Lucene search
K
ExploitpackMost viewed

41207 matches found

exploitpack
exploitpack
added 2000/04/24 12:0 a.m.34 views

RedHat 6.2 Piranha Virtual Server Package - Default Account and Password

RedHat 6.2 Piranha Virtual Server Package - Default Account and Password source: https://www.securityfocus.com/bid/1148/info A default username and password has been discovered in the Piranha virtual server and load balancing package from RedHat. Version 0.4.12 of the piranha-gui program contains...

0.5AI score
Exploits0
exploitpack
exploitpack
added 2000/02/26 12:0 a.m.34 views

Trend Micro OfficeScan Corporate Edition 3.03.53.113.13 - Denial of Service

Trend Micro OfficeScan Corporate Edition 3.03.53.113.13 - Denial of Service source: https://www.securityfocus.com/bid/1013/info Trend Micro OfficeScan is an antivirus software program which is deployable across an entire network. During the installation of the management software, the administrat...

Exploits0
exploitpack
exploitpack
added 2000/01/01 12:0 a.m.34 views

Phorum 3.0.7 - violation.php3 Arbitrary Email Relay

Phorum 3.0.7 - violation.php3 Arbitrary Email Relay source: https://www.securityfocus.com/bid/2272/info Phorum is a freely available, open source package originally written by Brian Moon. The package is designed to add enhanced features to a web page, allowing users to interact through bulletin...

7.4AI score
Exploits0
exploitpack
exploitpack
added 1999/12/29 12:0 a.m.34 views

Majordomo 1.94.41.94.5 - Local -C Parameter (2)

Majordomo 1.94.41.94.5 - Local -C Parameter 2 // source: https://www.securityfocus.com/bid/903/info It is possible for a local user to gain majordomo privileges through a vulnerability which allows privileged arbitrary commands to be executed. If the -C parameter is passed to majordomo or one of...

0.4AI score
Exploits0
exploitpack
exploitpack
added 1999/11/08 12:0 a.m.34 views

Microsoft Internet Explorer 4.x5 Outlook 2000 098 0Express 4.x - ActiveX .CAB File Execution

Microsoft Internet Explorer 4.x5 Outlook 2000 098 0Express 4.x - ActiveX .CAB File Execution Microsoft Internet Explorer 4.0 for Windows 95/Windows NT 4,Internet Explorer 4.1 for Windows 95/Windows 98/Windows NT 4,Internet Explorer 5.0 for Windows 2000/Windows 95/Windows 98/Windows NT 4,Internet...

7.5AI score
Exploits0
exploitpack
exploitpack
added 1999/08/30 12:0 a.m.34 views

BSDOS 3.14.0.1 FreeBSD 3.03.13.2 RedHat Linux 6.0 - amd Remote Buffer Overflow (2)

BSDOS 3.14.0.1 FreeBSD 3.03.13.2 RedHat Linux 6.0 - amd Remote Buffer Overflow 2 // source: https://www.securityfocus.com/bid/614/info There is a remotely exploitable buffer overflow condition in the amd daemon under several operating systems. Amd is a daemon that automatically mounts filesystems...

0.7AI score
Exploits0
exploitpack
exploitpack
added 1997/11/20 12:0 a.m.34 views

FreeBSD 2.x HP-UX 91011 Kernel 2.0.3 Windows NT 4.0Server 2003 NetBSD 1 - land.c loopback Denial of Service (2)

FreeBSD 2.x HP-UX 91011 Kernel 2.0.3 Windows NT 4.0Server 2003 NetBSD 1 - land.c loopback Denial of Service 2 source: https://www.securityfocus.com/bid/2666/info A number of TCP/IP stacks are vulnerable to a "loopback" condition initiated by sending a TCP SYN packet with the source address and po...

Exploits0
exploitpack
exploitpack
added 2020/02/25 12:0 a.m.33 views

Odin Secure FTP Expert 7.6.3 - Denial of Service (PoC)

Odin Secure FTP Expert 7.6.3 - Denial of Service PoC Exploit Title : Odin Secure FTP Expert 7.6.3 - Denial of Service PoC Exploit Author : Berat Isler Date : 2020-02-25 Vendor Homepage : https://odin-secure-ftp-expert.jaleco.com/ Software Link Download :...

