Exploitpack - Page 81 of Exploitpack Vulnerabilities List | Vulners.com

ExploitpackRecent

Recent Most viewed

41207 matches found

exploitpack•added 2017/11/05 12:0 a.m.•44 views

Avaya IP Office (IPO) 10.1 - SoftConsole Remote Buffer Overflow (SEH)

Avaya IP Office IPO 10.1 - SoftConsole Remote Buffer Overflow SEH + Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/AVAYA-OFFICE-IP-IPO-v9.1.0-10.1-SOFT-CONSOLE-REMOTE-BUFFER-OVERFLOW-0DAY.txt + ISR: apparitionSec Vendor:...

6.8CVSS0.6AI score0.25399EPSS

exploitpack•added 2017/11/04 12:0 a.m.•13 views

WordPress Plugin Userpro 4.9.17.1 - Authentication Bypass

WordPress Plugin Userpro 4.9.17.1 - Authentication Bypass Exploit Title: Userpro – WordPress Plugin – Authentication Bypass Google Dork: inurl:/plugins/userpro Date: 11.04.2017 Exploit Author: Colette Chamberland Wordfence, Iain Hadgraft Duke University Vendor Homepage:...

exploitpack•added 2017/11/04 12:0 a.m.•22 views

Actiontec C1000A Modem - Backdoor Account

Actiontec C1000A Modem - Backdoor Account Exploit Title: Actiontec C1000A backdoor account Google Dork: NA Date: 11/04/2017 Exploit Author: Joseph McDonagh Vendor Homepage: https://actiontecsupport.zendesk.com/hc/en-us Software Link: N/A Hardware Version: Firmware CAC003-31.30L.86 Tested on: Linu...

exploitpack•added 2017/11/03 12:0 a.m.•20 views

Logitech Media Server 7.9.0 - Radio URL Cross-Site Scripting

Logitech Media Server 7.9.0 - Radio URL Cross-Site Scripting Exploit Title: Logitech Media Server : HTML code injection and execution. Shodan Dork: Search Logitech Media Server Date: 11/03/2017 Exploit Author: Dewank Pant Vendor Homepage: www.logitech.com Version: 7.9.0...

exploitpack•added 2017/11/03 12:0 a.m.•23 views

Logitech Media Server 7.9.0 - favorites Cross-Site Scripting

Logitech Media Server 7.9.0 - favorites Cross-Site Scripting Exploit Title: Logitech Media Server : Persistent Cross Site ScriptingXSS Shodan Dork: Search Logitech Media Server Date: 11/03/2017 Exploit Author: Dewank Pant Vendor Homepage: www.logitech.com Software Link: download link if available...

exploitpack•added 2017/11/03 12:0 a.m.•81 views

GraphicsMagick - Memory Disclosure Heap Overflow

GraphicsMagick - Memory Disclosure Heap Overflow '''Vulnerabilities summary The following advisory describes two 2 vulnerabilities found in GraphicsMagick. GraphicsMagick is “The swiss army knife of image processing. Comprised of 267K physical lines according to David A. Wheeler’s SLOCCount of...

exploitpack•added 2017/11/03 12:0 a.m.•43 views

Ladon Framework for Python 0.9.40 - XML External Entity Expansion

Ladon Framework for Python 0.9.40 - XML External Entity Expansion Advisory: XML External Entity Expansion in Ladon Webservice Attackers who can send SOAP messages to a Ladon webservice via the HTTP interface of the Ladon webservice can exploit an XML external entity expansion vulnerability and re...

exploitpack•added 2017/11/03 12:0 a.m.•13 views

WordPress Plugin JTRT Responsive Tables 4.1 - SQL Injection

WordPress Plugin JTRT Responsive Tables 4.1 - SQL Injection Exploit Title: JTRT Responsive Tables 4.1 – WordPress Plugin – Sql Injection Exploit Author: Lenon Leite Vendor Homepage: https://wordpress.org/plugins/jtrt-responsive-tables/ Software Link:...

exploitpack•added 2017/11/03 12:0 a.m.•36 views

Ipswitch WS_FTP Professional 12.6.0.3 - Local Buffer Overflow (SEH)

Ipswitch WSFTP Professional 12.6.0.3 - Local Buffer Overflow SEH !/usr/bin/python Title: Ipswitch WSFTP Professional Local Buffer Overflow SEH Author: Kevin McGuigan. Twitter: @h3xagram Author Website: https://www.7elements.co.uk Vendor Website: https://www.ipswitch.com Date: 03/11/2017 Version:...

