Lucene search
K
ExploitpackMost viewed

41207 matches found

exploitpack
exploitpack
added 2017/04/19 12:0 a.m.34 views

Dmitry 1.3a - Local Buffer Overflow (PoC)

Dmitry 1.3a - Local Buffer Overflow PoC Exploit Title: DmitryDeepmagic Information Gathering Tool Local Stack Buffer Overflow CVE: CVE-2017-7938 CWE: CWE-119 Exploit Author: Hosein Askari FarazPajohan Vendor HomePage: http://mor-pah.net/software/dmitry-deepmagic-information-gathering-tool/ Versio...

7.5CVSS1AI score0.04987EPSS
Exploits5
exploitpack
exploitpack
added 2017/03/20 12:0 a.m.34 views

ExtraPuTTY 0.29-RC2 - Denial of Service

ExtraPuTTY 0.29-RC2 - Denial of Service + Credits: John Page AKA hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/EXTRAPUTTY-TFTP-DENIAL-OF-SERVICE.txt + ISR: ApparitionSec Vendor: ================== www.extraputty.com Product:...

5CVSS7.6AI score0.05949EPSS
Exploits5
exploitpack
exploitpack
added 2017/03/03 12:0 a.m.34 views

pfSense 2.3.2 - Cross-Site Scripting Cross-Site Request Forgery

pfSense 2.3.2 - Cross-Site Scripting Cross-Site Request Forgery Exploit Title: pfSense 2.3.2 XSS - CSRF-bypass & Reverse-root-shell Date: 01/03/2017 Author: Yann CAM @ASafety / Synetis Vendor or Software Link: www.pfsense.org Version: 2.3.2 Category: XSS, CSRF-bypass and Remote root reverse-shell...

0.7AI score
Exploits0
exploitpack
exploitpack
added 2017/02/24 12:0 a.m.34 views

Joomla! Component GPS Tools 4.0.1 - SQL Injection

Joomla! Component GPS Tools 4.0.1 - SQL Injection Exploit Title: Joomla! Component GPS Tools v4.0.1 - SQL Injection Google Dork: inurl:index.php?option=comgpstools Date: 24.02.2017 Vendor Homepage: http://corejoomla.com/ Software Buy:...

0.2AI score
Exploits0
exploitpack
exploitpack
added 2017/02/14 12:0 a.m.34 views

Google Android - android.util.MemoryIntArray Ashmem Race Conditions

Google Android - android.util.MemoryIntArray Ashmem Race Conditions Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1002 The MemoryIntArray class allows processes to share an in-memory array of integers by transferring an ashmem file descriptor. As the class implements the...

0.6AI score
Exploits0
exploitpack
exploitpack
added 2017/02/03 12:0 a.m.34 views

Posnic Stock Management System - SQL Injection

Posnic Stock Management System - SQL Injection --==IndiSh3LL==-- body font-family: Tahoma; color: white; background: 444444; input border : solid 2px ; border-color : black; BACKGROUND-COLOR: 444444; font: 8pt Verdana; color: white; submit BORDER: buttonhighlight 2px outset; BACKGROUND-COLOR:...

0.2AI score
Exploits0
exploitpack
exploitpack
added 2016/11/22 12:0 a.m.34 views

SAP NetWeaver AS JAVA - BC-BMT-BPM-DSK XML External Entity Injection

SAP NetWeaver AS JAVA - BC-BMT-BPM-DSK XML External Entity Injection Application: SAP NetWeaver AS JAVA Versions Affected: SAP NetWeaver AS JAVA 7.5 Vendor URL: SAP Bugs: XXE Reported: 09.03.2016 Vendor response: 10.03.2016 Date of Public Advisory: 09.08.2016 Reference: SAP Security Note 2296909...

0.3AI score
Exploits0
exploitpack
exploitpack
added 2016/11/20 12:0 a.m.34 views

ScriptCase 8.1.053 - Multiple Vulnerabilities

ScriptCase 8.1.053 - Multiple Vulnerabilities + Credits: hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/SCRIPTCASE-PHP-WEB-TOOL-MULTIPLE-VULNERABILITIES.txt + ISR: ApparitionSec Vendor: ================== www.scriptcase.net Product:...

