Lucene search
K
ZdtMost viewed

39001 matches found

0day.today
0day.today
added 2023/08/24 12:0 a.m.488 views

SugarCRM 12.2.0 SQL Injection Vulnerability

---------------------------------------------------- SugarCRM = 12.2.0 Two SQL Injection Vulnerabilities ---------------------------------------------------- - Software Link: https://www.sugarcrm.com - Affected Versions: Version 12.2.0 and prior versions. Version 12.0.2 and prior versions. Versio...

8.8CVSS7.1AI score0.00967EPSS
Exploits2
0day.today
0day.today
added 2022/07/18 12:0 a.m.488 views

Orange Station 1.0 SQL injection Vulnerability

Title: Orange Station 1.0 SQLi Author: nu11secur1ty Vendor: https://www.mayurik.com/ Software: https://www.sourcecodester.com/php/15485/garage-management-system-using-phpmysql-source-code.html Reference:...

7.1AI score
Exploits0
0day.today
0day.today
added 2021/10/01 12:0 a.m.488 views

Windows/x86 - WinExec PopCalc PEB & Export Directory Table NullFree Dynamic Shellcode 178 bytes

; Windows/x86 - WinExec PopCalc PEB & Export Directory Table NullFree Dynamic Shellcode 178 bytes ; Description: ; This is a shellcode that pop a calc.exe. The shellcode iuses ; the PEB method to locate the baseAddress of the required module and the Export Directory Table ; to locate symbols. Als...

7.4AI score
Exploits0
0day.today
0day.today
added 2021/10/31 12:0 a.m.487 views

Microsoft OMI Management Interface Authentication Bypass Exploit

By removing the authentication header, an attacker can issue an HTTP request to the OMI management endpoint that will cause it to execute an operating system command as the root user. This vulnerability was patched in OMI version 1.6.8-1 released September 8th 2021. This module requires Metasploi...

9.8CVSS1.1AI score0.99723EPSS
Exploits19
0day.today
0day.today
added 2017/10/02 12:0 a.m.486 views

Dnsmasq < 2.78 - Stack-Based Overflow Exploit

Exploit for multiple platform in category dos / poc ''' Sources: https://raw.githubusercontent.com/google/security-research-pocs/master/vulnerabilities/dnsmasq/CVE-2017-14493.py https://security.googleblog.com/2017/10/behind-masq-yet-more-dns-and-dhcp.html 1 Build the docker and open two terminal...

7.5CVSS9AI score0.83638EPSS
Exploits6
0day.today
0day.today
added 2024/03/05 12:0 a.m.484 views

Multilaser RE160V / RE160 URL Manipulation Access Bypass Vulnerability

Multilaser RE160V web management interface versions 12.03.01.08pt and 12.03.01.09pt along with RE160 versions 5.07.51ptMTL01 and 5.07.52ptMTL01 suffer from an access control bypass vulnerability through URL manipulation. =====Tempest Security Intelligence - Security Advisory - CVE-2023-38945=====...

9.8CVSS9.2AI score0.03753EPSS
Exploits8
0day.today
0day.today
added 2023/01/22 12:0 a.m.484 views

Solaris 10 dtprintinfo / libXm / libXpm Security Issues Vulnerability

Multiple vulnerabilities have been discovered across Common Desktop Environment version 1.6, Motif version 2.1, and X.Org libXpm versions prior to 3.5.15 on Oracle Solaris 10 that can be chained together to achieve root. Title: Multiple vulnerabilities in Solaris dtprintinfo and libXm/libXpm...

7.5CVSS8.8AI score0.08052EPSS
Exploits2
0day.today
0day.today
added 2022/10/19 12:0 a.m.484 views

Zimbra Privilege Escalation Exploit

This Metasploit module exploits a vulnerable sudo configuration that permits the Zimbra user to execute postfix as root. In turn, postfix can execute arbitrary shellscripts, which means it can execute a root shell. This module requires Metasploit: https://metasploit.com/download Current source:...

