Lucene search
K
ExploitpackMost viewed

41207 matches found

exploitpack
exploitpack
added 2012/06/27 12:0 a.m.49 views

symantec Web gateway 5.0.2.8 - Multiple Vulnerabilities

symantec Web gateway 5.0.2.8 - Multiple Vulnerabilities Software: Symantec Web Gateway Current Software Version: 5.0.2.8 Product homepage: www.symantec.com Author: S2 Crew Hungary CVE: CVE-2012-0297, CVE-2012-0298, ??? File include:...

10CVSS0.4AI score0.72596EPSS
Exploits22
exploitpack
exploitpack
added 2012/06/21 12:0 a.m.49 views

IBM System Storage DS Storage Manager Profiler - Multiple Vulnerabilities

IBM System Storage DS Storage Manager Profiler - Multiple Vulnerabilities IBM System Storage DS Storage Manager Profiler Multiple Vulnerabilities Vendor: IBM Corporation Product web page: http://www.ibm.com Affected version: 4.8.6 Summary: Through its extraordinary flexibility, reliability, and...

6.5CVSS0.4AI score0.05142EPSS
Exploits5
exploitpack
exploitpack
added 2012/04/24 12:0 a.m.49 views

RuggedCom Devices - Backdoor Access

RuggedCom Devices - Backdoor Access Title: Undocumented Backdoor Access to RuggedCom Devices Author: jc Organization: JC CREW Date: April 23, 2012 CVE: CVE-2012-1803 Background: RuggedCom is one of a handful of networking vendors who capitalize on the market for "Industrial Strength" and "Hardene...

8.5CVSS1.3AI score0.49114EPSS
Exploits8
exploitpack
exploitpack
added 2011/10/13 12:0 a.m.49 views

Microsoft Windows - .fon Kernel-Mode Buffer Overrun (PoC) (MS11-077)

Microsoft Windows - .fon Kernel-Mode Buffer Overrun PoC MS11-077 Exploit Title: MS11-077 .fon buffer overrun kernel-mode drivers exploit Google Dork: if relevant �we will automatically add these to the GHDB Date: 10/12/2011 Author: Byoungyoung Lee, http://www.cc.gatech.edu/blee303/ Software Link:...

9.3CVSS0.1AI score0.27772EPSS
Exploits4
exploitpack
exploitpack
added 2011/07/27 12:0 a.m.49 views

SWAT Samba Web Administration Tool - Cross-Site Request Forgery

SWAT Samba Web Administration Tool - Cross-Site Request Forgery Thanks & Regards, Narendra. Confidentiality: This e-mail and any attachments may be confidential and may also be privileged. If you are not an intended named recipient, please notify the sender immediately and do not disclose the...

6.8CVSS0.4AI score0.10046EPSS
Exploits6
exploitpack
exploitpack
added 2010/11/20 12:0 a.m.49 views

Native Instruments Massive 1.1.4 - KSD File Handling Use-After-Free

Native Instruments Massive 1.1.4 - KSD File Handling Use-After-Free !/usr/bin/perl Title: Native Instruments Massive 1.1.4 KSD File Handling Use-After-Free Vulnerability Vendor: Native Instruments GmbH Product web page: http://www.native-instruments.com Affected version: 1.1.4 R1901 Summary:...

0.2AI score
Exploits0
exploitpack
exploitpack
added 2010/11/11 12:0 a.m.49 views

Landesk - OS command Injection

Landesk - OS command Injection 1. Advisory Information Title: Landesk OS command injection Advisory Id: CORE-2010-1018 Advisory URL: http://www.coresecurity.com/content/landesk-os-command-injection-vulnerability Date published: 2010-11-10 Date of last update: 2010-11-10 Vendors contacted: LANDesk...

8.5CVSS0.4AI score0.03508EPSS
Exploits6
exploitpack
exploitpack
added 2010/04/06 12:0 a.m.49 views

WordPress Plugin NextGEN Gallery 1.5.1 - Cross-Site Scripting

WordPress Plugin NextGEN Gallery 1.5.1 - Cross-Site Scripting XSS Vulnerability in NextGEN Gallery Wordpress Plugin 1. Advisory Information Title: XSS Vulnerability in NextGEN Gallery Wordpress Plugin Advisory Id: CORE-2010-0323 Advisory URL:...

