Lucene search
K
ExploitpackMost viewed

41207 matches found

exploitpack
exploitpack
added 2019/08/12 12:0 a.m.51 views

Mitsubishi Electric smartRTU INEA ME-RTU - Unauthenticated Configuration Download

Mitsubishi Electric smartRTU INEA ME-RTU - Unauthenticated Configuration Download !/usr/bin/python Exploit Title: Mitsubishi Electric smartRTU & INEA ME-RTU Unauthenticated Configuration Download Date: 29 June 2019 Exploit Author: @xerubus | mogozobo.com Vendor Homepage:...

5CVSS1.1AI score0.41847EPSS
Exploits3
exploitpack
exploitpack
added 2019/07/07 12:0 a.m.51 views

Apache mod_ssl 2.8.7 OpenSSL - OpenFuckV2.c Remote Buffer Overflow (2)

Apache modssl 2.8.7 OpenSSL - OpenFuckV2.c Remote Buffer Overflow 2 / OF version r00t VERY PRIV8 spabam Version: v3.0.4 Requirements: libssl-dev apt-get install libssl-dev Compile with: gcc -o OpenFuck OpenFuck.c -lcrypto objdump -R /usr/sbin/httpd|grep free to get more targets hackarena...

1AI score
Exploits0
exploitpack
exploitpack
added 2019/05/14 12:0 a.m.51 views

Sales ERP 8.1 - Multiple SQL Injection

Sales ERP 8.1 - Multiple SQL Injection =========================================================================================== Exploit Title: SalesERP v.8.1 SQL Inj. Dork: N/A Date: 13-05-2019 Exploit Author: Mehmet EMIROGLU Vendor Homepage:...

0.2AI score
Exploits0
exploitpack
exploitpack
added 2019/05/03 12:0 a.m.51 views

Crestron AMBarco wePresent WiPGExtron ShareLinkTeq AV ITSHARP PN-L703WAOptoma WPS-ProBlackbox HD WPSInFocus LiteShow - Remote Command Injection

Crestron AMBarco wePresent WiPGExtron ShareLinkTeq AV ITSHARP PN-L703WAOptoma WPS-ProBlackbox HD WPSInFocus LiteShow - Remote Command Injection Exploit Title: Barco/AWIND OEM Presentation Platform Unauthenticated Remote Command Injection Date: 05/01/2019 Exploit Author: Jacob Baines Tested on:...

10CVSS9.9AI score0.98952EPSS
Exploits10
exploitpack
exploitpack
added 2019/04/30 12:0 a.m.51 views

Intelbras IWR 3000N 1.5.0 - Cross-Site Request Forgery

Intelbras IWR 3000N 1.5.0 - Cross-Site Request Forgery IWR 3000N - CSRF on authenticated administrator Exploit! Click the button to get the login and password. function exploit $.get "http://localhost:80/v1/system/user" .done data = alert data ; .failfunction err, status alert status ; ;...

9.3CVSS0.2AI score0.0389EPSS
Exploits5
exploitpack
exploitpack
added 2019/04/02 12:0 a.m.51 views

WordPress Plugin PayPal Checkout Payment Gateway 1.6.8 - Parameter Tampering

WordPress Plugin PayPal Checkout Payment Gateway 1.6.8 - Parameter Tampering Exploit Title: cgi-bin/webscr?cmd=cart in the WooCommerce PayPal Checkout Payment Gateway plugin 1.6.8 for WordPress allows Parameter Tampering in an amount parameter such as amount1, as demonstrated by purchasing an ite...

4CVSS0.2AI score0.06049EPSS
Exploits5
exploitpack
exploitpack
added 2019/03/19 12:0 a.m.51 views

Advanced Host Monitor 11.92 beta - Local Buffer Overflow

Advanced Host Monitor 11.92 beta - Local Buffer Overflow !/usr/bin/env python ------------------------------------------------------------------------------------------------------------------------------------ Exploit: Advanced Host Monitor 11.92 beta - Local Buffer Overflow EggHunter Date:...