7.8CVSS8.1AI score0.00695EPSS
Exploits4
0day.today
0day.today
added 2019/06/26 12:0 a.m.484 views

BlogEngine.NET 3.3.6/3.3.7 - (path) Directory Traversal Vulnerability

Exploit for asp platform in category web applications Exploit Title: Directory Traversal on BlogEngine.NET Date: 24 Jun 2019 Exploit Author: Aaron Bishop Vendor Homepage: https://blogengine.io/ Version: v3.3.7 Tested on: 3.3.7, 3.3.6 CVE : 2019-10717 1. Description ============== BlogEngine.NET i...

0.1AI score0.05399EPSS
Exploits5
0day.today
0day.today
added 2018/10/28 12:0 a.m.484 views

Shell In A Box 2.2.0 Denial Of Service Exploit

Exploit for linux platform in category dos / poc Product: Shell In A Box aka shellinabox, shellinaboxd "Shell In A Box implements a web server that can export arbitrary command line tools to a web based terminal emulator. This emulator is accessible to any JavaScript and CSS enabled web browser a...

7.6AI score0.05986EPSS
Exploits3
0day.today
0day.today
added 2021/09/20 12:0 a.m.483 views

WordPress 5.7 - (Media Library) XML External Entity Injection Authenticated Vulnerability

Exploit Title: WordPress 5.7 - 'Media Library' XML External Entity Injection XXE Authenticated Exploit Author: David Utón M3n0sD0n4ld Vendor Homepage: https://wordpress.com Affected Version: WordPress 5.6-5.7 & PHP8 Tested on: Linux Ubuntu 18.04.5 LTS CVE : CVE-2021-29447 !/bin/bash Author:...

7.1CVSS0.7AI score0.85719EPSS
Exploits20
0day.today
0day.today
added 2022/08/15 12:0 a.m.482 views

Gas Agency Management 2022 SQL Injection / XSS / Shell Upload Vulnerabilities

Gas Agency Management 2022 suffers from cross site scripting, remote SQL injection, and remote shell upload vulnerabilities. Title: Gas Agency Management-2022 by Mayuri K - SQLi+FU-RCE+XSS Author: nu11secur1ty Vendor Homepage: https://www.mayurik.com/downloadsection Software Link-0:...

0.1AI score
Exploits0
0day.today
0day.today
added 2021/11/17 12:0 a.m.483 views

Wordpress Smart Product Review 1.0.4 Plugin - Shell Upload Exploit

Exploit Title: Wordpress Plugin Smart Product Review 1.0.4 - Arbitrary File Upload Google Dork: inurl: /wp-content/plugins/smart-product-review/ Exploit Author: Keyvan Hardani Vendor Homepage: https://demo.codeflist.com/wordpress-plugins/smart-product-review/ Version: = 1.0.4 Tested on: Kali Linu...

7.1AI score
Exploits0
0day.today
0day.today
added 2021/10/25 12:0 a.m.482 views

Wordpress 4.9.6 - Arbitrary File Deletion (Authenticated) Exploit

Exploit Title: Wordpress 4.9.6 - Arbitrary File Deletion Authenticated 2 Exploit Author: samguy Vulnerability Discovery By: Slavco Mihajloski & Karim El Ouerghemmi Vendor Homepage: https://wordpress.org Software Link: https://wordpress.org/wordpress-4.9.6.tar.gz Version: 4.9.6 Tested on: Linux -...

8.8CVSS0.2AI score0.62558EPSS
Exploits4
0day.today
0day.today
added 2021/10/20 12:0 a.m.482 views

SonicWall SMA 10.2.1.0-17sv - Password Reset Vulnerability

Exploit Title: SonicWall SMA 10.2.1.0-17sv - Password Reset Description: Overwrite the persistent database, resulting in password reset on reboot. Shodan Dork: https://www.shodan.io/search?query=title%3A%22Virtual+Office%22+%22Server%3A+SonicWall%22 Exploit Author: Jacob Baines @JuniorBaines Root...

9.1CVSS0.4AI score0.80701EPSS
Exploits4
0day.today
0day.today
added 2016/03/16 12:0 a.m.482 views

OpenSSH 7.2p1 - Authenticated xauth Command Injection

Exploit for multiple platform in category remote exploits ''' Author: Ref: https://github.com/tintinweb/pub/tree/master/pocs/cve-2016-3115 Version: 0.2 Date: Mar 3rd, 2016 Tag: openssh xauth command injection may lead to forced-command and /bin/false bypass Overview -------- Name: openssh Vendor:...

