Lucene search
K
ExploitpackMost viewed

41207 matches found

exploitpack
exploitpack
added 2019/09/04 12:0 a.m.41 views

DASAN Zhone ZNID GPON 2426A EU - Multiple Cross-Site Scripting

DASAN Zhone ZNID GPON 2426A EU - Multiple Cross-Site Scripting Multiple Cross-Site Scripting XSS in the web interface of DASAN Zhone ZNID GPON 2426A EU version S3.1.285 application allows a remote attacker to execute arbitrary JavaScript via manipulation of an unsanitized GET parameters. Exploit...

4.3CVSS6.2AI score0.07253EPSS
Exploits5
exploitpack
exploitpack
added 2019/09/04 12:0 a.m.41 views

WordPress Plugin Download Manager 2.9.93 - Cross-Site Scripting

WordPress Plugin Download Manager 2.9.93 - Cross-Site Scripting Exploit Title: WordPress Download Manager Cross-site Scripting Discovery Date: 2019-04-13 Exploit Author: ThuraMoeMyint Author Link: https://twitter.com/mgthuramoemyint Vendor Homepage: https://www.wpdownloadmanager.com Software Link...

4.3CVSS6.1AI score0.12531EPSS
Exploits6
exploitpack
exploitpack
added 2019/08/26 12:0 a.m.41 views

LSoft ListServ 16.5-2018a - Cross-Site Scripting

LSoft ListServ 16.5-2018a - Cross-Site Scripting Exploit Title: LSoft ListServ 2. http://127.0.0.1/scripts/wa.exe?OK= References: 1. http://www.lsoft.com/manuals/16.5/LISTSERV16.5-2018aWhatsNew.pdf 2. https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15501...

4.3CVSS0.08182EPSS
Exploits5
exploitpack
exploitpack
added 2019/08/23 12:0 a.m.41 views

Nimble Streamer 3.0.2-2 3.5.4-9 - Directory Traversal

Nimble Streamer 3.0.2-2 3.5.4-9 - Directory Traversal Nimble Streamer 3.0.2-2 to 3.5.4-9 - Path Traversal Exploit Author: MAYASEVEN Source at "https://mayaseven.com/nimble-directory-traversal-in-nimble-streamer-version-3-0-2-2-to-3-5-4-9/" Published on 08/04/2019 Vendor Homepage at...

4CVSS0.2AI score0.23978EPSS
Exploits5
exploitpack
exploitpack
added 2019/08/12 12:0 a.m.41 views

BSI Advance Hotel Booking System 2.0 - booking_details.php Persistent Cross-Site Scripting

BSI Advance Hotel Booking System 2.0 - bookingdetails.php Persistent Cross-Site Scripting Exploit Title:BSI Advance Hotel Booking System Persistent XSS Google Dork: intext:Hotel Booking System v2.0 © 2008 - 2012 Copyright Best Soft Inc Date: Wed Jun 4 2014 Exploit Author: Angelo Ruwantha Vendor...

4.3CVSS6.2AI score0.03284EPSS
Exploits5
exploitpack
exploitpack
added 2019/07/25 12:0 a.m.41 views

Ovidentia 8.4.3 - SQL Injection

Ovidentia 8.4.3 - SQL Injection ------------------------------------------------------- Exploit Title: Ovidentia CMS - SQL Injection Authenticated Date: 06/05/2019 CVE: CVE-2019-13978 Exploit Author: Fernando Pinheiro n3k00n3 Victor Flores UserX Vendor Homepage: https://www.ovidentia.org/ Version...

6.5CVSS0.8AI score0.01462EPSS
Exploits5
exploitpack
exploitpack
added 2019/07/10 12:0 a.m.41 views

Microsoft DirectWrite AFDKO - NULL Pointer Dereferences in OpenType Font Handling While Accessing Empty dynarrays

Microsoft DirectWrite AFDKO - NULL Pointer Dereferences in OpenType Font Handling While Accessing Empty dynarrays -----===== Background =====----- AFDKO Adobe Font Development Kit for OpenType is a set of tools for examining, modifying and building fonts. The core part of this toolset is a font...

