Lucene search
K
ExploitpackMost viewed

41207 matches found

exploitpack
exploitpack
added 2013/11/08 12:0 a.m.53 views

Vivotek IP Cameras - RTSP Authentication Bypass

Vivotek IP Cameras - RTSP Authentication Bypass Core Security - Corelabs Advisory http://corelabs.coresecurity.com Vivotek IP Cameras RTSP Authentication Bypass 1. Advisory Information Title: Vivotek IP Cameras RTSP Authentication Bypass Advisory ID: CORE-2013-0704 Advisory URL:...

5CVSS0.7AI score0.08969EPSS
Exploits6
exploitpack
exploitpack
added 2013/09/20 12:0 a.m.53 views

vTiger CRM 5.4.0 - index.php?onlyforuser SQL Injection

vTiger CRM 5.4.0 - index.php?onlyforuser SQL Injection Advisory ID: HTB23168 Product: vtiger CRM Vendor: vtiger Vulnerable Versions: 5.4.0 and probably prior Tested Version: 5.4.0 Vendor Notification: August 7, 2013 Vendor Patch: September 17, 2013 Public Disclosure: September 18, 2013...

6.5CVSS0.2AI score0.01238EPSS
Exploits5
exploitpack
exploitpack
added 2013/09/09 12:0 a.m.53 views

Sophos Web Protection Appliance - Multiple Vulnerabilities

Sophos Web Protection Appliance - Multiple Vulnerabilities Core Security - Corelabs Advisory http://corelabs.coresecurity.com/ Sophos Web Protection Appliance Multiple Vulnerabilities 1. Advisory Information Title: Sophos Web Protection Appliance Multiple Vulnerabilities Advisory ID: CORE-2013-08...

10CVSS1AI score0.90133EPSS
Exploits17
exploitpack
exploitpack
added 2013/03/01 12:0 a.m.53 views

PHP-Fusion 7.02.05 - Multiple Vulnerabilities

PHP-Fusion 7.02.05 - Multiple Vulnerabilities waraxe-2013-SA097 - Multiple Vulnerabilities in PHP-Fusion 7.02.05 =============================================================================== Author: Janek Vind "waraxe" Date: 27. February 2013 Location: Estonia, Tartu Web:...

0.3AI score
Exploits0
exploitpack
exploitpack
added 2012/09/26 12:0 a.m.53 views

Cisco DPC2100 - Denial of Service

Cisco DPC2100 - Denial of Service Exploit Title: Cisco DPC2100 Denial of Service Date: 09/01/2010 Author: Daniel Smith Software Link: http://www.cisco.com/ Version: HW:2.1/SW:v2.0.2r1256-060303 Tested on: OSX 10.6/Win7 CVE: CVE-2011-1613 =======================================================...

7.8CVSS6.6AI score0.10378EPSS
Exploits5
exploitpack
exploitpack
added 2011/12/22 12:0 a.m.53 views

Tiki Wiki CMS Groupware 8.2 - snarf_ajax.php Remote PHP Code Injection

Tiki Wiki CMS Groupware 8.2 - snarfajax.php Remote PHP Code Injection ------------------------------------------------------------------------- Tiki Wiki CMS Groupware /tiki-8.2/snarfajax.php?url=1&regexres=phpinfo&regex=//e%00/ Tiki internal filters remove all null bytes from user input, but for...

6CVSS0.1AI score0.04271EPSS
Exploits7
exploitpack
exploitpack
added 2011/11/03 12:0 a.m.53 views

Google Android 2.3.5 - PowerVR SGX Driver Information Disclosure

Google Android 2.3.5 - PowerVR SGX Driver Information Disclosure // source: https://www.securityfocus.com/bid/57900/info The PowerVR SGX driver in Android is prone to an information-disclosure vulnerability. Successful exploits allows an attacker to gain access to sensitive information. Informati...