0.5AI score
Exploits0
exploitpack
exploitpack
added 2016/11/08 12:0 a.m.34 views

WordPress Plugin WassUp Real Time Analytics 1.9 - Persistent Cross-Site Scripting

WordPress Plugin WassUp Real Time Analytics 1.9 - Persistent Cross-Site Scripting Source: https://sumofpwn.nl/advisory/2016/persistentcrosssitescriptinginwassuprealtimeanalyticswordpressplugin.html Persistent Cross-Site Scripting in WassUp Real Time Analytics WordPress Plugin Abstract A stored...

6.7AI score
Exploits0
exploitpack
exploitpack
added 2016/10/28 12:0 a.m.34 views

InfraPower PPS-02-S Q213V1 - Hard-Coded Credentials

InfraPower PPS-02-S Q213V1 - Hard-Coded Credentials InfraPower PPS-02-S Q213V1 Hard-coded Credentials Remote Root Access Vendor: Austin Hughes Electronics Ltd. Product web page: http://www.austin-hughes.com Affected version: Q213V1 Firmware: V2395S Fixed version: Q216V3 Firmware: IPD-02-FW-v03...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2016/10/28 12:0 a.m.34 views

InfraPower PPS-02-S Q213V1 - Cross-Site Request Forgery

InfraPower PPS-02-S Q213V1 - Cross-Site Request Forgery InfraPower PPS-02-S Q213V1 Cross-Site Request Forgery Vendor: Austin Hughes Electronics Ltd. Product web page: http://www.austin-hughes.com Affected version: Q213V1 Firmware: V2395S Summary: InfraPower Manager PPS-02-S is a FREE built-in GUI...

0.5AI score
Exploits0
exploitpack
exploitpack
added 2016/10/27 12:0 a.m.34 views

CherryTree 0.36.9 - Memory Corruption (PoC)

CherryTree 0.36.9 - Memory Corruption PoC !/usr/bin/python CherryTree 0.36.9 - Memory Corruption PoC by n30m1nd Date: 2016-10-27 PoC Author: n30m1nd Vendor Homepage: http://www.giuspen.com/cherrytree/ Software Link: http://www.giuspen.com/software/cherrytree0.36.9setup.exe Version: Affects all...

0.4AI score
Exploits0
exploitpack
exploitpack
added 2016/10/20 12:0 a.m.34 views

Microsoft Windows EdgeInternet Explorer - Isolated Private Namespace Insecure DACL Privilege Escalation (MS16-118)

Microsoft Windows EdgeInternet Explorer - Isolated Private Namespace Insecure DACL Privilege Escalation MS16-118 / Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=879 Windows: Edge/IE Isolated Private Namespace Insecure DACL EoP Platform: Windows 10 10586, Edge 25.10586.0.0 not...

0.4AI score
Exploits0
exploitpack
exploitpack
added 2016/08/11 12:0 a.m.34 views

SquirrelMail 1.4.7 - Arbitrary Variable Overwrite

SquirrelMail 1.4.7 - Arbitrary Variable Overwrite SquirrelMail Arbitrary Variable Overwrite Vendor: SquirrelMail Product: SquirrelMail Version: = 1.4.7 Website: http://www.squirrelmail.org BID: 19486 CVE: CVE-2006-4019 OSVDB: 27917 SECUNIA: 21354 Description: SquirrelMail is a standards-based...

6.4CVSS1AI score0.09234EPSS
Exploits4
exploitpack
exploitpack
added 2016/07/04 12:0 a.m.34 views

Ktools Photostore 4.7.5 - Multiple Vulnerabilities

Ktools Photostore 4.7.5 - Multiple Vulnerabilities -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Ktools Photostore = 4.7.5 Multiple Vulnerabilities Bug discovered by Yakir Wizman Date 01/07/2016 Affected versions prior to 4.7.5 Vendor Homepage - http://www.ktools.net...

0.2AI score
Exploits0
exploitpack
exploitpack
added 2016/06/21 12:0 a.m.34 views

Microsoft Internet Explorer 11 - Garbage Collector Attribute Type Confusion (MS16-063)

Microsoft Internet Explorer 11 - Garbage Collector Attribute Type Confusion MS16-063 !-- CVE-2016-0199 / MS16-063: MSIE 11 garbage collector attribute type confusion ============================================================================ This information is available in an easier to read...

9.3CVSS0.2AI score0.50996EPSS
Exploits5
exploitpack
exploitpack
added 2016/05/19 12:0 a.m.34 views

VirIT Explorer Lite Pro 8.1.68 - Local Privilege Escalation

VirIT Explorer Lite Pro 8.1.68 - Local Privilege Escalation / Full title: VirIT Explorer Lite & Pro v.8.1.68 Local Privilege Escalation System/Arbitrary Code Execution Exploit Author: Paolo Stagno - [email protected] Vendor Homepage: http://www.tgsoft.it Version: VirIT Explorer Lite & Pro...

