Lucene search
K
ZdtMost viewed

39001 matches found

0day.today
0day.today
added 2024/11/27 12:0 a.m.210 views

Roundcube Webmail Stored XSS Exploit

Description: The CVE-2024-37383 vulnerability was discovered in the Roundcube Webmail email client. This is a stored XSS vulnerability that allows an attacker to execute JavaScript code on the user's page. To exploit the vulnerability, all attackers need to do is open a malicious email using a...

6.1CVSS6.2AI score0.73296EPSS
Exploits5
0day.today
0day.today
added 2024/06/02 12:0 a.m.210 views

Flowmon Unauthenticated Command Injection Exploit

This Metasploit module exploits an unauthenticated command injection vulnerability in Progress Flowmon versions before v12.03.02. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Flowmon...

10CVSS7AI score0.93901EPSS
Exploits7
0day.today
0day.today
added 2024/04/12 12:0 a.m.210 views

MinIO < 2024-01-31T20-20-33Z - Privilege Escalation Exploit

Exploit Title: MinIO 2024-01-31T20-20-33Z - Privilege Escalation Exploit Author: Jenson Zhao Vendor Homepage: https://min.io/ Software Link: https://github.com/minio/minio/ Version: Up to excluding RELEASE.2024-01-31T20-20-33Z Tested on: Windows 10 CVE : CVE-2024-24747 Required before execution:...

8.8CVSS8.7AI score0.34086EPSS
Exploits4
0day.today
0day.today
added 2024/02/19 12:0 a.m.210 views

Wondercms 4.3.2 - XSS to Remote Code Execute Exploit

Author: prodigiousMind Exploit: Wondercms 4.3.2 XSS to RCE import sys import requests import os import bs4 if lensys.argv4: print"usage: python3 exploit.py loginURL IPAddress Port\nexample: python3 exploit.py http://localhost/wondercms/loginURL 192.168.29.165 5252" else: data = ''' var url =...

7.4AI score
Exploits0
0day.today
0day.today
added 2022/03/31 12:0 a.m.210 views

EG Free AntiVirus 2020 Privilege Escalation / Unquoted Service Path Vulnerabilities

Exploit Title: EG Free AntiVirus v2020 - Unquoted Service Path Local Privilege Escalation Exploit Author: Shahrukh Iqbal Mirza @shahrukhiqbal24 Vendor Homepage: http://www.egsoftweb.in/index.aspx Software Link: http://www.egsoftweb.in/OurProductReadmore.aspx?id=6 Version: 2020 Tested: Windows 10...

0.9AI score
Exploits2
0day.today
0day.today
added 2022/02/21 12:0 a.m.210 views

HMA VPN 5.3 - Unquoted Service Path Vulnerability

Exploit Title: HMA VPN 5.3 - Unquoted Service Path Exploit Author: Saud Alenazi Vendor Homepage: https://www.hidemyass.com/ Software Link: https://www.hidemyass.com/en-us/downloads Version: 5.3.5913.0 Tested: Windows 10 Pro x64 es C:\Users\saudhsc qc HmaProVpn SC QueryServiceConfig SUCCESS...

7.4AI score
Exploits0
0day.today
0day.today
added 2021/09/30 12:0 a.m.210 views

Wordpress JS Jobs Manager 1.1.7 Plugin - Unauthenticated Plugin Install/Activation Vulnerability

Exploit Title: Wordpress Plugin JS Jobs Manager 1.1.7 - Unauthenticated Plugin Install/Activation Google Dork: inurl:/wp-content/plugins/js-jobs/ Exploit Author: spacehen Vendor Homepage: https://wordpress.org/plugins/js-jobs/ Version: spacehen www.github.com/spacehen" def printusage: print"Usage...

0.4AI score
Exploits0
0day.today
0day.today
added 2020/07/04 12:0 a.m.210 views

Bolt CMS 3.7.0 XSS / CSRF / Shell Upload Vulnerabilities

Bolt CMS versions 3.7.0 and below suffer from cross site request forgery, cross site scripting, and remote shell upload vulnerabilities that when combined can achieve remote code execution in one click. Bolt CMS = 3.7.0 Multiple Vulnerabilities Author - Sivanesh Ashok | @sivaneshashok | stazot.co...