7.1CVSS0.01109EPSS
Exploits3
exploitpack
exploitpack
added 2011/07/04 12:0 a.m.53 views

PHP 5.3.6 - Local Buffer Overflow (ROP)

PHP 5.3.6 - Local Buffer Overflow ROP ?php / Jonathan Salwan - @jonathansalwan http://shell-storm.org 2011-06-04 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1938 Stack-based buffer overflow in the socketconnect function in ext/sockets/sockets.c in PHP 5.3.3 through 5.3.6 might allow...

7.5CVSS0.8AI score0.22724EPSS
Exploits13
exploitpack
exploitpack
added 2011/05/13 12:0 a.m.53 views

Adobe Audition 3.0 build 7283 - Session File Handling Buffer Overflow (PoC)

Adobe Audition 3.0 build 7283 - Session File Handling Buffer Overflow PoC !/usr/bin/perl Adobe Audition 3.0 build 7283 Session File Handling Buffer Overflow PoC Vendor: Adobe Systems Inc. Product web page: http://www.adobe.com/products/audition/ Affected version: 3.0 build 7238 Summary: Recording...

9.3CVSS0.9AI score0.13711EPSS
Exploits7
exploitpack
exploitpack
added 2011/03/18 12:0 a.m.53 views

PHP 5.3.5 libzip 0.9.3 - _zip_name_locate Null Pointer Dereference

PHP 5.3.5 libzip 0.9.3 - zipnamelocate Null Pointer Dereference Source: http://securityreason.com/securityalert/8146 libzip 0.9.3 zipnamelocate NULL Pointer Dereference incl PHP 5.3.5 Author: Maksymilian Arciemowicz http://securityreason.com/ http://cxib.net/ Date: - Dis.: 03.01.2011 - Pub.:...

4.3CVSS0.2AI score0.13514EPSS
Exploits7
exploitpack
exploitpack
added 2010/09/21 12:0 a.m.53 views

Novell iPrint Client - ActiveX Control debug Remote Buffer Overflow (Metasploit)

Novell iPrint Client - ActiveX Control debug Remote Buffer Overflow Metasploit novelliprintexecuterequestdbg.rb Novell iPrint Client ActiveX Control 'debug' Buffer Overflow exploit for the Metasploit Framework Exploit successfully tested on the following platforms: - Novell iPrint Client 5.32 on...

9.3CVSS0.8AI score0.37328EPSS
Exploits8
exploitpack
exploitpack
added 2009/12/06 12:0 a.m.53 views

Elkagroup - SQL Injection

Elkagroup - SQL Injection Dork : "powered by: elkagroup" + |SadHaCkEr|\ + ||||\ + ||||""|", + ||||""|"||| + " @''@""""""|@@@ +========================================================================================================================================|| About : elkagroup SQL Injection...

0.4AI score
Exploits0
exploitpack
exploitpack
added 2009/11/05 12:0 a.m.53 views

Blender 2.342.35a2.42.49b - .blend Command Injection

Blender 2.342.35a2.42.49b - .blend Command Injection -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Core Security Technologies - CoreLabs Advisory http://www.coresecurity.com/corelabs/ Blender .blend Project Arbitrary Command Execution 1. Advisory Information Title: Blender .blend Project Arbitrar...

9.3CVSS6.8AI score0.09439EPSS
Exploits8
exploitpack
exploitpack
added 2009/09/22 12:0 a.m.53 views

BPStudent 1.0 - Blind SQL Injection

BPStudent 1.0 - Blind SQL Injection x========================================================================================================================================x | AntiSecuritydotorg |...

8.7AI score
Exploits0
exploitpack
exploitpack
added 2008/11/05 12:0 a.m.53 views

PHPX 3.5.16 - news_id SQL Injection

PHPX 3.5.16 - newsid SQL Injection action = $GET'action'; 12. $this-newsid = $GET'newsid'; 13. 14. global $userinfo; 15. global $core; 16. 17. $this-core = $core; 18. 19. $this-userinfo = $userinfo; 20. 21. 22. 23. 24. if !$this-userinfo DIE"HACK ATTEMPT"; 25. if $this-userinfonews != 1 DIE"NO...