7.3AI score
Exploits0
exploitpack
exploitpack
added 2020/02/17 12:0 a.m.33 views

SOPlanning 1.45 - by SQL Injection

SOPlanning 1.45 - by SQL Injection Exploit Title: SOPlanning 1.45 - 'by' SQL Injection Date: 2020-02-14 Exploit Author: J3rryBl4nks Vendor Homepage: https://www.soplanning.org/en/ Software Link: https://sourceforge.net/projects/soplanning/files/soplanning/ Version 1.45 Tested on Windows 10/Kali...

Exploits0
exploitpack
exploitpack
added 2020/02/17 12:0 a.m.33 views

Wordpress Plugin Strong Testimonials 2.40.1 - Persistent Cross-Site Scripting

Wordpress Plugin Strong Testimonials 2.40.1 - Persistent Cross-Site Scripting Exploit Title: Wordpress Plugin Strong Testimonials 2.40.0 - Persistent Cross-Site Scripting Date: 2020-01-23 Vendor Homepage: https://strongtestimonials.com Vendor Changelog:...

4.3CVSS6.1AI score0.01879EPSS
Exploits5
exploitpack
exploitpack
added 2020/02/14 12:0 a.m.33 views

phpMyChat Plus 1.98 - pmc_username SQL Injection

phpMyChat Plus 1.98 - pmcusername SQL Injection Title: phpMyChat Plus 1.98 - 'pmcusername' SQL Injection Date: 2020-02-13 Exploit Author: J3rryBl4nks Vendor Homepage: http://ciprianmp.com/latest/ Software Link: https://sourceforge.net/projects/phpmychat/files/phpMyChatPlus/ Version MyChat Plus 1....

0.1AI score
Exploits0
exploitpack
exploitpack
added 2020/02/03 12:0 a.m.33 views

Cacti 1.2.8 - Authenticated Remote Code Execution

Cacti 1.2.8 - Authenticated Remote Code Execution !/usr/bin/python3 Exploit Title: Cacti v1.2.8 Remote Code Execution Date: 03/02/2020 Exploit Author: Askar @mohammadaskar2 CVE: CVE-2020-8813 Vendor Homepage: https://cacti.net/ Version: v1.2.8 Tested on: CentOS 7.3 / PHP 7.1.33 import requests...

9.3CVSS0.6AI score0.73779EPSS
Exploits24
exploitpack
exploitpack
added 2020/01/14 12:0 a.m.33 views

IBM RICOH InfoPrint 6500 Printer - HTML Injection

IBM RICOH InfoPrint 6500 Printer - HTML Injection Exploit Title: IBM RICOH InfoPrint 6500 Printer - HTML Injection Date: 2020-01-02 Exploit Author: Ismail Tasdelen Vendor Homepage: https://www.ibm.com/il-en Hardware Link:...

7.6AI score
Exploits0
exploitpack
exploitpack
added 2019/11/26 12:0 a.m.33 views

InduSoft Web Studio 8.1 SP1 - _Atributos_ Denial of Service (PoC)

InduSoft Web Studio 8.1 SP1 - Atributos Denial of Service PoC Exploit Title: InduSoft Web Studio 8.1 SP1 - "Atributos" Denial of Service PoC Discovery by: chuyreds Discovery Date: 2019-11-23 Vendor Homepage: http://www.indusoft.com/ Software Link : http://www.indusoft.com/Products-Downloads Teste...

0.1AI score
Exploits0
exploitpack
exploitpack
added 2019/11/18 12:0 a.m.33 views

ASUS HM Com Service 1.00.31 - asHMComSvc Unquoted Service Path

ASUS HM Com Service 1.00.31 - asHMComSvc Unquoted Service Path Exploit Title: ASUS HM Com Service 1.00.31 - 'asHMComSvc' Unquoted Service Path Date: 2019-11-16 Exploit Author : Olimpia Saucedo Vendor Homepage: www.asus.com Version: 1.00.31 Tested on: Windows 10 Pro x64 but it should works on all...

0.1AI score
Exploits0
exploitpack
exploitpack
added 2019/10/30 12:0 a.m.33 views

Ajenti 2.1.31 - Remote Code Exection (Metasploit)

Ajenti 2.1.31 - Remote Code Exection Metasploit Exploit Title: Ajenti 2.1.31 - Remote Code Exection Metasploit Date: 2019-10-29 Exploit Author: Onur ER Vendor Homepage: http://ajenti.org/ Software Link: https://github.com/ajenti/ajenti Version: 2.1.31 Tested on: Ubuntu 19.10 This module requires...

