Lucene search
K
ExploitpackRecent

41207 matches found

exploitpack
exploitpack
added 2019/03/01 12:0 a.m.13 views

WordPress Core 5.0 - Remote Code Execution

WordPress Core 5.0 - Remote Code Execution var wpnonce = ''; var ajaxnonce = ''; var wpattachedfile = ''; var imgurl = ''; var postajaxdata = ''; var postid = 0; var cmd = '?php phpinfo;/'; var cmdlen = cmd.length var payload = '\xff\xd8\xff\xed\x004Photoshop...

Exploits0
exploitpack
exploitpack
added 2019/03/01 12:0 a.m.31 views

Linux 4.14.103 4.19.25 - Out-of-Bounds Read and Write in SNMP NAT Module

Linux 4.14.103 4.19.25 - Out-of-Bounds Read and Write in SNMP NAT Module commit cc2d58634e0f "netfilter: nfnatsnmpbasic: use asn1 decoder library", first in 4.16 changed the nfnatsnmpbasic module which, when enabled, parses and modifies the ASN.1-encoded payloads of SNMP messages so that the...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2019/03/01 12:0 a.m.22 views

macOS XNU - Copy-on-Write Behavior Bypass via Mount of User-Owned Filesystem Image

macOS XNU - Copy-on-Write Behavior Bypass via Mount of User-Owned Filesystem Image XNU has various interfaces that permit creating copy-on-write copies of data between processes, including out-of-line message descriptors in mach messages. It is important that the copied memory is protected agains...

0.5AI score
Exploits0
exploitpack
exploitpack
added 2019/03/01 12:0 a.m.44 views

Google Chrome M72 - Use-After-Free in RenderProcessHostImpl Binding for P2PSocketDispatcherHost

Google Chrome M72 - Use-After-Free in RenderProcessHostImpl Binding for P2PSocketDispatcherHost There's an object-lifetime issue in the browser process in the handling of P2PSocketDispatcherHost binding in parallel with OnBloatedRenderer event handling. In RenderProcessHostImpl, we have a uniquep...

0.2AI score
Exploits0
exploitpack
exploitpack
added 2019/02/28 12:0 a.m.25 views

FTP Server 1.32 - Denial of Service

FTP Server 1.32 - Denial of Service !/usr/bin/env python coding: utf-8 Author: Marcelo Vázquez aka s4vitar FTP Server 1.32 Remote Denial of Service DoS Exploit Title: FTP Server 1.32 Remote Denial of Service DoS Date: 2019-02-26 Exploit Author: Marcelo Vázquez aka s4vitar Vendor: The Olive Tree...

7.3AI score
Exploits0
exploitpack
exploitpack
added 2019/02/28 12:0 a.m.273 views

Alcatel-Lucent (Nokia) GPON I-240W-Q - Buffer Overflow

Alcatel-Lucent Nokia GPON I-240W-Q - Buffer Overflow !/usr/bin/python3 import argparse import requests import urllib.parse import binascii import re def runtarget: """ Execute exploitation """ We're using CVE-2018-10561 and/or it's extension in order to exploit this Authenticated RCE in usbForm...

7.5CVSS0.8AI score0.93316EPSS
Exploits7
exploitpack
exploitpack
added 2019/02/28 12:0 a.m.29 views

Usermin 1.750 - Remote Command Execution (Metasploit)

Usermin 1.750 - Remote Command Execution Metasploit This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' require 'uri' class MetasploitModule 'Usermin 1.750 - Remote Command Execution', 'Description' = %q...

7.7AI score
Exploits0
exploitpack
exploitpack
added 2019/02/28 12:0 a.m.17 views

Simple Online Hotel Reservation System - Cross-Site Request Forgery (Add Admin)

Simple Online Hotel Reservation System - Cross-Site Request Forgery Add Admin Exploit Title: Simple Online Hotel Reservation System - Cross-Site Request Forgery Add Admin Exploit Author: Mr Winst0n Author E-mail: [email protected] Discovery Date: February 25, 2019 Vendor Homepage:...

0.1AI score
Exploits0
exploitpack
exploitpack
added 2019/02/28 12:0 a.m.21 views

TransMac 12.3 - Denial of Service (PoC)

TransMac 12.3 - Denial of Service PoC -- coding: utf-8 -- Exploit Title: TransMac 12.3 - 'Volume name' Denial of Service PoC Date: 27/02/2019 Author: Alejandra Sánchez Vendor Homepage: https://www.acutesystems.com/ Software Link: https://www.acutesystems.com/tmac/tmsetup.exe Version: 12.3 Tested...

