Lucene search
K

39001 matches found

0day.today
0day.today
added 2020/03/30 12:0 a.m.270 views

Zen Load Balancer 3.10.1 - Remote Code Execution Exploit

Exploit for cgi platform in category web applications Exploit Title: Zen Load Balancer 3.10.1 - Remote Code Execution Google Dork: no Exploit Author: Cody Sixteen Vendor Homepage: https://code610.blogspot.com Software Link:...

9CVSS7AI score0.03415EPSS
Exploits4
0day.today
0day.today
added 2020/03/30 12:0 a.m.810 views

Microsoft Windows 10 (1903/1909) - (SMBGhost) SMB3.1.1 Local Privilege Escalation Exploit

Microsoft Windows 10 1903/1909 - 'SMBGhost' SMB3.1.1 'SMB2COMPRESSIONCAPABILITIES' Local Privilege Escalation CVE-2020-0796 Windows SMBv3 LPE Exploit Authors Daniel García Gutiérrez @danigargu Manuel Blanco Parajón @dialluvioso References...

10CVSS0.4AI score0.9981EPSS
Exploits125
0day.today
0day.today
added 2020/03/30 12:0 a.m.198 views

Odin Secure FTP Expert 7.6.3 - (Site Info) Denial of Service Exploit

Exploit Title: Odin Secure FTP Expert 7.6.3 - 'Site Info' Denial of Service PoC Discovery by: Ivan Marmolejo Vendor Homepage: https://odin-secure-ftp-expert.jaleco.com/ Software Link Download : http://tr.oldversion.com/windows/odin-secure-ftp-expert-7-6-3 Version : Odin Secure FTP Expert 7.6.3...

7.4AI score
Exploits0
0day.today
0day.today
added 2020/03/30 12:0 a.m.221 views

10-Strike Network Inventory Explorer 9.03 - (Read from File) Buffer Overflow (SEH) (ROP) Exploit

Exploit Title: 10-Strike Network Inventory Explorer 9.03 - 'Read from File' Buffer Overflow SEHROP Exploit Author: Hodorsec Version: 9.03 Software Link: https://www.10-strike.com/networkinventoryexplorer/network-inventory-setup.exe Vendor Homepage: https://www.10-strike.com Tested on: Win8.1 x64 ...

0.2AI score
Exploits0
0day.today
0day.today
added 2020/03/30 12:0 a.m.208 views

Joomla com_fabrik 3.9.11 - Directory Traversal Vulnerability

Exploit for php platform in category web applications Exploit Title: Joomla! comfabrik 3.9.11 - Directory Traversal Google Dork: inurl:"index.php?option=comfabrik" Exploit Author: qw3rTyTy Vendor Homepage: https://fabrikar.com/ Software Link: https://fabrikar.com/downloads Version: 3.9 Tested on:...

7.1AI score
Exploits0
0day.today
0day.today
added 2020/03/30 12:0 a.m.291 views

DrayTek Products - Pre-authentication Remote Root Code Execution Exploit

package main / CVE-2020-8515: DrayTek pre-auth remote root RCE Mon Mar 30 2020 - 0xsha.io Affected: DrayTek Vigor2960 1.3.1Beta, Vigor3900 1.4.4Beta, and Vigor300B 1.3.3Beta, 1.4.2.1Beta, and 1.4.4Beta You should upgrade as soon as possible to 1.5.1 firmware or later This issue has been fixed in...

10CVSS0.2AI score0.99993EPSS
Exploits7
0day.today
0day.today
added 2020/03/29 12:0 a.m.302 views

Redis Replication Code Execution Exploit

This Metasploit module can be used to leverage the extension functionality added since Redis 4.0.0 to execute arbitrary code. To transmit the given extension it makes use of the feature of Redis which called replication between master and slave. This module requires Metasploit:...

0.5AI score
Exploits0
0day.today
0day.today
added 2020/03/28 12:0 a.m.181 views

SAIA (Software Gestion Documental) SQL Injection & XSS Vulnerabilities

Exploit for php platform in category web applications Exploit Title: SAIA Software Gestion Documental SQL Injection & XSS Vulnerability D0rk: intext:"Todos los derechos reservados CERO K" Exploit Author: n4pst3r Vendor Homepage: https://www.cerok.co/ Tested on: Windows 10, Debian 9 ...

