Lucene search
K
ExploitpackMost viewed

41207 matches found

exploitpack
exploitpack
added 2019/02/18 12:0 a.m.75 views

qdPM 9.1 - type Cross-Site Scripting

qdPM 9.1 - type Cross-Site Scripting =========================================================================================== Exploit Title: qdPM 9.1 - 'type' XSS Injection CVE: CVE-2019-8391. Date: 14-02-2019 Exploit Author: Mehmet EMIROGLU Vendor Homepage: http://qdpm.net Software Link:...

4.3CVSS6.1AI score0.03342EPSS
Exploits5
exploitpack
exploitpack
added 2018/10/06 12:0 a.m.75 views

Chamilo LMS 1.11.8 - firstname Cross-Site Scripting

Chamilo LMS 1.11.8 - firstname Cross-Site Scripting Exploit Title: Chamilo LMS 1.11.8 - 'firstname' Cross-Site Scripting Author: Cakes Discovery Date: 2018-10-06 Vendor Homepage: https://chamilo.org Software Link:...

6.8AI score
Exploits0
exploitpack
exploitpack
added 2017/04/20 12:0 a.m.75 views

Microsoft Windows - ManagementObject Arbitrary .NET Serialization Remote Code Execution

Microsoft Windows - ManagementObject Arbitrary .NET Serialization Remote Code Execution Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1081 Windows: ManagementObject Arbitrary .NET Serialization RCE Platform: .NET 4.6, Powershell 4. Tested between Server 2016 and Windows 10...

10CVSS0.5AI score0.23425EPSS
Exploits11
exploitpack
exploitpack
added 2016/02/22 12:0 a.m.75 views

Linux Kernel 3.x (Ubuntu 14.04 Mint 17.3 Fedora 22) - Double-free usb-midi SMEP Privilege Escalation

Linux Kernel 3.x Ubuntu 14.04 Mint 17.3 Fedora 22 - Double-free usb-midi SMEP Privilege Escalation Source: https://xairy.github.io/blog/2016/cve-2016-2384 Source: https://github.com/xairy/kernel-exploits/tree/master/CVE-2016-2384 Source: https://www.youtube.com/watch?v=lfl1NJn1nvo Exploit-DB Note...

4.9CVSS1AI score0.03723EPSS
Exploits10
exploitpack
exploitpack
added 2015/08/13 12:0 a.m.75 views

Zend Framework 2.4.2 - PHP FPM XML eXternal Entity Injection

Zend Framework 2.4.2 - PHP FPM XML eXternal Entity Injection ============================================= - Release date: 12.08.2015 - Discovered by: Dawid Golunski - Severity: High - CVE-ID: CVE-2015-5161 ============================================= I. VULNERABILITY -------------------------...

6.8CVSS0.1AI score0.09911EPSS
Exploits7
exploitpack
exploitpack
added 2015/04/21 12:0 a.m.76 views

ADB - Backup Archive File Overwrite Directory Traversal

ADB - Backup Archive File Overwrite Directory Traversal ADB backup archive path traversal file overwrite ------------------------------------------------ Using adb one can create a backup of his/her Android device and store it on the PC. The backup archive is based on the tar file format. By...

2.1CVSS0.3AI score0.01074EPSS
Exploits6
exploitpack
exploitpack
added 2014/08/02 12:0 a.m.75 views

Sphider Search Engine - Multiple Vulnerabilities

Sphider Search Engine - Multiple Vulnerabilities Exploit Title: Sphider Search Engine - Multiple Vulnerabilities Google Dork: ext:php intext:sphider inurl:search.php Date: 6/20/2014 Exploit Author: Shayan Sadigh twitter.com/r1pplex | Vendor Homepage: http://www.sphider.eu/ Version: Sphider 1.3.6 ...

