Lucene search
K
ExploitpackRecent

41207 matches found

exploitpack
exploitpack
added 2019/01/14 12:0 a.m.22 views

Modern POS 1.3 - Arbitrary File Download

Modern POS 1.3 - Arbitrary File Download Exploit Title: Modern POS 1.3 - Arbitrary File Download Dork: N/A Date: 2019-01-13 Exploit Author: Ihsan Sencan Vendor Homepage: http://itsolution24.com/ Software Link:...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2019/01/14 12:0 a.m.62 views

Microsoft Windows 10 - COM Desktop Broker Privilege Escalation

Microsoft Windows 10 - COM Desktop Broker Privilege Escalation Windows: COM Desktop Broker Elevation of Privilege Platform: Windows 10 1809 almost certainly earlier versions as well. Class: Elevation of Privilege Security Boundary per Windows Security Service Criteria: AppContainer Sandbox Summar...

10CVSS0.3AI score0.23425EPSS
Exploits11
exploitpack
exploitpack
added 2019/01/14 12:0 a.m.20 views

Microsoft Windows 10 - Browser Broker Cross Session Privilege Escalation

Microsoft Windows 10 - Browser Broker Cross Session Privilege Escalation Windows: Browser Broker Cross Session EoP Platform: Windows 10 1803 not tested anything else. Class: Elevation of Privilege Security Boundary per Windows Security Service Criteria: Session Boundary Summary: The Browser Broke...

0.5AI score
Exploits0
exploitpack
exploitpack
added 2019/01/14 12:0 a.m.15 views

Find a Place CMS Directory 1.5 - SQL Injection

Find a Place CMS Directory 1.5 - SQL Injection Exploit Title: Locations CMS 1.5 - SQL Injection Dork: N/A Date: 2019-01-13 Exploit Author: Ihsan Sencan Vendor Homepage: https://themerig.com/ Software Link: https://codecanyon.net/item/locations-multipurpose-cms-directory-theme/21098597 Version: 1....

0.6AI score
Exploits0
exploitpack
exploitpack
added 2019/01/14 12:0 a.m.113 views

Modern POS 1.3 - SQL Injection

Modern POS 1.3 - SQL Injection Exploit Title: Modern POS 1.3 - SQL Injection Dork: N/A Date: 2019-01-13 Exploit Author: Ihsan Sencan Vendor Homepage: http://itsolution24.com/ Software Link: https://codecanyon.net/item/modern-pos-point-of-sale-with-stock-management-system/22702683 Version: 1.3...

0.2AI score
Exploits0
exploitpack
exploitpack
added 2019/01/14 12:0 a.m.55 views

Portier Vision 4.4.4.2 4.4.4.6 - SQL Injection

Portier Vision 4.4.4.2 4.4.4.6 - SQL Injection -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Advisory ID: SYSS-2018-012 Product: PORTIER Affected Versions: 4.4.4.2, 4.4.4.6 Tested Versions: 4.4.4.2, 4.4.4.6 Vulnerability Type: SQL Injection CWE-89 Risk Level: HIGH Solution Status: Open...

7.5CVSS1.1AI score0.03903EPSS
Exploits5
exploitpack
exploitpack
added 2019/01/14 12:0 a.m.21 views

Hootoo HT-05 - Remote Code Execution (Metasploit)

Hootoo HT-05 - Remote Code Execution Metasploit require 'msf/core' require 'net/http' require "uri" class MetasploitModule 'Hotoo HT-05 remote shell exploit', 'Description' = %q This module tries to open a door in the device by exploiting the RemoteCodeExecution by creating a backdoor inside the...

0.2AI score
Exploits0
exploitpack
exploitpack
added 2019/01/14 12:0 a.m.125 views

xorg-x11-server 1.20.3 (Solaris 11) - inittab Local Privilege Escalation

xorg-x11-server 1.20.3 Solaris 11 - inittab Local Privilege Escalation !/bin/sh Exploit Title: xorg-x11-server A flaw was found in xorg-x11-server before 1.20.3. An incorrect permission check for -modulepath and -logfile options when starting Xorg. X server allows unprivileged users with the...

7.2CVSS0.3AI score0.2704EPSS
Exploits39
exploitpack
exploitpack
added 2019/01/13 12:0 a.m.46 views

S-nail 14.8.16 - Local Privilege Escalation

S-nail 14.8.16 - Local Privilege Escalation !/bin/sh Wrapper for @wapiflapi's s-nail-privget.c local root exploit for CVE-2017-5899 uses ld.so.preload technique --- Found privsep: /usr/lib/s-nail/s-nail-privsep . Compiling /var/tmp/.snail.so.c ... . Compiling /var/tmp/.sh.c ... . Compiling...