0.4AI score
Exploits0
0day.today
0day.today
added 2020/03/28 12:0 a.m.261 views

Webexcels Ecommerce CMS 2.x SQL Injection / Cross Site Scripting Vulnerabilities

Exploit for php platform in category web applications Exploit Title: Webexcels Ecommerce CMS SQL Injection & XSS Vulnerability Google Dork: intext:intext:" By WEB EXCELS "+inurl:"?Id=" Exploit Author: @ThelastVvV Vendor Homepage: https://www.webexcels.com/ Version: 2.x 2017,2018,2019,2020 Tested...

Exploits0
0day.today
0day.today
added 2020/03/28 12:0 a.m.175 views

D-Link DWL-2600 Authenticated Remote Command Injection Exploit

This Metasploit module exploits some DLINK Access Points that are vulnerable to an authenticated OS command injection. Default credentials for the web interface are admin/admin. This module requires Metasploit: https://metasploit.com/download Current source:...

7.8CVSS0.4AI score0.96635EPSS
Exploits7
0day.today
0day.today
added 2020/03/28 12:0 a.m.188 views

Easy RM to MP3 Converter 2.7.3.700 - (Input) Local Buffer Overflow (SEH) Exploit

Exploit Title: Easy RM to MP3 Converter 2.7.3.700 - 'Input' Local Buffer Overflow SEH Author: Felipe Winsnes Software Link: https://www.exploit-db.com/apps/707414955696c57b71c7f160c720bed5-EasyRMtoMP3Converter.exe Version: 2.7.3.700 Tested on: Windows 7 x86 Proof of Concept: 1.- Run the python...

7.4AI score
Exploits0
0day.today
0day.today
added 2020/03/28 12:0 a.m.351 views

IBM Cognos TM1 / IBM Planning Analytics Server Configuration Overwrite / Code Execution Exploit

IBM Cognos TM1 Server / Planning Analytics Server TM1 suffers from a configuration overwrite vulnerability that can be leveraged to achieve code execution as SYSTEM via TM1 scripting. Extensive research is included in this advisory as well as the Metasploit module. IBM PA / TM1, dating back to...

10CVSS0.7AI score0.86441EPSS
Exploits6
0day.today
0day.today
added 2020/03/28 12:0 a.m.227 views

rConfig 3.9.4 - (searchField) Unauthenticated Root Remote Code Execution Exploit

Exploit for php platform in category web applications Exploit Title: rConfig 3.9.4 - 'searchField' Unauthenticated Root Remote Code Execution Exploit Author: vikingfr Greetz : Orange Cyberdefense - team CSR-SO https://cyberdefense.orange.com CVE-2019-19509 + CVE-2019-19585 + CVE-2020-10220 Exploi...

7.1AI score0.99683EPSS
Exploits20
0day.today
0day.today
added 2020/03/28 12:0 a.m.170 views

ECK Hotel 1.0 - Cross-Site Request Forgery (Add Admin) Vulnerability

Exploit for php platform in category web applications Exploit Title : ECK Hotel 1.0 - Cross-Site Request Forgery Add Admin Product : ECK Hotel Version : 1.0-beta Software Download: https://sourceforge.net/projects/eckhotel/files/eck-hotel-v1.0-beta.zip/download Exploit Author: Mustafa Emre Gül...

7.1AI score
Exploits0
0day.today
0day.today
added 2020/03/28 12:0 a.m.200 views

Soluzione Globale Ecommerce CMS 1 SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: Soluzione Globale Ecommerce cms v1 SQL Injection Vulnerability Google Dork: intext:" Soluzione Globale s.r.l.s. " +inurl:/.php?id= Exploit Author: @ThelastVvV Vendor Homepage: https://www.soluzioneglobale.com/ Version: v1 Tested...

7.1AI score
Exploits0
0day.today
0day.today
added 2020/03/28 12:0 a.m.155 views

Everest 5.50.2100 - (Open File) Denial of Service Exploit

Exploit Title: Everest 5.50.2100 - 'Open File' Denial of Service PoC Discovery by: Ivan Marmolejo Software Link : http://www.lavalys.com/ Tested Version: 5.50.2100 Vulnerability Type: Denial of Service DoS Local Tested on OS: Windows 10 Home Single Language Steps to produce the crash: 1.- Run...

7.4AI score
Exploits0
0day.today
0day.today
added 2020/03/28 12:0 a.m.224 views

FreeCommander XE 2020 Pathname Buffer Overflow Exploit

!/usr/bin/python Exploit Title: FreeCommander XE 2020 - Pathname Buffer Overflow SEH Version: Build 810a 32-bit Software Link: https://freecommander.com/downloads/FreeCommanderXE-32-publicsetup.zip Exploit Author: Hodorsec email protected / email protected Vendor Homepage:...

