Lucene search
K
ExploitpackRecent

41207 matches found

exploitpack
exploitpack
added 2018/10/29 12:0 a.m.26 views

School Event Management System 1.0 - Cross-Site Request Forgery (Update Admin)

School Event Management System 1.0 - Cross-Site Request Forgery Update Admin Exploit Title: School Event Management System 1.0 - Cross-Site Request Forgery Update Admin Dork: N/A Date: 2018-10-29 Exploit Author: Ihsan Sencan Vendor Homepage: https://www.sourcecodester.com/users/janobe Software...

6.8CVSS8.9AI score0.02385EPSS
Exploits5
exploitpack
exploitpack
added 2018/10/26 12:0 a.m.17 views

Quick Count 2.0 - txtInstID SQL Injection

Quick Count 2.0 - txtInstID SQL Injection Exploit Title: Quick Count 2.0 - 'txtInstID' SQL Injection Dork: N/A Date: 2018-10-25 Exploit Author: Ihsan Sencan Vendor Homepage: https://quickcount.sourceforge.io/ Software Link: https://sourceforge.net/projects/quickcount/files/latest/download Version...

8.6AI score
Exploits0
exploitpack
exploitpack
added 2018/10/26 12:0 a.m.23 views

Veterinary Clinic Management 00.02 - editpetnum SQL Injection

Veterinary Clinic Management 00.02 - editpetnum SQL Injection Exploit Title: Veterinary Clinic Management 00.02 - 'editpetnum' SQL Injection Dork: N/A Date: 2018-10-25 Exploit Author: Ihsan Sencan Vendor Homepage: https://vetclinic.sourceforge.io/ Software Link:...

0.6AI score
Exploits0
exploitpack
exploitpack
added 2018/10/26 12:0 a.m.17 views

Delta Sql 1.8.2 - id SQL Injection

Delta Sql 1.8.2 - id SQL Injection Exploit Title: Delta Sql 1.8.2 - 'id' SQL Injection Dork: N/A Date: 2018-10-25 Exploit Author: Ihsan Sencan Vendor Homepage: http://deltasql.sourceforge.net/ Software Link: https://sourceforge.net/projects/deltasql/files/latest/download Software Link:...

0.4AI score
Exploits0
exploitpack
exploitpack
added 2018/10/26 12:0 a.m.24 views

MPS Box 0.1.8.0 - Arbitrary File Upload

MPS Box 0.1.8.0 - Arbitrary File Upload Exploit Title: MPS Box 0.1.8.0 - Arbitrary File Upload Dork: N/A Date: 2018-10-25 Exploit Author: Ihsan Sencan Vendor Homepage: http://www.mpsbox.com/ Software Link: https://sourceforge.net/projects/mpsbox/files/latest/download Version: 0.1.8.0 Category:...

0.1AI score
Exploits0
exploitpack
exploitpack
added 2018/10/25 12:0 a.m.22 views

phptpoint Hospital Management System 1.0 - user SQL injection

phptpoint Hospital Management System 1.0 - user SQL injection Exploit Title: phptpoint Hospital Management System 1.0 - 'user' SQL injection Date: 2018-10-24 Exploit Author: Boumediene KADDOUR Unit: Algerie Telecom R&D Unit Vendor Homepage: https://www.phptpoint.com/ Software Link: Version: 1...

0.2AI score
Exploits0
exploitpack
exploitpack
added 2018/10/25 12:0 a.m.39 views

Ekushey Project Manager CRM 3.1 - Cross-Site Scripting

Ekushey Project Manager CRM 3.1 - Cross-Site Scripting Exploit Title: Ekushey Project Manager CRM 3.1 - Cross-Site Scripting Date: 2018-10-16 Exploit Author: Ismail Tasdelen Vendor Homepage: http://creativeitem.com/ Software Link : http://creativeitem.com/demo/ekushey/ Software : Ekushey Project...

3.5CVSS0.4AI score0.01643EPSS
Exploits6
exploitpack
exploitpack
added 2018/10/25 12:0 a.m.36 views

Delta Sql 1.8.2 - Arbitrary File Upload

Delta Sql 1.8.2 - Arbitrary File Upload Exploit Title: Delta Sql 1.8.2 - Arbitrary File Upload Dork: N/A Date: 2018-10-25 Exploit Author: Ihsan Sencan Vendor Homepage: http://deltasql.sourceforge.net/ Software Link: https://sourceforge.net/projects/deltasql/files/latest/download Software Link:...

