Lucene search
K
ExploitpackRecent

41207 matches found

exploitpack
exploitpack
added 2017/03/06 12:0 a.m.9 views

PHP Matrimonial Script 3.0 - SQL Injection

PHP Matrimonial Script 3.0 - SQL Injection Exploit Title: Matrimonial Script v3.0 - SQL Injection Google Dork: N/A Date: 06.03.2017 Vendor Homepage: http://www.phpscriptsmall.com/ Software : http://www.phpscriptsmall.com/product/matrimonial-script/ Demo: http://74.124.215.220/matriialscrip/...

0.7AI score
Exploits0
exploitpack
exploitpack
added 2017/03/06 12:0 a.m.23 views

Single Theater Booking Script - newsid SQL Injection

Single Theater Booking Script - newsid SQL Injection Exploit Title: Single Theater Booking Script - SQL Injection Google Dork: N/A Date: 06.03.2017 Vendor Homepage: http://www.phpscriptsmall.com/ Software : http://www.phpscriptsmall.com/product/single-theater-booking-script/ Demo:...

0.2AI score
Exploits0
exploitpack
exploitpack
added 2017/03/06 12:0 a.m.13 views

CyberGhost 6.0.4.2205 - Local Privilege Escalation

CyberGhost 6.0.4.2205 - Local Privilege Escalation Exploit CyberGhost 6.0.4.2205 Privilege Escalation Date: 06.03.2017 Software Link: http://www.cyberghostvpn.com/ Exploit Author: Kacper Szurek Contact: https://twitter.com/KacperSzurek Website: https://security.szurek.pl/ Category: local 1...

0.4AI score
Exploits0
exploitpack
exploitpack
added 2017/03/06 12:0 a.m.21 views

Responsive Matrimonial Script 4.0.1 - SQL Injection

Responsive Matrimonial Script 4.0.1 - SQL Injection Exploit Title: Responsive Matrimonial Script v4.0.1 - SQL Injection Google Dork: N/A Date: 06.03.2017 Vendor Homepage: http://www.phpscriptsmall.com/ Software : http://www.phpscriptsmall.com/product/responsive-matrimonial/ Demo:...

0.3AI score
Exploits0
exploitpack
exploitpack
added 2017/03/06 12:0 a.m.8 views

Groupon Clone Script 3.01 - catid SQL Injection

Groupon Clone Script 3.01 - catid SQL Injection Exploit Title: Groupon Clone Script v3.01 - SQL Injection Google Dork: N/A Date: 06.03.2017 Vendor Homepage: http://www.phpscriptsmall.com/ Software : http://www.phpscriptsmall.com/product/groupon-clone-script/ Demo:...

8.6AI score
Exploits0
exploitpack
exploitpack
added 2017/03/06 12:0 a.m.8 views

MLM Forced Matrix 2.0.7 - SQL Injection

MLM Forced Matrix 2.0.7 - SQL Injection Exploit Title: MLM Forced Matrix v2.0.7 - SQL Injection Google Dork: N/A Date: 06.03.2017 Vendor Homepage: http://www.phpscriptsmall.com/ Software : http://www.phpscriptsmall.com/product/mlm-forced-matrix/ Demo: http://74.124.215.220/forctrix/ Version: 2.0....

0.3AI score
Exploits0
exploitpack
exploitpack
added 2017/03/06 12:0 a.m.15 views

Advanced Matrimonial Script 2.0.3 - SQL Injection

Advanced Matrimonial Script 2.0.3 - SQL Injection Exploit Title: Advanced Matrimonial Script v2.0.3 - SQL Injection Google Dork: N/A Date: 06.03.2017 Vendor Homepage: http://www.phpscriptsmall.com/ Software : http://www.phpscriptsmall.com/product/advanced-matrimonial/ Demo:...

0.8AI score
Exploits0
exploitpack
exploitpack
added 2017/03/06 12:0 a.m.13 views

Website Broker Script 3.02 - view SQL Injection

Website Broker Script 3.02 - view SQL Injection Exploit Title: Website Broker Script v3.02 - SQL Injection Google Dork: N/A Date: 06.03.2017 Vendor Homepage: http://www.phpscriptsmall.com/ Software : http://www.phpscriptsmall.com/product/website-broker-script/ Demo:...

