Lucene search
K
ExploitpackMost viewed

41207 matches found

exploitpack
exploitpack
added 2016/02/22 12:0 a.m.51 views

Ubuntu 15.10 - PT Chown Arbitrary PTs Access Via User Namespace Privilege Escalation

Ubuntu 15.10 - PT Chown Arbitrary PTs Access Via User Namespace Privilege Escalation Source: http://www.halfdog.net/Security/2015/PtChownArbitraryPtsAccessViaUserNamespace/ Introduction Problem description: With Ubuntu Wily and earlier, /usr/lib/ptchown was used to change ownership of slave pts...

1AI score
Exploits0
exploitpack
exploitpack
added 2016/02/16 12:0 a.m.51 views

glibc - getaddrinfo Stack Buffer Overflow (PoC)

glibc - getaddrinfo Stack Buffer Overflow PoC Sources: https://googleonlinesecurity.blogspot.sg/2016/02/cve-2015-7547-glibc-getaddrinfo-stack.html https://github.com/fjserna/CVE-2015-7547 Technical information: glibc reserves 2048 bytes in the stack through alloca for the DNS answer at...

6.8CVSS0.7AI score0.89557EPSS
Exploits17
exploitpack
exploitpack
added 2015/12/09 12:0 a.m.51 views

Microsoft Windows Media Center - .Link File Incorrectly Resolved Reference (MS15-134)

Microsoft Windows Media Center - .Link File Incorrectly Resolved Reference MS15-134 1. Advisory Information Title: Microsoft Windows Media Center link file incorrectly resolved reference Advisory ID: CORE-2015-0014 Advisory URL:...

4.3CVSS7.6AI score0.46006EPSS
Exploits7
exploitpack
exploitpack
added 2015/07/24 12:0 a.m.51 views

Hawkeye-G 3.0.1.4912 - Cross-Site Request Forgery

Hawkeye-G 3.0.1.4912 - Cross-Site Request Forgery Exploit Title: CSRF, Network Threat Appliance IDS / IPS Google Dork: intitle: CSRF Network Threat Appliance IDS / IPS Date: 2015-07-24 Exploit Author: John Page hyp3rlinx Website: hyp3rlinx.altervista.org Vendor Homepage: www.hexiscyber.com Softwa...

6.8CVSS0.9AI score0.04175EPSS
Exploits4
exploitpack
exploitpack
added 2015/06/16 12:0 a.m.51 views

Linux Kernel 3.13.0 3.19 (Ubuntu 12.0414.0414.1015.04) - overlayfs Local Privilege Escalation

Linux Kernel 3.13.0 3.19 Ubuntu 12.0414.0414.1015.04 - overlayfs Local Privilege Escalation / Exploit Title: ofs.c - overlayfs local root in ubuntu Date: 2015-06-15 Exploit Author: rebel Version: Ubuntu 12.04, 14.04, 14.10, 15.04 Kernels before 2015-06-15 Tested on: Ubuntu 12.04, 14.04, 14.10,...

7.2CVSS1.1AI score0.37679EPSS
Exploits22
exploitpack
exploitpack
added 2015/06/10 12:0 a.m.51 views

ICU library 52 54 - Multiple Vulnerabilities

ICU library 52 54 - Multiple Vulnerabilities Heap overflow and integer overflow in ICU library v52 to v54 Discovered by Pedro Ribeiro [email protected], Agile Information Security ================================================================================= Disclosure: 04/05/2015 / Last update...

7.5CVSS0.4AI score0.2447EPSS
Exploits4
exploitpack
exploitpack
added 2014/10/12 12:0 a.m.51 views

vBulletin 4.x5.x - AdminCPApiLog via xmlrpc API (Authenticated) Persistent Cross-Site Scripting

vBulletin 4.x5.x - AdminCPApiLog via xmlrpc API Authenticated Persistent Cross-Site Scripting CVE-2014-2021 - vBulletin 5.x/4.x - persistent XSS in AdminCP/ApiLog via xmlrpc API post-auth ================================================================================================ Overview...