0.1AI score
Exploits0
0day.today
0day.today
added 2020/03/28 12:0 a.m.214 views

Jinfornet Jreport 15.6 - Unauthenticated Directory Traversal Exploit

Exploit for java platform in category web applications Exploit Title: Jinfornet Jreport 15.6 - Unauthenticated Directory Traversal Exploit Author: hongphukt Vendor Homepage: https://www.jinfonet.com/ Software Link: https://www.jinfonet.com/product/download-jreport/ Version: JReport 15.6 Tested on...

7.4AI score
Exploits0
0day.today
0day.today
added 2020/03/28 12:0 a.m.210 views

WordPress StatTraq 1.3.0 SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title : WordPress StatTraq 1.3.0 SQL Injection Author Discovered By : KingSkrupellos Team : Cyberizm Digital Security Army Software Download Link : downloads.wordpress.org/plugin/wp-stattraq.zip Software Version : 1.3.0 WordPress Versi...

7.1AI score
Exploits0
0day.today
0day.today
added 2020/03/26 12:0 a.m.174 views

Centreo 19.10.8 - (DisplayServiceStatus) Remote Code Execution Exploit

Exploit for php platform in category web applications Exploit Title: Centreo 19.10.8 - 'DisplayServiceStatus' Remote Code Execution Exploit Author: Engin Demirbilek Vendor Homepage: https://www.centreon.com/ Version: 19.10.8 Tested on: CentOS Advisory link:...

7.1AI score
Exploits0
0day.today
0day.today
added 2020/03/26 12:0 a.m.1277 views

Linux PTRACE_TRACEME Local Root Exploit

Linux kernel versions starting at 4.10 and below 5.1.7 PTRACETRACEME local root exploit that uses the pkexec technique. Exploit Title: Ubuntu 16.04.6-Kernel-PTRACETRACEME-allowslocaluserstoobtainrootaccess - Local Author: nu11secur1ty Vendor: Ubuntu Linux kernel before 5.1.17 Link:...

7.8CVSS0.52199EPSS
Exploits21
0day.today
0day.today
added 2020/03/26 12:0 a.m.191 views

TP-Link Archer C50 3 - Denial of Service Exploit

Exploit Title: TP-Link Archer C50 3 - Denial of Service PoC Exploit Author: thewhiteh4t Vendor Homepage: https://www.tp-link.com/ Version: TP-Link Archer C50 v3 Build 171227 Tested on: Arch Linux x64 CVE: CVE-2020-9375 Description:...

7.5CVSS7.6AI score0.28223EPSS
Exploits5
0day.today
0day.today
added 2020/03/26 12:0 a.m.267 views

SialWeb CMS eCommerce 1.0 / 1.1 Cross Site Scripting / SQL Injection Vulnerabilities

Exploit for php platform in category web applications Exploit Title: SialWeb CMS SQL Injection & XSS Vulnerability Google Dork: intext:" By Sial Web" +inurl:/.php?id= Exploit Author: @ThelastVvV Vendor Homepage: https://sialweb.net/ Tested on: Ubuntu...

0.2AI score
Exploits0
0day.today
0day.today
added 2020/03/26 12:0 a.m.340 views

HP ThinPro 6.x / 7.x Privileged Command Injection Vulnerability

HP ThinPro - Privileged command injection =============================================================================== Identifiers ------------------------------------------------- CVE-2019-18910 CVSSv3 score ------------------------------------------------- 7.6...

6.8CVSS1.2AI score0.00847EPSS
Exploits3
0day.today
0day.today
added 2020/03/26 12:0 a.m.277 views

SITS:Vision 9.7.0 Authentication Bypass Vulnerability

An authentication bypass vulnerability is present in the stand-alone SITS:Vision component of Tribal SITS in its default configuration, related to unencrypted communications sent by the client each time it is launched. This vulnerability allows unauthenticated attackers to gain access to...

8.1CVSS0.3AI score0.01252EPSS
Exploits1
0day.today
0day.today
added 2020/03/26 12:0 a.m.203 views

HP ThinPro 6.x / 7.x Citrix Command Injection Vulnerability

HP ThinPro - Citrix command injection =============================================================================== Identifiers ------------------------------------------------- CVE-2019-18909 CVSSv3 score ------------------------------------------------- 6.1 AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N...

