Lucene search
K
ExploitpackMost viewed

41207 matches found

exploitpack
exploitpack
added 2019/05/20 12:0 a.m.36 views

Solaris 789 (SPARC) - dtprintinfo Local Privilege Escalation (2)

Solaris 789 SPARC - dtprintinfo Local Privilege Escalation 2 / raptordtprintnamesparc2.c - dtprintinfo 0day, Solaris/SPARC Copyright c 2004-2019 Marco Ivaldi 0day buffer overflow in the dtprintinfo1 CDE Print Viewer, leading to local root. Many thanks to Dave Aitel for discovering this...

0.4AI score
Exploits0
exploitpack
exploitpack
added 2019/05/06 12:0 a.m.36 views

LG Supersign EZ CMS - Remote Code Execution (Metasploit)

LG Supersign EZ CMS - Remote Code Execution Metasploit This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'LG Supersign EZ CMS RCE', 'Description' = %q LG SuperSignEZ CMS, that many LG SuperSign TVs...

0.5AI score0.56237EPSS
Exploits9
exploitpack
exploitpack
added 2019/03/14 12:0 a.m.36 views

Pegasus CMS 1.0 - extra_fields.php Plugin Remote Code Execution

Pegasus CMS 1.0 - extrafields.php Plugin Remote Code Execution Exploit Title: Pegasus extrafields.php Plugin Remote Code Execution Date: 14 March 2019 Exploit Author: R3zk0n Vendor Homepage: https://www.wisdom.com.au/web/pegasus-cms Software Link: N/A Version: 1.0 Tested on: Linux CVE : N/A The...

8.1AI score
Exploits0
exploitpack
exploitpack
added 2019/03/04 12:0 a.m.36 views

Splunk Enterprise 7.2.4 - Custom App Remote Command Execution (Persistent Backdoor Custom Binary)

Splunk Enterprise 7.2.4 - Custom App Remote Command Execution Persistent Backdoor Custom Binary !/usr/bin/python Exploit Title: Splunk Enterprise 7.2.4 Custom App RCE persistent backdoor - custom binary payload Date: March 1, 2019 Exploit Author: Matteo Malvica Original Author: Lee Mazzoleni Vend...

0.4AI score
Exploits0
exploitpack
exploitpack
added 2019/02/21 12:0 a.m.36 views

C4G Basic Laboratory Information System (BLIS) 3.4 - SQL Injection

C4G Basic Laboratory Information System BLIS 3.4 - SQL Injection Exploit Title: C4G Basic Laboratory Information System BLIS 3.4 - Multiples SQL Injection Date: 01/31/2019 Software Links/Project: https://github.com/C4G/BLIS | http://blis.cc.gatech.edu/index.php Version: C4G Basic Laboratory...

8.6AI score
Exploits0
exploitpack
exploitpack
added 2019/02/05 12:0 a.m.36 views

BEWARD N100 H.264 VGA IP Camera M2.1.6 - RTSP Stream Disclosure

BEWARD N100 H.264 VGA IP Camera M2.1.6 - RTSP Stream Disclosure BEWARD N100 H.264 VGA IP Camera M2.1.6 Unauthenticated RTSP Stream Disclosure Vendor: Beward R&D Co., Ltd Product web page: https://www.beward.net Affected version: M2.1.6.04C014 Summary: The N100 compact color IP camera with support...

0.1AI score
Exploits0
exploitpack
exploitpack
added 2019/01/31 12:0 a.m.36 views

macOS 10.14.3 iOS 12.1.3 - Sandbox Escapes due to Type Confusions and Memory Safety Issues in iohideventsystem

macOS 10.14.3 iOS 12.1.3 - Sandbox Escapes due to Type Confusions and Memory Safety Issues in iohideventsystem / It's possible that this should be two separate issues but I'm filing it as one as I'm still understanding this service. com.apple.iohideventsystem is hosted in hidd on MacOS and...