Exploits0
exploitpack
exploitpack
added 2019/10/29 12:0 a.m.33 views

rConfig 3.9.2 - Remote Code Execution

rConfig 3.9.2 - Remote Code Execution Exploit Title: rConfig 3.9.2 - Remote Code Execution Date: 2019-09-18 Exploit Author: Askar Vendor Homepage: https://rconfig.com/ Software link: https://rconfig.com/download Version: v3.9.2 Tested on: CentOS 7.7 / PHP 7.2.22 CVE : CVE-2019-16662...

10CVSS9.8AI score0.97702EPSS
Exploits10
exploitpack
exploitpack
added 2019/10/07 12:0 a.m.33 views

ASX to MP3 converter 3.1.3.7 - .asx Local Stack Overflow (DEP)

ASX to MP3 converter 3.1.3.7 - .asx Local Stack Overflow DEP Exploit Title: ASX to MP3 converter 3.1.3.7 - '.asx' Local Stack Overflow DEP Google Dork: N/A Date: 2019-10-06 Exploit Author: max7253 Vendor Homepage: http://www.mini-stream.net/ Software Link:...

0.3AI score
Exploits0
exploitpack
exploitpack
added 2019/10/03 12:0 a.m.33 views

PHP 7.0 7.3 (Unix) - gc disable_functions Bypass

PHP 7.0 7.3 Unix - gc disablefunctions Bypass = 0; $j-- $address = 8; return $out; function write&$str, $p, $v, $n = 8 $i = 0; for$i = 0; $i = 8; function leak$addr, $p = 0, $s = 8 global $abc, $helper; write$abc, 0x68, $addr + $p - 0x10; $leak = strlen$helper-a; if$s != 8 $leak %= 2 $s 8 - 1;...

0.2AI score
Exploits0
exploitpack
exploitpack
added 2019/09/24 12:0 a.m.33 views

iMessage - Decoding NSSharedKeyDictionary Can Read Object Out of Bounds

iMessage - Decoding NSSharedKeyDictionary Can Read Object Out of Bounds When an NSKeyedUnarchiver decodes an object, it first allocates the object using allocWithZone, and then puts the object into a dictionary for temporary objects. It then calls the appropriate initWithCoder: on the allocated...

0.5AI score
Exploits0
exploitpack
exploitpack
added 2019/09/02 12:0 a.m.33 views

Alkacon OpenCMS 10.5.x - Cross-Site Scripting (2)

Alkacon OpenCMS 10.5.x - Cross-Site Scripting 2 Exploit Title: Alkacon OpenCMS 10.5.x - Multiple XSS in Alkacon OpenCms Site Management Google Dork: N/A Date: 18/07/2019 Exploit Author: Aetsu Vendor Homepage: http://www.opencms.org Software Link: https://github.com/alkacon/opencms-core Version:...

4.3CVSS6.1AI score0.03114EPSS
Exploits5
exploitpack
exploitpack
added 2019/08/27 12:0 a.m.33 views

Tableau - XML External Entity

Tableau - XML External Entity Exploit Title: Tableau XXE Google Dork: N/A Date: Reported to vendor July 2019, fix released August 2019. Exploit Author: Jarad Kopf Vendor Homepage: https://www.tableau.com/ Software Link: Tableau Desktop downloads: https://www.tableau.com/products/desktop/download...

5.5CVSS0.14314EPSS
Exploits5
exploitpack
exploitpack
added 2019/08/14 12:0 a.m.33 views

Windows PowerShell - Unsanitized Filename Command Execution

Windows PowerShell - Unsanitized Filename Command Execution ''' + Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/MICROSOFT-WINDOWS-POWERSHELL-UNSANITIZED-FILENAME-COMMAND-EXECUTION.txt + ISR: Apparition Security Vendor...

Exploits0
exploitpack
exploitpack
added 2019/07/30 12:0 a.m.33 views

macOS iOS JavaScriptCore - JSValue Use-After-Free in ValueProfiles

macOS iOS JavaScriptCore - JSValue Use-After-Free in ValueProfiles While fuzzing JSC, I encountered the following JS program which crashes JSC from current HEAD and release /System/Library/Frameworks/JavaScriptCore.framework/Resources/jsc: // Run with --useConcurrentJIT=false...

0.1AI score
Exploits0
exploitpack
exploitpack
added 2019/07/15 12:0 a.m.33 views

FlightPath 4.8.2 5.0-rc2 - Local File Inclusion

FlightPath 4.8.2 5.0-rc2 - Local File Inclusion Exploit Title: FlightPath 4.8.2 & 5.0-rc2 - Local File Inclusion Date: 07-07-2019 Exploit Author: Mohammed Althibyani Vendor Homepage: http://getflightpath.com Software Link: http://getflightpath.com/project/9/releases Version: 4.8.2 & 5.0-rc2 Teste...