4.3CVSS0.4AI score0.02026EPSS
Exploits4
0day.today
0day.today
added 2020/06/26 12:0 a.m.210 views

NETGEAR R6700v3 Password Reset / Remote Code Execution Exploit

This document describes a stack overflow vulnerability that was found in October, 2019 and presented in the Pwn2Own Mobile 2019 competition in November 2019. The vulnerability is present in the UPNP daemon /usr/sbin/upnpd, running on NETGEAR R6700v3 router with firmware versions V1.0.4.8210.0.57...

8.1AI score
Exploits0
0day.today
0day.today
added 2020/06/24 12:0 a.m.210 views

ABUS Secvest Wireless Control Device Missing Encryption Vulnerability

The wireless communication of the ABUS Secvest Wireless Control Device FUBE50001 for transmitting sensitive data like PIN codes or IDs of used proximity chip keys RFID tokens is not encrypted. Product: ABUS Secvest Wireless Control Device FUBE50001 Manufacturer: ABUS Affected Versions: N/A Tested...

8.1CVSS0.4AI score0.00793EPSS
Exploits2
0day.today
0day.today
added 2020/04/16 12:0 a.m.210 views

Nexus Repository Manager 3.21.1-01 Remote Code Execution Exploit

This Metasploit module exploits a Java Expression Language EL injection in Nexus Repository Manager versions up to and including 3.21.1 to execute code as the Nexus user. Tested against 3.21.1-01. This module requires Metasploit: https://metasploit.com/download Current source:...

9CVSS9AI score0.99064EPSS
Exploits10
0day.today
0day.today
added 2020/03/30 12:0 a.m.210 views

Joomla com_fabrik 3.9.11 - Directory Traversal Vulnerability

Exploit for php platform in category web applications Exploit Title: Joomla! comfabrik 3.9.11 - Directory Traversal Google Dork: inurl:"index.php?option=comfabrik" Exploit Author: qw3rTyTy Vendor Homepage: https://fabrikar.com/ Software Link: https://fabrikar.com/downloads Version: 3.9 Tested on:...

7.1AI score
Exploits0
0day.today
0day.today
added 2020/02/10 12:0 a.m.210 views

Ricoh Driver - Privilege Escalation Exploit

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core/exploit/exe' class MetasploitModule 'Ricoh Driver Privilege Escalation', 'Description' = %q Various Ricoh printer drivers allow escalation of privilege...

7.8CVSS0.7AI score0.04566EPSS
Exploits8
0day.today
0day.today
added 2019/05/14 12:0 a.m.210 views

Firefly CMS 1.0 Remote Command Execution Exploit #RCE

Exploit for php platform in category web applications + Remote Comand Execution on Firefly CMS v. 1.0 + Date: 11/05/2019 + CWE number: CWE-78 + Risk: High + Author: Felipe Andrian Peixoto + Contact: email protected + Tested on: Windows 7 and Linux + Vendor Homepage: https://fireflydigital.com/ +...

7.1AI score
Exploits0
0day.today
0day.today
added 2017/12/02 12:0 a.m.210 views

HP iMC Plat 7.2 - Remote Code Execution Exploit

Exploit for windows platform in category remote exploits !/opt/local/bin/python2.7 Exploit Title: HP iMC Plat 7.2 dbman Opcode 10007 Command Injection RCE Exploit Author: Chris Lyne @lynerc Vendor Homepage: www.hpe.com Software Link:...

10CVSS9.2AI score0.82877EPSS
Exploits8
0day.today
0day.today
added 2013/05/18 12:0 a.m.210 views

nginx 1.3.9-1.4.0 DoS PoC

Exploit for linux platform in category dos / poc Exploit Title: nginx v1.3.9-1.4.0 DOS POC CVE-2013-2070 Google Dork: CVE-2013-2070 Date: 16.05.2013 Exploit Author: Mert SARICA - mert . sarica @ gmail . com - http://www.mertsarica.com Vendor Homepage: http://nginx.org/ Software Link:...

5.8CVSS9.5AI score0.11925EPSS
Exploits3
0day.today
0day.today
added 2024/08/04 12:0 a.m.209 views

SolarWinds Kiwi Syslog Server 9.6.7.1 - Unquoted Service Path Vulnerability

Exploit Title: SolarWinds Kiwi Syslog Server 9.6.7.1 - Unquoted Service Path Exploit Author: Milad Karimi Ex3ptionaL Contact: email protected Zone-H: www.zone-h.org/archive/notifier=Ex3ptionaL MiRROR-H: https://mirror-h.org/search/hacker/49626/ Vendor Homepage: https://www.kiwisyslog.com/ Softwar...

