Lucene search
K
ZdtMost viewed

39001 matches found

0day.today
0day.today
added 2020/07/22 12:0 a.m.517 views

NetPCLinker 1.0.0.0 - Buffer Overflow (SEH Egghunter) Exploit

Exploit Title: NetPCLinker 1.0.0.0 - Buffer Overflow SEH Egghunter Exploit Author: Saeed reza Zamanian Vendor Homepage: https://sourceforge.net/projects/netpclinker/ Software Link: https://sourceforge.net/projects/netpclinker/files/ Version: 1.0.0.0 Tested on: Windows Vista SP1 !/usr/bin/python '...

0.2AI score
Exploits0
0day.today
0day.today
added 2019/12/24 12:0 a.m.517 views

vReliable Datagram Sockets (RDS) rds_page_copy_user Privilege Escalation Exploit

This Metasploit module exploits a vulnerability in the rdspagecopyuser function in net/rds/page.c RDS in Linux kernel versions 2.6.30 to 2.6.36-rc8 to execute code as root CVE-2010-3904. This module has been tested successfully on Fedora 13 i686 kernel version 2.6.33.3-85.fc13.i686.PAE and Ubuntu...

7.8CVSS0.6AI score0.11217EPSS
Exploits16
0day.today
0day.today
added 2018/02/07 12:0 a.m.517 views

Dahua Generation 2/3 - Backdoor Access Exploit

Exploit for hardware platform in category remote exploits !/usr/bin/python2.7 if False: ''' 2017-05-03 Public rerelease of Dahua Backdoor PoC https://github.com/mcw0/PoC/blob/master/dahua-backdoor-PoC.py 2017-03-20 With my newfound knowledge of vulnerable devices out there with an unbelievable...

0.3AI score
Exploits0
0day.today
0day.today
added 2024/08/22 12:0 a.m.516 views

SPIP 4.2.12 Remote Code Execution Exploit

This Metasploit module exploits a remote code execution vulnerability in SPIP versions up to and including 4.2.12. The vulnerability occurs in SPIP's templating system where it incorrectly handles user-supplied input, allowing an attacker to inject and execute arbitrary PHP code. This can be...

8.5AI score
Exploits0
0day.today
0day.today
added 2021/03/24 12:0 a.m.516 views

Linksys EA7500 2.0.8.194281 - Cross-Site Scripting Vulnerability

Exploit Title: Linksys EA7500 2.0.8.194281 - Cross-Site Scripting Exploit Author: MiningOmerta Vendor Homepage: https://www.linksys.com/ Version: EA7500 Firmware Version: 2.0.8.194281 CVE: CVE-2012-6708 Tested On: Linksys EA7500 jQuery version 1.7.1 Cross-Site Scripting Vulnerability on modern...

6.1CVSS6.7AI score0.08632EPSS
Exploits6
0day.today
0day.today
added 2019/02/17 12:0 a.m.517 views

UniSharp Laravel File Manager 2.0.0-alpha7 - Arbitrary File Upload Exploit

Exploit for php platform in category web applications Exploit Title: UniSharp Laravel File Manager - Arbitrary File Upload Google Dork: inurl:"laravel-filemanager?type=Files" -site:github.com -site:github.io Exploit Author: Mohammad Danish Vendor Homepage:...

7.1AI score
Exploits0
0day.today
0day.today
added 2024/02/05 12:0 a.m.515 views

Cacti pollers.php SQL Injection / Remote Code Execution Exploit

This Metasploit exploit module leverages sql injection and local file inclusion vulnerabilities in Cacti versions prior to 1.2.26 to achieve remote code execution. Authentication is needed and the account must have access to the vulnerable PHP script pollers.php. This is granted by setting the...

8.8CVSS9.3AI score0.84628EPSS
Exploits5
0day.today
0day.today
added 2020/08/22 12:0 a.m.515 views

Complaint Management System 1.0 - (cid) SQL Injection Vulnerability

Exploit for php platform in category web applications Title: Complaint Management System 1.0 - 'cid' SQL Injection Exploit Author: Mohamed Elobeid 0b3!d Date: 2020-08-21 Vendor Homepage: https://www.sourcecodester.com/php/14206/complaint-management-system.html Software Link:...