7.5CVSS0.2AI score0.04145EPSS
Exploits7
exploitpack
exploitpack
added 2014/09/25 12:0 a.m.51 views

WordPress Plugin All In One WP Security 3.8.2 - SQL Injection

WordPress Plugin All In One WP Security 3.8.2 - SQL Injection Advisory ID: HTB23231 Product: All In One WP Security WordPress plugin Vendor: Tips and Tricks HQ, Peter, Ruhul, Ivy Vulnerable Versions: 3.8.2 and probably prior Tested Version: 3.8.2 Advisory Publication: September 3, 2014 without...

6.5CVSS7.5AI score0.04155EPSS
Exploits6
exploitpack
exploitpack
added 2014/07/21 12:0 a.m.51 views

Linux Kernel 3.2.0-23 (Ubuntu 12.04 x64) - ptracesysret Local Privilege Escalation

Linux Kernel 3.2.0-23 Ubuntu 12.04 x64 - ptracesysret Local Privilege Escalation / CVE-2014-4699 ptrace/sysret PoC by Vitaly Nikolenko [email protected] gcc -O2 pocv0.c This code is kernel specific. On Ubuntu 12.04.0 LTS 3.2.0-23-generic, the following will trigger the GP in sysret and overwrite...

6.9CVSS0.5AI score0.02324EPSS
Exploits6
exploitpack
exploitpack
added 2014/04/17 12:0 a.m.51 views

SAP Router - Timing Attack Password Disclosure

SAP Router - Timing Attack Password Disclosure Core Security - Corelabs Advisory http://corelabs.coresecurity.com/ SAP Router Password Timing Attack 1. Advisory Information Title: SAP Router Password Timing Attack Advisory ID: CORE-2014-0003 Advisory URL:...

4.3CVSS6.5AI score0.02818EPSS
Exploits5
exploitpack
exploitpack
added 2013/08/02 12:0 a.m.51 views

INSTEON Hub 2242-222 - Lack of Web and API Authentication

INSTEON Hub 2242-222 - Lack of Web and API Authentication Trustwave SpiderLabs Security Advisory TWSL2013-023: Lack of Web and API Authentication Vulnerability in INSTEON Hub Published: 8/01/13 Version: 1.0 Vendor: INSTEON http://www.INSTEON.com/ Product: Hub Version affected: 2242-222 model...

9.3CVSS0.06973EPSS
Exploits6
exploitpack
exploitpack
added 2013/06/11 12:0 a.m.51 views

Linux Kernel 3.8.9 (x86-64) - perf_swevent_init Local Privilege Escalation (2)

Linux Kernel 3.8.9 x86-64 - perfsweventinit Local Privilege Escalation 2 / CVE-2013-2094 exploit x8664 Linux include include include include include include include include include define BASE 0x380000000 define BASEJUMP 0x1780000000 define SIZE 0x10000000 define KSIZE 0x2000000 define TMPx...

7.2CVSS0.7AI score0.47709EPSS
Exploits15
exploitpack
exploitpack
added 2013/04/25 12:0 a.m.51 views

phpMyAdmin 3.5.84.0.0-RC2 - Multiple Vulnerabilities

phpMyAdmin 3.5.84.0.0-RC2 - Multiple Vulnerabilities waraxe-2013-SA103 - Multiple Vulnerabilities in phpMyAdmin =============================================================================== Author: Janek Vind "waraxe" Date: 25. April 2013 Location: Estonia, Tartu Web:...

6.5CVSS0.5AI score0.28851EPSS
Exploits18
exploitpack
exploitpack
added 2013/03/29 12:0 a.m.51 views

McAfee Virtual Technician (MVT) 6.5.0.2101 - Insecure ActiveX Method

McAfee Virtual Technician MVT 6.5.0.2101 - Insecure ActiveX Method Advisory ID: HTB23128 Product: McAfee Virtual Technician MVT 6.5.0.2101 Vendor: McAfee Vulnerable Versions: 6.5.0.2101 and probably prior Tested Version: 6.5.0.2101 on Windows 7 SP1 and Internet Explorer 9 Vendor Notification:...

