Lucene search
K
ExploitpackMost viewed

41207 matches found

exploitpack
exploitpack
added 2019/11/02 12:0 a.m.39 views

ClamAV 0.102.0 - bytecode_vm Code Execution

ClamAV 0.102.0 - bytecodevm Code Execution !/usr/bin/python ''' Finished : 22/07/2019 Pu8lished : 31/10/2019 Versi0n : Current ./exploit.py clambc --debug exploit SNIP $ ''' names = 'test1', 'read', 'write', 'seek', 'setvirusname',...

7.8AI score
Exploits0
exploitpack
exploitpack
added 2019/10/09 12:0 a.m.39 views

XNU - Remote Double-Free via Data Race in IPComp Input Path

XNU - Remote Double-Free via Data Race in IPComp Input Path === Summary === This report describes a bug in the XNU implementation of the IPComp protocol https://tools.ietf.org/html/rfc3173. This bug can be remotely triggered by an attacker who is able to send traffic to a macOS system iOS AFAIK...

0.6AI score
Exploits0
exploitpack
exploitpack
added 2019/09/18 12:0 a.m.39 views

Counter-Strike Global Offensive 1.37.1.1 - vphysics.dll Denial of Service (PoC)

Counter-Strike Global Offensive 1.37.1.1 - vphysics.dll Denial of Service PoC CVE-2019-15943 Counter-Strike Global Offensive vphysics.dll before 1.37.1.1 allows remote attackers to achieve code execution or denial of service by creating a gaming server and inviting a victim to this server, becaus...

6.8CVSS0.1AI score0.08725EPSS
Exploits4
exploitpack
exploitpack
added 2019/09/12 12:0 a.m.39 views

Microsoft DirectWrite - Out-of-Bounds Read in sfac_GetSbitBitmap While Processing TTF Fonts

Microsoft DirectWrite - Out-of-Bounds Read in sfacGetSbitBitmap While Processing TTF Fonts Microsoft DirectWrite is a modern Windows API for high-quality text rendering. A majority of its code resides in the DWrite.dll user-mode library. It is used by a variety of widely used desktop programs suc...

0.6AI score
Exploits0
exploitpack
exploitpack
added 2019/09/04 12:0 a.m.39 views

WordPress Plugin Download Manager 2.9.93 - Cross-Site Scripting

WordPress Plugin Download Manager 2.9.93 - Cross-Site Scripting Exploit Title: WordPress Download Manager Cross-site Scripting Discovery Date: 2019-04-13 Exploit Author: ThuraMoeMyint Author Link: https://twitter.com/mgthuramoemyint Vendor Homepage: https://www.wpdownloadmanager.com Software Link...

4.3CVSS6.1AI score0.12531EPSS
Exploits6
exploitpack
exploitpack
added 2019/09/02 12:0 a.m.39 views

Alkacon OpenCMS 10.5.x - Local File inclusion

Alkacon OpenCMS 10.5.x - Local File inclusion Exploit Title: Alkacon OpenCMS 10.5.x - Multiple LFI in Alkacon OpenCms Site Management Google Dork: N/A Date: 18/07/2019 Exploit Author: Aetsu Vendor Homepage: http://www.opencms.org Software Link: https://github.com/alkacon/opencms-core Version:...

4CVSS4.6AI score0.07346EPSS
Exploits5
exploitpack
exploitpack
added 2019/08/15 12:0 a.m.39 views

Microsoft Windows Text Services Framework MSCTF - Multiple Vulnerabilities

Microsoft Windows Text Services Framework MSCTF - Multiple Vulnerabilities The msctf subsystem is part of the Text Services Framework, The TSF manages things like input methods, keyboard layouts, text processing and so on. There are two main components, the ctfmon server and the msctf client. The...

Exploits0
exploitpack
exploitpack
added 2019/07/25 12:0 a.m.39 views

Ovidentia 8.4.3 - SQL Injection

Ovidentia 8.4.3 - SQL Injection ------------------------------------------------------- Exploit Title: Ovidentia CMS - SQL Injection Authenticated Date: 06/05/2019 CVE: CVE-2019-13978 Exploit Author: Fernando Pinheiro n3k00n3 Victor Flores UserX Vendor Homepage: https://www.ovidentia.org/ Version...