4.3CVSS0.1AI score0.04727EPSS
Exploits6
exploitpack
exploitpack
added 2010/01/03 12:0 a.m.49 views

Smart Vision Script News - newsdetail.php SQL Injection (1)

Smart Vision Script News - newsdetail.php SQL Injection 1 Exploit Title: Smart Vsion Script News newsdetail SQL Injection Vulnerability Software Link: www.esmart-vision.com ============================================ | Smart Vision Script News newsdetail SQL Injection Vulnerability...

0.7AI score
Exploits0
exploitpack
exploitpack
added 2009/12/15 12:0 a.m.49 views

SitioOnline - SQL Injection

SitioOnline - SQL Injection - cvs -vrew ! SitioOnline SQL Injection Vulnerability ! Author : 4lG3r14n0-t3r0 ! MAIL : [email protected] / Software Information + Vendor : http://www.SitioOnline.cl + script : SitioOnline + Download : + Vulnerability : php SQL injection + Dork...

8.6AI score
Exploits0
exploitpack
exploitpack
added 2009/07/15 12:0 a.m.49 views

Multiple Browsers - Denial of Service

Multiple Browsers - Denial of Service One bug to rule them all IE5,IE6,IE7,IE8,Netscape,Firefox,Safari,Opera,Konqueror, Seamonkey,Wii,PS3,iPhone,iPod,Nokia,Siemens.... and more. Don't wet your pants - it's DoS only Release mode: Tried hard to coordinate - gave up Reference : GSEC-TZO-26-2009 - On...

7.1CVSS6.1AI score0.04242EPSS
Exploits5
exploitpack
exploitpack
added 2009/06/12 12:0 a.m.49 views

4Images 1.7.7 - Filter Bypass HTML Injection Cross-Site Scripting

4Images 1.7.7 - Filter Bypass HTML Injection Cross-Site Scripting || || | || o,7 || . o7 || q||| o\, : / / . =By: Qabandi =Email: iqaahotmail.fr From Kuwait, PEACE... =Vuln: 4images = 1.7.7 - filter bypass HTML injection/XSS =INFO: =BUY: =DORK: -=/:Conditions:=-...

0.5AI score
Exploits0
exploitpack
exploitpack
added 2007/12/13 12:0 a.m.49 views

hosting controller 6.1 hot fix 3.3 - Multiple Vulnerabilities

hosting controller 6.1 hot fix 3.3 - Multiple Vulnerabilities Title: Multiple Security Bugs In Hosting Controller Critical: Extremely critical Impact: Full system administrator access Vendor: Hosting Controller Version: 6.1 Hot fix = 3.3 Vendor URL: www.hostingcontroller.com Solution: N/A From...

0.5AI score
Exploits0
exploitpack
exploitpack
added 2007/03/28 12:0 a.m.49 views

CodeBB 1.0 Beta 2 - phpbb_root_path Remote File Inclusion

CodeBB 1.0 Beta 2 - phpbbrootpath Remote File Inclusion codebb 1.1b3 phpbbrootpath Remote File Include Vulnerability D.Script: http://rd.cycnus.de/download/codebb-1.1b3.tar.bz2 Discovered by: Alkomandoz Hacker Homepage: http://www.asb-may.net V.Code includeonce$phpbbrootpath...

0.4AI score
Exploits0
exploitpack
exploitpack
added 2006/08/23 12:0 a.m.49 views

pSlash 0.7 - lvc_include_dir Remote File Inclusion

pSlash 0.7 - lvcincludedir Remote File Inclusion pSlash v0.7 lvcincludedir Remote Include Vulnerability Author: XORON Class: Remote cont@ct: x0r0nathotmaildotcom Code: require$lvcincludedir.'db/dbmysql.inc.php'; Exploit:...

Exploits0
exploitpack
exploitpack
added 2006/08/22 12:0 a.m.49 views

Simple Machines Forum (SMF) 1.1 rc2 - Lock Topics

Simple Machines Forum SMF 1.1 rc2 - Lock Topics !/usr/bin/php -q -d shortopentag=on 126 $result.=" ."; else $result.=" ".$string$i; if strlendechexord$string$i==2 $exa.=" ".dechexord$string$i;...

0.1AI score
Exploits0
exploitpack
exploitpack
added 2006/07/08 12:0 a.m.49 views

Mambo Component com_forum 1.2.4RC3 - Remote File Inclusion

Mambo Component comforum 1.2.4RC3 - Remote File Inclusion Bug Found by h4ntu http://h4ntu.com batamhacker crew Another Mambo component remote inclusion vulneribility download : http://mamboxchange.com/frs/download.php/6873/phpbbcomponent1.2.4RC3.zip bug found in file : download.php define'INPHPBB...