0.6AI score
Exploits0
exploitpack
exploitpack
added 2017/03/06 12:0 a.m.30 views

Yellow Pages Clone Script 1.3.4 - SQL Injection

Yellow Pages Clone Script 1.3.4 - SQL Injection Exploit Title: Yellow Pages Clone Script v1.3.4 - SQL Injection Google Dork: N/A Date: 06.03.2017 Vendor Homepage: http://www.phpscriptsmall.com/ Software : http://www.phpscriptsmall.com/product/yellow-pages-clone-script/ Demo:...

0.5AI score
Exploits0
exploitpack
exploitpack
added 2017/03/06 12:0 a.m.13 views

MLM Membership Plan Script 2.0.5 - SQL Injection

MLM Membership Plan Script 2.0.5 - SQL Injection Exploit Title: MLM Membership Plan Script v2.0.5 - SQL Injection Google Dork: N/A Date: 06.03.2017 Vendor Homepage: http://www.phpscriptsmall.com/ Software : http://www.phpscriptsmall.com/product/mlm-membership-plan-script/ Demo:...

0.3AI score
Exploits0
exploitpack
exploitpack
added 2017/03/06 12:0 a.m.27 views

Deluge Web UI 1.3.13 - Cross-Site Request Forgery

Deluge Web UI 1.3.13 - Cross-Site Request Forgery !-- Remote code execution via CSRF vulnerability in the web UI of Deluge 1.3.13 Kyle Neideck, February 2017 Product ------- Deluge is a BitTorrent client available from http://deluge-torrent.org. Fix --- Fixed in the public source code, but not in...

0.6AI score
Exploits0
exploitpack
exploitpack
added 2017/03/06 12:0 a.m.24 views

Responsive Events Movie Ticket Booking Script - SQL Injection

Responsive Events Movie Ticket Booking Script - SQL Injection Exploit Title: Responsive Events & Movie Ticket Booking Script - SQL Injection Google Dork: N/A Date: 06.03.2017 Vendor Homepage: http://www.phpscriptsmall.com/ Software :...

0.3AI score
Exploits0
exploitpack
exploitpack
added 2017/03/06 12:0 a.m.17 views

Social Network Script 3.01 - id SQL Injection

Social Network Script 3.01 - id SQL Injection Exploit Title: Social Network Script v3.01 - SQL Injection Google Dork: N/A Date: 06.03.2017 Vendor Homepage: http://www.phpscriptsmall.com/ Software : http://www.phpscriptsmall.com/product/social-network-script/ Demo: http://myeliteprofile.com/...

Exploits0
exploitpack
exploitpack
added 2017/03/05 12:0 a.m.20 views

MikroTik Router - ARP Table OverFlow Denial Of Service

MikroTik Router - ARP Table OverFlow Denial Of Service / Exploit Title: MikroTik Router Denial Of Service | ARP Table OverFlow Exploit Author: Hosein Askari FarazPajohan Vendor HomePage: https://mikrotik.com/ Affected Series: Hap Lite Version: 6.25 Tested on: Parrot Security OS Date: 04-3-2017...

7.3AI score
Exploits0
exploitpack
exploitpack
added 2017/03/04 12:0 a.m.18 views

Joomla! Component AYS Quiz 1.0 - id SQL Injection

Joomla! Component AYS Quiz 1.0 - id SQL Injection Exploit Title: Joomla! Component AYS Quiz v1.0 - SQL Injection Google Dork: inurl:index.php?option=comaysquiz Date: 04.03.2017 Vendor Homepage: http://ays-pro.com/ Software Buy:...

Exploits0
exploitpack
exploitpack
added 2017/03/04 12:0 a.m.14 views

Joomla! Component Monthly Archive 3.6.4 - author_form SQL Injection

Joomla! Component Monthly Archive 3.6.4 - authorform SQL Injection Exploit Title: Joomla! Component Monthly Archive v3.6.4 - SQL Injection Google Dork: inurl:index.php?option=commonthlyarchive Date: 04.03.2017 Vendor Homepage: http://web357.eu/ Software Buy:...

