Lucene search
K
ExploitdbRecent

47904 matches found

Exploit DB
Exploit DB
added 2019/10/25 12:0 a.m.137 views

ClonOs WEB UI 19.09 - Improper Access Control

Exploit Title: ClonOs WEB UI 19.09 - Improper Access Control Date: 2019-10-19 Exploit Author: İbrahim Hakan Şeker Vendor Homepage: https://clonos.tekroutine.com/ Software Link: https://github.com/clonos/control-pane Version: 19.09 Tested on: ClonOs CVE : 2019-18418 import requests from bs4 import...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/10/24 12:0 a.m.1373 views

Linux Polkit - pkexec helper PTRACE_TRACEME local root (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Linux Polkit pkexec helper PTRACETRACEME local root exploit', 'Description' = %q This module exploits an issue in ptracelink in kernel/ptrace.c...

7.8CVSS8.4AI score0.52199EPSS
Exploits21
Exploit DB
Exploit DB
added 2019/10/24 12:0 a.m.305 views

AUO SunVeillance Monitoring System 1.1.9e - 'MailAdd' SQL Injection

Exploit Title: AUO SunVeillance Monitoring System 1.1.9e - 'MailAdd' SQL Injection Date: 2019-10-24 Exploit Author: Luca.Chiou Vendor Homepage: https://www.auo.com/zh-TW Version: AUO SunVeillance Monitoring System all versions prior to v1.1.9e Tested on: It is a proprietary devices:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/10/24 12:0 a.m.222 views

AUO SunVeillance Monitoring System 1.1.9e - Incorrect Access Control

Exploit Title: AUO SunVeillance Monitoring System 1.1.9e - Incorrect Access Control Date: 2019-10-24 Exploit Author: Luca.Chiou Vendor Homepage: https://www.auo.com/zh-TW Version: AUO SunVeillance Monitoring System all versions prior to v1.1.9e Tested on: It is a proprietary devices:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/10/24 12:0 a.m.288 views

WordPress Plugin Sliced Invoices 3.8.2 - 'post' SQL Injection

Exploit Title: Wordpress Sliced Invoices 3.8.2 - 'post' SQL Injection Date: 2019-10-22 Exploit Author: Lucian Ioan Nitescu Contact: https://twitter.com/LucianNitescu Webiste: https://nitesculucian.github.io Vendor Homepage: https://slicedinvoices.com/ Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/10/23 12:0 a.m.776 views

Joomla! 3.4.6 - Remote Code Execution (Metasploit)

Exploit Title: Joomla! 3.4.6 - Remote Code Execution Metasploit Google Dork: N/A Date: 2019-10-02 Exploit Author: Alessandro Groppo Vendor Homepage: https//www.joomla.it/ Software Link: https://downloads.joomla.org/it/cms/joomla3/3-4-6 Version: 3.0.0 -- 3.4.6 Tested on: Linux CVE : N/A This modul...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/10/23 12:0 a.m.279 views

Rocket.Chat 2.1.0 - Cross-Site Scripting

Title: Rocket.Chat 2.1.0 - Cross-Site Scripting Author: 3H34N Date: 2019-10-22 Product: Rocket.Chat Vendor: https://rocket.chat/ Vulnerable Versions: Rocket.Chat 2. Open a chat session 3. Send payload with your web server url 4. Token will be written in logs.txt when target seen your message...

6.1CVSS6.5AI score0.04023EPSS
Exploits5
Exploit DB
Exploit DB
added 2019/10/23 12:0 a.m.541 views

IObit Uninstaller 9.1.0.8 - 'IObitUnSvr' Unquoted Service Path

Title: IObit Uninstaller 9.1.0.8 - 'IObitUnSvr' Unquoted Service Path Author: Sainadh Jamalpur Date: 2019-10-22 Vendor Homepage: https://www.iobit.com Software Link: https://www.iobit.com/en/advanceduninstaller.php Version : 9.1.0.8 Tested on: Windows 10 64bitEN CVE : N/A 1. Description: Unquoted...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/10/22 12:0 a.m.437 views

Total.js CMS 12 - Widget JavaScript Code Injection (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Total.js CMS 12 Widget JavaScript Code Injection', 'Description' = %q This module exploits a vulnerability in Total.js CMS. The issue is that a...

