Lucene search
K
ExploitpackMost viewed

41207 matches found

exploitpack
exploitpack
added 2012/06/11 12:0 a.m.46 views

F5 BIG-IP - Authentication Bypass (PoC)

F5 BIG-IP - Authentication Bypass PoC Matta Consulting - Matta Advisory https://www.trustmatta.com F5 BIG-IP remote root authentication bypass Vulnerability Advisory ID: MATTA-2012-002 CVE reference: CVE-2012-1493 Affected platforms: BIG-IP platforms without SCCP Version: 11.x 10.x 9.x Date:...

7.8CVSS0.2AI score0.63078EPSS
Exploits15
exploitpack
exploitpack
added 2012/05/03 12:0 a.m.46 views

PluXml 5.1.5 - Local File Inclusion

PluXml 5.1.5 - Local File Inclusion Advisory ID: HTB23086 Product: PluXml Vendor: pluxml.org Vulnerable Versions: 5.1.5 and probably prior Tested Version: 5.1.5 Vendor Notification: 11 April 2012 Vendor Patch: 16 April 2012 Public Disclosure: 2 May 2012 Vulnerability Type: Local File Inclusion CV...

7.5CVSS6.5AI score0.09775EPSS
Exploits6
exploitpack
exploitpack
added 2012/01/13 12:0 a.m.46 views

MailEnable Webmail - Cross-Site Scripting

MailEnable Webmail - Cross-Site Scripting ME020567: MailEnable webmail cross-site scripting vulnerability CWE-79 References: CVE-2012-0389 Discovered by: Sajjad Pourali, Narendra Shinde and Shahab NamaziKhah Vendor advisory: http://www.mailenable.com/kb/Content/Article.asp?ID=me020567 Vendor...

4.3CVSS6.1AI score0.0842EPSS
Exploits5
exploitpack
exploitpack
added 2011/12/10 12:0 a.m.46 views

Acpid 1:2.0.10-1ubuntu2 (Ubuntu 11.0411.10) - Boundary Crossing Privilege Escalation

Acpid 1:2.0.10-1ubuntu2 Ubuntu 11.0411.10 - Boundary Crossing Privilege Escalation Exploit Title: Acpid Privilege Boundary Crossing Vulnerability Google Dork: Date: 23-11-2011 Author: otr Software Link: https://launchpad.net/ubuntu/+source/acpid Version: 1:2.0.10-1ubuntu2 Tested on: Ubuntu 11.10,...

4.4CVSS0.4AI score0.00612EPSS
Exploits5
exploitpack
exploitpack
added 2010/09/16 12:0 a.m.46 views

Linux Kernel 2.6.27 2.6.36 (RedHat x86-64) - compat Local Privilege Escalation

Linux Kernel 2.6.27 2.6.36 RedHat x86-64 - compat Local Privilege Escalation / Ac1dB1tch3z Vs Linux Kernel x8664 0day Today is a sad day.. R.I.P. Tue, 29 Apr 2008 / Tue, 7 Sep 2010 a bit of history: MCASTMSFILTER Compat mode bug found... upon commit! 2 year life on this one author David L Stevens...

0.7AI score
Exploits0
exploitpack
exploitpack
added 2010/07/22 12:0 a.m.46 views

Claus Muus Spitfire 1.0.336 - Multiple Cross-Site Scripting Vulnerabilities

Claus Muus Spitfire 1.0.336 - Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/41885/info Claus Muus Spitfire is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker may...

7AI score
Exploits0
exploitpack
exploitpack
added 2009/12/04 12:0 a.m.46 views

BM Classifieds Ads - SQL Injection

BM Classifieds Ads - SQL Injection ALGERIAN HACKER - NORTH-AFRICA SECURITY TEAM - ! BM Classifieds ads SQL injection vulnerability ! Author : Dr.0rYX & Cr3w-DZ ! MAIL : [email protected] & [email protected] / Software Information + Vendor : http://www.bmscripts.com/ + script : powered by BM Classified...