6.9CVSS0.4AI score0.01015EPSS
Exploits5
exploitpack
exploitpack
added 2019/01/13 12:0 a.m.27 views

Serv-U FTP Server 15.1.7 - Local Privilege Escalation (2)

Serv-U FTP Server 15.1.7 - Local Privilege Escalation 2 !/bin/bash SUroot - Local root exploit for Serv-U FTP Server versions prior to 15.1.7 CVE-2019-12181 Bash variant of Guy Levin's Serv-U FTP Server exploit: - https://github.com/guywhataguy/CVE-2019-12181 ---...

6.5CVSS0.7AI score0.65981EPSS
Exploits13
exploitpack
exploitpack
added 2019/01/12 12:0 a.m.38 views

ASANSUID - Local Privilege Escalation

ASANSUID - Local Privilege Escalation !/bin/bash unsanitary.sh - ASAN/SUID Local Root Exploit Exploits er, unsanitized env var passing in ASAN which leads to file clobbering as root when executing setuid root binaries compiled with ASAN. Uses an overwrite of /etc/ld.so.preload to get root on a...

1AI score
Exploits0
exploitpack
exploitpack
added 2019/01/11 12:0 a.m.17 views

Tree Studio 2.17 - Denial of Service (PoC)

Tree Studio 2.17 - Denial of Service PoC Exploit Title: Tree Studio 2.17 - Denial of Service PoC Dork: N/A Date: 2019-01-11 Exploit Author: Ihsan Sencan Vendor Homepage: http://www.pixarra.com/ Software Link: http://www.pixarra.com/uploads/9/4/6/3/94635436/tbtreestudioinstall.exe Version: 2.17...

7.3AI score
Exploits0
exploitpack
exploitpack
added 2019/01/11 12:0 a.m.10 views

Paint Studio 2.17 - Denial of Service (PoC)

Paint Studio 2.17 - Denial of Service PoC Exploit Title: Paint Studio 2.17 - Denial of Service PoC Dork: N/A Date: 2019-01-11 Exploit Author: Ihsan Sencan Vendor Homepage: http://www.pixarra.com/ Software Link: http://www.pixarra.com/uploads/9/4/6/3/94635436/tbpaintstudioinstall.exe Version: 2.17...

7.3AI score
Exploits0
exploitpack
exploitpack
added 2019/01/11 12:0 a.m.11 views

Pixel Studio 2.17 - Denial of Service (PoC)

Pixel Studio 2.17 - Denial of Service PoC Exploit Title: Pixel Studio 2.17 - Denial of Service PoC Dork: N/A Date: 2019-01-11 Exploit Author: Ihsan Sencan Vendor Homepage: http://www.pixarra.com/ Software Link: http://www.pixarra.com/uploads/9/4/6/3/94635436/tbpixelstudioinstall.exe Version: 2.17...

7.3AI score
Exploits0
exploitpack
exploitpack
added 2019/01/11 12:0 a.m.15 views

Adapt Inventory Management System 1.0 - SQL Injection

Adapt Inventory Management System 1.0 - SQL Injection Exploit Title: Adapt Inventory Management System 1.0 - SQL Injection Dork: N/A Date: 2019-01-10 Exploit Author: Ihsan Sencan Vendor Homepage: https://www.adaptinventory.com/ Software Link:...

0.2AI score
Exploits0
exploitpack
exploitpack
added 2019/01/11 12:0 a.m.11 views

Blob Studio 2.17 - Denial of Service (PoC)

Blob Studio 2.17 - Denial of Service PoC Exploit Title: Blob Studio 2.17 - Denial of Service PoC Dork: N/A Date: 2019-01-11 Exploit Author: Ihsan Sencan Vendor Homepage: http://www.pixarra.com/ Software Link: http://www.pixarra.com/uploads/9/4/6/3/94635436/tbblobstudioinstall.exe Version: 2.17...

Exploits0
exploitpack
exploitpack
added 2019/01/11 12:0 a.m.14 views

Selfie Studio 2.17 - Denial of Service (PoC)

Selfie Studio 2.17 - Denial of Service PoC Exploit Title: Selfie Studio 2.17 - Denial of Service PoC Dork: N/A Date: 2019-01-11 Exploit Author: Ihsan Sencan Vendor Homepage: http://www.pixarra.com/ Software Link: http://www.pixarra.com/uploads/9/4/6/3/94635436/tbselfiestudioinstall.exe Version:...