9.9CVSS7.4AI score0.79204EPSS
Exploits5
Exploit DB
Exploit DB
added 2019/10/22 12:0 a.m.215 views

Moxa EDR-810 - Command Injection / Information Disclosure

During an engagement for a client, RandoriSec found 2 vulnerabilities on Moxa EDR-810 Series Secure Routers. The first one is a command injection vulnerability found on the CLI allowing an authenticated user to obtain root privileges. And the other one is an improper access control found on the w...

7.2CVSS5.9AI score0.08747EPSS
Exploits5
Exploit DB
Exploit DB
added 2019/10/21 12:0 a.m.351 views

WinRAR 5.80 (x64) - Denial of Service

Exploit Title: winrar 5.80 64bit - Denial of Service Date: 2019-10-19 Exploit Author: alblalawi Vendor Homepage: https://win-rar.com/fileadmin/winrar-versions/winrar-x64-58b2.exe Version: 5.80 Tested on: Microsoft Windows Version 10.0.18362.418 64bit 1- open winrar or any file.rar 2- help 3- help...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/10/21 12:0 a.m.362 views

Trend Micro Anti-Threat Toolkit 1.62.0.1218 - Remote Code Execution

Exploit Title: Trend Micro Anti-Threat Toolkit 1.62.0.1218 - Remote Code Execution Date: 2019-10-19 Exploit Author: hyp3rlinx Vendor Homepage: www.trendmicro.com Version: 1.62.0.1218 and below Tested on: Microsoft Windows CVE: N/A + Credits: John Page aka hyp3rlinx + Website:...

7.8CVSS7.6AI score0.12939EPSS
Exploits6
Exploit DB
Exploit DB
added 2019/10/21 12:0 a.m.269 views

Adobe Acrobat Reader DC for Windows - Heap-Based Buffer Overflow due to Malformed JP2 Stream (2)

We have observed the following access violation exception in the latest version of Adobe Acrobat Reader DC for Windows, when opening a malformed PDF file: --- cut --- 7f2c.8be8: Access violation - code c0000005 first chance First chance exceptions are reported before any exception handling. This...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/10/21 12:0 a.m.647 views

Solaris 11.4 - xscreensaver Privilege Escalation

@Mediaservice.net Security Advisory 2019-02 last updated on 2019-10-16 Title: Local privilege escalation on Solaris 11.x via xscreensaver Application: Jamie Zawinski's xscreensaver 5.39 distributed with Solaris 11.4 Jamie Zawinski's xscreensaver 5.15 distributed with Solaris 11.3 Other versions...

8.8CVSS9AI score0.13399EPSS
Exploits8
Exploit DB
Exploit DB
added 2019/10/21 12:0 a.m.427 views

Winrar 5.80 - XML External Entity Injection

Exploit Title: winrar 5.80 - XML External Entity Injection Exploit Author: hyp3rlinx Vendor Homepage: https://win-rar.com/fileadmin/winrar-versions/winrar-x64-58b2.exe Version: 5.80 Tested on: Microsoft Windows Version 10.0.18362.418 64bit POC 1- python -m SimpleHTTPServer listens Port 8000 2- op...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/10/18 12:0 a.m.2334 views

Joomla! 3.4.6 - Remote Code Execution

Exploit Title: Joomla! 3.4.6 - Remote Code Execution Google Dork: N/A Date: 2019-10-02 Exploit Author: Alessandro Groppo Vendor Homepage: https//www.joomla.it/ Software Link: https://downloads.joomla.org/it/cms/joomla3/3-4-6 Version: 3.0.0 -- 3.4.6 Tested on: Linux CVE : N/A Technical details:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/10/17 12:0 a.m.207 views

WorkgroupMail 7.5.1 - 'WorkgroupMail' Unquoted Service Path

Exploit Title : WorkgroupMail 7.5.1 - 'WorkgroupMail' Unquoted Service Path Date : 2019-10-15 Exploit Author : Cakes Vendor: Softalk Version : 7.5.1 Software: http://html.tucows.com/preview/195580/WorkgroupMail-Mail-Server?q=pop3 Tested on Windows 10 CVE : N/A c:\sc qc WorkgroupMail SC...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/10/17 12:0 a.m.256 views