Exploits0
exploitpack
exploitpack
added 2018/10/25 12:0 a.m.18 views

User Management 1.1 - Cross-Site Scripting

User Management 1.1 - Cross-Site Scripting Exploit Title: User Management 1.1 - Cross-Site Scripting Date: 2018-10-16 Exploit Author: Ismail Tasdelen Vendor Homepage: http://ardawan.com/ Software Link : http://um.ardawan.com Software : User Management Version : 1.1 Vulernability Type : Cross-site...

3.5CVSS5.4AI score0.01643EPSS
Exploits5
exploitpack
exploitpack
added 2018/10/25 12:0 a.m.13 views

libtiff 4.0.9 - Decodes Arbitrarily Sized JBIG into a Target Buffer

libtiff 4.0.9 - Decodes Arbitrarily Sized JBIG into a Target Buffer / libtiff up to and including 4.0.9 decodes arbitrarily-sized JBIG into a buffer, ignoring the buffer size. The issue occurs because JBIGDecode entirely ignores the size of the buffer that is passed to it: static int JBIGDecodeTI...

0.1AI score
Exploits0
exploitpack
exploitpack
added 2018/10/25 12:0 a.m.20 views

MPS Box 0.1.8.0 - uuid SQL Injection

MPS Box 0.1.8.0 - uuid SQL Injection Exploit Title: MPS Box 0.1.8.0 - 'uuid' SQL Injection Dork: N/A Date: 2018-10-25 Exploit Author: Ihsan Sencan Vendor Homepage: http://www.mpsbox.com/ Software Link: https://sourceforge.net/projects/mpsbox/files/latest/download Version: 0.1.8.0 Category: Webapp...

0.3AI score
Exploits0
exploitpack
exploitpack
added 2018/10/25 12:0 a.m.11 views

Adult Filter 1.0 - Buffer Overflow (SEH)

Adult Filter 1.0 - Buffer Overflow SEH...

3.4AI score
Exploits0
exploitpack
exploitpack
added 2018/10/25 12:0 a.m.12 views

ClipBucket 2.8 - id SQL Injection

ClipBucket 2.8 - id SQL Injection Exploit Title: ClipBucket 2.8 - 'id' SQL Injection Dork: N/A Date: 2018-10-25 Exploit Author: Ihsan Sencan Vendor Homepage: http://clipbucket.com/ Software Link: https://sourceforge.net/projects/clipbucket/files/latest/download Version: 2.8.v3354 Category: Webapp...

8.7AI score
Exploits0
exploitpack
exploitpack
added 2018/10/25 12:0 a.m.20 views

Open STA Manager 2.3 - Arbitrary File Download

Open STA Manager 2.3 - Arbitrary File Download Exploit Title: Open STA Manager 2.3 - Arbitrary File Download Dork: N/A Date: 2018-10-25 Exploit Author: Ihsan Sencan Vendor Homepage: http://www.openstamanager.com/ Software Link: https://sourceforge.net/projects/openstamanager/files/latest/download...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2018/10/25 12:0 a.m.23 views

AiOPMSD Final 1.0.0 - q SQL Injection

AiOPMSD Final 1.0.0 - q SQL Injection Exploit Title: AiOPMSD Final 1.0.0 - 'q' SQL Injection Dork: N/A Date: 2018-10-24 Exploit Author: Ihsan Sencan Vendor Homepage: https://aiopmsd.sourceforge.io/ Software Link: https://sourceforge.net/projects/aiopmsd/files/latest/download Version: 1.0.0...

0.2AI score
Exploits0
exploitpack
exploitpack
added 2018/10/25 12:0 a.m.16 views

Simple Chat System 1.0 - id SQL Injection

Simple Chat System 1.0 - id SQL Injection Exploit Title: Simple Chat System 1.0 - 'id' SQL Injection Dork: N/A Date: 2018-10-24 Exploit Author: Ihsan Sencan Vendor Homepage: https://www.sourcecodester.com/php/11610/simple-chat-system.html Software Link:...

8.7AI score
Exploits0
exploitpack
exploitpack
added 2018/10/25 12:0 a.m.9 views

BORGChat 1.0.0 build 438 - Denial of Service (PoC)

BORGChat 1.0.0 build 438 - Denial of Service PoC Exploit Title: BORGChat 1.0.0 build 438 - Denial of Service PoC Dork: N/A Date: 2018-10-22 Exploit Author: Ihsan Sencan Vendor Homepage: http://borgchat.10n.ro Software Link: http://borgchat.10n.ro/download.php Version: 1.0.0 build 438 Category: Do...