7.4AI score
Exploits0
0day.today
0day.today
added 2024/04/01 12:0 a.m.209 views

FoF Pretty Mail 1.1.2 Server-Side Template Injection Vulnerability

The server in Circontrol Raption versions through 5.11.2 has a pre-authentication stack-based buffer overflow that can be exploited to gain run-time control of the device as root. The pwrstudio web application of EV Charger in the server in Circontrol Raption through 5.6.2 is vulnerable to OS...

8.4AI score
Exploits0
0day.today
0day.today
added 2023/09/04 12:0 a.m.209 views

Kingo ROOT 1.5.8 - Unquoted Service Path Vulnerability

Exploit Title: Kingo ROOT 1.5.8 - Unquoted Service Path Exploit Author: Anish Feroz ZEROXINN Vendor Homepage: https://www.kingoapp.com/ Software Link: https://www.kingoapp.com/android-root/download.htm Version: 1.5.8.3353 Tested on: Windows 10 Pro -------------Discovering Unquoted...

7.4AI score
Exploits0
0day.today
0day.today
added 2023/07/28 12:0 a.m.209 views

mooDating 1.2 - Reflected Cross-site scripting Vulnerability

Exploit Title: mooDating 1.2 - Reflected Cross-site scripting XSS Exploit Author: CraCkEr aka skalvin Vendor: mooSocial Vendor Homepage: https://moodatingscript.com/ Software Link: https://demo.moodatingscript.com/home Version: 1.2 Tested on: Windows 10 Pro Impact: Manipulate the content of the...

6.1CVSS7.1AI score0.03678EPSS
Exploits10
0day.today
0day.today
added 2023/07/11 12:0 a.m.209 views

AVG Anti Spyware 7.5 - Unquoted Service Path (AVG Anti-Spyware Guard) Vulnerability

Exploit Title: AVG Anti Spyware 7.5 - Unquoted Service Path Exploit Author: Idan Malihi Vendor Homepage: https://www.avg.com Software Link: https://www.avg.com/en-ww/homepagepc Version: 7.5 Tested on: Microsoft Windows 10 Pro CVE : CVE-2023-36167 PoC C:\Userswmic service get...

7.1AI score
Exploits3
0day.today
0day.today
added 2023/04/06 12:0 a.m.209 views

Mitel MiCollab AWV 8.1.2.4 and 9.1.3 - Directory Traversal / Local File Inclusion Vulnerability

Exploit Title: Mitel MiCollab AWV 8.1.2.4 and 9.1.3 - Directory Traversal and LFI Fix Date: 2020-05 Exploit Author: Kahvi-0 Github: https://github.com/Kahvi-0 Vendor Homepage: https://www.mitel.com/ Vendor Security Advisory:...

5.3CVSS5.6AI score0.45241EPSS
Exploits3
0day.today
0day.today
added 2023/03/29 12:0 a.m.209 views

Book Store Management System 1.0.0 - Stored Cross-Site Scripting Vulnerability

Exploit Title: Book Store Management System 1.0.0 - Stored Cross-Site Scripting XSS Exploit Author: Rajeshwar Singh Vendor Homepage: https://www.sourcecodester.com/ Software Link: https://www.sourcecodester.com/sites/default/files/download/oretnom23/bsmsci.zip Tested on: Windows/XAMPP Payload use...

6.8AI score
Exploits0
0day.today
0day.today
added 2023/03/28 12:0 a.m.209 views

Jetpack 11.4 - Cross Site Scripting Vulnerability

Exploit Title: Jetpack 11.4 - Cross Site Scripting XSS Author: Behrouz Mansoori Software Link: https://wordpress.org/plugins/jetpack Version: 11.4 Tested on: Mac m1 CVE: N/A 1. Description: This plugin creates a Jetpack from any post types. The slider import search feature and tab parameter via...

6.8AI score
Exploits0
0day.today
0day.today
added 2023/03/27 12:0 a.m.209 views

ImpressCMS v1.4.3 - Authenticated SQL Injection Vulnerability

Exploit Title: Authenticated Sql Injection in ImpressCMS v1.4.3 Exploit Author: Sarang Tumne @CyberInsane Twitter: @thecyberinsane CVE ID: CVE-2022-26986 Confirmed on release 1.4.3, this vulnerability is patched in the version 1.4.4 and above... Vendor: https://www.impresscms.org Source:...