7.5CVSS0.1AI score0.10451EPSS
Exploits12
exploitpack
exploitpack
added 2012/04/19 12:0 a.m.75 views

OpenSSL - ASN1 BIO Memory Corruption

OpenSSL - ASN1 BIO Memory Corruption Incorrect integer conversions in OpenSSL can result in memory corruption. -------------------------------------------------------------------------- CVE-2012-2110 This advisory is intended for system administrators and developers exposing OpenSSL in production...

7.5CVSS0.48298EPSS
Exploits8
exploitpack
exploitpack
added 2011/03/02 12:0 a.m.75 views

Magic Music Editor - Local Buffer Overflow

Magic Music Editor - Local Buffer Overflow !/usr/bin/perl +Exploi Title: Exploit Buffer Overflow Magic Music Editor +Date: 03\01\2011 +Author: C4SS!0 G0M3S +Software Link: http://www.magic-video-software.com/downloadserver/Magic-Music-Editor.exe +POC Found By:...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2010/08/10 12:0 a.m.75 views

RSP MP3 Player - OCX ActiveX Buffer Overflow HeapSpray

RSP MP3 Player - OCX ActiveX Buffer Overflow HeapSpray . . . \ / |/| . | | | ||/ \ .| RSP MP3 Player OCX ActiveX Buffer Overflow heap spray By : MadjiX , Dz8aHotmail.com Discovered by Blake: http://www.exploit-db.com/exploits/14309/ Greetings: His0k4 , Bibi-info , The g0bl!n y , sec4ever.com...

1.2AI score
Exploits0
exploitpack
exploitpack
added 2010/01/24 12:0 a.m.75 views

BoastMachine 3.1 - Arbitrary File Upload

BoastMachine 3.1 - Arbitrary File Upload :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: Exploit Title : boastMachine v3.1 Remote File Upload Vulnerability Author: alnjm33 Software Link: http://boastology.com/pages/dload.php?id=bmachine-3.1.zip Software...

0.3AI score
Exploits0
exploitpack
exploitpack
added 2008/11/20 12:0 a.m.75 views

PHP 5.2.6 - error_log Safe_mode Bypass

PHP 5.2.6 - errorlog Safemode Bypass SecurityReason.com PHP 5.2.6 errorlog safemode bypass Author: Maksymilian Arciemowicz cXIb8O3 securityreason.com Date: - - Written: 10.11.2008 - - Public: 20.11.2008 SecurityReason Research SecurityAlert Id: 57 CWE: CWE-264 SecurityRisk: Medium Affected...

Exploits0
exploitpack
exploitpack
added 2008/03/12 12:0 a.m.75 views

XOOPS Module Gallery 0.2.2 - gid SQL Injection

XOOPS Module Gallery 0.2.2 - gid SQL Injection XOOPS Module Gallery 0.2.2 SQL Injection Exploit AUTHOR : S@BUN HOME : http://www.milw0rm.com/author/1334 HOME : http://securityreason.com/search/101/c0BidW4=/1/0 MAİL : [email protected] DORKS 1 : allinurl :"modules/gallery" DORK 2 ...

0.7AI score
Exploits0
exploitpack
exploitpack
added 2019/11/12 12:0 a.m.74 views

eMerge E3 1.00-06 - Arbitrary File Upload

eMerge E3 1.00-06 - Arbitrary File Upload Exploit Title: eMerge E3 1.00-06 - Arbitrary File Upload Google Dork: NA Date: 2018-11-11 Exploit Author: LiquidWorm Vendor Homepage: http://linear-solutions.com/nscfamily/e3-series/ Software Link: http://linear-solutions.com/nscfamily/e3-series/ Version:...

7.5CVSS0.1AI score0.69992EPSS
Exploits5
exploitpack
exploitpack
added 2019/11/04 12:0 a.m.74 views

Apple macOS 10.15.1 - Denial of Service (PoC)

Apple macOS 10.15.1 - Denial of Service PoC Exploit Title: Apple macOS 10.15.1 - Denial of Service PoC Date: 2019-11-02 Exploit Author: 08Tc3wBB Vendor Homepage: Apple Software Link: Version: Apple macOS msghlocalport, msg1.msghsize, msg4.msghreserved, unsigned intmsg4.msghid, QWORD...