7.3AI score
Exploits0
exploitpack
exploitpack
added 2018/10/25 12:0 a.m.32 views

Simple POS and Inventory 1.0 - cat SQL Injection

Simple POS and Inventory 1.0 - cat SQL Injection Exploit Title: Simple POS and Inventory 1.0 - 'cat' SQL Injection Dork: N/A Date: 2018-10-24 Exploit Author: Ihsan Sencan Vendor Homepage: https://www.sourcecodester.com/php/11625/simple-pos-and-inventory-system.html Software Link:...

0.2AI score
Exploits0
exploitpack
exploitpack
added 2018/10/25 12:0 a.m.48 views

ProjeQtOr Project Management Tool 7.2.5 - Remote Code Execution

ProjeQtOr Project Management Tool 7.2.5 - Remote Code Execution Exploit Title: ProjeQtOr Project Management Tool 7.2.5 - Remote Code Execution Date: 2018-10-22 Exploit Author: Özkan Mustafa Akkuş AkkuS Contact: https://pentest.com.tr Vendor Homepage: https://www.projeqtor.org Software Link:...

6.5CVSS0.3AI score0.09489EPSS
Exploits3
exploitpack
exploitpack
added 2018/10/25 12:0 a.m.22 views

Oracle Weblogic Server - Deserialization Remote Command Execution (Patch Bypass)

Oracle Weblogic Server - Deserialization Remote Command Execution Patch Bypass // All respects goes to Zhiyi Zhang of 360 ESG Codesafe Team // URL: https://blogs.projectmoon.pw/2018/10/19/Oracle-WebLogic-Two-RCE-Deserialization-Vulnerabilities/ package ysoserial.payloads; import...

0.5AI score
Exploits0
exploitpack
exploitpack
added 2018/10/25 12:0 a.m.45 views

xorg-x11-server 1.20.3 - Local Privilege Escalation

xorg-x11-server 1.20.3 - Local Privilege Escalation CVE-2018-14665 - a LPE exploit via http://X.org fits in a tweet cd /etc; Xorg -fp "root::16431:0:99999:7:::" -logfile shadow :1;su Overwrite shadow or any file on most Linux, get root privileges. BSD and any other Xorg desktop also affected...

7.2CVSS0.4AI score0.2704EPSS
Exploits39
exploitpack
exploitpack
added 2018/10/25 12:0 a.m.68 views

AjentiCP 1.2.23.13 - Cross-Site Scripting

AjentiCP 1.2.23.13 - Cross-Site Scripting Title: AjentiCP 1.2.23.13 - Cross-Site Scripting Author: Numan OZDEMIR https://infinitumit.com.tr Vendor Homepage: ajenti.org Software Link: https://github.com/ajenti/ajenti Version: Up to v1.2.23.13 CVE: CVE-2018-18548 Description: Attacker can inject...

4.3CVSS6.1AI score0.0356EPSS
Exploits5
exploitpack
exploitpack
added 2018/10/24 12:0 a.m.20 views

LANGO Codeigniter Multilingual Script 1.0 - Cross-Site Scripting

LANGO Codeigniter Multilingual Script 1.0 - Cross-Site Scripting Exploit Title: LANGO Codeigniter Multilingual Script 1.0 - Cross-Site Scripting Date: 2018-10-16 Exploit Author: Ismail Tasdelen Vendor Homepage: http://pokkho.com/lango/ Software Link : http://pokkho.com/lango/auth/login Software :...

3.5CVSS5AI score0.01652EPSS
Exploits6
exploitpack
exploitpack
added 2018/10/24 12:0 a.m.13 views

Axioscloud Sissiweb Registro Elettronico 7.0.0 - Error_desc Cross-Site Scripting

Axioscloud Sissiweb Registro Elettronico 7.0.0 - Errordesc Cross-Site Scripting Exploit Title: Axioscloud Sissiweb Registro Elettronico 7.0.0 - 'Errordesc' Cross-Site Scripting Dork: n/a Date: 2018-10-11 Exploit Author: Dino Barlattani Vendor Homepage: http://axiositalia.it/ Software Link:...

6.8AI score
Exploits0
exploitpack
exploitpack
added 2018/10/24 12:0 a.m.10 views

Apache OFBiz 16.11.04 - XML External Entity Injection

Apache OFBiz 16.11.04 - XML External Entity Injection Exploit Title: Apache OFBiz 16.11.04 - XML External Entity Injection Date: 2018-10-15 Exploit Author: Jamie Parfet Vendor Homepage: https://ofbiz.apache.org/ Software Link: https://archive.apache.org/dist/ofbiz/ Version: xXx xXx """ if...