6.5CVSS0.8AI score0.01462EPSS
Exploits5
exploitpack
exploitpack
added 2019/07/22 12:0 a.m.39 views

Axway SecureTransport 5 - Unauthenticated XML Injection

Axway SecureTransport 5 - Unauthenticated XML Injection Title: Axway SecureTransport 5 - Unauthenticated XML Injection Google Dork: intitle:"Axway SecureTransport" "Login" Date: 2019-07-20 Author: Dominik Penner / zer0pwn of Underdog Security Vendor Homepage: https://www.axway.com/en Software Lin...

0.5AI score
Exploits0
exploitpack
exploitpack
added 2019/07/10 12:0 a.m.39 views

Microsoft DirectWrite AFDKO - Out-of-Bounds Read in OpenType Font Handling Due to Undefined FontName Index

Microsoft DirectWrite AFDKO - Out-of-Bounds Read in OpenType Font Handling Due to Undefined FontName Index -----===== Background =====----- AFDKO Adobe Font Development Kit for OpenType is a set of tools for examining, modifying and building fonts. The core part of this toolset is a font handling...

0.5AI score
Exploits0
exploitpack
exploitpack
added 2019/07/09 12:0 a.m.39 views

Firefox 67.0.4 - Denial of Service

Firefox 67.0.4 - Denial of Service Loading please wait function MyFun var text = ; forvar i=0 ;i"+ ""+ ""+ ""+ ""+ ""+ "\x70...

7.3AI score
Exploits0
exploitpack
exploitpack
added 2019/07/01 12:0 a.m.39 views

FaceSentry Access Control System 6.4.8 - Cross-Site Request Forgery

FaceSentry Access Control System 6.4.8 - Cross-Site Request Forgery FaceSentry Access Control System 6.4.8 Cross-Site Request Forgery Vendor: iWT Ltd. Product web page: http://www.iwt.com.hk Affected version: Firmware 6.4.8 build 264 Algorithm A16 Firmware 5.7.2 build 568 Algorithm A14 Firmware...

0.7AI score
Exploits0
exploitpack
exploitpack
added 2019/04/25 12:0 a.m.39 views

JioFi 4G M2S 1.0.2 - Denial of Service

JioFi 4G M2S 1.0.2 - Denial of Service Exploit Title: cgi-bin/qcmapwebcgi on JioFi 4G M2S 1.0.2 devices allows a DoS Hang via the mask POST parameter Exploit Author: Vikas Chaudhary Date: 21-01-2019 Vendor Homepage: https://www.jio.com/ Hardware Link:...

6.1CVSS0.1AI score0.04766EPSS
Exploits5
exploitpack
exploitpack
added 2019/04/23 12:0 a.m.39 views

Ross Video DashBoard 8.5.1 - Insecure Permissions

Ross Video DashBoard 8.5.1 - Insecure Permissions Ross Video DashBoard 8.5.1 Insecure Permissions Vendor: Ross Video Ltd. Product web page: https://www.rossvideo.com Affected version: 8.5.1 Summary: DashBoard is a free and open platform from Ross Video for facility control and monitoring that...

0.3AI score
Exploits0
exploitpack
exploitpack
added 2019/04/23 12:0 a.m.39 views

systemd - Lack of Seat Verification in PAM Module Permits Spoofing Active Session to polkit

systemd - Lack of Seat Verification in PAM Module Permits Spoofing Active Session to polkit As documented at , for any action, a polkit policy can specify separate levels of required authentication based on whether a client is: - in an active session on a local console - in an inactive session on...

7.3AI score
Exploits0
exploitpack
exploitpack
added 2019/03/21 12:0 a.m.39 views

DVD X Player 5.5.3 - .plf Buffer Overflow

DVD X Player 5.5.3 - .plf Buffer Overflow !/usr/bin/env python Exploit Title: DVD X Player 5.5.3 Buffer Overflow Date: 20.03.2019 Exploit Author: Paolo Perego - [email protected] Vendor Homepage: http://www.dvd-x-player.com Software Link:...

6.8CVSS0.4AI score0.04878EPSS
Exploits8
exploitpack
exploitpack
added 2019/02/22 12:0 a.m.39 views

Quest NetVault Backup Server 11.4.5 - Process Manager Service SQL Injection Remote Code Execution

Quest NetVault Backup Server 11.4.5 - Process Manager Service SQL Injection Remote Code Execution Exploit Title: Quest NetVault Backup Server 11.4.5 Process Manager Service SQL Injection Remote Code Execution Vulnerability ZDI-17-982 Date: 2-21-2019 Exploit Author: credit goes to rgod for finding...