7.1AI score0.37016EPSS
Exploits13
0day.today
0day.today
added 2023/12/07 12:0 a.m.481 views

Docker cgroups Container Escape Exploit

This Metasploit exploit module takes advantage of a Docker image which has either the privileged flag, or SYSADMIN Linux capability. If the host kernel is vulnerable, its possible to escape the Docker image and achieve root on the host operating system. A vulnerability was found in the Linux...

7.8CVSS7.5AI score0.05528EPSS
Exploits12
0day.today
0day.today
added 2018/11/05 12:0 a.m.481 views

blueimp jQuery Arbitrary File Upload Exploit

This Metasploit module exploits an arbitrary file upload in the sample PHP upload handler for blueimp's jQuery File Upload widget in versions 9.22.0 and below. Due to a default configuration in Apache 2.3.9+, the widget's .htaccess file may be disabled, enabling exploitation of this vulnerability...

0.1AI score0.97107EPSS
Exploits15
0day.today
0day.today
added 2024/04/24 12:0 a.m.480 views

Apache Solr Backup/Restore API Remote Code Execution Exploit

Apache Solr versions 6.0.0 through 8.11.2 and versions 9.0.0 up to 9.4.1 are affected by an unrestricted file upload vulnerability which can result in remote code execution in the context of the user running Apache Solr. When Apache Solr creates a Collection, it will use a specific directory as t...

8.8CVSS8.7AI score0.8384EPSS
Exploits4
0day.today
0day.today
added 2022/08/22 12:0 a.m.480 views

FLIR AX8 1.46.16 Traversal / Access Control / Command Injection / XSS Vulnerabilities

FLIR AX8 versions 1.46.16 and below suffer from command injection, directory traversal, improper access control, and cross site scripting vulnerabilities. FLIR AX8 vulnerabilities. Product description: The FLIR AX8 is a thermal sensor with imaging capabilities, combining thermal and visual camera...

9.8CVSS0.6AI score0.99607EPSS
Exploits13
0day.today
0day.today
added 2018/11/14 12:0 a.m.480 views

Surreal ToDo 0.6.1.2 - Local File Inclusion Vulnerability

Exploit for php platform in category web applications Exploit Title: Surreal ToDo 0.6.1.2 - Local File Inclusion Exploit Author: Ihsan Sencan Vendor Homepage: http://getsurreal.com/surrealtodo Software Link:...

7.4AI score
Exploits0
0day.today
0day.today
added 2008/06/17 12:0 a.m.480 views

ClipShare < 3.0.1 (tid) Remote SQL Injection Vulnerability

Exploit for unknown platform in category web applications ========================================================== ClipShare 3.0.1 tid Remote SQL Injection Vulnerability ========================================================== // / / / Clipshare / / / / Remote SQL Injection Vulnerability / / ...

7.1AI score
Exploits0
0day.today
0day.today
added 2024/02/11 12:0 a.m.479 views

Elasticsearch - StackOverflow DoS Exploit

Exploit Author: TOUHAMI KASBAOUI Vendor Homepage: https://elastic.co/ Version: 8.5.3 / OpenSearch Tested on: Ubuntu 20.04 LTS CVE : CVE-2023-31419 Ref: https://github.com/sqrtZeroKnowledge/Elasticsearch-Exploit-CVE-2023-31419 import requests import random import string esurl =...

7.5CVSS7AI score0.60679EPSS
Exploits4
0day.today
0day.today
added 2022/02/06 12:0 a.m.479 views

Windows/x86 - Locate kernel32 base address / Memory Sieve method Shellcode (133 bytes)

; Shellcode Title: Windows/x86 - Locate kernel32 base address / Memory Sieve method Shellcode 133 bytes ; Description: ; This shellcode is a new method to find kernel32 base address by parsing .text section of memory to find a pointer to kernel32 API. ; Shellcode Author: Tarek Ahmed ; Tested on:...

7.4AI score
Exploits0
0day.today
0day.today
added 2021/12/04 12:0 a.m.479 views

M-Files Web Denial Of Service Vulnerability

M-Files Web versions prior to 20.10.9524.1 and M-Files Web versions prior to 20.10.9445.0 contain an improper range header processing vulnerability. A remote unauthenticated attacker may send crafted requests with overlapping ranges via HTTP requests with a specially-crafted Range or Request-Rang...