0.5AI score
Exploits0
exploitpack
exploitpack
added 2019/01/31 12:0 a.m.36 views

Advanced Host Monitor 11.90 Beta - Registration number Denial of Service (PoC)

Advanced Host Monitor 11.90 Beta - Registration number Denial of Service PoC Exploit Title: Advanced Host Monitor 11.90 Beta - 'Registration number' Denial of Service PoC Discovery by: Luis Martinez Discovery Date: 2019-01-30 Vendor Homepage: https://www.ks-soft.net Software Link :...

7.3AI score
Exploits0
exploitpack
exploitpack
added 2019/01/16 12:0 a.m.36 views

NTPsec 1.1.2 - config (Authenticated) Out-of-Bounds Write Denial of Service (PoC)

NTPsec 1.1.2 - config Authenticated Out-of-Bounds Write Denial of Service PoC !/usr/bin/env python Exploit Title: ntpsec 1.1.2 authenticated out of bounds write proof of concept DoS Bug Discovery: Magnus Klaaborg Stubman @magnusstubman Exploit Author: Magnus Klaaborg Stubman @magnusstubman Websit...

4CVSS0.1AI score0.1371EPSS
Exploits5
exploitpack
exploitpack
added 2019/01/07 12:0 a.m.36 views

MyBB OUGC Awards Plugin 1.8.3 - Persistent Cross-Site Scripting

MyBB OUGC Awards Plugin 1.8.3 - Persistent Cross-Site Scripting Exploit Title: MyBB OUGC Awards Plugin v1.8.3 - Cross-Site Scripting Date: 12/31/2018 Author: 0xB9 Twitter: @0xB9Sec Contact: 0xB9atpm.me Software Link: https://community.mybb.com/mods.php?action=view&pid=396 Version: 1.8.3 Tested on...

3.5CVSS5AI score0.02353EPSS
Exploits5
exploitpack
exploitpack
added 2018/12/21 12:0 a.m.36 views

Netatalk 3.1.12 - Authentication Bypass (PoC)

Netatalk 3.1.12 - Authentication Bypass PoC import socket import struct import sys if lensys.argv != 3: sys.exit0 ip = sys.argv1 port = intsys.argv2 sock = socket.socketsocket.AFINET, socket.SOCKSTREAM print "+ Attempting connection to " + ip + ":" + sys.argv2 sock.connectip, port dsipayload =...

Exploits0
exploitpack
exploitpack
added 2018/12/03 12:0 a.m.37 views

WordPress Plugin Advanced-Custom-Fields 5.7.7 - Cross-Site Scripting

WordPress Plugin Advanced-Custom-Fields 5.7.7 - Cross-Site Scripting Exploit Title: Wordpress Plugins Advanced-custom-fields 5.7.7 - Cross-Site Scripting Google Dork: N/A Date: 2018-12-02 Exploit Author: Loading Kura Kura Vendor Homepage: https://www.advancedcustomfields.com/ Software Link:...

Exploits0
exploitpack
exploitpack
added 2018/12/03 12:0 a.m.36 views

Fleetco Fleet Maintenance Management 1.2 - Remote Code Execution

Fleetco Fleet Maintenance Management 1.2 - Remote Code Execution Exploit Title: Fleetco Fleet Maintenance Management 1.2 - Remote Code Execution Date: 2018-11-23 Exploit Author: Özkan Mustafa Akkuş AkkuS Contact: https://pentest.com.tr Vendor Homepage: https://www.fleetco.space Software Link:...

0.1AI score
Exploits0
exploitpack
exploitpack
added 2018/11/12 12:0 a.m.36 views

TP-Link Archer C50 Wireless Router 171227 - Cross-Site Request Forgery (Configuration File Disclosure)

TP-Link Archer C50 Wireless Router 171227 - Cross-Site Request Forgery Configuration File Disclosure Exploit Title: TP-Link Archer C50 Wireless Router 171227 - Cross-Site Request Forgery Configuration File Disclosure Date: 2018-11-07 Exploit Author: Wadeek Vendor Homepage: https://www.tp-link.com...