5CVSS5.4AI score0.62572EPSS
Exploits5
exploitpack
exploitpack
added 2019/07/10 12:0 a.m.33 views

Microsoft DirectWrite AFDKO - Heap-Based Buffer Overflow in OpenType Font Handling in readCharset

Microsoft DirectWrite AFDKO - Heap-Based Buffer Overflow in OpenType Font Handling in readCharset -----===== Background =====----- AFDKO Adobe Font Development Kit for OpenType is a set of tools for examining, modifying and building fonts. The core part of this toolset is a font handling library...

0.4AI score
Exploits0
exploitpack
exploitpack
added 2019/06/25 12:0 a.m.33 views

WordPress Plugin iLive 1.0.4 - Cross-Site Scripting

WordPress Plugin iLive 1.0.4 - Cross-Site Scripting Exploit Title: iLive - Intelligent WordPress Live Chat Support Plugin v1.0.4 Stored XSS Injection Google Dork: - Date: 2019/06/25 Exploit Author: m0ze Vendor Homepage: http://www.ilive.wpapplab.com/ Software Link:...

Exploits0
exploitpack
exploitpack
added 2019/05/21 12:0 a.m.33 views

Apple macOS 10.14.5 iOS 12.3 JavaScriptCore - Loop-Invariant Code Motion (LICM) in DFG JIT Leaves Stack Variable Uninitialized

Apple macOS 10.14.5 iOS 12.3 JavaScriptCore - Loop-Invariant Code Motion LICM in DFG JIT Leaves Stack Variable Uninitialized While fuzzing JavaScriptCore, I encountered the following modified and commented JavaScript program which crashes jsc from current HEAD and release: // Run with...

0.4AI score
Exploits0
exploitpack
exploitpack
added 2019/05/02 12:0 a.m.33 views

EPChallenge

Yet another crack me! it implements several protections for antidebugging. Objective: Find the flag to solve the crackme. // Author jsacco include include define DEBUGBREAKa ifa if IsDebuggerPresent debugbreak HINSTANCE ghInst; const wchart lpClassName = L"WinApp"; define LOCALMAXBUFFER 2048 HWND...

0.4AI score
Exploits0
exploitpack
exploitpack
added 2019/04/23 12:0 a.m.33 views

Linux - Missing Locking in Siemens R3964 Line Discipline Race Condition

Linux - Missing Locking in Siemens R3964 Line Discipline Race Condition / The Siemens R3964 line discipline code in drivers/tty/nr3964.c has a few races around its ioctl handler; for example, the handler for R3964ENABLESIGNALS just allocates and deletes elements in a linked list with zero locking...

0.2AI score
Exploits0
exploitpack
exploitpack
added 2019/04/23 12:0 a.m.33 views

Linux - page-_refcount Overflow via FUSE

Linux - page-refcount Overflow via FUSE Linux: page-refcount overflow via FUSE with 140GiB RAM usage Tested on: Debian Buster distro kernel "4.19.0-1-amd64 1 SMP Debian 4.19.12-1 2018-12-22" KVM guest with 160000MiB RAM A while back, there was some discussion about possible overflows of the...

0.5AI score
Exploits0
exploitpack
exploitpack
added 2019/03/28 12:0 a.m.33 views

BigTree 4.3.4 CMS - Multiple SQL Injection

BigTree 4.3.4 CMS - Multiple SQL Injection =========================================================================================== Exploit Title: BigTree CMS - 'parent' SQL Inj. Dork: N/A Date: 24-03-2019 Exploit Author: Mehmet EMIROGLU Vendor Homepage: https://www.bigtreecms.org/ Software...

0.1AI score
Exploits0
exploitpack
exploitpack
added 2019/03/04 12:0 a.m.33 views

FileZilla 3.40.0 - Local search Local site Denial of Service (PoC)

FileZilla 3.40.0 - Local search Local site Denial of Service PoC Exploit Title: FileZilla 3.40.0 - "Local search" Denial of Service PoC Discovery by: Mr Winst0n Discovery Date: February 20, 2019 Vendor Homepage: https://filezilla-project.org Software Link :...