4.6CVSS0.4AI score0.0003EPSS

exploitpack•added 2017/11/03 12:0 a.m.•9 views

Jnes 1.0.2 - Stack Buffer Overflow

Jnes 1.0.2 - Stack Buffer Overflow !/usr/bin/env python coding: utf-8 Exploit Title: Jnes Version 1.0.2 Stack Buffer Overflow Date: 3-11-2017 Exploit Author: crashmanucoot Contact: twitter.com/crashmanucoot Vendor Homepage: http://www.jabosoft.com/home Software Link:...

exploitpack•added 2017/11/02 12:0 a.m.•44 views

Debut Embedded HTTPd 1.20 - Denial of Service

Debut Embedded HTTPd 1.20 - Denial of Service Exploit Title: Remote un-authenticated DoS in Debut embedded httpd server in Brother printers Date: 11/02/2017 Exploit Author: z00n @0xz00n Vendor Homepage: http://www.brother-usa.com Version: = 1.20 CVE : CVE-2017-16249 Description: The Debut embedde...

7.8CVSS7.5AI score0.67301EPSS

exploitpack•added 2017/11/01 12:0 a.m.•25 views

OctoberCMS 1.0.426 (Build 426) - Cross-Site Request Forgery

OctoberCMS 1.0.426 Build 426 - Cross-Site Request Forgery Exploit Title: OctoberCMS 1.0.426 - CSRF to Admin Account Takover Vendor Homepage: https://octobercms.com Software Link: https://octobercms.com/download Exploit Author: Zain Sabahat Website: https://about.me/ZainSabahat Category: webapps...

6.8CVSS0.3AI score0.00403EPSS

exploitpack•added 2017/11/01 12:0 a.m.•45 views

Vir.IT eXplorer Anti-Virus 8.5.39 - VIAGLT64.SYS Local Privilege Escalation

Vir.IT eXplorer Anti-Virus 8.5.39 - VIAGLT64.SYS Local Privilege Escalation / Exploit Title - Vir.IT eXplorer Anti-Virus Arbitrary Write Privilege Escalation Date - 1st November 2017 Discovered by - Parvez Anwar @parvezghh Vendor Homepage - http://www.tgsoft.it Tested Version - 8.5.39 Driver...

4.6CVSS0.4AI score0.00193EPSS

exploitpack•added 2017/11/01 12:0 a.m.•33 views

Cisco UCS Platform Emulator 3.1(2ePE1) - Remote Code Execution

Cisco UCS Platform Emulator 3.12ePE1 - Remote Code Execution Vulnerabilities Summary The following advisory describes two remote code execution vulnerabilities found in Cisco UCS Platform Emulator version 3.12ePE1. Cisco UCS Platform Emulator is the Cisco UCS Manager application bundled into a...

7.2CVSS0.4022EPSS

exploitpack•added 2017/11/01 12:0 a.m.•14 views

Ingenious School Management System 2.3.0 - friend_index SQL injection

Ingenious School Management System 2.3.0 - friendindex SQL injection Exploit Title: Ingenious School Management System 2.3.0 - SQL injection Date: 01.11.2017 Vendor Homepage: http://iloveprograming.com/ Software Link: https://www.codester.com/items/4945/ingenious-school-management-system Demo:...

exploitpack•added 2017/11/01 12:0 a.m.•25 views

WhatsApp 2.17.52 - Memory Corruption

WhatsApp 2.17.52 - Memory Corruption !/usr/bin/env python -- coding: utf-8 -- Found this and more exploits on my open source security project: http://www.exploitpack.com Exploit Author: Juan Sacco at KPN Red Team - http://www.kpn.com Date and time of release: 11 October 2017 Tested on: iPhone 5/6...

exploitpack•added 2017/10/31 12:0 a.m.•71 views

ZyXEL PK5001Z Modem - Backdoor Account

ZyXEL PK5001Z Modem - Backdoor Account Exploit Title: ZyXEL PK5001Z Modem - CenturyLink Hardcoded admin and root Telnet Password. Google Dork: n/a Date: 2017-10-31 Exploit Author: Matthew Sheimo Vendor Homepage: https://www.zyxel.com/ Software Link: n/a Version: PK5001Z 2.6.20.19 Tested on: Linux...