0.5AI score
Exploits0
exploitpack
exploitpack
added 2019/02/28 12:0 a.m.16 views

Feng Office 3.7.0.5 - Remote Command Execution (Metasploit)

Feng Office 3.7.0.5 - Remote Command Execution Metasploit This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' require 'uri' class MetasploitModule 'Feng Office 3.7.0.5 - Unauthenticated Remote Command...

7.7AI score
Exploits0
exploitpack
exploitpack
added 2019/02/28 12:0 a.m.11 views

Simple Online Hotel Reservation System - SQL Injection

Simple Online Hotel Reservation System - SQL Injection Exploit Title: Simple Online Hotel Reservation System - SQL Injection / Authentication Bypass Exploit Author: Mr Winst0n Author E-mail: [email protected] Discovery Date: February 25, 2019 Vendor Homepage: https://code-projects.org/...

0.3AI score
Exploits0
exploitpack
exploitpack
added 2019/02/28 12:0 a.m.17 views

Simple Online Hotel Reservation System - Cross-Site Request Forgery (Delete Admin)

Simple Online Hotel Reservation System - Cross-Site Request Forgery Delete Admin Exploit Title: Simple Online Hotel Reservation System - Cross-Site Request Forgery Delete Admin Exploit Author: Mr Winst0n Author E-mail: [email protected] Discovery Date: February 25, 2019 Vendor Homepage:...

0.3AI score
Exploits0
exploitpack
exploitpack
added 2019/02/28 12:0 a.m.30 views

WebKitGTK 2.23.90 WebKitGTK+ 2.22.6 - Denial of Service

WebKitGTK 2.23.90 WebKitGTK+ 2.22.6 - Denial of Service Exploit Title: Buffer overflow Date: 27-02-2019 Exploit Author: Dhiraj Mishra Vendor Homepage: https://webkit.org/ Software Link: https://gitlab.gnome.org/GNOME/epiphany Version: 2.23.90 Tested on: Linux 4.15.0-38-generic CVE: CVE-2019-8375...

7.5CVSS9.3AI score0.16113EPSS
Exploits4
exploitpack
exploitpack
added 2019/02/28 12:0 a.m.35 views

Joomla! Component J2Store 3.3.7 - SQL Injection

Joomla! Component J2Store 3.3.7 - SQL Injection Exploit Title: J2Store Plugin for Joomla! 3.3.6 - SQL Injection Date: 19/02/2019 Author: Andrei Conache Twitter: @andreiconache Contact: andrei.conacheatprotonmail.com Software Link: https://www.j2store.org Version: 3.x-3.3.6 Tested on: Linux CVE:...

7.5CVSS0.3AI score0.0898EPSS
Exploits5
exploitpack
exploitpack
added 2019/02/27 12:0 a.m.644 views

PHP 7.2 - imagecolormatch() Out of Band Heap Write

PHP 7.2 - imagecolormatch Out of Band Heap Write &c= Example: GET/POST /exploit.php?f=0x7fe83d1bb480&c=id++/dev/shm/titi Target: PHP 7.2.x Tested on: PHP 7.2.12 / buf = unsigned long safeemallocsizeofunsigned long, 5 im2-colorsTotal, 0; for x=0; xsx; x++ for y=0; ysy; y++ color = im2-pixelsyx; rg...

6.8CVSS9AI score0.65116EPSS
Exploits7
exploitpack
exploitpack
added 2019/02/25 12:0 a.m.61 views

Jenkins Plugin Script Security 1.49Declarative 1.3.4Groovy 2.60 - Remote Code Execution

Jenkins Plugin Script Security 1.49Declarative 1.3.4Groovy 2.60 - Remote Code Execution !/usr/bin/env python Exploit Title : jenkins-preauth-rce-exploit.py Date : 02/23/2019 Authors : wetw0rk & 0xtavian Vendor Homepage : https://jenkins.oi Software Link : https://jenkins.io/download/ Tested on :...

6.5CVSS8.4AI score0.98428EPSS
Exploits17
exploitpack
exploitpack
added 2019/02/25 12:0 a.m.39 views

zzzphp CMS 1.6.1 - Remote Code Execution

zzzphp CMS 1.6.1 - Remote Code Execution Exploit Title: dynamic code evaluation of zzzphp cms 1.6.1 Google Dork: intext:"2015-2019 zzcms.com" Date: 24/02/2019 Exploit Author: Yang Chenglong Vendor Homepage: http://www.zzzcms.com/index.html Software Link: http://115.29.55.18/zzzphp.zip Version:...