Exploits0
exploitpack
exploitpack
added 2019/07/10 12:0 a.m.41 views

Microsoft DirectWrite AFDKO - Stack Corruption in OpenType Font Handling Due to Negative nAxes

Microsoft DirectWrite AFDKO - Stack Corruption in OpenType Font Handling Due to Negative nAxes -----===== Background =====----- AFDKO Adobe Font Development Kit for OpenType is a set of tools for examining, modifying and building fonts. The core part of this toolset is a font handling library...

7.3AI score
Exploits0
exploitpack
exploitpack
added 2019/07/10 12:0 a.m.41 views

Microsoft DirectWrite AFDKO - Stack-Based Buffer Overflow in do_set_weight_vector_cube for Large nAxes

Microsoft DirectWrite AFDKO - Stack-Based Buffer Overflow in dosetweightvectorcube for Large nAxes -----===== Background =====----- AFDKO Adobe Font Development Kit for OpenType is a set of tools for examining, modifying and building fonts. The core part of this toolset is a font handling library...

0.4AI score
Exploits0
exploitpack
exploitpack
added 2019/06/05 12:0 a.m.41 views

Zimbra 8.8.11 - XML External Entity Injection Server-Side Request Forgery

Zimbra 8.8.11 - XML External Entity Injection Server-Side Request Forgery coding=utf8 import requests import sys from requests.packages.urllib3.exceptions import InsecureRequestWarning requests.packages.urllib3.disablewarningsInsecureRequestWarning baseurl=sys.argv1 baseurl=baseurl.rstrip"/" uplo...

0.4AI score
Exploits0
exploitpack
exploitpack
added 2019/05/13 12:0 a.m.41 views

Google Chrome V8 - Turbofan JSCallReducer::ReduceArrayIndexOfIncludes Out-of-Bounds ReadWrite

Google Chrome V8 - Turbofan JSCallReducer::ReduceArrayIndexOfIncludes Out-of-Bounds ReadWrite !-- Since commit https://chromium.googlesource.com/v8/v8.git/+/c22bb466d8934685d897708119543d099b9d2a9a turbofan supports inlining calls to array.includes and array.indexOf. The logic of the function is...

Exploits0
exploitpack
exploitpack
added 2019/05/13 12:0 a.m.41 views

OpenProject 5.0.0 - 8.3.1 - SQL Injection

OpenProject 5.0.0 - 8.3.1 - SQL Injection SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Unauthenticated SQL Injection vulnerability product: OpenProject vulnerable version: 5.0.0 - 8.3.1 fixed version: 8.3.2 & 9.0.0...

6.8CVSS8.6AI score0.79956EPSS
Exploits5
exploitpack
exploitpack
added 2019/05/01 12:0 a.m.41 views

CentOS Web Panel 0.9.8.793 (Free) v0.9.8.753 (Pro) 0.9.8.807 (Pro) - Domain Field (Add DNS Zone) Cross-Site Scripting

CentOS Web Panel 0.9.8.793 Free v0.9.8.753 Pro 0.9.8.807 Pro - Domain Field Add DNS Zone Cross-Site Scripting Exploit Title: CentOS Web Panel - Domain Field Add DNS Zone Cross-Site Scripting Vulnerability Google Dork: N/A Date: 22 - April - 2019 Exploit Author: DKM Vendor Homepage:...

3.5CVSS5AI score0.05907EPSS
Exploits4
exploitpack
exploitpack
added 2019/03/08 12:0 a.m.41 views

OrientDB 3.0.17 GA Community Edition - Cross-Site Request Forgery Cross-Site Scripting

OrientDB 3.0.17 GA Community Edition - Cross-Site Request Forgery Cross-Site Scripting Exploit Title: OrientDB 3.0.17 GA Community Edition March 7th, 2019 | Multiple Vulnerabilities Date: 07.03.2019 Exploit Author: Ozer Goker Vendor Homepage: https://orientdb.org Software Link:...