0.1AI score
Exploits0
exploitpack
exploitpack
added 2019/03/04 12:0 a.m.51 views

elFinder 2.1.47 - PHP connector Command Injection

elFinder 2.1.47 - PHP connector Command Injection !/usr/bin/python ''' Exploit Title: elFinder SecSignal.php;echo SecSignal.jpg' def usage: if lensys.argv != 2: print "Usage: python exploit.py URL" sys.exit0 def uploadurl, payload: files = 'upload': payload, open'SecSignal.jpg', 'rb' data = "reqi...

7.5CVSS0.96633EPSS
Exploits11
exploitpack
exploitpack
added 2019/02/23 12:0 a.m.51 views

Drupal 8.6.10 8.5.11 - REST Module Remote Code Execution

Drupal 8.6.10 8.5.11 - REST Module Remote Code Execution Analyzing the patch By diffing Drupal 8.6.9 and 8.6.10, we can see that in the REST module, FieldItemNormalizer now uses a new trait, SerializedColumnNormalizerTrait. This trait provides the checkForSerializedStrings method, which in short...

8.1AI score
Exploits0
exploitpack
exploitpack
added 2018/08/08 12:0 a.m.51 views

osTicket 1.10.1 - Arbitrary File Upload

osTicket 1.10.1 - Arbitrary File Upload Exploit Title: osTicket 1.10.1 - Arbitrary File Upload Exploit Author: r3j10r Rajwinder Singh Date: 2018-08-08 Vendor Homepage: http://osticket.com/ Software Link: http://osticket.com/download Version: osTicket v1.10.1 CVE-2017-15580 Vulnerability Details:...

7.5CVSS0.15977EPSS
Exploits5
exploitpack
exploitpack
added 2018/07/07 12:0 a.m.51 views

Oracle WebLogic 12.1.2.0 - RMI Registry UnicastRef Object Java Deserialization Remote Code Execution

Oracle WebLogic 12.1.2.0 - RMI Registry UnicastRef Object Java Deserialization Remote Code Execution !/usr/bin/python -- coding: utf-8 -- from argparse import RawTextHelpFormatter import socket, argparse, subprocess, ssl, os.path HELPMESSAGE = '''...

7.5CVSS0.6AI score0.97301EPSS
Exploits15
exploitpack
exploitpack
added 2018/07/06 12:0 a.m.51 views

Airties AIR5444TT - Cross-Site Scripting

Airties AIR5444TT - Cross-Site Scripting Exploit Title: Airties AIR5444TT - Cross-Site Scripting Date: 2018-07-06 Exploit Author: Raif Berkay Dincel Vendor Homepage: airties.com Software http://www.airties.com.tr/support/dcenter/ Version: 1.0.0.18 CVE-ID: CVE-2018-8738 Tested on: MacOS High Sierr...

4.3CVSS0.2AI score0.02273EPSS
Exploits5
exploitpack
exploitpack
added 2018/07/05 12:0 a.m.51 views

ADB Broadband Gateways Routers - Authorization Bypass

ADB Broadband Gateways Routers - Authorization Bypass SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Authorization Bypass product: All ADB Broadband Gateways / Routers based on Epicentro platform vulnerable version:...

5CVSS0.4AI score0.35862EPSS
Exploits5
exploitpack
exploitpack
added 2018/07/04 12:0 a.m.51 views

ManageEngine Exchange Reporter Plus Build 5311 - Remote Code Execution

ManageEngine Exchange Reporter Plus Build 5311 - Remote Code Execution Exploit Title: ManageEngine Exchange Reporter Plus = 5310 Unauthenticated RCE Date: 28-06-2018 Software Link: https://www.manageengine.com/products/exchange-reports/ Exploit Author: Kacper Szurek Contact:...

8.1AI score
Exploits0
exploitpack
exploitpack
added 2018/05/25 12:0 a.m.51 views

Oracle WebCenter Sites 11.1.1.8.012.2.1.x - Cross-Site Scripting

Oracle WebCenter Sites 11.1.1.8.012.2.1.x - Cross-Site Scripting Exploit Title: Multiple XSS Oracle WebCenter Sites FatWire Content Server 7.x 11gR1 Dork: inurl:Satellite?c Date: 18.12.201 Exploit Author: Richard Alviarez Vendor Homepage: http://oracle.com Version: 7.x 11gR1 CVE: CVE-2018-2791...

