Lucene search
K
ExploitpackRecent

41207 matches found

exploitpack
exploitpack
•added 2019/02/19 12:0 a.m.•55 views

MaxxAudio Drivers WavesSysSvc64.exe 1.6.2.0 - Local Privilege Escalation

MaxxAudio Drivers WavesSysSvc64.exe 1.6.2.0 - Local Privilege Escalation Exploit Title: MaxxAudio Drivers WavesSysSvc64.exe File Permissions SYSTEM Privilege Escalation Google Dork: Date: 2/18/2019 Exploit Author: Mike Siegel @mlsiegel Vendor Homepage: https://maxx.com Software Link: Version:...

7.2CVSS0.3AI score0.00935EPSS
Exploits3
exploitpack
exploitpack
•added 2019/02/19 12:0 a.m.•19 views

eDirectory - SQL Injection

eDirectory - SQL Injection Exploit Title: Admin auth bypass, SQLi and File Disclosure Google Dork: no defacers please ! Date: March 2019 reported to vendor without response :D Exploit Author: Efren Diaz Author contact: https://twitter.com/elefr3n Vendor Homepage: https://www.edirectory.com/...

Exploits0
exploitpack
exploitpack
•added 2019/02/19 12:0 a.m.•28 views

Zoho ManageEngine Netflow Analyzer Professional 7.0.0.2 - Path Traversal Cross-Site Scripting

Zoho ManageEngine Netflow Analyzer Professional 7.0.0.2 - Path Traversal Cross-Site Scripting !-- Exploit Title: Cross Site Scripting in Zoho ManageEngine Netflow Analyzer Professional v7.0.0.2 Administration zone Date: 31-01-2019 Exploit Author: Rafael Pedrero Vendor Homepage: https://www.manage...

4.3CVSS5.2AI score0.11817EPSS
Exploits9
exploitpack
exploitpack
•added 2019/02/19 12:0 a.m.•32 views

XAMPP 5.6.8 - SQL Injection Persistent Cross-Site Scripting

XAMPP 5.6.8 - SQL Injection Persistent Cross-Site Scripting !-- Exploit Title: Cross Site Scripting in XAMPP 5.6.8 and previous Date: 17-02-2019 Exploit Author: Rafael Pedrero Vendor Homepage: https://sourceforge.net/projects/xampp/files/XAMPP%20Windows/5.6.8/ Software Link:...

7.5CVSS8.1AI score0.05665EPSS
Exploits7
exploitpack
exploitpack
•added 2019/02/19 12:0 a.m.•10 views

NetSetMan 4.7.1 - Workgroup Denial of Service (PoC)

NetSetMan 4.7.1 - Workgroup Denial of Service PoC Exploit Title: NetSetMan 4.7.1 'Workgroup' - Denial of Service PoC Discovery by: Victor Mondragón Discovery Date: 2018-02-17 Vendor Homepage: https://www.netsetman.com/ Software Link: https://www.netsetman.com/netsetman.exe Tested Version: 4.7.1...

7.3AI score
Exploits0
exploitpack
exploitpack
•added 2019/02/18 12:0 a.m.•42 views

mIRC 7.55 - Custom URI Protocol Handlers Remote Command Execution

mIRC 7.55 - Custom URI Protocol Handlers Remote Command Execution Exploit Title: RCE on mIRC 7.55 using argument injection through custom URI protocol handlers Date: 18/02/2019 Exploit Author: https://twitter.com/proofofcalc/ Vendor Homepage: https://www.mirc.com Software Link:...

6.8CVSS0.3AI score0.71776EPSS
Exploits8
exploitpack
exploitpack
•added 2019/02/18 12:0 a.m.•25 views

MISP 2.4.97 - SQL Command Execution via Command Injection in STIX Module

MISP 2.4.97 - SQL Command Execution via Command Injection in STIX Module --coding:utf-8-- Exploit Title: SQL command execution via command injection in STIX module Date: 2019-17-02 Exploit Author: Tm9jdGlz Vendor Homepage: https://www.misp-project.org/ Software link:...