0.4AI score
Exploits0
exploitpack
exploitpack
added 2018/10/24 12:0 a.m.16 views

SG ERP 1.0 - info SQL Injection

SG ERP 1.0 - info SQL Injection Exploit Title: SG ERP 1.0 - 'info' SQL Injection Dork: N/A Date: 2018-10-24 Exploit Author: Ihsan Sencan Vendor Homepage: http://fankstribe.org/ Software Link: https://sourceforge.net/projects/sgerp/files/latest/download Version: 1.0 Category: Webapps Tested on:...

0.3AI score
Exploits0
exploitpack
exploitpack
added 2018/10/24 12:0 a.m.11 views

Adult Filter 1.0 - Denial of Service (PoC)

Adult Filter 1.0 - Denial of Service PoC Exploit Title: ADULT FILTER 1.0 - Denial of Service PoC Date: 2018-10-28 Exploit Author: Beren Kuday GÖRÜN Vendor Homepage: http://www.armcode.com/adult-filter/ Software Link: http://www.armcode.com/downloads/adult-filter.exe Version: 1.0 Build 2007-Mar-...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2018/10/24 12:0 a.m.15 views

Fifa Master XLS 2.3.2 - usw SQL Injection

Fifa Master XLS 2.3.2 - usw SQL Injection Exploit Title: Fifa Master XLS 2.3.2 - 'usw' SQL Injection Dork: N/A Date: 2018-10-24 Exploit Author: Ihsan Sencan Vendor Homepage: http://fankstribe.org/ Software Link: https://sourceforge.net/projects/fifamasterxls/files/latest/download Version: 2.3.2...

0.4AI score
Exploits0
exploitpack
exploitpack
added 2018/10/24 12:0 a.m.132 views

exim 4.90 - Remote Code Execution

exim 4.90 - Remote Code Execution Exploit Title: exim 4.90 - Remote Code Execution Date: 2018-10-24 Exploit Author: hackk.gr Vendor Homepage: exim.org Version: exim -1: authplainavailable = True if test: if lenl 70: sys.stdout.writel:70 + " ...\n" sys.stdout.flush else: print l.strip"\r".strip"\n...

7.5CVSS0.2AI score0.82238EPSS
Exploits19
exploitpack
exploitpack
added 2018/10/23 12:0 a.m.4756 views

MGB OpenSource Guestbook 0.7.0.2 - id SQL Injection

MGB OpenSource Guestbook 0.7.0.2 - id SQL Injection Exploit Title: MGB OpenSource Guestbook 0.7.0.2 - 'id' SQL Injection Dork: N/A Date: 2018-10-23 Exploit Author: Ihsan Sencan Vendor Homepage: http://www.m-gb.org/ Software Link: https://sourceforge.net/projects/mopzz-gb/files/latest/download...

8.7AI score
Exploits0
exploitpack
exploitpack
added 2018/10/23 12:0 a.m.13 views

School ERP Pro+Responsive 1.0 - fid SQL Injection

School ERP Pro+Responsive 1.0 - fid SQL Injection Exploit Title: School ERP Pro+Responsive 1.0 - 'fid' SQL Injection Dork: N/A Date: 2018-10-23 Exploit Author: Ihsan Sencan Vendor Homepage: http://www.arox.in/ Software Link:...

0.4AI score
Exploits0
exploitpack
exploitpack
added 2018/10/23 12:0 a.m.15 views

Appsource School Management System 1.0 - student_id SQL Injection

Appsource School Management System 1.0 - studentid SQL Injection Exploit Title: Appsource School Management System 1.0 - 'studentid' SQL Injection Dork: N/A Date: 2018-10-19 Exploit Author: Ihsan Sencan Vendor Homepage: http://www.appsource.ug/school/ Software Link:...

0.2AI score
Exploits0
exploitpack
exploitpack
added 2018/10/23 12:0 a.m.17 views

SIM-PKH 2.4.1 - id SQL Injection

SIM-PKH 2.4.1 - id SQL Injection Exploit Title: SIM-PKH 2.4.1 - 'id' SQL Injection Dork: N/A Date: 2018-10-22 Exploit Author: Ihsan Sencan Vendor Homepage: https://simpkh.sourceforge.io/ Software Link: https://sourceforge.net/projects/simpkh/files/latest/download Version: 2.4.1 Category: Webapps...

