Lucene search
K
ExploitpackMost viewed

41207 matches found

exploitpack
exploitpack
added 2018/11/13 12:0 a.m.43 views

CentOS Web Panel 0.9.8.740 - Cross-Site Request Forgery Cross-Site Scripting

CentOS Web Panel 0.9.8.740 - Cross-Site Request Forgery Cross-Site Scripting Title: CentOS Web Panel Root Account Takeover + Remote Command Execution var url = "http://targetserver:2030/admin/index.php?module=rootpwd"; var params = "ifpost=yes&password1=newpassword&password2=newpassword"; var vul...

6.8CVSS0.5AI score0.04751EPSS
Exploits8
exploitpack
exploitpack
added 2018/10/30 12:0 a.m.43 views

xorg-x11-server 1.20.3 - Privilege Escalation

xorg-x11-server 1.20.3 - Privilege Escalation Exploit Title: xorg-x11-server 1.20.3 - Privilege Escalation Date: 2018-10-27 Exploit Author: Marco Ivaldi Vendor Homepage: https://www.x.org/ Version: xorg-x11-server 1.19.0 - 1.20.2 Tested on: OpenBSD 6.3 and 6.4 CVE : CVE-2018-14665 raptorxorgasm...

7.2CVSS0.7AI score0.2704EPSS
Exploits39
exploitpack
exploitpack
added 2018/10/12 12:0 a.m.43 views

D-Link Routers - Plaintext Password

D-Link Routers - Plaintext Password Password stored in plaintext CVE: CVE-2018-10824 Description: An issue was discovered on D-Link routers: DWR-116 through 1.06, DIR-140L through 1.02, DIR-640L through 1.02, DWR-512 through 2.02, DWR-712 through 2.02, DWR-912 through 2.02, DWR-921 through 2.02,...

5CVSS8.7AI score0.39268EPSS
Exploits9
exploitpack
exploitpack
added 2018/09/25 12:0 a.m.43 views

WebKit - WebCore::AXObjectCache::handleMenuItemSelected Use-After-Free

WebKit - WebCore::AXObjectCache::handleMenuItemSelected Use-After-Free function jsfuzzer var a; forvar i=0;i !-- ================================================================= ASan log: ================================================================= ==69238==ERROR: AddressSanitizer:...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2018/09/17 12:0 a.m.43 views

CA Release Automation NiMi 6.5 - Remote Command Execution

CA Release Automation NiMi 6.5 - Remote Command Execution Exploit Title: CA Release Automation NiMi 6.5 - Remote Command Execution Date: 2016-06-23 Exploit Authors: Jakub Palaczynski, Maciej Grabiec Vendor Homepage: http://www.ca.com/ Software Link:...

7.5CVSS0.2AI score0.16764EPSS
Exploits5
exploitpack
exploitpack
added 2018/07/23 12:0 a.m.43 views

Tenda Wireless N150 Router 5.07.50 - Cross-Site Request Forgery (Reboot Router)

Tenda Wireless N150 Router 5.07.50 - Cross-Site Request Forgery Reboot Router Exploit Title: Tenda Wireless N150 Router 5.07.50 - Cross-Site Request Forgery Reboot Router Date: 2018-07-21 Exploit Author: Nathu Nandwani Website: http://nandtech.co CVE: CVE-2015-5996 Description: The router is...

6.8CVSS0.1AI score0.01383EPSS
Exploits4
exploitpack
exploitpack
added 2018/07/20 12:0 a.m.44 views

MSVOD 10 - cid SQL Injection

MSVOD 10 - cid SQL Injection Exploit Title: MSVOD V10 ¡V SQL Injection Google Dork: inurl:"images/lists?cid=13" Date: 2018/07/17 Exploit Author: Hzllaga Vendor Homepage: http://www.msvod.cc/ Version: MSVOD V10 CVE : CVE-2018-14418 Reference : https://www.wtfsec.org/2583/msvod-v10-sql-injection/...