8.2CVSS0.1AI score0.05196EPSS
Exploits5
exploitpack
exploitpack
added 2013/02/05 12:0 a.m.51 views

glossword 1.8.12 - Multiple Vulnerabilities

glossword 1.8.12 - Multiple Vulnerabilities =================================================== Vulnerable Software: Glossword 1.8.12 Tested version: Glossword 1.8.12 Download: http://sourceforge.net/projects/glossword/files/glossword/1.8.12/ Vulns: XSS && Database Backup Disclosure && CSRF &&...

0.1AI score
Exploits0
exploitpack
exploitpack
added 2012/10/24 12:0 a.m.51 views

Bitweaver 2.8.1 - Multiple Vulnerabilities

Bitweaver 2.8.1 - Multiple Vulnerabilities Trustwave SpiderLabs Security Advisory TWSL2012-016: Multiple Vulnerabilities in Bitweaver Published: 10/23/2012 Version: 1.0 Vendor: Bitweaver http://www.bitweaver.org/ Product: Bitweaver Version affected: 2.8.1 and earlier versions Product description:...

5CVSS0.3AI score0.52477EPSS
Exploits10
exploitpack
exploitpack
added 2012/08/27 12:0 a.m.51 views

Elcom CMS 7.4.10 - Community Manager Insecure Arbitrary File Upload

Elcom CMS 7.4.10 - Community Manager Insecure Arbitrary File Upload Elcom CMS - Community Manager Insecure File Upload Vulnerability - Security Advisory - SOS-12-008 Release Date. 24-Aug-2012 Last Update. - Vendor Notification Date. 28-Oct-2011 Product. Elcom CMS - Community Manager Platform...

0.3AI score
Exploits0
exploitpack
exploitpack
added 2012/05/31 12:0 a.m.51 views

Supernews 2.6.1 - noticias.php?cat SQL Injection

Supernews 2.6.1 - noticias.php?cat SQL Injection Supernews Date: 31/05/2012 Version: 2.6.1 Software Link: http://phpbrasil.com/script/vT0FaOCySSH/supernews ISRAEL Author will be not responsible for any damage. Vulnerable Code - noticias.php 30-31: 30. $idcategoria = formatDados$GET'cat'; 31. $que...

8.6AI score
Exploits0
exploitpack
exploitpack
added 2011/04/29 12:0 a.m.51 views

SOOP Portal Raven 1.0b - SQL Injection

SOOP Portal Raven 1.0b - SQL Injection Exploit Title: SOOP Portal Raven 1.0b sql injection Google Dork: Powered by SOOP Portal Raven 1.0b Date: date Author: Evil-Thinker Version: Raven 1.0b Tested on: Windows Soft Technologie : ASP.net Exploit Details :...

0.2AI score
Exploits0
exploitpack
exploitpack
added 2011/03/08 12:0 a.m.51 views

EzPub Simple Classic ASP CMS - SQL Injection

EzPub Simple Classic ASP CMS - SQL Injection Title: EzPub - Simple Classic ASP CMS Vulnerable to SQL Injection Vendor: http://www.soft4web.ro Found by: p0pc0rn 08/03/2011 Dork: intext:"Powered by EZPub" SQL - Microsoft JET Database Engine error ------------------------------------------...

0.3AI score
Exploits0
exploitpack
exploitpack
added 2010/07/24 12:0 a.m.51 views

Joomla! Component Ozio Gallery - SQL Injection

Joomla! Component Ozio Gallery - SQL Injection Exploit Title: Joomla Component comoziogallery SQL Injection Vulnerability Date: 2010/07/25 Author: ViRuS Qalaa Email: [email protected] My Sites : www.pal-mafia.com & www.vbspiders.com Tested on: Windows Team hacker:ViRuS Qalaa & HaCkEr aRaR X-MaN HaCk3r...