Web Companion versions 5.1.1035.1047 - 'WCAssistantService' Unquoted Service Path

Exploit Title: Web Companion versions 5.1.1035.1047 - 'WCAssistantService' Unquoted Service Path Exploit Author: Debashis Pal Date: 2019-10-17 Vendor Homepage : https://webcompanion.com Source: https://webcompanion.com Version: Web Companion versions 5.1.1035.1047 CVE : N/A Tested on: Windows 7...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/10/17 12:0 a.m.314 views

Restaurant Management System 1.0 - Remote Code Execution

Exploit Title: Restaurant Management System 1.0 - Remote Code Execution Date: 2019-10-16 Exploit Author: Ibad Shah Vendor Homepage: https://www.sourcecodester.com/users/lewa Software Link: https://www.sourcecodester.com/php/11815/restaurant-management-system.html Version: N/A Tested on: Apache...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/10/17 12:0 a.m.358 views

WordPress Plugin Popup Builder 3.49 - Persistent Cross-Site Scripting

Exploit Title: Wordpress Popup Builder 3.49 - Persistent Cross-Site Scripting Google Dork: inurl:"\wp-content\plugins\popupbuilder" Date: 2019-06-13 Exploit Author: Unk9vvN Vendor Homepage: https://popup-builder.com/ Software Link: https://wordpress.org/plugins/popup-builder/ Version: 3.49 Tested...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2019/10/17 12:0 a.m.360 views

BlackMoon FTP Server 3.1.2.1731 - 'BMFTP-RELEASE' Unquoted Serive Path

Exploit Title: BlackMoon FTP Server 3.1.2.1731 - 'BMFTP-RELEASE' Unquoted Serive Path Exploit Author: Debashis Pal Date: 2019-10-17 Vendor : Blackmoonftpserver Source: http://www.tucows.com/preview/222822/BlackMoon-FTP-Server?q=FTP+server Version: BlackMoon FTP Server 3.1.2.1731 CVE : N/A Tested...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/10/17 12:0 a.m.226 views

WordPress Plugin Soliloquy Lite 2.5.6 - Persistent Cross-Site Scripting

Exploit Title: Wordpress Soliloquy Lite 2.5.6 - Persistent Cross-Site Scripting Google Dork: inurl:"\wp-content\plugins\soliloquy-lite" Date: 2019-06-13 Exploit Author: Unk9vvN Vendor Homepage: https://soliloquywp.com/ Software Link: https://wordpress.org/plugins/soliloquy-lite/ Version: 2.5.6...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/10/17 12:0 a.m.286 views

ThinVNC 1.0b1 - Authentication Bypass

Exploit Title: ThinVNC 1.0b1 - Authentication Bypass Date: 2019-10-17 Exploit Author: Nikhith Tumamlapalli Contributor WarMarX Vendor Homepage: https://sourceforge.net/projects/thinvnc/ Software Link: https://sourceforge.net/projects/thinvnc/files/ThinVNC1.0b1/ThinVNC1.0b1.zip/download Version:...

9.8CVSS9.4AI score0.96758EPSS
Exploits11
Exploit DB
Exploit DB
added 2019/10/17 12:0 a.m.301 views

WordPress Plugin FooGallery 1.8.12 - Persistent Cross-Site Scripting

Exploit Title: Wordpress FooGallery 1.8.12 - Persistent Cross-Site Scripting Google Dork: inurl:"\wp-content\plugins\foogallery" Date: 2019-06-13 Exploit Author: Unk9vvN Vendor Homepage: https://foo.gallery/ Software Link: https://wordpress.org/plugins/foogallery/ Version: 1.8.12 Tested on: Kali...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/10/16 12:0 a.m.488 views

CyberArk Password Vault 10.6 - Authentication Bypass

Exploit Title: CyberArk Password Vault 10.6 - Authentication Bypass Date: 2019-10-16 Author: Daniel Martinez Adan adon90 Vendor: https://www.cyberark.com Software: https://www.cyberark.com/products/privileged-account-security-solution/enterprise-password-vault/ Collaborator: Luis Buendía...