8.5CVSS7AI score0.04146EPSS
Exploits4
0day.today
0day.today
added 2023/03/20 12:0 a.m.209 views

101+ News Portal 1.0 SQL Injection Vulnerability

Exploit Title: 101+ News Portal - SQLi Exploit Author: Abdulhakim Öner Vendor Homepage: https://www.sourcecodester.com Software Link: https://www.sourcecodester.com/php/16067/best-online-news-portal-project-php-free-download.html Software Download:...

6.8AI score
Exploits0
0day.today
0day.today
added 2022/01/05 12:0 a.m.209 views

WordPress The True Ranker 2.2.2 Plugin - Arbitrary File Read (Unauthenticated) Exploit

Exploit Title: WordPress Plugin The True Ranker 2.2.2 - Arbitrary File Read Unauthenticated Exploit Authors: Nicole Sheinin, Liad Levy Vendor Homepage: https://wordpress.org/plugins/seo-local-rank/ Software Link: https://plugins.svn.wordpress.org/seo-local-rank/tags/2.2.2/ Version: versions = 2.2...

7.5CVSS0.4AI score0.78431EPSS
Exploits5
0day.today
0day.today
added 2021/09/20 12:0 a.m.209 views

Online Food Ordering System 2.0 - Remote Code Execution (Unauthenticated) Exploit

Exploit Title: Online Food Ordering System 2.0 - Remote Code Execution RCE Unauthenticated Exploit Author: Abdullah Khawaja hax.3xploit Vendor Homepage: https://www.sourcecodester.com/php/14951/online-food-ordering-system-php-and-sqlite-database-free-source-code.html Software Link:...

0.1AI score
Exploits0
0day.today
0day.today
added 2021/09/15 12:0 a.m.209 views

Seowon 130-SLC router - (queriesCnt) Remote Code Execution (Unauthenticated) Vulnerability

Exploit Title: Seowon 130-SLC router - 'queriesCnt' Remote Code Execution Unauthenticated Exploit Author: Aryan Chehreghani Vendor Homepage: http://www.seowonintech.co.kr Software Link: http://www.seowonintech.co.kr/en/product/detail.asp?num=150&bigkindB05&middlekindB0529 Version: All Version...

1.1AI score
Exploits0
0day.today
0day.today
added 2021/08/16 12:0 a.m.209 views

COMMAX Biometric Access Control System 1.0.0 - Authentication Bypass Vulnerability

Exploit Title: COMMAX Biometric Access Control System 1.0.0 - Authentication Bypass Exploit Author: LiquidWorm Vendor Homepage: https://www.commax.com COMMAX Biometric Access Control System 1.0.0 Authentication Bypass Vendor: COMMAX Co., Ltd. Prodcut web page: https://www.commax.com Affected...

0.8AI score
Exploits0
0day.today
0day.today
added 2021/07/30 12:0 a.m.209 views

Pi-Hole Remove Commands Linux Privilege Escalation Exploit

Pi-Hole versions 3.0 through 5.3 allows for command line input to the removecustomcname, removecustomdns, and removestaticdhcp functions without properly validating the parameters before passing to sed. When executed as the www-data user, this allows for a privilege escalation to root since...

7.8CVSS8.1AI score0.01863EPSS
Exploits4
0day.today
0day.today
added 2020/07/26 12:0 a.m.209 views

GOautodial 4.0 - Persistent Cross-Site Scripting (Authenticated) Vulnerability

Exploit for php platform in category web applications Exploit Title: GOautodial 4.0 - Persistent Cross-Site Scripting Authenticated Author: Balzabu Vendor Homepage: https://goautodial.org/ Software Link: https://goautodial.org/GOautodial-4-x8664-Final-20191010-0150.iso.html Tested Version: 4.0 La...

Exploits0
0day.today
0day.today
added 2019/11/10 12:0 a.m.209 views

Getsup 3.1.46 XSS Vulnerability

Exploit for php platform in category web applications Title: Getsup 3.1.46 Version 3.1 patch 46 All vers affected Author: @Eawhitehat - Eren Arslan Vendor: https://gestsup.fr/ Demo available : https://demo.gestsup.fr/ User: admin Password: admin Software Link:...