0.1AI score
Exploits0
0day.today
0day.today
added 2017/12/22 12:0 a.m.515 views

Palo Alto Networks PAN-OS Cookie Injection Vulnerability

Palo Alto Networks PAN-OS versions before 6.1.19, 7.0.x before 7.0.19, 7.1.x before 7.1.14, and 8.0.x before 8.0.6 allows remote attackers to execute arbitrary code via vectors involving the management interface. !/bin/bash Exploit Title: Fake Cookie Injection PoC - CVE-2017-15944 Date: December...

7.5CVSS1.1AI score0.9834EPSS
Exploits13
0day.today
0day.today
added 2022/05/12 12:0 a.m.514 views

Apache CouchDB 3.2.1 - Remote Code Execution Exploit

Exploit Title: Apache CouchDB 3.2.1 - Remote Code Execution RCE Exploit Author: Konstantin Burov, @sadshade Software Link: https://couchdb.apache.org/ Version: 3.2.1 and below Tested on: Kali 2021.2 Based on 1F98D's Erlang Cookie - Remote Code Execution Shodan: port:4369 "name couchdb at" CVE:...

9.8CVSS9.6AI score0.92335EPSS
Exploits9
0day.today
0day.today
added 2021/03/10 12:0 a.m.514 views

Microsoft Windows Containers Privilege Escalation Vulnerability

The standard user ContainerUser in a Windows Container has elevated privileges and High integrity level which results in making it administrator equivalent even though it should be a restricted user. Windows Containers: ContainerUser has Elevated Privileges Windows Containers: ContainerUser has...

7.8CVSS8.7AI score0.00748EPSS
Exploits2
0day.today
0day.today
added 2023/04/20 12:0 a.m.513 views

Swagger UI 4.1.3 - User Interface (UI) Misrepresentation of Critical Information Exploit

Exploit Title: Swagger UI 4.1.3 - User Interface UI Misrepresentation of Critical Information Exploit Author: Rafael Cintra Lopes Vendor Homepage: https://swagger.io/ Version: 4.1.3 CVE: CVE-2018-25031 Site: https://rafaelcintralopes.com.br/ Usage: python swagger-exploit.py https://swagger-page.c...

4.3CVSS5.9AI score0.42326EPSS
Exploits4
0day.today
0day.today
added 2023/04/02 12:0 a.m.513 views

AD Manager Plus 7122 - Remote Code Execution Vulnerability

Exploit Title: AD Manager Plus 7122 - Remote Code Execution RCE Exploit Author: Chan Nyein Wai & Thura Moe Myint Vendor Homepage: https://www.manageengine.com/products/ad-manager/ Software Link: https://www.manageengine.com/products/ad-manager/download.html Version: Ad Manager Plus Before 7122...

10CVSS9.3AI score0.99999EPSS
Exploits351
0day.today
0day.today
added 2021/12/14 12:0 a.m.513 views

Apache Log4j 2 - Remote Code Execution Exploit

Exploit Title: Apache Log4j 2 - Remote Code Execution RCE Exploit Authors: kozmer, z9fr, svmorris Vendor Homepage: https://logging.apache.org/log4j/2.x/ Software Link: https://github.com/apache/logging-log4j2 Version: versions 2.0-beta-9 and 2.14.1. Tested on: Linux CVE: CVE-2021-44228 Github rep...

10CVSS10AI score0.99999EPSS
Exploits351
0day.today
0day.today
added 2023/10/09 12:0 a.m.512 views

Wordpress Masterstudy LMS Plugin - 3.0.17 - Unauthenticated Instructor Account Creation Exploit

Exploit Title: Wordpress Plugin Masterstudy LMS - 3.0.17 - Unauthenticated Instructor Account Creation Google Dork: inurl:/user-public-account Exploit Author: Revan Arifio Vendor Homepage: https:/.org/plugins/masterstudy-lms-learning-management-system/ Version: | | \ / | | / /| || / / | | |/ / / ...

7.5CVSS7.1AI score0.03495EPSS
Exploits6
0day.today
0day.today
added 2022/03/08 12:0 a.m.512 views

Linux Kernel 5.8 < 5.16.11 - Local Privilege Escalation (DirtyPipe) Exploit

// Exploit Title: Linux Kernel 5.8 Proof-of-concept exploit for the Dirty Pipe vulnerability CVE-2022-0847 caused by an uninitialized "pipebuffer.flags" variable. It demonstrates how to overwrite any file contents in the page cache, even if the file is not permitted to be written, immutable or on...