0.7AI score
Exploits0
exploitpack
exploitpack
added 2019/02/25 12:0 a.m.41 views

zzzphp CMS 1.6.1 - Remote Code Execution

zzzphp CMS 1.6.1 - Remote Code Execution Exploit Title: dynamic code evaluation of zzzphp cms 1.6.1 Google Dork: intext:"2015-2019 zzcms.com" Date: 24/02/2019 Exploit Author: Yang Chenglong Vendor Homepage: http://www.zzzcms.com/index.html Software Link: http://115.29.55.18/zzzphp.zip Version:...

6.5CVSS0.1AI score0.31421EPSS
Exploits8
exploitpack
exploitpack
added 2019/02/04 12:0 a.m.41 views

SuiteCRM 7.10.7 - parentTab SQL Injection

SuiteCRM 7.10.7 - parentTab SQL Injection Exploit Title: SuiteCRM 7.10.7 - 'parentTab' SQL Vulnerabilities Dork: N/A Date: 03-02-2019 Exploit Author: Mehmet EMIROGLU Vendor Homepage: https://suitecrm.com/ Software Link: https://suitecrm.com/download/ Version: 7.10.7 Category: Webapps Tested on:...

8.6AI score
Exploits0
exploitpack
exploitpack
added 2018/12/04 12:0 a.m.41 views

FreshRSS 1.11.1 - Cross-Site Scripting

FreshRSS 1.11.1 - Cross-Site Scripting Multiple Cross-Site Scripting Vulnerabilities in FreshRSS 1.11.1 Information -------------------- Advisory by Netsparker Name: Multiple Cross-Site Scripting Vulnerabilities in FreshRSS Affected Software: FreshRSS Affected Versions: 1.11.1 Homepage:...

4.3CVSS6.1AI score0.04432EPSS
Exploits5
exploitpack
exploitpack
added 2018/11/30 12:0 a.m.41 views

Linux Kernel 4.8 (Ubuntu 16.04) - Leak sctp Kernel Pointer

Linux Kernel 4.8 Ubuntu 16.04 - Leak sctp Kernel Pointer / Exploit Title: Linux Kernel 4.8 Ubuntu 16.04 - Leak sctp kernel pointer Google Dork: - Date: 2018-11-20 Exploit Author: Jinbum Park Vendor Homepage: - Software Link: - Version: Linux Kernel 4.8 Ubuntu 16.04 Tested on: 4.8.0-36-generic...

5CVSS0.2AI score0.03763EPSS
Exploits4
exploitpack
exploitpack
added 2018/10/29 12:0 a.m.41 views

SaltOS Erp Crm 3.1 r8126 - SQL Injection

SaltOS Erp Crm 3.1 r8126 - SQL Injection Exploit Title: SaltOS Erp, Crm 3.1 r8126 - SQL Injection Dork: N/A Date: 2018-10-29 Exploit Author: Ihsan Sencan Vendor Homepage: http://www.saltos.org/ Software Link: http://download.saltos.org/?app=saltos&format=xul&arch=win32 Version: 3.1 r0 / 3.x...

7.5CVSS0.2AI score0.16456EPSS
Exploits5
exploitpack
exploitpack
added 2018/10/29 12:0 a.m.41 views

SaltOS Erp Crm 3.1 r8126 - Database File Download

SaltOS Erp Crm 3.1 r8126 - Database File Download Exploit Title: SaltOS Erp, Crm 3.1 r8126 - Database File Download Dork: N/A Date: 2018-10-29 Exploit Author: Ihsan Sencan Vendor Homepage: http://www.saltos.org/ Software Link: http://download.saltos.org/?app=saltos&format=xul&arch=win32 Version:...

4.3CVSS6.6AI score0.06189EPSS
Exploits5
exploitpack
exploitpack
added 2018/10/08 12:0 a.m.41 views

FLIR Thermal Traffic Cameras 1.01-0bb5b27 - Information Disclosure

FLIR Thermal Traffic Cameras 1.01-0bb5b27 - Information Disclosure Title: FLIR Thermal Traffic Cameras 1.01-0bb5b27 - Information Disclosure Author: Gjoko 'LiquidWorm' Krstic Date: 2018-10-06 Vendor: FLIR Systems, Inc. Link: https://www.flir.com Tested on: nginx/1.12.1, nginx/1.10.2, nginx/1.8.0,...