7.2AI score
Exploits0
exploitpack
exploitpack
added 2019/09/30 12:0 a.m.74 views

Cisco Small Business 220 Series - Multiple Vulnerabilities

Cisco Small Business 220 Series - Multiple Vulnerabilities !/usr/bin/python2.7 """ Subject Realtek Managed Switch Controller RTL83xx PoC 2019 bashis https://www.realtek.com/en/products/communications-network-ics/category/managed-switch-controller Brief description 1. Boa/Hydra suffer of exploitab...

0.6AI score
Exploits0
exploitpack
exploitpack
added 2019/07/15 12:0 a.m.74 views

NETGEAR WiFi Router JWNR2010v5 R6080 - Authentication Bypass

NETGEAR WiFi Router JWNR2010v5 R6080 - Authentication Bypass Exploit Title: NETGEAR WiFi Router R6080 - Security Questions Answers Disclosure Date: 13/07/2019 Exploit Author: Wadeek Hardware Version: R6080-100PES Firmware Version: 1.0.0.34 / 1.0.0.40 Vendor Homepage:...

0.9AI score
Exploits0
exploitpack
exploitpack
added 2018/08/20 12:0 a.m.74 views

SEIG Modbus 3.4 - Remote Code Execution

SEIG Modbus 3.4 - Remote Code Execution Title: SEIG Modbus 3.4 - Remote Code Execution Author: Alejandro Parodi Date: 2018-08-17 Vendor Homepage: https://www.schneider-electric.com Software Link:...

9.3CVSS7AI score0.22124EPSS
Exploits10
exploitpack
exploitpack
added 2018/07/13 12:0 a.m.74 views

Zeta Producer Desktop CMS 14.2.0 - Remote Code Execution Local File Disclosure

Zeta Producer Desktop CMS 14.2.0 - Remote Code Execution Local File Disclosure SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Remote Code Execution & Local File Disclosure product: Zeta Producer Desktop CMS vulnerable...

7.5CVSS0.2AI score0.17282EPSS
Exploits6
exploitpack
exploitpack
added 2018/03/28 12:0 a.m.74 views

TwonkyMedia Server 7.0.11-8.5 - Directory Traversal

TwonkyMedia Server 7.0.11-8.5 - Directory Traversal ''' --------------------------------------------------------------------- 1. About --------------------------------------------------------------------- Exploit Title: TwonkyMedia Server 7.0.11-8.5 Directory Traversal Date: 2018-03-27 Exploit...

5CVSS0.2AI score0.28725EPSS
Exploits5
exploitpack
exploitpack
added 2017/12/19 12:0 a.m.74 views

Trend Micro Smart Protection Server - Session Hijacking Log File Disclosure Remote Command Execution Cron Job Injection Local File Inclusion Stored Cross-Site Scripting Improper Access Control

Trend Micro Smart Protection Server - Session Hijacking Log File Disclosure Remote Command Execution Cron Job Injection Local File Inclusion Stored Cross-Site Scripting Improper Access Control Trend Micro Smart Protection Server Multiple Vulnerabilities 1. Advisory Information Title:: Trend Micro...

7.5CVSS7.4AI score0.19369EPSS
Exploits10
exploitpack
exploitpack
added 2017/02/28 12:0 a.m.74 views

Cisco AnyConnect Secure Mobility Client 4.3.04027 - Local Privilege Escalation

Cisco AnyConnect Secure Mobility Client 4.3.04027 - Local Privilege Escalation Exploit Title: Cisco AnyConnect Start Before Logon SBL local privilege escalation. CVE-2017-3813 Date: 02/27/2017 Exploit Author: @Pcchillin Software Link:...