7.5CVSS0.3AI score0.09076EPSS
Exploits3
exploitpack
exploitpack
added 2018/07/17 12:0 a.m.43 views

Microhard Systems 3G4G Cellular Ethernet and Serial Gateway - Configuration Download

Microhard Systems 3G4G Cellular Ethernet and Serial Gateway - Configuration Download Microhard Systems 3G/4G Cellular Ethernet and Serial Gateway Configuration Download Vendor: Microhard Systems Inc. Product web page: http://www.microhardcorp.com Affected version: IPn4G 1.1.0 build 1098 IPn3Gb...

Exploits0
exploitpack
exploitpack
added 2018/07/17 12:0 a.m.43 views

Microhard Systems 3G4G Cellular Ethernet and Serial Gateway - Restricted Shell Escape

Microhard Systems 3G4G Cellular Ethernet and Serial Gateway - Restricted Shell Escape Microhard Systems 3G/4G Cellular Ethernet and Serial Gateway Backdoor Jailbreak Vendor: Microhard Systems Inc. Product web page: http://www.microhardcorp.com Affected version: IPn4G 1.1.0 build 1098 IPn3Gb 2.2.0...

0.4AI score
Exploits0
exploitpack
exploitpack
added 2018/05/28 12:0 a.m.43 views

wityCMS 0.6.1 - Cross-Site Scripting

wityCMS 0.6.1 - Cross-Site Scripting Exploit Title: wityCMS 0.6.1 Persistent XSS on "Website's name" field Date: 05/28/2018 Exploit Author: Nathu Nandwani Website: http://nandtech.co/ Vendor Homepage: https://creatiwity.net/witycms Software Link:...

3.5CVSS5AI score0.02178EPSS
Exploits5
exploitpack
exploitpack
added 2018/05/10 12:0 a.m.43 views

ModbusPal 1.6b - XML External Entity Injection

ModbusPal 1.6b - XML External Entity Injection + Exploit Title: ModbusPal XXE Injection + Date: 05-08-2018 + Exploit Author: Trent Gordon + Vendor Homepage: http://modbuspal.sourceforge.net/ + Software Link: https://sourceforge.net/projects/modbuspal/files/latest/download?source=files + Version:...

4.3CVSS5.8AI score0.06018EPSS
Exploits5
exploitpack
exploitpack
added 2018/05/08 12:0 a.m.43 views

2345 Security Guard 3.7 - 2345NetFirewall.sys Denial of Service

2345 Security Guard 3.7 - 2345NetFirewall.sys Denial of Service / Exploit Title: 2345 Security Guard 3.7 - Denial of Service Date: 2018-05-08 Exploit Author: anhkgg Vendor Homepage: http://safe.2345.cc/ Software Link: http://dl.2345.cc/2345pcsafe/2345pcsafev3.7.0.9345.exe Version: v3.7 Tested on:...

6.1CVSS0.01135EPSS
Exploits5
exploitpack
exploitpack
added 2018/01/08 12:0 a.m.43 views

BarcodeWiz ActiveX Control 6.7 - Buffer Overflow (PoC)

BarcodeWiz ActiveX Control 6.7 - Buffer Overflow PoC + Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/BARCODEWIZ-v6.7-ACTIVEX-COMPONENT-BUFFER-OVERFLOW.txt + ISR: ApparitionSec Vendor: ================= www.barcodewiz.com...

6.8CVSS0.5AI score0.03914EPSS
Exploits6
exploitpack
exploitpack
added 2017/12/27 12:0 a.m.43 views

Telesquare SKT LTE Router SDT-CS3B1 - Information Disclosure

Telesquare SKT LTE Router SDT-CS3B1 - Information Disclosure Telesquare SKT LTE Router SDT-CS3B1 Insecure Direct Object Reference Info Leak Vendor: Telesquare Co., Ltd. Product web page: http://www.telesquare.co.kr Affected version: FwVer: SDT-CS3B1, sw version 1.2.0 LteVer: ML300S5XEA41090 1 0.1...