0.5AI score
Exploits0
exploitpack
exploitpack
added 2017/03/04 12:0 a.m.19 views

Joomla! Component AltaUserPoints 1.1 - userid SQL Injection

Joomla! Component AltaUserPoints 1.1 - userid SQL Injection Exploit Title: Joomla! Component AltaUserPoints v1.1 - SQL Injection Google Dork: inurl:index.php?option=comaltauserpoints Date: 04.03.2017 Vendor Homepage: https://www.nordmograph.com/ Software:...

0.4AI score
Exploits0
exploitpack
exploitpack
added 2017/03/04 12:0 a.m.22 views

FTPShell Client 6.53 - Remote Buffer Overflow

FTPShell Client 6.53 - Remote Buffer Overflow Exploit Title: FTPShell Client 6.53 buffer overflow on making initial connection Date: 2017-03-04 Exploit Author: Peter Baris Vendor Homepage: http://www.saptech-erp.com.au Software Link: http://www.ftpshell.com/downloadclient.htm Version: Windows...

7.5CVSS0.6AI score0.50315EPSS
Exploits6
exploitpack
exploitpack
added 2017/03/04 12:0 a.m.20 views

Joomla! Component Content ConstructionKit 1.1 - SQL Injection

Joomla! Component Content ConstructionKit 1.1 - SQL Injection Exploit Title: Joomla! Component Content ConstructionKit v1.1 - SQL Injection Google Dork: inurl:index.php?option=comoscck Date: 04.03.2017 Vendor Homepage: http://ordasoft.com/ Software Buy:...

0.1AI score
Exploits0
exploitpack
exploitpack
added 2017/03/04 12:0 a.m.15 views

Joomla! Component JUX EventOn 1.0.1 - id SQL Injection

Joomla! Component JUX EventOn 1.0.1 - id SQL Injection Exploit Title: Joomla! Component JUX EventOn v1.0.1 - SQL Injection Google Dork: inurl:index.php?option=comjuxeventon Date: 04.03.2017 Vendor Homepage: http://joomlaux.com/ Software Buy:...

0.1AI score
Exploits0
exploitpack
exploitpack
added 2017/03/03 12:0 a.m.25 views

EPSON TMNet WebConfig 1.00 - Cross-Site Scripting

EPSON TMNet WebConfig 1.00 - Cross-Site Scripting Exploit Title: Persistent XSS in EPSON TMNet WebConfig Ver. 1.00 Google Dork: intitle:"EPSON TMNet WebConfig Ver.1.00" Date: 3/3/2017 Exploit Author: Michael Benich Vendor Homepage: https://www.epson-biz.com/ Software Link:...

4.3CVSS6.1AI score0.03329EPSS
Exploits5
exploitpack
exploitpack
added 2017/03/03 12:0 a.m.34 views

pfSense 2.3.2 - Cross-Site Scripting Cross-Site Request Forgery

pfSense 2.3.2 - Cross-Site Scripting Cross-Site Request Forgery Exploit Title: pfSense 2.3.2 XSS - CSRF-bypass & Reverse-root-shell Date: 01/03/2017 Author: Yann CAM @ASafety / Synetis Vendor or Software Link: www.pfsense.org Version: 2.3.2 Category: XSS, CSRF-bypass and Remote root reverse-shell...

0.7AI score
Exploits0
exploitpack
exploitpack
added 2017/03/03 12:0 a.m.16 views

Joomla! Component Coupon 3.5 - SQL Injection

Joomla! Component Coupon 3.5 - SQL Injection Exploit Title: Joomla! Component Coupon v3.5 - SQL Injection Google Dork: inurl:index.php?option=comcoupon Date: 03.03.2017 Vendor Homepage: http://joomla6teen.com/ Software:...

0.2AI score
Exploits0
exploitpack
exploitpack
added 2017/03/03 12:0 a.m.15 views

WordPress 4.7.1 - Username Enumeration

WordPress 4.7.1 - Username Enumeration !usr/bin/php...

0.1AI score
Exploits0
exploitpack
exploitpack
added 2017/03/03 12:0 a.m.71 views

WordPress Multiple Plugins - Arbitrary File Upload

WordPress Multiple Plugins - Arbitrary File Upload import requests import random import string print "---------------------------------------------------------------------" print "Multiple Wordpress Plugin - Remote File Upload Exploit\nDiscovery: Larry W. Cashdollar\nExploit Author: Munir...