5.8CVSS0.1AI score0.3945EPSS
Exploits4
exploitpack
exploitpack
added 2018/05/18 12:0 a.m.51 views

HPE iMC 7.3 - Remote Code Execution (Metasploit)

HPE iMC 7.3 - Remote Code Execution Metasploit Exploit Title: HPE iMC EL Injection Unauthenticated RCE Date: 6 February, 2018 Exploit Author: TrendyTofu Vendor Homepage: https://www.hpe.com/us/en/home.html Software Link:...

9CVSS8.4AI score0.14999EPSS
Exploits6
exploitpack
exploitpack
added 2018/05/09 12:0 a.m.51 views

Microsoft Windows FxCop 1012 - XML External Entity Injection

Microsoft Windows FxCop 1012 - XML External Entity Injection Exploit Title: Microsoft Windows FxCop 10/12 - XML External Entity Injection Date: 2018-03-15 Exploit Author: Debashis Pal Vendor Homepage: www.microsoft.com Version: Microsoft Windows "FxCop" v10-12 CVE : N/A Greetz:...

7.8AI score
Exploits0
exploitpack
exploitpack
added 2018/03/13 12:0 a.m.51 views

SecurEnvoy SecurMail 9.1.501 - Multiple Vulnerabilities

SecurEnvoy SecurMail 9.1.501 - Multiple Vulnerabilities SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Multiple Critical Vulnerabilities product: SecurEnvoy SecurMail vulnerable version: 9.1.501 fixed version: 9.2.501...

6.4CVSS0.3AI score0.14717EPSS
Exploits10
exploitpack
exploitpack
added 2018/03/02 12:0 a.m.51 views

D-Link DIR-600M Wireless - Cross-Site Scripting

D-Link DIR-600M Wireless - Cross-Site Scripting Exploit Title: D-Link DIR-600M Wireless - Persistent Cross Site Scripting Date: 11.02.2018 Vendor Homepage: http://www.dlink.co.in Hardware Link: http://www.dlink.co.in/products/?pid=DIR-600M Category: Hardware Exploit Author: Prasenjit Kanti Paul...

3.5CVSS5.4AI score0.02186EPSS
Exploits5
exploitpack
exploitpack
added 2018/01/26 12:0 a.m.51 views

BMC BladeLogic 8.3.00.64 - Remote Command Execution

BMC BladeLogic 8.3.00.64 - Remote Command Execution Exploit Title: BMC BladeLogic RSCD agent remote exec - XMLRPC version Filename: BMCrexec.py Github: https://github.com/bao7uo/bmcbladelogic Date: 2018-01-24 Exploit Author: Paul Taylor / Foregenix Ltd Website: http://www.foregenix.com/blog...

5CVSS0.5AI score0.74618EPSS
Exploits8
exploitpack
exploitpack
added 2017/11/14 12:0 a.m.51 views

Dup Scout Enterprise 10.0.18 - Login Remote Buffer Overflow

Dup Scout Enterprise 10.0.18 - Login Remote Buffer Overflow Tested on Windows 10 x86 The application requires to have the web server enabled. Exploit for older version: https://www.exploit-db.com/exploits/40832/ !/usr/bin/python import socket,os,time,struct,argparse parser = argparse.ArgumentPars...

0.7AI score
Exploits0
exploitpack
exploitpack
added 2017/10/30 12:0 a.m.51 views

Oracle Java SE - Web Start jnlp XML External Entity Processing Information Disclosure

Oracle Java SE - Web Start jnlp XML External Entity Processing Information Disclosure !/usr/local/bin/python """ Oracle Java SE Web Start jnlp XML External Entity Processing Information Disclosure Vulnerability Affected: + eg: ./poc.py 'C:/Program Files/Java/jre1.8.0131/README.txt' saturn: mrme$...

