Lucene search
K
ExploitpackMost viewed

41207 matches found

exploitpack
exploitpack
added 2019/05/20 12:0 a.m.52 views

Huawei eSpace Meeting 1.1.11.103 - cenwpoll.dll SEH Buffer Overflow (Unicode)

Huawei eSpace Meeting 1.1.11.103 - cenwpoll.dll SEH Buffer Overflow Unicode !/usr/bin/env python -- coding: utf-8 -- Huawei eSpace Meeting cenwpoll.dll Unicode Stack Buffer Overflow with SEH Overwrite Vendor: Huawei Technologies Co., Ltd. Product web page: https://www.huawei.com Affected...

1.9CVSS0.5AI score0.00566EPSS
Exploits4
exploitpack
exploitpack
added 2019/05/13 12:0 a.m.52 views

SOCA Access Control System 180612 - SQL Injection

SOCA Access Control System 180612 - SQL Injection SOCA Access Control System 180612 SQL Injection And Authentication Bypass Vendor: SOCA Technology Co., Ltd Product web page: http://www.socatech.com Affected version: 180612, 170000 and 141007 Summary: The company's products include proximity and...

1AI score
Exploits0
exploitpack
exploitpack
added 2019/04/02 12:0 a.m.52 views

WordPress Plugin PayPal Checkout Payment Gateway 1.6.8 - Parameter Tampering

WordPress Plugin PayPal Checkout Payment Gateway 1.6.8 - Parameter Tampering Exploit Title: cgi-bin/webscr?cmd=cart in the WooCommerce PayPal Checkout Payment Gateway plugin 1.6.8 for WordPress allows Parameter Tampering in an amount parameter such as amount1, as demonstrated by purchasing an ite...

4CVSS0.2AI score0.06049EPSS
Exploits5
exploitpack
exploitpack
added 2019/02/05 12:0 a.m.52 views

BEWARD N100 H.264 VGA IP Camera M2.1.6 - Remote Code Execution

BEWARD N100 H.264 VGA IP Camera M2.1.6 - Remote Code Execution BEWARD N100 H.264 VGA IP Camera M2.1.6 Root Remote Code Execution Vendor: Beward R&D Co., Ltd Product web page: https://www.beward.net Affected version: M2.1.6.04C014 Summary: The N100 compact color IP camera with support for a more...

0.6AI score
Exploits0
exploitpack
exploitpack
added 2018/12/11 12:0 a.m.52 views

McAfee True Key - McAfee.TrueKey.Service Privilege Escalation

McAfee True Key - McAfee.TrueKey.Service Privilege Escalation McAfee True Key: Multiple Issues with McAfee.TrueKey.Service Implementation Platform: Version 5.1.173.1 on Windows 10 1809. Class: Elevation of Privilege Summary: There are multiple issues in the implementation of the...

6.8CVSS1AI score0.00813EPSS
Exploits3
exploitpack
exploitpack
added 2018/09/06 12:0 a.m.52 views

Jorani Leave Management 0.6.5 - Cross-Site Scripting

Jorani Leave Management 0.6.5 - Cross-Site Scripting Exploit Title: Jorani Leave Management System 0.6.5 – Cross-Site Scripting Exploit Author: Javier Olmedo Website: https://hackpuntes.com Date: 2018-09-06 Google Dork: N/A Vendor: Benjamin BALET Software Link: https://jorani.org/download.html...

3.5CVSS5.4AI score0.06483EPSS
Exploits5
exploitpack
exploitpack
added 2018/04/16 12:0 a.m.52 views

Cobub Razor 0.8.0 - SQL injection

Cobub Razor 0.8.0 - SQL injection Exploit Title: Cobub Razor 0.8.0 SQL injection Vulnerability Date: 2018-04-16 Exploit Author: Kyhvedn([email protected][email protected]) Vendor Homepage: http://www.cobub.com/ Software Link: https://github.com/cobub/razor Version: 0.8.0 CVE : CVE-2018-80...

