Lucene search
K
ExploitdbRecent

47904 matches found

Exploit DB
Exploit DB
added 2019/11/22 12:0 a.m.362 views

macOS 10.14.6 - root->kernel Privilege Escalation via update_dyld_shared_cache

Tested on macOS Mojave 10.14.6, 18G87 and Catalina Beta 10.15 Beta 19A536g. On macOS, the dyld shared cache in /private/var/db/dyld/ is generated locally on the system and therefore doesn't have a real code signature; instead, SIP seems to be the only mechanism that prevents modifications of the...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/11/21 12:0 a.m.395 views

GNU Mailutils 3.7 - Privilege Escalation

Exploit Title: GNU Mailutils 3.7 - Local Privilege Escalation Date: 2019-11-06 Exploit Author: Mike Gualtieri Vendor Homepage: https://mailutils.org/ Software Link: https://ftp.gnu.org/gnu/mailutils/mailutils-3.7.tar.gz Version: 2.0 = 3.7 Tested on: Gentoo CVE : CVE-2019-18862 Title : GNU Mailuti...

7.8CVSS7.8AI score0.01135EPSS
Exploits5
Exploit DB
Exploit DB
added 2019/11/21 12:0 a.m.498 views

TestLink 1.9.19 - Persistent Cross-Site Scripting

Exploit Title: TestLink 1.9.19 - Persistent Cross-Site Scripting Date: 2019-11-20 Exploit Author: Milad Khoshdel Software Link: http://testlink.org/ Version: TestLink 1.9.19 Tested on: Linux Apache/2 PHP/7.3.11 ========= Vulnerable Pages: ========= Persistent --...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2019/11/21 12:0 a.m.382 views

Network Management Card 6.2.0 - Host Header Injection

Exploit Title: Network Management Card 6.2.0 - Host Header Injection Google Dork: Date: 2019-11-21 Exploit Author: Amal E Thamban,Kamal Paul Vendor Homepage: https://www.apc.com/in/en/ Software Link: https://www.apc.com/shop/in/en/products/Network-Management-Card Version: v6.2.0 Tested on: Kali...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/11/20 12:0 a.m.360 views

Ubuntu 19.10 - ubuntu-aufs-modified mmap_region() Breaks Refcounting in overlayfs/shiftfs Error Path

Tested on 19.10. Ubuntu's aufs kernel patch includes the following change which I interestingly can't see in the AUFS code at https://github.com/sfjro/aufs5-linux/blob/master/mm/mmap.c: ================================================================== +define vmafputvma vmadofputvma, func, LINE...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2019/11/20 12:0 a.m.358 views

Microsoft Windows - Escalate UAC Protection Bypass (Via dot net profiler) (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Windows Escalate UAC Protection Bypass Via dot net profiler', 'Description' = %q Microsoft Windows allows for the automatic loading of a profilin...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/11/20 12:0 a.m.328 views

iOS 12.4 - Sandbox Escape due to Integer Overflow in mediaserverd

mediaserverd has various media parsing responsibilities; its reachable from various sandboxes and is able to talk to interesting kernel drivers so is a valid target in an exploit chain. One of the services it vends is com.apple.audio.AudioFileServer, a fairly simple XPC service which will parse...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2019/11/20 12:0 a.m.385 views

OpenNetAdmin 18.1.1 - Remote Code Execution

Exploit Title: OpenNetAdmin 18.1.1 - Remote Code Execution Date: 2019-11-19 Exploit Author: mattpascoe Vendor Homepage: http://opennetadmin.com/ Software Link: https://github.com/opennetadmin/ona Version: v18.1.1 Tested on: Linux Exploit Title: OpenNetAdmin v18.1.1 RCE Date: 2019-11-19 Exploit...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/11/20 12:0 a.m.301 views

Ubuntu 19.10 - Refcount Underflow and Type Confusion in shiftfs

Tested on Ubuntu 19.10, kernel "5.3.0-19-generic 20-Ubuntu". Ubuntu ships a filesystem "shiftfs" in fs/shiftfs.c in the kernel tree that doesn't exist upstream. This filesystem can be mounted from user namespaces, meaning that this is attack surface from unprivileged userspace in the default...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/11/20 12:0 a.m.384 views

Bludit - Directory Traversal Image File Upload (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "Bludit Directory Traversal Image File Upload Vulnerability", 'Description' = %q This module exploits a vulnerability in Bludit. A remote user cou...