7.2AI score
Exploits0
exploitpack
exploitpack
added 2019/02/13 12:0 a.m.33 views

snapd 2.37 (Ubuntu) - dirty_sock Local Privilege Escalation (1)

snapd 2.37 Ubuntu - dirtysock Local Privilege Escalation 1 !/usr/bin/env python3 """ dirtysock: Privilege Escalation in Ubuntu via snapd In January 2019, current versions of Ubuntu Linux were found to be vulnerable to local privilege escalation due to a bug in the snapd API. This repository...

0.5AI score
Exploits0
exploitpack
exploitpack
added 2019/02/11 12:0 a.m.33 views

Smoothwall Express 3.1-SP4 - Cross-Site Scripting

Smoothwall Express 3.1-SP4 - Cross-Site Scripting Exploit Title: Smoothwall Express 3.1-SP4-polar-x8664-update9 | Cross-Site Scripting Date: 06.02.2019 Exploit Author: Ozer Goker Vendor Homepage: http://www.smoothwall.org Software Link:...

0.7AI score
Exploits0
exploitpack
exploitpack
added 2019/01/31 12:0 a.m.33 views

macOS 10.14.3 iOS 12.1.3 - Kernel Heap Overflow in PF_KEY due to Lack of Bounds Checking when Retrieving Statistics

macOS 10.14.3 iOS 12.1.3 - Kernel Heap Overflow in PFKEY due to Lack of Bounds Checking when Retrieving Statistics / Inspired by Ned Williamsons's fuzzer I took a look at the netkey code. keygetsastat handles SADBGETSASTAT messages: It allocates a buffer based on the number of SAs there currently...

0.9AI score
Exploits0
exploitpack
exploitpack
added 2019/01/23 12:0 a.m.33 views

Joomla! Component vBizz 1.0.7 - Remote Code Execution

Joomla! Component vBizz 1.0.7 - Remote Code Execution Exploit Title: Joomla! Component vBizz 1.0.7 - Remote Code Execution Dork: N/A Date: 2019-01-23 Exploit Author: Ihsan Sencan Vendor Homepage: http://wdmtech.com/ Software Link:...

0.4AI score
Exploits0
exploitpack
exploitpack
added 2019/01/16 12:0 a.m.33 views

NTPsec 1.1.2 - ntp_control (Authenticated) NULL Pointer Dereference (PoC)

NTPsec 1.1.2 - ntpcontrol Authenticated NULL Pointer Dereference PoC !/usr/bin/env python Exploit Title: ntpsec 1.1.2 authenticated NULL pointer exception Proof of concept Bug Discovery: Magnus Klaaborg Stubman @magnusstubman Exploit Author: Magnus Klaaborg Stubman @magnusstubman Website:...

4CVSS6.8AI score0.14076EPSS
Exploits5
exploitpack
exploitpack
added 2018/11/26 12:0 a.m.33 views

Ticketly 1.0 - kind_id SQL Injection

Ticketly 1.0 - kindid SQL Injection Exploit Title: Ticketly 1.0 – Multiple SQL Injection Exploit Author: Javier Olmedo Website: https://hackpuntes.com Date: 2018-11-19 Google Dork: N/A Vendor: Abisoft https://abisoftgt.net Software Link:...

7.5CVSS0.4AI score0.03213EPSS
Exploits8
exploitpack
exploitpack
added 2018/11/13 12:0 a.m.33 views

Evince 3.24.0 - Command Injection

Evince 3.24.0 - Command Injection Exploit Title: evince command line injection Date: 2017-09-05 Exploit Author: Matlink Vendor Homepage: https://wiki.gnome.org/Apps/Evince Software Link: https://wiki.gnome.org/Apps/Evince Version: 3.24.0 Tested on: Debian sid CVE : CVE-2017-1000083 Can be tested ...

6.8CVSS0.1AI score0.50076EPSS
Exploits9
exploitpack
exploitpack
added 2018/10/29 12:0 a.m.33 views

Paramiko 2.4.1 - Authentication Bypass

Paramiko 2.4.1 - Authentication Bypass Exploit Title: Paramiko 2.4.1 - Authentication Bypass Date: 2018-10-27 Exploit Author: Adam Brown Vendor Homepage: https://www.paramiko.org Software Link: https://github.com/paramiko/paramiko/tree/v1.15.2 Version: 1.17.6, 1.18.x 1.18.5, 2.0.x 2.0.8, 2.1.x...