9CVSS1.2AI score0.1716EPSS
Exploits5
exploitpack
exploitpack
•added 2019/02/18 12:0 a.m.•127 views

Zoho ManageEngine ServiceDesk Plus (SDP) 10.0 build 10012 - Arbitrary File Upload

Zoho ManageEngine ServiceDesk Plus SDP 10.0 build 10012 - Arbitrary File Upload Exploit Title: Zoho ManageEngine ServiceDesk Plus SDP before 10.0 build 10012 - arbitrary file upload Date: 18-02-2019 Exploit Author: Dao Duy Hung [email protected] Vendor Homepage:...

4CVSS6.8AI score0.64051EPSS
Exploits5
exploitpack
exploitpack
•added 2019/02/18 12:0 a.m.•34 views

Master IP CAM 01 3.3.4.2103 - Remote Command Execution

Master IP CAM 01 3.3.4.2103 - Remote Command Execution Exploit Title: Master IP CAM 01 Remote Command Execution Date: 09-02-2019 Remote: Yes Exploit Authors: Raffaele Sabato Contact: https://twitter.com/syrion89 Vendor: Master IP CAM Version: 3.3.4.2103 CVE: CVE-2019-8387 import sys import reques...

7.5CVSS0.5AI score0.55721EPSS
Exploits5
exploitpack
exploitpack
•added 2019/02/18 12:0 a.m.•39 views

Oracle Java Runtime Environment - Heap Out-of-Bounds Read During TTF Font Rendering in AlternateSubstitutionSubtable::process

Oracle Java Runtime Environment - Heap Out-of-Bounds Read During TTF Font Rendering in AlternateSubstitutionSubtable::process A heap-based out-of-bounds read was observed in Oracle Java Runtime Environment version 8u202 latest at the time of this writing while fuzz-testing the processing of...

0.4AI score
Exploits0
exploitpack
exploitpack
•added 2019/02/18 12:0 a.m.•84 views

MMonit 3.7.2 - Privilege Escalation

MMonit 3.7.2 - Privilege Escalation !/usr/env/python3 """ Vulnerability title: M/Monit = 3.7.2 - Privilege Escalation Author: Dolev Farhi Vulnerable version: 2.0.151021 Link: https://mmonit.com Date: 2/17/2019 """ import sys import requests MMONITURL = 'http://ip.add.re.ss:8080' MMONITUSER =...

0.3AI score
Exploits0
exploitpack
exploitpack
•added 2019/02/18 12:0 a.m.•29 views

NBMonitor 1.6.5.0 - Key Denial of Service (PoC)

NBMonitor 1.6.5.0 - Key Denial of Service PoC -- coding: utf-8 -- Exploit Title: NBMonitor 1.6.5 - 'Key' Denial of Service PoC Date: 15/02/2019 Author: Alejandra Sánchez Vendor Homepage: http://www.nsauditor.com/ Software Link: http://www.nbmonitor.com/downloads/nbmonitorsetup.exe Version: 1.6.5....

7.3AI score
Exploits0
exploitpack
exploitpack
•added 2019/02/18 12:0 a.m.•47 views

WordPress Plugin WooCommerce - GloBee (cryptocurrency) Payment Gateway 1.1.1 - Payment Bypass Unauthorized Order Status Spoofing

WordPress Plugin WooCommerce - GloBee cryptocurrency Payment Gateway 1.1.1 - Payment Bypass Unauthorized Order Status Spoofing ?php Exploit Title: WordPress WooCommerce - GloBee cryptocurrency Payment Gateway Plugin Payment Bypass / Unauthorized Order Status Spoofing Discovery Date: 14.12.2018...

5CVSS0.2AI score0.10009EPSS
Exploits5
exploitpack
exploitpack
•added 2019/02/18 12:0 a.m.•12 views

Oracle Java Runtime Environment - Heap Out-of-Bounds Read During OTF Font Rendering in glyph_CloseContour

Oracle Java Runtime Environment - Heap Out-of-Bounds Read During OTF Font Rendering in glyphCloseContour A heap-based out-of-bounds read was observed in Oracle Java Runtime Environment version 8u202 latest at the time of this writing while fuzz-testing the processing of OpenType fonts. It manifes...