0.3AI score
Exploits0
exploitpack
exploitpack
added 2008/10/24 12:0 a.m.53 views

TugZip 3.00 Archiver - .zip Local Buffer Overflow

TugZip 3.00 Archiver - .zip Local Buffer Overflow /0day TUGzip 3.00 archiver .ZIP File Local Buffer Overflow "If you change things ,forever,there's no going back,you see for them you're just a freak, like me ..Mhaaaahaaaaaaaaaaaaaaaaaaaa"JK Well hello there ,greetz from Romania,here is a exploit...

0.4AI score
Exploits0
exploitpack
exploitpack
added 2008/05/28 12:0 a.m.53 views

PHPhotoalbum 0.5 - Multiple SQL Injections

PHPhotoalbum 0.5 - Multiple SQL Injections Name : PHPhotoalbum v0.5 Multiple Remote SQL Injection Vulnerabilities Author : cOndemned Dork : intext:PHPhotoalbum v0.5 Greetz : ZaBeaTy, str0ke, TBH, Hawk, doctor, Sandtalker, Avantura ; Proof of Concept :...

Exploits0
exploitpack
exploitpack
added 2008/03/30 12:0 a.m.53 views

Smoothflash - cid SQL Injection

Smoothflash - cid SQL Injection Powered by Smoothflash SQL injection Powered by Newartonline AUTHOR : S@BUN HOME : http://www.milw0rm.com/author/1334 BLOG : http://my.opera.com/SQL-Injection/blog/ MAiL : [email protected] DORK 1 : "Powered by Smoothflash" DORK 2 : allinurl:...

0.3AI score
Exploits0
exploitpack
exploitpack
added 2007/09/13 12:0 a.m.53 views

KwsPHP Module jeuxflash 1.0 - id SQL Injection

KwsPHP Module jeuxflash 1.0 - id SQL Injection KwsPHP Module jeuxflash Remote SQL Injection Vulnerability AUTHOR : H-T Team HouSSamix ToXiC350 HOME : http://no-hack.fr & http://no-hack.net Site: http://koogar.alorys-hebergement.com/kwsphp/index.php?mod=downloads&filedl=30&before=8&pdl=1 Dork :...

0.2AI score
Exploits0
exploitpack
exploitpack
added 2007/02/06 12:0 a.m.53 views

MySQL 4.x5.0 (Windows) - User-Defined Function Command Execution

MySQL 4.x5.0 Windows - User-Defined Function Command Execution -- raptorwinudf.sql - A MySQL UDF backdoor kit for Windows -- Copyright c 2007 Marco Ivaldi -- -- This is a MySQL backdoor kit for Windows based on the UDFs User Defined -- Functions mechanism. Use it to spawn a reverse shell netcat U...

0.2AI score
Exploits0
exploitpack
exploitpack
added 2006/12/02 12:0 a.m.53 views

simple file manager 0.24a - Multiple Vulnerabilities

simple file manager 0.24a - Multiple Vulnerabilities /\ | flame vrs Simple File Manager | | http://onedotoh.sourceforge.net/ | | Various Vulnerbilities Including: | / /+++++++++++++++++++++++++++++++++++++++++++\ | Using the scripts supplied by the webapp: | | Reading of Arbitrary files | |...

0.3AI score
Exploits0
exploitpack
exploitpack
added 2006/05/17 12:0 a.m.53 views

ScozNews 1.2.1 - mainpath Remote File Inclusion

ScozNews 1.2.1 - mainpath Remote File Inclusion DEVIL TEAM THE BEST POLISH TEAM ScozNews v1.2.1 - Remote File Include Find by Kacper Rahim. Greetings For ALL DEVIL TEAM members, Special DragonHeart : Contact: [email protected] or http://www.devilteam.yum.pl dork: "Powered By ScozNews"...