7.2AI score
Exploits0
exploitpack
exploitpack
added 2018/09/11 12:0 a.m.41 views

Android - zygote-init; Chain from USB Privilege Escalation

Android - zygote-init; Chain from USB Privilege Escalation After reporting https://bugs.chromium.org/p/project-zero/issues/detail?id=1583 Android ID 80436257, CVE-2018-9445, I discovered that this issue could also be used to inject code into the context of the zygote. Additionally, I discovered a...

7.2CVSS1AI score0.0082EPSS
Exploits5
exploitpack
exploitpack
added 2018/08/16 12:0 a.m.41 views

OpenEMR 5.0.1.3 - (Authenticated) Arbitrary File Actions

OpenEMR 5.0.1.3 - Authenticated Arbitrary File Actions Exploit Title: OpenEMR 5.0.1.3 - Arbitrary File Actions Date: 2018-08-14 Exploit Author: Joshua Fam Twitter : @Insecurity Vendor Homepage: https://www.open-emr.org/ Software Link: https://github.com/openemr/openemr/archive/v5013.tar.gz Versio...

6.5CVSS0.2AI score0.18208EPSS
Exploits9
exploitpack
exploitpack
added 2018/06/04 12:0 a.m.41 views

Brother HL Series Printers 1.15 - Cross-Site Scripting

Brother HL Series Printers 1.15 - Cross-Site Scripting Exploit Title: XSS at Brother HL series printers Date: 30.05.2018 Exploit Author: Huy Kha Vendor Homepage: http://support.brother.com Software Link: Website Version: Brother HL series printers. Tested on: Mozilla FireFox Reflected XSS Payload...

6.8AI score
Exploits0
exploitpack
exploitpack
added 2018/05/13 12:0 a.m.41 views

WUZHI CMS 4.1.0 - form[qq_10] Cross-Site Scripting

WUZHI CMS 4.1.0 - formqq10 Cross-Site Scripting Exploit Title: WUZHI CMS 4.1.0 XSS Vulnerability Date: 2018-4-23 Exploit Author: jiguang [email protected] Vendor Homepage: https://github.com/wuzhicms/wuzhicms Software Link: https://github.com/wuzhicms/wuzhicms Version: 4.1.0 CVE: CVE-2018-10313 An...

3.5CVSS5.4AI score0.02237EPSS
Exploits5
exploitpack
exploitpack
added 2018/04/18 12:0 a.m.41 views

Geist WatchDog Console 3.2.2 - Multiple Vulnerabilities

Geist WatchDog Console 3.2.2 - Multiple Vulnerabilities Exploit Author: bzyo CVE: CVE-2018-10077, CVE-2018-10078, CVE-2018-10079 Twitter: @bzyo Exploit Title: Geist WatchDog Console 3.2.2 - Multiple Vulnerabilities Date: 04-17-18 Vulnerable Software: WatchDog Console - 3.2.2 Vendor Homepage:...

4CVSS0.3AI score0.08296EPSS
Exploits7
exploitpack
exploitpack
added 2018/04/16 12:0 a.m.41 views

CloudMe Sync 1.11.0 - Local Buffer Overflow

CloudMe Sync 1.11.0 - Local Buffer Overflow Exploit Title: Local Buffer Overflow on CloudMe Sync v1.11.0 Date: 08.03.2018 Vendor Homepage: https://www.cloudme.com/en Software Link: https://www.cloudme.com/downloads/CloudMe1110.exe Category: Local Exploit Discovery: Prasenjit Kanti Paul Web:...