0.7AI score
Exploits0
exploitpack
exploitpack
added 2009/08/31 12:0 a.m.46 views

Linux Kernel 2.6 2.6.19 (White Box 4 CentOS 4.44.5 Fedora Core 456 x86) - ip_append_data() Ring0 Privilege Escalation (1)

Linux Kernel 2.6 2.6.19 White Box 4 CentOS 4.44.5 Fedora Core 456 x86 - ipappenddata Ring0 Privilege Escalation 1 / 0x82-CVE-2009-2698 Linux kernel 2.6 . / include include include include include include include unsigned int uid, gid; void getrootuidunsigned task unsigned addr=task;...

7.2CVSS0.6AI score0.0718EPSS
Exploits18
exploitpack
exploitpack
added 2009/04/30 12:0 a.m.46 views

Linux Kernel 2.6 (Gentoo Ubuntu 8.109.04) UDEV 1.4.1 - Local Privilege Escalation (2)

Linux Kernel 2.6 Gentoo Ubuntu 8.109.04 UDEV 1.4.1 - Local Privilege Escalation 2 / cve-2009-1185.c udev http://jon.oberheide.org Information: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1185 udev before 1.4.1 does not verify whether a NETLINK message originates from kernel space, whic...

7.2CVSS1.1AI score0.81528EPSS
Exploits12
exploitpack
exploitpack
added 2009/01/21 12:0 a.m.46 views

Joomla! Component beamospetition 1.0.12 - SQL Injection Cross-Site Scripting

Joomla! Component beamospetition 1.0.12 - SQL Injection Cross-Site Scripting Joomla component beamospetition 1.0.12 Sql Injection / Xss Author : vdss Dork : "Powered by beamospetition 1.0.12" Dl : http://joomlacode.org/gf/project/beamospetition/ Xss :...

0.4AI score
Exploits0
exploitpack
exploitpack
added 2009/01/14 12:0 a.m.46 views

DMXReady Registration Manager 1.1 - Contents Change

DMXReady Registration Manager 1.1 - Contents Change Title : DMXReady Registration Manager http://target/path//applications/RegistrationManager/incregistrationmanager.asp Edit - http://target/path//admin/RegistrationManager/addcategory.asp : milw0rm.com 2009-01-14...

0.5AI score
Exploits0
exploitpack
exploitpack
added 2008/06/23 12:0 a.m.46 views

Joomla! Component FacileForms 1.4.4 - Remote File Inclusion

Joomla! Component FacileForms 1.4.4 - Remote File Inclusion Title: Joomla Component ComFacileforms ================================================================ + Author : Dr.Kacak + Special Thankz : KnocKout and all my friends + System 0VerfL0verZ...

0.5AI score
Exploits0
exploitpack
exploitpack
added 2007/12/04 12:0 a.m.46 views

phpMyChat 0.14.5 - chatusers_popupL.php3 Multiple Cross-Site Scripting Vulnerabilities

phpMyChat 0.14.5 - chatuserspopupL.php3 Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/26698/info phpMyChat is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these...

7AI score
Exploits0
exploitpack
exploitpack
added 2007/10/23 12:0 a.m.46 views

PHP-Nuke platinum 7.6.b.5 - Remote File Inclusion

PHP-Nuke platinum 7.6.b.5 - Remote File Inclusion ---------------------------------------------- GrEeTs To -=sHaDoW sEcUrItY TeAm=- GrEaTs To ---------------------------------------------- A2J, Chucks, The Pitbull, ICQBomber, str0ke ---------------------------------------------- BiG sHoUt OuT tO...

0.2AI score
Exploits0
exploitpack
exploitpack
added 2007/05/23 12:0 a.m.46 views

Scallywag - template.php?path Remote File Inclusion

Scallywag - template.php?path Remote File Inclusion Scallywag = Remote File Inclusion Vulnerability Dork:"Powered by Scallywag" Vuln Code ERROR1:skin/dark/template.php ?php include"$path/source/top.txt"; RFI CODE BUG1:...