7.2AI score
Exploits0
exploitpack
exploitpack
added 2017/12/13 12:0 a.m.43 views

vBulletin 5 - cacheTemplates Remote Arbitrary File Deletion

vBulletin 5 - cacheTemplates Remote Arbitrary File Deletion SSD Advisory – vBulletin cacheTemplates Unauthenticated Remote Arbitrary File Deletion Source: https://blogs.securiteam.com/index.php/archives/3573 Vulnerability Summary The following advisory describes a unauthenticated deserialization...

7.5CVSS0.4AI score0.14912EPSS
Exploits6
exploitpack
exploitpack
added 2017/11/22 12:0 a.m.43 views

WebKit - WebCore::FormSubmission::create Use-After-Free

WebKit - WebCore::FormSubmission::create Use-After-Free function jsfuzzer textarea1.setRangeText"foo"; textarea2.autofocus = true; textarea1.name = "foo"; form.insertBeforetextarea2, form.firstChild; form.submit; function eventhandler2 forvar i=0;i a b !--...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2017/09/28 12:0 a.m.43 views

Trend Micro OfficeScan 11.0XG (12.0) - Host Header Injection

Trend Micro OfficeScan 11.0XG 12.0 - Host Header Injection + Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/CVE-2017-14087-TRENDMICRO-OFFICESCAN-XG-HOST-HEADER-INJECTION.txt + ISR: ApparitionSec Vendor: ==================...

5CVSS8AI score0.08328EPSS
Exploits5
exploitpack
exploitpack
added 2017/09/11 12:0 a.m.43 views

tcprewrite - Heap Buffer Overflow

tcprewrite - Heap Buffer Overflow Title: tcprewrite Heap-Based Buffer Overflow CVE: CVE-2017-14266 CWE: CWE-122 Exploit Author: Hosein AskariFarazPajohan Vendor HomePage: http://tcpreplay.synfin.net/ Product Description: When you want to give a PCAP file to someone, it gives away certain sensitiv...

6.8CVSS1.1AI score0.03587EPSS
Exploits5
exploitpack
exploitpack
added 2017/07/01 12:0 a.m.43 views

Joomla! Component Joomanager 2.0.0 - com_Joomanager Arbitrary File Download

Joomla! Component Joomanager 2.0.0 - comJoomanager Arbitrary File Download !/usr/bin/python2 -- coding:utf-8 -- ''' GNU GENERAL PUBLIC LICENSE Version 3, 29 June 2007 Copyright C 2007 Free Software Foundation, Inc. Everyone is permitted to copy and distribute verbatim copies of this license...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2017/05/31 12:0 a.m.43 views

OV3 Online Administration 3.0 - Directory Traversal

OV3 Online Administration 3.0 - Directory Traversal OV3 Online Administration 3.0 Parameter Traversal Arbitrary File Access PoC Exploit Vendor: novaCapta Software & Consulting GmbH Product web page: http://www.meacon.de Affected version: 3.0 Summary: With the decision to use the OV3 as a platform...

0.1AI score
Exploits0
exploitpack
exploitpack
added 2017/05/19 12:0 a.m.43 views

SAP Business One for Android 1.2.3 - XML External Entity Injection

SAP Business One for Android 1.2.3 - XML External Entity Injection Exploit Title: Blind XXE XML External Entityin SAP Date of Disclosure: 17/05/2017 Author: Ravindra Singh Rathore Vendor Homepage: https://www.sap.com/products/business-one.html Product - SAP Business One Android Application Versio...

6.8CVSS0.3AI score0.0788EPSS
Exploits5
exploitpack
exploitpack
added 2017/04/16 12:0 a.m.43 views

Mantis Bug Tracker 1.3.02.3.0 - Password Reset

Mantis Bug Tracker 1.3.02.3.0 - Password Reset + Credits: John Page a.k.a hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/MANTIS-BUG-TRACKER-PRE-AUTH-REMOTE-PASSWORD-RESET.txt + ISR: ApparitionSec Vendor: ================ www.mantisbt.org Product...