6.5CVSS0.1AI score0.31421EPSS
Exploits8
exploitpack
exploitpack
added 2019/02/25 12:0 a.m.15 views

News Website Script 2.0.5 - SQL Injection

News Website Script 2.0.5 - SQL Injection Exploit Title: News Website Script 2.0.5 - SQL Injection Exploit Author: Mr Winst0n Author E-mail: [email protected] Discovery Date: February 22, 2019 Vendor Homepage: http://www.phpscriptsmall.com/ Software Link :...

8.6AI score
Exploits0
exploitpack
exploitpack
added 2019/02/25 12:0 a.m.24 views

Xlight FTP Server 3.9.1 - Buffer Overflow (PoC)

Xlight FTP Server 3.9.1 - Buffer Overflow PoC Exploit Title: Xlight 3.9.1 FTP Server SEH Overwrite Google Dork: N/A Date: 2019-02-24 Exploit Author: Logan Whitmire Vendor Homepage: https://www.xlightftpd.com/index.htm Software Link: https://www.xlightftpd.com/download/xlight.zip Version: 3.9.1...

0.3AI score
Exploits0
exploitpack
exploitpack
added 2019/02/25 12:0 a.m.30 views

Advance Gift Shop Pro Script 2.0.3 - SQL Injection

Advance Gift Shop Pro Script 2.0.3 - SQL Injection Exploit Title: Advance Gift Shop Pro Script 2.0.3 - SQL Injection Exploit Author: Mr Winst0n Author E-mail: [email protected] Discovery Date: February 21, 2019 Vendor Homepage: http://www.phpscriptsmall.com/ Software Link :...

0.6AI score
Exploits0
exploitpack
exploitpack
added 2019/02/25 12:0 a.m.14 views

PHP Ecommerce Script 2.0.6 - Cross-Site Scripting SQL Injection

PHP Ecommerce Script 2.0.6 - Cross-Site Scripting SQL Injection Exploit Title: PHP Ecommerce Script 2.0.6 - Cross Site Scripting / SQL Injection Exploit Author: Mr Winst0n Author E-mail: [email protected] Discovery Date: February 22, 2019 Vendor Homepage: http://www.phpscriptsmall.com/...

0.3AI score
Exploits0
exploitpack
exploitpack
added 2019/02/25 12:0 a.m.77 views

Drupal 8.6.9 - REST Module Remote Code Execution

Drupal 8.6.9 - REST Module Remote Code Execution !/usr/bin/env python3 CVE-2019-6340 Drupal = 8.6.9 REST services RCE PoC 2019 @leonjza Technical details for this exploit is available at: https://www.drupal.org/sa-core-2019-003 https://www.ambionics.io/blog/drupal8-rce...

6.8CVSS8.5AI score0.91919EPSS
Exploits22
exploitpack
exploitpack
added 2019/02/23 12:0 a.m.51 views

Drupal 8.6.10 8.5.11 - REST Module Remote Code Execution

Drupal 8.6.10 8.5.11 - REST Module Remote Code Execution Analyzing the patch By diffing Drupal 8.6.9 and 8.6.10, we can see that in the REST module, FieldItemNormalizer now uses a new trait, SerializedColumnNormalizerTrait. This trait provides the checkForSerializedStrings method, which in short...

8.1AI score
Exploits0
exploitpack
exploitpack
added 2019/02/22 12:0 a.m.39 views

Quest NetVault Backup Server 11.4.5 - Process Manager Service SQL Injection Remote Code Execution

Quest NetVault Backup Server 11.4.5 - Process Manager Service SQL Injection Remote Code Execution Exploit Title: Quest NetVault Backup Server 11.4.5 Process Manager Service SQL Injection Remote Code Execution Vulnerability ZDI-17-982 Date: 2-21-2019 Exploit Author: credit goes to rgod for finding...

7.5CVSS0.6AI score0.10001EPSS
Exploits5
exploitpack
exploitpack
added 2019/02/22 12:0 a.m.29 views

Teracue ENC-400 - Command Injection Missing Authentication

Teracue ENC-400 - Command Injection Missing Authentication Introduction ============ Multiple vulnerabilities were identified within the Teracue ENC-400, including pre-authenticated remote code authentication. While the vendor has released updated firmware after these issues were identified, they...