7.5CVSS0.3AI score0.27448EPSS
Exploits12
exploitpack
exploitpack
added 2017/03/02 12:0 a.m.15 views

Joomla! Component Guesser 1.0.4 - type SQL Injection

Joomla! Component Guesser 1.0.4 - type SQL Injection Exploit Title: Joomla! Component Guesser v1.0.4 - SQL Injection Google Dork: inurl:index.php?option=comguesser Date: 02.03.2017 Vendor Homepage: http://www.bitsgeo.com/ Software:...

0.3AI score
Exploits0
exploitpack
exploitpack
added 2017/03/02 12:0 a.m.16 views

Joomla! Component StreetGuessr Game 1.0 - SQL Injection

Joomla! Component StreetGuessr Game 1.0 - SQL Injection Exploit Title: Joomla! Component StreetGuessr Game v1.0 - SQL Injection Google Dork: inurl:index.php?option=comstreetguess Date: 02.03.2017 Vendor Homepage: https://www.nordmograph.com/ Software:...

0.5AI score
Exploits0
exploitpack
exploitpack
added 2017/03/02 12:0 a.m.18 views

Joomla! Component Abstract 2.1 - SQL Injection

Joomla! Component Abstract 2.1 - SQL Injection Exploit Title: Joomla! Component Abstract v2.1 - SQL Injection Google Dork: inurl:index.php?option=comabstract Date: 02.03.2017 Vendor Homepage: http://joomla6teen.com/ Software:...

0.2AI score
Exploits0
exploitpack
exploitpack
added 2017/03/02 12:0 a.m.10 views

Php Classified OLX Clone Script - category SQL Injection

Php Classified OLX Clone Script - category SQL Injection Exploit Title: Php Classified OLX Clone Script - SQL Injection Google Dork: N/A Date: 02.03.2017 Vendor Homepage: https://wptit.com/ Software: https://wptit.com/portfolio/php-classified-website-sale/ Demo: http://www.adsthem.com/ Version: N...

0.4AI score
Exploits0
exploitpack
exploitpack
added 2017/03/02 12:0 a.m.21 views

MDwiki 0.6.2 - Cross-Site Scripting

MDwiki 0.6.2 - Cross-Site Scripting Originally thought that only a problem with Tencent's site implementation, the black brother reminded me to look at the Github address in the source code, only to find the open source MDwiki universal system. MDwiki is a wiki/CMS system built entirely on...

6.8AI score
Exploits0
exploitpack
exploitpack
added 2017/03/02 12:0 a.m.47 views

Conext ComBox 865-1058 - Denial of Service

Conext ComBox 865-1058 - Denial of Service Exploit Title: Conext ComBox - Denial of Service HTTP-POST Description: The exploit cause the device to self-reboot, constituting a denial of service. Google Dork: "Conext ComBox" + "JavaScript was not detected" /OR/ "Conext ComBox" + "Recover Lost...

7.8CVSS7.6AI score0.36943EPSS
Exploits4
exploitpack
exploitpack
added 2017/03/02 12:0 a.m.20 views

Joomla! Component Recipe Manager 2.2 - id SQL Injection

Joomla! Component Recipe Manager 2.2 - id SQL Injection Exploit Title: Joomla! Component Recipe Manager v2.2 - SQL Injection Google Dork: inurl:index.php?option=comrecipe Date: 02.03.2017 Vendor Homepage: http://joomla6teen.com/ Software:...

0.3AI score
Exploits0
exploitpack
exploitpack
added 2017/03/01 12:54 p.m.10 views

TKuAouLQ18wWbEE

A Remote Browser's Agent XSS is a piece of software that allows a remote "operator" to control a browser as if he has physical access to that system. While desktop sharing and remote administration have many legal uses, "XSS" software is usually associated with criminal or malicious activity...

2.9AI score
Exploits0
exploitpack
exploitpack
added 2017/03/01 12:41 p.m.14 views

W3Nq7SouaoBZLpS

A Remote Browser's Agent XSS is a piece of software that allows a remote "operator" to control a browser as if he has physical access to that system. While desktop sharing and remote administration have many legal uses, "XSS" software is usually associated with criminal or malicious activity...