0.2AI score
Exploits0
exploitpack
exploitpack
•added 2019/02/18 12:0 a.m.•20 views

Webiness Inventory 2.3 - ProductModel Arbitrary File Upload

Webiness Inventory 2.3 - ProductModel Arbitrary File Upload =========================================================================================== Exploit Title: Webiness Inventory 2.3 - 'ProductModel' Arbitrary File Upload Dork: N/A Date: 10-02-2019 Exploit Author: Mehmet EMIROGLU Vendor...

5.5CVSS0.2AI score0.08018EPSS
Exploits5
exploitpack
exploitpack
•added 2019/02/18 12:0 a.m.•38 views

Oracle Java Runtime Environment - Heap Out-of-Bounds Read During TTF Font Rendering in OpenTypeLayoutEngine::adjustGlyphPositions

Oracle Java Runtime Environment - Heap Out-of-Bounds Read During TTF Font Rendering in OpenTypeLayoutEngine::adjustGlyphPositions A heap-based out-of-bounds read was observed in Oracle Java Runtime Environment version 8u202 latest at the time of this writing while fuzz-testing the processing of...

0.3AI score
Exploits0
exploitpack
exploitpack
•added 2019/02/18 12:0 a.m.•24 views

Comodo Dome Firewall 2.7.0 - Cross-Site Scripting

Comodo Dome Firewall 2.7.0 - Cross-Site Scripting Exploit Title: Comodo Dome Firewall 2.7.0 | Cross-Site Scripting Date: 18.02.2019 Exploit Author: Ozer Goker Vendor Homepage: https://cdome.comodo.com/firewall/ Software Link:...

0.1AI score
Exploits0
exploitpack
exploitpack
•added 2019/02/18 12:0 a.m.•18 views

Realterm Serial Terminal 2.0.0.70 - Local Buffer Overflow (SEH)

Realterm Serial Terminal 2.0.0.70 - Local Buffer Overflow SEH -- coding: utf-8 -- Exploit Title: RealTerm: Serial Terminal 2.0.0.70 - 'Echo Port' Overflow Crash SEH PoC Date: 16/02/2019 Author: Alejandra Sánchez Vendor Homepage: https://realterm.sourceforge.io/ Software Link:...

0.6AI score
Exploits0
exploitpack
exploitpack
•added 2019/02/18 12:0 a.m.•75 views

qdPM 9.1 - type Cross-Site Scripting

qdPM 9.1 - type Cross-Site Scripting =========================================================================================== Exploit Title: qdPM 9.1 - 'type' XSS Injection CVE: CVE-2019-8391. Date: 14-02-2019 Exploit Author: Mehmet EMIROGLU Vendor Homepage: http://qdpm.net Software Link:...

4.3CVSS6.1AI score0.03342EPSS
Exploits5
exploitpack
exploitpack
•added 2019/02/18 12:0 a.m.•27 views

ArangoDB Community Edition 3.4.2-1 - Cross-Site Scripting

ArangoDB Community Edition 3.4.2-1 - Cross-Site Scripting Exploit Title: ArangoDB Community Edition 3.4.2-1 | Cross-Site Scripting Date: 17.02.2019 Exploit Author: Ozer Goker Vendor Homepage: https://www.arangodb.com Software Link: https://www.arangodb.com/download-major/ Version: 3.4.2-1...

6.8AI score
Exploits0
exploitpack
exploitpack
•added 2019/02/18 12:0 a.m.•13 views

CMSsite 1.0 - post SQL Injection

CMSsite 1.0 - post SQL Injection Exploit Title: CMSsite 1.0 - 'post' SQL Injection Exploit Author: Mr Winst0n Author E-mail: [email protected] Discovery Date: February 17, 2019 Vendor Homepage: https://github.com/VictorAlagwu/CMSsite Software Link :...

8.7AI score
Exploits0
exploitpack
exploitpack
•added 2019/02/18 12:0 a.m.•77 views

Realterm Serial Terminal 2.0.0.70 - Denial of Service

Realterm Serial Terminal 2.0.0.70 - Denial of Service -- coding: utf-8 -- Exploit Title: RealTerm: Serial Terminal 2.0.0.70 - 'Port' Denial of Service PoC Date: 15/02/2019 Author: Alejandra Sánchez Vendor Homepage: https://realterm.sourceforge.io/ Software Link:...