10CVSS0.5AI score0.15362EPSS
Exploits5
exploitpack
exploitpack
added 2019/02/22 12:0 a.m.8 views

WinRAR 5.61 - Path Traversal

WinRAR 5.61 - Path Traversal !/usr/bin/env python3 import os import re import zlib import binascii The archive filename you want rarfilename = "test.rar" The evil file you want to run evilfilename = "calc.exe" The decompression path you want, such shown below targetfilename =...

0.6AI score
Exploits0
exploitpack
exploitpack
added 2019/02/22 12:0 a.m.70 views

Micro Focus Filr 3.4.0.217 - Path Traversal Local Privilege Escalation

Micro Focus Filr 3.4.0.217 - Path Traversal Local Privilege Escalation SecureAuth - SecureAuth Labs Advisory http://www.secureauth.com/ Micro Focus Filr Multiple Vulnerabilities 1. Advisory Information Title: Micro Focus Filr Multiple Vulnerabilities Advisory ID: SAUTH-2019-0001 Advisory URL:...

7.2CVSS0.1AI score0.08951EPSS
Exploits4
exploitpack
exploitpack
added 2019/02/22 12:0 a.m.18 views

WebKit JSC - reifyStaticProperty Needs to set the PropertyAttribute::CustomAccessor flag for CustomGetterSetter

WebKit JSC - reifyStaticProperty Needs to set the PropertyAttribute::CustomAccessor flag for CustomGetterSetter / https://github.com/WebKit/webkit/blob/3fff8c40c665a09de5e3ede46fc35908f69353c3/Source/JavaScriptCore/runtime/Lookup.hL392 if value.attributes & PropertyAttribute::PropertyCallback...

7.2AI score
Exploits0
exploitpack
exploitpack
added 2019/02/21 12:0 a.m.17 views

RealTerm Serial Terminal 2.0.0.70 - Echo Port Buffer Overflow (SEH)

RealTerm Serial Terminal 2.0.0.70 - Echo Port Buffer Overflow SEH Exploit Title: RealTerm: Serial Terminal 2.0.0.70 - 'Echo Port' Buffer Overflow - SEH Date: 21.02.2019 Exploit Author: Matteo Malvica Vendor Homepage: https://realterm.sourceforge.io/ Software Link:...

0.1AI score
Exploits0
exploitpack
exploitpack
added 2019/02/21 12:0 a.m.21 views

Memu Play 6.0.7 - Privilege Escalation

Memu Play 6.0.7 - Privilege Escalation Exploit Title: Memu Play 6.0.7 - Privilege Escalation PoC Date: 20/02/2019 Author: Alejandra Sánchez Vendor Homepage: https://www.memuplay.com/ Software Link: https://www.memuplay.com/download-en.php?filename=Memu-Setup&from=officialrelease Version: 6.0.7...

0.6AI score
Exploits0
exploitpack
exploitpack
added 2019/02/21 12:0 a.m.23 views

ScreenStream 3.0.15 - Denial of Service

ScreenStream 3.0.15 - Denial of Service !/usr/bin/python coding: utf-8 Author: Marcelo Vázquez aka s4vitar ScreenStream 3.0.15 Remote Denial of Service DoS Exploit Title: ScreenStream 3.0.15 Remote Denial of Service DoS Date: 2019-02-21 Exploit Author: Marcelo Vázquez aka s4vitar Vendor Homepage:...

Exploits0
exploitpack
exploitpack
added 2019/02/21 12:0 a.m.36 views

C4G Basic Laboratory Information System (BLIS) 3.4 - SQL Injection

C4G Basic Laboratory Information System BLIS 3.4 - SQL Injection Exploit Title: C4G Basic Laboratory Information System BLIS 3.4 - Multiples SQL Injection Date: 01/31/2019 Software Links/Project: https://github.com/C4G/BLIS | http://blis.cc.gatech.edu/index.php Version: C4G Basic Laboratory...

8.6AI score
Exploits0
exploitpack
exploitpack
added 2019/02/21 12:0 a.m.17 views

Virtual VCR Max .0a - .vcr Buffer Overflow (PoC)

Virtual VCR Max .0a - .vcr Buffer Overflow PoC !/usr/bin/python Exploit Title: VirtualVCR-Max .0a Overflow PoC Google Dork: N/A Date: 21/02/2019 Exploit Author: Wade Guest Vendor Homepage: http://virtualvcr.sourceforge.net/ Software Link: https://sourceforge.net/projects/virtualvcr/ Version: Max...