0.2AI score
Exploits0
Exploit DB
Exploit DB
added 2019/10/16 12:0 a.m.231 views

X.Org X Server 1.20.4 - Local Stack Overflow

Exploit Title: X.Org X Server 1.20.4 - Local Stack Overflow Date: 2019-10-16 Exploit Author: Marcelo Vázquez aka s4vitar Vendor Homepage: https://www.x.org/ Version: = 1.20.4 Tested on: Linux CVE: CVE-2019-17624 !/usr/bin/python coding: utf-8 Author: Marcelo Vázquez aka s4vitar X.Org X Server...

7.8CVSS7.9AI score0.03694EPSS
Exploits5
Exploit DB
Exploit DB
added 2019/10/16 12:0 a.m.210 views

Mikogo 5.2.2.150317 - 'Mikogo-Service' Unquoted Serive Path

Exploit Title : Mikogo 5.2.2.150317 - 'Mikogo-Service' Unquoted Serive Path Date : 2019-10-15 Exploit Author : Cakes Vendor: LiteManager Team Version : LiteManager 4.5.0 Software: http://html.tucows.com/preview/518015/Mikogo?q=remote+support Tested on Windows 10 CVE : N/A c:\sc qc Mikogo-Service ...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/10/16 12:0 a.m.202 views

Zilab Remote Console Server 3.2.9 - 'zrcs' Unquoted Service Path

Exploit Title : Zilab Remote Console Server 3.2.9 - 'zrcs' Unquoted Service Path Date : 2019-10-15 Exploit Author : Cakes Vendor: Zilab Software Inc Version : Zilab Remote Console Server 3.2.9 Software: http://html.tucows.com/preview/340137/Zilab-Remote-Console-Server?q=remote+support Tested on...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/10/16 12:0 a.m.308 views

LiteManager 4.5.0 - 'romservice' Unquoted Serive Path

Exploit Title : LiteManager 4.5.0 - 'romservice' Unquoted Serive Path Date : 2019-10-15 Exploit Author : Cakes Vendor: LiteManager Team Version : LiteManager 4.5.0 Software: http://html.tucows.com/preview/1594042/LiteManager-Free?q=remote+support Tested on Windows 10 CVE : N/A c:\sc qc romservice...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/10/16 12:0 a.m.202 views

Accounts Accounting 7.02 - Persistent Cross-Site Scripting

Exploit Title: Express Accounts Accounting 7.02 - Persistent Cross-Site Scripting Exploit Author: Debashis Pal Date: 2019-10-16 Vendor Homepage: https://www.nchsoftware.com Source: https://www.nchsoftware.com/accounting/index.html Version: Express Accounts Accounting v7.02 CVE : N/A Tested on:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/10/16 12:0 a.m.531 views

Whatsapp 2.19.216 - Remote Code Execution

Exploit Title: Whatsapp 2.19.216 - Remote Code Execution Date: 2019-10-16 Exploit Author: Valerio Brussani @valbrux Vendor Homepage: https://www.whatsapp.com/ Version: include include include typedef uint8t byte; char gadgetp; void libc, lib; //dls iteration for rop int dlcallbackstruct dlphdrinf...

8.8CVSS8.9AI score0.44255EPSS
Exploits16
Exploit DB
Exploit DB
added 2019/10/16 12:0 a.m.258 views

Solaris xscreensaver 11.4 - Privilege Escalation

Exploit Title: Solaris xscreensaver 11.4 - Privilege Escalation Date: 2019-10-16 Exploit Author: Marco Ivaldi Vendor Homepage: https://www.oracle.com/technetwork/server-storage/solaris11/ Version: Solaris 11.x Tested on: Solaris 11.4 and 11.3 X86 CVE: N/A !/bin/sh raptorxscreensaver - Solaris 11....