0.8AI score
Exploits0
exploitpack
exploitpack
added 2009/06/10 12:0 a.m.51 views

Worldweaver DX Studio Player 3.0.29.1 Firefox plugin - Command Injection

Worldweaver DX Studio Player 3.0.29.1 Firefox plugin - Command Injection -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Core Security Technologies - CoreLabs Advisory http://www.coresecurity.com/corelabs/ DX Studio Player Firefox plug-in command injection 1. Advisory Information Title: DX Studio...

9.3CVSS0.4AI score0.40176EPSS
Exploits10
exploitpack
exploitpack
added 2009/03/09 12:0 a.m.51 views

PHP-Fusion Mod Book Panel - bookid SQL Injection

PHP-Fusion Mod Book Panel - bookid SQL Injection /+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++\ + + + |----------------------------------------------------------------| + + | PHP-Fusion Mod - Book Panel Remote SQL Injectio...

0.9AI score
Exploits0
exploitpack
exploitpack
added 2009/01/14 12:0 a.m.51 views

DMXReady PayPal Store Manager 1.1 - Contents Change

DMXReady PayPal Store Manager 1.1 - Contents Change Title : DMXReady PayPal Store Manager http://target/path//applications/PayPalStoreManager/incpaypalstoremanager.asp Edit - http://target/path//admin/PayPalStoreManager/CategoryManager/list.asp : milw0rm.com 2009-01-14...

0.1AI score
Exploits0
exploitpack
exploitpack
added 2009/01/12 12:0 a.m.51 views

Simple Machines Forum (SMF) 1.0.131.1.5 - Destroyer 0.1 Password Reset Security Bypass

Simple Machines Forum SMF 1.0.131.1.5 - Destroyer 0.1 Password Reset Security Bypass !/usr/bin/perl use LWP::UserAgent; use Getopt::Std; use LWP::Simple; use HTTP::Request; Author: Xianur0 Uxmal666atgmail.com Cracks links Password Recovery Find Temporary Files executed by mods DB function Flood b...

0.2AI score
Exploits0
exploitpack
exploitpack
added 2008/10/21 12:0 a.m.51 views

ShopMaker CMS 1.0 - id SQL Injection

ShopMaker CMS 1.0 - id SQL Injection || | | ShopMaker v1.0 product.php id Remote SQL Injection Vulnerability | | |-------------------- Hussin X -------------------| | | Author: Hussin X | | Home : WwW.IQ-ty.CoM | | email: darkangelg85atYahooDoTcom | | | | | | script : http://shop.maker.ir | | Dor...

0.6AI score
Exploits0
exploitpack
exploitpack
added 2008/06/24 12:0 a.m.51 views

Linksys WRT54G Firmware 1.00.9 - Security Bypass (2)

Linksys WRT54G Firmware 1.00.9 - Security Bypass 2 | l/ l j| \ / \ | \l j| \ | T l j| \ | | / \ | ' / | T | YY Y| o | T | Yl/ | | T | Y| jY Y | \ | | | | || Q || / | | | | || j | | | | || l | O | | Y | | | | || || | | | | | || / | | | | | || | | | . | j l | | |l || | j l | | || || T j l | | || T ...

10CVSS0.05164EPSS
Exploits11
exploitpack
exploitpack
added 2008/02/19 12:0 a.m.51 views

XOOPS Module eEmpregos - cid SQL Injection

XOOPS Module eEmpregos - cid SQL Injection XOOPS Module eEmpregos SQL Injectioncid AUTHOR : S@BUN HOME 1 : http://www.milw0rm.com/author/1334 MAİL : [email protected] DORK 1 : allinurl: "modules/eEmpregos/index.php" DORK 2 : allinurl: cid "modules/eEmpregos" example...

0.3AI score
Exploits0
exploitpack
exploitpack
added 2007/11/07 12:0 a.m.51 views

IBM AIX 5.3.0 - setlocale() Local Privilege Escalation

IBM AIX 5.3.0 - setlocale Local Privilege Escalation setlocale exploit for aix 5.2 CVE-2006-4254 [email protected] from os import execve bof="a"580+"bbbbccccdddd\x2f\xf2\x28\x2f" egg="\x60"2350 shellcode= by intropy caughq.org "\x7c\xa5\x2a\x79" xor. r5,r5,r5 "\x40\x82\xff\xfd" bnel...