6.5CVSS0.1AI score0.90856EPSS
Exploits10
exploitpack
exploitpack
added 2017/04/11 12:0 a.m.43 views

Xen - Broken Check in memory_exchange() Permits PV Guest Breakout

Xen - Broken Check in memoryexchange Permits PV Guest Breakout Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1184 This bug report describes a vulnerability in memoryexchange that permits PV guest kernels to write to an arbitrary virtual address with hypervisor privileges. The...

6.9CVSS0.00406EPSS
Exploits4
exploitpack
exploitpack
added 2017/04/07 12:0 a.m.43 views

My Gaming Ladder Combo System 7.5 - SQL Injection

My Gaming Ladder Combo System 7.5 - SQL Injection Exploit Title: My Gaming Ladder Combo System 7.5 - SQL Injection Google Dork: N/A Date: 07.04.2017 Vendor Homepage: http://www.mygamingladder.com/ Software: http://www.mygamingladder.com/demos.shtml Demo: http://www.mygamingladder.com/upgrade/comb...

0.4AI score
Exploits0
exploitpack
exploitpack
added 2017/04/07 12:0 a.m.43 views

Intellinet NFC-30IR Camera - Multiple Vulnerabilities

Intellinet NFC-30IR Camera - Multiple Vulnerabilities Bitcrack Cyber Security - BitLabs Advisory http://www.bitcrack.net Multiple Vulnerabilities in Intellinet NFC-30IR Network Cameras ADVISORY -------- Title: Local File Inclusion in CGI-SCRIPT & Hard-Coded Manufacturer Backdoor Advisory ID:...

7.5CVSS0.4AI score0.12749EPSS
Exploits5
exploitpack
exploitpack
added 2016/12/16 12:0 a.m.43 views

OsiriX DICOM Viewer 8.0.1 - Memory Corruption

OsiriX DICOM Viewer 8.0.1 - Memory Corruption !/usr/bin/env python -- coding: utf8 -- OsiriX DICOM Viewer 8.0.1 dulparse.cc Remote Memory Corruption Vulnerability Vendor: Pixmeo Sarl Product web page: http://www.osirix-viewer.com Affected version: OsiriX 8.0.1 Summary: With high performance and a...

0.8AI score
Exploits0
exploitpack
exploitpack
added 2016/12/14 12:0 a.m.43 views

Adobe Animate 15.2.1.95 - Memory Corruption

Adobe Animate 15.2.1.95 - Memory Corruption + Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/ADOBE-ANIMATE-MEMORY-CORRUPTION-VULNERABILITY.txt + ISR: ApparitionSec Vendor: ============= www.adobe.com Products:...

10CVSS0.15785EPSS
Exploits4
exploitpack
exploitpack
added 2016/09/05 12:0 a.m.43 views

MySQL 5.5.45 (x64) - Local Credentials Disclosure

MySQL 5.5.45 x64 - Local Credentials Disclosure MySQL 5.5.45 64bit Local Credentials Disclosure Tested on Windows Windows Server 2012 R2 64bit, English Vendor Homepage @ https://www.mysql.com Date 05/09/2016 Bug Discovered by Yakir Wizman https://www.linkedin.com/in/yakirwizman...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2016/08/16 12:0 a.m.43 views

Microsoft Word 20132016 - sprmSdyaTop Denial of Service (MS16-099)

Microsoft Word 20132016 - sprmSdyaTop Denial of Service MS16-099 Application: Microsoft Office Word Platforms: Windows, OSX Versions: Microsoft Office Word 2013,2016 Author: Francis Provencher of COSIG Website: https://cosig.gouv.qc.ca/en/advisory/ Twitter: @COSIG Date: August 09, 2016 CVE:...