6.8CVSS0.1AI score0.08794EPSS
Exploits6
exploitpack
exploitpack
added 2017/09/28 12:0 a.m.51 views

Trend Micro OfficeScan 11.0XG (12.0) - Code Execution Memory Corruption

Trend Micro OfficeScan 11.0XG 12.0 - Code Execution Memory Corruption + Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/CVE-2017-14086-TRENDMICRO-OFFICESCAN-XG-PRE-AUTH-START-REMOTE-PROCESS-CODE-EXECUTION-MEM-CORRUPT.txt +...

7.8CVSS7.9AI score0.07906EPSS
Exploits5
exploitpack
exploitpack
added 2017/09/12 12:0 a.m.51 views

Jungo DriverWizard WinDriver 12.4.0 - Kernel Pool Overflow Local Privilege Escalation (2)

Jungo DriverWizard WinDriver 12.4.0 - Kernel Pool Overflow Local Privilege Escalation 2 -- coding: utf-8 -- """ Jungo DriverWizard WinDriver Kernel Pool Overflow Vulnerability Download: http://www.jungo.com/st/products/windriver/ File: WD1240.EXE Sha1: 3527cc974ec885166f0d96f6aedc8e542bb66cba...

7.2CVSS1.1AI score0.01835EPSS
Exploits5
exploitpack
exploitpack
added 2017/09/04 12:0 a.m.51 views

A2billing 2.x - Backup File Download Remote Code Execution

A2billing 2.x - Backup File Download Remote Code Execution Title : A2billing 2.x , Unauthenticated Backup dump / RCE flaw Vulnerable software : A2billing 2.x Author : Ahmed Sultan 0x4148 Email : [email protected] Home : 0x4148.com Linkedin : https://www.linkedin.com/in/0x4148/ A2billing contain...

0.5AI score
Exploits0
exploitpack
exploitpack
added 2017/07/28 12:0 a.m.51 views

libjpeg-turbo 1.5.1 - Denial of Service

libjpeg-turbo 1.5.1 - Denial of Service libjpeg-turbo denial of service vulnerability ====================== Author : qflb.wu CVE : CVE-2017-9614 ====================== Introduction: ============= libjpeg-turbo is a JPEG image codec that uses SIMD instructions MMX, SSE2, AVX2, NEON, AltiVec to...

6.8CVSS0.08152EPSS
Exploits4
exploitpack
exploitpack
added 2017/05/19 12:0 a.m.51 views

Oracle PeopleSoft - Server-Side Request Forgery

Oracle PeopleSoft - Server-Side Request Forgery Application: Oracle PeopleSoft Versions Affected: ToolsRelease: 8.55.03; ToolsReleaseDB: 8.55; PeopleSoft HCM 9.2 Vendor URL: http://oracle.com Bugs: SSRF Reported: 23.12.2016 Vendor response: 24.12.2016 Date of Public Advisory: 18.04.2017 Reference...

6.4CVSS0.7AI score0.09636EPSS
Exploits5
exploitpack
exploitpack
added 2017/05/04 12:0 a.m.51 views

Apple Safari 10.0.3 - JSC::CachedCall Use-After-Free

Apple Safari 10.0.3 - JSC::CachedCall Use-After-Free function makecompiledfunction function targetx return x5 + x - xx; // Call only once so that function gets compiled with low level interpreter // but none of the optimizing JITs target0; return target; function pwn var haxs = new Array0x100; fo...

6.8CVSS0.08038EPSS
Exploits4
exploitpack
exploitpack
added 2017/03/22 12:0 a.m.51 views

Linux Kernel 3.11 4.8 0 - SO_SNDBUFFORCE SO_RCVBUFFORCE Local Privilege Escalation

Linux Kernel 3.11 4.8 0 - SOSNDBUFFORCE SORCVBUFFORCE Local Privilege Escalation // CAPNETADMIN - root LPE exploit for CVE-2016-9793 // No KASLR, SMEP or SMAP bypass included // Affected kernels: 3.11 - 4.8 // Tested in QEMU only // https://github.com/xairy/kernel-exploits/tree/master/CVE-2016-97...