Exploits0
exploitpack
exploitpack
added 2006/06/27 12:0 a.m.49 views

Mambo Component Pearl 1.6 - Multiple Remote File Inclusions

Mambo Component Pearl 1.6 - Multiple Remote File Inclusions --------------------------------------------------------------------------- Pearl For Mambo = 1.6 GlobalSettingstemplatesDirectory Remote File Include Vulnerabilities...

7.5AI score
Exploits0
exploitpack
exploitpack
added 2005/06/06 12:0 a.m.49 views

Early Impact ProductCart 2.62.7 - viewPrd.asp?idcategory SQL Injection

Early Impact ProductCart 2.62.7 - viewPrd.asp?idcategory SQL Injection source: https://www.securityfocus.com/bid/13881/info ProductCart is prone to multiple SQL injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it...

0.6AI score
Exploits0
exploitpack
exploitpack
added 2005/05/31 12:0 a.m.49 views

PHP-Nuke 7.x - Multiple Remote File Inclusions

PHP-Nuke 7.x - Multiple Remote File Inclusions source: https://www.securityfocus.com/bid/18186/info PHP-Nuke is prone to multiple remote file-include vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit these issue...

0.1AI score
Exploits0
exploitpack
exploitpack
added 2005/04/12 12:0 a.m.49 views

Multiple Vendor ICMP Implementation - Malformed Path MTU Denial of Service

Multiple Vendor ICMP Implementation - Malformed Path MTU Denial of Service source: https://www.securityfocus.com/bid/13124/info Multiple vendor implementations of TCP/IP Internet Control Message Protocol ICMP are reported prone to several denial-of-service attacks. ICMP is employed by network nod...

5CVSS0.1AI score0.80675EPSS
Exploits10
exploitpack
exploitpack
added 2004/09/02 12:0 a.m.49 views

AOL Instant Messenger AIM - Away Message Remote (2)

AOL Instant Messenger AIM - Away Message Remote 2 / CAN-2004-0636 / / AIM Away Message Buffer Overflow Exploit Exploit by John Bissell A.K.A. HighT1mes Exploit: ======== drizzit.c Vulnerable Software: ==================== - AIM 5.5.3588 - AIM 5.5.3590 Beta - AIM 5.5.3591 - AIM 5.5.3595 and a coup...

10CVSS0.2AI score0.66019EPSS
Exploits14
exploitpack
exploitpack
added 2004/02/16 12:0 a.m.49 views

AllMyLinks 0.x - footer.inc.php Arbitrary Code Execution

AllMyLinks 0.x - footer.inc.php Arbitrary Code Execution source: https://www.securityfocus.com/bid/9664/info Reportedly the AllMyPHP applications AllMyGuests, AllMyLinks and AllMyVisitors are prone to a remote file include vulnerability. The issue is due to insufficient filtering of URI passed...

0.3AI score
Exploits0
exploitpack
exploitpack
added 2003/09/07 12:0 a.m.49 views

Mah-Jong 1.4 - ClientServer Remote sscanf() Buffer Overflow

Mah-Jong 1.4 - ClientServer Remote sscanf Buffer Overflow // source: https://www.securityfocus.com/bid/8557/info A remote buffer overflow vulnerability when calling the sscanf function has been reported to affect the mah-jong game client and server programs. The issue occurs within seperate sourc...

7.5CVSS1.1AI score0.0493EPSS
Exploits3
exploitpack
exploitpack
added 2000/08/01 12:0 a.m.49 views

Microsoft Windows NT 4.02000 - NetBIOS Name Conflict

Microsoft Windows NT 4.02000 - NetBIOS Name Conflict source: https://www.securityfocus.com/bid/1514/info An attacker can send the NetBIOS name service a NetBIOS Name Conflict message even when the receiving machine is not in the process of registering its NetBIOS name. The target will then not...

Exploits0
exploitpack
exploitpack
added 2019/12/10 12:0 a.m.48 views

Inim Electronics Smartliving SmartLAN 6.x - Remote Command Execution

Inim Electronics Smartliving SmartLAN 6.x - Remote Command Execution Exploit Title: Inim Electronics Smartliving SmartLAN 6.x - Remote Command Execution Author: LiquidWorm Date: 2019-12-09 Product web page: https://www.inim.biz Link:...