Exploits0
exploitpack
exploitpack
•added 2019/02/18 12:0 a.m.•16 views

Apache CouchDB 2.3.0 - Cross-Site Scripting

Apache CouchDB 2.3.0 - Cross-Site Scripting Exploit Title: Apache CouchDB 2.3.0 | Cross-Site Scripting Date: 17.02.2019 Exploit Author: Ozer Goker Vendor Homepage: http://couchdb.apache.org Software Link: http://couchdb.apache.org/download Version: 2.3.0 Introduction A CouchDB server hosts named...

6.8AI score
Exploits0
exploitpack
exploitpack
•added 2019/02/18 12:0 a.m.•18 views

Oracle Java Runtime Environment - Heap Out-of-Bounds Read During TTF Font Rendering in ExtractBitMap_blocClass

Oracle Java Runtime Environment - Heap Out-of-Bounds Read During TTF Font Rendering in ExtractBitMapblocClass A heap-based out-of-bounds read was observed in Oracle Java Runtime Environment version 8u202 latest at the time of this writing while fuzz-testing the processing of TrueType fonts. It...

0.3AI score
Exploits0
exploitpack
exploitpack
•added 2019/02/18 12:0 a.m.•25 views

qdPM 9.1 - search[keywords] Cross-Site Scripting

qdPM 9.1 - searchkeywords Cross-Site Scripting =========================================================================================== Exploit Title: qdPM 9.1 - 'searchkeywords' XSS Injection CVE: CVE-2019-8390 Date: 14-02-2019 Exploit Author: Mehmet EMIROGLU Vendor Homepage: http://qdpm.net...

4.3CVSS0.1AI score0.08864EPSS
Exploits5
exploitpack
exploitpack
•added 2019/02/15 12:0 a.m.•24 views

MyBB Trash Bin Plugin 1.1.3 - Cross-Site Scripting Cross-Site Request Forgery

MyBB Trash Bin Plugin 1.1.3 - Cross-Site Scripting Cross-Site Request Forgery Exploit Title: MyBB Trash Bin Plugin 1.1.3 - Cross-Site Scripting / CSRF Date: 7/17/2018 Author: 0xB9 Twitter: @0xB9Sec Contact: 0xB9atpm.me Software Link: https://community.mybb.com/mods.php?action=view&pid=957 Version...

6.8CVSS8.5AI score0.02377EPSS
Exploits5
exploitpack
exploitpack
•added 2019/02/15 12:0 a.m.•136 views

UniSharp Laravel File Manager 2.0.0-alpha7 - Arbitrary File Upload

UniSharp Laravel File Manager 2.0.0-alpha7 - Arbitrary File Upload Exploit Title: UniSharp Laravel File Manager - Arbitrary File Upload Google Dork: inurl:"laravel-filemanager?type=Files" -site:github.com -site:github.io Exploit Author: Mohammad Danish Vendor Homepage:...

7.4AI score
Exploits0
exploitpack
exploitpack
•added 2019/02/15 12:0 a.m.•44 views

Linux - kvm_ioctl_create_device() NULL Pointer Dereference

Linux - kvmioctlcreatedevice NULL Pointer Dereference kvmioctlcreatedevice contains the following code: dev = kzallocsizeofdev, GFPKERNEL; if !dev return -ENOMEM; dev-ops = ops; dev-kvm = kvm; mutexlock&kvm-lock; ret = ops-createdev, cd-type; if ret lock; kfreedev; return ret; listadd&dev-vmnode,...

0.5AI score
Exploits0
exploitpack
exploitpack
•added 2019/02/15 12:0 a.m.•19 views

VSCO 1.1.1.0 - Denial of Service (PoC)

VSCO 1.1.1.0 - Denial of Service PoC Exploit Title: VSCO 1.1.1.0 - Denial of Service PoC Date: 2/14/2018 Author: 0xB9 Twitter: @0xB9Sec Contact: 0xB9atpm.me Software Link: https://www.microsoft.com/store/productId/9NC1RLNH76PB Version: 1.1.1.0 Tested on: Windows 10 Proof of Concept: Run the pytho...