8.8CVSS7.4AI score0.77962EPSS
Exploits16
Exploit DB
Exploit DB
added 2019/11/20 12:0 a.m.616 views

Pulse Secure VPN - Arbitrary Command Execution (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Pulse Secure VPN Arbitrary Command Execution', 'Description' = %q This module exploits a post-auth command injection in the Pulse Secure VPN serv...

8CVSS7.4AI score0.98617EPSS
Exploits12
Exploit DB
Exploit DB
added 2019/11/20 12:0 a.m.448 views

Xorg X11 Server - Local Privilege Escalation (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Xorg X11 Server Local Privilege Escalation', 'Description' = %q WARNING: Successful execution of this module results in /etc/passwd being...

7.2CVSS7.2AI score0.2704EPSS
Exploits39
Exploit DB
Exploit DB
added 2019/11/20 12:0 a.m.501 views

FreeSWITCH - Event Socket Command Execution (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'FreeSWITCH Event Socket Command Execution', 'Description' = %q This module uses the FreeSWITCH event socket interface to execute system commands...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/11/20 12:0 a.m.346 views

FusionPBX - Operator Panel exec.php Command Execution (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'FusionPBX Operator Panel exec.php Command Execution', 'Description' = %q This module exploits an authenticated command injection vulnerability in...

8.8CVSS7.4AI score0.8748EPSS
Exploits9
Exploit DB
Exploit DB
added 2019/11/20 12:0 a.m.432 views

Microsoft Windows - Escalate UAC Protection Bypass (Via Shell Open Registry Key) (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core/exploit/exe' require 'msf/core/exploit/powershell' class MetasploitModule 'Windows Escalate UAC Protection Bypass Via Shell Open Registry Key',...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/11/19 12:0 a.m.313 views

Studio 5000 Logix Designer 30.01.00 - 'FactoryTalk Activation Service' Unquoted Service Path

Exploit Title: Studio 5000 Logix Designer 30.01.00 - 'FactoryTalk Activation Service' Unquoted Service Path Discovery by: Luis Martinez Discovery Date: 2019-11-18 Vendor Homepage: https://www.rockwellautomation.com/enNA/overview.page Software Link :...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/11/19 12:0 a.m.257 views

ipPulse 1.92 - 'Enter Key' Denial of Service (PoC)

Exploit Title: ipPulse 1.92 - 'Enter Key' Denial of Service PoC Discovery by: Diego Buztamante Discovery Date: 2019-11-18 Vendor Homepage: https://www.netscantools.com/ippulseinfo.html Software Link : http://download.netscantools.com/ipls192.zip Tested Version: 1.92 Vulnerability Type: Denial of...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/11/19 12:0 a.m.967 views

Microsoft Windows 7 (x86) - 'BlueKeep' Remote Desktop Protocol (RDP) Remote Windows Kernel Use After Free

EDB Note: Download https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/47683.zip import rdp import socket import binascii import time def poolsprays, crypter, payload: times = 10000 count = 0 while count times: count += 1 print'time through %d' % count try:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/11/19 12:0 a.m.281 views

scadaApp for iOS 1.1.4.0 - 'Servername' Denial of Service (PoC)

Exploit Title: scadaApp for iOS 1.1.4.0 - 'Servername' Denial of Service PoC Discovery by: Luis Martinez Discovery Date: 2019-11-18 Vendor Homepage: https://apps.apple.com/ca/app/scadaapp/id1206266634 Software Link: App Store for iOS devices Tested Version: 1.1.4.0 Vulnerability Type: Denial of...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/11/19 12:0 a.m.325 views