7.5CVSS0.7AI score0.02837EPSS
Exploits3
0day.today
0day.today
added 2021/08/19 12:0 a.m.479 views

Altus Sistemas de Automacao Products CSRF / Command Injection / Hardcoded Credentials Vulnerability

======================================================================= title: Multiple Critical Vulnerabilities product: Multiple Altus Sistemas de Automacao products: Nexto NX30xx Series Nexto NX5xxx Series Nexto Xpress XP3xx Series Hadron Xtorm HX3040 Series vulnerable version: See "Vulnerable...

9CVSS0.6AI score0.0624EPSS
Exploits15
0day.today
0day.today
added 2019/05/21 12:0 a.m.479 views

phpKF 1.10 XSS / CSRF / SQL Injection Vulnerabilities

phpKF version 1.10 suffers from cross site request forgery, cross site scripting, and remote SQL injection vulnerabilities. Exploit Title: phpKF - Multi Vulnerabilities XSS , SQLi , CSRF Google Dork: Yazılım: phpKF © 2007-2019 Exploit Author: Ahmethan GULTEKIN @inject0r16 b4 Vendor Homepage:...

0.2AI score
Exploits0
0day.today
0day.today
added 2018/08/17 12:0 a.m.479 views

Apple Smart Card Services Memory Corruption Vulnerability

Attackers with local access can exploit security issues in the smartcard driver. These result in memory corruptions, which might lead to code execution. Since smartcards can be used for authentication, the vulnerabilities may allow an attacker to login to the system without valid credentials as a...

0.01841EPSS
Exploits1
0day.today
0day.today
added 2024/01/08 12:0 a.m.478 views

Themebleed Windows 11 Themes Arbitrary Code Execution Exploit

When an unpatched Windows 11 host loads a theme file referencing an msstyles file, Windows loads the msstyles file, and if that file's PACKMEVERSION is 999, it then attempts to load an accompanying dll file ending in vrf.dll. Before loading that file, it verifies that the file is signed. It does...

8.8CVSS7AI score0.39491EPSS
Exploits5
0day.today
0day.today
added 2022/08/19 12:0 a.m.477 views

Advantech iView NetworkServlet Command Injection Exploit

Advantech iView software versions prior to 5.7.04.6469 are vulnerable to an unauthenticated command injection vulnerability via the NetworkServlet endpoint. The database backup functionality passes a user-controlled parameter, backupfile to the mysqldump command. The sanitization functionality on...

9.8CVSS10AI score0.59184EPSS
Exploits4
0day.today
0day.today
added 2021/10/25 12:0 a.m.477 views

Engineers Online Portal 1.0 - (multiple) Stored Cross-Site Scripting Vulnerability

Exploit Title: Engineers Online Portal 1.0 - 'multiple' Stored Cross-Site Scripting XSS Exploit Author: Alon Leviev Category: Web application Vendor Homepage: https://www.sourcecodester.com/php/13115/engineers-online-portal-php.html Software Link:...

5.4CVSS5.5AI score0.01647EPSS
Exploits6
0day.today
0day.today
added 2021/10/12 12:0 a.m.477 views

Aviatrix Controller 6.x Path Traversal / Code Execution Exploit

!/usr/bin/env python3 import requests from requests.structures import CaseInsensitiveDict from colorama import Fore, Style import argparse from requests.packages.urllib3.exceptions import InsecureRequestWarning requests.packages.urllib3.disablewarningsInsecureRequestWarning printf""" ░█▀▀█ ░█──░█...

9.8CVSS0.9AI score0.93019EPSS
Exploits5
0day.today
0day.today
added 2019/02/13 12:0 a.m.477 views

Jiofi 4 (JMR 1140 Amtel_JMR1140_R12.07) - CSRF (Admin Token Disclosure) Vulnerability

Exploit for hardware platform in category web applications Exploit Title: Jiofi 4 JMR 1140 CSRF To Leak Admin Tokens to change wifi Password or Factory Reset Router Exploit Author: Ronnie T Baby Contact:https://www.linkedin.com/in/ronnietbaby Vendor Homepage: www.jio.com Hardware Link:...