7.5CVSS0.3AI score0.22979EPSS
Exploits5
exploitpack
exploitpack
added 2018/04/09 12:0 a.m.52 views

CyberArk Password Vault Web Access 9.9.5 9.10 10.1 - Remote Code Execution

CyberArk Password Vault Web Access 9.9.5 9.10 10.1 - Remote Code Execution Advisory: CyberArk Password Vault Web Access Remote Code Execution The CyberArk Password Vault Web Access application uses authentication tokens which consist of serialized .NET objects. By crafting manipulated tokens,...

7.5CVSS1.1AI score0.17336EPSS
Exploits5
exploitpack
exploitpack
added 2018/02/16 12:0 a.m.52 views

Oracle Primavera P6 Enterprise Project Portfolio Management - HTTP Response Splitting

Oracle Primavera P6 Enterprise Project Portfolio Management - HTTP Response Splitting Exploit Title: Oracle Primavera P6 Enterprise Project Portfolio Management HTTP Response Splitting Date: 16-02-2018 Exploit Author: Marios Nicolaides - RUNESEC Reviewers: Simon Loizides and Nicolas Markitanis -...

4.9CVSS0.1AI score0.03916EPSS
Exploits4
exploitpack
exploitpack
added 2018/02/13 12:0 a.m.52 views

CloudMe Sync 1.11.0 - Buffer Overflow

CloudMe Sync 1.11.0 - Buffer Overflow + Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/CLOUDME-SYNC-UNAUTHENTICATED-REMOTE-BUFFER-OVERFLOW.txt + ISR: Apparition Security + SSD Beyond Security Submission:...

7.5CVSS0.6AI score0.93597EPSS
Exploits29
exploitpack
exploitpack
added 2018/01/15 12:0 a.m.52 views

ImgHosting 1.5 - Cross-Site Scripting

ImgHosting 1.5 - Cross-Site Scripting Exploit Title: ImgHosting Image Storage System 1.5 - Cross-Site-Scripting Date: 12-01-2018 Exploit Author: Dennis Veninga Contact Author: d.veninga at networking4all.com Vendor Homepage: foxsash.com Version: 1.5 CVE-ID: CVE-2018-5479 ImgHosting – Image Storag...

4.3CVSS6.1AI score0.02069EPSS
Exploits5
exploitpack
exploitpack
added 2017/12/14 12:0 a.m.52 views

Readymade Video Sharing Script 3.2 - HTML Injection

Readymade Video Sharing Script 3.2 - HTML Injection Exploit Title: Readymade Video Sharing Script 3.2 - HTML Injection Dork: N/A Date: 13.12.2017 Vendor Homepage: https://www.phpscriptsmall.com/ Software Link: https://www.phpscriptsmall.com/product/php-video-sharing-script/ Demo:...

4.3CVSS0.2AI score0.02506EPSS
Exploits5
exploitpack
exploitpack
added 2017/11/07 12:0 a.m.52 views

Ametys CMS 4.0.2 - Password Reset

Ametys CMS 4.0.2 - Password Reset Vulnerability Summary The following advisory describes a password reset vulnerability found in Ametys CMS version 4.0.2 Ametys is “a free and open source content management system CMS written in Java. It is based on JSR-170 for content storage, Open Social for...

5CVSS9.7AI score0.07663EPSS
Exploits3
exploitpack
exploitpack
added 2017/10/03 12:0 a.m.52 views

Webkit (Safari) - Universal Cross-site Scripting

Webkit Safari - Universal Cross-site Scripting function Pewvar doc=open'parent-tab://apple.com';doc.document.body.innerHTML='';Click me! Exploit by Frans Rosén html data:text/html,function yx=open'parent-tab://google.com','top',x.document.body.innerHTML='';setTimeouty,100 -- function...