0.5AI score
Exploits0
exploitpack
exploitpack
added 2016/05/11 12:0 a.m.34 views

Intuit QuickBooks Desktop 2007 2016 - Arbitrary Code Execution

Intuit QuickBooks Desktop 2007 2016 - Arbitrary Code Execution + Credits: Maxim Tomashevich from Thegrideon Software + Website: https://www.thegrideon.com/ + Details: https://www.thegrideon.com/qb-internals-sql.html Vendor: --------------------- www.intuit.com www.intuit.ca www.intuit.co.uk...

0.2AI score
Exploits0
exploitpack
exploitpack
added 2016/04/06 12:0 a.m.34 views

Asbru Web Content Management System 9.2.7 - Multiple Vulnerabilities

Asbru Web Content Management System 9.2.7 - Multiple Vulnerabilities Asbru Web Content Management System v9.2.7 Multiple Vulnerabilities Vendor: Asbru Ltd. Product web page: http://www.asbrusoft.com Affected version: 9.2.7 Summary: Ready to use, full-featured, database-driven web content...

0.2AI score
Exploits0
exploitpack
exploitpack
added 2016/03/23 12:0 a.m.34 views

Comodo - Integer Overflow Leading to Heap Overflow in Win32 Emulation

Comodo - Integer Overflow Leading to Heap Overflow in Win32 Emulation Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=738 A major component of Comodo Antivirus is the x86 emulator, which includes a number of shims for win32 API routines so that common API calls work in emulated...

0.2AI score
Exploits0
exploitpack
exploitpack
added 2016/03/05 12:0 a.m.34 views

PHPLib 7.4 - SQL Injection

PHPLib 7.4 - SQL Injection PHPLib SQL Injection Vendor: PHPLib Product: PHPLib Version: newid=true; $this-name = $this-cookiename==""?$this-classname:$this-cookiename; if "" == $id $this-newid=false; switch $this-mode case "get": $id = isset$HTTPGETVARS$this-name ?...

7.5CVSS0.3AI score0.03462EPSS
Exploits3
exploitpack
exploitpack
added 2016/02/26 12:0 a.m.34 views

Microsoft Windows - NetAPI32.dll Code Execution (Python) (MS08-067)

Microsoft Windows - NetAPI32.dll Code Execution Python MS08-067 import struct import time import sys from threading import Thread Thread is imported incase you would like to modify try: from impacket import smb from impacket import uuid from impacket import dcerpc from impacket.dcerpc.v5 import...

7.8AI score
Exploits0
exploitpack
exploitpack
added 2016/01/25 12:0 a.m.34 views

pfSense Firewall 2.2.5 - Config File Cross-Site Request Forgery

pfSense Firewall 2.2.5 - Config File Cross-Site Request Forgery function submitRequest var xhr = new XMLHttpRequest; xhr.open"POST", "https://192.168.0.103/diagbackup.php", true; xhr.setRequestHeader"Accept", "text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8";...

Exploits0
exploitpack
exploitpack
added 2015/12/15 12:0 a.m.34 views

IBM Tivoli Storage Manager FastBack Server 5.5.4.2 - Invalid Pointer Dereference

IBM Tivoli Storage Manager FastBack Server 5.5.4.2 - Invalid Pointer Dereference !/usr/bin/python Title: IBM Tivoli Storage Manager FastBack Server 5.5.4.2 Invalid Pointer Dereference Date: 14 December 2015 Author: Gianni Gnesa gnix Vendor Homepage: http://www.ibm.com/ Software Name: IBM Tivoli...

0.3AI score
Exploits0
exploitpack
exploitpack
added 2015/12/08 12:0 a.m.34 views

iniNet SpiderControl PLC Editor Simatic 6.30.04 - Insecure File Permissions

iniNet SpiderControl PLC Editor Simatic 6.30.04 - Insecure File Permissions iniNet SpiderControl PLC Editor Simatic 6.30.04 Insecure File Permissions Vendor: iniNet Solutions GmbH Product web page: http://www.spidercontrol.net Affected version: 6.30.04 Build 6300400 Summary: Modular and automated...