7.2CVSS0.8AI score0.01711EPSS
Exploits5
exploitpack
exploitpack
added 2016/07/25 12:0 a.m.74 views

Micro Focus Filr 2 2.0.0.4211.2 1.2.0.846 - Multiple Vulnerabilities

Micro Focus Filr 2 2.0.0.4211.2 1.2.0.846 - Multiple Vulnerabilities SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Multiple vulnerabilities product: Micro Focus former Novell Filr Appliance vulnerable version: Filr 2...

9CVSS0.5AI score0.11501EPSS
Exploits4
exploitpack
exploitpack
added 2016/07/04 12:0 a.m.74 views

Linux Kernel 4.4.0-21 (Ubuntu 16.04 x64) - netfilter target_offset Local Privilege Escalation

Linux Kernel 4.4.0-21 Ubuntu 16.04 x64 - netfilter targetoffset Local Privilege Escalation / EDB Note: Download https://github.com/offensive-security/exploitdb-bin-sploits/raw/master/bin-sploits/44300.zip Video https://www.youtube.com/watch?v=qchiJn94kTo / / decr.c / / Ubuntu 16.04 local root...

0.9AI score
Exploits0
exploitpack
exploitpack
added 2016/03/16 12:0 a.m.74 views

Cisco UCS Manager 2.1(1b) - Remote Command Injection (Shellshock)

Cisco UCS Manager 2.11b - Remote Command Injection Shellshock !/usr/bin/python Cisco UCS Manager 2.11b Shellshock Exploit CVE-2014-6278 Confirmed on version 2.11b, but more are likely vulnerable. Cisco's advisory:...

10CVSS0.3AI score0.99621EPSS
Exploits31
exploitpack
exploitpack
added 2013/10/02 12:0 a.m.74 views

Gnew 2013.1 - Multiple Vulnerabilities (2)

Gnew 2013.1 - Multiple Vulnerabilities 2 Advisory ID: HTB23171 Product: Gnew Vendor: Raoul Proença Vulnerable Versions: 2013.1 and probably prior Tested Version: 2013.1 Advisory Publication: August 28, 2013 without technical details Vendor Notification: August 28, 2013 Public Disclosure: October...

7.5CVSS0.2AI score0.07149EPSS
Exploits7
exploitpack
exploitpack
added 2013/07/24 12:0 a.m.74 views

FOSCAM IP-Cameras - Improper Access Restrictions

FOSCAM IP-Cameras - Improper Access Restrictions Core Security - Corelabs Advisory http://corelabs.coresecurity.com/ FOSCAM IP-Cameras Improper Access Restrictions 1. Advisory Information Title: FOSCAM IP-Cameras Improper Access Restrictions Advisory ID: CORE-2013-0613 Advisory URL:...

5CVSS0.7AI score0.29593EPSS
Exploits5
exploitpack
exploitpack
added 2011/08/07 12:0 a.m.75 views

HP JetDirect PJL - Interface Universal Directory Traversal (Metasploit)

HP JetDirect PJL - Interface Universal Directory Traversal Metasploit Exploit Title: HP JetDirect PJL Interface Universal Path Traversal Date: Aug 7, 2011 Author: Myo Soe Software Link: http://www.hp.com Version: All Tested on: HP LaserJet Pxxxx Series $Id: $ This file is part of the Metasploit...

0.4AI score0.1313EPSS
Exploits14
exploitpack
exploitpack
added 2011/01/26 12:0 a.m.74 views

Oracle Document Capture - Actbar2.ocx Insecure Method

Oracle Document Capture - Actbar2.ocx Insecure Method Source: http://packetstormsecurity.org/files/view/97866/DSECRG-11-004.txt ActiveX components contain insecure methods. Digital Security Research Group DSecRG Advisory DSECRG-00153 Application: Oracle Document Capture Versions Affected: Release...

