Lucene search
K
ExploitpackMost viewed

41207 matches found

exploitpack
exploitpack
•added 2018/03/16 12:0 a.m.•32 views

Contec Smart Home 4.15 - Unauthorized Password Reset

Contec Smart Home 4.15 - Unauthorized Password Reset Title : Contec smart home 4.15 Unauthorized Password Reset Shodan Dork : "content/smarthome.php" Vendor Homepage : http://contec.co.il Tested on : Google Chrome Tested version : 4.15 Date : 2018-03-14 Author : Z3ro0ne Contact :...

0.4AI score
Exploits0
exploitpack
exploitpack
•added 2018/02/16 12:0 a.m.•32 views

Joomla! Component JomEstate PRO 3.7 - id SQL Injection

Joomla! Component JomEstate PRO 3.7 - id SQL Injection Exploit Title: Joomla! Component JomEstate PRO = 3.7 - SQL Injection Dork: N/A Date: 16.02.2018 Vendor Homepage: http://comdev.eu/ Software Link: https://extensions.joomla.org/extensions/extension/vertical-markets/real-estate/jomestate-pro/...

7.5CVSS0.6AI score0.02703EPSS
Exploits4
exploitpack
exploitpack
•added 2018/01/11 12:0 a.m.•32 views

Transmission - RPC DNS Rebinding

Transmission - RPC DNS Rebinding The transmission bittorrent client uses a client/server architecture, the user interface is the client and a daemon runs in the background managing the downloading, seeding, etc. Clients interact with the daemon using JSON RPC requests to a web server listening on...

7.4AI score
Exploits0
exploitpack
exploitpack
•added 2017/12/27 12:0 a.m.•32 views

SAP BusinessObjects launch pad - Server-Side Request Forgery

SAP BusinessObjects launch pad - Server-Side Request Forgery Exploit Title: SAP BusinessObjects launch pad SSRF Date: 2017-11-8 Exploit Author: Ahmad Mahfouz Category: Webapps Author Homepage: www.unixawy.com Description: Design Error in SAP BusinessObjects launch pad leads to SSRF attack...

0.8AI score
Exploits0
exploitpack
exploitpack
•added 2017/12/27 12:0 a.m.•32 views

Telesquare SKT LTE Router SDT-CS3B1 - Cross-Site Request Forgery

Telesquare SKT LTE Router SDT-CS3B1 - Cross-Site Request Forgery Telesquare SKT LTE Router SDT-CS3B1 CSRF System Command Execution Vendor: Telesquare Co., Ltd. Product web page: http://www.telesquare.co.kr Affected version: FwVer: SDT-CS3B1, sw version 1.2.0 LteVer: ML300S5XEA41090 1 0.1.0 Modem...

0.4AI score
Exploits0
exploitpack
exploitpack
•added 2017/12/01 12:0 a.m.•32 views

Socusoft Photo 2 Video Converter 8.0.0 - Local Buffer Overflow

Socusoft Photo 2 Video Converter 8.0.0 - Local Buffer Overflow Exploit Title: Socusoft Photo 2 Video Converter v8.0.0 Local Buffer Overflow Free and Professional variants Date: 01/12/2017 Exploit Author: Jason Magic ret2eax Vendor Homepage: www.socusoft.com Version: 8.0.0 Tested on: Windows Serve...

0.6AI score
Exploits0
exploitpack
exploitpack
•added 2017/11/22 12:0 a.m.•32 views

Winamp Pro 5.66.Build.3512 - Denial of Service

Winamp Pro 5.66.Build.3512 - Denial of Service ! /usr/bin/perl Exploit Title: Winamp Pro .wav|.wmv|.au|.asf|.aiff|.aif Denial of Service Date: 2017-11-22 Exploit Author: R.Yavari Version: v5.66.Build.3512 Tested on: Windows 10 , Windows 7 other version should be affected CVE-2017-16951...

4.3CVSS0.3AI score0.03235EPSS
Exploits4
exploitpack
exploitpack
•added 2017/10/30 12:0 a.m.•32 views

Job Board Script - nice_theme SQL Injection

Job Board Script - nicetheme SQL Injection Exploit Title: Job Board Script - SQL Injection Dork: N/A Date: 30.10.2017 Vendor Homepage: http://www.nicephpscripts.com/ Software http://www.nicephpscripts.com/jobboardscript.htm Demo: http://www.nicephpscripts.com/scripts/faqscript/ Version: N/A...