0.4AI score
Exploits0
exploitpack
exploitpack
added 2007/01/07 12:0 a.m.46 views

OpenBSD 3.x 4.0 - vga_ioctl() Local Privilege Escalation

OpenBSD 3.x 4.0 - vgaioctl Local Privilege Escalation / Critical Security OpenBSD 3.x-4.0 vgaioctl root exploit Bug had been discovered by allmighty Ilja van Sprundel ilja.netric.org Some code had been stolen from noir's openbsd exploit sources Fix is available:...

0.1AI score
Exploits0
exploitpack
exploitpack
added 2005/08/05 12:0 a.m.46 views

Jax PHP Scripts 1.01.342.143.31 - Guestbook File Client IP Disclosure

Jax PHP Scripts 1.01.342.143.31 - Guestbook File Client IP Disclosure source: https://www.securityfocus.com/bid/14482/info Jax PHP Scripts are affected by multiple cross-site scripting vulnerabilities. These issues are due to a failure in the applications to properly sanitize user-supplied input...

Exploits0
exploitpack
exploitpack
added 2005/04/12 12:0 a.m.46 views

Multiple Vendor ICMP Message Handling - Denial of Service

Multiple Vendor ICMP Message Handling - Denial of Service source: https://www.securityfocus.com/bid/13124/info Multiple vendor implementations of TCP/IP Internet Control Message Protocol ICMP are reported prone to several denial-of-service attacks. ICMP is employed by network nodes to determine...

5CVSS7.5AI score0.80675EPSS
Exploits10
exploitpack
exploitpack
added 2004/08/04 12:0 a.m.46 views

Linux Kernel 2.4.26 - File Offset Pointer Handling Memory Disclosure

Linux Kernel 2.4.26 - File Offset Pointer Handling Memory Disclosure / CAN-2004-0415 / gcc -O3 prockmemdump.c -o prockmemdump Copyright c 2004 iSEC Security Research. All Rights Reserved. THIS PROGRAM IS FOR EDUCATIONAL PURPOSES ONLY IT IS PROVIDED "AS IS" AND WITHOUT ANY WARRANTY. COPYING,...

2.1CVSS0.1AI score0.00766EPSS
Exploits5
exploitpack
exploitpack
added 2004/01/30 12:0 a.m.46 views

Laurent Adda Les Commentaires 2.0 - PHP Script derniers_commentaires.php Remote File Inclusion

Laurent Adda Les Commentaires 2.0 - PHP Script dernierscommentaires.php Remote File Inclusion source: https://www.securityfocus.com/bid/9536/info It has been reported that Les Commentaires may be prone to a file include vulnerability in various modules, that may allow an attacker to include...

0.6AI score
Exploits0
exploitpack
exploitpack
added 2003/10/07 12:0 a.m.46 views

Microsoft Windows XP20002003 - Message Queuing Service Heap Overflow

Microsoft Windows XP20002003 - Message Queuing Service Heap Overflow source: https://www.securityfocus.com/bid/8783/info It has been reported that the Microsoft Message Queuing service is prone to a heap overflow. The Symantec DeepSight analyst team is currently analyzing proof-of-concept exploit...

Exploits0
exploitpack
exploitpack
added 2003/07/29 12:0 a.m.46 views

Microsoft Windows - RPC DCOM Remote (1)

Microsoft Windows - RPC DCOM Remote 1 ////////////////////////////////////////////////////////////////////////////////////////////// // // Windows RPC DCOM Remote Exploit with 18 Targets // by pHrail and smurfy + some offsets by teos // // Targets: // 0 Win2k Polish nosp ver 5.00.2195 // 1 Win2k...

7.5AI score
Exploits0
exploitpack
exploitpack
added 2000/09/04 12:0 a.m.46 views

Libc locale - Local Privilege Escalation (1)

Libc locale - Local Privilege Escalation 1 / source: https://www.securityfocus.com/bid/1634/info ectiva 4.x/5.x,Debian 2.x,IBM AIX 3.x/4.x,Mandrake 7,RedHat 5.x/6.x,IRIX 6.x, Solaris 2.x/7/8,Turbolinux 6.x,Wirex Immunix OS 6.2 Locale Subsystem Format String Many UNIX operating systems provide...