0.3AI score
Exploits0
exploitpack
exploitpack
added 2019/02/21 12:0 a.m.24 views

AirDrop 2.0 - Denial of Service (DoS)

AirDrop 2.0 - Denial of Service DoS include include include include include include include include include include include // // Author: Marcelo Vázquez aka s4vitar // AirDrop 2.0 Remote Denial of Service DoS // // Exploit Title: AirDrop 2.0 Remote Denial of Service DoS // Date: 2019-02-21 //...

7.3AI score
Exploits0
exploitpack
exploitpack
added 2019/02/21 12:0 a.m.46 views

Valentina Studio 9.0.5 Linux - Host Buffer Overflow (PoC)

Valentina Studio 9.0.5 Linux - Host Buffer Overflow PoC -- coding: utf-8 -- Exploit Title: Valentina Studio 9.0.5 Linux - 'Host' Buffer Overflow PoC Date: 20/02/2019 Author: Alejandra Sánchez Vendor Homepage: https://valentina-db.com/en/ Software Link:...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2019/02/21 12:0 a.m.16 views

EI-Tube 3 - SQL Injection

EI-Tube 3 - SQL Injection Exploit Title: PHP EI-Tube Script - Sql Injection Date: 2019-02-21 Exploit Author: Meisam Monsef - [email protected] Vendor Homepage: https://codecanyon.net/item/eitube-youtube-api-v3-site-builder/22722912?srank=17 Version: 3 Tested on: ubuntu special thanks : Alireza...

8.6AI score
Exploits0
exploitpack
exploitpack
added 2019/02/21 12:0 a.m.138 views

MikroTik RouterOS 6.43.12 (stable) 6.42.12 (long-term) - Firewall and NAT Bypass

MikroTik RouterOS 6.43.12 stable 6.42.12 long-term - Firewall and NAT Bypass CVE-2019-3924 A remote, unauthenticated attacker can proxy traffic through RouterOS via probes sent to the agent binary. This PoC demonstrates how to exploit a LAN host from the WAN. A video demonstrating the attack can ...

5CVSS0.4AI score0.15697EPSS
Exploits4
exploitpack
exploitpack
added 2019/02/20 12:0 a.m.14 views

FTPShell Server 6.83 - Account name to ban Denial of Service (PoC)

FTPShell Server 6.83 - Account name to ban Denial of Service PoC Exploit Title: FTPShell Server 6.83 - Denial of Service PoC Discovery by: Victor Mondragón Discovery Date: 2018-02-20 Vendor Homepage: http://www.ftpshell.com/index.htm Software Link: http://www.ftpshell.com/downloadserver.htm Teste...

0.1AI score
Exploits0
exploitpack
exploitpack
added 2019/02/20 12:0 a.m.31 views

FaceTime - Texture Processing Memory Corruption

FaceTime - Texture Processing Memory Corruption There is a memory corruption issue that occurs when processing a malformed RTP video stream in FaceTime. It appears to be related to processing textures. thread 7, stop reason = EXCBADACCESS code=EXCI386GPFLT frame 0: 0x00007fff56baaa92...

0.3AI score
Exploits0
exploitpack
exploitpack
added 2019/02/20 12:0 a.m.22 views

Android Kernel 4.8 - ptrace seccomp Filter Bypass

Android Kernel 4.8 - ptrace seccomp Filter Bypass / The seccomp.2 manpage http://man7.org/linux/man-pages/man2/seccomp.2.html documents: Before kernel 4.8, the seccomp check will not be run again after the tracer is notified. This means that, on older ker‐ nels, seccomp-based sandboxes must not...

1.3AI score
Exploits0
exploitpack
exploitpack
added 2019/02/20 12:0 a.m.47 views

HotelDruid 2.3 - Cross-Site Scripting

HotelDruid 2.3 - Cross-Site Scripting =========================================================================================== Exploit Title: Hoteldruid 2.3 - 'nsextt' XSS Injection CVE: CVE-2019-8937 Date: 18-02-2019 Exploit Author: Mehmet EMIROGLU Vendor Homepage:...

4.3CVSS6.1AI score0.1068EPSS
Exploits5
exploitpack
exploitpack
added 2019/02/20 12:0 a.m.71 views

MatrixSSL 4.0.2 - Stack Buffer Overflow Verifying x.509 Certificates

MatrixSSL 4.0.2 - Stack Buffer Overflow Verifying x.509 Certificates I happened to notice that a public X.509 certificate testcase for CVE-2014-1569 caused a stack buffer overflow in MatrixSSL. I cleaned up the testcase a bit, to make a better demonstration. You can test it with the certValidate...