0.2AI score
Exploits0
exploitpack
exploitpack
added 2015/12/08 12:0 a.m.34 views

PHP Utility Belt - Remote Code Execution

PHP Utility Belt - Remote Code Execution Exploit Title : PHP utility belt Remote Code Execution vulnerability Author : WICS Date : 8/12/2015 Software Link : https://github.com/mboynes/php-utility-belt Overview: PHP utility belt is a set of tools for PHP developers. Install in a browser-accessible...

Exploits0
exploitpack
exploitpack
added 2015/12/04 12:0 a.m.34 views

WordPress Plugin Advanced uploader 2.10 - Multiple Vulnerabilities

WordPress Plugin Advanced uploader 2.10 - Multiple Vulnerabilities ----------------------------------------- 0-DAY Aint DIE | No Priv8 | KedAns-Dz ----------------------------------------- ---------------------------- K |................| . h |.......................| A a |..........................

0.6AI score
Exploits0
exploitpack
exploitpack
added 2015/12/02 12:0 a.m.34 views

Acunetix WVS 10 - Local Privilege Escalation

Acunetix WVS 10 - Local Privilege Escalation ''' ======================================================================== Acunetix WVS 10 - from guest to Sytem Local privilege escalation CVE: CVE-2015-4027 Author: me Daniele Linguaglossa Affected Product: Acunetix WVS 10 Exploit: Local privilege...

7.2CVSS0.4AI score0.01158EPSS
Exploits5
exploitpack
exploitpack
added 2015/12/01 12:0 a.m.34 views

RHEL 7.07.1 - abrtsosreport Local Privilege Escalation

RHEL 7.07.1 - abrtsosreport Local Privilege Escalation !/usr/bin/python CVE-2015-5287 ? abrt/sosreport RHEL 7.0/7.1 local root rebel 09/2015 user@localhost $ python sosreport-rhel7.py crashing pid 19143 waiting for dump directory dump directory: /var/tmp/abrt/ccpp-2015-11-30-19:41:13-19143 waitin...

6.9CVSS0.03296EPSS
Exploits17
exploitpack
exploitpack
added 2015/11/16 12:0 a.m.34 views

D-Link DIR-866L - Multiple Buffer Overflow Vulnerabilities

D-Link DIR-866L - Multiple Buffer Overflow Vulnerabilities Advisory Information Title: DIR-866L Buffer overflows in HNAP and send email functionalities Vendors contacted: William Brown , Patrick Cline [email protected] CVE: None Note: All these security issues have been discussed with...

7.6AI score
Exploits0
exploitpack
exploitpack
added 2015/11/07 12:0 a.m.34 views

eBay Magento CE 1.9.2.1 - Unrestricted Cron Script (Code Execution Denial of Service)

eBay Magento CE 1.9.2.1 - Unrestricted Cron Script Code Execution Denial of Service Exploit Title: eBay Magento CE = 1.9.2.1 Unrestricted Cron Script Potential Code Execution / DoS Date: 06.11.2015 Exploit Author: Dawid Golunski Vendor Homepage: http://magento.com Version: eBay Magento CE = 1.9.2...

0.3AI score
Exploits0
exploitpack
exploitpack
added 2015/10/23 12:0 a.m.34 views

Joomla! Component Realtyna RPL 8.9.2 - Persistent Cross-Site Scripting Cross-Site Request Forgery

Joomla! Component Realtyna RPL 8.9.2 - Persistent Cross-Site Scripting Cross-Site Request Forgery Realtyna RPL 8.9.2 Joomla Extension Persistent XSS And CSRF Vulnerabilities Vendor: Realtyna LLC Product web page: https://www.realtyna.com Affected version: 8.9.2 Summary: Realtyna CRM Client...

6.8CVSS0.03061EPSS
Exploits6
exploitpack
exploitpack
added 2015/10/13 12:0 a.m.34 views

F5 Big-IP 10.2.4 Build 595.0 Hotfix HF3 - Directory Traversal

F5 Big-IP 10.2.4 Build 595.0 Hotfix HF3 - Directory Traversal Exploit Title: F5 BigIP File Path Traversal Vulnerability Discovered by: Karn Ganeshen Reported on: April 27, 2015 New version released on: September 01, 2015 Vendor Homepage: www.f5.com Version Reported: F5 BIG-IP 10.2.4 Build 595.0...

4CVSS0.1AI score0.06756EPSS
Exploits5
exploitpack
exploitpack
added 2015/09/14 12:0 a.m.34 views

ManageEngine OpManager 11.5 - Multiple Vulnerabilities

ManageEngine OpManager 11.5 - Multiple Vulnerabilities Exploit Title: ManageEngine OpManager multiple vulnerabilities Product: ManageEngine OpManager Vulnerable Versions: v11.5 and previous versions Tested Version: v11.5 Windows Advisory Publication: 14/09/2015 Vulnerability Type: hardcoded...