0.7AI score
Exploits0
exploitpack
exploitpack
added 2000/06/08 12:0 a.m.46 views

Microsoft Windows NT 4.0 - Remote Registry Request Denial of Service (MS00-040) (2)

Microsoft Windows NT 4.0 - Remote Registry Request Denial of Service MS00-040 2 source: https://www.securityfocus.com/bid/1331/info In special circumstances while handling requests to access the Remote Registry Server, Windows NT 4.0 can crash due to winlogon.exe's inability to process specially...

5CVSS6.9AI score0.19224EPSS
Exploits3
exploitpack
exploitpack
added 1999/05/25 12:0 a.m.46 views

Microsoft IIS 4.0 Microsoft JET 3.53.5.1 Database Engine - VBA

Microsoft IIS 4.0 Microsoft JET 3.53.5.1 Database Engine - VBA source: https://www.securityfocus.com/bid/286/info Microsoft's JET database engine feature allows the embedding of Visual Basic for Application in SQL string expressions and the lack of metacharacter filtering by many web applications...

7.3AI score
Exploits0
exploitpack
exploitpack
added 1998/08/31 12:0 a.m.46 views

Xi Graphics Maximum CDE 1.2.3TriTeal TED CDE 4.3Sun Solaris 2.5.1 - ToolTalk RPC Service Overflow (1)

Xi Graphics Maximum CDE 1.2.3TriTeal TED CDE 4.3Sun Solaris 2.5.1 - ToolTalk RPC Service Overflow 1 // source: https://www.securityfocus.com/bid/122/info An implementation fault in the ToolTalk object database server allows a remote attacker to run arbitrary code as the superuser on hosts...

0.4AI score
Exploits0
exploitpack
exploitpack
added 1994/02/07 12:0 a.m.46 views

HP-UX 1011 IRIX 3456 OpenSolaris build snv Solaris 8910 SunOS 4.1 - rpc.ypupdated Command Execution (1)

HP-UX 1011 IRIX 3456 OpenSolaris build snv Solaris 8910 SunOS 4.1 - rpc.ypupdated Command Execution 1 / source: https://www.securityfocus.com/bid/1749/info HP-UX 10.x/11.x,IRIX 3.x/4.x/5.x/6.x,OpenSolaris build snv,Solaris 8/9/10,SunOS 4.1.x RPC.YPUpdated Command Execution 1 The 'rpc.ypupdated'...

0.1AI score
Exploits0
exploitpack
exploitpack
added 2020/02/19 12:0 a.m.45 views

DBPower C300 HD Camera - Remote Configuration Disclosure

DBPower C300 HD Camera - Remote Configuration Disclosure Exploit Title: DBPower C300 HD Camera - Remote Configuration Disclosure Date: 2020-02-19 Author: Todor Donev Vendor: https://donev.eu/ CVE: N/A Copyright 2020 c Todor Donev https://donev.eu/...

7.5AI score
Exploits0
exploitpack
exploitpack
added 2020/02/17 12:0 a.m.45 views

WordPress Theme Fruitful 3.8 - Persistent Cross-Site Scripting

WordPress Theme Fruitful 3.8 - Persistent Cross-Site Scripting Exploit Title: WordPress Theme Fruitful 3.8 - Persistent Cross-Site Scripting Dork: intext:"Fruitful theme by fruitfulcode Powered by: WordPress" intext:"Comment" intext:"Leave a Reply" Date: 2020-02-14 Category : Webapps Software Lin...

6.8AI score
Exploits0
exploitpack
exploitpack
added 2020/01/16 12:0 a.m.45 views

Rukovoditel Project Management CRM 2.5.2 - filters SQL Injection

Rukovoditel Project Management CRM 2.5.2 - filters SQL Injection Exploit Title: Rukovoditel Project Management CRM 2.5.2 - 'filters' SQL Injection Google Dork: N/A Date: 2020-01-15 Blog: https://fatihhcelik.blogspot.com/ Exploit Author: Fatih Çelik Vendor Homepage: https://www.rukovoditel.net/...