0.1AI score
Exploits0
exploitpack
exploitpack
added 2019/01/11 12:0 a.m.11 views

Code Blocks 17.12 - Local Buffer Overflow (SEH) (Unicode)

Code Blocks 17.12 - Local Buffer Overflow SEH Unicode !/usr/bin/python Exploit Author: bzyo Twitter: @bzyo Exploit Title: Code Blocks 17.12 - Local Buffer Overflow SEHUnicode Date: 01-10-2019 Vulnerable Software: Code Blocks 17.12 Vendor Homepage: http://www.codeblocks.org/ Version: 17.12 Softwar...

0.5AI score
Exploits0
exploitpack
exploitpack
added 2019/01/11 12:0 a.m.24 views

Joomla! Component JoomCRM 1.1.1 - SQL Injection

Joomla! Component JoomCRM 1.1.1 - SQL Injection Exploit Title: Joomla! Component JoomCRM 1.1.1 - SQL Injection Dork: N/A Date: 2019-01-11 Exploit Author: Ihsan Sencan Vendor Homepage: http://joomboost.com/ Software Link: https://extensions.joomla.org/extensions/extension/marketing/crm/joomcrm/...

0.3AI score
Exploits0
exploitpack
exploitpack
added 2019/01/11 12:0 a.m.12 views

Luminance Studio 2.17 - Denial of Service (PoC)

Luminance Studio 2.17 - Denial of Service PoC Exploit Title: Luminance Studio 2.17 - Denial of Service PoC Dork: N/A Date: 2019-01-11 Exploit Author: Ihsan Sencan Vendor Homepage: http://www.pixarra.com/ Software Link: http://www.pixarra.com/uploads/9/4/6/3/94635436/tbluminancestudioinstall.exe...

7.3AI score
Exploits0
exploitpack
exploitpack
added 2019/01/11 12:0 a.m.19 views

Liquid Studio 2.17 - Denial of Service (PoC)

Liquid Studio 2.17 - Denial of Service PoC Exploit Title: Liquid Studio 2.17 - Denial of Service PoC Dork: N/A Date: 2019-01-11 Exploit Author: Ihsan Sencan Vendor Homepage: http://www.pixarra.com/ Software Link: http://www.pixarra.com/uploads/9/4/6/3/94635436/tbliquidstudioinstall.exe Version:...

Exploits0
exploitpack
exploitpack
added 2019/01/11 12:0 a.m.17 views

Joomla! Component JoomProject 1.1.3.2 - Information Disclosure

Joomla! Component JoomProject 1.1.3.2 - Information Disclosure Exploit Title: Joomla! Component JoomProject 1.1.3.2 - Information Disclosure Dork: N/A Date: 2019-01-11 Exploit Author: Ihsan Sencan Vendor Homepage: http://joomboost.com/ Software Link:...

7.2AI score
Exploits0
exploitpack
exploitpack
added 2019/01/11 12:0 a.m.12112 views

OpenSSH SCP Client - Write Arbitrary Files

OpenSSH SCP Client - Write Arbitrary Files ''' Title: SSHtranger Things Author: Mark E. Haase Homepage: https://www.hyperiongray.com Date: 2019-01-17 CVE: CVE-2019-6111, CVE-2019-6110 Advisory: https://sintonen.fi/advisories/scp-client-multiple-vulnerabilities.txt Tested on: Ubuntu 18.04.1 LTS,...

5.8CVSS0.5AI score0.58204EPSS
Exploits10
exploitpack
exploitpack
added 2019/01/10 12:0 a.m.13 views

doitX 1.0 - search SQL Injection

doitX 1.0 - search SQL Injection Exploit Title: doitX 1.0 - SQL Injection Dork: N/A Date: 2019-01-10 Exploit Author: Ihsan Sencan Vendor Homepage: http://mybizcms.com/ Software Link: https://codecanyon.net/item/doitx/23041037 Version: 1.0 Category: Webapps Tested on: WiN7x64/KaLiLinuXx64 CVE: N/A...

0.1AI score
Exploits0
exploitpack
exploitpack
added 2019/01/10 12:0 a.m.8 views

MLMPro 1.0 - SQL Injection

MLMPro 1.0 - SQL Injection Exploit Title: Matrix MLM Script 1.0 - SQL Injection Dork: N/A Date: 2019-01-10 Exploit Author: Ihsan Sencan Vendor Homepage: https://royallifefoundation.org/ Software Link: https://codecanyon.net/item/mlmpro-multistage-forced-matrix-mlm-script/23050292 Version: 1.0...