7.8CVSS8.5AI score0.89063EPSS
Exploits100
0day.today
0day.today
added 2020/07/27 12:0 a.m.512 views

WordPress Email Subscribers & Newsletters 4.2.2 Plugin - (hash) SQL Injection (Unauthenticated)

Exploit for php platform in category web applications Exploit Title: WordPress Plugin Email Subscribers & Newsletters 4.2.2 - 'hash' SQL Injection Unauthenticated Google Dork: "Stable tag" inurl:wp-content/plugins/email-subscribers/readme.txt Exploit Author: email protectedESEC Vendor Homepage:...

7.5CVSS9.2AI score0.8511EPSS
Exploits7
0day.today
0day.today
added 2015/11/07 12:0 a.m.512 views

Joomla com_sexycontactform Arbitrary File Upload Vulnerability

Usage Info Google Dork: "/components/comsexycontactform/" site:gr Google Dork: "Powered by sexycontact" site:gr Google Dork: inurl:"sexy-contact-form" site:gr Exploit : components/comsexycontactform/fileupload/index.php Shell Access :...

7.1AI score
Exploits0
0day.today
0day.today
added 2008/06/02 12:0 a.m.512 views

SMEweb 1.4b (SQL/XSS) Multiple Remote Vulnerabilities

Exploit for unknown platform in category web applications ===================================================== SMEweb 1.4b SQL/XSS Multiple Remote Vulnerabilities ===================================================== ======================================================= SMEweb 1.4b SQL/XSS...

7.1AI score
Exploits0
0day.today
0day.today
added 2020/03/23 12:0 a.m.511 views

360 Security Sandbox Escape 0day Exploit

Sandbox is a feature introduced to isolate risky programs. Application running in sandbox have only limited access and it wont allow tasks such as network communication , creating file or anything malicious in nature A vulnerability in 360 security sandbox allows attackers to escape from the...

1.5AI score
Exploits0
0day.today
0day.today
added 2022/09/08 12:0 a.m.510 views

Apache Spark Unauthenticated Command Injection Exploit

This Metasploit module exploits an unauthenticated command injection vulnerability in Apache Spark. Successful exploitation results in remote code execution under the context of the Spark application user. The command injection occurs because Spark checks the group membership of the user passed i...

8.8CVSS0.5AI score0.92984EPSS
Exploits12
0day.today
0day.today
added 2016/12/16 12:0 a.m.510 views

XenForo 1.5.x Remote Code Execution Vulnerability

Exploit for php platform in category web applications XenForo 1.5.x Remote Code Execution Vulnerability 1. ADVISORY INFORMATION ======================= Product: XenForo Vendor URL: xenforo.com Type: Code Injection CWE-94 Date found: 2016-12-09 Date published: 2016-12-15 CVSSv3 Score: 9.3...

7.1AI score
Exploits0
0day.today
0day.today
added 2015/06/02 12:0 a.m.510 views

D-Link Devices HNAP SOAPAction-Header Command Execution Exploit

Different D-Link Routers are vulnerable to OS command injection in the HNAP SOAP interface. Since it is a blind OS command injection vulnerability, there is no output for the executed command. This Metasploit module has been tested on a DIR-645 device. The following devices are also reported as...

10CVSS9.6AI score0.97101EPSS
Exploits2
0day.today
0day.today
added 2023/12/29 12:0 a.m.509 views

FreeSWITCH 1.10.10 Denial Of Service Vulnerability

When handling DTLS-SRTP for media setup, FreeSWITCH version 1.10.10 is susceptible to denial of service due to a race condition in the hello handshake phase of the DTLS protocol. This attack can be done continuously, thus denying new DTLS-SRTP encrypted calls during the attack. FreeSWITCH...

7.5CVSS5.6AI score0.01485EPSS
Exploits4
0day.today
0day.today
added 2022/03/09 12:0 a.m.508 views

Dirty Pipe Linux Privilege Escalation Exploit

Proof of concept for a vulnerability in the Linux kernel existing since version 5.8 that allows overwriting data in arbitrary read-only files. This leads to privilege escalation because unprivileged processes can inject code into root processes. / SPDX-License-Identifier: GPL-2.0 / / Copyright 20...