0.4AI score
Exploits0
exploitpack
exploitpack
added 2020/01/13 12:0 a.m.45 views

Allok RM RMVB to AVI MPEG DVD Converter 3.6.1217 - Stack Overflow (SEH)

Allok RM RMVB to AVI MPEG DVD Converter 3.6.1217 - Stack Overflow SEH Exploit Title: Allok RM RMVB to AVI MPEG DVD Converter 3.6.1217 - Stack Overflow SEH Date: 2020-01-12 Exploit Author: Antonio de la Piedra Vendor Homepage: https://www.alloksoft.com Software Link:...

0.5AI score
Exploits0
exploitpack
exploitpack
added 2020/01/08 12:0 a.m.45 views

EBBISLAND EBBSHAVE 6100-09-04-1441 - Remote Buffer Overflow

EBBISLAND EBBSHAVE 6100-09-04-1441 - Remote Buffer Overflow Exploit Title: EBBISLAND EBBSHAVE 6100-09-04-1441 - Remote Buffer Overflow Date: 2018-09-19 Exploit Author: Harrison Neal Vendor Homepage: https://www.ibm.com/us-en/ Version: 6100-09-04-1441, 7100-03-05-1524, 7100-04-00-0000,...

10CVSS0.8AI score0.21798EPSS
Exploits5
exploitpack
exploitpack
added 2019/12/12 12:0 a.m.45 views

ManageEngine Desktop Central - FileStorage getChartImage Deserialization Unauthenticated Remote Code Execution

ManageEngine Desktop Central - FileStorage getChartImage Deserialization Unauthenticated Remote Code Execution !/usr/bin/python3 """ ManageEngine Desktop Central FileStorage getChartImage Deserialization of Untrusted Data Remote Code Execution Vulnerability Download:...

0.1AI score
Exploits0
exploitpack
exploitpack
added 2019/12/10 12:0 a.m.45 views

Inim Electronics Smartliving SmartLAN 6.x - Unauthenticated Server-Side Request Forgery

Inim Electronics Smartliving SmartLAN 6.x - Unauthenticated Server-Side Request Forgery Exploit Title: Inim Electronics Smartliving SmartLAN 6.x - Unauthenticated Server-Side Request Forgery Author: LiquidWorm Date: 2019-12-09 Product web page: https://www.inim.biz Link:...

0.9AI score
Exploits0
exploitpack
exploitpack
added 2019/11/21 12:0 a.m.45 views

GNU Mailutils 3.7 - Privilege Escalation

GNU Mailutils 3.7 - Privilege Escalation Exploit Title: GNU Mailutils 3.7 - Local Privilege Escalation Date: 2019-11-06 Exploit Author: Mike Gualtieri Vendor Homepage: https://mailutils.org/ Software Link: https://ftp.gnu.org/gnu/mailutils/mailutils-3.7.tar.gz Version: 2.0 = 3.7 Tested on: Gentoo...

4.6CVSS0.5AI score0.01135EPSS
Exploits5
exploitpack
exploitpack
added 2019/11/12 12:0 a.m.45 views

Prima Access Control 2.3.35 - HwName Persistent Cross-Site Scripting

Prima Access Control 2.3.35 - HwName Persistent Cross-Site Scripting Exploit Title: Prima Access Control 2.3.35 - 'HwName' Persistent Cross-Site Scripting Google Dork: NA Date: 2019-11-11 Exploit Author: LiquidWorm Vendor Homepage: https://www.computrols.com/capabilities-cbas-web/ Software Link:...