2.9AI score
Exploits0
exploitpack
exploitpack
added 2017/03/01 12:0 a.m.31 views

WordPress Plugin User Login Log 2.2.1 - Cross-Site Scripting

WordPress Plugin User Login Log 2.2.1 - Cross-Site Scripting Source: https://sumofpwn.nl/advisory/2016/storedcrosssitescriptingvulnerabilityinuserloginlogwordpressplugin.html Abstract A stored Cross-Site Scripting vulnerability was found in the User Login Log WordPress Plugin. This issue can be...

Exploits0
exploitpack
exploitpack
added 2017/03/01 12:0 a.m.44 views

WordPress Plugin File Manager 3.0.1 - Cross-Site Request Forgery

WordPress Plugin File Manager 3.0.1 - Cross-Site Request Forgery !-- Source: https://sumofpwn.nl/advisory/2016/crosssiterequestforgeryinfilemanagerwordpressplugin.html Abstract A Cross-Site Request Forgery CSRF vulnerability was found in the File Manager WordPress Plugin. Among others, this issue...

1AI score
Exploits0
exploitpack
exploitpack
added 2017/03/01 12:0 a.m.39 views

WordPress Plugin Contact Form Manager - Cross-Site Request Forgery Cross-Site Scripting

WordPress Plugin Contact Form Manager - Cross-Site Request Forgery Cross-Site Scripting !-- Source: https://sumofpwn.nl/advisory/2016/crosssiterequestforgerycrosssitescriptingincontactformmanagerwordpressplugin.html Abstract It was discovered that Contact Form Manager does not protect against...

0.7AI score
Exploits0
exploitpack
exploitpack
added 2017/03/01 12:0 a.m.51 views

Aruba AirWave 8.2.3 - XML External Entity Injection Cross-Site Scripting

Aruba AirWave 8.2.3 - XML External Entity Injection Cross-Site Scripting SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: XML External Entity Injection XXE, Reflected Cross Site Scripting product: Aruba AirWave vulnerab...

4.3CVSS0.7AI score0.13164EPSS
Exploits6
exploitpack
exploitpack
added 2017/03/01 12:0 a.m.24 views

WordPress Plugin NewStatPress 1.2.4 - Cross-Site Scripting

WordPress Plugin NewStatPress 1.2.4 - Cross-Site Scripting Source: https://sumofpwn.nl/advisory/2016/persistentcrosssitescriptinginthewordpressnewstatpressplugin.html Abstract A persistent Cross-Site Scripting XSS vulnerability has been found in the WordPress NewStatPress plugin. By using this...

Exploits0
exploitpack
exploitpack
added 2017/03/01 12:0 a.m.18 views

SchoolDir - SQL Injection

SchoolDir - SQL Injection Exploit Title: SchoolDir - SQL Injection Google Dork: N/A Date: 01.03.2017 Vendor Homepage: http://www.brynamics.xyz/ Software: https://codecanyon.net/item/schooldir/19326269 Demo: http://www.brynamics.xyz/schooldir/ Version: N/A Tested on: Win7 x64, Kali Linux x64 Explo...

0.2AI score
Exploits0
exploitpack
exploitpack
added 2017/03/01 12:0 a.m.8 views

Rage Faces Script 1.3 - SQL Injection

Rage Faces Script 1.3 - SQL Injection Exploit Title: Rage Faces Script v1.3 - SQL Injection Google Dork: N/A Date: 01.03.2017 Vendor Homepage: http://www.memesoftware.com/ Software: http://www.memesoftware.com/ragefaces.php Demo: http://ragefaces.memesoftware.com/ Version: 1.3 Tested on: Win7 x64...

0.6AI score
Exploits0
exploitpack
exploitpack
added 2017/03/01 12:0 a.m.38 views

D-Link DSL-2730U Wireless N 150 - Cross-Site Request Forgery

D-Link DSL-2730U Wireless N 150 - Cross-Site Request Forgery Author : B GOVIND Exploit Title : DLink DSL-2730U Wireless N 150, Change DNS Configuration bypassing ‘admin’ privilege Date : 01-03-2017 Vendor Homepage : http://www.dlink.co.in Firmware Link : ftp://support.dlink.co.in/firmware/DSL-273...