7.5CVSS0.6AI score0.10001EPSS
Exploits5
exploitpack
exploitpack
added 2019/02/18 12:0 a.m.39 views

Oracle Java Runtime Environment - Heap Out-of-Bounds Read During TTF Font Rendering in AlternateSubstitutionSubtable::process

Oracle Java Runtime Environment - Heap Out-of-Bounds Read During TTF Font Rendering in AlternateSubstitutionSubtable::process A heap-based out-of-bounds read was observed in Oracle Java Runtime Environment version 8u202 latest at the time of this writing while fuzz-testing the processing of...

0.4AI score
Exploits0
exploitpack
exploitpack
added 2019/02/05 12:0 a.m.39 views

OpenMRS Platform 2.24.0 - Insecure Object Deserialization

OpenMRS Platform 2.24.0 - Insecure Object Deserialization Insecure Object Deserialization on the OpenMRS Platform Vulnerability Details CVE ID: CVE-2018-19276 Access Vector: Remote Security Risk: Critical Vulnerability: CWE-502 CVSS Base Score: 10.0 CVSS vector:...

10CVSS9.6AI score0.98811EPSS
Exploits10
exploitpack
exploitpack
added 2019/01/24 12:0 a.m.39 views

Ghostscript 9.26 - Pseudo-Operator Remote Code Execution

Ghostscript 9.26 - Pseudo-Operator Remote Code Execution I noticed ghostscript 9.26 was released, so had a quick look and spotted some errors. For background, this is how you define a subroutine in postscript: /hello hello\n print def That's simple enough, but because a subroutine is just an...

0.1AI score
Exploits0
exploitpack
exploitpack
added 2019/01/01 12:0 a.m.39 views

GDB-Connector

GDB Connector is a remote script to use for controlling a remote target and debug an exploit on a target directly from Exploit Pack. Copy this script to your target and execute it to connect back to your framework. Shell Script created using Exploit Pack http://www.exploitpack.com -...

0.3AI score
Exploits0
exploitpack
exploitpack
added 2018/12/18 12:0 a.m.39 views

SDL Web Content Manager 8.5.0 - XML External Entity Injection

SDL Web Content Manager 8.5.0 - XML External Entity Injection Author Information Author : Ahmed Elhady Mohamed twitter : @AhmedELhady Company : Canon Security Date : 25/11/2018 Software Information Affected Software : SDL Web Content Manager Version: Build 8.5.0 Vendor: SDL Tridion Software websi...

4CVSS0.06017EPSS
Exploits5
exploitpack
exploitpack
added 2018/12/04 12:0 a.m.39 views

FreshRSS 1.11.1 - Cross-Site Scripting

FreshRSS 1.11.1 - Cross-Site Scripting Multiple Cross-Site Scripting Vulnerabilities in FreshRSS 1.11.1 Information -------------------- Advisory by Netsparker Name: Multiple Cross-Site Scripting Vulnerabilities in FreshRSS Affected Software: FreshRSS Affected Versions: 1.11.1 Homepage:...

4.3CVSS6.1AI score0.04432EPSS
Exploits5
exploitpack
exploitpack
added 2018/12/03 12:0 a.m.39 views

Rockwell Automation Allen-Bradley PowerMonitor 1000 - Cross-Site Scripting

Rockwell Automation Allen-Bradley PowerMonitor 1000 - Cross-Site Scripting Exploit Title: Rockwell Automation Allen-Bradley PowerMonitor 1000 - Cross-Site Scripting Date: 2018-11-27 Exploit Author: Luca.Chiou Vendor Homepage: https://www.rockwellautomation.com/ Version: 1408-EM3A-ENT B Tested on:...

6.8AI score
Exploits0
exploitpack
exploitpack
added 2018/12/03 12:0 a.m.39 views

Budabot 4.0 - Denial of Service (PoC)

Budabot 4.0 - Denial of Service PoC Exploit Title: Budabot 4.0 - Denial of Service PoC Date: 2018-10-15 Exploit Author: Ryan Delaney Author Contact: [email protected] Vendor Homepage: http://budabot.com/ Software Link: http://budabot.com/forum/viewtopic.php?f=8&t=1413 Version: 0.6 - 4.0 Test...