7.8CVSS8.2AI score0.89063EPSS
Exploits100
0day.today
0day.today
added 2020/08/18 12:0 a.m.508 views

Bludit 3.9.2 - Authentication Bruteforce Mitigation Bypass Exploit

Exploit for php platform in category web applications !/usr/bin/env ruby Title: Bludit 3.9.2 - Authentication Bruteforce Mitigation Bypass Author: noraj Alexandre ZANNI Author website: https://pwn.by/noraj/ Date: 2020-08-16 Vendor Homepage: https://www.bludit.com/ Software Link:...

4.3CVSS0.2AI score0.39598EPSS
Exploits9
0day.today
0day.today
added 2020/07/17 12:0 a.m.508 views

Vehicle Parking Management System 1.0 SQL Injection Vulnerability

Vehicle Parking Management System version 1.0 suffer from multiple remote SQL Injection vulnerabilities, one of which allows for authentication bypass. Exploit Title: Vehicle Parking Management System 1.0 - Authentication Bypass Exploit Author: gh1mau Team Members: Capt'N,muzzo,chaos689 |...

0.4AI score
Exploits0
0day.today
0day.today
added 2021/08/24 12:0 a.m.507 views

Shoutcast Server 2.6.0.753 Crash Vulnerability

Shoutcast server version 2.6.0.753 suffers from a remote authenticated crash vulnerability. Shoutcast Server Remote Authenticated Crash ===== Intro ===== Shoutcast Server crashes after failing to handle a non-existent option recieved from a client in an ADMINCGI request. Requires auth to reproduc...

0.2AI score
Exploits0
0day.today
0day.today
added 2020/08/20 12:0 a.m.506 views

Ruijie Networks Switch eWeb S29_RGOS 11.4 - Directory Traversal Vulnerability

Exploit for hardware platform in category web applications Exploit Title: Ruijie Networks Switch eWeb S29RGOS 11.4 - Directory Traversal Exploit Author: Tuygun Vendor Homepage: https://www.ruijienetworks.com/ Version: eWeb S29RGOS 11.41B12P11 Source : https://faruktuygun.com/directorytraversal.ht...

0.4AI score
Exploits0
0day.today
0day.today
added 2023/12/12 12:0 a.m.505 views

WordPress Backup Migration 1.3.7 Remote Code Execution Vulnerability

Vulnerability Summary from Wordfence Intelligence Description: Backup Migration = 1.3.7 backup-backup Unauthenticated Remote Code Execution Affected Plugin: Backup Migration Plugin Slug: backup-backup Affected Versions: = 1.3.7 CVE ID:CVE-2023-6553 Pending CVSS Score: 9.8 Critical CVSS Vector:...

9.8CVSS7.2AI score0.97846EPSS
Exploits14
0day.today
0day.today
added 2023/10/16 12:0 a.m.506 views

ChurchCRM 4.5.4 SQL Injection Exploit

Exploit Title: ChurchCRM 4.5.4 - Authenticated Blind SQL Injection via the ENtyid Date: 03-05-2023 Exploit Author: Arvandy Blog Post: https://github.com/arvandy/CVE/blob/main/CVE-2023-29842/CVE-2023-29842.md Software Link: https://github.com/ChurchCRM/CRM/releases Vendor Homepage:...

8.8CVSS7.1AI score0.01318EPSS
Exploits3
0day.today
0day.today
added 2021/09/15 12:0 a.m.504 views

Ulfius Web Framework Remote Memory Corruption Exploit

Ulfius Web Framework suffers from a remote memory corruption vulnerability. When parsing malformed HTTP requests, a heap-related initialization bug is triggered resulting in a crash in the server or potentially remote code execution with privileges of the running process. !/usr/bin/python3 guul.p...

9.8CVSS0.6AI score0.02628EPSS
Exploits3
0day.today
0day.today
added 2016/10/22 12:0 a.m.504 views

Linux Kernel 2.6.22 < 3.9 (x86/x64) - 'Dirty COW' Race Condition Privilege Escalation

Exploit for linux platform in category local exploits / uncomment correct payload first x86 or x64! $ gcc cowroot.c -o cowroot -pthread $ ./cowroot DirtyCow root privilege escalation Backing up /usr/bin/passwd.. to /tmp/bak Size of binary: 57048 Racing, this may take a while.. /usr/bin/passwd is...