9CVSS0.5AI score0.16911EPSS

exploitpack•added 2017/10/30 12:0 a.m.•18 views

News 1.0 - SQL Injection

News 1.0 - SQL Injection Exploit Title: News Magazine & Blog CMS 1.0 - SQL Injection Dork: N/A Date: 30.10.2017 Vendor Homepage: http://geniusocean.com/ Software Link: https://codecanyon.net/item/news-dynamic-newspaper-magazine-and-blog-cms-script/19656143 Demo: http://demo.geniusocean.com/news/...

7.5CVSS10AI score0.01085EPSS

exploitpack•added 2017/10/30 12:0 a.m.•30 views

Vastal I-Tech Agent Zone - searchCommercial.php searchResidential.php SQL Injection

Vastal I-Tech Agent Zone - searchCommercial.php searchResidential.php SQL Injection Exploit Title: Vastal I-Tech Agent Zone - SQL Injection Dork: N/A Date: 30.10.2017 Vendor Homepage: http://vastal.com/ Software http://vastal.com/agent-zone-real-estate-script.html Demo:...

7.5CVSS10AI score0.01411EPSS

exploitpack•added 2017/10/30 12:0 a.m.•20 views

Newspaper 1.0 - SQL Injection

Newspaper 1.0 - SQL Injection Exploit Title: Newspaper Magazine & Blog CMS 1.0 - SQL Injection Dork: N/A Date: 30.10.2017 Vendor Homepage: http://geniusocean.com/ Software Link: https://codecanyon.net/item/mymagazine-fully-responsive-magazine-cms/19493325 Demo:...

7.5CVSS10AI score0.01085EPSS

exploitpack•added 2017/10/30 12:0 a.m.•28 views

D-Park Pro 1.0 - SQL Injection

D-Park Pro 1.0 - SQL Injection Username: Password:...

7.5CVSS0.1AI score0.02512EPSS

exploitpack•added 2017/10/30 12:0 a.m.•21 views

Basic B2B Script - SQL Injection

Basic B2B Script - SQL Injection Exploit Title: Basic B2B Script - SQL Injection Dork: N/A Date: 30.10.2017 Vendor Homepage: http://www.phpscriptsmall.com/ Software Link: http://www.exclusivescript.com/product/nC3F4570353/php-scripts/basic-b2b-script Demo:...

7.5CVSS10AI score0.01411EPSS

exploitpack•added 2017/10/30 12:0 a.m.•18 views

US Zip Codes Database - state SQL Injection

US Zip Codes Database - state SQL Injection Exploit Title: US Zip Codes Database Script - SQL Injection Dork: N/A Date: 30.10.2017 Vendor Homepage: http://rowindex.com/ Software Link: https://www.codester.com/items/4898/us-zip-codes-database-php-script Demo: http://rowindex.com/demo/ Version: N/A...

7.5CVSS10AI score0.01411EPSS

exploitpack•added 2017/10/30 12:0 a.m.•19 views

Ingenious 2.3.0 - Arbitrary File Upload

Ingenious 2.3.0 - Arbitrary File Upload Exploit Title: Ingenious School Management System 2.3.0 - Arbitrary File Upload Dork: N/A Date: 30.10.2017 Vendor Homepage: http://iloveprograming.com/ Software Link: https://www.codester.com/items/4945/ingenious-school-management-system Demo:...

6.5CVSS0.1AI score0.03316EPSS

exploitpack•added 2017/10/30 12:0 a.m.•21 views

Mailing List Manager Pro 3.0 - SQL Injection

Mailing List Manager Pro 3.0 - SQL Injection Exploit Title: Mailing List Manager Pro 3.0 - SQL Injection Dork: N/A Date: 30.10.2017 Vendor Homepage: http://www.vote-pro.com/ Software Link: http://www.mailing-manager.com/demo.html Demo: http://www.mailing-manager.com/demo-gold/ Version: 3.0...