7.5CVSS1.5AI score0.07499EPSS
Exploits6
exploitpack
exploitpack
added 2007/11/02 12:0 a.m.51 views

Ubuntu 6.06 - DHCPd Remote Denial of Service

Ubuntu 6.06 - DHCPd Remote Denial of Service Ubuntu 6.06 DHCPd bug Remote Denial of Service Exploit Author: RoMaNSoFt Exploit-DB Mirror: https://github.com/offensive-security/exploitdb-bin-sploits/raw/master/bin-sploits/4601.tgz 1022007-DoS-CVE-2007-5365.tgz milw0rm.com 2007-11-02...

7.2CVSS0.6AI score0.80265EPSS
Exploits5
exploitpack
exploitpack
added 2007/10/29 12:0 a.m.51 views

Kodak Image Viewer - TIFTIFF Code Execution (MS07-055)

Kodak Image Viewer - TIFTIFF Code Execution MS07-055 / MS07-055 Kodak Image Viewer TIF/TIFF Code Execution Proof Of Concept by Hong Gil-Dong, Jeon Woo-chi Hwang-Hee?1542, Prime Minister in Korea Once upon a time, One servant of Hwang-Hee was arguing with another servant. they asked Hwang-Hee to...

0.9AI score
Exploits0
exploitpack
exploitpack
added 2007/09/10 12:0 a.m.51 views

PHP 4.4.75.2.3 - MySQLMySQLi Safe_Mode Bypass

PHP 4.4.75.2.3 - MySQLMySQLi SafeMode Bypass Affected Products: Philip Olausson Reported: 2007-06-05 Released: 2007-08-30 CVE: CVE-2007-3997 Issue: A vulnerability exists in PHP's MySQL and MySQLi extenstions which can be used to bypass PHP's safemode security restriction. Description: PHP is a...

7.5CVSS9.6AI score0.13818EPSS
Exploits7
exploitpack
exploitpack
added 2007/02/26 12:0 a.m.51 views

STWC-Counter 3.4.0 - downloadcounter.php Remote File Inclusion

STWC-Counter 3.4.0 - downloadcounter.php Remote File Inclusion ?php //File Inclusion Exploit for STWC-Counter = 3.4.0.0 //Found and Exploit Coded by burncycle - burncycleatrobert-berandotde //| //Vendor: http://www.stwc-counter.de/ //Dork: www.stwc-counter.de //| //Bug in "downloadcounter.php":...

7.5AI score
Exploits0
exploitpack
exploitpack
added 2005/11/09 12:0 a.m.51 views

Linux Kernel 2.6.x - Sysctl Unregistration Local Denial of Service

Linux Kernel 2.6.x - Sysctl Unregistration Local Denial of Service / source: https://www.securityfocus.com/bid/15365/info Linux Kernel is reported prone to a local denial-of-service vulnerability. This issue arises from a failure to properly unregister kernel resources when network devices are...

2.1CVSS5AI score0.00789EPSS
Exploits6
exploitpack
exploitpack
added 2005/06/12 12:0 a.m.51 views

JamMail 1.8 - Jammail.pl Arbitrary Command Execution

JamMail 1.8 - Jammail.pl Arbitrary Command Execution source: https://www.securityfocus.com/bid/13937/info JamMail is prone to a remote arbitrary command execution vulnerability. This vulnerability may allow an attacker to supply arbitrary commands through the 'jammail.pl' script. This can lead to...

0.3AI score
Exploits0
exploitpack
exploitpack
added 2003/07/10 12:0 a.m.51 views

Virtual Programming VP-ASP 5.00 - shopexd.asp SQL Injection (1)

Virtual Programming VP-ASP 5.00 - shopexd.asp SQL Injection 1 source: https://www.securityfocus.com/bid/8159/info It has been reported that VP-ASP does not sufficiently sanitize user input passed to the shopexd.asp script contained in the software. As a result, it may be possible for remote...