7.2CVSS8AI score0.83524EPSS
Exploits82
0day.today
0day.today
added 2024/03/02 12:0 a.m.503 views

BoidCMS 2.0.0 Command Injection Exploit

This Metasploit module leverages CVE-2023-38836, an improper sanitization bug in BoidCMS versions 2.0.0 and below. BoidCMS allows the authenticated upload of a php file as media if the file has the GIF header, even if the file is a php file. This module requires Metasploit:...

8.8CVSS7.1AI score0.69003EPSS
Exploits8
0day.today
0day.today
added 2022/11/29 12:0 a.m.503 views

Helmet Store Showroom 1.0 SQL Injection Exploit

Exploit Title: Helmet Store Showroom 1.0 - authenticated SQL Injection Exploit Author: syad Vendor Homepage: https://www.sourcecodester.com Software Link: https://www.sourcecodester.com/php/15851/helmet-store-showroom-site-php-and-mysql-free-source-code.html Version: 1.0 Tested on: Windows 10 +...

0.4AI score
Exploits0
0day.today
0day.today
added 2022/01/19 12:0 a.m.503 views

Rocket LMS 1.1 - Persistent Cross Site Scripting Vulnerability

Exploit Title: Rocket LMS 1.1 - Persistent Cross Site Scripting XSS Document Title: =============== Rocket LMS 1.1 - Persistent Cross Site Scripting XSS Product & Service Introduction: =============================== Rocket LMS is an online course marketplace with a pile of features that helps yo...

7.4AI score
Exploits0
0day.today
0day.today
added 2020/08/19 12:0 a.m.503 views

PAC Bypass Due To Unprotected Function Pointer Imports Exploit

PAC aims to prevent an attacker with the ability to read and write memory from executing arbitrary code. It does that by cryptographically signing and validating code pointers as well as some data pointers at runtime. However, it seems that imports of function pointers from shared libraries in...

8.8CVSS8.8AI score0.01996EPSS
Exploits1
0day.today
0day.today
added 2019/07/07 12:0 a.m.503 views

Huawei HG530 Cross Site Request Forgery Vulnerability

Exploit for hardware platform in category web applications Multiple CSRF reboot and restore Vulnerability =========================== The Huawei HG530 suffers from multiple CSRF vulnerability allows local attackers to reboot the device or to restore to factory Configuration. ================== Th...

0.3AI score
Exploits0
0day.today
0day.today
added 2017/06/05 12:0 a.m.503 views

BIND 9.10.5 - Unquoted Service Path Privilege Escalation Vulnerability

Exploit for windows platform in category local exploits + Credits: John Page aka hyp3rlinx Vendor: =========== www.isc.org Product: =========== BIND9 v9.10.5 x86 / x64 BIND is open source software that enables you to publish your Domain Name System DNS information on the Internet, and to resolve...

7.3AI score0.01413EPSS
Exploits5
0day.today
0day.today
added 2021/12/08 12:0 a.m.502 views

Reprise License Manager 14.2 Session Hijacking Vulnerability

Product: Reprise License Manager 14.2 Vendor: Reprise Software CVE ID: CVE-2021-44151 Vulnerability Title: Unauthenticated Session Hijacking Severity: Medium/High Authors: Mark Staal Steenberg, Bilal El Ghoul, Gionathan Armando Reale, Andreas Fyhn Andersen, Oliver Lind Nordestgaard Introduction: ...

7.5CVSS0.6AI score0.02529EPSS
Exploits2
0day.today
0day.today
added 2021/12/04 12:0 a.m.502 views

OrbiTeam BSCW Server XSS / LFI / User Enumeration Vulnerabilities

OrbiTeam BSCW Server versions 5.0.x, 5.1.x, 5.2.4 and below, 7.3.x and below, and 7.4.3 and below suffer from path traversal, cross site scripting, HTTP header, session object manipulation, local file inclusion, and user enumeration vulnerabilities...