0.2AI score
Exploits0
exploitpack
exploitpack
added 2018/11/07 12:0 a.m.36 views

OpenSLP 2.0.0 - Multiple Vulnerabilities

OpenSLP 2.0.0 - Multiple Vulnerabilities / | | | / / | . | . | -| | -| | . | ||/ || |||||| | || || 2018-11-07 MORE BUGS IN OPENSLP-2.0.0 ========================== I discovered some bugs in openslp-2.0.0 back in January, 2018. One of them I disclosed in June...

7.5CVSS0.2AI score0.12364EPSS
Exploits4
exploitpack
exploitpack
added 2018/10/29 12:0 a.m.36 views

School Equipment Monitoring System 1.0 - login SQL Injection

School Equipment Monitoring System 1.0 - login SQL Injection Exploit Title: School Equipment Monitoring System 1.0 - 'login' SQL Injection Dork: N/A Date: 2018-10-29 Exploit Author: Ihsan Sencan Vendor Homepage: https://www.sourcecodester.com/users/janobe Software Link:...

7.5CVSS0.1AI score0.01587EPSS
Exploits5
exploitpack
exploitpack
added 2018/10/25 12:0 a.m.36 views

Delta Sql 1.8.2 - Arbitrary File Upload

Delta Sql 1.8.2 - Arbitrary File Upload Exploit Title: Delta Sql 1.8.2 - Arbitrary File Upload Dork: N/A Date: 2018-10-25 Exploit Author: Ihsan Sencan Vendor Homepage: http://deltasql.sourceforge.net/ Software Link: https://sourceforge.net/projects/deltasql/files/latest/download Software Link:...

Exploits0
exploitpack
exploitpack
added 2018/09/27 12:0 a.m.36 views

iWay Data Quality Suite Web Console 10.6.1.ga - XML External Entity Injection

iWay Data Quality Suite Web Console 10.6.1.ga - XML External Entity Injection Exploit Title: iWay Data Quality Suite Web Console 10.6.1.ga-2016-11-20 – XML External Entity Injection Google Dork: N/A Date: 2018-09-27 Exploit Author: Sureshbabu Narvaneni Author Blog : https://nullnews.in Vendor...

7.8AI score
Exploits0
exploitpack
exploitpack
added 2018/09/25 12:0 a.m.36 views

WebKit - WebCore::SVGAnimateElementBase::resetAnimatedType Use-After-Free

WebKit - WebCore::SVGAnimateElementBase::resetAnimatedType Use-After-Free function eventhandler2 try var var00138 = svgvar00013.parentNode; catche try htmlvar00006.setAttribute"onfocusin", "eventhandler2"; catche try svgvar00001.aftervar00138; catche function eventhandler5 try...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2018/08/31 12:0 a.m.36 views

Vox TG790 ADSL Router - Cross-Site Scripting

Vox TG790 ADSL Router - Cross-Site Scripting Title: Vox TG790 ADSL Router - Cross-Site Scripting Author: Cakes Exploit Date: 2018-08-01 Vendor: Vox Telecom Link: https://www.vox.co.za/ Firmware Version: 6.2.W.1 CVE: N/A Description Due to improper user iunput management low privilege users are ab...

Exploits0
exploitpack
exploitpack
added 2018/08/16 12:0 a.m.36 views

WebkitGTK+ 2.20.3 - ImageBufferCairo::getImageData() Buffer Overflow (PoC)

WebkitGTK+ 2.20.3 - ImageBufferCairo::getImageData Buffer Overflow PoC Exploit Title: WebkitGTK+ 2.20.3 - 'ImageBufferCairo::getImageData' Buffer Overflow PoC Date: 2018-08-15 Exploit Author: PeregrineX Vendor Homepage: https://webkitgtk.org/ & https://webkit.org/wpe/ Software Link:...