XMedia Recode 3.4.8.6 - '.m3u' Denial Of Service

Exploit Title: XMedia Recode 3.4.8.6 - '.m3u' Denial Of Service Exploit Author : ZwX Exploit Date: 2019-11-18 Vendor Homepage : https://www.xmedia-recode.de/ Link Software : https://www.xmedia-recode.de/download.php Tested on OS: Windows 7 Social: twitter.com/ZwX2a contact: [email protected] ''' Proof...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/11/19 12:0 a.m.353 views

BartVPN 1.2.2 - 'BartVPNService' Unquoted Service Path

Exploit Title: BartVPN 1.2.2 - 'BartVPNService' Unquoted Service Path Exploit Author : ZwX Exploit Date: 2019-11-18 Vendor Homepage : https://www.filehorse.com/ Link Software : https://www.filehorse.com/download-bartvpn/ Tested on OS: Windows 7 Analyze PoC : ============== C:\Users\ZwXsc qc...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/11/19 12:0 a.m.188 views

Centova Cast 3.2.12 - Denial of Service (PoC)

Exploit Title: Centova Cast 3.2.12 - Denial of Service PoC Date: 2019-11-18 Exploit Author: DroidU Vendor Homepage: https://centova.com Affected Version: =v3.2.12 Tested on: Debian 9, CentOS 7 =============================================== The Centova Cast becomes out of control and causes 100%...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/11/18 12:0 a.m.186 views

nipper-ng 0.11.10 - Remote Buffer Overflow (PoC)

Exploit Title: nipper-ng 0.11.10 - Remote Buffer Overflow PoC Date: 2019-10-20 Exploit Author: Guy Levin https://blog.vastart.dev Vendor Homepage: https://tools.kali.org/reporting-tools/nipper-ng Software Link: https://code.google.com/archive/p/nipper-ng/source/default/source Version: 0.11.10...

7.8CVSS7.9AI score0.13426EPSS
Exploits7
Exploit DB
Exploit DB
added 2019/11/18 12:0 a.m.207 views

Crystal Live HTTP Server 6.01 - Directory Traversal

Title: Crystal Live HTTP Server 6.01 - Directory Traversal Date of found: 2019-11-17 Author: Numan Türle Vendor Homepage: https://www.genivia.com/ Version : Crystal Quality 6.01.x.x Software Link : https://www.crystalrs.com/crystal-quality-introduction/ POC --------- GET...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2019/11/18 12:0 a.m.211 views

Emerson PAC Machine Edition 9.70 Build 8595 - 'FxControlRuntime' Unquoted Service Path

Exploit Title: Emerson PAC Machine Edition 9.70 Build 8595 - 'FxControlRuntime' Unquoted Service Path Discovery by: Luis Martinez Discovery Date: 2019-11-17 Vendor Homepage: https://www.emerson.com/en-us Software Link : https://www.opertek.com/descargar-software/?prc=326 Tested Version: 9.70 Buil...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/11/18 12:0 a.m.385 views

ASUS HM Com Service 1.00.31 - 'asHMComSvc' Unquoted Service Path

Exploit Title: ASUS HM Com Service 1.00.31 - 'asHMComSvc' Unquoted Service Path Date: 2019-11-16 Exploit Author : Olimpia Saucedo Vendor Homepage: www.asus.com Version: 1.00.31 Tested on: Windows 10 Pro x64 but it should works on all windows version The application suffers from an unquoted servic...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/11/18 12:0 a.m.227 views

Lexmark Services Monitor 2.27.4.0.39 - Directory Traversal

Exploit Title: Lexmark Services Monitor 2.27.4.0.39 - Directory Traversal Google Dork: N/A​ Date: 2019​-11-15 Exploit Author: Kevin Randall​ Vendor Homepage: https://www.lexmark.com/enus.html​ Software Link: https://www.lexmark.com/enus.html​ Version: 2.27.4.0.39 Latest Version​ Tested on: Window...

