP1 Vulnerability Type: Denial of Service DoS...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/11/26 12:0 a.m.377 views

iNetTools for iOS 8.20 - 'Whois' Denial of Service (PoC)

Exploit Title: iNetTools for iOS 8.20 - 'Whois' Denial of Service PoC Discovery by: Ivan Marmolejo Discovery Date: 2019-11-25 Vendor Homepage: https://apps.apple.com/mx/app/inettools-ping-dns-port-scan/id561659975 Software Link: App Store for iOS devices Tested Version: 8.20 Vulnerability Type:...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2019/11/25 12:0 a.m.315 views

SMPlayer 19.5.0 - Denial of Service (PoC)

Title : SMPlayer 19.5.0 - Denial of Service PoC Tested on : Windows 7 64 bit Vulnerable Software: SMPlayer v 19.5.0 Exploit Author: Malav Vyas Vendor Homepage: https://smplayer.info Version : 19.5.0 Software Link : https://smplayer.info/en/downloads POC run this python file, which will generate...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/11/25 12:0 a.m.345 views

InTouch Machine Edition 8.1 SP1 - 'Atributos' Denial of Service (PoC)

Exploit Title: InTouch Machine Edition 8.1 SP1 - 'Atributos' Denial of Service PoC Discovery by: chuyreds Discovery Date: 12019-11-16 Vendor Homepage: https://on.wonderware.com/ Software Link : https://on.wonderware.com/intouch-machine-edition Tested Version: 8.1 SP1 Vulnerability Type: Denial of...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2019/11/25 12:0 a.m.930 views

Waves MaxxAudio Drivers 1.1.6.0 - 'WavesSysSvc64' Unquoted Service Path

Exploit Title: Waves MaxxAudio Drivers 1.1.6.0 - 'WavesSysSvc64' Unquoted Service Path Discovery by: Luis Martinez Discovery Date: 2019-11-24 Vendor Homepage: https://www.dell.com/ Software Link : https://www.dell.com/support/home/mx/es/mxbsdt1/drivers/driversdetails?driverid=vwpkk Tested Version...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2019/11/25 12:0 a.m.408 views

Easy-Hide-IP 5.0.0.3 - 'EasyRedirect' Unquoted Service Path

Exploit Title: Easy-Hide-IP 5.0.0.3 - 'EasyRedirect' Unquoted Service Path Date: 2019-11-22 Exploit Author: Rene Cortes S Vendor Homepage: https://easy-hide-ip.com Software Link: https://easy-hide-ip.com Version: 5.0.0.3 Tested on: Windows 7 Professional Service Pack 1 Step to discover the unquot...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/11/25 12:0 a.m.474 views

Microsoft Windows AppXsvc Deployment Extension - Privilege Escalation

Exploit Title: Microsoft Windows AppXsvc Deployment Extension - Privilege Escalation Date: 2019-11-22 Exploit Author: Abdelhamid Naceri Vendor Homepage: www.microsoft.com Tested on: Windows 10 1903 CVE : CVE-2019-1385 Windows: "AppX Deployment Service" AppXSVC elevation of privilege vulnerability...

7.8CVSS9AI score0.03595EPSS
Exploits4
Exploit DB
Exploit DB
added 2019/11/22 12:0 a.m.362 views

macOS 10.14.6 - root->kernel Privilege Escalation via update_dyld_shared_cache

Tested on macOS Mojave 10.14.6, 18G87 and Catalina Beta 10.15 Beta 19A536g. On macOS, the dyld shared cache in /private/var/db/dyld/ is generated locally on the system and therefore doesn't have a real code signature; instead, SIP seems to be the only mechanism that prevents modifications of the...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/11/22 12:0 a.m.465 views

Internet Explorer - Use-After-Free in JScript Arguments During toJSON Callback

There is a use-after-free issue in JSCript triggerable via Internet Explorer where the members of the 'arguments' object aren't tracked by the garbage collector during the 'toJSON' callback. Thus, during the 'toJSON' callback, it is possible to assign a variable to the 'arguments' object, have it...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/11/22 12:0 a.m.330 views

ProShow Producer 9.0.3797 - ('ScsiAccess') Unquoted Service Path

Exploit Title: ProShow Producer 9.0.3797 - 'ScsiAccess' Unquoted Service Path Exploit Author : ZwX Exploit Date: 2019-11-21 Vendor Homepage : http://www.photodex.com/ Link Software : http://files.photodex.com/release/pspro903797.exe Tested on OS: Windows 7 Analyze PoC : ==============...

7.4AI score
Exploits0
Total number of security vulnerabilities47904