7.3AI score
Exploits0
exploitpack
exploitpack
•added 2019/02/15 12:0 a.m.•31 views

qdPM 9.1 - search_by_extrafields[] SQL Injection

qdPM 9.1 - searchbyextrafields SQL Injection =========================================================================================== Exploit Title: qdPM 9.1 - 'searchbyextrafields' SQL Injection Date: 14-02-2019 Exploit Author: Mehmet EMIROGLU Vendor Homepage: http://qdpm.net Software Link:...

0.2AI score
Exploits0
exploitpack
exploitpack
•added 2019/02/15 12:0 a.m.•50 views

Navicat for Oracle 12.1.15 - _Password_ Denial of Service (PoC)

Navicat for Oracle 12.1.15 - Password Denial of Service PoC Exploit Title: Navicat for Oracle 12.1.15 - "Password" Denial of Service PoC Discovery by: Victor Mondragón Discovery Date: 2019-02-14 Vendor Homepage: https://www.navicat.com/es/ Software Link:...

0.3AI score
Exploits0
exploitpack
exploitpack
•added 2019/02/15 12:0 a.m.•10 views

Free IP Switcher 3.1 - Computer Name Denial of Service (PoC)

Free IP Switcher 3.1 - Computer Name Denial of Service PoC Exploit Title: Free IP Switcher 3.1 - Denial of Service PoC Discovery by: Victor Mondragón Discovery Date: 2018-02-14 Vendor Homepage: http://www.eusing.com/index.html Software Link: http://www.eusing.com/ipscan/freeipscanner.htm Tested...

Exploits0
exploitpack
exploitpack
•added 2019/02/15 12:0 a.m.•14 views

AirMore 1.6.1 - Denial of Service (PoC)

AirMore 1.6.1 - Denial of Service PoC !/usr/bin/python coding: utf-8 Author: Marcelo Vázquez aka s4vitar AirMore 1.6.1 Remote Denial of Service DoS & System Freeze Exploit Title: AirMore 1.6.1 Remote Denial of Service DoS & System Freeze Date: 2019-02-14 Exploit Author: Marcelo Vázquez aka s4vita...

7.3AI score
Exploits0
exploitpack
exploitpack
•added 2019/02/15 12:0 a.m.•42 views

Jinja2 2.10 - from_string Server Side Template Injection

Jinja2 2.10 - fromstring Server Side Template Injection ''' Exploit Title: Jinja2 Command injection fromstring function Date: date Exploit Author: JameelNabbo Website: Ordina.nl Vendor Homepage: http://jinja.pocoo.org Software Link: https://pypi.org/project/Jinja2/files Version: 2.10 Tested on:...

7.5CVSS9.7AI score0.4478EPSS
Exploits5
exploitpack
exploitpack
•added 2019/02/14 12:0 a.m.•24 views

DomainMOD 4.11.01 - ssl-accounts.php username Cross-Site Scripting

DomainMOD 4.11.01 - ssl-accounts.php username Cross-Site Scripting Exploit Title: DomainMOD 4.11.01 - Cross-Site Scripting Date: 2018-11-22 Exploit Author: Mohammed Abdul Raheem Vendor Homepage: domainmod https://domainmod.org/ Software Link: domainmod https://github.com/DomainMod/DomainMod...

3.5CVSS5.4AI score0.04428EPSS
Exploits5
exploitpack
exploitpack
•added 2019/02/14 12:0 a.m.•23 views

ApowerManager 3.1.7 - Phone Manager Remote Denial of Service (PoC)

ApowerManager 3.1.7 - Phone Manager Remote Denial of Service PoC !/usr/bin/python coding: utf-8 Author: Marcelo Vázquez aka s4vitar ApowerManager Remote Denial of Service DoS / Application Crash Exploit Title: ApowerManager - Phone Manager Remote Denial of Service DoS / Application Crash Date:...