8.7AI score
Exploits0
exploitpack
exploitpack
added 2018/10/23 12:0 a.m.32 views

ServersCheck Monitoring Software 14.3.3 - id SQL Injection

ServersCheck Monitoring Software 14.3.3 - id SQL Injection Exploit Title: ServersCheck Monitoring Software 14.3.3 - 'id' SQL Injection Author: John Page aka hyp3rlinx Date: 2018-10-23 Vendor: www.serverscheck.com Software link: http://downloads.serverscheck.com/monitoringsoftware/setup.exe CVE: N...

6.5CVSS0.00928EPSS
Exploits4
exploitpack
exploitpack
added 2018/10/23 12:0 a.m.25 views

Microsoft Data Sharing - Local Privilege Escalation (PoC)

Microsoft Data Sharing - Local Privilege Escalation PoC Bug description: RpcDSSMoveFromSharedFilehandle,L"token",L"c:\blah1\pci.sys"; This function exposed over alpc, has a arbitrary delete vuln. Hitting the timing was pretty annoying. But my PoC will keep rerunning until...

0.1AI score
Exploits0
exploitpack
exploitpack
added 2018/10/23 12:0 a.m.23 views

School ERP Pro+Responsive 1.0 - Arbitrary File Download

School ERP Pro+Responsive 1.0 - Arbitrary File Download Exploit Title: School ERP Pro+Responsive 1.0 - Arbitrary File Download Dork: N/A Date: 2018-10-23 Exploit Author: Ihsan Sencan Vendor Homepage: http://www.arox.in/ Software Link:...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2018/10/23 12:0 a.m.20 views

SIM-PKH 2.4.1 - Arbitrary File Upload

SIM-PKH 2.4.1 - Arbitrary File Upload Exploit Title: SIM-PKH 2.4.1 - Arbitrary File Upload Dork: N/A Date: 2018-10-22 Exploit Author: Ihsan Sencan Vendor Homepage: https://simpkh.sourceforge.io/ Software Link: https://sourceforge.net/projects/simpkh/files/latest/download Version: 2.4.1 Category:...

0.2AI score
Exploits0
exploitpack
exploitpack
added 2018/10/23 12:0 a.m.38 views

ServersCheck Monitoring Software 14.3.3 - Arbitrary File Write

ServersCheck Monitoring Software 14.3.3 - Arbitrary File Write Exploit Title: ServersCheck Monitoring Software 14.3.3 - Denial of Service PoC Author: John Page aka hyp3rlinx Date: 2018-10-23 Vendor: www.serverscheck.com Software Link: http://downloads.serverscheck.com/monitoringsoftware/setup.exe...

5CVSS0.4AI score0.02677EPSS
Exploits5
exploitpack
exploitpack
added 2018/10/22 12:0 a.m.19 views

The Open ISES Project 3.30A - Arbitrary File Download

The Open ISES Project 3.30A - Arbitrary File Download Exploit Title: The Open ISES Project 3.30A - Arbitrary File Download Dork: N/A Date: 2018-10-18 Exploit Author: Ihsan Sencan Vendor Homepage: http://openises.sourceforge.net/ Software Link:...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2018/10/22 12:0 a.m.19 views

Modbus Poll 7.2.2 - Denial of Service (PoC)

Modbus Poll 7.2.2 - Denial of Service PoC Exploit Title: Modbus Poll 7.2.2 - Denial of Service PoC Discovery by: Cemal Cihad ÇİFTÇİ Discovery Date: 2018-10-19 Tested Version: 7.2.2 Vulnerability Type: DOS Tested on OS: Windows XP Professional Service Pack 3 Vendor Homepage:...

0.2AI score
Exploits0
exploitpack
exploitpack
added 2018/10/22 12:0 a.m.20 views

eNdonesia Portal 8.7 - artid SQL Injection

eNdonesia Portal 8.7 - artid SQL Injection Exploit Title: eNdonesia Portal 8.7 - 'artid' SQL Injection Dork: N/A Date: 2018-10-21 Exploit Author: Ihsan Sencan Vendor Homepage: http://www.endonesia.org/ Software Link: https://sourceforge.net/projects/endonesia/files/latest/download Version: 8.7...