0.1AI score
Exploits0
exploitpack
exploitpack
added 2005/09/06 12:0 a.m.53 views

Microsoft Windows - CSRSS Privilege Escalation (MS05-018)

Microsoft Windows - CSRSS Privilege Escalation MS05-018 include include include pragma comment lib,"Advapi32.lib" typedef struct CONSOLESTATEINFO / 0x00 / DWORD cbSize; / 0x04 / COORD ScreenBufferSize; / 0x08 / COORD WindowSize; / 0x0c / POINT WindowPosition; / 0x14 / COORD FontSize; / 0x18 / DWO...

0.4AI score
Exploits0
exploitpack
exploitpack
added 2004/09/30 12:0 a.m.53 views

W-Agora 4.1.6 - a redir_url.php?key SQL Injection

W-Agora 4.1.6 - a redirurl.php?key SQL Injection source: https://www.securityfocus.com/bid/11283/info Multiple vulnerabilities are reported to affect the application. These issues arise due to insufficient sanitization of user-supplied data. A remote attacker may leverage these vulnerabilities to...

0.3AI score
Exploits0
exploitpack
exploitpack
added 2002/07/30 12:0 a.m.53 views

Apache mod_ssl 2.8.7 OpenSSL - OpenFuck.c Remote Buffer Overflow

Apache modssl 2.8.7 OpenSSL - OpenFuck.c Remote Buffer Overflow / source: https://www.securityfocus.com/bid/5363/info A buffer-overflow vulnerability has been reported in some versions of OpenSSL. The issue occurs in the handling of the client key value during the negotiation of the SSLv2 protoco...

0.8AI score
Exploits0
exploitpack
exploitpack
added 2020/03/02 12:0 a.m.52 views

Cyberoam Authentication Client 2.1.2.7 - Buffer Overflow (SEH)

Cyberoam Authentication Client 2.1.2.7 - Buffer Overflow SEH Exploit Title: Cyberoam Authentication Client 2.1.2.7 - Buffer Overflow SEH Date: 2020-02-28 Exploit Author: Andrey Stoykov Version: Cyberoam General Authentication Client 2.1.2.7 Tested on: Windows Vista SP2 x86 Steps to Reproduce: 1 R...

0.7AI score
Exploits0
exploitpack
exploitpack
added 2020/01/16 12:0 a.m.52 views

SunOS 5.10 Generic_147148-26 - Local Privilege Escalation

SunOS 5.10 Generic147148-26 - Local Privilege Escalation Exploit: SunOS 5.10 Generic147148-26 - Local Privilege Escalation Date: 2020-01-15 Author: Marco Ivaldi Vendor: www.oracle.com Software Link: https://www.oracle.com/technetwork/server-storage/solaris10/downloads/latest-release/index.html CV...

7.2CVSS0.6AI score0.00643EPSS
Exploits7
exploitpack
exploitpack
added 2019/12/30 12:0 a.m.52 views

WEMS BEMS 21.3.1 - Undocumented Backdoor Account

WEMS BEMS 21.3.1 - Undocumented Backdoor Account Exploit: WEMS BEMS 21.3.1 - Undocumented Backdoor Account Date: 2019-12-30 Author: LiquidWorm Vendor: WEMS Limited Product web page: https://www.wems.co.uk Advisory ID: ZSL-2019-5552 Advisory URL:...

0.3AI score
Exploits0
exploitpack
exploitpack
added 2019/11/06 12:0 a.m.52 views

Smartwares HOME easy 1.0.9 - Database Backup Information Disclosure

Smartwares HOME easy 1.0.9 - Database Backup Information Disclosure Title: Smartwares HOME easy 1.0.9 - Database Backup Information Disclosure Author: LiquidWorm Date: 2019-11-05 Vendor: Smartwares Product web page: https://www.smartwares.eu Affected version: =1.0.9 Advisory ID: ZSL-2019-5541...