0.3AI score
Exploits0
exploitpack
exploitpack
added 2019/01/10 12:0 a.m.14 views

Matrix MLM Script 1.0 - Information Disclosure

Matrix MLM Script 1.0 - Information Disclosure Exploit Title: Matrix MLM Script 1.0 - Information Leakage Dork: N/A Date: 2019-01-10 Exploit Author: Ihsan Sencan Vendor Homepage: https://royallifefoundation.org/ Software Link:...

7.2AI score
Exploits0
exploitpack
exploitpack
added 2019/01/10 12:0 a.m.23 views

OpenSource ERP 6.3.1. - SQL Injection

OpenSource ERP 6.3.1. - SQL Injection Exploit Title: OpenSource ERP SQL Injection Date: 10.01.2019 Exploit Author: Emre ÖVÜNÇ Vendor Homepage: http://www.nelson-it.ch Software Link: http://sourceforge.net/projects/opensourceerp/files/Windows/erp6.3.1.exe/download Version: v6.3.1 Tested on: Window...

7.5CVSS10AI score0.2471EPSS
Exploits6
exploitpack
exploitpack
added 2019/01/10 12:0 a.m.13 views

Architectural 1.0 - email SQL Injection

Architectural 1.0 - email SQL Injection Exploit Title: Architectural Cms 1.0 - SQL Injection Dork: N/A Date: 2019-01-10 Exploit Author: Ihsan Sencan Vendor Homepage: http://ezcode.pt/ Software Link: https://codecanyon.net/item/architectural-multipage-theme-admin-panel/20968597 Version: 1.0...

0.3AI score
Exploits0
exploitpack
exploitpack
added 2019/01/10 12:0 a.m.16 views

eBrigade ERP 4.5 - Arbitrary File Download

eBrigade ERP 4.5 - Arbitrary File Download !/usr/bin/python import mechanize, sys, cookielib, requests import colorama, urllib, re, random, urllib2 import wget from colorama import Fore from tqdm import tqdm from pathlib import Path def bannerche: print '''...

0.2AI score
Exploits0
exploitpack
exploitpack
added 2019/01/10 12:0 a.m.22 views

RGui 3.5.0 - Local Buffer Overflow (SEH)(DEP Bypass)

RGui 3.5.0 - Local Buffer Overflow SEHDEP Bypass !/usr/bin/python Exploit Author: bzyo Twitter: @bzyo Exploit Title: RGui 3.5.0 - Local Buffer Overflow SEHDEP Bypass Date: 01-09-2018 Vulnerable Software: RGui 3.5.0 Vendor Homepage: https://www.r-project.org/ Version: 3.5.0 Software Link:...

0.1AI score
Exploits0
exploitpack
exploitpack
added 2019/01/10 12:0 a.m.14 views

Event Calendar 3.7.4 - id SQL Injection

Event Calendar 3.7.4 - id SQL Injection Exploit Title: Event Calendar 3.7.4 - SQL Injection Dork: N/A Date: 2019-01-10 Exploit Author: Ihsan Sencan Vendor Homepage: http://ezcode.pt/ Software Link: https://codecanyon.net/item/event-calendar-phpmysql-plugin/19246267 Version: 3.7.4 Category: Webapp...

8.7AI score
Exploits0
exploitpack
exploitpack
added 2019/01/10 12:0 a.m.13 views

Event Locations 1.0.1 - id SQL Injection

Event Locations 1.0.1 - id SQL Injection Exploit Title: Event Locations 1.0.1 - SQL Injection Dork: N/A Date: 2019-01-10 Exploit Author: Ihsan Sencan Vendor Homepage: http://ezcode.pt/ Software Link: https://codecanyon.net/item/event-locations-phpmysql-plugin/22100679 Version: 1.0.1 Category:...

8.7AI score
Exploits0
exploitpack
exploitpack
added 2019/01/10 12:0 a.m.32 views

PEAR Archive_Tar 1.4.4 - PHP Object Injection

PEAR ArchiveTar 1.4.4 - PHP Object Injection PEAR ArchiveTar temptarname will be called in the destructor method. If another class with useful gadget is loaded, remote code execution may be possible. Steps to reproduce object injection and arbitrary file deletion: 1. Make sure that PHP & PEAR are...