7.5CVSS7AI score0.16765EPSS
Exploits4
Exploit DB
Exploit DB
added 2019/11/18 12:0 a.m.165 views

MobileGo 8.5.0 - Insecure File Permissions

Exploit Title: MobileGo 8.5.0 - Insecure File Permissions Exploit Author: ZwX Exploit Date: 2019-11-15 Vendor Homepage : https://www.wondershare.net/ Software Link: https://www.wondershare.net/mobilego/ Tested on OS: Windows 7 Proof of Concept PoC: ========================== C:\Program...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/11/18 12:0 a.m.306 views

TemaTres 3.0 - Cross-Site Request Forgery (Add Admin)

Exploit Title: TemaTres 3.0 — Cross-Site Request Forgery Add Admin Author: Pablo Santiago Date: 2019-11-14 Vendor Homepage: https://www.vocabularyserver.com/ Source: https://sourceforge.net/projects/tematres/files/TemaTres%203.0/tematres3.0.zip/download Version: 3.0 CVE : 2019–14345...

9.8CVSS9.8AI score0.02022EPSS
Exploits4
Exploit DB
Exploit DB
added 2019/11/18 12:0 a.m.330 views

iSmartViewPro 1.3.34 - Denial of Service (PoC)

Exploit Title: iSmartViewPro 1.3.34 - Denial of Service PoC Discovery by: Ivan Marmolejo Discovery Date: 2019 -11-16 Vendor Homepage: http://www.smarteyegroup.com/ Software Link: https://apps.apple.com/mx/app/ismartviewpro/id834791071 Tested Version: 1.3.34 Vulnerability Type: Denial of Service D...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2019/11/18 12:0 a.m.161 views

Centova Cast 3.2.11 - Arbitrary File Download

Exploit Title: Centova Cast 3.2.11 - Arbitrary File Download Date: 2019-11-17 Exploit Author: DroidU Vendor Homepage: https://centova.com Affected Version: =v3.2.11 Tested on: Debian 9, CentOS 7 !/bin/bash if "$4" = "" then echo "Usage: $0 centovacasturl user password ftpaddress" exit fi url=$1...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2019/11/18 12:0 a.m.285 views

NCP_Secure_Entry_Client 9.2 - Unquoted Service Paths

Exploit Title: NCPSecureEntryClient 9.2 - Unquoted Service Paths Date: 2019-11-17 Exploit Author: Akif Mohamed Ik Vendor Homepage: http://software.ncp-e.com/ Software Link: http://software.ncp-e.com/NCPSecureEntryClient/Windows/9.2x/ Version: 9.2x Tested on: Windows 7 SP1 CVE : NA C:\Users\userwm...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2019/11/18 12:0 a.m.162 views

Foscam Video Management System 1.1.4.9 - 'Username' Denial of Service (PoC)

Exploit Title: Foscam Video Management System 1.1.4.9 - 'Username' Denial of Service PoC Author: chuyreds Discovery Date: 2019-11-16 Vendor Homepage: https://www.foscam.es/ Software Link : https://www.foscam.es/descarga/FoscamVMS1.1.4.9.zip Tested Version: 1.1.4.9 Vulnerability Type: Denial of...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/11/18 12:0 a.m.152 views

Open Proficy HMI-SCADA 5.0.0.25920 - 'Password' Denial of Service (PoC)

Exploit Title: Open Proficy HMI-SCADA 5.0.0.25920 - 'Password' Denial of Service PoC Discovery by: Luis Martinez Discovery Date: 2019-11-16 Vendor Homepage: https://apps.apple.com/us/app/proficyscada/id525792142 Software Link: App Store for iOS devices GE Intelligent Platforms, Inc. Tested Versio...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/11/18 12:0 a.m.167 views

TemaTres 3.0 - 'value' Persistent Cross-site Scripting

Exploit Title: TemaTres 3.0 - 'value' Persistent Cross-site Scripting Author: Pablo Santiago Date: 2019-11-14 Vendor Homepage: https://www.vocabularyserver.com/ Source: https://sourceforge.net/projects/tematres/files/TemaTres%203.0/tematres3.0.zip/download Version: 3.0 CVE : 2019–14343 Reference:...