7.5CVSS10AI score0.02148EPSS
Exploits3
exploitpack
exploitpack
•added 2017/10/30 12:0 a.m.•32 views

Online Exam Test Application - sort SQL Injection

Online Exam Test Application - sort SQL Injection Exploit Title: Online Exam Test Application - SQL Injection Dork: N/A Date: 30.10.2017 Vendor Homepage: http://www.phpscriptsmall.com/ Software Link: http://www.exclusivescript.com/product/1z2e4672468/php-scripts/online-exam-test-application Demo:...

7.5CVSS10AI score0.02652EPSS
Exploits5
exploitpack
exploitpack
•added 2017/09/28 12:0 a.m.•32 views

Trend Micro OfficeScan 11.0XG (12.0) - Image File Execution Bypass

Trend Micro OfficeScan 11.0XG 12.0 - Image File Execution Bypass + Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/TRENDMICRO-OFFICESCAN-XG-IMAGE-FILE-EXECUTION-BYPASS.txt + ISR: ApparitionSec Vendor: ==================...

7.5AI score
Exploits0
exploitpack
exploitpack
•added 2017/09/25 12:0 a.m.•32 views

FLIR Thermal Camera FC-SPT - Command Injection

FLIR Thermal Camera FC-SPT - Command Injection FLIR Systems FLIR Thermal Camera FC-S/PT Authenticated OS Command Injection Vendor: FLIR Systems, Inc. Product web page: http://www.flir.com Affected version: Firmware version: 8.0.0.64 Software version: 10.0.2.43 Release: 1.4.1, 1.4, 1.3.4 GA, 1.3.3...

0.3AI score
Exploits0
exploitpack
exploitpack
•added 2017/09/13 12:0 a.m.•32 views

Astaro Security Gateway 7 - Remote Code Execution

Astaro Security Gateway 7 - Remote Code Execution !/usr/bin/python Astaro Security Gateway v7 - Unauthenticated Remote Code Execution Exploit Authors: Jakub Palaczynski and Maciej Grabiec Tested on versions: 7.500 and 7.506 Date: 13.12.2016 Vendor Homepage: https://www.sophos.com/ CVE:...

10CVSS0.3AI score0.16568EPSS
Exploits4
exploitpack
exploitpack
•added 2017/09/04 12:0 a.m.•32 views

Wireless Repeater BE126 - Remote Code Execution

Wireless Repeater BE126 - Remote Code Execution Exploit Title: WIFI Repeater BE126 – Remote Code Execution Date Publish: 09/09/2017 Exploit Authors: Hay Mizrachi, Omer Kaspi Contact: [email protected], [email protected] Vendor Homepage: http://www.twsz.com Category: Webapps Version: 1.0 Teste...

6.5CVSS0.1AI score0.09116EPSS
Exploits5
exploitpack
exploitpack
•added 2017/08/31 12:0 a.m.•32 views

IBM Notes 8.5.x9.0.x - Denial of Service (2)

IBM Notes 8.5.x9.0.x - Denial of Service 2 Exploit Title: IBM Notes is affected by a denial of service vulnerability Date: 31 August 2017 Software Link: http://www-01.ibm.com/support/docview.wss?uid=swg21999384 Exploit Author: Dhiraj Mishra Contact: http://twitter.com/mishradhiraj Website:...

4.3CVSS6.5AI score0.29222EPSS
Exploits10
exploitpack
exploitpack
•added 2017/07/31 12:0 a.m.•32 views

DivFix++ 0.34 - Denial of Service

DivFix++ 0.34 - Denial of Service DivFix++ denial of service vulnerability ================ Author : qflb.wu =============== Introduction: ============= DivFix++ is FREE AVI Video Fix & Preview program. Affected version: ===== v0.34 Vulnerability Description: ========================== the...

4.3CVSS5.6AI score0.03056EPSS
Exploits4
exploitpack
exploitpack
•added 2017/07/24 12:0 a.m.•32 views

WebKit - WebCore::RenderObject with Accessibility Enabled Use-After-Free

WebKit - WebCore::RenderObject with Accessibility Enabled Use-After-Free link text-transform: lowercase; link::first-letter border-spacing: 1em; function go dt.appendChildlink; var s = link.style; s.setProperty"display", "table-column-group"; s.setProperty"-webkit-appearance", "menulist-button";...