9.3CVSS6.4AI score0.11818EPSS
Exploits10
exploitpack
exploitpack
added 2010/07/13 12:0 a.m.74 views

ASX to MP3 Converter 3.1.2.1 - Multiple OS ASLR + DEP Bypass (SEH) (Metasploit)

ASX to MP3 Converter 3.1.2.1 - Multiple OS ASLR + DEP Bypass SEH Metasploit Exploit Title: ASX to MP3 Converter v3.1.2.1 SEH Exploit Multiple OS, DEP and ASLR Bypass Date: July 13, 2010 Author: Node Software Link: http://www.mini-stream.net/downloads/ASXtoMP3Converter.exe Version: Mini-Stream...

Exploits0
exploitpack
exploitpack
added 2010/04/17 12:0 a.m.74 views

Microsoft Windows 72008 R2 - SMB Client Trans2 Stack Overflow (MS10-020) (PoC)

Microsoft Windows 72008 R2 - SMB Client Trans2 Stack Overflow MS10-020 PoC import sys,SocketServer Windows 7/2008R2 SMB Client Trans2 stack overflow MS10-020 Date: 17/04/10 Author: Laurent Gaffié Tested on: Windows 7/2008R2 CVE: CVE-2010-0270 Full advisory:...

10CVSS0.2AI score0.48188EPSS
Exploits2
exploitpack
exploitpack
added 2008/03/24 12:0 a.m.74 views

Quick Classifieds 1.0 - includesendit.php3?DOCUMENT_ROOT Remote File Inclusion

Quick Classifieds 1.0 - includesendit.php3?DOCUMENTROOT Remote File Inclusion source: https://www.securityfocus.com/bid/28417/info Quick Classifieds is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues may...

0.8AI score
Exploits0
exploitpack
exploitpack
added 2007/03/04 12:0 a.m.74 views

PHP 4.4.3 4.4.6 - PHPinfo() Cross-Site Scripting

PHP 4.4.3 4.4.6 - PHPinfo Cross-Site Scripting //////////////////////////////////////////////////////////////////////// // // // | || | | | | | | | || || \ // // | |/ || '|/ |/ -| ' \ / -/ |||| /| || / // // ||||,||| ,|||||||,| || |||||| // // // // Proof of concept code from the Hardened-PHP...

Exploits0
exploitpack
exploitpack
added 2002/06/22 12:0 a.m.74 views

Apache mod_ssl 2.8.x - Off-by-One HTAccess Buffer Overflow

Apache modssl 2.8.x - Off-by-One HTAccess Buffer Overflow source: https://www.securityfocus.com/bid/5084/info An off-by-one issue exists in modssl that affects Apache when handling certain types of long entries in an .htaccess file. Though this capability within the web server is not enabled by...

1.5AI score
Exploits0
exploitpack
exploitpack
added 2020/01/09 12:0 a.m.73 views

Oracle Weblogic 10.3.6.0.0 - Remote Command Execution

Oracle Weblogic 10.3.6.0.0 - Remote Command Execution Exploit Title: Oracle Weblogic 10.3.6.0.0 - Remote Command Execution Date: 2020-01-08 Exploit Author: Waffles & Paveway3 Vendor Homepage: https://www.oracle.com/middleware/technologies/weblogic.html Version: 10.3.6.0.0, 12.1.3.0.0, 12.2.1.3.0...

7.5CVSS0.2AI score0.8883EPSS
Exploits11
exploitpack
exploitpack
added 2019/12/16 12:0 a.m.73 views

D-Link DIR-615 Wireless Router  -  Persistent Cross-Site Scripting

D-Link DIR-615 Wireless Router - Persistent Cross-Site Scripting Exploit Title: D-Link DIR-615 Wireless Router - Persistent Cross-Site Scripting Date: 2019-12-13 Exploit Author: Sanyam Chawla Vendor Homepage: http://www.dlink.co.in Category: Hardware Wi-fi Router Hardware Link:...