9.3CVSS7.6AI score0.47194EPSS
Exploits3
exploitpack
exploitpack
added 2016/07/19 12:0 a.m.43 views

Axis Communications MPQTPACS 5.20.x - Server-Side Include Daemon Remote Format String

Axis Communications MPQTPACS 5.20.x - Server-Side Include Daemon Remote Format String !/usr/bin/env python2.7 SOF Remote Format String Exploit Axis Communications MPQT/PACS Server Side Include SSI Daemon Research and development by bashis 2016 This format string vulnerability has following...

0.5AI score
Exploits0
exploitpack
exploitpack
added 2016/05/04 12:0 a.m.43 views

NetCommWireless HSPA 3G10WVE Wireless Router - Multiple Vulnerabilities

NetCommWireless HSPA 3G10WVE Wireless Router - Multiple Vulnerabilities Title: ==== NetCommWireless HSPA 3G10WVE Wireless Router – Multiple vulnerabilities Credit: ====== Name: Bhadresh Patel Company/affiliation: HelpAG Website: www.helpag.com CVE: ===== CVE-2015-6023, CVE-2015-6024 Date: ====...

10CVSS0.6AI score0.26104EPSS
Exploits6
exploitpack
exploitpack
added 2016/03/10 12:0 a.m.43 views

Putty pscp 0.66 - Stack Buffer Overwrite

Putty pscp 0.66 - Stack Buffer Overwrite Source: https://github.com/tintinweb/pub/tree/master/pocs/cve-2016-2563 Author: Date: Feb 20th, 2016 Name: putty Vendor: sgtatham - http://www.chiark.greenend.org.uk/sgtatham/putty/ Version: 0.59 3 9 years ago = affected = 0.66 Platforms: win/nix Technolog...

7.5CVSS9.6AI score0.34216EPSS
Exploits4
exploitpack
exploitpack
added 2015/11/16 12:0 a.m.43 views

AlegroCart 1.2.8 - Multiple SQL Injections

AlegroCart 1.2.8 - Multiple SQL Injections Security Advisory - Curesec Research Team 1. Introduction Affected Product: AlegroCart 1.2.8 Fixed in: Patch AC128fix17102015 Path Link: http://forum.alegrocart.com/download/file.php?id=1040 Vendor Website: http://alegrocart.com/ Vulnerability Type: SQL...

0.2AI score
Exploits0
exploitpack
exploitpack
added 2015/11/16 12:0 a.m.43 views

TECO JN5 L510-DriveLink 1.482 - .lf5 Overwrite Buffer Overflow (SEH)

TECO JN5 L510-DriveLink 1.482 - .lf5 Overwrite Buffer Overflow SEH !/usr/bin/perl TECO JN5 L510-DriveLink 1.482 SEH Overwrite Buffer Overflow Exploit Vendor: TECO Electric and Machinery Co., Ltd. Product web page: http://www.teco-group.eu Download:...

0.8AI score
Exploits0
exploitpack
exploitpack
added 2015/11/16 12:0 a.m.43 views

D-Link DIR-825 (vC) - Multiple Vulnerabilities

D-Link DIR-825 vC - Multiple Vulnerabilities Advisory Information Title: DIR-825 vC Buffer overflows in authentication,HNAP and ping functionalities. Also a directory traversal issue exists which can be exploited Vendors contacted: William Brown , Patrick Cline [email protected] CVE:...

0.2AI score
Exploits0
exploitpack
exploitpack
added 2015/10/22 12:0 a.m.43 views

The World Browser 3.0 Final - Remote Code Execution

The World Browser 3.0 Final - Remote Code Execution !/usr/bin/php ?php Author : Ehsan Noreddini E-Mail : [email protected] Social : @prot3ct0r Title : The World Browser Remote Code Execution TheWorld Browser is a tiny, fast and powerful web Browser. It is completely free. There is no function...