0.3AI score
Exploits0
exploitpack
exploitpack
•added 2017/07/24 12:0 a.m.•32 views

REDDOXX Appliance Build 2032 2.0.625 - Arbitrary File Disclosure

REDDOXX Appliance Build 2032 2.0.625 - Arbitrary File Disclosure Advisory: Arbitrary File Disclosure with root Privileges via RdxEngine-API in REDDOXX Appliance RedTeam Pentesting discovered an arbitrary file disclosure vulnerability in the REDDOXX appliance software, which allows unauthenticated...

0.7AI score
Exploits0
exploitpack
exploitpack
•added 2017/07/13 12:0 a.m.•32 views

OrientDB - Code Execution

OrientDB - Code Execution Vulnerability Summary The following advisory reports a vulnerability in OrientDB which allows users of the product to cause it to execute code. OrientDB is a Distributed Graph Database engine with the flexibility of a Document Database all in one product. The first and...

10CVSS0.3AI score0.73071EPSS
Exploits4
exploitpack
exploitpack
•added 2017/07/07 12:0 a.m.•32 views

Yaws 1.91 - Remote File Disclosure

Yaws 1.91 - Remote File Disclosure + Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/YAWS-WEB-SERVER-v1.91-UNAUTHENTICATED-REMOTE-FILE-DISCLOSURE.txt + ISR: ApparitionSec Vendor: ========== yaws.hyber.org Product: =========...

5CVSS7.7AI score0.81028EPSS
Exploits5
exploitpack
exploitpack
•added 2017/07/04 12:0 a.m.•32 views

Joomla! 3.7 - SQL Injection

Joomla! 3.7 - SQL Injection --==Mannu joomla SQL Injection exploiter by Team Indishell==-- body font-family: Tahoma; color: white; background: 333333; input border : solid 2px ; border-color : black; BACKGROUND-COLOR: 444444; font: 8pt Verdana; color: white; submit BORDER: buttonhighlight 2px...

0.4AI score
Exploits0
exploitpack
exploitpack
•added 2017/06/23 12:0 a.m.•32 views

Microsoft Windows - nt!NtQueryInformationWorkerFactory (WorkerFactoryBasicInformation) Kernel Stack Memory Disclosure

Microsoft Windows - nt!NtQueryInformationWorkerFactory WorkerFactoryBasicInformation Kernel Stack Memory Disclosure / Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1214&desc=2 We have discovered that the nt!NtQueryInformationWorkerFactory system call called with the...

0.2AI score
Exploits0
exploitpack
exploitpack
•added 2017/06/20 12:0 a.m.•32 views

Freeware Advanced Audio Coder (FAAC) 1.28 - Denial of Service

Freeware Advanced Audio Coder FAAC 1.28 - Denial of Service Freeware Advanced Audio Coder FAAC multiple vulnerabilities ================ Author : qflb.wu =============== Introduction: ============= FAAC is an encoder for a lossy sound compression scheme specified in MPEG-2 Part 7 and MPEG-4 Part ...

4.3CVSS0.02932EPSS
Exploits5
exploitpack
exploitpack
•added 2017/06/11 12:0 a.m.•32 views

Logpoint 5.6.4 - Root Remote Code Execution

Logpoint 5.6.4 - Root Remote Code Execution Exploit Title: Unauthenticated remote root code execution on logpoint 5.6.4 Date: 11/06/17 Exploit Author: agix Vendor Homepage: https://www.logpoint.com Version: logpoint 5.6.4 Tested on: 5.6.2 Vendor contact 19/04 Exploit details sent to the vendor...

Exploits0
exploitpack
exploitpack
•added 2017/06/09 12:0 a.m.•32 views

libquicktime 1.2.4 - Denial of Service

libquicktime 1.2.4 - Denial of Service libquicktime multiple vulnerabilities ================ Author : qflb.wu =============== Introduction: ============= The libquicktime package contains the libquicktime library, various plugins and codecs, along with graphical and command line utilities used f...

7.1CVSS6.5AI score0.06487EPSS
Exploits3
exploitpack
exploitpack
•added 2017/06/02 12:0 a.m.•32 views

reiserfstune 3.6.25 - Local Buffer Overflow

reiserfstune 3.6.25 - Local Buffer Overflow + Title: reiserfstune 3.6.25 – Local Buffer Overflow + Credits / Discovery: Nassim Asrir + Author Contact: [email protected] || https://www.linkedin.com/in/nassim-asrir-b73a57122/ + Author Company: Henceforth + CVE: N/A - Download -...