7.2AI score
Exploits0
exploitpack
exploitpack
added 2019/10/28 12:0 a.m.52 views

waldronmatt FullCalendar-BS4-PHP-MySQL-JSON 1.21 - start SQL Injection

waldronmatt FullCalendar-BS4-PHP-MySQL-JSON 1.21 - start SQL Injection Exploit Title: waldronmatt FullCalendar-BS4-PHP-MySQL-JSON 1.21 - 'start' SQL Injection Date: 2019-10-28 Exploit Author: Cakes Vendor Homepage: waldronmatt/FullCalendar-BS4-PHP-MySQL-JSON Software Link:...

8.6AI score
Exploits0
exploitpack
exploitpack
added 2019/10/07 12:0 a.m.52 views

CheckPoint Endpoint Security ClientZoneAlarm 15.4.062.17802 - Privilege Escalation

CheckPoint Endpoint Security ClientZoneAlarm 15.4.062.17802 - Privilege Escalation Exploit Title: CheckPoint Endpoint Security Client/ZoneAlarm 15.4.062.17802 - Privilege Escalation Date: 2019-01-30 Exploit Author: Jakub Palaczynski Vendor Homepage: https://www.checkpoint.com/ Version: Check Poin...

4.6CVSS0.3AI score0.01038EPSS
Exploits5
exploitpack
exploitpack
added 2019/09/27 12:0 a.m.52 views

WordPress Theme Zoner Real Estate - 4.1.1 Persistent Cross-Site Scripting

WordPress Theme Zoner Real Estate - 4.1.1 Persistent Cross-Site Scripting Exploit Title: WordPress Theme Zoner Real Estate - 4.1.1 Persistent Cross-Site Scripting Google Dork: inurl:/wp-content/themes/zoner/ Date: 2019-09-24 Exploit Author: m0ze Vendor Homepage: https://fruitfulcode.com/ Software...

6.8AI score
Exploits0
exploitpack
exploitpack
added 2019/08/14 12:0 a.m.52 views

ManageEngine opManager 12.3.150 - Authenticated Code Execution

ManageEngine opManager 12.3.150 - Authenticated Code Execution !/usr/bin/env python3 Exploit Title: ManageEngine opManager Authenticated Code Execution Google Dork: N/A Date: 08/13/2019 Exploit Author: @kindredsec Vendor Homepage: https://www.manageengine.com/ Software Link:...

0.7AI score
Exploits0
exploitpack
exploitpack
added 2019/08/12 12:0 a.m.52 views

Mitsubishi Electric smartRTU INEA ME-RTU - Unauthenticated OS Command Injection Bind Shell

Mitsubishi Electric smartRTU INEA ME-RTU - Unauthenticated OS Command Injection Bind Shell !/usr/bin/python Exploit Title: Mitsubishi Electric smartRTU & INEA ME-RTU Unauthenticated OS Command Injection Date: 29 June 2019 Exploit Author: @xerubus | mogozobo.com Vendor Homepage:...

10CVSS1AI score0.5766EPSS
Exploits3
exploitpack
exploitpack
added 2019/05/20 12:0 a.m.52 views

Huawei eSpace Meeting 1.1.11.103 - cenwpoll.dll SEH Buffer Overflow (Unicode)

Huawei eSpace Meeting 1.1.11.103 - cenwpoll.dll SEH Buffer Overflow Unicode !/usr/bin/env python -- coding: utf-8 -- Huawei eSpace Meeting cenwpoll.dll Unicode Stack Buffer Overflow with SEH Overwrite Vendor: Huawei Technologies Co., Ltd. Product web page: https://www.huawei.com Affected...

1.9CVSS0.5AI score0.00566EPSS
Exploits4
exploitpack
exploitpack
added 2019/05/13 12:0 a.m.52 views

SOCA Access Control System 180612 - SQL Injection

SOCA Access Control System 180612 - SQL Injection SOCA Access Control System 180612 SQL Injection And Authentication Bypass Vendor: SOCA Technology Co., Ltd Product web page: http://www.socatech.com Affected version: 180612, 170000 and 141007 Summary: The company's products include proximity and...