7.2CVSS0.8AI score0.01566EPSS
Exploits8
exploitpack
exploitpack
added 2017/03/01 12:0 a.m.51 views

Aruba AirWave 8.2.3 - XML External Entity Injection Cross-Site Scripting

Aruba AirWave 8.2.3 - XML External Entity Injection Cross-Site Scripting SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: XML External Entity Injection XXE, Reflected Cross Site Scripting product: Aruba AirWave vulnerab...

4.3CVSS0.7AI score0.13164EPSS
Exploits6
exploitpack
exploitpack
added 2017/02/22 12:0 a.m.51 views

EasyCom For PHP 4.0.0 - Buffer Overflow (PoC)

EasyCom For PHP 4.0.0 - Buffer Overflow PoC + Credits: John Page AKA Hyp3rlinX + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/EASYCOM-PHP-API-BUFFER-OVERFLOW.txt + ISR: ApparitionSec Vendor: ================ easycom-aura.com Product:...

7.5CVSS0.5AI score0.12147EPSS
Exploits6
exploitpack
exploitpack
added 2016/12/27 12:0 a.m.51 views

PHPMailer 5.2.20 - Remote Code Execution

PHPMailer 5.2.20 - Remote Code Execution !/usr/bin/python intro = """ PHPMailer RCE PoC Exploits PHPMailer " postfields = 'action':...

7.5CVSS0.99714EPSS
Exploits59
exploitpack
exploitpack
added 2016/12/21 12:0 a.m.51 views

NETGEAR WNR2000v5 - Remote Code Execution

NETGEAR WNR2000v5 - Remote Code Execution Remote code execution in NETGEAR WNR2000v5 - by Pedro Ribeiro [email protected] / Agile Information Security Released on 20/12/2016 NOTE: this exploit is "alpha" quality and has been deprecated. Please see the modules accepted into the Metasploit framework...

0.1AI score
Exploits0
exploitpack
exploitpack
added 2016/09/22 12:0 a.m.51 views

Microsoft Windows Kerberos - Security Feature Bypass (MS16-101)

Microsoft Windows Kerberos - Security Feature Bypass MS16-101 Exploit Title: Kerberos Security Feature Bypass Vulnerability Kerberos to NTLM Fallback Date: 22-09-2016 Exploit Author: Nabeel Ahmed Tested on: Windows 7 Professional x32/x64 and Windows 10 x64 CVE : CVE-2016-3237 Category: Local...

6.8CVSS7.5AI score0.17181EPSS
Exploits5
exploitpack
exploitpack
added 2016/08/31 12:0 a.m.51 views

ZKTeco ZKAccess Professional 3.5.3 - Insecure File Permissions Privilege Escalation

ZKTeco ZKAccess Professional 3.5.3 - Insecure File Permissions Privilege Escalation ZKTeco ZKAccess Professional 3.5.3 Insecure File Permissions Vendor: ZKTeco Inc. | Xiamen ZKTeco Biometric Identification Technology Co.,ltd Product web page: http://www.zkteco.com Affected version: 3.5.3 Build 00...

0.9AI score
Exploits0
exploitpack
exploitpack
added 2016/08/16 12:0 a.m.51 views

WSO2 Carbon 4.4.5 - Persistent Cross-Site Scripting

WSO2 Carbon 4.4.5 - Persistent Cross-Site Scripting + Credits: John Page aka HYP3RLINX + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/WSO2-CARBON-v4.4.5-PERSISTENT-XSS-COOKIE-THEFT.txt + ISR: ApparitionSec Vendor: ============= www.wso2.com Product:...

4.3CVSS6.1AI score0.03998EPSS
Exploits5
exploitpack
exploitpack
added 2016/08/08 12:0 a.m.51 views

Microsoft Windows 7 (x86x64) - Group Policy Privilege Escalation (MS16-072)

Microsoft Windows 7 x86x64 - Group Policy Privilege Escalation MS16-072 Exploit Title: Group Policy Elevation of Privilege Vulnerability Date: 08-08-2016 Exploit Author: Nabeel Ahmed Tested on: Windows 7 Professional x32/x64 CVE : CVE-2016-3223 Category: Privilege Escalation SPECIAL CONFIG:...

