Lucene search
K
ExploitpackRecent

41207 matches found

exploitpack
exploitpack
added 2017/04/07 12:0 a.m.21 views

WordPress Plugin Firewall 2 1.3 - Cross-Site Request Forgery Cross-Site Scripting

WordPress Plugin Firewall 2 1.3 - Cross-Site Request Forgery Cross-Site Scripting alert1" !-- In a real attack, forms can be submitted automatically and spear-phishing attacks can be convincing. Mitigations ================ Disable the plugin until a new version is released that fixes this bug...

0.6AI score
Exploits0
exploitpack
exploitpack
added 2017/04/07 12:0 a.m.18 views

Quiz Template 1.0 - testid SQL Injection

Quiz Template 1.0 - testid SQL Injection Exploit Title: Quiz Template v1.0 for ASPRunnerPro/PHPRunner. - SQL Injection Google Dork: N/A Date: 07.04.2017 Vendor Homepage: https://xlinesoft.com/ Software: https://xlinesoft.com/marketplace/productsview.php?editid1=2 Demo:...

8.7AI score
Exploits0
exploitpack
exploitpack
added 2017/04/07 12:0 a.m.25 views

Adobe (Multiple Products) - XML Injection File Content Disclosure

Adobe Multiple Products - XML Injection File Content Disclosure !/bin/bash Exploit Title: Adobe XML Injection file content disclosure Date: 07-04-2017 Exploit Author: Thomas Sluyter Website: https://www.kilala.nl Vendor Homepage: http://www.adobe.com/support/security/bulletins/apsb10-05.html...

Exploits0
exploitpack
exploitpack
added 2017/04/07 12:0 a.m.11 views

Invoice Template - hash SQL Injection

Invoice Template - hash SQL Injection Exploit Title: Invoice Template v1.0 for PHPRunner/ASPRunnerPro/ASPRunner.NET. - SQL Injection Google Dork: N/A Date: 07.04.2017 Vendor Homepage: https://xlinesoft.com/ Software: https://xlinesoft.com/invoice Demo:...

8.6AI score
Exploits0
exploitpack
exploitpack
added 2017/04/07 12:0 a.m.43 views

Intellinet NFC-30IR Camera - Multiple Vulnerabilities

Intellinet NFC-30IR Camera - Multiple Vulnerabilities Bitcrack Cyber Security - BitLabs Advisory http://www.bitcrack.net Multiple Vulnerabilities in Intellinet NFC-30IR Network Cameras ADVISORY -------- Title: Local File Inclusion in CGI-SCRIPT & Hard-Coded Manufacturer Backdoor Advisory ID:...

7.5CVSS0.4AI score0.12749EPSS
Exploits5
exploitpack
exploitpack
added 2017/04/07 12:0 a.m.50 views

D-Link DWR-116 DWR-116A1 - Arbitrary File Download

D-Link DWR-116 DWR-116A1 - Arbitrary File Download Title: D-Link DWR-116 Arbitrary File Download Vendor: D-Link www.dlink.com Affected models: DWR-116 / DWR-116A1 Tested on: V1.01EU, V1.00CPb10, V1.05AU CVE: CVE-2017-6190 Date: 04.07.2016 Author: Patryk Bogdan @patrykbogdan Description: D-Link...

5CVSS7.7AI score0.15767EPSS
Exploits6
exploitpack
exploitpack
added 2017/04/06 12:0 a.m.36 views

Cesanta Mongoose OS - Use-After-Free

Cesanta Mongoose OS - Use-After-Free COMPASS SECURITY ADVISORY https://www.compass-security.com/en/research/advisories/ Product: Mongoose OS Vendor: Cesanta CVE ID: CVE-2017-7185 CSNC ID: CSNC-2017-003 Subject: Use-after-free / Denial of Service Risk: Medium Effect: Remotely exploitable Authors:...

5CVSS0.12251EPSS
Exploits5
exploitpack
exploitpack
added 2017/04/06 12:0 a.m.46 views

Moodle 2.x3.x - SQL Injection

Moodle 2.x3.x - SQL Injection Exploit: Moodle SQL Injection via Object Injection Through User Preferences Date: April 6th, 2017 Exploit Author: Marko Belzetski Contact: [email protected] Vendor Homepage: https://moodle.org/ Version: 3.2 to 3.2.1, 3.1 to 3.1.4, 3.0 to 3.0.8, 2.7.0 to 2.7.1...