0.01058EPSS
Exploits2
0day.today
0day.today
added 2022/08/08 12:0 a.m.476 views

ManageEngine ADAudit Plus Path Traversal / XML Injection Exploit

This Metasploit module exploits CVE-2022-28219, which is a pair of vulnerabilities in ManageEngine ADAudit Plus versions before build 7060. They include a path traversal in the /cewolf endpoint along with a blind XML external entity injection vulnerability to upload and execute a file. This modul...

9.8CVSS9.9AI score0.97011EPSS
Exploits6
0day.today
0day.today
added 2022/06/21 12:0 a.m.476 views

Mitel 6800/6900 Series SIP Phones Backdoor Access Vulnerability

Mitel 6800/6900 Series SIP Phones excluding 6970 and Mitel 6900 Series IP MiNet Phones have a flow to spawn a telnet backdoor on the device with a static root password enabled. Affected versions include Rel 5.1 SP8 5.1.0.8016 and earlier, Rel 6.0 6.0.0.368 to 6.1 HF4 6.1.0.165, and MiNet 1.8.0.12...

7.2CVSS0.5AI score0.00739EPSS
Exploits4
0day.today
0day.today
added 2022/06/07 12:0 a.m.476 views

Reolink E1 Zoom Camera 3.0.0.716 Configuration Disclosure Vulnerability

ADVISORY INFORMATION ======================= Product: Reolink E1 Zoom Camera Vendor URL: https://reolink.com/product/e1-zoom/ Type: Exposure of Sensitive Information to an Unauthorized Actor CWE-200 Date found: 2021-08-26 Date published: 2022-06-01 CVSSv3 Score: 5.3...

7.5CVSS7.6AI score0.03364EPSS
Exploits4
0day.today
0day.today
added 2021/09/15 12:0 a.m.477 views

Textpattern CMS 4.8.3 Remote Code Execution Exploit

Exploit Title: Textpattern = 4.8.3 Remote code execution Authenticated Exploit Author: Ricardo Ruiz @ricardojoserf Vendor Homepage: https://textpattern.com/ Software Link: https://textpattern.com/start Version: Previous to 4.8.3 Tested on: CentOS, textpattern 4.5.7 and 4.6.0 Install dependencies:...

7.4AI score
Exploits0
0day.today
0day.today
added 2018/11/26 12:0 a.m.476 views

Xorg X11 Server SUID Privilege Escalation Exploit

This Metasploit module attempts to gain root privileges with SUID Xorg X11 server versions 1.19.0 up to 1.20.3. A permission check flaw exists for -modulepath and -logfile options when starting Xorg. This allows unprivileged users that can start the server the ability to elevate privileges and ru...

0.3AI score0.2704EPSS
Exploits39
0day.today
0day.today
added 2023/05/02 12:0 a.m.475 views

Adobe ColdFusion Unauthenticated Remote Code Execution Exploit

This Metasploit module exploits a remote unauthenticated deserialization of untrusted data vulnerability in Adobe ColdFusion 2021 Update 5 and earlier as well as ColdFusion 2018 Update 15 and earlier, in order to gain remote code execution. This module requires Metasploit:...

8.6CVSS9.2AI score0.97339EPSS
Exploits13
0day.today
0day.today
added 2022/12/10 12:0 a.m.475 views

Intel Data Center Manager 5.1 Local Privilege Escalation Vulnerability

The latest version 5.1 and all prior versions of Intel's Data Center Manager are vulnerable to a local privileges escalation vulnerability using the application user "dcm" used to run the web application and the rest interface. An attacker who gained remote code execution using this dcm user i.e....

10CVSS9.4AI score0.99999EPSS
Exploits352
0day.today
0day.today
added 2019/06/26 12:0 a.m.475 views

SeedDMS < 5.1.11 - (out.UsrMgr.php) Cross-Site Scripting Vulnerability

Exploit for php platform in category web applications Exploit Title: Persistent Cross-Site Scripting or Stored XSS in out/out.UsrMgr.php in SeedDMS before 5.1.11 Exploit Author: Nimit Jainhttps://secfolks.blogspot.com Vendor Homepage: https://www.seeddms.org Software Link:...