3.5CVSS5.1AI score0.19834EPSS
Exploits3
exploitpack
exploitpack
added 2019/11/13 12:0 a.m.73 views

Linear eMerge E3 1.00-06 - Remote Code Execution

Linear eMerge E3 1.00-06 - Remote Code Execution Title: Linear eMerge E3 1.00-06 - Remote Code Execution Author: LiquidWorm Date: 2019-11-13 Vendor Homepage: http://linear-solutions.com/nscfamily/e3-series/ Software Link: http://linear-solutions.com/nscfamily/e3-series/ Affected version: =2.3.0a...

10CVSS0.4AI score0.97136EPSS
Exploits16
exploitpack
exploitpack
added 2019/09/10 12:0 a.m.73 views

WordPress Plugin Photo Gallery 1.5.34 - Cross-Site Scripting

WordPress Plugin Photo Gallery 1.5.34 - Cross-Site Scripting Exploit Title: WordPress Plugin Photo Gallery by 10Web alert1; 4. Click Save and preview. 5. It will show pop-up confirming existence of XSS vulnerability Timeline 09-01-2019 - Vulnerability Reported 09-03-2019 - Vendor responded...

4.3CVSS0.2AI score0.04609EPSS
Exploits5
exploitpack
exploitpack
added 2018/11/12 12:0 a.m.73 views

D-LINK Central WifiManager CWM-100 - Server-Side Request Forgery

D-LINK Central WifiManager CWM-100 - Server-Side Request Forgery Exploit Title: D-LINK Central WifiManager CWM-100 - Server-Side Request Forgery Author: John Page aka hyp3rlinx Date: 2018-11-09 Vendor: http://us.dlink.com Product Link:...

0.4AI score
Exploits0
exploitpack
exploitpack
added 2018/06/22 12:0 a.m.73 views

phpMyAdmin 4.8.1 - (Authenticated) Local File Inclusion (2)

phpMyAdmin 4.8.1 - Authenticated Local File Inclusion 2 Exploit Title: phpMyAdmin 4.8.1 - Local File Inclusion to Remote Code Execution Date: 2018-06-21 Exploit Author: VulnSpy Vendor Homepage: http://www.phpmyadmin.net Software Link:...

6.5CVSS0.5AI score0.98391EPSS
Exploits20
exploitpack
exploitpack
added 2018/05/01 12:0 a.m.73 views

WordPress Plugin Responsive Cookie Consent 1.7 1.6 1.5 - (Authenticated) Persistent Cross-Site Scripting

WordPress Plugin Responsive Cookie Consent 1.7 1.6 1.5 - Authenticated Persistent Cross-Site Scripting Exploit Title: Wordpress Responsive Cookie Consent 1.7 / 1.6 / 1.5 - Authenticated Persistent Cross-Site Scripting Date: 2018-04-20 Exploit Author: B0UG Vendor Homepage:...

3.5CVSS0.2AI score0.02855EPSS
Exploits5
exploitpack
exploitpack
added 2018/01/29 12:0 a.m.73 views

iBall WRA150N - Multiple Vulnerabilities

iBall WRA150N - Multiple Vulnerabilities Vulnerabilities summary The following advisory describes two 2 vulnerabilities found in iB-WRA150N devices, firmware 1.2.6 build 110401 Rel.47776n. iB-WRA150N is “a powerful solution to Internet connectivity at home, small offices and work stations. The ke...

9CVSS0.6AI score0.05994EPSS
Exploits3
exploitpack
exploitpack
added 2017/12/18 12:0 a.m.73 views

GoAhead Web Server 2.5 3.6.5 - HTTPd LD_PRELOAD Remote Code Execution

GoAhead Web Server 2.5 3.6.5 - HTTPd LDPRELOAD Remote Code Execution !/usr/bin/python GoAhead httpd/2.5 to 3.6.5 LDPRELOAD remote code execution exploit EDB Note: Payloads https://github.com/offensive-security/exploitdb-bin-sploits/raw/master/bin-sploits/43360.zip EDB Note: Source...