7.5CVSS0.5AI score0.02342EPSS

exploitpack•added 2017/10/30 12:0 a.m.•27 views

Online Exam Test Application - sort SQL Injection

Online Exam Test Application - sort SQL Injection Exploit Title: Online Exam Test Application - SQL Injection Dork: N/A Date: 30.10.2017 Vendor Homepage: http://www.phpscriptsmall.com/ Software Link: http://www.exclusivescript.com/product/1z2e4672468/php-scripts/online-exam-test-application Demo:...

7.5CVSS10AI score0.01411EPSS

exploitpack•added 2017/10/30 12:0 a.m.•18 views

ZeeBuddy 2x - groupid SQL Injection

ZeeBuddy 2x - groupid SQL Injection Exploit Title: ZeeBuddy 2x - SQL Injection Dork: N/A Date: 30.10.2017 Vendor Homepage: http://www.zeescripts.com/ Software Link: http://www.zeebuddy.com/ Demo: http://www.zeebuddy.com/demo/ Version: 2x Category: Webapps Tested on: WiN7x64/KaLiLinuXx64 CVE:...

7.5CVSS0.2AI score0.02512EPSS

exploitpack•added 2017/10/30 12:0 a.m.•11 views

MyBuilder Clone 1.0 - subcategory SQL Injection

MyBuilder Clone 1.0 - subcategory SQL Injection Exploit Title: MyBuilder Clone 1.0 - SQL Injection Dork: N/A Date: 30.10.2017 Vendor Homepage: http://www.contractorscripts.com/ Software Link: http://order.contractorscripts.com/ Demo: http://demo.contractorscripts.com/ Version: 1.0 Category: Webap...

7.5CVSS10AI score0.02342EPSS

exploitpack•added 2017/10/30 12:0 a.m.•19 views

CmsLite 1.4 - S SQL Injection

CmsLite 1.4 - S SQL Injection Exploit Title: Creative Management System - CMS Lite 1.4 - SQL Injection Dork: N/A Date: 30.10.2017 Vendor Homepage: http://bekirk.co.uk/ Software Link: https://codecanyon.net/item/creative-management-system-cms-lite/15297597 Demo: http://demo.bekirk.co.uk/ Version:...

7.5CVSS10AI score0.01411EPSS

exploitpack•added 2017/10/30 12:0 a.m.•16 views

WordPress Plugin Ultimate Product Catalog 4.2.24 - PHP Object Injection

WordPress Plugin Ultimate Product Catalog 4.2.24 - PHP Object Injection Exploit Title: WP Plugin Ultimate Product Catalog 4.2.24 PHP Object Injection Google Dork: NA Date: Okt 30 2017 Exploit Author: tomplixsee Author blog : cupuzone.wordpress.com Vendor Homepage:...

exploitpack•added 2017/10/30 12:0 a.m.•33 views

Vastal I-Tech Dating Zone 0.9.9 - product_id SQL Injection

Vastal I-Tech Dating Zone 0.9.9 - productid SQL Injection Exploit Title: Vastal I-Tech Dating Zone 0.9.9 - 'productid' Parameter SQL Injection Dork: N/A Date: 30.10.2017 Vendor Homepage: http://vastal.com/ Software http://vastal.com/dating-zone-the-dating-software.html Demo:...

7.5CVSS10AI score0.02512EPSS

exploitpack•added 2017/10/30 12:0 a.m.•19 views

Php Inventory - Arbitrary File Upload

Php Inventory - Arbitrary File Upload Exploit Title: Php Inventory & Invoice Management System - Arbitrary File Upload Dork: N/A Date: 30.10.2017 Vendor Homepage: http://savsofteproducts.com/ Software Link: http://www.phpinventory.com/ Demo: http://phpinventory.com/phpinventorydemo/ Version: N/A...

7.5CVSS0.2AI score0.08793EPSS

exploitpack•added 2017/10/30 12:0 a.m.•17 views

MyMagazine 1.0 - id SQL Injection

MyMagazine 1.0 - id SQL Injection Exploit Title: MyMagazine Magazine & Blog CMS 1.0 - SQL Injection Dork: N/A Date: 30.10.2017 Vendor Homepage: http://geniusocean.com/ Software Link: https://codecanyon.net/item/mymagazine-bootstrap-newspaper-magazine-and-blog-cms-script/19620468 Demo:...