0.4AI score
Exploits0
exploitpack
exploitpack
•added 2017/05/25 12:0 a.m.•32 views

Mozilla Firefox 53 - ConvolvePixel Memory Disclosure

Mozilla Firefox 53 - ConvolvePixel Memory Disclosure /home/worker/workspace/build/src/gfx/2d/FilterNodeSoftware.cpp:2358 2 0x7f8d3fcd397d in alreadyAddRefedmozilla::gfx::Data...

7.3AI score
Exploits0
exploitpack
exploitpack
•added 2017/04/05 12:0 a.m.•32 views

SpiceWorks 7.5 TFTP - Remote File Overwrite Upload

SpiceWorks 7.5 TFTP - Remote File Overwrite Upload + Credits: John Page AKA HYP3RLINX + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/SPICEWORKS-IMPROPER-ACCESS-CONTROL-FILE-OVERWRITE.txt + ISR: APPARITIONSEC Vendor: ================== www.spiceworks.com...

7.5CVSS0.06724EPSS
Exploits5
exploitpack
exploitpack
•added 2017/04/03 12:0 a.m.•32 views

Bluecoat ASG 6.6CAS 1.3 - Local Privilege Escalation (Metasploit)

Bluecoat ASG 6.6CAS 1.3 - Local Privilege Escalation Metasploit Exploit Title: OS Command Injection Vulnerability in BlueCoat ASG and CAS Date: April 3, 2017 Exploit Authors: Chris Hebert, Peter Paccione and Corey Boyd Contact: chrisdhebertatgmail.com Vendor Security Advisory:...

9CVSS0.4AI score0.10126EPSS
Exploits8
exploitpack
exploitpack
•added 2017/03/30 12:0 a.m.•32 views

Apple macOSIOS 10.12.2 (16C67) - mach_msg Heap Overflow

Apple macOSIOS 10.12.2 16C67 - machmsg Heap Overflow / Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1083 When sending ool memory via |machmsg| with |deallocate| flag or |MACHMSGVIRTUALCOPY| flag, |machmsg| performs moving the memory to the destination process instead of copyi...

0.5AI score
Exploits0
exploitpack
exploitpack
•added 2017/03/20 12:0 a.m.•32 views

phplist 3.2.6 - SQL Injection

phplist 3.2.6 - SQL Injection 1. Introduction Affected Product: phplist 3.2.6 Fixed in: 3.3.1 Fixed Version Link: https://sourceforge.net/projects/phplist/files/phplist/3.3.1/phplist-3.3.1.zip/download Vendor Website: https://www.phplist.org/ Vulnerability Type: SQL Injection Remote Exploitable:...

Exploits0
exploitpack
exploitpack
•added 2017/03/16 12:0 a.m.•32 views

Wordpress Plugin Membership Simplified 1.58 - Arbitrary File Download

Wordpress Plugin Membership Simplified 1.58 - Arbitrary File Download import requests import string import random from urlparse import urlparse print "---------------------------------------------------------------------" print "Wordpress Plugin Membership Simplified v1.58 - Arbitrary File...

7.5CVSS9.6AI score0.16927EPSS
Exploits7
exploitpack
exploitpack
•added 2017/03/10 12:0 a.m.•32 views

Kinsey InforLawson ESBUS - SQL Injection

Kinsey InforLawson ESBUS - SQL Injection Exploit Title: Kinsey Infor / Lawson ESBUS - Multiple SQL Injections Date: 3/10/2017 Exploit Author: Michael Benich Vendor homepage: http://www.kinsey.com/infor-lawson.html Version: ALL Tested on: Windows Server 2008 R2; MySQL ver 5.5 CVE: CVE-2017-6550...

7.5CVSS10AI score0.03974EPSS
Exploits5
exploitpack
exploitpack
•added 2017/02/12 12:0 a.m.•32 views

Kodi 17.1 - Arbitrary File Disclosure

Kodi 17.1 - Arbitrary File Disclosure Exploit Title: Kodi - Local File Inclusion Date: 12 February 2017 Exploit Author: Eric Flokstra Vendor Homepage: https://kodi.tv/ Software Link: https://kodi.tv/download/ Version: Kodi version 17.1 Krypton, Chorus version 2.4.2 Tested on: Linux Kodi formerly...