1AI score
Exploits0
exploitpack
exploitpack
added 2019/05/03 12:0 a.m.52 views

SolarWinds DameWare Mini Remote Control 10.0 - Denial of Service

SolarWinds DameWare Mini Remote Control 10.0 - Denial of Service Vendor: Solarwinds Site Vendor: https://www.dameware.com/ Product: Dameware Mini Remote Control Version: 10.0 x64 Platform: Windows Tested on: Windows 7 SP1 x64 Dscription: The DWRCC executable file is affected by a buffer overflow...

5CVSS0.8AI score0.20587EPSS
Exploits5
exploitpack
exploitpack
added 2019/02/05 12:0 a.m.52 views

BEWARD N100 H.264 VGA IP Camera M2.1.6 - Remote Code Execution

BEWARD N100 H.264 VGA IP Camera M2.1.6 - Remote Code Execution BEWARD N100 H.264 VGA IP Camera M2.1.6 Root Remote Code Execution Vendor: Beward R&D Co., Ltd Product web page: https://www.beward.net Affected version: M2.1.6.04C014 Summary: The N100 compact color IP camera with support for a more...

0.6AI score
Exploits0
exploitpack
exploitpack
added 2018/12/11 12:0 a.m.52 views

McAfee True Key - McAfee.TrueKey.Service Privilege Escalation

McAfee True Key - McAfee.TrueKey.Service Privilege Escalation McAfee True Key: Multiple Issues with McAfee.TrueKey.Service Implementation Platform: Version 5.1.173.1 on Windows 10 1809. Class: Elevation of Privilege Summary: There are multiple issues in the implementation of the...

6.8CVSS1AI score0.00813EPSS
Exploits3
exploitpack
exploitpack
added 2018/09/06 12:0 a.m.52 views

Jorani Leave Management 0.6.5 - Cross-Site Scripting

Jorani Leave Management 0.6.5 - Cross-Site Scripting Exploit Title: Jorani Leave Management System 0.6.5 – Cross-Site Scripting Exploit Author: Javier Olmedo Website: https://hackpuntes.com Date: 2018-09-06 Google Dork: N/A Vendor: Benjamin BALET Software Link: https://jorani.org/download.html...

3.5CVSS5.4AI score0.06483EPSS
Exploits5
exploitpack
exploitpack
added 2018/04/16 12:0 a.m.52 views

Cobub Razor 0.8.0 - SQL injection

Cobub Razor 0.8.0 - SQL injection Exploit Title: Cobub Razor 0.8.0 SQL injection Vulnerability Date: 2018-04-16 Exploit Author: Kyhvedn([email protected][email protected]) Vendor Homepage: http://www.cobub.com/ Software Link: https://github.com/cobub/razor Version: 0.8.0 CVE : CVE-2018-80...

7.5CVSS0.3AI score0.22979EPSS
Exploits5
exploitpack
exploitpack
added 2018/04/09 12:0 a.m.52 views

CyberArk Password Vault Web Access 9.9.5 9.10 10.1 - Remote Code Execution

CyberArk Password Vault Web Access 9.9.5 9.10 10.1 - Remote Code Execution Advisory: CyberArk Password Vault Web Access Remote Code Execution The CyberArk Password Vault Web Access application uses authentication tokens which consist of serialized .NET objects. By crafting manipulated tokens,...

7.5CVSS1.1AI score0.17336EPSS
Exploits5
exploitpack
exploitpack
added 2018/02/16 12:0 a.m.52 views

Oracle Primavera P6 Enterprise Project Portfolio Management - HTTP Response Splitting

Oracle Primavera P6 Enterprise Project Portfolio Management - HTTP Response Splitting Exploit Title: Oracle Primavera P6 Enterprise Project Portfolio Management HTTP Response Splitting Date: 16-02-2018 Exploit Author: Marios Nicolaides - RUNESEC Reviewers: Simon Loizides and Nicolas Markitanis -...