7.5CVSS0.01411EPSS

exploitpack•added 2017/10/30 12:0 a.m.•31 views

iTech Gigs Script 1.21 - SQL Injection

iTech Gigs Script 1.21 - SQL Injection Exploit Title: iTech Gigs Script 1.21 - SQL Injection Dork: N/A Date: 30.10.2017 Vendor Homepage: http://itechscripts.com/ Software Link: http://itechscripts.com/the-gigs-script/ Demo: http://gigs.itechscripts.com/ Version: 1.21 Category: Webapps Tested on:...

7.5CVSS0.1AI score0.02342EPSS

exploitpack•added 2017/10/30 12:0 a.m.•18 views

tPanel 2009 - Authentication Bypass

tPanel 2009 - Authentication Bypass Exploit Title: tPanel 2009 - Authentication Bypass Dork: N/A Date: 30.10.2017 Vendor Homepage: http://www.datacomponents.net/ Software Link: http://www.datacomponents.net/products/hosting/tpanel/ Demo: http://demo.datacomponents.net/tpanel/ Version: 2009...

7.5CVSS0.1AI score0.04083EPSS

exploitpack•added 2017/10/30 12:0 a.m.•23 views

Sokial Social Network Script 1.0 - SQL Injection

Sokial Social Network Script 1.0 - SQL Injection Exploit Title: Sokial Social Network Script 1.0 - SQL Injection Dork: N/A Date: 30.10.2017 Vendor Homepage: http://www.sokial.net/ Software http://www.sokial.net/demonstrations-social-network.sk Demo: http://demo.sokial.net/ Version: 1.0 Category:...

7.5CVSS10AI score0.02342EPSS

exploitpack•added 2017/10/30 12:0 a.m.•25 views

Article Directory Script 3.0 - id SQL Injection

Article Directory Script 3.0 - id SQL Injection Exploit Title: Article Directory Script 3.0 - SQL Injection Dork: N/A Date: 30.10.2017 Vendor Homepage: http://www.yourarticlesdirectory.com/ Software Link: http://www.yourarticlesdirectory.com/ Demo: http://www.yourarticlesdirectory.com/livedemo.ph...

7.5CVSS10AI score0.02512EPSS

exploitpack•added 2017/10/30 12:0 a.m.•26 views

Fake Magazine Cover Script - SQL Injection

Fake Magazine Cover Script - SQL Injection Exploit Title: Fake Magazine Cover Script - SQL Injection Dork: N/A Date: 30.10.2017 Vendor Homepage: http://www.websitescripts.org/ Software Link: http://www.websitescripts.org/website-scripts/fake-magazine-cover-script/prod81.html Demo:...

7.5CVSS0.3AI score0.01411EPSS

exploitpack•added 2017/10/30 12:0 a.m.•93 views

SoftDatepro Dating Social Network 1.3 - SQL Injection

SoftDatepro Dating Social Network 1.3 - SQL Injection Exploit Title: SoftDatepro Dating Social Network 1.3 - SQL Injection Dork: N/A Date: 30.10.2017 Vendor Homepage: http://www.softdatepro.com/ Software Link: https://codecanyon.net/item/softdatepro-build-your-own-dating-social-network/3650044...

7.5CVSS10AI score0.02342EPSS

exploitpack•added 2017/10/30 12:0 a.m.•21 views

Website Broker Script - status_id SQL Injection

Website Broker Script - statusid SQL Injection Exploit Title: Website Broker Script - 'statusid' Parameter SQL Injection Dork: N/A Date: 30.10.2017 Vendor Homepage: http://www.phpscriptsmall.com/ Software Link: http://www.exclusivescript.com/product/UwCG4464436/php-scripts/website-broker-script...

7.5CVSS10AI score0.01411EPSS

exploitpack•added 2017/10/30 12:0 a.m.•43 views

Shareet - photo SQL Injection

Shareet - photo SQL Injection Exploit Title: Shareet - Photo Sharing Social Network - SQL Injection Dork: N/A Date: 30.10.2017 Vendor Homepage: https://odallated.com/ Software Link: https://www.codester.com/items/4910/shareet-photo-sharing-social-network Demo: https://odallated.com/shareet/demo/...