8.8CVSS9AI score0.13399EPSS
Exploits8
Exploit DB
Exploit DB
added 2019/10/16 12:0 a.m.214 views

Lavasoft 2.3.4.7 - 'LavasoftTcpService' Unquoted Service Path

Lavasoft 2.3.4.7 - 'LavasoftTcpService' Unquoted Service Path Author: Luis MedinaL Date: 2019-10-15 Vendor Homepage: https://www.adaware.com/ Software Link : https://www.adaware.com/antivirus Version : 2.3.4.7 Tested on: Microsoft Windows 10 Pro x64 ESP Description: Lavasoft 2.3.4.7 installs...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2019/10/15 12:0 a.m.174 views

ActiveFax Server 6.92 Build 0316 - 'ActiveFaxServiceNT' Unquoted Service Path

Exploit Title : ActiveFax Server 6.92 Build 0316 - 'ActiveFaxServiceNT' Unquoted Service Path Date : 2019-10-15 Exploit Author : Cakes Vendor Homepage: https://www.actfax.com/ Software Link : https://www.actfax.com/download/actfaxsetupx64ge.exe Version : ActiveFax Server 6.92 Build 0316 Tested on...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/10/15 12:0 a.m.362 views

sudo 1.8.27 - Security Bypass

Exploit Title : sudo 1.8.27 - Security Bypass Date : 2019-10-15 Original Author: Joe Vennix Exploit Author : Mohin Paramasivam Shad0wQu35t Version : Sudo priv" os.system"cat priv | grep 'ALL' | cut -d '' -f 2...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/10/15 12:0 a.m.220 views

Podman & Varlink 1.5.1 - Remote Code Execution

Exploit Title: Podman & Varlink 1.5.1 - Remote Code Execution Exploit Author: Jeremy Brown Date: 2019-10-15 Vendor Homepage: https://podman.io/ Software Link: dnf install podman or https://github.com/containers/libpod/releases Version: 1.5.1 Tested on: Fedora Server 30 !/usr/bin/python -- coding:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/10/15 12:0 a.m.344 views

Bolt CMS 3.6.10 - Cross-Site Request Forgery

Exploit Title: Bolt CMS 3.6.10 - Cross-Site Request Forgery Date: 2019-10-15 Exploit Author: r3m0t3nu11Zero-Way Vendor Homepage: https://bolt.cm/ Software Link: https://bolt.cm/ Version: up to date and 6.5 Tested on: Linux CVE : CVE-2019-17591 last version Csrf p0c Bolt v 3.x exploit 0day Bolt v...

5.7AI score
Exploits4
Exploit DB
Exploit DB
added 2019/10/14 12:0 a.m.206 views

SpotAuditor 5.3.1.0 - Denial of Service

Exploit Title: SpotAuditor 5.3.1.0 - Denial of Service Author: Sanjana Shetty Date: 2019-10-13 Version: SpotAuditor 5.3.1.0 Vendor Homepage: http://www.nsauditor.com Software link: http://spotauditor.nsauditor.com/ Steps 1 Install the SpotAuditor software 2 Access the register functionality 3 In...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/10/14 12:0 a.m.257 views

Kirona-DRS 5.5.3.5 - Information Disclosure

Exploit Title: Kirona-DRS 5.5.3.5 - Information Disclosure Discovered Date: 2019-10-03 Shodan Search: /opt-portal/pages/login.xhtml Exploit Author: Ramikan Vendor Homepage: https://www.kirona.com/products/dynamic-resource-scheduler/ Affected Version: DRS 5.5.3.5 may be other versions. Tested On...

6.1CVSS5.8AI score0.49236EPSS
Exploits6
Exploit DB
Exploit DB
added 2019/10/14 12:0 a.m.2854 views

Apache Httpd mod_rewrite - Open Redirects

Normal URLs like http://redirect.local/test will be forwared to https://redirect.local/test. But by using newlines CVE 2019-10098, we can redirect somewhere else i.e. to https://redirect.local.evilwebsite.com: curl -Ik 'https://redirect.local/%0a.evilwebsite.com' --path-as-is HTTP/2 302 date: Mon...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2019/10/14 12:0 a.m.1671 views

Apache Httpd mod_proxy - Error Page Cross-Site Scripting

The trick is to use a vertical tab %09 and then place another URL in the tag. So once a victim clicks the link on the error page, she will go somewhere else. As you can see, the browser changes the destination from relative / to an absolute url https://enoflag.de. The exploit is...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/10/14 12:0 a.m.455 views

WordPress Core < 5.2.3 - Viewing Unauthenticated/Password/Private Posts

So far we know that adding ?static=1 to a wordpress URL should leak its secret content Here are a few ways to manipulate the returned entries: - order with asc or desc - orderby - m with m=YYYY, m=YYYYMM or m=YYYYMMDD date format In this case, simply reversing the order of the returned elements...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/10/14 12:0 a.m.272 views