7.4AI score
Exploits0
exploitpack
exploitpack
•added 2017/02/08 12:0 a.m.•32 views

Multi Outlets POS 3.1 - id SQL Injection

Multi Outlets POS 3.1 - id SQL Injection Exploit Title: Point of Sales - Multi Outlets POS v3.1 Script - SQL Injection Google Dork: N/A Date: 08.02.2017 Vendor Homepage: http://prosoft-apps.com/ Software Buy: https://codecanyon.net/item/point-of-sales-multi-outlets-pos/17674742 Demo:...

0.2AI score
Exploits0
exploitpack
exploitpack
•added 2017/01/18 12:0 a.m.•32 views

Micro Blog Script - SQL Injection

Micro Blog Script - SQL Injection Vulnerability: SQL Injection + Authentication Bypass Date: 18.01.2017 Vendor Homepage: http://www.scriptgiant.com/ Tested on: http://www.microblogscript.scriptgiant.in Script Name: Micro Blog Script Author: Ihsan Sencan Author Web: http://ihsan.net Mail :...

0.3AI score
Exploits0
exploitpack
exploitpack
•added 2017/01/10 12:0 a.m.•32 views

Apple OS X Yosemite - flow_divert-heap-overflow Kernel Panic

Apple OS X Yosemite - flowdivert-heap-overflow Kernel Panic / flowdivert-heap-overflow.c Brandon Azad CVE-2016-1827: Kernel heap overflow in the function flowdiverthandleappmapcreate on OS X and iOS. Exploitation requires root privileges. The vulnerability was patched in OS X El Capitan 10.11.5 a...

9.3CVSS0.1AI score0.05599EPSS
Exploits3
exploitpack
exploitpack
•added 2016/12/22 12:0 a.m.•32 views

Apple macOS 10.12.1 iOS 10.2 - powerd Arbitrary Port Replacement

Apple macOS 10.12.1 iOS 10.2 - powerd Arbitrary Port Replacement / Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=976 powerd running as root hosts the com.apple.PowerManagement.control mach service. It checks in with launchd to get a server port and then wraps that in a CFPort:...

7AI score
Exploits0
exploitpack
exploitpack
•added 2016/11/22 12:0 a.m.•32 views

EasyPHP Devserver 16.1.1 - Cross-Site Request Forgery Remote Command Execution

EasyPHP Devserver 16.1.1 - Cross-Site Request Forgery Remote Command Execution + Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/EASYPHP-DEV-SERVER-REMOTE-CMD-EXECUTION.txt + ISR: ApparitionSec Vendor: ===============...

0.1AI score
Exploits0
exploitpack
exploitpack
•added 2016/11/18 12:0 a.m.•32 views

EditMe CMS - Cross-Site Request Forgery (Add Admin)

EditMe CMS - Cross-Site Request Forgery Add Admin Document Title: =============== EditMe CMS - CSRF Privilege Escalate Web Vulnerability References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=1996 Release Date: ============= 2016-11-14 Vulnerability Laboratory...

0.6AI score
Exploits0
exploitpack
exploitpack
•added 2016/11/15 12:0 a.m.•32 views

Microsoft Edge 11.0.10240.16384 - edgehtml CAttr­Array::Destroy Use-After-Free

Microsoft Edge 11.0.10240.16384 - edgehtml CAttr­Array::Destroy Use-After-Free Alternatively: Description When an element is created and style properties are added, these are stored in a CAttr­Array object. A new CAttr­Array is able to store up to 8 properties. If more properties need to be store...

7.4AI score
Exploits0
exploitpack
exploitpack
•added 2016/11/09 12:0 a.m.•32 views

VBScript 5.8.7600.163855.8.9600.16384 - RegExpComp::PnodeParse Out-of-Bounds Read

VBScript 5.8.7600.163855.8.9600.16384 - RegExpComp::PnodeParse Out-of-Bounds Read !-- Source: http://blog.skylined.nl/20161108001.html Synopsis A specially crafted script can cause the VBScript engine to read data beyond a memory block for use as a regular expression. An attacker that is able to...

0.3AI score
Exploits0
exploitpack
exploitpack
•added 2016/11/07 12:0 a.m.•32 views

NodCMS - PHP Code Execution

NodCMS - PHP Code Execution !-- HTTP Request http://localhost/nodcms-master/admin/editlangfile/1/en POST /nodcms-master/admin/editlangfile/1/en HTTP/1.1 Host: localhost User-Agent: Mozilla/5.0 Windows NT 10.0; rv:49.0 Gecko/20100101 Firefox/49.0 Accept:...