8.1AI score
Exploits0
exploitpack
exploitpack
added 2015/09/22 12:0 a.m.43 views

Cisco AnyConnect Secure Mobility Client 3.1.08009 - Local Privilege Escalation

Cisco AnyConnect Secure Mobility Client 3.1.08009 - Local Privilege Escalation Source: https://code.google.com/p/google-security-research/issues/detail?id=460 Cisco AnyConnect Secure Mobility Client v3.1.08009 Elevation of Privilege Platform: Windows 8.1 Update, Client version 3.1.08009 tested on...

7.2CVSS0.7AI score0.00414EPSS
Exploits2
exploitpack
exploitpack
added 2015/09/02 12:0 a.m.43 views

Cerb 7.0.3 - Cross-Site Request Forgery

Cerb 7.0.3 - Cross-Site Request Forgery Advisory ID: HTB23269 Product: Cerb Vendor: Webgroup Media LLC Vulnerable Versions: 7.0.3 and probably prior Tested Version: 7.0.3 Advisory Publication: August 12, 2015 without technical details Vendor Notification: August 12, 2015 Vendor Patch: August 14,...

6.8CVSS0.6AI score0.02617EPSS
Exploits5
exploitpack
exploitpack
added 2015/05/25 12:0 a.m.43 views

Microsoft Windows - Local Privilege Escalation (MS15-010)

Microsoft Windows - Local Privilege Escalation MS15-010 // ex.cpp / Windows XP/2K3/VISTA/2K8/7 WMSYSTIMER Kernel EoP CVE-2015-0003 March 2015 Public Release: May 24, 2015 Tested on: x86: Win 7 SP1 | Win 2k3 SP2 | Win XP SP3 x64: Win 2k8 SP1 | Win 2k8 R2 SP1 Author: Skylake - skylake mail com /...

6.9CVSS0.2AI score0.04536EPSS
Exploits3
exploitpack
exploitpack
added 2015/05/23 12:0 a.m.43 views

Apport (Ubuntu 14.0414.1015.04) - Race Condition Privilege Escalation

Apport Ubuntu 14.0414.1015.04 - Race Condition Privilege Escalation / Exploit Title: apport/ubuntu local root race condition Date: 2015-05-11 Exploit Author: rebel Version: ubuntu 14.04, 14.10, 15.04 Tested on: ubuntu 14.04, 14.10, 15.04 CVE : CVE-2015-1325 ==============================...

6.9CVSS0.8AI score0.00907EPSS
Exploits3
exploitpack
exploitpack
added 2015/03/19 12:0 a.m.43 views

Chamilo LMS 1.9.10 - Multiple Vulnerabilities

Chamilo LMS 1.9.10 - Multiple Vulnerabilities I. Overview ======================================================== Chamilo LMS 1.9.10 or prior versions are prone to a multiple Cross-Site Scripting Stored + Reflected & CSRF vulnerabilities. These vulnerabilities allows an attacker to gain control...

0.3AI score
Exploits0
exploitpack
exploitpack
added 2015/03/19 12:0 a.m.43 views

Citrix Nitro SDK - Command Injection

Citrix Nitro SDK - Command Injection Abstract Securify discovered a command injection vulnerability in xenhotfix page of the NITRO SDK. The attacker-supplied command is executed with elevated privileges nsroot. This issue can be used to compromise of the entire Citrix SDX appliance and all...

0.2AI score
Exploits0
exploitpack
exploitpack
added 2015/03/04 12:0 a.m.43 views

Linux Kernel 3.15.6 - PPP-over-L2TP Socket Level Handling Crash (PoC)

Linux Kernel 3.15.6 - PPP-over-L2TP Socket Level Handling Crash PoC / ---------------------------------------------------------------------------------------------------- cve-2014-4943poc.c The PPPoL2TP feature in net/l2tp/l2tpppp.c in the Linux kernel through 3.15.6 allows local users to gain...