7.5CVSS9.6AI score0.04048EPSS
Exploits6
exploitpack
exploitpack
added 2018/11/26 12:0 a.m.39 views

ELBA5 5.8.0 - Remote Code Execution

ELBA5 5.8.0 - Remote Code Execution Exploit Title: ELBA5 5.8.0 - Remote Code Execution Date: 2018-11-16 Exploit Author: Florian Bogner Vendor Homepage: https://www.elba.at Vulnerable Software:...

8.1AI score
Exploits0
exploitpack
exploitpack
added 2018/11/20 12:0 a.m.39 views

Apple macOS 10.13 - workq_kernreturn Denial of Service (PoC)

Apple macOS 10.13 - workqkernreturn Denial of Service PoC / Exploit Title: MacOS 10.13 - 'workqkernreturn' Denial of Service PoC Date: 2018-07-30 Exploit Author: Fabiano Anemone Vendor Homepage: https://www.apple.com/ Version: iOS 11.4.1 / MacOS 10.13.6 Tested on: iOS / MacOS CVE: Not assigned...

7.2AI score
Exploits0
exploitpack
exploitpack
added 2018/10/30 12:0 a.m.39 views

Webiness Inventory 2.9 - Arbitrary File Upload

Webiness Inventory 2.9 - Arbitrary File Upload Exploit Title: Webiness Inventory 2.9 - Arbitrary File Upload Date: 2018-10-27 Exploit Author: Boumediene KADDOUR Unit: Algerie Telecom R&D Unit Software Link: https://github.com/webiness/webinessinventory Version: 2.9 3145728 61 continue; 62 63 64 /...

0.3AI score
Exploits0
exploitpack
exploitpack
added 2018/10/25 12:0 a.m.39 views

Ekushey Project Manager CRM 3.1 - Cross-Site Scripting

Ekushey Project Manager CRM 3.1 - Cross-Site Scripting Exploit Title: Ekushey Project Manager CRM 3.1 - Cross-Site Scripting Date: 2018-10-16 Exploit Author: Ismail Tasdelen Vendor Homepage: http://creativeitem.com/ Software Link : http://creativeitem.com/demo/ekushey/ Software : Ekushey Project...

3.5CVSS0.4AI score0.01643EPSS
Exploits6
exploitpack
exploitpack
added 2018/08/29 12:0 a.m.39 views

Argus Surveillance DVR 4.0.0.0 - Directory Traversal

Argus Surveillance DVR 4.0.0.0 - Directory Traversal Exploit: Argus Surveillance DVR 4.0.0.0 - Directory Traversal Author: John Page aka hyp3rlinx Date: 2018-08-28 Vendor: www.argussurveillance.com Software Link: http://www.argussurveillance.com/download/DVRstp.exe CVE: N/A Description: Argus...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2018/08/27 12:0 a.m.39 views

Electron WebPreferences - Remote Code Execution

Electron WebPreferences - Remote Code Execution CVE-2018-15685 - Electron WebPreferences Remote Code Execution This is a minimal Electron application with a POC for CVE-2018-15685. A remote code execution vulnerability has been discovered affecting apps with the ability to open nested child windo...

6.8CVSS0.3AI score0.10427EPSS
Exploits4
exploitpack
exploitpack
added 2018/07/17 12:0 a.m.39 views

Microhard Systems 3G4G Cellular Ethernet and Serial Gateway - Remote Root

Microhard Systems 3G4G Cellular Ethernet and Serial Gateway - Remote Root Microhard Systems 3G/4G Cellular Ethernet and Serial Gateway Remote Root Exploit Vendor: Microhard Systems Inc. Product web page: http://www.microhardcorp.com Affected version: IPn4G 1.1.0 build 1098 IPn3Gb 2.2.0 build 2160...

0.4AI score
Exploits0
exploitpack
exploitpack
added 2018/06/04 12:0 a.m.39 views

CyberArk 10 - Memory Disclosure

CyberArk 10 - Memory Disclosure Exploit Title: CyberArk 10 - Memory Disclosure Date: 2018-06-04 Exploit Author: Thomas Zuk Vendor Homepage: https://www.cyberark.com/products/privileged-account-security-solution/enterprise-password-vault/ Version: 9.7 and 10 Tested on: Windows 2008, Windows 2012,...

5CVSS5.3AI score0.14116EPSS
Exploits12
exploitpack
exploitpack
added 2018/05/23 12:0 a.m.39 views

Online Store System CMS 1.0 - SQL Injection

Online Store System CMS 1.0 - SQL Injection Exploit Title: Online Store System CMS 1.0 - SQL Injection Dork: N/A Date: 2018-05-23 Exploit Author: Özkan Mustafa Akkuş AkkuS Vendor: Wecodex Solutions Vendor Homepage: https://www.wecodex.com/item/view/online-store-system-in-php-and-mysql/3 Version:...