4.6CVSS0.3AI score0.02059EPSS
Exploits5
exploitpack
exploitpack
added 2018/04/10 12:0 a.m.41 views

Dell EMC Avamar and Integrated Data Protection Appliance Installation Manager - Invalid Access Control

Dell EMC Avamar and Integrated Data Protection Appliance Installation Manager - Invalid Access Control Exploit Title: Dell EMC Avamar and Integrated Data Protection Appliance Installation Manager Missing Access Control Vulnerability DSA-2018-025 Date: 24/11/2017 Exploit Author: SlidingWindow Vend...

5CVSS1AI score0.46642EPSS
Exploits5
exploitpack
exploitpack
added 2018/04/06 12:0 a.m.41 views

Sophos Endpoint Protection Control Panel 10.7 - Weak Password Encryption

Sophos Endpoint Protection Control Panel 10.7 - Weak Password Encryption + Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/SOPHOS-ENDPOINT-PROTECTION-CONTROL-PANEL-v10.7-INSECURE-CRYPTO-CVE-2018-9233.txt + ISR: Apparition...

2.1CVSS7.7AI score0.01744EPSS
Exploits5
exploitpack
exploitpack
added 2018/04/05 12:0 a.m.41 views

Z-Blog 1.5.1.1740 - Cross-Site Scripting

Z-Blog 1.5.1.1740 - Cross-Site Scripting Exploit Title: Z-Blog 1.5.1.1740 XSS Vulnerability Date: 2018-04-03 Exploit Author: zzw [email protected] Vendor Homepage: https://www.zblogcn.com/ Software Link: https://github.com/zblogcn/zblogphp Version: 1.5.1.1740 CVE : CVE-2018-7736 This is a XSS...

4.3CVSS6.1AI score0.03393EPSS
Exploits5
exploitpack
exploitpack
added 2018/04/02 12:0 a.m.41 views

OpenCMS 10.5.3 - Cross-Site Request Forgery

OpenCMS 10.5.3 - Cross-Site Request Forgery Exploit Title: OpenCMS 10.5.3 Multiple Cross Site Request Forgery Vulnerabilities Injection Google Dork: N/A Date: 02-04-2018 Exploit Author: Sureshbabu Narvaneni Author Blog : http://nullnews.in Vendor Homepage: http://www.opencms.org/en/ Software Link...

6.8CVSS0.2AI score0.02228EPSS
Exploits5
exploitpack
exploitpack
added 2018/04/02 12:0 a.m.41 views

VideoFlow Digital Video Protection (DVP) 2.10 - Hard-Coded Credentials

VideoFlow Digital Video Protection DVP 2.10 - Hard-Coded Credentials VideoFlow Digital Video Protection DVP 10 Authenticated Root Remote Code Execution Vendor: VideoFlow Ltd. Product web page: http://www.video-flow.com Affected version: 2.10 X-Prototype-Version: 1.6.0.2 System = Indicate if the D...

Exploits0
exploitpack
exploitpack
added 2018/03/09 12:0 a.m.41 views

WebLog Expert Enterprise 9.4 - Authentication Bypass

WebLog Expert Enterprise 9.4 - Authentication Bypass + Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/WEBLOG-EXPERT-WEB-SERVER-ENTERPRISE-v9.4-AUTHENTICATION-BYPASS.txt + ISR: Apparition Security Vendor: ========...

4.6CVSS0.2AI score0.01127EPSS
Exploits5
exploitpack
exploitpack
added 2018/02/22 12:0 a.m.41 views

Joomla! Component Proclaim 9.1.1 - Arbitrary File Upload

Joomla! Component Proclaim 9.1.1 - Arbitrary File Upload Exploit Title: Joomla! Component Proclaim 9.1.1 - Arbitrary File Upload Dork: N/A Date: 22.02.2018 Vendor Homepage: https://www.christianwebministries.org/ Software Link:...

7.5CVSS0.2AI score0.08213EPSS
Exploits5
exploitpack
exploitpack
added 2018/02/16 12:0 a.m.41 views

Joomla! Component AllVideos Reloaded 1.2.x - divid SQL Injection

Joomla! Component AllVideos Reloaded 1.2.x - divid SQL Injection Exploit Title: Joomla! Component AllVideos Reloaded 1.2.x - SQL Injection Dork: N/A Date: 16.02.2018 Vendor Homepage: http://allvideos.fritz-elfert.de Software Link:...