9.3CVSS0.2AI score0.21091EPSS
Exploits4
exploitpack
exploitpack
added 2016/07/25 12:0 a.m.51 views

Compal CH7465LG-LC ModemRouter CH7465LG-NCIP-4.50.18.13-NOSH - Multiple Vulnerabilities

Compal CH7465LG-LC ModemRouter CH7465LG-NCIP-4.50.18.13-NOSH - Multiple Vulnerabilities Compal CH7465LG-LC modem/router multiple vulnerabilities -------------------------------------------------------- The following vulnerabilities are the result of a quick check 3 hours of the Mercury modem. We...

0.7AI score
Exploits0
exploitpack
exploitpack
added 2016/06/13 12:0 a.m.51 views

Easy RM to MP3 Converter 2.7.3.700 - .m3u File (Universal ASLR + DEP Bypass)

Easy RM to MP3 Converter 2.7.3.700 - .m3u File Universal ASLR + DEP Bypass Exploit Title: Easy RM to MP3 Converter 2.7.3.700 .m3u File BoF Exploit with Universal DEP+ASLR bypass Date: 2016-06-12 Exploit Author: Csaba Fitzl Vendor Homepage: N/A Software Link:...

9.3CVSS0.21664EPSS
Exploits5
exploitpack
exploitpack
added 2016/04/11 12:0 a.m.51 views

OpenCart 2.1.0.2 2.2.0.0 - json_decode Function Remote Code Execution

OpenCart 2.1.0.2 2.2.0.0 - jsondecode Function Remote Code Execution OpenCart jsondecode function Remote PHP Code Execution Author: Naser Farhadi Twitter: @naserfarhadi Date: 9 April 2016 Version: 2.1.0.2 to 2.2.0.0 Latest version Vendor Homepage: http://www.opencart.com/ Vulnerability:...

Exploits0
exploitpack
exploitpack
added 2016/03/14 12:0 a.m.51 views

Linux Kernel 3.10.0-229.x (CentOS RHEL 7.1) - iowarrior Driver Crash (PoC)

Linux Kernel 3.10.0-229.x CentOS RHEL 7.1 - iowarrior Driver Crash PoC OS-S Security Advisory 2016-15 Linux iowarrior Nullpointer Dereference Date: March 4th, 2016 Authors: Sergej Schumilo, Hendrik Schwartke, Ralf Spenneberg CVE: not yet assigned CVSS: 4.9 AV:L/AC:L/Au:N/C:N/I:N/A:C Title: Local...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2016/03/07 12:0 a.m.51 views

Microsoft Windows 7 (x64) - afd.sys Dangling Pointer Privilege Escalation (MS14-040)

Microsoft Windows 7 x64 - afd.sys Dangling Pointer Privilege Escalation MS14-040 Exploit Title: MS14-040 - AFD.SYS Dangling Pointer Date: 2016-03-03 Exploit Author: Rick Larabee Vendor Homepage: www.microsoft.com Version: Windows 7, 64 bit Tested on: Win7 x64 afd.sys - 6.1.7601.17514 ntdll.dll -...

7.2CVSS0.3AI score0.12694EPSS
Exploits8
exploitpack
exploitpack
added 2016/02/22 12:0 a.m.51 views

Ubuntu 15.10 - PT Chown Arbitrary PTs Access Via User Namespace Privilege Escalation

Ubuntu 15.10 - PT Chown Arbitrary PTs Access Via User Namespace Privilege Escalation Source: http://www.halfdog.net/Security/2015/PtChownArbitraryPtsAccessViaUserNamespace/ Introduction Problem description: With Ubuntu Wily and earlier, /usr/lib/ptchown was used to change ownership of slave pts...