Exploits0
exploitpack
exploitpack
added 2018/04/18 12:0 a.m.39 views

RSVG 2.40.13 2.42.2 - .svg Buffer Overflow

RSVG 2.40.13 2.42.2 - .svg Buffer Overflow Exploit Title: Buffer-overflow in RSVG while converting a malformed svg Date: 17 April 2018 Exploit Author: Hamm3r.py Vendor Homepage: https://launchpad.net/ubuntu/xenial/+package/librsvg2-bin Software Link:...

0.3AI score
Exploits0
exploitpack
exploitpack
added 2018/04/06 12:0 a.m.39 views

Sophos Endpoint Protection 10.7 - Tamper-Protection Bypass

Sophos Endpoint Protection 10.7 - Tamper-Protection Bypass + Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/SOPHOS-ENDPOINT-PROTECTION-v10.7-TAMPER-PROTECTION-BYPASS-CVE-2018-4863.txt + ISR: Apparition Security Vendor:...

2.1CVSS5.5AI score0.01247EPSS
Exploits5
exploitpack
exploitpack
added 2018/02/27 12:0 a.m.39 views

Asterisk chan_pjsip 15.2.0 - SDP fmtp Denial of Service

Asterisk chanpjsip 15.2.0 - SDP fmtp Denial of Service ''' Segmentation fault occurs in asterisk with an invalid SDP fmtp attribute - Authors: - Alfred Farrugia - Sandro Gauci - Latest vulnerable version: Asterisk 15.2.0 running chanpjsip - References: AST-2018-003 - Enable Security Advisory: -...

7.3AI score
Exploits0
exploitpack
exploitpack
added 2018/02/22 12:0 a.m.39 views

Armadito Antivirus 0.12.7.2 - Detection Bypass

Armadito Antivirus 0.12.7.2 - Detection Bypass / Title: Armadito Antivirus - Malware Detection Bypass Date: 21/02/2018 Author: Souhail Hammou Author's website: http://rce4fun.blogspot.com Vendor Homepage: http://www.teclib-edition.com/en/ Version: 0.12.7.2 CVE: CVE-2018-7289 Details: -------- An...

4.3CVSS0.4AI score0.01756EPSS
Exploits5
exploitpack
exploitpack
added 2018/02/22 12:0 a.m.39 views

Joomla! Component Proclaim 9.1.1 - Arbitrary File Upload

Joomla! Component Proclaim 9.1.1 - Arbitrary File Upload Exploit Title: Joomla! Component Proclaim 9.1.1 - Arbitrary File Upload Dork: N/A Date: 22.02.2018 Vendor Homepage: https://www.christianwebministries.org/ Software Link:...

7.5CVSS0.2AI score0.08213EPSS
Exploits5
exploitpack
exploitpack
added 2018/02/16 12:0 a.m.39 views

Joomla Component ccNewsletter 2.x.x id - SQL Injection

Joomla Component ccNewsletter 2.x.x id - SQL Injection Exploit Title: Joomla Component ccNewsletter 2.x.x 'id' - SQL Injection Dork: N/A Date: 16.02.2018 Vendor Homepage: https://www.chillcreations.com/ Software Link: https://extensions.joomla.org/extension/ccnewsletter/ Version: 2.x Stable...

7.5CVSS0.5AI score0.02607EPSS
Exploits5
exploitpack
exploitpack
added 2018/02/05 12:0 a.m.39 views

Netis WF2419 Router - Cross-Site Scripting

Netis WF2419 Router - Cross-Site Scripting Exploit Title: Netis-WF2419 HTML Injection Date: 20/01/2018 Exploit Author: Sajibe Kanti Author Contact :https://twitter.com/@sajibekantibd Vendor Homepage: http://www.netis-systems.com/ Version: Netis-WF2419 , V3.2.41381 Tested on: Windows 10 CEV :...

3.5CVSS0.1AI score0.0161EPSS
Exploits4
exploitpack
exploitpack
added 2018/01/21 12:0 a.m.39 views

Shopware 5.2.55.3 - Cross-Site Scripting

Shopware 5.2.55.3 - Cross-Site Scripting Document Title: =============== Shopware 5.2.5 & v5.3 - Multiple Cross Site Scripting Web Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1922 Shopware Security Tracking ID: SW-19834 Security Updat...