4.3CVSS6.9AI score0.061EPSS
Exploits6
exploitpack
exploitpack
added 2017/07/18 12:0 a.m.52 views

PEGA Platform 7.2 ML0 - Missing Access Control Cross-Site Scripting

PEGA Platform 7.2 ML0 - Missing Access Control Cross-Site Scripting Summary ======= 1. Missing access control CVE-2017-11356 2. Multiple cross-site scripting CVE-2017-11355 Vendor ====== "Pegasystems Inc. is the leader in software for customer engagement and operational excellence. Pega’s adaptiv...

4.3CVSS0.03503EPSS
Exploits4
exploitpack
exploitpack
added 2017/06/13 12:0 a.m.52 views

LG MRA58K - Missing Bounds-Checking in AVI Stream Parsing

LG MRA58K - Missing Bounds-Checking in AVI Stream Parsing Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1206 Missing bounds-checking in AVI stream parsing When parsing AVI files, CAVIFileParser uses the stream count from the AVI header to allocate backing storage for storing...

0.2AI score
Exploits0
exploitpack
exploitpack
added 2017/06/06 12:0 a.m.52 views

Peplink Balance Routers 7.0.0-build1904 - SQL Injection Cross-Site Scripting Information Disclosure

Peplink Balance Routers 7.0.0-build1904 - SQL Injection Cross-Site Scripting Information Disclosure X41 D-Sec GmbH Security Advisory: X41-2017-005 Multiple Vulnerabilities in peplink balance routers =================================================== Overview -------- Confirmed Affected Versions:...

7.5CVSS7.2AI score0.61577EPSS
Exploits7
exploitpack
exploitpack
added 2017/04/07 12:0 a.m.52 views

QNAP TVS-663 QTS 4.2.4 build 20170313 - Command Injection

QNAP TVS-663 QTS 4.2.4 build 20170313 - Command Injection QNAP QTS multiple RCE vulnerabilities ===================================== The latest version of this advisory is available at: https://sintonen.fi/advisories/qnap-qts-multiple-rce-vulnerabilities.txt Overview -------- QNAP QTS firmware...

10CVSS0.4AI score0.66146EPSS
Exploits5
exploitpack
exploitpack
added 2016/08/31 12:0 a.m.52 views

ZKTeco ZKAccess Professional 3.5.3 - Insecure File Permissions Privilege Escalation

ZKTeco ZKAccess Professional 3.5.3 - Insecure File Permissions Privilege Escalation ZKTeco ZKAccess Professional 3.5.3 Insecure File Permissions Vendor: ZKTeco Inc. | Xiamen ZKTeco Biometric Identification Technology Co.,ltd Product web page: http://www.zkteco.com Affected version: 3.5.3 Build 00...

0.9AI score
Exploits0
exploitpack
exploitpack
added 2016/06/16 12:0 a.m.53 views

SolarWinds Virtualization Manager - Local Privilege Escalation

SolarWinds Virtualization Manager - Local Privilege Escalation Product: Solarwinds Virtualization Manager Vendor: Solarwinds Vulnerable Versions: 6.3.1 Tested Version: 6.3.1 Vendor Notification: April 25th, 2016 Vendor Patch Availability to Customers: June 1st, 2016 Public Disclosure: June 14th,...

7.2CVSS7.8AI score0.03704EPSS
Exploits5
exploitpack
exploitpack
added 2016/02/22 12:0 a.m.52 views

Ubuntu 15.10 - PT Chown Arbitrary PTs Access Via User Namespace Privilege Escalation

Ubuntu 15.10 - PT Chown Arbitrary PTs Access Via User Namespace Privilege Escalation Source: http://www.halfdog.net/Security/2015/PtChownArbitraryPtsAccessViaUserNamespace/ Introduction Problem description: With Ubuntu Wily and earlier, /usr/lib/ptchown was used to change ownership of slave pts...