7.4AI score
Exploits0
exploitpack
exploitpack
•added 2019/02/14 12:0 a.m.•17 views

LayerBB 1.1.2 - Cross-Site Request Forgery (Add Admin)

LayerBB 1.1.2 - Cross-Site Request Forgery Add Admin Exploit Title: LayerBB 1.1.2 - Cross-Site Request Forgery Date: 10/4/2018 Author: 0xB9 Twitter: @0xB9Sec Contact: 0xB9atpm.me Software Link: https://forum.layerbb.com Version: 1.1.2 Tested on: Ubuntu 18.04 CVE: CVE-2018-17996 1. Description:...

5.8CVSS0.5AI score0.03011EPSS
Exploits4
exploitpack
exploitpack
•added 2019/02/14 12:0 a.m.•26 views

exacqVision ESM 5.12.2 - Privilege Escalation

exacqVision ESM 5.12.2 - Privilege Escalation Exploit Title: exacqVision ESM 5.12.2 - Privilege Escalation Exploit Author: bzyo Twitter: @bzyo Date: 2019-02-13 Vulnerable Software: http://cdnpublic.exacq.com/5.12/exacqVisionEnterpriseSystemManager5.12.2.150128x86.exe Vendor Homepage:...

0.5AI score
Exploits0
exploitpack
exploitpack
•added 2019/02/14 12:0 a.m.•22 views

MediaMonkey 4.1.23 - .mp3 URL Denial of Service (PoC)

MediaMonkey 4.1.23 - .mp3 URL Denial of Service PoC -- coding: utf-8 -- Exploit Title: MediaMonkey 4.1.23 - URL Denial of Service PoC Date: 13/02/2019 Author: Alejandra Sánchez Vendor Homepage: https://www.mediamonkey.com/ Software Link: https://www.mediamonkey.com/sw/MediaMonkey4.1.23.1881.exe...

0.1AI score
Exploits0
exploitpack
exploitpack
•added 2019/02/14 12:0 a.m.•31 views

DomainMOD 4.11.01 - category.php CatagoryName_ StakeHolder Cross-Site Scripting

DomainMOD 4.11.01 - category.php CatagoryName StakeHolder Cross-Site Scripting Exploit Title: DomainMOD 4.11.01 - Cross-Site Scripting Date: 2018-11-22 Exploit Author: Mohammed Abdul Raheem Vendor Homepage: domainmod https://domainmod.org/ Software Link: domainmod...

3.5CVSS5.3AI score0.04428EPSS
Exploits6
exploitpack
exploitpack
•added 2019/02/14 12:0 a.m.•23 views

DomainMOD 4.11.01 - ssl-provider-name Cross-Site Scripting

DomainMOD 4.11.01 - ssl-provider-name Cross-Site Scripting Exploit Title: DomainMOD 4.11.01 - Cross-Site Scripting Date: 2018-11-22 Exploit Author: Mohammed Abdul Raheem Vendor Homepage: domainmod https://domainmod.org/ Software Link: domainmod https://github.com/DomainMod/DomainMod Version:...

3.5CVSS5.3AI score0.04428EPSS
Exploits6
exploitpack
exploitpack
•added 2019/02/14 12:0 a.m.•20 views

DomainMOD 4.11.01 - assetsedithost.php?whid5 Cross-Site Scripting

DomainMOD 4.11.01 - assetsedithost.php?whid5 Cross-Site Scripting Exploit Title: DomainMOD 4.11.01 - Cross-Site Scripting Date: 2018-11-22 Exploit Author: Mohammed Abdul Kareem Vendor Homepage: domainmod https://domainmod.org/ Software Link: domainmod https://github.com/DomainMod/DomainMod Versio...

3.5CVSS5.4AI score0.04008EPSS
Exploits5
exploitpack
exploitpack
•added 2019/02/14 12:0 a.m.•17 views

Core FTPSFTP Server 1.2 Build 589.42 - User domain Denial of Service (PoC)

Core FTPSFTP Server 1.2 Build 589.42 - User domain Denial of Service PoC Exploit Title: Core FTP/SFTP Server 1.2 - Build 589.42 - Denial of Service PoC Discovery by: Victor Mondragón Discovery Date: 2019-02-13 Vendor Homepage: http://www.coreftp.com/ Software Link:...