0.9AI score
Exploits0
exploitpack
exploitpack
added 2019/12/03 9:52 a.m.48 views

google.com

Pentest notes for: google.com Exploit Pack Nmap 7.80 scan initiated Tue Dec 3 09:27:33 2019 as: /usr/bin/nmap -sV -A -oA log/exploitpack.com exploitpack.com Nmap scan report for exploitpack.com 132.148.22.104 Host is up 0.18s latency. rDNS record for 132.148.22.104:...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2019/11/14 12:0 a.m.48 views

Siemens Desigo PX 6.00 - Denial of Service (PoC)

Siemens Desigo PX 6.00 - Denial of Service PoC Title: Siemens Desigo PX 6.00 - Denial of Service PoC Author: LiquidWorm Date: 2019-11-14 Vendor web page: https://www.siemens.com Product web page: https://new.siemens.com/global/en/products/buildings/automation/desigo.html Affected version:6.00...

5CVSS0.1AI score0.01675EPSS
Exploits5
exploitpack
exploitpack
added 2019/11/12 12:0 a.m.48 views

CBAS-Web 19.0.0 - Information Disclosure

CBAS-Web 19.0.0 - Information Disclosure Exploit Title: CBAS-Web 19.0.0 - Information Disclosure Google Dork: NA Date: 2019-11-11 Exploit Author: LiquidWorm Vendor Homepage: https://www.computrols.com/capabilities-cbas-web/ Software Link: https://www.computrols.com/building-automation-software/...

5CVSS6.7AI score0.09012EPSS
Exploits4
exploitpack
exploitpack
added 2019/11/12 12:0 a.m.48 views

Computrols CBAS-Web 19.0.0 - username Reflected Cross-Site Scripting

Computrols CBAS-Web 19.0.0 - username Reflected Cross-Site Scripting Exploit Title: Computrols CBAS-Web 19.0.0 - 'username' Reflected Cross-Site Scripting Google Dork: NA Date: 2018-09-06 Exploit Author: LiquidWorm Vendor Homepage: https://www.computrols.com/capabilities-cbas-web/ Software Link:...

4.3CVSS0.2AI score0.04662EPSS
Exploits4
exploitpack
exploitpack
added 2019/10/21 12:0 a.m.48 views

Solaris 11.4 - xscreensaver Privilege Escalation

Solaris 11.4 - xscreensaver Privilege Escalation @Mediaservice.net Security Advisory 2019-02 last updated on 2019-10-16 Title: Local privilege escalation on Solaris 11.x via xscreensaver Application: Jamie Zawinski's xscreensaver 5.39 distributed with Solaris 11.4 Jamie Zawinski's xscreensaver 5....

4.6CVSS0.3AI score0.13506EPSS
Exploits8
exploitpack
exploitpack
added 2019/09/10 12:0 a.m.48 views

WordPress Plugin Photo Gallery 1.5.34 - SQL Injection

WordPress Plugin Photo Gallery 1.5.34 - SQL Injection Exploit Title: WordPress Plugin Photo Gallery by 10Web Add new and in add galleries / Gallery groups. GET request going with parameter albumid is vulnerable to Time Based Blind SQL injection. Following is the POC, 1...

7.5CVSS0.6AI score0.25438EPSS
Exploits4
exploitpack
exploitpack
added 2019/09/02 12:0 a.m.48 views

Craft CMS 2.7.93.2.5 - Information Disclosure

Craft CMS 2.7.93.2.5 - Information Disclosure Exploit Title : CraftCms Users information disclosure From uploaded File Author Discovered By : Mohammed Abdul Raheem Author's Company Name : TrekShield IT Solution Author Exploit-db : https://www.exploit-db.com/?author=9783 Found Vulnerability On :...

5CVSS5.2AI score0.07968EPSS
Exploits4
exploitpack
exploitpack
added 2019/08/30 12:0 a.m.48 views

Sentrifugo 3.2 - Persistent Cross-Site Scripting

Sentrifugo 3.2 - Persistent Cross-Site Scripting Exploit Title: Sentrifugo 3.2 - Persistent Cross-Site Scripting Google Dork: N/A Date: 8/29/2019 Exploit Author: creosote Vendor Homepage: http://www.sentrifugo.com/ Version: 3.2 Tested on: Ubuntu 18.04 CVE : CVE-2019-15814 Multiple Stored XSS...

3.5CVSS5.4AI score0.01581EPSS
Exploits5
exploitpack
exploitpack
added 2019/08/14 12:0 a.m.48 views

Joomla! Component JS Jobs (com_jsjobs) 1.2.5 - customfields.php SQL Injection

Joomla! Component JS Jobs comjsjobs 1.2.5 - customfields.php SQL Injection Exploit Title: Joomla! component comjsjobs - 'customfields.php' SQL Injection Dork: inurl:"index.php?option=comjsjobs" Date: 13.08.19 Exploit Author: qw3rTyTy Vendor Homepage: https://www.joomsky.com/ Software Link:...