3.5CVSS5.6AI score0.02569EPSS
Exploits5
0day.today
0day.today
added 2019/04/09 12:0 a.m.475 views

Apache Axis 1.4 - Remote Code Execution Exploit

+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Apache Axis 1.4 Remote Code Execution CVE-2019-0227 https://rhinosecuritylabs.com/Application-Security/CVE-2019-0227-Expired-Domain-to-RCE-in-Apache-Axis Author: David Yesland @daveysec, Rhino...

7.5CVSS0.86503EPSS
Exploits7
0day.today
0day.today
added 2024/04/29 12:0 a.m.474 views

Kemp LoadMaster Unauthenticated Command Injection Exploit

This Metasploit module exploits an unauthenticated command injection vulnerability in Progress Kemp LoadMaster in the authorization header after version 7.2.48.1. The following versions are patched: 7.2.59.2 GA, 7.2.54.8 LTSF, and 7.2.48.10 LTS. This module requires Metasploit:...

10CVSS9.9AI score0.95388EPSS
Exploits9
0day.today
0day.today
added 2023/12/07 12:0 a.m.474 views

ownCloud Phpinfo Reader Exploit

Docker containers of ownCloud compiled after February 2023, which have version 0.2.0 before 0.2.1 or 0.3.0 before 0.3.1 of the app graph installed contain a test file which prints phpinfo to an unauthenticated user. A post file name must be appended to the URL to bypass the login filter. Docker m...

10CVSS6.6AI score0.78428EPSS
Exploits5
0day.today
0day.today
added 2022/05/31 12:0 a.m.474 views

MyBB (prior 1.8.30) Admin Control Remote Code Execution Exploit

This Metasploit module exploits an improper input validation vulnerability in MyBB versions prior to 1.8.30 to execute arbitrary code in the context of the user running the application. The MyBB Admin Control setting page calls the PHP eval function with unsanitized user input. The exploit adds a...

7.2CVSS0.77677EPSS
Exploits9
0day.today
0day.today
added 2022/11/29 12:0 a.m.473 views

Remote Control Collection Remote Code Execution Exploit

This Metasploit module utilizes the Remote Control Server's protocol to deploy a payload and run it from the server. Remote Control Collection by Steppschuh version 3.1.1.12 was tested and affected at the time of the module writing. This module requires Metasploit: https://metasploit.com/download...

7.3AI score
Exploits0
0day.today
0day.today
added 2022/11/04 12:0 a.m.473 views

Automated Tank Gauge (ATG) Remote Configuration Disclosure Exploit

In 2015, HD Moore, the creator of Metasploit, published an article disclosing over 5,800 gas station Automated Tank Gauges ATGs which were publicly accessible. Besides monitoring for leakage, these systems are also instrumental in gauging fluid levels, tank temperature, and can alert operators wh...

7.5AI score
Exploits0
0day.today
0day.today
added 2019/03/08 12:0 a.m.473 views

Oracle Weblogic Server - Deserialization Remote Command Execution (Patch Bypass) Exploit

Oracle Weblogic Server - Deserialization Remote Command Execution Patch Bypass Exploit // All greets goes to RIPS Tech // Run this JS on Attachment Settings ACP page var pluploadsalt = ''; var formtoken = ''; var creationtime = ''; var filepath =...

9.8CVSS1.1AI score0.99448EPSS
Exploits70
0day.today
0day.today
added 2014/07/22 12:0 a.m.473 views

Linux Kernel ptrace/sysret - Local Privilege Escalation Exploit

The Linux kernel before 3.15.4 on Intel processors does not properly restrict use of a non-canonical value for the saved RIP address in the case of a system call that does not use IRET, which allows local users to leverage a race condition and gain privileges, or cause a denial of service double...

6.9CVSS0.8AI score0.02324EPSS
Exploits6
0day.today
0day.today
added 2024/07/16 12:0 a.m.472 views

Geoserver Unauthenticated Remote Code Execution Exploit

GeoServer is an open-source software server written in Java that provides the ability to view, edit, and share geospatial data. It is designed to be a flexible, efficient solution for distributing geospatial data from a variety of sources such as Geographic Information System GIS databases,...

9.8CVSS8.6AI score0.99813EPSS
Exploits25
Total number of security vulnerabilities5000