0.1AI score
Exploits0
exploitpack
exploitpack
added 2015/09/11 12:0 a.m.34 views

OpenLDAP 2.4.42 - ber_get_next Denial of Service

OpenLDAP 2.4.42 - bergetnext Denial of Service Exploit Title: OpenLDAP 2.4.42 bergetnext DOS Date: 11/09/15 Exploit Author: Denis Andzakovic - Security-Assessment.com Vendor Homepage: http://www.openldap.org/ Software Link: ftp://ftp.openldap.org/pub/OpenLDAP/openldap-release/openldap-2.4.42.tgz...

7.3AI score
Exploits0
exploitpack
exploitpack
added 2015/08/19 12:0 a.m.34 views

Adobe Flash - Heap Buffer Overflow Loading .FLV File with Nellymoser Audio Codec

Adobe Flash - Heap Buffer Overflow Loading .FLV File with Nellymoser Audio Codec Source: https://code.google.com/p/google-security-research/issues/detail?id=425&can=1&q=label%3AProduct-Flash%20modified-after%3A2015%2F8%2F17&sort=id To reproduce, host the attached files appropriately and:...

10CVSS1AI score0.7983EPSS
Exploits6
exploitpack
exploitpack
added 2015/06/30 12:0 a.m.34 views

Watchguard XCS 10.0 - Multiple Vulnerabilities

Watchguard XCS 10.0 - Multiple Vulnerabilities , , . '.' '. ', . , '. , .', , / / / \ \ ==/ /\ \ / / \ / \ / / | \ \ Y Y \ / /| / \ /||| / / /.-. / /:wq x.0 '=.|w|.=' =''"''=. presents.. Watchguard XCS Multiple Vulnerabilities Affected versions: Watchguard XCS =10.0 PDF:...

0.4AI score
Exploits0
exploitpack
exploitpack
added 2015/06/26 12:0 a.m.34 views

Koha 3.20.1 - Multiple SQL Injections

Koha 3.20.1 - Multiple SQL Injections Exploit Title: Koha Open Source ILS - Unauthenticated SQL Injection in OPAC Google Dork: Date: 25/06/2015 Exploit Author: Raschin Tavakoli, Bernhard Garn, Peter Aufner and Dimitris Simos - Combinatorial Security Testing Group of SBA Research...

7.5CVSS0.3AI score0.06022EPSS
Exploits8
exploitpack
exploitpack
added 2015/06/16 12:0 a.m.34 views

Apexis IP CAM - Information Disclosure

Apexis IP CAM - Information Disclosure Exploit Title: Apexis IP CAM - Full Info Disclosure Google Dork: inurl:"getstatus.cgi"cgi-bin/ Date: 01/06/2015 Exploit Author: Sunplace Solutions - Soluciones Informáticas - RE Remoteexecution.net Vendor Homepage: http://www.apexis.com.cn/ Tested on: Linux...

7.2AI score
Exploits0
exploitpack
exploitpack
added 2015/06/15 12:0 a.m.34 views

Cisco AnyConnect Secure Mobility 2.x3.x4.x - Client Denial of Service (PoC)

Cisco AnyConnect Secure Mobility 2.x3.x4.x - Client Denial of Service PoC !-- Cisco AnyConnect Secure Mobility Client Remote Command Execution Vendor: Cisco Systems, Inc. Product web page: http://www.cisco.com Affected version: 2.x 3.0 3.0.0A90 3.1.0472 3.1.05187 3.1.06073 3.1.06078 3.1.06079...

0.2AI score
Exploits0
exploitpack
exploitpack
added 2015/04/17 12:0 a.m.34 views

Oracle Hyperion Smart View for Office 11.1.2.3.000 - Crash (PoC)

Oracle Hyperion Smart View for Office 11.1.2.3.000 - Crash PoC Exploit Title: Buffer Overflow in Oracle� Hyperion Smart View for Office DOS Exploit Author: sajith Vendor Homepage: http://oracle.com vulnerable Version: Fusion Edition 11.1.2.3.000 Build 157 Vulnerable Link:...