4.9CVSS0.1AI score0.03916EPSS
Exploits4
exploitpack
exploitpack
added 2018/02/13 12:0 a.m.52 views

CloudMe Sync 1.11.0 - Buffer Overflow

CloudMe Sync 1.11.0 - Buffer Overflow + Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/CLOUDME-SYNC-UNAUTHENTICATED-REMOTE-BUFFER-OVERFLOW.txt + ISR: Apparition Security + SSD Beyond Security Submission:...

7.5CVSS0.6AI score0.93597EPSS
Exploits29
exploitpack
exploitpack
added 2018/01/15 12:0 a.m.52 views

ImgHosting 1.5 - Cross-Site Scripting

ImgHosting 1.5 - Cross-Site Scripting Exploit Title: ImgHosting Image Storage System 1.5 - Cross-Site-Scripting Date: 12-01-2018 Exploit Author: Dennis Veninga Contact Author: d.veninga at networking4all.com Vendor Homepage: foxsash.com Version: 1.5 CVE-ID: CVE-2018-5479 ImgHosting – Image Storag...

4.3CVSS6.1AI score0.02069EPSS
Exploits5
exploitpack
exploitpack
added 2017/12/14 12:0 a.m.52 views

Readymade Video Sharing Script 3.2 - HTML Injection

Readymade Video Sharing Script 3.2 - HTML Injection Exploit Title: Readymade Video Sharing Script 3.2 - HTML Injection Dork: N/A Date: 13.12.2017 Vendor Homepage: https://www.phpscriptsmall.com/ Software Link: https://www.phpscriptsmall.com/product/php-video-sharing-script/ Demo:...

4.3CVSS0.2AI score0.02506EPSS
Exploits5
exploitpack
exploitpack
added 2017/11/07 12:0 a.m.52 views

Ametys CMS 4.0.2 - Password Reset

Ametys CMS 4.0.2 - Password Reset Vulnerability Summary The following advisory describes a password reset vulnerability found in Ametys CMS version 4.0.2 Ametys is “a free and open source content management system CMS written in Java. It is based on JSR-170 for content storage, Open Social for...

5CVSS9.7AI score0.07663EPSS
Exploits3
exploitpack
exploitpack
added 2017/10/03 12:0 a.m.52 views

Webkit (Safari) - Universal Cross-site Scripting

Webkit Safari - Universal Cross-site Scripting function Pewvar doc=open'parent-tab://apple.com';doc.document.body.innerHTML='';Click me! Exploit by Frans Rosén html data:text/html,function yx=open'parent-tab://google.com','top',x.document.body.innerHTML='';setTimeouty,100 -- function...

4.3CVSS6.9AI score0.061EPSS
Exploits6
exploitpack
exploitpack
added 2017/07/18 12:0 a.m.52 views

PEGA Platform 7.2 ML0 - Missing Access Control Cross-Site Scripting

PEGA Platform 7.2 ML0 - Missing Access Control Cross-Site Scripting Summary ======= 1. Missing access control CVE-2017-11356 2. Multiple cross-site scripting CVE-2017-11355 Vendor ====== "Pegasystems Inc. is the leader in software for customer engagement and operational excellence. Pega’s adaptiv...

4.3CVSS0.03503EPSS
Exploits4
exploitpack
exploitpack
added 2017/06/13 12:0 a.m.52 views

LG MRA58K - Missing Bounds-Checking in AVI Stream Parsing

LG MRA58K - Missing Bounds-Checking in AVI Stream Parsing Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1206 Missing bounds-checking in AVI stream parsing When parsing AVI files, CAVIFileParser uses the stream count from the AVI header to allocate backing storage for storing...

0.2AI score
Exploits0
Total number of security vulnerabilities5000