6.8CVSS0.4AI score0.02982EPSS
Exploits5
exploitpack
exploitpack
added 2017/03/01 12:0 a.m.12 views

Meme Maker Script 2.1 - user SQL Injection

Meme Maker Script 2.1 - user SQL Injection Exploit Title: Meme Maker Script 2.1 - SQL Injection Google Dork: N/A Date: 01.03.2017 Vendor Homepage: http://www.memesoftware.com/ Software: http://www.memesoftware.com/mememaker.php Demo: http://www.memefaces.me/ Version: 2.1 Tested on: Win7 x64, Kali...

0.6AI score
Exploits0
exploitpack
exploitpack
added 2017/03/01 12:0 a.m.37 views

WordPress Plugin Global Content Blocks 2.1.5 - Cross-Site Request Forgery

WordPress Plugin Global Content Blocks 2.1.5 - Cross-Site Request Forgery !-- Source: https://sumofpwn.nl/advisory/2016/crosssiterequestforgeryinglobalcontentblockswordpressplugin.html Abstract It was discovered that the Global Content Blocks WordPress Plugin is vulnerable to Cross-Site Request...

0.2AI score
Exploits0
exploitpack
exploitpack
added 2017/03/01 12:0 a.m.42 views

WordPress Plugin Popup by Supsystic 1.7.6 - Cross-Site Request Forgery

WordPress Plugin Popup by Supsystic 1.7.6 - Cross-Site Request Forgery !-- Source: https://sumofpwn.nl/advisory/2016/popupbysupsysticwordpresspluginvulnerabletocrosssiterequestforgery.html Abstract A Cross-site Request Forgery vulnerablity exists in the Popup by Supsystic WordPress Plugin. This...

0.2AI score
Exploits0
exploitpack
exploitpack
added 2017/02/28 12:0 a.m.17 views

BlueIris 4.5.1.4 - Denial of Service

BlueIris 4.5.1.4 - Denial of Service import socket Title: BlueIris - Denial of Service Date: 2017-02-28 Exploit Author: Peter Baris Vendor Homepage: http://www.saptech-erp.com.au Software Link: http://blueirissoftware.com/blueiris.exe Version: 4.5.1.4 Tested on: Windows Server 2008 R2 Standard x6...

7.3AI score
Exploits0
exploitpack
exploitpack
added 2017/02/28 12:0 a.m.13 views

SysGauge 1.5.18 - Remote Buffer Overflow

SysGauge 1.5.18 - Remote Buffer Overflow Exploit Title: SysGauge 1.5.18 – buffer overflow in SMTP connection verification function leads to code execution Date: 2017-02-28 Exploit Author: Peter Baris Vendor Homepage: http://www.saptech-erp.com.au Software Link:...

1.2AI score
Exploits0
exploitpack
exploitpack
added 2017/02/28 12:0 a.m.25 views

Synchronet BBS 3.16c - Denial of Service

Synchronet BBS 3.16c - Denial of Service Exploit Title: Synchronet BBS 3.16c for Windows – Multiple vulnerabilities Date: 2017-02-28 Exploit Author: Peter Baris Vendor Homepage: http://www.saptech-erp.com.au Software Link: ftp://synchro.net/Synchronet/sbbs316c.zip Version: 3.16c for Windows Teste...

5CVSS0.04676EPSS
Exploits5
exploitpack
exploitpack
added 2017/02/28 12:0 a.m.74 views

Cisco AnyConnect Secure Mobility Client 4.3.04027 - Local Privilege Escalation

Cisco AnyConnect Secure Mobility Client 4.3.04027 - Local Privilege Escalation Exploit Title: Cisco AnyConnect Start Before Logon SBL local privilege escalation. CVE-2017-3813 Date: 02/27/2017 Exploit Author: @Pcchillin Software Link:...

7.2CVSS0.8AI score0.01711EPSS
Exploits5
exploitpack
exploitpack
added 2017/02/28 12:0 a.m.37 views

Sophos Web Appliance 4.3.1.1 - Session Fixation

Sophos Web Appliance 4.3.1.1 - Session Fixation Exploit Title: Sophos Secure Web Appliance Session Fixation Vulnerability Date: 28/02/2017 Exploit Author: SlidingWindow , Twitter: @KapilKhot Vendor Homepage: https://www.sophos.com/en-us/products/secure-web-gateway.aspx Version: Tested on Sophos W...

6.8CVSS0.3AI score0.07538EPSS
Exploits4
Total number of security vulnerabilities41207