6.8CVSS0.4AI score0.10525EPSS
Exploits4
exploitpack
exploitpack
added 2018/08/03 12:0 a.m.36 views

Vuze Bittorrent Client 5.7.6.0 - SSDP Processing XML External Entity Injection

Vuze Bittorrent Client 5.7.6.0 - SSDP Processing XML External Entity Injection Issue: Out-of-Band XXE in Vuze Bittorrent Client's SSDP Processing Reserved CVE: CVE-2018-13417 Vulnerability Overview The XML parsing engine for Vuze Bittorrent Client's SSDP/UPNP functionality is vulnerable to an XML...

7.5CVSS0.5AI score0.20695EPSS
Exploits5
exploitpack
exploitpack
added 2018/08/03 12:0 a.m.36 views

Plex Media Server 1.13.2.5154 - SSDP Processing XML External Entity Injection

Plex Media Server 1.13.2.5154 - SSDP Processing XML External Entity Injection Issue: Out-of-Band XXE in Plex Media Server's SSDP Processing Reserved CVE: CVE-2018-13415 Vulnerability Overview The XML parsing engine for Plex Media Server's SSDP/UPNP functionality is vulnerable to an XML External...

7.5CVSS0.6AI score0.31809EPSS
Exploits5
exploitpack
exploitpack
added 2018/07/25 12:0 a.m.36 views

GetGo Download Manager 6.2.1.3200 - Denial of Service (PoC)

GetGo Download Manager 6.2.1.3200 - Denial of Service PoC Exploit Title: GetGo Download Manager 6.2.1.3200 - Buffer Overflow Denial of Service Date: 2018-07-25 Exploit Author: Nathu Nandwani Website: http://nandtech.co CVE: CVE-2017-17849 Tested On: Windows 7 x86, Windows 10 x64 Details The...

10CVSS9.6AI score0.19015EPSS
Exploits9
exploitpack
exploitpack
added 2018/06/14 12:0 a.m.36 views

Joomla Component Ek Rishta 2.10 - SQL Injection

Joomla Component Ek Rishta 2.10 - SQL Injection Title: SQL Injection Joomla Component Ek rishta 2.10 - SQL Injection Date: 2018-06-14 Exploit Author: Guilherme Assmann Vendor Homepage:https://www.joomla.org/ Version: 2.10 Tested on: MacOSX, Safari, Chrome Download:...

6.5CVSS0.3AI score0.02616EPSS
Exploits5
exploitpack
exploitpack
added 2018/06/08 12:0 a.m.36 views

Splunk 7.0.1 - Information Disclosure

Splunk 7.0.1 - Information Disclosure Exploit Title: Splunk 7.0.1 - Information Disclosure Date: 2018-05-23 Exploit Author: KoF2002 Vendor Homepage: https://www.splunk.com/ Version: 6.2.3 - 7.01 MAYBE ALL VERSION AFFECTED Tested on: Linux OS CVE : CVE-2018-11409 Splunk through 6.2.3 7.0.1 allows...

5CVSS5.1AI score0.98371EPSS
Exploits7
exploitpack
exploitpack
added 2018/05/28 12:0 a.m.36 views

CloudMe Sync 1.11.0 - Buffer Overflow (SEH) (DEP Bypass)

CloudMe Sync 1.11.0 - Buffer Overflow SEH DEP Bypass Exploit: CloudMe Sync netstat -nao | find "8888" TCP 0.0.0.0:8888 0.0.0.0:0 LISTENING 2640 C:\tasklist | find "2640" CloudMe.exe 2640 Console 1 36,632 K Attacking Machine: root@kali:/Desktop python cloudme.py CloudMe Sync v1.10.9 Buffer Overflo...

0.7AI score
Exploits0
exploitpack
exploitpack
added 2018/05/22 12:0 a.m.36 views

Siemens SIMATIC S7-1200 CPU - Cross-Site Scripting

Siemens SIMATIC S7-1200 CPU - Cross-Site Scripting Exploit Title: Siemens SIMATIC S7-1200 CPU - Cross-Site Scripting Google Dork: inurl:/Portal/Portal.mwsl Date: 2018-05-22 Exploit Author: t4rkd3vilz, Jameel Nabbo Vendor Homepage: https://www.siemens.com/ Version: SIMATIC S7-1200 CPU family...