6.8CVSS8.3AI score0.96327EPSS
Exploits15
exploitpack
exploitpack
added 2017/10/17 12:0 a.m.73 views

Linux Kernel - AF_PACKET Use-After-Free (2)

Linux Kernel - AFPACKET Use-After-Free 2 Vulnerabilities summary The following advisory describes a use-after-free vulnerability found in Linux Kernel’s implementation of AFPACKET that can lead to privilege escalation. AFPACKET sockets “allow users to send or receive packets on the device driver...

4.6CVSS0.2AI score0.0097EPSS
Exploits4
exploitpack
exploitpack
added 2017/10/02 12:0 a.m.73 views

OpenText Document Sciences xPression 4.5SP1 Patch 13 - documentId SQL Injection

OpenText Document Sciences xPression 4.5SP1 Patch 13 - documentId SQL Injection Title: OpenText Document Sciences xPression formerly EMC Document Sciences xPression - SQL Injection Author: Marcin Woloszyn Date: 27. September 2017 CVE: CVE-2017-14758 Affected Software: ================== OpenText...

6.5CVSS0.6AI score0.02672EPSS
Exploits6
exploitpack
exploitpack
added 2016/10/05 12:0 a.m.73 views

Cisco Firepower Threat Management Console 6.0.1 - Remote Command Execution

Cisco Firepower Threat Management Console 6.0.1 - Remote Command Execution KL-001-2016-007 : Cisco Firepower Threat Management Console Remote Command Execution Leading to Root Access Title: Cisco Firepower Threat Management Console Remote Command Execution Leading to Root Access Advisory ID:...

9CVSS9AI score0.7575EPSS
Exploits8
exploitpack
exploitpack
added 2015/06/30 12:0 a.m.73 views

C2Box 4.0.0(r19171) - Cross-Site Request Forgery

C2Box 4.0.0r19171 - Cross-Site Request Forgery Title: Cross-Site Request Forgery CSRF Vulnerability in C2Box application Allows adding an Admin User or reset any user's password. Author: Wissam Bashour - Help AG Middle East Vendor: boxautomationB.A.S Product: C2Box Version: All versions below...

6.8CVSS0.7AI score0.02659EPSS
Exploits5
exploitpack
exploitpack
added 2015/02/09 12:0 a.m.73 views

RedaxScript CMS 2.2.0 - SQL Injection

RedaxScript CMS 2.2.0 - SQL Injection Exploit Title: Radexscript CMS 2.2.0 - SQL Injection vulnerability Google Dork: N/A Date: 02/09/2015 Exploit Author: Pham Kien Cuong [email protected] & ITAS Team www.itas.vn Vendor Homepage: http://redaxscript.com/ Software Link:...

7.5CVSS0.5AI score0.02397EPSS
Exploits5
exploitpack
exploitpack
added 2014/02/11 12:0 a.m.73 views

Linux Kernel 3.4.5 (Android 4.2.24.4 ARM) - Local Privilege Escalation

Linux Kernel 3.4.5 Android 4.2.24.4 ARM - Local Privilege Escalation / Just a lame binder local root exploit stub. Somewhat messy but whatever. The bug was reported in CVE-2013-6282. Tested on Android 4.2.2 and 4.4. Kernels 3.0.57, 3.4.5 and few more. All up to 3.4.5 unpatched should be vulnerabl...

7.2CVSS1.4AI score0.39711EPSS
Exploits9
exploitpack
exploitpack
added 2014/01/27 12:0 a.m.73 views

Oracle Outside In MDB - File Parsing Stack Buffer Overflow (PoC)

Oracle Outside In MDB - File Parsing Stack Buffer Overflow PoC !/usr/bin/python Exploit Title: Oracle Outside In MDB File Parsing Stack Based Buffer Overflow PoC Date: 16th January 2014 PoC Author: Citadelo Vendor Homepage: http://www.oracle.com Software Link:...

1.5CVSS0.4AI score0.01901EPSS
Exploits5
Total number of security vulnerabilities5000