7.1AI score
Exploits0
0day.today
0day.today
added 2019/10/01 12:0 a.m.209 views

Cisco Small Business 220 Series - Multiple Vulnerabilities

!/usr/bin/python2.7 """ Subject Realtek Managed Switch Controller RTL83xx PoC 2019 bashis https://www.realtek.com/en/products/communications-network-ics/category/managed-switch-controller Brief description 1. Boa/Hydra suffer of exploitable stack overflow with a 'one byte read-write loop' w/o...

10CVSS0.6AI score0.25944EPSS
Exploits2
0day.today
0day.today
added 2019/06/18 12:0 a.m.209 views

Sahi pro 8.x - SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: Sahi pro :/s/dyn/pro/DBReports?sql=SELECT DISTINCT memoryused AS ROWSTATUS, SCRIPTREPORTS.SCRIPTREPORTID,SCRIPTREPORTS.SCRIPTNAME,SUITEREPORTS. FROM SUITEREPORTS,SCRIPTREPORTS 0day.today 2019-06-18...

0.4AI score0.18539EPSS
Exploits5
0day.today
0day.today
added 2018/11/12 12:0 a.m.210 views

Mongoose Web Server 6.9 - Denial of Service Exploit

Exploit for windows platform in category dos / poc Exploit Title: Mongoose Web Server 6.9 - Denial of Service PoC Exploit Author: Ihsan Sencan Vendor Homepage: https://cesanta.com/binary.html Software Link: https://backend.cesanta.com/cgi-bin/api.cgi?act=dl&os=win Version: 6.9 Category: Dos Teste...

7AI score
Exploits0
0day.today
0day.today
added 2013/12/17 12:0 a.m.209 views

PHP openssl_x509_parse() Memory Corruption Vulnerability

Exploit for php platform in category dos / poc Overview: Quote from http://www.php.net "PHP is a widely-used general-purpose scripting language that is especially suited for Web development and can be embedded into HTML." The PHP function opensslx509parse uses a helper function called...

7.5CVSS0.2AI score0.35635EPSS
Exploits8
0day.today
0day.today
added 2025/02/15 12:0 a.m.208 views

ABB Cylon FLXeon 9.3.4 Insecure Backup Sensitive Data Exposure Vulnerability

ABB Cylon FLXeon version 9.3.4 has backups that contain sensitive system files, including main.db, SSL/TLS certificates and keys, the system shadow file with hashed passwords, and the license key. ABB Cylon FLXeon 9.3.4 Insecure Backup Sensitive Data Exposure Vendor: ABB Ltd. Product web page:...

6.9CVSS7AI score0.02366EPSS
Exploits7
0day.today
0day.today
added 2025/01/01 12:0 a.m.208 views

ABB Cylon Aspect 4.00.00 factorySaved.php Cross Site Scripting Vulnerability

ABB Cylon Aspect version 4.00.00 suffers from an unauthenticated reflected cross site scripting vulnerability in the title GET parameter. Input is not properly sanitized before being returned to the user, allowing the execution of arbitrary HTML/JS code in a browser session in the context of the...

7AI score
Exploits0
0day.today
0day.today
added 2024/08/27 12:0 a.m.208 views

Aurba 501 - Authenticated Remote Code Execution Exploit

Exploit Title: Remote Command Execution | Aurba 501 Exploit Author: Hosein Vita Vendor Homepage: https://www.hpe.com Version: Aurba 501 CN12G5W0XX Tested on: Linux import requests from requests.auth import HTTPBasicAuth def getinputprompt, defaultvalue: userinput = inputprompt return userinput if...

7.4AI score
Exploits0
0day.today
0day.today
added 2024/04/08 12:0 a.m.208 views

Best Student Result Management System v1.0 - Multiple SQL injection Vulnerability

Title: Best Student Result Management System v1.0 - Multiple SQLi Author: nu11secur1ty Vendor: https://www.mayurik.com/ Software: https://www.sourcecodester.com/php/15653/best-student-result-management-system-project-source-code-php-and-mysql-free-download Reference:...

7.4AI score
Exploits0
0day.today
0day.today
added 2023/07/28 12:0 a.m.208 views

Perch v3.2 - Persistent Cross Site Scripting Vulnerability

Exploit Title: Perch v3.2 - Persistent Cross Site Scripting XSS Google Dork: N/A Exploit Author: Dinesh Mohanty Vendor Homepage: https://grabaperch.com/ Software Link: https://grabaperch.com/download Version: v3.2 Tested on: Windows CVE : Requested Description: Stored Cross Site Scripting Stored...