ActiveFax Server 6.92 Build 0316 - 'POP3 Server' Denial of Service

Exploit Title: ActiveFax Server 6.92 Build 0316 - 'POP3 Server' Denial of Service Date: 2019-10-12 Vendor Homepage: https://www.actfax.com/ Software Link : https://www.actfax.com/download/actfaxsetupx64ge.exe Exploit Author: Achilles Tested Version: 6.92 Tested on: Windows 7 x64 Vulnerability Typ...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/10/14 12:0 a.m.206 views

Express Invoice 7.12 - 'Customer' Persistent Cross-Site Scripting

Exploit Title: Express Invoice 7.12 - 'Customer' Persistent Cross-Site Scripting Exploit Author: Debashis Pal Date: 2019-10-13 Vendor Homepage: https://www.nchsoftware.com/ Source: https://www.nchsoftware.com/invoice/index.html Version: Express Invoice v7.12 CVE : N/A Tested on: Windows 7 SP132bi...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/10/14 12:0 a.m.253 views

Ajenti 2.1.31 - Remote Code Execution

Title: Ajenti 2.1.31 - Remote Code Execution Author: Jeremy Brown Date: 2019-10-13 Software Link: https://github.com/ajenti/ajenti CVE: N/A Tested on: Ubuntu Linux !/usr/bin/python ajentix.py Ajenti Remote Command Execution Exploit ------- Details ------- Ajenti is a web control panel written in...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/10/14 12:0 a.m.226 views

Uplay 92.0.0.6280 - Local Privilege Escalation

Exploit Title: Uplay 92.0.0.6280 - Local Privilege Escalation Date: 2019-08-07 Exploit Author: Kusol Watchara-Apanukorn, Pongtorn Angsuchotmetee, Manich Koomsusi Vendor Homepage: https://uplay.ubisoft.com/ Version: 92.0.0.6280 Tested on: Windows 10 x64 CVE : N/A Vulnerability Description:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/10/11 12:0 a.m.394 views

National Instruments Circuit Design Suite 14.0 - Local Privilege Escalation

Exploit Title: National Instruments Circuit Design Suite 14.0 - Local Privilege Escalation Discovery Date: 2019-10-10 Exploit Author: Ivan Marmolejo Vendor Homepage: http://www.ni.com/en-us.html Software Link: https://www.ni.com/en-us/shop/select/circuit-design-suite Version: 14.0 Vulnerability...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/10/11 12:0 a.m.252 views

Intelbras Router WRN150 1.0.18 - Persistent Cross-Site Scripting

Exploit Title: Intelbras Router WRN150 1.0.18 - Persistent Cross-Site Scripting Date: 2019-10-03 Exploit Author: Prof. Joas Antonio Vendor Homepage: https://www.intelbras.com/pt-br/ Software Link: http://en.intelbras.com.br/node/25896 Version: 1.0.18 Tested on: Windows CVE : CVE-2019–17411 PoC 1:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/10/11 12:0 a.m.306 views

WordPress Plugin Arforms 3.7.1 - Directory Traversal

Exploit Title: WordPress Arforms 3.7.1 - Directory Traversal Date: 2019-09-27 Exploit Author: Ahmad Almorabea Updated version of the exploit can be found always at : http://almorabea.net/cve-2019-16902.txt Software Link: https://www.arformsplugin.com/documentation/changelog/ Version: 3.7.1 CVE ID...

7.5CVSS7.8AI score0.09726EPSS
Exploits5
Exploit DB
Exploit DB
added 2019/10/10 12:0 a.m.340 views

SMA Solar Technology AG Sunny WebBox device - 1.6 - Cross-Site Request Forgery

Exploit Title: SMA Solar Technology AG Sunny WebBox device - 1.6 - Cross-Site Request Forgery Date: 2019-10-08 Exploit Author: Borja Merino and Eduardo Villaverde Vendor Homepage: https://www.sma.de Version: Firmware Version 1.6 and prior Tested on: Sunny WebBox SMA Solar Device Firmware Version...

8.8CVSS9AI score0.0223EPSS
Exploits4
Total number of security vulnerabilities47904