4.3CVSS0.2095EPSS
Exploits3
exploitpack
exploitpack
added 2018/04/23 12:0 a.m.36 views

VMware Workstation 12.5.2 - Drag n Drop Use-After-Free (Pwn2Own 2017) (PoC)

VMware Workstation 12.5.2 - Drag n Drop Use-After-Free Pwn2Own 2017 PoC char initialdnd = "tools.capability.dndversion 4"; static const int cbObj = 0x100; char seconddnd = "tools.capability.dndversion 2"; char chgver = "vmx.capability.dndversion"; char calltransport = "dnd.transport "; char...

0.1AI score
Exploits0
exploitpack
exploitpack
added 2018/04/02 12:0 a.m.36 views

WampServer 3.1.2 - Cross-Site Request Forgery

WampServer 3.1.2 - Cross-Site Request Forgery Exploit Title: WampServer 3.1.2 CSRF to add or delete any virtual hostsremotely Date: 31-03-2018 Software Link: http://www.wampserver.com/en/ Version: 3.1.2 Tested On: Windows 10 Exploit Author: Vipin Chaudhary Contact: http://twitter.com/vipinxsec...

6.8CVSS0.6AI score0.03267EPSS
Exploits6
exploitpack
exploitpack
added 2018/03/30 12:0 a.m.36 views

Joomla! Component AcySMS 3.5.0 - CSV Macro Injection

Joomla! Component AcySMS 3.5.0 - CSV Macro Injection Exploit Title: Joomla! Component AcySMS 3.5.0 CSV Macro Injection Google Dork: N/A Date: 22-03-2018 Exploit Author: Sureshbabu Narvaneni Vendor Homepage: https://www.acyba.com Software Link:...

6.8CVSS9AI score0.05639EPSS
Exploits5
exploitpack
exploitpack
added 2018/03/12 12:0 a.m.36 views

ACL Analytics 11.X - 13.0.0.579 - Arbitrary Code Execution

ACL Analytics 11.X - 13.0.0.579 - Arbitrary Code Execution Exploit Title: Arbitrary Code Execution Google Dork: N/A Date: 03-07-2018 Exploit Author: Clutchisback1 Vendor Homepage: https://www.acl.com Software Link: https://www.acl.com/products/acl-analytics/ Version: 11.x - 13.0.0.579 Tested on:...

0.3AI score
Exploits0
exploitpack
exploitpack
added 2018/03/05 12:0 a.m.36 views

Xion 1.0.125 - .m3u Local SEH-Based Unicode Venetian Exploit

Xion 1.0.125 - .m3u Local SEH-Based Unicode Venetian Exploit !/usr/bin/perl Title: Xion 1.0.125 .m3u File Local SEH-based Unicode The “Venetian” Exploit Vulnerability Type: Execute Code, Overflow UTF-16LE buffer, Memory corruption Date: Feb 18, 2018 Author: James Anderson synthetic Original...

0.6AI score
Exploits0
exploitpack
exploitpack
added 2018/02/16 12:0 a.m.36 views

Joomla Component ccNewsletter 2.x.x id - SQL Injection

Joomla Component ccNewsletter 2.x.x id - SQL Injection Exploit Title: Joomla Component ccNewsletter 2.x.x 'id' - SQL Injection Dork: N/A Date: 16.02.2018 Vendor Homepage: https://www.chillcreations.com/ Software Link: https://extensions.joomla.org/extension/ccnewsletter/ Version: 2.x Stable...

7.5CVSS0.5AI score0.02607EPSS
Exploits5
exploitpack
exploitpack
added 2018/01/28 12:0 a.m.36 views

Trend Micro Threat Discovery Appliance 2.6.1062r1 - dlp_policy_upload.cgi Remote Code Execution

Trend Micro Threat Discovery Appliance 2.6.1062r1 - dlppolicyupload.cgi Remote Code Execution !/usr/local/bin/python """ Trend Micro Threat Discovery Appliance /opt/TrendMicro/MinorityReport/bin/ Then, all we do is create /engptnstores/prod/sensorSDK/data/si/dlpkill.sh with malicious code and get...