1AI score
Exploits0
exploitpack
exploitpack
added 2014/07/30 12:0 a.m.52 views

D-Link DWR-113 Rev. Ax - Cross-Site Request Forgery Denial of Service

D-Link DWR-113 Rev. Ax - Cross-Site Request Forgery Denial of Service Exploit Title: Dlink DWR-113 Rev. Ax - CSRF causing Denial of Service Google dork : N/A Exploit Author: Blessen Thomas Date : 29/07/14 Vendor Homepage : http://www.dlink.com/ Software Link : N/A Firmware version: v2.02 2013-03-...

6.8CVSS0.8AI score0.02889EPSS
Exploits5
exploitpack
exploitpack
added 2014/04/24 12:0 a.m.52 views

dompdf 0.6.0 - dompdf.php?read Arbitrary File Read

dompdf 0.6.0 - dompdf.php?read Arbitrary File Read Vulnerability title: Arbitrary file read in dompdf CVE: CVE-2014-2383 Vendor: dompdf Product: dompdf Affected version: v0.6.0 Fixed version: v0.6.1 partial fix Reported by: Alejo Murillo Moyas Details: An arbitrary file read vulnerability is...

4.3CVSS0.6AI score0.39374EPSS
Exploits6
exploitpack
exploitpack
added 2014/01/14 12:0 a.m.52 views

Horizon QCMS 4.0 - Multiple Vulnerabilities

Horizon QCMS 4.0 - Multiple Vulnerabilities Advisory ID: HTB23191 Product: Horizon QCMS Vendor: Horizon QCMS Vulnerable Versions: 4.0 and probably prior Tested Version: 4.0 Advisory Publication: December 18, 2013 without technical details Vendor Notification: December 18, 2013 Vendor Patch:...

7.5CVSS0.2AI score0.01859EPSS
Exploits9
exploitpack
exploitpack
added 2013/12/17 12:0 a.m.52 views

InstantCMS 1.10.3 - Blind SQL Injection

InstantCMS 1.10.3 - Blind SQL Injection Advisory ID: HTB23185 Product: InstantCMS Vendor: InstantSoft Vulnerable Versions: 1.10.3 and probably prior Tested Version: 1.10.3 Advisory Publication: November 20, 2013 without technical details Vendor Notification: November 20, 2013 Vendor Patch: Novemb...

7.5CVSS0.01299EPSS
Exploits7
exploitpack
exploitpack
added 2013/12/16 12:0 a.m.52 views

UPC Ireland Cisco EPC 2425 Router Horizon Box - WPA-PSK Handshake Information

UPC Ireland Cisco EPC 2425 Router Horizon Box - WPA-PSK Handshake Information Exploit Title: UPC Ireland Cisco EPC 2425 Router / Horizon Box Google Dork: Date: 11/12/2013 Author: Matt O'Connor / Planit Computing Advisory Link: http://www.planitcomputing.ie/upc-wifi-attack.pdf Version: Category:...

0.2AI score
Exploits0
exploitpack
exploitpack
added 2013/12/03 12:0 a.m.52 views

Dokeos 2.2 RC2 - index.php?language SQL Injection

Dokeos 2.2 RC2 - index.php?language SQL Injection Advisory ID: HTB23181 Product: Dokeos Vendor: Dokeos Vulnerable Versions: 2.2 RC2 and probably prior Tested Version: 2.2 RC2 Advisory Publication: October 30, 2013 without technical details Vendor Notification: October 30, 2013 Public Disclosure:...

7.5CVSS0.02279EPSS
Exploits6
exploitpack
exploitpack
added 2013/08/02 12:0 a.m.52 views

INSTEON Hub 2242-222 - Lack of Web and API Authentication

INSTEON Hub 2242-222 - Lack of Web and API Authentication Trustwave SpiderLabs Security Advisory TWSL2013-023: Lack of Web and API Authentication Vulnerability in INSTEON Hub Published: 8/01/13 Version: 1.0 Vendor: INSTEON http://www.INSTEON.com/ Product: Hub Version affected: 2242-222 model...