7.5CVSS10AI score0.01411EPSS

exploitpack•added 2017/10/30 12:0 a.m.•18 views

AROX School ERP PHP Script - id SQL Injection

AROX School ERP PHP Script - id SQL Injection Exploit Title: AROX School ERP PHP Script - SQL Injection Dork: N/A Date: 30.10.2017 Vendor Homepage: http://arox.in/ Software Link: https://www.codester.com/items/4908/arox-school-erp-php-script Demo: http://erp1.arox.in/ Version: CVE-2017-15978...

7.5CVSS10AI score0.01411EPSS

exploitpack•added 2017/10/30 12:0 a.m.•21 views

PHP CityPortal 2.0 - SQL Injection

PHP CityPortal 2.0 - SQL Injection Exploit Title: PHP CityPortal 2.0 - SQL Injection Dork: N/A Date: 30.10.2017 Vendor Homepage: http://www.phpcityportal.com/ Software Link: http://www.phpcityportal.com/index.php Demo: http://phpcityportal.com/demo Version: 2.0 Category: Webapps Tested on:...

7.5CVSS10AI score0.02512EPSS

exploitpack•added 2017/10/30 12:0 a.m.•17 views

Zomato Clone Script - resid SQL Injection

Zomato Clone Script - resid SQL Injection Exploit Title: Zomato Clone Script - SQL Injection Dork: N/A Date: 30.10.2017 Vendor Homepage: http://www.phpscriptsmall.com/ Software Link: http://www.exclusivescript.com/product/099S4111872/php-scripts/zomato-clone-script Demo:...

7.5CVSS10AI score0.01411EPSS

exploitpack•added 2017/10/30 12:0 a.m.•27 views

Joomla! Component Zh YandexMap 6.1.1.0 - placemarklistid SQL Injection

Joomla! Component Zh YandexMap 6.1.1.0 - placemarklistid SQL Injection Exploit Title: Joomla! Component Zh YandexMap 6.1.1.0 - SQL Injection Dork: N/A Date: 30.10.2017 Vendor Homepage: http://zhuk.cc/ Software Link:...

7.5CVSS0.04151EPSS

exploitpack•added 2017/10/30 12:0 a.m.•45 views

Oracle Java SE - Web Start jnlp XML External Entity Processing Information Disclosure

Oracle Java SE - Web Start jnlp XML External Entity Processing Information Disclosure !/usr/local/bin/python """ Oracle Java SE Web Start jnlp XML External Entity Processing Information Disclosure Vulnerability Affected: + eg: ./poc.py 'C:/Program Files/Java/jre1.8.0131/README.txt' saturn: mrme$...

6.8CVSS0.1AI score0.01939EPSS

exploitpack•added 2017/10/30 12:0 a.m.•20 views

iStock Management System 1.0 - Arbitrary File Upload

iStock Management System 1.0 - Arbitrary File Upload Exploit Title: iStock Management System 1.0 - Arbitrary File Upload Dork: N/A Date: 30.10.2017 Vendor Homepage: http://ikodes.com/ Software Link: https://codecanyon.net/item/istock-management-system/20405084 Demo:...

7.5CVSS9.7AI score0.18153EPSS

exploitpack•added 2017/10/30 12:0 a.m.•18 views

Protected Links - SQL Injection

Protected Links - SQL Injection Username Password...

7.5CVSS0.01411EPSS

exploitpack•added 2017/10/30 12:0 a.m.•22 views

CPA Lead Reward Script - SQL Injection

CPA Lead Reward Script - SQL Injection...

7.5CVSS0.6AI score0.01411EPSS

exploitpack•added 2017/10/30 12:0 a.m.•16 views

Nice PHP FAQ Script - nice_theme SQL Injection

Nice PHP FAQ Script - nicetheme SQL Injection Exploit Title: Nice PHP FAQ Script - SQL Injection Dork: N/A Date: 30.10.2017 Vendor Homepage: http://www.nicephpscripts.com/ Software http://www.nicephpscripts.com/demophpscript-PHP-FAQ-Script-Knowledgebase-Script.htm Demo:...

7.5CVSS0.2AI score0.01411EPSS

Total number of security vulnerabilities41207