7.1AI score
Exploits0
0day.today
0day.today
added 2023/04/08 12:0 a.m.208 views

Suprema BioStar 2 v2.8.16 - SQL Injection Vulnerability

Exploit Title: Suprema BioStar 2 v2.8.16 - SQL Injection Exploit Author: Yuriy Vander Tsarenko https://www.linkedin.com/in/yuriy-tsarenko-a1453aa4/ Vendor Homepage: https://www.supremainc.com/ Software Link: https://www.supremainc.com/en/platform/hybrid-security-platform-biostar-2.asp Software...

6.5CVSS6.6AI score0.07496EPSS
Exploits4
0day.today
0day.today
added 2023/04/07 12:0 a.m.208 views

Altenergy Power Control Software C1.2.5 - OS command injection

Exploit Title: Altenergy Power Control Software C1.2.5 - OS command injection Google Dork: intitle:"Altenergy Power Control Software" Exploit Author: Ahmed Alroky Vendor Homepage: https://apsystems.com/ Version: C1.2.5 Tested on: Windows 10 CVE : CVE-2023-28343 import requests import argparse def...

9.8CVSS9.2AI score0.85332EPSS
Exploits5
0day.today
0day.today
added 2022/08/07 12:0 a.m.208 views

Online Admission System 1.0 SQL Injection Vulnerability

Exploit Title: online-admission-system 1.0 - unauthenticated SQL Injection Exploit Author: syad Vendor Homepage: https://www.sourcecodester.com Software Link: https://www.sourcecodester.com/php/15514/online-admission-system-php-and-mysql.html Version: 1.0 Tested on: Windows 10 + XAMPP 3.2.4 CVE I...

0.1AI score
Exploits0
0day.today
0day.today
added 2022/03/30 12:0 a.m.208 views

Sports Complex Booking System 1.0 Local File Inclusion Vulnerability

Title: Sports Complex Booking System 1.0 LFI To RCE Author: Hejap Zairy Vendor: https://www.sourcecodester.com/php/15236/online-sports-complex-booking-system-phpmysql-free-source-code.html Software: https://www.sourcecodester.com/sites/default/files/download/oretnom23/scbs1.zip Reference:...

7.4AI score
Exploits0
0day.today
0day.today
added 2021/05/08 12:0 a.m.208 views

macOS Gatekeeper Check Bypass Exploit

This Metasploit module serves an OSX app as a zip that contains no Info.plist, which bypasses gatekeeper in macOS versions prior to 11.3. If the user visits the site on Safari, the zip file is automatically extracted, and clicking on the downloaded file will automatically launch the payload. If t...

5.5CVSS0.1AI score0.68531EPSS
Exploits5
0day.today
0day.today
added 2020/07/09 12:0 a.m.208 views

Savsoft Quiz 5 - Persistent Cross-Site Scripting Vulnerability

Exploit for php platform in category web applications Exploit Title: Savsoft Quiz 5 - Persistent Cross-Site Scripting Exploit Author: Ogulcan Unverenth3d1gger Vendor Homepage: https://savsoftquiz.com/ Software Link: https://github.com/savsofts/savsoftquizv5.git Version: 5.0 Tested on: Kali Linux...

0.1AI score
Exploits0
0day.today
0day.today
added 2020/02/05 12:0 a.m.208 views

Kronos WebTA 4.0 - Authenticated Remote Privilege Escalation Exploit

Exploit for java platform in category web applications Exploit Title: Kronos WebTA 4.0 - Authenticated Remote Privilege Escalation Discovered by: Elwood Buck & Nolan B. Kennedy of Mindpoint Group Exploit Author: Nolan B. Kennedy nxkennedy Discovery date: 2019-09-20 Vendor Homepage:...

0.2AI score0.03138EPSS
Exploits7
0day.today
0day.today
added 2019/12/09 12:0 a.m.208 views

SpotAuditor 5.3.2 - Base64 Local Buffer Overflow (SEH) Exploit

Exploit Title: SpotAuditor 5.3.2 - 'Base64' Local Buffer Overflow SEH Exploit Author: Kirill Nikolaev Vulnerable Software: SpotAuditor Vendor Homepage: http://www.nsauditor.com/ Version: 5.3.2 Software Link: http://spotauditor.nsauditor.com/downloads/spotauditorsetup.exe Tested Windows 7 SP1 x86...

7.4AI score
Exploits0
Total number of security vulnerabilities5000