0.7AI score
Exploits0
exploitpack
exploitpack
added 2003/07/10 12:0 a.m.51 views

CCBILL CGI - ccbillx.c whereami.cgi Remote Code Execution

CCBILL CGI - ccbillx.c whereami.cgi Remote Code Execution / ===================================== CCBILL CGI Remote Exploit for /ccbill/whereami.cgi By: Knight420 7/07/03 spawns a shell with netcat and attempts to connect into the server on port 6666 to gain access of the webserver uid C COPYRIGH...

0.5AI score
Exploits0
exploitpack
exploitpack
added 2020/03/03 12:0 a.m.50 views

Microsoft Windows - WizardOpium Local Privilege Escalation

Microsoft Windows - WizardOpium Local Privilege Escalation include include extern "C" NTSTATUS NtUserMessageCallHWND hWnd, UINT msg, WPARAM wParam, LPARAM lParam, ULONGPTR ResultInfo, DWORD dwType, BOOL bAscii; int main HINSTANCE hInstance = GetModuleHandleNULL; WNDCLASSEX wcx; ZeroMemory&wcx,...

0.5AI score
Exploits0
exploitpack
exploitpack
added 2020/02/25 12:0 a.m.50 views

WordPress Plugin WooCommerce CardGate Payment Gateway 3.1.15 - Payment Process Bypass

WordPress Plugin WooCommerce CardGate Payment Gateway 3.1.15 - Payment Process Bypass Exploit Title: WordPress Plugin WooCommerce CardGate Payment Gateway 3.1.15 - Payment Process Bypass Discovery Date: 2020-02-02 Public Disclosure Date: 2020-02-22 Exploit Author: GeekHack Vendor Homepage:...

5.5CVSS0.3AI score0.04541EPSS
Exploits6
exploitpack
exploitpack
added 2019/12/20 12:0 a.m.50 views

phpMyChat-Plus 1.98 - pmc_username Reflected Cross-Site Scripting

phpMyChat-Plus 1.98 - pmcusername Reflected Cross-Site Scripting Exploit Title: phpMyChat-Plus 1.98 - 'pmcusername' Reflected Cross-Site Scripting Date: 2019-12-19 Exploit Author: Chris Inzinga Vendor Homepage: http://ciprianmp.com/latest/ Download: https://sourceforge.net/projects/phpmychat/...

4.3CVSS0.21232EPSS
Exploits4
exploitpack
exploitpack
added 2019/12/11 12:0 a.m.50 views

Adobe Acrobat Reader DC - Heap-Based Memory Corruption due to Malformed TTF Font

Adobe Acrobat Reader DC - Heap-Based Memory Corruption due to Malformed TTF Font We have observed the following access violation exception in the latest version of Adobe Acrobat Reader DC for Windows, when opening a malformed PDF file: --- cut --- First chance exceptions are reported before any...

7.5CVSS9.5AI score0.16837EPSS
Exploits3
exploitpack
exploitpack
added 2019/12/03 9:28 a.m.50 views

exploitpack.com

Pentest notes for: exploitpack.com Exploit Pack Nmap 7.80 scan initiated Tue Dec 3 09:27:33 2019 as: /usr/bin/nmap -sV -A -oA log/exploitpack.com exploitpack.com Nmap scan report for exploitpack.com 132.148.22.104 Host is up 0.18s latency. rDNS record for 132.148.22.104:...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2019/11/12 12:0 a.m.50 views

CBAS-Web 19.0.0 - Remote Code Execution

CBAS-Web 19.0.0 - Remote Code Execution Exploit Title: CBAS-Web 19.0.0 - Remote Code Execution Google Dork: NA Date: 2019-11-11 Exploit Author: LiquidWorm Vendor Homepage: https://www.computrols.com/capabilities-cbas-web/ Software Link: https://www.computrols.com/building-automation-software/...