9.3CVSS0.06973EPSS
Exploits6
exploitpack
exploitpack
added 2012/04/13 12:0 a.m.52 views

Invision Power Board 3.3.0 - Local File Inclusion

Invision Power Board 3.3.0 - Local File Inclusion waraxe-2012-SA086 - Local File Inclusion in Invision Power Board 3.3.0 ======================================================================== ======= Author: Janek Vind "waraxe" Date: 12. April 2012 Location: Estonia, Tartu Web:...

7.5CVSS9.7AI score0.07361EPSS
Exploits5
exploitpack
exploitpack
added 2011/09/19 12:0 a.m.52 views

Cisco TelePresence SOS-11-010 - Multiple Vulnerabilities

Cisco TelePresence SOS-11-010 - Multiple Vulnerabilities Sense of Security - Security Advisory - SOS-11-010 Release Date. 19-Sep-2011 Last Update. - Vendor Notification Date. 21-Feb-2011 Product. Cisco TelePresence Series Platform. Cisco Affected versions. C = TC4.1.2, MXP = F9.1 Severity Rating...

9CVSS0.3AI score0.12714EPSS
Exploits7
exploitpack
exploitpack
added 2011/04/29 12:0 a.m.52 views

Microsoft Excel - Axis Properties Record Parsing Buffer Overflow (PoC) (MS11-02)

Microsoft Excel - Axis Properties Record Parsing Buffer Overflow PoC MS11-02 """ This is a PoC for MS11-021/CVE-2011-0978 Microsoft Office Excel Axis Properties Record Parsing Buffer Overflow w3bd3vilatgmaildot.com twitter.com/w3bd3vil Modify bits at file location 0x39E7 0:000:x86 r eax=04dd6380...

9.3CVSS1.7AI score0.42562EPSS
Exploits5
exploitpack
exploitpack
added 2011/03/22 12:0 a.m.52 views

siemens tecnomatix factorylink 8.0.1.1473 - Multiple Vulnerabilities

siemens tecnomatix factorylink 8.0.1.1473 - Multiple Vulnerabilities Sources: http://aluigi.org/adv/factorylink1-adv.txt http://aluigi.org/adv/factorylink2-adv.txt http://aluigi.org/adv/factorylink3-adv.txt http://aluigi.org/adv/factorylink4-adv.txt http://aluigi.org/adv/factorylink5-adv.txt...

0.7AI score
Exploits0
exploitpack
exploitpack
added 2011/01/26 12:0 a.m.52 views

Oracle Document Capture 10.1.3.5 - Insecure Method Buffer Overflow

Oracle Document Capture 10.1.3.5 - Insecure Method Buffer Overflow Source: http://packetstormsecurity.org/files/view/97871/DSECRG-11-006.txt ActiveX components contain insecure methods. Digital Security Research Group DSecRG Advisory DSECRG-11-006 internal DSECRG-09-066 Application: Oracle Docume...

9.4CVSS0.4AI score0.16177EPSS
Exploits5
exploitpack
exploitpack
added 2010/12/12 12:0 a.m.52 views

Clear iSpotClearspot 2.0.0.0 - Cross-Site Request Forgery

Clear iSpotClearspot 2.0.0.0 - Cross-Site Request Forgery Trustwave's SpiderLabs Security Advisory TWSL2010-008: Clear iSpot/Clearspot CSRF Vulnerabilities https://www.trustwave.com/spiderlabs/advisories/TWSL2010-008.txt Published: 2010-12-10 Version: 1.0 Vendor: Clear http://www.clear.com...

9.3CVSS0.5AI score0.01817EPSS
Exploits6
exploitpack
exploitpack
added 2010/11/24 12:0 a.m.52 views

Free Simple Software - SQL Injection

Free Simple Software - SQL Injection 'Free Simple Software' SQL Injection Vulnerability CVE-2010-4298 Mark Stanislav - [email protected] I. DESCRIPTION --------------------------------------- A vulnerability exists in the 'Free Simple Software' download module which allows for a 'UNION...