1AI score
Exploits0
exploitpack
exploitpack
added 2016/02/16 12:0 a.m.51 views

glibc - getaddrinfo Stack Buffer Overflow (PoC)

glibc - getaddrinfo Stack Buffer Overflow PoC Sources: https://googleonlinesecurity.blogspot.sg/2016/02/cve-2015-7547-glibc-getaddrinfo-stack.html https://github.com/fjserna/CVE-2015-7547 Technical information: glibc reserves 2048 bytes in the stack through alloca for the DNS answer at...

6.8CVSS0.7AI score0.89557EPSS
Exploits17
exploitpack
exploitpack
added 2015/12/09 12:0 a.m.51 views

Microsoft Windows Media Center - .Link File Incorrectly Resolved Reference (MS15-134)

Microsoft Windows Media Center - .Link File Incorrectly Resolved Reference MS15-134 1. Advisory Information Title: Microsoft Windows Media Center link file incorrectly resolved reference Advisory ID: CORE-2015-0014 Advisory URL:...

4.3CVSS7.6AI score0.46006EPSS
Exploits7
exploitpack
exploitpack
added 2015/07/24 12:0 a.m.51 views

Hawkeye-G 3.0.1.4912 - Cross-Site Request Forgery

Hawkeye-G 3.0.1.4912 - Cross-Site Request Forgery Exploit Title: CSRF, Network Threat Appliance IDS / IPS Google Dork: intitle: CSRF Network Threat Appliance IDS / IPS Date: 2015-07-24 Exploit Author: John Page hyp3rlinx Website: hyp3rlinx.altervista.org Vendor Homepage: www.hexiscyber.com Softwa...

6.8CVSS0.9AI score0.04175EPSS
Exploits4
exploitpack
exploitpack
added 2015/06/16 12:0 a.m.51 views

Linux Kernel 3.13.0 3.19 (Ubuntu 12.0414.0414.1015.04) - overlayfs Local Privilege Escalation

Linux Kernel 3.13.0 3.19 Ubuntu 12.0414.0414.1015.04 - overlayfs Local Privilege Escalation / Exploit Title: ofs.c - overlayfs local root in ubuntu Date: 2015-06-15 Exploit Author: rebel Version: Ubuntu 12.04, 14.04, 14.10, 15.04 Kernels before 2015-06-15 Tested on: Ubuntu 12.04, 14.04, 14.10,...

7.2CVSS1.1AI score0.37679EPSS
Exploits22
exploitpack
exploitpack
added 2015/06/10 12:0 a.m.51 views

ICU library 52 54 - Multiple Vulnerabilities

ICU library 52 54 - Multiple Vulnerabilities Heap overflow and integer overflow in ICU library v52 to v54 Discovered by Pedro Ribeiro [email protected], Agile Information Security ================================================================================= Disclosure: 04/05/2015 / Last update...

7.5CVSS0.4AI score0.2447EPSS
Exploits4
exploitpack
exploitpack
added 2014/10/12 12:0 a.m.51 views

vBulletin 4.x5.x - AdminCPApiLog via xmlrpc API (Authenticated) Persistent Cross-Site Scripting

vBulletin 4.x5.x - AdminCPApiLog via xmlrpc API Authenticated Persistent Cross-Site Scripting CVE-2014-2021 - vBulletin 5.x/4.x - persistent XSS in AdminCP/ApiLog via xmlrpc API post-auth ================================================================================================ Overview...

7.5CVSS0.2AI score0.04145EPSS
Exploits7
exploitpack
exploitpack
added 2014/09/25 12:0 a.m.51 views

WordPress Plugin All In One WP Security 3.8.2 - SQL Injection

WordPress Plugin All In One WP Security 3.8.2 - SQL Injection Advisory ID: HTB23231 Product: All In One WP Security WordPress plugin Vendor: Tips and Tricks HQ, Peter, Ruhul, Ivy Vulnerable Versions: 3.8.2 and probably prior Tested Version: 3.8.2 Advisory Publication: September 3, 2014 without...

6.5CVSS7.5AI score0.04155EPSS
Exploits6
Total number of security vulnerabilities5000