7.5CVSS0.3AI score0.27065EPSS
Exploits10
exploitpack
exploitpack
added 2018/10/17 12:0 a.m.33 views

BigTree CMS 4.2.23 - Cross-Site Scripting

BigTree CMS 4.2.23 - Cross-Site Scripting Exploit Title: BigTree CMS 4.2.23 - Cross-Site Scripting Date: 2018-10-15 Exploit Author: Ismail Tasdelen Vendor Homepage: https://www.bigtreecms.org/ Software Link : https://github.com/bigtreecms/BigTree-CMS/ Software : BigTree CMS Version : 4.2.23...

4.3CVSS6.1AI score0.03648EPSS
Exploits4
exploitpack
exploitpack
added 2018/09/25 12:0 a.m.33 views

Joomla! Component Questions 1.4.3 - SQL Injection

Joomla! Component Questions 1.4.3 - SQL Injection Exploit Title: Joomla! Component Questions 1.4.3 - SQL Injection Dork: N/A Date: 2018-09-24 Vendor Homepage: https://extensiondeveloper.com/ Software Link:...

7.5CVSS0.2AI score0.03213EPSS
Exploits5
exploitpack
exploitpack
added 2018/09/12 12:0 a.m.33 views

IBM Identity Governance and Intelligence 5.2.3.2 5.2.4 - SQL Injection

IBM Identity Governance and Intelligence 5.2.3.2 5.2.4 - SQL Injection Exploit Title: Unauthenticated Remote SQLi Date: 11/09/2018 Exploit Author: Mohamed Sayed - From SecureMisr Company Vendor Homepage: https://www-01.ibm.com/support/docview.wss?uid=ibm10728883 Version: IGI 5.2.3.2 REQUIRED Test...

5CVSS8AI score0.10599EPSS
Exploits5
exploitpack
exploitpack
added 2018/09/06 12:0 a.m.33 views

Apache Roller 5.0.3 - XML External Entity Injection (File Disclosure)

Apache Roller 5.0.3 - XML External Entity Injection File Disclosure Exploit Title: Apache Roller 5.0.3 - XML External Entity Injection File Disclosure Google Dork: intext:"apache roller weblogger version vulnerableversionnumber" Date: 2018-09-05 Exploit Author: Marko Jokic Contact:...

7.5CVSS9.8AI score0.16867EPSS
Exploits6
exploitpack
exploitpack
added 2018/07/27 12:0 a.m.33 views

Online Trade 1 - Information Disclosure

Online Trade 1 - Information Disclosure Exploit Title: Online Trade 1 - Information Disclosure Exploit Author: Dhamotharan Date: 2018-07-17 Vendor Homepage: https://codecanyon.net/item/online-trade-online-forex-and-cryptocurrency-investment-system/21987193?srank=14 CVE : CVE-2018-14328 Version: 1...

5CVSS9.5AI score0.10662EPSS
Exploits5
exploitpack
exploitpack
added 2018/07/24 12:0 a.m.33 views

Micro Focus Secure Messaging Gateway (SMG) 471 - Remote Code Execution (Metasploit)

Micro Focus Secure Messaging Gateway SMG 471 - Remote Code Execution Metasploit This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "MicroFocus Secure Messaging Gateway Remote Code Execution",...

0.80539EPSS
Exploits5
exploitpack
exploitpack
added 2018/05/23 12:0 a.m.33 views

Samsung Galaxy S7 Edge - Overflow in OMACP WbXml String Extension Processing

Samsung Galaxy S7 Edge - Overflow in OMACP WbXml String Extension Processing OMACP is a protocol supported by many mobile devices which allows them to receive provisioning information over the mobile network. One way to provision a device is via a WAP push SMS message containing provisioning...

0.2AI score
Exploits0
exploitpack
exploitpack
added 2018/05/23 12:0 a.m.33 views

Wecodex Hotel CMS 1.0 - Admin Login SQL Injection

Wecodex Hotel CMS 1.0 - Admin Login SQL Injection Exploit Title: Wecodex Hotel CMS 1.0 - 'Admin Login' SQL Injection Dork: N/A Date: 2018-05-23 Exploit Author: Özkan Mustafa Akkuş AkkuS Vendor : Wecodex Solutions Vendor Homepage:...

0.2AI score
Exploits0
exploitpack
exploitpack
added 2018/05/22 12:0 a.m.33 views

AMD ARM Intel - Speculative Execution Variant 4 Speculative Store Bypass

AMD ARM Intel - Speculative Execution Variant 4 Speculative Store Bypass / ======== Intro / Overview ======== After Michael Schwarz made some interesting observations, we started looking into variants other than the three already-known ones. I noticed that Intel's Optimization Manual says in...

0.4AI score
Exploits0
Total number of security vulnerabilities5000