4.6CVSS0.3AI score0.0107EPSS
Exploits5
exploitpack
exploitpack
added 2015/03/04 12:0 a.m.34 views

Linux Kernel 3.16.3 - Associative Array Garbage Collection Crash (PoC)

Linux Kernel 3.16.3 - Associative Array Garbage Collection Crash PoC / ---------------------------------------------------------------------------------------------------- cve-2014-3631poc.c The assocarraygc function in the associative-array implementation in lib/assocarray.c in the Linux kernel...

7.2CVSS0.7AI score0.00963EPSS
Exploits4
exploitpack
exploitpack
added 2015/02/12 12:0 a.m.34 views

Exponent CMS 2.3.1 - Multiple Cross-Site Scripting Vulnerabilities

Exponent CMS 2.3.1 - Multiple Cross-Site Scripting Vulnerabilities Exploit Title: Multiple Exponent CMS Cross-Site Scripting Vulnerabilies Discovered by- Mayuresh Dani [email protected] Narendra Shinde [email protected] Vendor Homepage: http://www.exponentcms.org/ Software Link:...

4.3CVSS0.5AI score0.03954EPSS
Exploits5
exploitpack
exploitpack
added 2015/01/05 7:10 p.m.34 views

VideoSpirit-Pro-1.68

"VideoSpirit Pro is the most easily used Video Converter/Editor tools. For acting as a Video Editor, various slide effect/title/subtitle can be added to a video clip. Also, the video clip can be rotated, resized and warped. Multiple video/audio clips can be joined together. Converting speed is fa...

Exploits0
exploitpack
exploitpack
added 2015/01/01 12:0 a.m.34 views

PhotoPost Classifieds 2.01 - Multiple Vulnerabilities

PhotoPost Classifieds 2.01 - Multiple Vulnerabilities PhotoPost Classifieds Multiple Vulnerabilities Vendor: All Enthusiast, Inc. Product: PhotoPost Classifieds Version: = 2.01 Website: http://www.photopost.com/class/ BID: 12156 OSVDB: 12728 12729 12730 12731 12732 12733 12734 12735 12736 12737...

0.2AI score
Exploits0
exploitpack
exploitpack
added 2014/11/11 12:0 a.m.34 views

WordPress Plugin Photo Gallery 1.2.5 - Unrestricted Arbitrary File Upload

WordPress Plugin Photo Gallery 1.2.5 - Unrestricted Arbitrary File Upload Exploit Title: Photo Gallery 1.2.5 Unrestricted File Upload Date: 11-11-2014 Software Link: https://wordpress.org/plugins/photo-gallery/ Exploit Author: Kacper Szurek Contact: http://twitter.com/KacperSzurek Website:...

6.5CVSS0.7AI score0.45354EPSS
Exploits7
exploitpack
exploitpack
added 2014/09/25 12:0 a.m.34 views

Cart Engine 3.0 - Multiple Vulnerabilities

Cart Engine 3.0 - Multiple Vulnerabilities === Details === Quantum Leap Advisory: http://www.quantumleap.it/cart-engine-3-0-multiple-vulnerabilities-sql-injection-reflected-xss-open-redirect/ Affected Product: Cart Engine Version: 3.0 === Executive Summary === SQL Injection: Using a specially...

0.4AI score
Exploits0
exploitpack
exploitpack
added 2014/08/25 12:0 a.m.34 views

ManageEngine Password Manager - MetadataServlet.dat SQL Injection (Metasploit)

ManageEngine Password Manager - MetadataServlet.dat SQL Injection Metasploit This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' require 'msf/core/exploit/filedropper' class Metasploit3 "ManageEngine...

0.8AI score0.35547EPSS
Exploits12
exploitpack
exploitpack
added 2014/08/09 12:0 a.m.34 views

SHARP MX Series - Denial of Service

SHARP MX Series - Denial of Service Exploit Title: SHARP MX Series - Denial Of Service Date: 08/08/2014 Exploit Author: pws Vendor Homepage: Sharp Printers Firmware Link: Not found Tested on: Latest version Shodan d0rk: "SHARP Telnet server" 4000 devices CVE : None yet $ python -c 'print "A"200 +...

0.9AI score
Exploits0
exploitpack
exploitpack
added 2014/07/18 12:0 a.m.34 views

Barracuda Networks Message Archiver 650 - Persistent Cross-Site Scripting

Barracuda Networks Message Archiver 650 - Persistent Cross-Site Scripting Document Title: =============== Barracuda Networks Message Archiver 650 - Persistent Input Validation Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=751...

0.2AI score
Exploits0
Total number of security vulnerabilities5000