3.5CVSS8.8AI score0.08256EPSS
Exploits5
exploitpack
exploitpack
added 2019/11/12 12:0 a.m.45 views

Adrenalin Core HCM 5.4.0 - prntDDLCntrlName Reflected Cross-Site Scripting

Adrenalin Core HCM 5.4.0 - prntDDLCntrlName Reflected Cross-Site Scripting Exploit Title: Adrenalin Core HCM 5.4.0 - 'prntDDLCntrlName' Reflected Cross-Site Scripting Google Dork: NA Date: 2018-09-06 Exploit Author: Rishu Ranjan Cy83rl0gger Vendor Homepage: https://www.myadrenalin.com/ Software...

4.3CVSS0.4AI score0.02607EPSS
Exploits5
exploitpack
exploitpack
added 2019/10/16 12:0 a.m.45 views

Solaris xscreensaver 11.4 - Privilege Escalation

Solaris xscreensaver 11.4 - Privilege Escalation Exploit Title: Solaris xscreensaver 11.4 - Privilege Escalation Date: 2019-10-16 Exploit Author: Marco Ivaldi Vendor Homepage: https://www.oracle.com/technetwork/server-storage/solaris11/ Version: Solaris 11.x Tested on: Solaris 11.4 and 11.3 X86...

4.6CVSS0.6AI score0.13506EPSS
Exploits8
exploitpack
exploitpack
added 2019/10/14 12:0 a.m.45 views

Kirona-DRS 5.5.3.5 - Information Disclosure

Kirona-DRS 5.5.3.5 - Information Disclosure Exploit Title: Kirona-DRS 5.5.3.5 - Information Disclosure Discovered Date: 2019-10-03 Shodan Search: /opt-portal/pages/login.xhtml Exploit Author: Ramikan Vendor Homepage: https://www.kirona.com/products/dynamic-resource-scheduler/ Affected Version: DR...

5CVSS5.5AI score0.49236EPSS
Exploits6
exploitpack
exploitpack
added 2019/09/27 12:0 a.m.45 views

V-SOL GPONEPON OLT Platform 2.03 - Unauthenticated Configuration Download

V-SOL GPONEPON OLT Platform 2.03 - Unauthenticated Configuration Download Title: V-SOL GPON/EPON OLT Platform 2.03 - Unauthenticated Configuration Download Date: 2019-09-27 Author: LiquidWorm Vendor: Guangzhou V-SOLUTION Electronic Technology Co., Ltd. Product web page: https://www.vsolcn.com...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2019/07/10 12:0 a.m.45 views

Microsoft DirectWrite AFDKO - Stack Corruption in OpenType Font Handling due to Out-of-Bounds cubeStackDepth

Microsoft DirectWrite AFDKO - Stack Corruption in OpenType Font Handling due to Out-of-Bounds cubeStackDepth ----===== Background =====----- AFDKO Adobe Font Development Kit for OpenType is a set of tools for examining, modifying and building fonts. The core part of this toolset is a font handlin...

7.3AI score
Exploits0
exploitpack
exploitpack
added 2019/07/10 12:0 a.m.45 views

Microsoft DirectWrite AFDKO - Interpreter Stack Underflow in OpenType Font Handling Due to Missing CHKUFLOW

Microsoft DirectWrite AFDKO - Interpreter Stack Underflow in OpenType Font Handling Due to Missing CHKUFLOW -----===== Background =====----- AFDKO Adobe Font Development Kit for OpenType is a set of tools for examining, modifying and building fonts. The core part of this toolset is a font handlin...

0.1AI score
Exploits0
exploitpack
exploitpack
added 2019/06/06 12:0 a.m.45 views

Supra Smart Cloud TV - openLiveURL() Remote File Inclusion

Supra Smart Cloud TV - openLiveURL Remote File Inclusion Exploit Title: Remote file inclusion Date: 03-06-2019 Exploit Author: Dhiraj Mishra Vendor Homepage: https://supra.ru Software Link: https://supra.ru/catalog/televizory/televizorsuprastvlc40lt0020f/ CVE: CVE-2019-12477 References:...