7.5CVSS0.5AI score0.02703EPSS
Exploits5
exploitpack
exploitpack
added 2018/02/16 12:0 a.m.41 views

Joomla! Component Smart Shoutbox 3.0.0 - SQL Injection

Joomla! Component Smart Shoutbox 3.0.0 - SQL Injection Exploit Title: Joomla! Component Smart Shoutbox 3.0.0 - SQL Injection Dork: N/A Date: 16.02.2018 Vendor Homepage: https://thekrotek.com/ Software Link: https://extensions.joomla.org/extension/smart-shoutbox/ Version: 3.0.0 Category: Webapps...

7.5CVSS0.5AI score0.02703EPSS
Exploits5
exploitpack
exploitpack
added 2018/01/23 12:0 a.m.41 views

CentOS Web Panel 0.9.8.12 - row_id domain SQL Injection

CentOS Web Panel 0.9.8.12 - rowid domain SQL Injection Document Title: =============== CentOS Web Panel v0.9.8.12 - Remote SQL Injection Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1833 Release Date: ============= 2018-01-22...

0.1AI score
Exploits0
exploitpack
exploitpack
added 2018/01/23 12:0 a.m.41 views

NEC Univerge SV9100SV8100 WebPro 10.0 - Configuration Download

NEC Univerge SV9100SV8100 WebPro 10.0 - Configuration Download NEC Univerge SV9100/SV8100 WebPro 10.0 Remote Configuration Download Vendor: NEC Corporation Product web page: http://www.nec.com Affected version: WebPro =10.00 DSP Firmware Version: 12.11.00.02 Summary: NEC's UNIVERGE® SV9100 is the...

0.2AI score
Exploits0
exploitpack
exploitpack
added 2017/12/26 12:0 a.m.41 views

SilverStripe CMS 3.6.2 - CSV Excel Macro Injection

SilverStripe CMS 3.6.2 - CSV Excel Macro Injection Exploit Title: SilverStripe CMS - 3.6.2 CSV Excel Macro Injection Vendor Homepage: https://www.silverstripe.org/ Software Link: https://www.silverstripe.org/download Discovered by: Ishaq Mohammed Contact: https://twitter.com/securityprince Websit...

Exploits0
exploitpack
exploitpack
added 2017/12/06 12:0 a.m.41 views

Proxifier for Mac 2.19 - Local Privilege Escalation

Proxifier for Mac 2.19 - Local Privilege Escalation With CVE-2017-7643 I disclosed a command injection vulnerablity in the KLoader binary that ships with Proxifier = 2.18. Unfortunately 2.19 is also vulnerable to a slightly different attack that yields the same result. When Proxifier is first run...

7.2CVSS0.7AI score0.00965EPSS
Exploits8
exploitpack
exploitpack
added 2017/10/24 12:0 a.m.41 views

FS Realtor Clone - id SQL Injection

FS Realtor Clone - id SQL Injection Exploit Title: FS Realtor Clone - 'id' SQL Injection Date: 2017-10-24 Exploit Author: 8bitsec Vendor Homepage: https://fortunescripts.com/ Software Link: https://fortunescripts.com/product/realtor-clone/ Version: 24 October 17 Tested on: Kali Linux 2.0 | Mac OS...

0.2AI score
Exploits0
exploitpack
exploitpack
added 2017/08/18 12:0 a.m.41 views

ZKTime Web Software 2.0 - Improper Access Restrictions

ZKTime Web Software 2.0 - Improper Access Restrictions Exploit Title: ZKTime Web Software 2.0 - Broken Authentication CVE-ID: CVE-2017-14680 Vendor Homepage: https://www.zkteco.com/product/ZKTimeWeb2.0435.html Vendor of Product: ZKTeco Affected Product Code: ZKTime Web - 2.0.1.12280 Category:...