6.9CVSS0.1AI score0.02103EPSS
Exploits6
exploitpack
exploitpack
added 2014/12/04 12:0 a.m.43 views

Technicolor DT5130 2.05.C29GV - Multiple Vulnerabilities

Technicolor DT5130 2.05.C29GV - Multiple Vulnerabilities Product: Wireless N ADSL 2/2+ Modem Router Firmware Version : V2.05.C29GV Modem Type : ADSL2+ Router Modem Vendor : Technicolor Model: DT5130 Bugs: 1- Unauth Xss - CVE-2014-9142 user=teste&password=teste&...

7.5CVSS0.3AI score0.08564EPSS
Exploits7
exploitpack
exploitpack
added 2014/12/02 12:0 a.m.43 views

IPUX CL5452CL5132 IP Camera - UltraSVCamX.ocx ActiveX Stack Buffer Overflow

IPUX CL5452CL5132 IP Camera - UltraSVCamX.ocx ActiveX Stack Buffer Overflow IPUX CL5452/CL5132 IP Camera UltraSVCamX.ocx ActiveX Stack Buffer Overflow Vendor: Big Good Holdings Limited | Fitivision Technology Inc. Product web page: http://www.ipux.net | http://www.fitivision.com Affected version:...

0.7AI score
Exploits0
exploitpack
exploitpack
added 2014/12/02 12:0 a.m.43 views

TYPO3 Extension ke DomPDF - Remote Code Execution

TYPO3 Extension ke DomPDF - Remote Code Execution Advisory: Remote Code Execution in TYPO3 Extension kedompdf During a penetration test RedTeam Pentesting discovered a remote code execution vulnerability in the TYPO3 extension kedompdf, which allows attackers to execute arbitrary PHP commands in...

7.5CVSS0.9AI score0.05573EPSS
Exploits4
exploitpack
exploitpack
added 2014/10/28 12:0 a.m.43 views

Enalean Tuleap 7.4.99.5 - Remote Command Execution

Enalean Tuleap 7.4.99.5 - Remote Command Execution Vulnerability title: Tuleap /usr/share/codendi/src/www/passwd.txt && "ozilla/5.0 Windows NT 6.1; WOW64; rv:31.0 Gecko/20100101 Firefox/31.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5...

9.3CVSS0.2AI score0.05062EPSS
Exploits6
exploitpack
exploitpack
added 2014/10/14 12:0 a.m.43 views

PayPal Inc BB #85 MB iOS 4.6 - Authentication Bypass

PayPal Inc BB 85 MB iOS 4.6 - Authentication Bypass Document Title: =============== PayPal Inc BB 85 MB iOS 4.6 - Auth Bypass Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=895 PayPal Security UID: Vxda0S Video:...

0.2AI score
Exploits0
exploitpack
exploitpack
added 2014/10/02 12:0 a.m.43 views

Rejetto HTTP File Server (HFS) 2.3a2.3b2.3c - Remote Command Execution

Rejetto HTTP File Server HFS 2.3a2.3b2.3c - Remote Command Execution ========================================================== HTTP File Server 2.3a - 2.3b - 2.3c Remote Command Execution Author : Daniele Linguaglossa Date: 30/09/2014 Remote: Yes Vendor Homepage: http://rejetto.com/ Software Lin...

7.5CVSS0.4AI score0.09185EPSS
Exploits5
exploitpack
exploitpack
added 2014/06/09 12:0 a.m.43 views

DevExpress ASPxFileManager 10.2 13.2.8 - Directory Traversal

DevExpress ASPxFileManager 10.2 13.2.8 - Directory Traversal Advisory: Directory Traversal in DevExpress ASP.NET File Manager During a penetration test RedTeam Pentesting discovered a directory traversal vulnerability in DevExpress' ASP.NET File Manager and File Upload. Attackers are able to read...

6.5CVSS0.08917EPSS
Exploits6
Total number of security vulnerabilities5000