2.1CVSS0.1AI score0.13318EPSS
Exploits7
exploitpack
exploitpack
added 2019/04/30 12:0 a.m.45 views

Intelbras IWR 3000N - Denial of Service (Remote Reboot)

Intelbras IWR 3000N - Denial of Service Remote Reboot /bin/bash PoC based on CVE-2019-11415 created by Social Engineering Neo. Credit: https://1.337.zone/2019/04/08/intelbras-iwr-3000n-any-version-dos-on-malformed-login-request/ A malformed login request allows remote attackers to cause a denial ...

7.8CVSS7.6AI score0.13743EPSS
Exploits5
exploitpack
exploitpack
added 2019/04/26 12:0 a.m.45 views

Apache Pluto 3.0.0 3.0.1 - Persistent Cross-Site Scripting

Apache Pluto 3.0.0 3.0.1 - Persistent Cross-Site Scripting Exploit Title: Stored XSS Date: 25-04-2019 Exploit Author: Dhiraj Mishra Vendor Homepage: https://portals.apache.org/pluto Software Link: https://portals.apache.org/pluto/download.html Version: 3.0.0, 3.0.1 Tested on: Ubuntu 16.04 LTS CVE...

4.3CVSS6.1AI score0.20649EPSS
Exploits5
exploitpack
exploitpack
added 2019/04/25 12:0 a.m.45 views

JioFi 4G M2S 1.0.2 - mask Cross-Site Scripting

JioFi 4G M2S 1.0.2 - mask Cross-Site Scripting Exploit Title: cgi-bin/qcmapwebcgi on JioFi 4G M2S 1.0.2 devices has XSS and HTML injection via the mask POST parameter. Exploit Author: Vikas Chaudhary Date: 21-01-2019 Vendor Homepage: https://www.jio.com/ Hardware Link:...

4.3CVSS6.1AI score0.03991EPSS
Exploits5
exploitpack
exploitpack
added 2019/03/21 12:0 a.m.45 views

Rails 5.2.1 - Arbitrary File Content Disclosure

Rails 5.2.1 - Arbitrary File Content Disclosure ''' Exploit Title: File Content Disclosure on Rails Date: CVE disclosed 3/16 today's date is 3/20 Exploit Author: NotoriousRebel Vendor Homepage: https://rubyonrails.org/ Software Link: https://github.com/rails/rails Version: Versions Affected: all...

5CVSS0.98507EPSS
Exploits18
exploitpack
exploitpack
added 2019/03/11 12:0 a.m.45 views

Linux Kernel 4.4 (Ubuntu 16.04) - snd_timer_user_ccallback() Kernel Pointer Leak

Linux Kernel 4.4 Ubuntu 16.04 - sndtimeruserccallback Kernel Pointer Leak include include include include include include include include include include include include include include Exploit Title: Linux Kernel 4.4 Ubuntu 16.04 - Leak kernel pointer in sndtimeruserccallback Google Dork: - Date...

2.1CVSS0.3AI score0.01213EPSS
Exploits5
exploitpack
exploitpack
added 2018/12/10 12:0 a.m.45 views

Kubernetes - (Unauthenticated) Arbitrary Requests

Kubernetes - Unauthenticated Arbitrary Requests !/usr/bin/env python3 import argparse from ssl import wrapsocket from json import loads, dumps from socket import createconnection def requeststage1base, version, target: stage1 = "" with open'ustage1', 'r' as stage1fd: stage1 = stage1fd.read return...

7.5CVSS0.6AI score0.86978EPSS
Exploits10
exploitpack
exploitpack
added 2018/11/30 12:0 a.m.45 views

xorg-x11-server 1.20.3 - modulepath Local Privilege Escalation

xorg-x11-server 1.20.3 - modulepath Local Privilege Escalation !/bin/sh raptorxorgy - xorg-x11-server LPE via modulepath switch Copyright c 2018 Marco Ivaldi A flaw was found in xorg-x11-server before 1.20.3. An incorrect permission check for -modulepath and -logfile options when starting Xorg. X...

7.2CVSS0.2AI score0.2704EPSS
Exploits40
Total number of security vulnerabilities5000