7.5CVSS0.4AI score0.1453EPSS
Exploits4
exploitpack
exploitpack
added 2017/04/05 12:0 a.m.47 views

Faveo Helpdesk Community 1.9.3 - Cross-Site Request Forgery

Faveo Helpdesk Community 1.9.3 - Cross-Site Request Forgery Exploit Title: CSRF / Privilege Escalation Manipulation of Role Agent to Admin on Faveo version Community 1.9.3 Google Dork: no Date: 05-April-2017 Exploit Author: @runggareksya, @yokoacc, @AdyWikradinata, @dickysofficial, @dvnrcy Vendor...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2017/04/05 12:0 a.m.32 views

SpiceWorks 7.5 TFTP - Remote File Overwrite Upload

SpiceWorks 7.5 TFTP - Remote File Overwrite Upload + Credits: John Page AKA HYP3RLINX + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/SPICEWORKS-IMPROPER-ACCESS-CONTROL-FILE-OVERWRITE.txt + ISR: APPARITIONSEC Vendor: ================== www.spiceworks.com...

7.5CVSS0.06724EPSS
Exploits5
exploitpack
exploitpack
added 2017/04/05 12:0 a.m.6 views

Sweepstakes Pro Software - SQL Injection

Sweepstakes Pro Software - SQL Injection Exploit Title: Sweepstakes Pro Software - SQL Injection Google Dork: N/A Date: 05.04.2017 Vendor Homepage: http://bimedia.info/ Software: http://bimedia.info/sweepstakes-pro-software/ Demo: http://mysweepstakespro.com/demo/ Version: N/A Tested on: Win7 x64...

0.5AI score
Exploits0
exploitpack
exploitpack
added 2017/04/05 12:0 a.m.13 views

Airbnb Crashpadder Clone Script - SQL Injection

Airbnb Crashpadder Clone Script - SQL Injection Exploit Title: Airbnb Crashpadder Clone Script - SQL Injection Google Dork: N/A Date: 05.04.2017 Vendor Homepage: http://bimedia.info/ Software: http://bimedia.info/airbnb-premium-clone-script/ Demo: http://airbnb.clonedemo.com/ Version: N/A Tested...

0.3AI score
Exploits0
exploitpack
exploitpack
added 2017/04/05 12:0 a.m.8 views

ImagePro Lazygirls Clone Script - SQL Injection

ImagePro Lazygirls Clone Script - SQL Injection Exploit Title: ImagePro Lazygirls Clone Script - SQL Injection Google Dork: N/A Date: 05.04.2017 Vendor Homepage: http://bimedia.info/ Software: http://bimedia.info/8-2/ Demo: http://imagepro.clonedemo.com/ Version: N/A Tested on: Win7 x64, Kali Lin...

0.2AI score
Exploits0
exploitpack
exploitpack
added 2017/04/05 12:0 a.m.16 views

Premium Penny Auction Script - SQL Injection

Premium Penny Auction Script - SQL Injection Exploit Title: Premium Penny Auction Script - SQL Injection Google Dork: N/A Date: 05.04.2017 Vendor Homepage: http://bimedia.info/ Software: http://bimedia.info/premium-penny-auction-script/ Demo: http://pennyauction.clonedemo.com/ Version: N/A Tested...

0.4AI score
Exploits0
exploitpack
exploitpack
added 2017/04/05 12:0 a.m.20 views

Appointment Script - SQL Injection

Appointment Script - SQL Injection Exploit Title: Doctors Appointment Script - SQL Injection Google Dork: N/A Date: 05.04.2017 Vendor Homepage: http://appointment-script.com/ Software: http://appointment-script.com/demo Demo: http://appointment-script.com/demo Version: N/A Tested on: Win7 x64, Ka...

Exploits0
exploitpack
exploitpack
added 2017/04/05 12:0 a.m.33 views

D-Link DIR-615 - Cross-Site Request Forgery

D-Link DIR-615 - Cross-Site Request Forgery Title: ==== D-Link DIR 615 HW: T1 FW:20.09 is vulnerable to Cross-Site Request Forgery CSRF vulnerability Credit: ====== Name: Pratik S. Shah Reference: ========= CVE Details: CVE-2017-7398. Date: ==== 1-04-2017 Vendor: ====== D-Link wireless router...