0.1AI score
Exploits0
exploitpack
exploitpack
added 2019/07/26 12:0 a.m.48 views

Moodle Filepicker 3.5.2 - Server Side Request Forgery

Moodle Filepicker 3.5.2 - Server Side Request Forgery Exploit Title: Server Side Request Forgery in Moodle Filepicker Google Dork: / Date: 2019-07-25 Exploit Author: Fabian Mosch & Nick Theisinger r-tec IT Security GmbH Vendor Homepage: https://moodle.org/ Software Link:...

4CVSS0.15855EPSS
Exploits4
exploitpack
exploitpack
added 2019/05/24 12:0 a.m.48 views

Microsoft Internet Explorer Windows 10 1809 17763.316 - Scripting Engine Memory Corruption

Microsoft Internet Explorer Windows 10 1809 17763.316 - Scripting Engine Memory Corruption Content Dim ar1&h3000000 Dim ar21000 Dim gremlin addressOfGremlin = &h28281000 Class MyClass Private mValue Public Property Let Valuev mValue = v End Property Public Default Property Get P P = mValue ' Wher...

7.6CVSS0.1AI score0.81551EPSS
Exploits9
exploitpack
exploitpack
added 2019/04/22 12:0 a.m.48 views

74CMS 5.0.1 - Cross-Site Request Forgery (Add New Admin User)

74CMS 5.0.1 - Cross-Site Request Forgery Add New Admin User Exploit Title: 74CMS v5.0.1 has a CSRF vulnerability to add a new admin user Date: 2019-04-14 Exploit Author: ax8 Vendor Homepage: https://github.com/Li-Siyuan Software Link: http://www.74cms.com/download/index.html Version: v5.0.1 CVE :...

6.8CVSS0.2AI score0.09853EPSS
Exploits5
exploitpack
exploitpack
added 2019/04/18 12:0 a.m.48 views

Netwide Assembler (NASM) 2.14rc15 - NULL Pointer Dereference (PoC)

Netwide Assembler NASM 2.14rc15 - NULL Pointer Dereference PoC Exploit Title: Netwide Assembler NASM 2.14rc15 NULL Pointer Dereference PoC Date: 2018-09-05 Exploit Author: Fakhri Zulkifli Vendor Homepage: https://www.nasm.us/ Software Link: https://www.nasm.us/pub/nasm/releasebuilds/?C=M;O=D...

4.3CVSS0.05166EPSS
Exploits5
exploitpack
exploitpack
added 2018/12/04 12:0 a.m.48 views

Microsoft Lync for Mac 2011 - Injection Forced BrowsingDownload

Microsoft Lync for Mac 2011 - Injection Forced BrowsingDownload Exploit Title: Microsoft Lync for Mac 2011 Injection Forced Browsing/Download Author: @nyxgeek - TrustedSec Date: 2018-03-20 Vendor Homepage: microsoft.com Software Link: https://www.microsoft.com/en-us/download/details.aspx?id=36517...

5CVSS7.9AI score0.38177EPSS
Exploits5
exploitpack
exploitpack
added 2018/11/14 12:0 a.m.48 views

SwitchVPN for macOS 2.1012.03 - Privilege Escalation

SwitchVPN for macOS 2.1012.03 - Privilege Escalation ======================================================================= Title: Privilege Escalation Vulnerability Product: SwitchVPN for MacOS Vulnerable version: 2.1012.03 CVE ID: CVE-2018-18860 Impact: Critical Homepage: https://switchvpn.net...

7.2CVSS0.7AI score0.01183EPSS
Exploits5
exploitpack
exploitpack
added 2018/10/29 12:0 a.m.48 views

Bakeshop Inventory System in VB.Net and MS Access Database 1.0 - SQL Injection

Bakeshop Inventory System in VB.Net and MS Access Database 1.0 - SQL Injection Exploit Title: Bakeshop Inventory System in VB.Net and MS Access Database 1.0 - SQL Injection Dork: N/A Date: 2018-10-29 Exploit Author: Ihsan Sencan Vendor Homepage: https://www.sourcecodester.com/users/janobe Softwar...