4.3CVSS0.1AI score0.04812EPSS
Exploits7
exploitpack
exploitpack
added 2017/12/19 12:0 a.m.39 views

Ichano AtHome IP Cameras - Multiple Vulnerabilities

Ichano AtHome IP Cameras - Multiple Vulnerabilities Vulnerabilities Summary The following advisory describes three 3 vulnerabilities found in Ichano IP Cameras. AtHome Camera is “a remote video surveillance app which turns your personal computer, smart TV/set-top box, smart phone, and tablet into...

10CVSS0.6AI score0.07214EPSS
Exploits3
exploitpack
exploitpack
added 2017/12/11 12:0 a.m.39 views

PHP Multivendor Ecommerce 1.0 - sid searchcat chid1 SQL Injection

PHP Multivendor Ecommerce 1.0 - sid searchcat chid1 SQL Injection Exploit Title: PHP Multivendor Ecommerce 1.0 - SQL Injection Dork: N/A Date: 09.12.2017 Vendor Homepage: https://www.phpscriptsmall.com/ Software Link: https://www.phpscriptsmall.com/product/php-multivendor-ecommerce/ Version: 1.0...

Exploits0
exploitpack
exploitpack
added 2017/09/26 12:0 a.m.39 views

WordPress Plugin WPGYM - SQL Injection

WordPress Plugin WPGYM - SQL Injection Exploit Title: WPGYM - Wordpress Gym Management System - SQL Injection Dork: N/A Date: 26.09.2017 Vendor Homepage: http://mojoomla.com/ Software Link: https://codecanyon.net/item/-wpgym-wordpress-gym-management-system/13352964 Demo:...

8.6AI score
Exploits0
exploitpack
exploitpack
added 2017/09/25 12:0 a.m.39 views

FLIR Thermal Camera FFCPTD - SSH Backdoor Access

FLIR Thermal Camera FFCPTD - SSH Backdoor Access FLIR Systems FLIR Thermal Camera F/FC/PT/D Hard-Coded SSH Credentials Vendor: FLIR Systems, Inc. Product web page: http://www.flir.com Affected version: Firmware version: 8.0.0.64 Software version: 10.0.2.43 Release: 1.4.1, 1.4, 1.3.4 GA, 1.3.3 GA...

0.4AI score
Exploits0
exploitpack
exploitpack
added 2017/09/13 12:0 a.m.39 views

Mako Web Server 2.5 - Multiple Vulnerabilities

Mako Web Server 2.5 - Multiple Vulnerabilities + SSD Beyond Security: https://blogs.securiteam.com/index.php/archives/3391 + Credits: John Page a.k.a hyp3rlinx + Website: hyp3rlinx.altervista.org + Source:...

0.2AI score
Exploits0
exploitpack
exploitpack
added 2017/08/30 12:0 a.m.39 views

Invoice Manager 3.1 - Cross-Site Request Forgery (Add Admin)

Invoice Manager 3.1 - Cross-Site Request Forgery Add Admin ======================================================== Invoice Manager v3.1 Cross site request forgery Add Admin Description : Invoice Manager v3.1 is vulnerable to CSRF attack No CSRF token in place which if an admin user can be tricke...

0.3AI score
Exploits0
exploitpack
exploitpack
added 2017/07/24 12:0 a.m.39 views

Nitro Pro PDF - Multiple Vulnerabilities

Nitro Pro PDF - Multiple Vulnerabilities Vulnerabilities Summary The following advisory describes three vulnerabilities found in Nitro / Nitro Pro PDF. Nitro Pro is the PDF reader and editor that does everything you will ever need to do with PDF files. The powerful but snappy editor lets you chan...

4.3CVSS0.9AI score0.0249EPSS
Exploits2
exploitpack
exploitpack
added 2017/06/30 12:0 a.m.39 views

eVestigator Forensic PenTester - Man In The Middle Remote Code Execution

eVestigator Forensic PenTester - Man In The Middle Remote Code Execution Exploit Title: eVestigator Forensic PenTester v1 - Remote Code Execution via MITM Date: 30/Jun/17 Exploit Author: MaXe Vendor Homepage: https://play.google.com/store/apps/details?id=penetrationtest.eVestigator.com Software...

0.4AI score
Exploits0
Total number of security vulnerabilities5000