6.8CVSS0.3AI score0.18286EPSS
Exploits5
exploitpack
exploitpack
added 2019/01/10 12:0 a.m.13 views

eBrigade ERP 4.5 - SQL Injection

eBrigade ERP 4.5 - SQL Injection Exploit Title: eBrigade ERP 4.5 - SQL Injection Dork: N/A Date: 2019-01-10 Exploit Author: Ihsan Sencan Vendor Homepage: https://ebrigade.net/ Software Link: https://netcologne.dl.sourceforge.net/project/ebrigade/ebrigade/eBrigade%204.5/ebrigade4.5.zip Version: 4....

0.2AI score
Exploits0
exploitpack
exploitpack
added 2019/01/10 12:0 a.m.15 views

Shield CMS 2.2 - email SQL Injection

Shield CMS 2.2 - email SQL Injection Exploit Title: SHIELD - Freelancer Content Management System 2.2 - SQL Injection / CSRF Dork: N/A Date: 2019-01-10 Exploit Author: Ihsan Sencan Vendor Homepage: http://ezcode.pt/ Software Link:...

0.4AI score
Exploits0
exploitpack
exploitpack
added 2019/01/09 12:0 a.m.37 views

BlogEngine 3.3 - XML External Entity Injection

BlogEngine 3.3 - XML External Entity Injection XML External Entity Injection Vulnerability in BlogEngine 3.3 Information -------------------- Advisory by Netsparker Name: XML External Entity Injection Vulnerability in BlogEngine 3.3 Affected Software: BlogEngine Affected Versions: 3.3 Homepage:...

0.1AI score
Exploits0
exploitpack
exploitpack
added 2019/01/09 12:0 a.m.17 views

Google Chrome V8 JavaScript Engine 71.0.3578.98 - Out-of-Memory. Denial of Service (PoC)

Google Chrome V8 JavaScript Engine 71.0.3578.98 - Out-of-Memory. Denial of Service PoC function main var vArr = new Array; var bigArray = new Array0x20000000; vArr0 = String.prototype.toLowerCase.callbigArray; vArr1 = String.prototype.toLowerCase.callbigArray; vArr2 =...

0.8AI score
Exploits0
exploitpack
exploitpack
added 2019/01/09 12:0 a.m.18 views

Heatmiser Wifi Thermostat 1.7 - Cross-Site Request Forgery (Update Admin)

Heatmiser Wifi Thermostat 1.7 - Cross-Site Request Forgery Update Admin Exploit Title: Heatmiser Wifi Thermostat 1.7 - Cross-Site Request Forgery Dork: intitle:"Heatmiser Wifi Thermostat" & you can use shodan Date: 2019-01-09 Exploit Author: sajjadbnd Vendor Lnk: https://www.heatmiser.com/en/...

0.1AI score
Exploits0
exploitpack
exploitpack
added 2019/01/09 12:0 a.m.21 views

Microsoft Windows - DSSVC CheckFilePermission Arbitrary File Deletion

Microsoft Windows - DSSVC CheckFilePermission Arbitrary File Deletion Windows: DSSVC CheckFilePermission Arbitrary File Delete EoP Platform: Windows 10 1803 and 1809. Class: Elevation of Privilege Security Boundary per Windows Security Service Criteria: User boundary NOTE: This is one of multiple...

Exploits0
exploitpack
exploitpack
added 2019/01/09 12:0 a.m.47 views

Microsoft Office SharePoint Server 2016 - Denial of Service (Metasploit)

Microsoft Office SharePoint Server 2016 - Denial of Service Metasploit This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'sharepoint-ruby' class MetasploitModule 'DOS Vulnerability in SharePoint 2016 Server',...

5CVSS7.7AI score0.25745EPSS
Exploits5
exploitpack
exploitpack
added 2019/01/09 12:0 a.m.25 views

polkit - Temporary auth Hijacking via PID Reuse and Non-atomic Fork

polkit - Temporary auth Hijacking via PID Reuse and Non-atomic Fork / When a non-root user attempts to e.g. control systemd units in the system instance from an active session over DBus, the access is gated by a polkit policy that requires "authadminkeep" auth. This results in an auth prompt bein...

0.6AI score
Exploits0
exploitpack
exploitpack
added 2019/01/09 12:0 a.m.40 views

ZTE MF65 BD_HDV6MF65V1.0.0B05 - Cross-Site Scripting

ZTE MF65 BDHDV6MF65V1.0.0B05 - Cross-Site Scripting Exploit Title: Reflected Cross-Site Scripting on ZTE MF65 Date: 01/09/2019 Exploit Author: Nathu Nandwani Website: http://nandtech.co/ Vendor Homepage: http://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1009483 Version:...