5.4CVSS5.8AI score0.0094EPSS
Exploits5
Exploit DB
Exploit DB
added 2019/11/15 12:0 a.m.533 views

Shrew Soft VPN Client 2.2.2 - 'iked' Unquoted Service Path

Exploit Title: Shrew Soft VPN Client 2.2.2 - 'iked' Unquoted Service Path Date: 2019-11-14 Exploit Author: D.Goedecke Vendor Homepage: www.shrew.net Software Link: https://www.shrew.net/download/vpn/vpn-client-2.2.2-release.exe Version: 2.2.2 Tested on: Windows 10 64bit C:\Users\userwmic service...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/11/14 12:0 a.m.472 views

Xfilesharing 2.5.1 - Arbitrary File Upload

Exploit Title: Xfilesharing 2.5.1 - Arbitrary File Upload Google Dork: inurl:/?op=registration Date: 2019-11-4 Exploit Author: Noman Riffat Vendor Homepage: https://sibsoft.net/xfilesharing.html Version: Shell : http://xyz.com/cgi-bin/temp/joe/shell.php Local File Inclusion...

9.8CVSS8.9AI score0.45361EPSS
Exploits6
Exploit DB
Exploit DB
added 2019/11/14 12:0 a.m.286 views

Siemens Desigo PX 6.00 - Denial of Service (PoC)

Title: Siemens Desigo PX 6.00 - Denial of Service PoC Author: LiquidWorm Date: 2019-11-14 Vendor web page: https://www.siemens.com Product web page: https://new.siemens.com/global/en/products/buildings/automation/desigo.html Affected version:6.00 Affected version: Model: PXC00-E.D, PXC50-E.D,...

5.3CVSS5.6AI score0.01675EPSS
Exploits5
Exploit DB
Exploit DB
added 2019/11/14 12:0 a.m.244 views

oXygen XML Editor 21.1.1 - XML External Entity Injection

Exploit Title: oXygen XML Editor 21.1.1 - XML External Entity Injection Author: Pablo Santiago Date: 2019-11-13 Vendor Homepage: https://www.oxygenxml.com/ Source:https://www.oxygenxml.com/xmleditor/downloadoxygenxmleditor.html Version: 21.1.1 CVE : N/A Tested on: Windows 7 PoC 1- python -m...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2019/11/14 12:0 a.m.486 views

Microsoft Windows 10 Build 1803 < 1903 - 'COMahawk' Local Privilege Escalation

EDB Note Download: - https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/47684-1.exe - https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/47684-2.zip COMahawk Privilege Escalation: Weaponizing CVE-2019-1405 and CVE-2019-1322 Video Demo...

7.8CVSS9AI score0.2995EPSS
Exploits25
Exploit DB
Exploit DB
added 2019/11/13 12:0 a.m.1035 views

Technicolor TD5130.2 - Remote Command Execution

Exploit Title: Technicolor TD5130.2 - Remote Command Execution Date: 2019-11-12 Exploit Author: João Teles Vendor Homepage: https://www.technicolor.com/ Version: TD5130v2 Firmware Version: OIFwV20 CVE : CVE-2019-18396 --------------------------- POST /mntping.cgi HTTP/1.1 Host: HOST User-Agent:...

9CVSS7.2AI score0.16206EPSS
Exploits4
Exploit DB
Exploit DB
added 2019/11/13 12:0 a.m.287 views

FUDForum 3.0.9 - Remote Code Execution

Exploit Title : FUDForum 3.0.9 - Remote Code Execution Date: 2019-10-26 Exploit Author: liquidsky JMcPeters Vulnerable Software: FUDForum 3.0.9 Vendor Homepage: https://sourceforge.net/projects/fudforum/ Version: 3.0.9 Software Link:...

9CVSS9.4AI score0.08154EPSS
Exploits6
Exploit DB
Exploit DB
added 2019/11/13 12:0 a.m.290 views

ScanGuard Antivirus 2020 - Insecure Folder Permissions

Exploit Title: ScanGuard Antivirus 2020 - Insecure Folder Permissions Date: 2019-10-10 Exploit Author: hyp3rlinx Vendor Homepage: https://www.scanguard.com/ Software Link: https://support.scanguard.com/en/kb/22/upgrades-available Version: 2020 Tested on: Windows CVE : N/A Category: exploit...