6.8CVSS0.9AI score0.03006EPSS
Exploits4
exploitpack
exploitpack
added 2017/04/05 12:0 a.m.44 views

HelpDEZK 1.1.1 - Cross-Site Request Forgery Code Execution

HelpDEZK 1.1.1 - Cross-Site Request Forgery Code Execution Exploit Title: Multiple CSRF Remote Code Execution Vulnerability on HelpDEZK 1.1.1 Date: 05-April-2017 Exploit Author: @runggareksya, @yokoacc, @AdyWikradinata, @dickysofficial, @dvnrcy Vendor Homepage: http://www.helpdezk.org/ Software...

6.8CVSS0.5AI score0.03487EPSS
Exploits6
exploitpack
exploitpack
added 2017/04/04 12:0 a.m.15 views

Broadcom Wi-Fi SoC - dhd_handle_swc_evt Heap Overflow

Broadcom Wi-Fi SoC - dhdhandleswcevt Heap Overflow Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1061 Broadcom produces Wi-Fi HardMAC SoCs which are used to handle the PHY and MAC layer processing. These chips are present in both mobile devices and Wi-Fi routers, and are capab...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2017/04/04 12:0 a.m.12 views

Apple macOSiOS Kernel 10.12.3 (16D32) - SIOCGIFORDER Socket ioctl Off-by-One Memory Corruption

Apple macOSiOS Kernel 10.12.3 16D32 - SIOCGIFORDER Socket ioctl Off-by-One Memory Corruption / Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1111 SIOCSIFORDER and SIOCGIFORDER allow userspace programs to build and maintain the ifnetorderedhead linked list of interfaces...

0.6AI score
Exploits0
exploitpack
exploitpack
added 2017/04/04 12:0 a.m.18 views

Apple macOS Kernel 10.12.3 (16D32) - audit_pipe_open Off-by-One Memory Corruption

Apple macOS Kernel 10.12.3 16D32 - auditpipeopen Off-by-One Memory Corruption / Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1126 MacOS kernel memory corruption due to off-by-one in auditpipeopen auditpipeopen is the special file open handler for the auditpipe device major...

0.2AI score
Exploits0
exploitpack
exploitpack
added 2017/04/04 12:0 a.m.22 views

Apple macOSiOS Kernel 10.12.3 (16D32) - bpf Heap Overflow

Apple macOSiOS Kernel 10.12.3 16D32 - bpf Heap Overflow / Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1125 The bpf ioctl BIOCSBLEN allows userspace to set the bpf buffer length: case BIOCSBLEN: / uint / if d-bdbif != 0 error = EINVAL; else uint size; bcopyaddr, &size, sizeof...

0.2AI score
Exploits0
exploitpack
exploitpack
added 2017/04/04 12:0 a.m.35 views

Apple WebKit - ComposedTreeIterator::traverseNextInShadowTree Use-After-Free

Apple WebKit - ComposedTreeIterator::traverseNextInShadowTree Use-After-Free function go d.open = false; d.innerHTML = "foo"; d.open = true; foo !-- ================================================================= ASan log: =================================================================...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2017/04/04 12:0 a.m.15 views

Apple macOSiOS Kernel 10.12.3 (16D32) - SIOCSIFORDER Socket ioctl Memory Corruption Due to Bad Bounds Checking

Apple macOSiOS Kernel 10.12.3 16D32 - SIOCSIFORDER Socket ioctl Memory Corruption Due to Bad Bounds Checking / Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1108 SIOCSIFORDER is a new ioctl added in iOS 10. It can be called on a regular tcp socket, so from pretty much any...

Exploits0
exploitpack
exploitpack
added 2017/04/04 12:0 a.m.16 views

Maian Uploader 4.0 - user SQL Injection

Maian Uploader 4.0 - user SQL Injection Exploit Title: Maian Uploader Script v4.0 - SQL Injection Google Dork: N/A Date: 04.04.2017 Vendor Homepage: http://www.maiansoftware.com/ Software: http://www.maianuploader.com/?dl=yes Demo: http://www.maiansoftware.com/demos/uploader/ Version: 4.0 Tested...

0.1AI score
Exploits0
exploitpack
exploitpack
added 2017/04/04 12:0 a.m.11 views

Apple Webkit - JSCallbackData Universal Cross-Site Scripting

Apple Webkit - JSCallbackData Universal Cross-Site Scripting globalObject-vm, callback JSC::JSObject callback return mcallback.get; JSDOMGlobalObject globalObject return JSC::jsCastmcallback-globalObject; JSC::JSValue invokeCallbackJSC::MarkedArgumentBuffer& args, CallbackType callbackType,...