7.5CVSS1.3AI score0.03182EPSS
Exploits4
exploitpack
exploitpack
added 2019/02/20 12:0 a.m.30 views

WinRAR 5.61 - .lng Denial of Service

WinRAR 5.61 - .lng Denial of Service Exploit Title: WinRAR 5.61 - Denial of Service Author: Kağan Çapar Discovery Date: 2019-02-20 Software Link: https://win-rar.com/predownload.html?spV=true&subD=true&f=wrar561tr.exe Vendor Homepage : https://www.win-rar.com Tested Version: 5.61 32 Bit Tested on...

0.2AI score
Exploits0
exploitpack
exploitpack
added 2019/02/19 12:0 a.m.22 views

Zuz Music 2.1 - zuzconsole___contact Persistent Cross-Site Scripting

Zuz Music 2.1 - zuzconsolecontact Persistent Cross-Site Scripting Exploit Title: Zuz Music 2.1 - 'zuzconsole/contact ' Persistent Cross-site Scripting Google Dork: N/A Date: 14 Feb 2019 Exploit Author: Deyaa Muhammad Author EMail: contact at deyaa.me Author Blog: http://deyaa.me Vendor Homepage:...

6.8AI score
Exploits0
exploitpack
exploitpack
added 2019/02/19 12:0 a.m.19 views

Find a Place CMS Directory 1.5 - assetsexternaldata_2.php cate SQL Injection

Find a Place CMS Directory 1.5 - assetsexternaldata2.php cate SQL Injection Exploit Title: Find a Place CMS Directory 1.5 - 'assets/external/data2.php cate' SQL Injection Google Dork: inurl:"assets/external/data.php" Date: 14 Feb 2019 Exploit Author: Deyaa Muhammad Author EMail: contact at deyaa....

0.4AI score
Exploits0
exploitpack
exploitpack
added 2019/02/19 12:0 a.m.18 views

Jenkins Plugin Script Security 1.50Declarative 1.3.4.1Groovy 2.61.1 - Remote Code Execution (PoC)

Jenkins Plugin Script Security 1.50Declarative 1.3.4.1Groovy 2.61.1 - Remote Code Execution PoC In the exploitation, the target is always escalating the read primitive or write primitive to code execution! From the previous section, we can write malicious JAR file into remote Jenkins server by...

Exploits0
exploitpack
exploitpack
added 2019/02/19 12:0 a.m.18 views

Valentina Studio 9.0.4 - Host Denial of Service (PoC)

Valentina Studio 9.0.4 - Host Denial of Service PoC Exploit Title: Valentina Studio 9.0.4 - Denial of Service PoC Discovery by: Victor Mondragón Discovery Date: 2018-02-19 Vendor Homepage: https://valentina-db.com/en/ Software Link:...

Exploits0
exploitpack
exploitpack
added 2019/02/19 12:0 a.m.30 views

Ask Expert Script 3.0.5 - Cross Site Scripting SQL Injection

Ask Expert Script 3.0.5 - Cross Site Scripting SQL Injection Exploit Title: Ask Expert Script 3.0.5 - Cross Site Scripting / SQL Injection Exploit Author: Mr Winst0n Author E-mail: [email protected] Discovery Date: February 19, 2019 Vendor Homepage: http://www.phpscriptsmall.com/ Software...

0.3AI score
Exploits0
exploitpack
exploitpack
added 2019/02/19 12:0 a.m.9 views

NetSetMan 4.7.1 - Workgroup Denial of Service (PoC)

NetSetMan 4.7.1 - Workgroup Denial of Service PoC Exploit Title: NetSetMan 4.7.1 'Workgroup' - Denial of Service PoC Discovery by: Victor Mondragón Discovery Date: 2018-02-17 Vendor Homepage: https://www.netsetman.com/ Software Link: https://www.netsetman.com/netsetman.exe Tested Version: 4.7.1...

7.3AI score
Exploits0
exploitpack
exploitpack
added 2019/02/19 12:0 a.m.84 views

Listing Hub CMS 1.0 - pages.php id SQL Injection

Listing Hub CMS 1.0 - pages.php id SQL Injection Exploit Title: Listing Hub CMS 1.0 - 'pages.php id' SQL Injection Google Dork: inurl:"pages.php?title=privacy-policy" Date: 14 Feb 2019 Exploit Author: Deyaa Muhammad Author EMail: contact at deyaa.me Author Blog: http://deyaa.me Vendor Homepage:...

8.7AI score
Exploits0
Total number of security vulnerabilities41207