7.5CVSS0.5AI score0.03213EPSS
Exploits5
exploitpack
exploitpack
added 2018/10/25 12:0 a.m.48 views

ProjeQtOr Project Management Tool 7.2.5 - Remote Code Execution

ProjeQtOr Project Management Tool 7.2.5 - Remote Code Execution Exploit Title: ProjeQtOr Project Management Tool 7.2.5 - Remote Code Execution Date: 2018-10-22 Exploit Author: Özkan Mustafa Akkuş AkkuS Contact: https://pentest.com.tr Vendor Homepage: https://www.projeqtor.org Software Link:...

6.5CVSS0.3AI score0.09489EPSS
Exploits3
exploitpack
exploitpack
added 2018/08/27 12:0 a.m.48 views

Responsive FileManager 9.13.4 - Directory Traversal

Responsive FileManager 9.13.4 - Directory Traversal The following vulnerabilities were fixed in the version 9.13.4. https://responsivefilemanager.com 1 Path Traversal Allows to Read Any File Reserved CVE: CVE-2018-15535 Discovered By: Simon Uvarov Vendor Status: Fixed Details: The following reque...

5.8CVSS0.4AI score0.45242EPSS
Exploits6
exploitpack
exploitpack
added 2018/06/25 12:0 a.m.48 views

Ecessa WANWorx WVR-30 10.7.4 - Cross-Site Request Forgery (Add Superuser)

Ecessa WANWorx WVR-30 10.7.4 - Cross-Site Request Forgery Add Superuser Exploit title: Ecessa WANWorx WVR-30 input type="hidden" name="userusername...

0.3AI score
Exploits0
exploitpack
exploitpack
added 2018/06/20 12:0 a.m.48 views

Microsoft Windows 10 - Desktop Bridge Virtual Registry CVE-2018-0880 Incomplete Fix Privilege Escalation

Microsoft Windows 10 - Desktop Bridge Virtual Registry CVE-2018-0880 Incomplete Fix Privilege Escalation Windows: Windows: Desktop Bridge Virtual Registry CVE-2018-0880 Incomplete Fix EoP Platform: Windows 1709 not tested earlier version Class: Elevation of Privilege Summary: The handling of the...

6.9CVSS0.4AI score0.03181EPSS
Exploits5
exploitpack
exploitpack
added 2018/06/08 12:0 a.m.48 views

TrendMicro OfficeScan XG 11.0 - Change Prevention Bypass

TrendMicro OfficeScan XG 11.0 - Change Prevention Bypass + Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/TRENDMICRO-OFFICESCAN-XG-v11.0-UNAUTHORIZED-CHANGE-PREVENTION-SERVICE-BYPASS.txt + ISR: Apparition Security Greetz:...

2.1CVSS0.3AI score0.01362EPSS
Exploits5
exploitpack
exploitpack
added 2018/05/02 12:0 a.m.48 views

Norton Core Secure WiFi Router - BLE Command Injection (PoC)

Norton Core Secure WiFi Router - BLE Command Injection PoC PoC command injection in BLE service of Norton Core Secure WiFi Router CVE-2018-5234 For more information read paper. To demonstrate the exploitation, we will use: - OS GNU/Linux; - Bluetooth dongle adapter; - BlueZ utility for testing...

8.3CVSS8.2AI score0.16711EPSS
Exploits4
exploitpack
exploitpack
added 2018/05/02 12:0 a.m.48 views

Cockpit CMS 0.4.4 0.5.5 - Server-Side Request Forgery

Cockpit CMS 0.4.4 0.5.5 - Server-Side Request Forgery SSRF(Server Side Request Forgery) in Cockpit 0.4.4-0.5.5 CVE-2018-9302 Cockpit CMS repairs CVE-2017-14611, but it can be bypassed, SSRF still exist, affecting the Cockpit CMS 0.4.4-0.5.5 versions.I've been tested success of "Cockpit CMS" laste...

6.4CVSS0.7AI score0.08933EPSS
Exploits8
exploitpack
exploitpack
added 2018/04/24 12:0 a.m.48 views

Monstra CMS 3.0.4 - Arbitrary Folder Deletion

Monstra CMS 3.0.4 - Arbitrary Folder Deletion Exploit Title: Monstra CMS 3.0.4 allows remote attackers to delete folder via an get request Date: 2018-03-26 Exploit Author: Wenming Jiang Vendor Homepage: https://github.com/monstra-cms/monstra Software Link: https://github.com/monstra-cms/monstra...

5.5CVSS0.4AI score0.09813EPSS
Exploits3
Total number of security vulnerabilities5000