9CVSS7.5AI score0.02991EPSS
Exploits4
exploitpack
exploitpack
added 2019/09/25 12:0 a.m.50 views

Microsoft SharePoint 2013 SP1 - DestinationFolder Persistant Cross-Site Scripting

Microsoft SharePoint 2013 SP1 - DestinationFolder Persistant Cross-Site Scripting Exploit Title: Microsoft SharePoint 2013 SP1 - 'DestinationFolder' Persistent Cross-Site Scripting Author: Davide Cioccia Discovery Date: 2019-09-25 Vendor Homepage: https://www.microsoft.com Software Link:...

3.5CVSS5.7AI score0.02794EPSS
Exploits5
exploitpack
exploitpack
added 2019/07/01 12:0 a.m.50 views

SAP Crystal Reports - Information Disclosure

SAP Crystal Reports - Information Disclosure Exploit Title: Sensitive Information Disclosure in SAP Crystal Reports Date: 2019-04-10 Exploit Author: Mohamed M.Fouad - From SecureMisr Company Vendor Homepage: https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=517899114 Version: SAP Crystal...

5CVSS9.5AI score0.06609EPSS
Exploits4
exploitpack
exploitpack
added 2019/06/17 12:0 a.m.50 views

Thunderbird ESR 60.7.XXX - icalmemorystrdupanddequote Heap-Based Buffer Overflow

Thunderbird ESR 60.7.XXX - icalmemorystrdupanddequote Heap-Based Buffer Overflow X41 D-Sec GmbH Security Advisory: X41-2019-001 Heap-based buffer overflow in Thunderbird ========================================= Severity Rating: High Confirmed Affected Versions: All versions affected Confirmed...

7.5CVSS0.3AI score0.10527EPSS
Exploits4
exploitpack
exploitpack
added 2019/06/04 12:0 a.m.50 views

Zoho ManageEngine ServiceDesk Plus 9.3 - PurchaseRequest.do Cross-Site Scripting

Zoho ManageEngine ServiceDesk Plus 9.3 - PurchaseRequest.do Cross-Site Scripting Exploit Title: Zoho ManageEngine ServiceDesk Plus 9.3 Cross-Site Scripting via PurchaseRequest.do Date: 2019-06-04 Exploit Author: Tarantula Team - VinCSS a member of Vingroup Vendor Homepage:...

4.3CVSS0.1AI score0.06056EPSS
Exploits5
exploitpack
exploitpack
added 2019/05/21 12:0 a.m.50 views

TP-LINK TL-WR840N v5 00000005 - Cross-Site Scripting

TP-LINK TL-WR840N v5 00000005 - Cross-Site Scripting Exploit Title: TL-WR840N v5 00000005 Date: 5/10/2019 Exploit Author: purnendu ghosh Vendor Homepage: https://www.tp-link.com/ Software Link: https://www.amazon.in/TP-LINK-TL-WR840N-300Mbps-Wireless-External/dp/B01A0G1J7Q Category: Hardware...

3.5CVSS5AI score0.01789EPSS
Exploits4
exploitpack
exploitpack
added 2019/02/14 12:0 a.m.50 views

WordPress Plugin Booking Calendar 8.4.3 - (Authenticated) SQL Injection

WordPress Plugin Booking Calendar 8.4.3 - Authenticated SQL Injection Exploit Title: Wordpress Booking Calendar v8.4.3 - Authenticated SQL Injection Vulnerability Date: 2018-12-28 Exploit Author: B0UG Vendor Homepage: https://wpbookingcalendar.com/ Software Link:...

6.5CVSS0.6AI score0.19238EPSS
Exploits5
exploitpack
exploitpack
added 2018/11/21 12:0 a.m.50 views

Ticketly 1.0 - name SQL Injection

Ticketly 1.0 - name SQL Injection Exploit Title: Ticketly 1.0 – 'name' SQL Injection Exploit Author: Javier Olmedo Website: https://hackpuntes.com Date: 2018-11-19 Google Dork: N/A Vendor: Abisoft https://abisoftgt.net Software Link:...

7.5CVSS0.4AI score0.03213EPSS
Exploits8
Total number of security vulnerabilities5000