Exploits0
exploitpack
exploitpack
•added 2016/11/02 12:0 a.m.•32 views

Alienvault OSSIMUSM 5.3.1 - SQL Injection

Alienvault OSSIMUSM 5.3.1 - SQL Injection Details ======= Product: Alienvault OSSIM/USM Vulnerability: SQL Injection Author: Peter Lapp, lappsec gmail com CVE: CVE-2016-8582 Vulnerable Versions: =5.3.1 Fixed Version: 5.3.2 Vulnerability Details ===================== A SQL injection vulnerability...

7.5CVSS0.7AI score0.57425EPSS
Exploits5
exploitpack
exploitpack
•added 2016/10/28 12:0 a.m.•32 views

InfraPower PPS-02-S Q213V1 - Insecure Direct Object Reference

InfraPower PPS-02-S Q213V1 - Insecure Direct Object Reference InfraPower PPS-02-S Q213V1 Insecure Direct Object Reference Authorization Bypass Vendor: Austin Hughes Electronics Ltd. Product web page: http://www.austin-hughes.com Affected version: Q213V1 Firmware: V2395S Fixed version: Q216V3...

7.4AI score
Exploits0
exploitpack
exploitpack
•added 2016/10/27 12:0 a.m.•32 views

Joomla! 3.4.4 3.6.4 - Account Creation Privilege Escalation

Joomla! 3.4.4 3.6.4 - Account Creation Privilege Escalation Source: https://github.com/XiphosResearch/exploits/tree/master/Joomraa While analysing the recent Joomla exploit in comusers:user.register we came across a problem with the upload whitelisting. They don't allow files containing SetHandle...

1.2AI score
Exploits0
exploitpack
exploitpack
•added 2016/10/26 12:0 a.m.•32 views

Linux Kernel 2.6.22 3.9 - Dirty COW PTRACE_POKEDATA Race Condition (Write Access Method)

Linux Kernel 2.6.22 3.9 - Dirty COW PTRACEPOKEDATA Race Condition Write Access Method // $ echo pikachu|sudo tee pokeball;ls -l pokeball;gcc -pthread pokemon.c -o d;./d pokeball miltank;cat pokeball include //// pikachu include //// -rw-r--r-- 1 root root 8 Apr 4 12:34 pokeball include ////...

0.5AI score
Exploits0
exploitpack
exploitpack
•added 2016/10/06 12:0 a.m.•32 views

Billion 7700NR4 Router - Remote Command Execution

Billion 7700NR4 Router - Remote Command Execution Title : Billion Router 7700NR4 Remote Root Command Execution Date : 06/10/2016 Author : R-73eN Tested on: Billion Router 7700NR4 Vendor : http://www.billion.com/ Vulnerability Description: This router is a widely used here in Albania. It is given ...

0.4AI score
Exploits0
exploitpack
exploitpack
•added 2016/09/22 12:0 a.m.•32 views

Exponent CMS 2.3.9 - Blind SQL Injection

Exponent CMS 2.3.9 - Blind SQL Injection ============================================= MGC ALERT 2016-005 - Original release date: September 09, 2016 - Last revised: September 20, 2016 - Discovered by: Manuel GarcAa CA!rdenas - Severity: 7,1/10 CVSS Base Score - CVE-ID: CVE-2016-7400...

7.5CVSS0.2AI score0.04651EPSS
Exploits4
exploitpack
exploitpack
•added 2016/09/19 12:0 a.m.•32 views

Kajona 4.7 - Cross-Site Scripting Directory Traversal

Kajona 4.7 - Cross-Site Scripting Directory Traversal Security Advisory - Curesec Research Team 1. Introduction Affected Product: Kajona 4.7 Fixed in: 5.0 Fixed Version Link: https://www.kajona.de/en/Downloads/downloads.getkajona.html Vendor Website: https://www.kajona.de/ Vulnerability Type: XSS...

Exploits0
exploitpack
exploitpack
•added 2016/08/10 12:0 a.m.•32 views

Nagios Network Analyzer 2.2.1 - Multiple Cross-Site Request Forgery Vulnerabilities

Nagios Network Analyzer 2.2.1 - Multiple Cross-Site Request Forgery Vulnerabilities + Credits: John Page hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/NAGIOS-NA-v2.2.1-MULTIPLE-CSRF.txt + ISR: ApparitionSec Vendor: =============== www.nagios.co...

0.2AI score
Exploits0
Total number of security vulnerabilities5000