0.3AI score
Exploits0
exploitpack
exploitpack
added 2017/04/04 12:0 a.m.8 views

Apple WebKit 10.0.2 (12602.3.12.0.1) - disconnectSubframes Universal Cross-Site Scripting

Apple WebKit 10.0.2 12602.3.12.0.1 - disconnectSubframes Universal Cross-Site Scripting frameOwners; if policy == RootAndDescendants if isroot frameOwners.appenddowncastroot; collectFrameOwnersframeOwners, root; // Must disable frame loading in the subtree so an unload handler cannot // insert mo...

0.1AI score
Exploits0
exploitpack
exploitpack
added 2017/04/04 12:0 a.m.11 views

Apple macOSiOS Kernel 10.12.3 (16D32) - Double-Free Due to Bad Locking in fsevents Device

Apple macOSiOS Kernel 10.12.3 16D32 - Double-Free Due to Bad Locking in fsevents Device / Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1129 fseventsfioctl handles ioctls on fsevent fds acquired via FSEVENTSCLONE64 on /dev/fsevents Heres the code for the FSEVENTSDEVICEFILTER64...

Exploits0
exploitpack
exploitpack
added 2017/04/04 12:0 a.m.22 views

Broadcom Wi-Fi SoC - Heap Overflow wlc_tdls_cal_mic_chk Due to Large RSN IE in TDLS Setup Confirm Frame

Broadcom Wi-Fi SoC - Heap Overflow wlctdlscalmicchk Due to Large RSN IE in TDLS Setup Confirm Frame Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1047 Broadcom produces Wi-Fi HardMAC SoCs which are used to handle the PHY and MAC layer processing. These chips are present in bot...

7.3AI score
Exploits0
exploitpack
exploitpack
added 2017/04/04 12:0 a.m.28 views

Apple WebKit - Negative-Size memmove in HTMLFormElement

Apple WebKit - Negative-Size memmove in HTMLFormElement function go var iframe = document.getElementById"iframe"; var iframeWindow = window0; var toInsert = div; var iframeBody = iframeWindow.document.body; iframeBody.beforedocument.body; iframe.aftertoInsert; aaaaaaaa !--...

7.3AI score
Exploits0
exploitpack
exploitpack
added 2017/04/04 12:0 a.m.10 views

Maian Greetings 2.1 - cat SQL Injection

Maian Greetings 2.1 - cat SQL Injection Exploit Title: Maian Greetings v2.1 - SQL Injection Google Dork: N/A Date: 04.04.2017 Vendor Homepage: http://www.maiansoftware.com/ Software: http://www.maiangreetings.com/?dl=yes Demo: http://www.maiansoftware.com/demos/greetings/ Version: 2.1 Tested on:...

0.3AI score
Exploits0
exploitpack
exploitpack
added 2017/04/04 12:0 a.m.29 views

Apple WebKit - WebCore::toJS Use-After-Free

Apple WebKit - WebCore::toJS Use-After-Free function freememory var a; forvar i=0;i !-- ================================================================= ASan log: ================================================================= ==25184==ERROR: AddressSanitizer: heap-use-after-free on address...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2017/04/04 12:0 a.m.17 views

Apple WebKit - table Use-After-Free

Apple WebKit - table Use-After-Free -webkit-border-image: urlfoo 1 5 1 63 repeat; -webkit-flow-into: foo function eventhandler var a; document.execCommand"selectAll", false; output.slot = "foo"; table.deleteCaption; //trigger garbage collector forvar i=0;i foo !--...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2017/04/04 12:0 a.m.13 views

Apple macOS Kernel 10.12.3 (16D32) - Use-After-Free Due to Double-Release in posix_spawn

Apple macOS Kernel 10.12.3 16D32 - Use-After-Free Due to Double-Release in posixspawn / Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1104 exechandleportactions is responsible for handling the xnu port actions extension to posixspawn. It supports 4 different types of port...