7.5CVSS0.02344EPSS
Exploits6
exploitpack
exploitpack
added 2010/10/28 12:0 a.m.52 views

Mozilla Firefox - Simplified Memory Corruption (PoC)

Mozilla Firefox - Simplified Memory Corruption PoC Hi there, For those who still do not know .. The proof of concept that I have extracted for CVE-2010-3765 is the following: function Gstr var cobj=document.createElementstr; document.body.appendChildcobj; cobj.scrollWidth; function crashme...

9.3CVSS0.6AI score0.83279EPSS
Exploits14
exploitpack
exploitpack
added 2010/10/20 12:0 a.m.52 views

LibSMI smiGetNode - Buffer Overflow When Long OID Is Given In Numerical Form

LibSMI smiGetNode - Buffer Overflow When Long OID Is Given In Numerical Form -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Core Security Technologies - CoreLabs Advisory http://corelabs.coresecurity.com/ LibSMI smiGetNode Buffer Overflow When Long OID Is Given In Numerical Form 1. Advisory...

7.5CVSS0.4AI score0.14035EPSS
Exploits4
exploitpack
exploitpack
added 2010/04/23 12:0 a.m.52 views

EPay Enterprise 4.13 - cid SQL Injection

EPay Enterprise 4.13 - cid SQL Injection / / / \ \ \ \ \ / / \\ \ \ \ \ // /// \ \ / / \ //|\ / \ \ \ \ \ \ / / \ \ / / \ | | | \ | | || | | |/ / \ V / || |\ V / / \ | / \ | /| | | || / | | | | . | ' || / | || // \ // \|||/|||||||||\ .WEB.ID...

0.3AI score
Exploits0
exploitpack
exploitpack
added 2010/01/31 12:0 a.m.52 views

crownweb - page.cfm SQL Injection

crownweb - page.cfm SQL Injection crownweb page.cfm Sql Injection Vulnerability =================================================================== .:. Email : [email protected] .:. Team : Sec Attack Team .:. Home : www.sec-attack.com/vb .:. Script : crownweb .:. Language : Cfm .:. Script Download:...

0.2AI score
Exploits0
exploitpack
exploitpack
added 2009/06/10 12:0 a.m.52 views

Worldweaver DX Studio Player 3.0.29.1 Firefox plugin - Command Injection

Worldweaver DX Studio Player 3.0.29.1 Firefox plugin - Command Injection -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Core Security Technologies - CoreLabs Advisory http://www.coresecurity.com/corelabs/ DX Studio Player Firefox plug-in command injection 1. Advisory Information Title: DX Studio...

9.3CVSS0.4AI score0.40176EPSS
Exploits10
exploitpack
exploitpack
added 2009/04/16 12:0 a.m.52 views

Oracle APEX 3.2 - Unprivileged DB users can see APEX Password hashes

Oracle APEX 3.2 - Unprivileged DB users can see APEX Password hashes Unprivileged DB users can see APEX password hashes in FLOWS030000.WWVFLOWUSER CVE-2009-0981 Name Unprivileged DB users can see APEX password hashes in FLOWS030000.WWVFLOWUSER CVE-2009-0981 Systems Affected APEX 3.0 optional...

4CVSS0.4AI score0.05281EPSS
Exploits6
exploitpack
exploitpack
added 2008/12/24 12:0 a.m.52 views

Joomla! Component Ice Gallery 0.5b2 - catid Blind SQL Injection

Joomla! Component Ice Gallery 0.5b2 - catid Blind SQL Injection Joomla Component comicecatid Blind SQL-injection Author : boom3rang Greetz : H!tm@N, KHG, chs, redc00de, pr0xy-ki11er, LiTTle-Hack3r, L1RIDON1. Vulnerability : Blind SQL injection Google Dork : inurl:comice "catid"...