0.4AI score
Exploits0
exploitpack
exploitpack
added 2018/01/15 12:0 a.m.36 views

Oracle E-Business Suite 12.1.312.2.x - Open Redirect

Oracle E-Business Suite 12.1.312.2.x - Open Redirect Exploit Title: Oracle E-Business suite Open Redirect Google Dork: inurl:OAHTML/cabo/ Date: April 2017 Exploit Author: author Vendor Homepage: http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html Software Link: download li...

5.8CVSS6AI score0.14558EPSS
Exploits4
exploitpack
exploitpack
added 2017/12/13 12:0 a.m.36 views

Joomla! Component JEXTN Video Gallery 3.0.5 - id SQL Injection

Joomla! Component JEXTN Video Gallery 3.0.5 - id SQL Injection Exploit Title: Joomla! Component JEXTN Video Gallery 3.0.5 - SQL Injection Dork: N/A Date: 13.12.2017 Vendor Homepage: http://jextn.com/ Software Link:...

0.4AI score
Exploits0
exploitpack
exploitpack
added 2017/11/22 12:0 a.m.36 views

WebKit - WebCore::SVGPatternElement::collectPatternAttributes Out-of-Bounds Read

WebKit - WebCore::SVGPatternElement::collectPatternAttributes Out-of-Bounds Read / Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1350 There is an out-of-bounds read security vulnerability in WebKit. The vulnerability was confirmed on ASan build of WebKit nightly. PoC:...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2017/10/17 12:0 a.m.36 views

Shadowsocks - Log File Command Execution

Shadowsocks - Log File Command Execution X41 D-Sec GmbH Security Advisory: X41-2017-008 Multiple Vulnerabilities in Shadowsocks ======================================= Overview -------- Confirmed Affected Versions: Latest commit 2ab8c6b on Sep 6 Confirmed Patched Versions: N/A Vendor: Shadowsocks...

7.6AI score
Exploits0
exploitpack
exploitpack
added 2017/10/17 12:0 a.m.36 views

OpenText Documentum Content Server - Privilege Escalation

OpenText Documentum Content Server - Privilege Escalation !/usr/bin/env python Opentext Documentum Content Server formerly known as EMC Documentum Content Server contains following design gap, which allows authenticated user to gain privileges of superuser: Content Server allows to upload content...

6.5CVSS1.1AI score0.09494EPSS
Exploits4
exploitpack
exploitpack
added 2017/09/25 12:0 a.m.36 views

FLIR Thermal Camera FFCPTD - Information Disclosure

FLIR Thermal Camera FFCPTD - Information Disclosure FLIR Systems FLIR Thermal Camera F/FC/PT/D Multiple Information Disclosures Vendor: FLIR Systems, Inc. Product web page: http://www.flir.com Affected version: Firmware version: 8.0.0.64 Software version: 10.0.2.43 Release: 1.4.1, 1.4, 1.3.4 GA,...

Exploits0
exploitpack
exploitpack
added 2017/08/31 12:0 a.m.36 views

Joomla! Component Huge-IT Portfolio Gallery Plugin 1.0.6 - SQL Injection

Joomla! Component Huge-IT Portfolio Gallery Plugin 1.0.6 - SQL Injection Exploit Title Unauthenticated SQL Injection in Huge-IT Portfolio Gallery Plugin v1.0.6 Date: 2016-09-16 Exploit Author: Larry W. Cashdollar, @larry0 Vendor Homepage: http://huge-it.com/joomla-portfolio-gallery/ Software Link...

7.5CVSS1AI score0.0255EPSS
Exploits9
exploitpack
exploitpack
added 2017/08/17 12:0 a.m.36 views

Microsoft Edge Chakra - Heap Buffer Overflow

Microsoft Edge Chakra - Heap Buffer Overflow IsCoroutine ... else InterpreterStackFrame::Setup setupfunction, args; sizet varAllocCount = setup.GetAllocationVarCount; //printf"varAllocCount: %d%X\r\n", varAllocCount, varAllocCount; sizet varSizeInBytes = varAllocCount sizeofVar; // // Allocate a...