7.2AI score
Exploits0
exploitpack
exploitpack
added 2017/04/04 12:0 a.m.192 views

Apache Tomcat 6789 - Information Disclosure

Apache Tomcat 6789 - Information Disclosure Exploit Title:Apache Tomcat CVE-2016-6816 Security Bypass Vulnerability Date: 4th March 2017 Exploit Author: justpentest Vendor Homepage: tomcat.apache.org Version: Apache Tomcat 9.0.0.M1 through 9.0.0.M11, 8.5.0 through 8.5.6, 8.0.0.RC1 through 8.0.38,...

6.8CVSS8.6AI score0.39633EPSS
Exploits6
exploitpack
exploitpack
added 2017/04/04 12:0 a.m.12 views

Maian Survey 1.1 - survey SQL Injection

Maian Survey 1.1 - survey SQL Injection Exploit Title: Maian Survey v1.1 - SQL Injection Google Dork: N/A Date: 04.04.2017 Vendor Homepage: http://www.maiansoftware.com/ Software: http://www.maiansurvey.com/?dl=yes Demo: http://www.maiansoftware.com/demos/survey/ Version: 1.1 Tested on: Win7 x64,...

0.2AI score
Exploits0
exploitpack
exploitpack
added 2017/04/04 12:0 a.m.11 views

Apple WebKit 10.0.2(12602.3.12.0.1) - Frame::setDocument (1) Universal Cross-Site Scripting

Apple WebKit 10.0.212602.3.12.0.1 - Frame::setDocument 1 Universal Cross-Site Scripting && newDocument ASSERT!newDocument || newDocument-frame == this; if mdoc && mdoc-pageCacheState != Document::InPageCache mdoc-prepareForDestruction; mdoc = newDocument.copyRef; ... The function...

6.8AI score
Exploits0
exploitpack
exploitpack
added 2017/04/04 12:0 a.m.13 views

Apple Webkit - Universal Cross-Site Scripting by Accessing a Named Property from an Unloaded Window

Apple Webkit - Universal Cross-Site Scripting by Accessing a Named Property from an Unloaded Window document auto& htmlDocument = downcastdocument; auto atomicPropertyName = propertyName.publicName; if atomicPropertyName && htmlDocument.hasWindowNamedItematomicPropertyName JSValue namedItem; if...

6.7AI score
Exploits0
exploitpack
exploitpack
added 2017/04/04 12:0 a.m.23 views

Apple macOS Kernel 10.12.2 (16C67) - AppleIntelCapriController::GetLinkConfig Code Execution Due to Lack of Bounds Checking

Apple macOS Kernel 10.12.2 16C67 - AppleIntelCapriController::GetLinkConfig Code Execution Due to Lack of Bounds Checking / Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1071 Selector 0x921 of IntelFBClientControl ends up in AppleIntelCapriController::GetLinkConfig This method...

0.6AI score
Exploits0
exploitpack
exploitpack
added 2017/04/04 12:0 a.m.29 views

Apple WebKit - RenderLayer Use-After-Free

Apple WebKit - RenderLayer Use-After-Free function go div.style.setProperty"-webkit-flow-into", "foo"; document.execCommand"fontSize", false, 6; window.requestAnimationFramecb; h1.attachShadowmode: "open"; h1.replaceWith"foo"; function cb var a; //trigger garbage collector forvar i=0;i !--...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2017/04/04 12:0 a.m.31 views

Broadcom Wi-Fi SoC - TDLS Teardown Request Remote Heap Overflow

Broadcom Wi-Fi SoC - TDLS Teardown Request Remote Heap Overflow Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1046 https://googleprojectzero.blogspot.ca/2017/04/over-air-exploiting-broadcoms-wi-fi4.html Broadcom produces Wi-Fi HardMAC SoCs which are used to handle the PHY and...

7.5AI score
Exploits0
exploitpack
exploitpack
added 2017/04/04 12:0 a.m.30 views

Apple macOS Kernel 10.12.2 (16C67) - Memory Disclosure Due to Lack of Bounds Checking in AppleIntelCapriController::getDisplayPipeCapability

Apple macOS Kernel 10.12.2 16C67 - Memory Disclosure Due to Lack of Bounds Checking in AppleIntelCapriController::getDisplayPipeCapability / Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1069 MacOS kernel memory disclosure due to lack of bounds checking in...