7AI score
Exploits0
0day.today
0day.today
added 2021/10/27 12:0 a.m.502 views

Linux SELinux PTRACE_TRACEME Handler Use-After-Free Exploit

Linux suffers from a use-after-free read in the SELinux handler for PTRACETRACEME. Linux: UAF read in SELinux handler for PTRACETRACEME There's a UAF read in the SELinux handler for PTRACETRACEME, selinuxptracetraceme. The bug was introduced in commit eb1231f73c4d7 "selinux: clarify task...

7.3AI score
Exploits0
0day.today
0day.today
added 2018/02/03 12:0 a.m.502 views

Microsoft Windows SMB MS17-010 EternalRomance / EternalSynergy / EternalChampion Remote Code Executi

This Metasploit module will exploit SMB with vulnerabilities in MS17-010 to achieve a write-what-where primitive. This will then be used to overwrite the connection session information with as an Administrator session. From there, the normal psexec payload code execution is done. Exploits a type...

9.3CVSS8.1AI score0.99693EPSS
Exploits53
0day.today
0day.today
added 2024/02/21 12:0 a.m.501 views

Ivanti Connect Secure Unauthenticated Remote Code Execution Exploit

This Metasploit module chains a server side request forgery SSRF vulnerability CVE-2024-21893 and a command injection vulnerability CVE-2024-21887 to exploit vulnerable instances of either Ivanti Connect Secure or Ivanti Policy Secure, to achieve unauthenticated remote code execution. All current...

9.1CVSS8.7AI score0.99999EPSS
Exploits26
0day.today
0day.today
added 2022/03/28 12:0 a.m.501 views

Online Banking System v1.0 SQL injection Vulnerability

Title: Online Banking System v1.0 SQLi Author: nu11secur1ty Vendor: https://www.sourcecodester.com/users/tips23 Software: https://www.sourcecodester.com/php/14868/banking-system-using-php-free-source-code.html Reference:...

0.2AI score
Exploits0
0day.today
0day.today
added 2011/10/05 12:0 a.m.501 views

Ajax File Manager File Upload Vulnerability

Exploit for php platform in category web applications ========================================================================= Ajax File Manager File Upload Vulnerability =========================================================================...

7.1AI score
Exploits0
0day.today
0day.today
added 2025/01/09 12:0 a.m.500 views

ABB Cylon Aspect 3.08.02 escDevicesUpdate.php Denial of Service Vulnerability

ABB Cylon Aspect version 3.08.02 has an off-by-one error in array access that could lead to undefined behavior and potential denial of service. The issue arises in a loop that iterates over an array using a less than condition, allowing access to an out-of-bounds index. This can trigger errors or...

7.2CVSS7AI score0.00874EPSS
Exploits3
0day.today
0day.today
added 2023/09/14 12:0 a.m.500 views

Windows Common Log File System Driver (clfs.sys) Privilege Escalation Exploit

A privilege escalation vulnerability exists in the clfs.sys driver which comes installed by default on Windows 10 21H2, Windows 11 21H2 and Windows Server 20348 operating systems. This Metasploit module exploit makes use to two different kinds of specially crafted .blf files. This module requires...

7.8CVSS7.2AI score0.48973EPSS
Exploits10
0day.today
0day.today
added 2023/08/10 12:0 a.m.500 views

systemd 246 - Local Privilege Escalation Vulnerability

Exploit Title: systemd 246 - Local Privilege Escalation Exploit Author: Iyaad Luqman K init6 Application: systemd 246 Tested on: Ubuntu 22.04 CVE: CVE-2023-26604 systemd 246 was discovered to contain Privilege Escalation vulnerability, when the systemctl status command can be run as root user. Th...

7.8CVSS7.1AI score0.01051EPSS
Exploits4
0day.today
0day.today
added 2023/02/20 12:0 a.m.501 views

Microsoft Windows Contact File Remote Code Execution Vulnerability

Microsoft Windows Contact file / Remote Code Execution Resurrected 2022 / CVE-2022-44666 + John Page aka hyp3rlinx + twitter.com/hyp3rlinx + ISR: ApparitionSec Back in 2018 I discovered three related Windows remote code execution vulnerabilities affecting both VCF and Contact files. They were...

7.8CVSS8AI score0.40435EPSS
Exploits2
Total number of security vulnerabilities5000