4.3CVSS6.1AI score0.01897EPSS
Exploits4
exploitpack
exploitpack
added 2019/01/08 12:0 a.m.18 views

Dolibarr ERP-CRM 8.0.4 - rowid SQL Injection

Dolibarr ERP-CRM 8.0.4 - rowid SQL Injection Title: Dolibarr ERP-CRM 8.0.4 - 'rowid' SQL Injection Date: 08.01.2019 Exploit Author: Mehmet Önder Key Vendor Homepage: https://www.dolibarr.org/ Software Link: https://sourceforge.net/projects/dolibarr/files/Dolibarr%20ERP-CRM/8.0.4/dolibarr-8.0.4.zi...

Exploits0
exploitpack
exploitpack
added 2019/01/08 12:0 a.m.25 views

CF Image Hosting Script 1.6.5 - (Delete all Pictures) Privilege Escalation

CF Image Hosting Script 1.6.5 - Delete all Pictures Privilege Escalation !/usr/bin/env python """ Exploit Title: CF Image Hosting Script 1.6.5: Delete database Google Dork: "Powered By CF Image Hosting script" Date: 01/08/2019 Exploit Author: David Tavarez Vendor Homepage:...

0.3AI score
Exploits0
exploitpack
exploitpack
added 2019/01/08 12:0 a.m.21 views

Wireshark - get_t61_string Heap Out-of-Bounds Read

Wireshark - gett61string Heap Out-of-Bounds Read The following crash due to a heap-based out-of-bounds memory read can be observed in an ASAN build of Wireshark, by feeding a malformed file to tshark "$ ./tshark -nVxr /path/to/file". --- cut ---...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2019/01/07 12:0 a.m.84 views

Roxy Fileman 1.4.5 - Unrestricted File Upload Directory Traversal

Roxy Fileman 1.4.5 - Unrestricted File Upload Directory Traversal ====================================================================== Exploit Title:: Multiple Vulnerabilities Software: Roxy Fileman Version: 1.4.5 Vendor Homepage: http://www.roxyfileman.com/ Software Link:...

7.5CVSS0.4AI score0.73663EPSS
Exploits7
exploitpack
exploitpack
added 2019/01/07 12:0 a.m.16 views

Leica Geosystems GR10GR25GR30GR50 GNSS 4.30.063 - Cross-Site Request Forgery

Leica Geosystems GR10GR25GR30GR50 GNSS 4.30.063 - Cross-Site Request Forgery...

0.1AI score
Exploits0
exploitpack
exploitpack
added 2019/01/07 12:0 a.m.29 views

Microsoft Edge 44.17763.1.0 - NULL Pointer Dereference

Microsoft Edge 44.17763.1.0 - NULL Pointer Dereference function f1 try var v1 = eventhandler1; catche var v2 = document.createElementNS"http://www.w3.org/2000/svg", “pattern”; v2.addEventListener"1", v1; var v3 = document.createElement“option”; var v4 = document.createElement“select”; v44 = v3;...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2019/01/07 12:0 a.m.36 views

MyBB OUGC Awards Plugin 1.8.3 - Persistent Cross-Site Scripting

MyBB OUGC Awards Plugin 1.8.3 - Persistent Cross-Site Scripting Exploit Title: MyBB OUGC Awards Plugin v1.8.3 - Cross-Site Scripting Date: 12/31/2018 Author: 0xB9 Twitter: @0xB9Sec Contact: 0xB9atpm.me Software Link: https://community.mybb.com/mods.php?action=view&pid=396 Version: 1.8.3 Tested on...

3.5CVSS5AI score0.02353EPSS
Exploits5
exploitpack
exploitpack
added 2019/01/07 12:0 a.m.29 views

PLC Wireless Router GPN2.4P21-C-CN - Cross-Site Scripting

PLC Wireless Router GPN2.4P21-C-CN - Cross-Site Scripting Exploit Title: PLC Wireless Router GPN2.4P21-C-CN -Reflected XSS Date: 21/12/2018 Exploit Author: Kumar Saurav Reference: https://0dayfindings.home.blog/2018/12/26/plc-wireless-router-gpn2-4p21-c-cn-reflected-xss/ Vendor: ChinaMobile...

4.3CVSS0.04822EPSS
Exploits7
Total number of security vulnerabilities41207