0.3AI score
Exploits0
exploitpack
exploitpack
added 2017/04/04 12:0 a.m.25 views

Apple WebKit 10.0.2 - HTMLInputElement Use-After-Free

Apple WebKit 10.0.2 - HTMLInputElement Use-After-Free function eventhandler1 input.type = "foo"; function eventhandler2 input.selectionStart = 25; !-- ================================================================= ASAN log from WebKit nightly on Mac:...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2017/04/04 12:0 a.m.26 views

Apple macOSiOS Kernel 10.12.3 (16D32) - Bad Locking in necp_open Use-After-Free

Apple macOSiOS Kernel 10.12.3 16D32 - Bad Locking in necpopen Use-After-Free / Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1116 necpopen is a syscall used to obtain a new necp file descriptor The necp file's fp's fgdata points to a struct necpfddata allocated on the heap...

7.3AI score
Exploits0
exploitpack
exploitpack
added 2017/04/04 12:0 a.m.12 views

Apple WebKit 10.0.2 (12602.3.12.0.1_ r210800) - constructJSReadableStreamDefaultReader Type Confusion

Apple WebKit 10.0.2 12602.3.12.0.1 r210800 - constructJSReadableStreamDefaultReader Type Confusion exec.argument0; if !stream return throwArgumentTypeErrorexec, scope, 0, "stream", "ReadableStreamReader", nullptr, "ReadableStream"; JSValue jsFunction = stream-get&exec, Identifier::fromString&exec...

0.1AI score
Exploits0
exploitpack
exploitpack
added 2017/04/04 12:0 a.m.20 views

Apple WebKit - FormSubmission::create Use-After-Free

Apple WebKit - FormSubmission::create Use-After-Free function go object.name = "foo"; input.autofocus = true; output.appendChildinput; form.submit; function eventhandler forvar i=0;i a !-- ================================================================= Preliminary analysis: The bug is in...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2017/04/03 12:0 a.m.45 views

Bluecoat ASG 6.6CAS 1.3 - OS Command Injection (Metasploit)

Bluecoat ASG 6.6CAS 1.3 - OS Command Injection Metasploit Exploit Title: OS Command Injection Vulnerability in BlueCoat ASG and CAS Date: April 3, 2017 Exploit Authors: Chris Hebert, Peter Paccione and Corey Boyd Contact: chrisdhebertatgmail.com Vendor Security Advisory:...

9CVSS7.2AI score0.10126EPSS
Exploits8
exploitpack
exploitpack
added 2017/04/03 12:0 a.m.23 views

Moxa AWK-3131A 1.4 1.7 - Username OS Command Injection

Moxa AWK-3131A 1.4 1.7 - Username OS Command Injection !/usr/bin/env python2 import telnetlib import re import random import string Split string into chunks, of which each is /var/a' - 1 completed = temp = re.split'\n', script for content in temp: if lencontent != 0: for s in re.split' ', content...

Exploits0
exploitpack
exploitpack
added 2017/04/03 12:0 a.m.10 views

GeoMoose 2.9.2 - Directory Traversal

GeoMoose 2.9.2 - Directory Traversal Exploit Title: GeoMoose = 2.9.2 Local File Disclosure Exploit Author: Sander 'dsc' Ferdinand Date: 2017-03-4 Version: = 2.9.2 Blog: https://ced.pwned.systems/advisories-geomoose-local-file-disclosure-2-9-2.html Vendor Homepage: geomoose.org Reported: 4-3-2017...

0.1AI score
Exploits0
exploitpack
exploitpack
added 2017/04/03 12:0 a.m.32 views

Bluecoat ASG 6.6CAS 1.3 - Local Privilege Escalation (Metasploit)

Bluecoat ASG 6.6CAS 1.3 - Local Privilege Escalation Metasploit Exploit Title: OS Command Injection Vulnerability in BlueCoat ASG and CAS Date: April 3, 2017 Exploit Authors: Chris Hebert, Peter Paccione and Corey Boyd Contact: chrisdhebertatgmail.com Vendor Security Advisory:...

9CVSS0.4AI score0.10126EPSS
Exploits8
exploitpack
exploitpack
added 2017/04/02 12:0 a.m.15 views

Linux Kernel (PonyOS 4.0) - fluttershy LD_LIBRARY_PATH Local Privilege Escalation

Linux Kernel PonyOS 4.0 - fluttershy LDLIBRARYPATH Local Privilege Escalation !/usr/bin/python PonyOS 4.0 has added several improvements over previous releases including support for setuid binaries and dynamic libraries. The run-time linker does not sanitize environment variables when running...

0.2AI score
Exploits0
Total number of security vulnerabilities41207