0.9AI score
Exploits0
exploitpack
exploitpack
added 2018/10/22 12:0 a.m.22 views

Oracle Siebel CRM 8.1.1 - CSV Injection

Oracle Siebel CRM 8.1.1 - CSV Injection Exploit Title: Oracle Siebel CRM 8.1.1 - CSV Injection Date: 2018-10-21 Exploit Author: Sarath Nair aka AceNeon13 Contact: @AceNeon13 Vendor Homepage: www.oracle.com Software Link:...

Exploits0
exploitpack
exploitpack
added 2018/10/22 12:0 a.m.16 views

Viva Visitor Volunteer ID Tracking 0.95.1 - fname SQL Injection

Viva Visitor Volunteer ID Tracking 0.95.1 - fname SQL Injection Exploit Title: Viva Visitor & Volunteer ID Tracking 0.95.1 - 'fname' SQL Injection Dork: N/A Date: 2018-10-19 Exploit Author: Ihsan Sencan Vendor Homepage: https://viva-visitor.sourceforge.io/ Software Link:...

0.9AI score
Exploits0
exploitpack
exploitpack
added 2018/10/22 12:0 a.m.22 views

School ERP Ultimate 2018 - Arbitrary File Download

School ERP Ultimate 2018 - Arbitrary File Download Exploit Title: School ERP Ultimate 2018 - Arbitrary File Download Dork: N/A Date: 2018-10-21 Exploit Author: Ihsan Sencan Vendor Homepage: http://freeschoolerp.com/ Software Link: http://freeschoolerp.com/schoolerp30Nov2017free.zip Software Link:...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2018/10/22 12:0 a.m.28 views

Apple iOS Kernel - Use-After-Free due to bad Error Handling in Personas

Apple iOS Kernel - Use-After-Free due to bad Error Handling in Personas / There was recently some cleanup in the persona code to fix some race conditions there, I don't think it was sufficient: In kpersonaallocsyscall if we provide an invalid userspace pointer for the ipd outptr we can cause this...

0.1AI score
Exploits0
exploitpack
exploitpack
added 2018/10/22 12:0 a.m.24 views

Keybase keybase-redirector - $PATH Local Privilege Escalation

Keybase keybase-redirector - $PATH Local Privilege Escalation keybase-redirector is a setuid root binary. keybase-redirector calls the fusermount binary using a relative path and the application trusts the value of $PATH. This allows a local, unprivileged user to trick the application to executin...

0.2AI score
Exploits0
exploitpack
exploitpack
added 2018/10/22 12:0 a.m.11 views

School ERP Ultimate 2018 - fid SQL Injection

School ERP Ultimate 2018 - fid SQL Injection Exploit Title: School ERP Ultimate 2018 - 'fid' SQL Injection Dork: N/A Date: 2018-10-21 Exploit Author: Ihsan Sencan Vendor Homepage: http://freeschoolerp.com/ Software Link: http://freeschoolerp.com/schoolerp30Nov2017free.zip Software Link:...

0.4AI score
Exploits0
exploitpack
exploitpack
added 2018/10/22 12:0 a.m.40 views

Apple iOSmacOS - Kernel Memory Corruption due to Integer Overflow in IOHIDResourceQueue::enqueueReport

Apple iOSmacOS - Kernel Memory Corruption due to Integer Overflow in IOHIDResourceQueue::enqueueReport / IOHIDResourceQueue inherits from IOSharedDataQueue and adds its own ::enqueueReport method, which seems to be mostly copy-pasted from IOSharedDataQueue and IODataQueue's ::enqueue methods. I...

9.3CVSS0.7AI score0.03424EPSS
Exploits2
exploitpack
exploitpack
added 2018/10/22 12:0 a.m.18 views

The Open ISES Project 3.30A - tick_lat SQL Injection

The Open ISES Project 3.30A - ticklat SQL Injection Exploit Title: The Open ISES Project 3.30A - 'ticklat' SQL Injection Dork: N/A Date: 2018-10-18 Exploit Author: Ihsan Sencan Vendor Homepage: http://openises.sourceforge.net/ Software Link:...

0.1AI score
Exploits0
exploitpack
exploitpack
added 2018/10/22 12:0 a.m.20 views

Apple iOS - Kernel Stack Memory Disclosure due to Failure to Check copyin Return Value

Apple iOS - Kernel Stack Memory Disclosure due to Failure to Check copyin Return Value Here's a code snippet from sleh.c with the second level exception handler for undefined instruction exceptions: static void handleuncategorizedarmsavedstatet state, booleant instrLen2 exceptiontypet exception =...

7AI score
Exploits0
Total number of security vulnerabilities41207