5CVSS0.6AI score0.04327EPSS
Exploits5
exploitpack
exploitpack
added 2017/07/31 12:0 a.m.41 views

libvorbis 1.3.5 - Multiple Vulnerabilities

libvorbis 1.3.5 - Multiple Vulnerabilities libvorbis multiple vulnerabilities ================ Author : qflb.wu =============== Introduction: ============= The libvorbis package contains a general purpose audio and music encoding format. This is useful for creating encoding and playing decoding...

4.3CVSS0.1AI score0.04838EPSS
Exploits3
exploitpack
exploitpack
added 2017/07/30 12:0 a.m.41 views

McAfee Security Scan Plus - Remote Command Execution

McAfee Security Scan Plus - Remote Command Execution Vulnerability Summary The following advisory describes a Remote Code Execution found in McAfee Security Scan Plus. An active network attacker could launch a man-in-the-middle attack on a plaintext-HTTP response to a client to run any residing...

7.5CVSS0.11679EPSS
Exploits2
exploitpack
exploitpack
added 2017/06/02 12:0 a.m.41 views

HPE Intelligent Management Center (iMC) 7.2 (E0403P10) - Code Execution

HPE Intelligent Management Center iMC 7.2 E0403P10 - Code Execution Vulnerability Summary The following advisory describes a Stack Buffer Overflow vulnerability found in HPE Intelligent Management Center version v7.2 E0403P10 Enterprise, this vulnerability leads to an exploitable remote code...

10CVSS0.34245EPSS
Exploits2
exploitpack
exploitpack
added 2017/05/30 12:0 a.m.41 views

KEMP LoadMaster 7.135.0.13245 - Persistent Cross-Site Scripting Remote Code Execution

KEMP LoadMaster 7.135.0.13245 - Persistent Cross-Site Scripting Remote Code Execution Vulnerability Summary KEMP’s main product, the LoadMaster, is a load balancer built on its own proprietary software platform called LMOS, that enables it to run on almost any platform: As a KEMP LoadMaster...

0.3AI score
Exploits0
exploitpack
exploitpack
added 2017/05/14 5:46 p.m.41 views

Microsoft-Windows---'SrvOs2FeaToNt'-SMB-Remote-Code-Execution-(MS17-010)-

Description: SMBv1 SrvOs2FeaToNt OOB is prone to a remote code execution vulnerability because the application fails to perform adequate boundary-checks on user-supplied input. Srv.sys process SrvOs2FeaListSizeToNt and when the logic is not correct it leads to a cross-border copy. The vulnerabili...

0.3AI score
Exploits0
exploitpack
exploitpack
added 2017/05/09 12:0 a.m.41 views

I_ Librarian 4.64.7 - Command Injection Server Side Request Forgery Directory Enumeration Cross-Site Scripting

I Librarian 4.64.7 - Command Injection Server Side Request Forgery Directory Enumeration Cross-Site Scripting SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Multiple vulnerabilities product: I, Librarian PDF manager...

0.7AI score
Exploits0
exploitpack
exploitpack
added 2017/04/25 12:0 a.m.41 views

OpenText Documentum Content Server - dm_bp_transition.ebs docbase Method Arbitrary Code Execution

OpenText Documentum Content Server - dmbptransition.ebs docbase Method Arbitrary Code Execution ''' CVE Identifier: CVE-2017-7221 Vendor: OpenText Affected products: OpenText Documentum Content Server all versions Researcher: Andrey B. Panfilov Severity Rating: CVSS v3 Base Score: 8.8...

9CVSS1AI score0.04198EPSS
Exploits6
exploitpack
exploitpack
added 2017/04/13 12:0 a.m.41 views

Adobe Creative Cloud Desktop Application 4.0.0.185 - Local Privilege Escalation

Adobe Creative Cloud Desktop Application 4.0.0.185 - Local Privilege Escalation + Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/ADOBE-CREATIVE-CLOUD-PRIVILEGE-ESCALATION.txt + ISR: apparitionSec Vendor: ==============...

9CVSS0.2AI score0.10819EPSS
Exploits6
Total number of security vulnerabilities5000