0.9AI score
Exploits0
exploitpack
exploitpack
added 2017/07/24 12:0 a.m.36 views

WebKit - WebCore::AccessibilityNodeObject::textUnderElement Use-After-Free

WebKit - WebCore::AccessibilityNodeObject::textUnderElement Use-After-Free function go li.hidden = true; dir.setAttribute"aria-labeledby", "map"; !-- ================================================================= ASan log: =================================================================...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2017/06/08 12:0 a.m.36 views

Net Monitor for Employees Pro 5.3.4 - Unquoted Service Path Privilege Escalation

Net Monitor for Employees Pro 5.3.4 - Unquoted Service Path Privilege Escalation Exploit Title: Unquoted Service Path Privilege Escalation - Net Monitor for Employees Pro gmail.com, saeid Nsecurity.org Linkedin: https://www.linkedin.com/in/saeidatabaki Vendor Homepage: http://networklookout.com/...

6.9CVSS7.5AI score0.01051EPSS
Exploits4
exploitpack
exploitpack
added 2017/05/30 12:0 a.m.36 views

Piwigo Plugin Facetag 0.0.3 - SQL Injection

Piwigo Plugin Facetag 0.0.3 - SQL Injection Exploit Title: Facetag Extension in Piwigo, Multiple SQL injection Date: 30-05-2017 Extension Version: 0.0.3 Software Link: http://piwigo.org/basics/downloads Extension link : http://piwigo.org/ext/extensionview.php?eid=845 Exploit Author: Touhid M.Shai...

0.4AI score
Exploits0
exploitpack
exploitpack
added 2017/05/19 12:0 a.m.36 views

Tecnovision DLX Spot - Authentication Bypass

Tecnovision DLX Spot - Authentication Bypass Exploit Title: DlxSpot - Player4 LED video wall - Admin Interface SQL Injection Google Dork: "DlxSpot - Player4" Date: 2017-05-14 Discoverer: Simon Brannstrom Authors Website: https://unknownpwn.github.io/ Vendor Homepage: http://www.tecnovision.com/...

10CVSS0.2AI score0.10081EPSS
Exploits13
exploitpack
exploitpack
added 2017/05/19 12:0 a.m.36 views

Tecnovision DLX Spot - Arbitrary File Upload

Tecnovision DLX Spot - Arbitrary File Upload Exploit Title: DlxSpot - Player4 LED video wall - Arbitrary File Upload to RCE Google Dork: "DlxSpot - Player4" Date: 2017-05-14 Discoverer: Simon Brannstrom Authors Website: https://unknownpwn.github.io/ Vendor Homepage: http://www.tecnovision.com/...

10CVSS0.2AI score0.10081EPSS
Exploits13
exploitpack
exploitpack
added 2017/05/10 12:0 a.m.36 views

Cisco DPC3928 Router - Arbitrary File Disclosure

Cisco DPC3928 Router - Arbitrary File Disclosure Vulnerability Summary The following advisory describes an arbitrary file disclosure vulnerability found in Cisco DPC3928AD DOCSIS 3.0 2-PORT Voice Gateway. The Cisco DPC3928AD DOCSIS is a home wireless router that is currently "Out of support" but ...

5CVSS0.5AI score0.07122EPSS
Exploits3
exploitpack
exploitpack
added 2017/05/01 12:0 a.m.36 views

MySQL 5.6.35 5.7.17 - Integer Overflow

MySQL 5.6.35 5.7.17 - Integer Overflow ''' Source: https://raw.githubusercontent.com/SECFORCE/CVE-2017-3599/master/cve-2017-3599poc.py Exploit Title: Remote MySQL DOS Integer Overflow Google Dork: N/A Date: 13th April 2017 Exploit Author: Rodrigo Marcos Vendor Homepage: https://www.mysql.com/...

7.8CVSS7.7AI score0.89924EPSS
Exploits7
Total number of security vulnerabilities5000