7.8CVSS7.9AI score0.00518EPSS
Exploits5
Exploit DB
Exploit DB
added 2019/11/13 12:0 a.m.654 views

gSOAP 2.8 - Directory Traversal

Title: gSOAP 2.8 - Directory Traversal Author: Numan Türle Date: 2019-11-13 Vendor Homepage: https://www.genivia.com/ Version : gSOAP 2.8 Software Link : https://www.genivia.com/products.htmlgsoap POC --------- GET /../../../../../../../../../etc/passwd HTTP/1.1 Host: 10.200.106.101 Accept:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/11/13 12:0 a.m.369 views

Fastweb Fastgate 0.00.81 - Remote Code Execution

Exploit Title: Fastweb Fastgate 0.00.81 - Remote Code Execution Date: 2019-11-13 Exploit Author: Riccardo Gasparini Vendor Homepage: https://www.fastweb.it/ Software Link: http://59.0.121.191:8080/ACS-server/file/0.00.81FW200Askey only from Fastweb ISP network Version: 0.00.81 Tested on: Linux CV...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/11/13 12:0 a.m.320 views

Linear eMerge E3 1.00-06 - Remote Code Execution

Title: Linear eMerge E3 1.00-06 - Remote Code Execution Author: LiquidWorm Date: 2019-11-13 Vendor Homepage: http://linear-solutions.com/nscfamily/e3-series/ Software Link: http://linear-solutions.com/nscfamily/e3-series/ Affected version: =2.3.0a Advisory:...

10CVSS9.7AI score0.97136EPSS
Exploits16
Exploit DB
Exploit DB
added 2019/11/13 12:0 a.m.267 views

Technicolor TC7300.B0 - 'hostname' Persistent Cross-Site Scripting

Exploit Title: Technicolor TC7300.B0 - 'hostname' Persistent Cross-Site Scripting Google Dork: N/A Date: 2019-11-11 Exploit Author: Luis Stefan Vendor Homepage: https://www.technicolor.com/ Software Link: N/A Version: TC7300.B0 - STFA.51.20 Tested on: macOS Mojave and Catalina CVE : !/usr/bin/env...

5.4CVSS5.8AI score0.0084EPSS
Exploits5
Exploit DB
Exploit DB
added 2019/11/12 12:0 a.m.412 views

Joomla 3.9.13 - 'Host' Header Injection

Exploit Title: Joomla 3.9.13 - 'Host' Header Injection Author: Pablo Santiago Date: 2019-11-12 Vendor Homepage: https://www.joomla.org/ Source: https://downloads.joomla.org/cms/joomla3/3-9-13/Joomla3-9-13-Stable-FullPackage.zip?format=zip Version: 3.9.13 CVE : N/A Tested on: Windows 10 PoC curl...

Exploits0
Exploit DB
Exploit DB
added 2019/11/12 12:0 a.m.113 views

Computrols CBAS-Web 19.0.0 - 'username' Reflected Cross-Site Scripting

Exploit Title: Computrols CBAS-Web 19.0.0 - 'username' Reflected Cross-Site Scripting Google Dork: NA Date: 2018-09-06 Exploit Author: LiquidWorm Vendor Homepage: https://www.computrols.com/capabilities-cbas-web/ Software Link: https://www.computrols.com/building-automation-software/ Version:...

6.1CVSS6.5AI score0.04662EPSS
Exploits4
Exploit DB
Exploit DB
added 2019/11/12 12:0 a.m.111 views

Control Center PRO 6.2.9 - Local Stack Based Buffer Overflow (SEH)

Exploit Title: Control Center PRO 6.2.9 - Local Stack Based BufferOverflow SEH Date: 2019-11-09 Exploit Author: Samir sanchez garnica @sasaga92 Vendor Homepage: http://www.webgateinc.com/wgi/eng/products/list.php?ecidx1=P610 Software Link:...

7.4AI score
Exploits0
Total number of security vulnerabilities47904