7.3AI score
Exploits0
exploitpack
exploitpack
•added 2019/02/14 12:0 a.m.•35 views

DomainMOD 4.11.01 - assetsadddns.php Cross-Site Scripting

DomainMOD 4.11.01 - assetsadddns.php Cross-Site Scripting Exploit Title: DomainMOD 4.11.01 - Cross-Site Scripting Date: 2018-11-22 Exploit Author: Mohammed Abdul Kareem Vendor Homepage: domainmod https://domainmod.org/ Software Link: domainmod https://github.com/DomainMod/DomainMod Version:...

3.5CVSS5.4AI score0.03316EPSS
Exploits5
exploitpack
exploitpack
•added 2019/02/14 12:0 a.m.•49 views

WordPress Plugin Booking Calendar 8.4.3 - (Authenticated) SQL Injection

WordPress Plugin Booking Calendar 8.4.3 - Authenticated SQL Injection Exploit Title: Wordpress Booking Calendar v8.4.3 - Authenticated SQL Injection Vulnerability Date: 2018-12-28 Exploit Author: B0UG Vendor Homepage: https://wpbookingcalendar.com/ Software Link:...

6.5CVSS0.6AI score0.19238EPSS
Exploits5
exploitpack
exploitpack
•added 2019/02/13 12:0 a.m.•33 views

snapd 2.37 (Ubuntu) - dirty_sock Local Privilege Escalation (1)

snapd 2.37 Ubuntu - dirtysock Local Privilege Escalation 1 !/usr/bin/env python3 """ dirtysock: Privilege Escalation in Ubuntu via snapd In January 2019, current versions of Ubuntu Linux were found to be vulnerable to local privilege escalation due to a bug in the snapd API. This repository...

0.5AI score
Exploits0
exploitpack
exploitpack
•added 2019/02/13 12:0 a.m.•19 views

PilusCart 1.4.1 - send SQL Injection

PilusCart 1.4.1 - send SQL Injection Exploit Title: PilusCart 1.4.1 - 'send' SQL Vulnerability Dork: N/A Date: 10-02-2019 Exploit Author: Mehmet EMIROGLU Vendor Homepage: https://sourceforge.net/projects/pilus/ Software Link: https://sourceforge.net/projects/pilus/ Version: 1.4.1 Category: Webapp...

8.6AI score
Exploits0
exploitpack
exploitpack
•added 2019/02/13 12:0 a.m.•14 views

Rukovoditel Project Management CRM 2.4.1 - Cross-Site Scripting

Rukovoditel Project Management CRM 2.4.1 - Cross-Site Scripting Exploit Title : Rukovoditel Project Management CRM 2.4.1 - XSS Vulnerability DOM BASED Author Discovered By : Mehmet EMIROGLU Date : 29/01/2019 Vendor Homepage : https://www.rukovoditel.net/ Software Link :...

0.1AI score
Exploits0
exploitpack
exploitpack
•added 2019/02/13 12:0 a.m.•80 views

Apple macOS 10.13.5 - Local Privilege Escalation

Apple macOS 10.13.5 - Local Privilege Escalation import import import import import import import "offsets.h" //utils define ENFORCEa, label \ do \ if builtinexpect!a, 0 \ \ timedlog"! %s is false l.%d\n", a, LINE; \ goto label; \ \ while 0 // from...

5.8CVSS0.3AI score0.05715EPSS
Exploits6
exploitpack
exploitpack
•added 2019/02/13 12:0 a.m.•115 views

snapd 2.37 (Ubuntu) - dirty_sock Local Privilege Escalation (2)

snapd 2.37 Ubuntu - dirtysock Local Privilege Escalation 2 !/usr/bin/env python3 """ dirtysock: Privilege Escalation in Ubuntu via snapd In January 2019, current versions of Ubuntu Linux were found to be vulnerable to local privilege escalation due to a bug in the snapd API. This repository...

0.5AI score
Exploits0
Total number of security vulnerabilities41207