0.3AI score
Exploits0
exploitpack
exploitpack
added 2008/03/20 12:0 a.m.52 views

Joomla! Mambo Component Datsogallery 1.3.1 - id SQL Injection

Joomla! Mambo Component Datsogallery 1.3.1 - id SQL Injection source: https://www.securityfocus.com/bid/28361/info The Datsogallery component for Joomla! and Mambo is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL...

0.6AI score
Exploits0
exploitpack
exploitpack
added 2007/12/30 12:0 a.m.52 views

XCMS 1.83 - Remote Command Execution

XCMS 1.83 - Remote Command Execution Name : XCMS So the xcms allow you to modify the footer throught a bugged page called cpie.php included in the admin panel. So let's take a look to the bugged code. So with a simple html form we can change the footer. Ex: /textarea input type=...

7.7AI score
Exploits0
exploitpack
exploitpack
added 2007/10/03 12:0 a.m.52 views

DRBGuestbook 1.1.13 - index.php Cross-Site Scripting

DRBGuestbook 1.1.13 - index.php Cross-Site Scripting source: https://www.securityfocus.com/bid/25911/info DRBGuestbook is prone to a cross-site scripting vulnerability because the application fails to sufficiently sanitize user-supplied input. An attacker may leverage this issue to execute...

6.8AI score
Exploits0
exploitpack
exploitpack
added 2007/02/13 12:0 a.m.52 views

Lotus Domino R6 Webmail - Remote Password Hash Dumper

Lotus Domino R6 Webmail - Remote Password Hash Dumper !/bin/bash $Id: raptordominohash,v 1.3 2007/02/13 17:27:28 raptor Exp $ raptordominohash - Lotus Domino R5/R6 HTTPPassword dump Copyright c 2007 Marco Ivaldi Lotus Domino R5 and R6 WebMail, with "Generate HTML for all fields" enabled, stores...

5CVSS6.5AI score0.73635EPSS
Exploits11
exploitpack
exploitpack
added 2007/02/02 12:0 a.m.52 views

F3Site 2.1 - Remote Code Execution

F3Site 2.1 - Remote Code Execution ? // //Kacper & str0ke Settings $exploitname = "F3Site = 2.1 Remote Code Execution Exploit"; $scriptname = "F3Site 2.1"; $scriptsite = "http://dhost.info/compmaster/"; $dork = '"Powered by F3Site"'; //to work exploit you need admin session, and cookies prefix //...

8.1AI score
Exploits0
exploitpack
exploitpack
added 2006/12/31 12:0 a.m.52 views

MDForum 2.0.1 - PNSVlang Remote Code Execution

MDForum 2.0.1 - PNSVlang Remote Code Execution DEVIL TEAM IRC: irc.milw0rm.com:6667 devilteam http://www.rahim.webd.pl/ ======== Contact: [email protected] cod3d by Kacper...

0.7AI score
Exploits0
exploitpack
exploitpack
added 2006/09/28 12:0 a.m.52 views

Les Visiteurs 2.0 - Multiple Remote File Inclusions

Les Visiteurs 2.0 - Multiple Remote File Inclusions source: https://www.securityfocus.com/bid/20259/info Les Visiteurs is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues may allow an attacker to compromise...

0.1AI score
Exploits0
exploitpack
exploitpack
added 2006/09/02 12:0 a.m.52 views

TikiWiki 1.9 Sirius - jhot.php Remote Command Execution

TikiWiki 1.9 Sirius - jhot.php Remote Command Execution !/usr/bin/php -q -d shortopentag=on 126 $result.=" ."; else $result.=" ".$string$i; if strlendechexord$string$i==2 $exa.=" ".dechexord$string$i; else $exa.=" 0".dechexord$string$i; $cont++...

Exploits0
Total number of security vulnerabilities5000