8CVSS0.3AI score0.02181EPSS
Exploits3
0day.today
0day.today
added 2020/03/26 12:0 a.m.350 views

Android Bluetooth Remote Denial Of Service Exploit

Exploit Title: Critical Bluetooth Vulnerability in Android CVE-2020-0022 - Remote DoS Author: nu11secur1ty Date: 2020-03-24 Vendor: Android Link: https://github.com/nu11secur1ty/Andr01dExploits/tree/master/CVE-2020-0022 CVE: CVE-2020-0022 + Credits: Ventsislav Varbanovski @ nu11secur1ty + Website...

8.8CVSS0.5AI score0.05424EPSS
Exploits8
0day.today
0day.today
added 2020/03/26 12:0 a.m.932 views

SharePoint Workflows XOML Injection Exploit

This Metasploit module exploits a vulnerability within SharePoint and its .NET backend that allows an attacker to execute commands using specially crafted XOML data sent to SharePoint via the Workflows functionality. This module requires Metasploit: https://metasploit.com/download Current source:...

10CVSS0.5AI score0.99193EPSS
Exploits5
0day.today
0day.today
added 2020/03/25 12:0 a.m.237 views

Joomla GMapFP 3.30 Component - Arbitrary File Upload Vulnerability

Exploit for php platform in category web applications Exploit Title: Joomla! Component GMapFP 3.30 - Arbitrary File Upload Google Dork: inurl:''comgmapfp'' Exploit Author: ThelastVvV Vendor Homepage:https://gmapfp.org/ Version: Version J3.30pro Tested on: Ubuntu PoC:...

7.1AI score
Exploits0
0day.today
0day.today
added 2020/03/25 12:0 a.m.167 views

10-Strike Network Inventory Explorer 8.54 - (Add) Local Buffer Overflow (SEH) Exploit

Exploit Title: 10-Strike Network Inventory Explorer 8.54 - 'Add' Local Buffer Overflow SEH Author: Felipe Winsnes Vendor Homepage: https://www.10-strike.com/ Software Link: https://www.10-strike.com/networkinventoryexplorer/network-inventory-setup.exe Version: 8.54 Tested on: Windows 7 Proof of...

7.4AI score
Exploits0
0day.today
0day.today
added 2020/03/25 12:0 a.m.145 views

10-Strike Network Inventory Explorer - (srvInventoryWebServer) Unquoted Service Path Vulnerability

Exploit for php platform in category web applications Exploit Title: 10-Strike Network Inventory Explorer - 'srvInventoryWebServer' Unquoted Service Path Author: Felipe Winsnes Vendor Homepage: https://www.10-strike.com/ Software Link:...

0.2AI score
Exploits0
0day.today
0day.today
added 2020/03/25 12:0 a.m.170 views

LeptonCMS 4.5.0 - Persistent Cross-Site Scripting Vulnerability

Exploit for php platform in category web applications Exploit Title: LeptonCMS 4.5.0 - Persistent Cross-Site Scripting Google Dork: "lepton cms" Date: 2019-03-24 Exploit Author: SunCSR Sun Cyber Security Research Vendor Homepage: https://lepton-cms.org/english/home.php Software Link:...

7.1AI score
Exploits0
0day.today
0day.today
added 2020/03/25 12:0 a.m.194 views

AVAST SecureLine 5.5.522.0 - (SecureLine) Unquoted Service Path Vulnerability

Exploit Title: AVAST SecureLine 5.5.522.0 - 'SecureLine' Unquoted Service Path Discovery by: Roberto Piña Vendor Homepage:https://www.avast.com/ Software Link :https://www.avast.com/es-mx/download-thank-you.php?product=SLN&locale=es-mx Tested Version: 5.5.522.0 Vulnerability Type: Unquoted Servic...

0.5AI score
Exploits0
0day.today
0day.today
added 2020/03/24 12:0 a.m.337 views

Wordpress WPForms 1.5.9 Plugin - Persistent Cross-Site Scripting Vulnerability

Exploit for php platform in category web applications Exploit Title: Wordpress Plugin WPForms 1.5.9 - Persistent Cross-Site Scripting Vendor Homepage: https://wpforms.com Vendor Changelog: https://wordpress.org/plugins/wpforms-lite/developers Exploit Author: Jinson Varghese Behanan Author Advisor...

5.5AI score0.04428EPSS
Exploits6
0day.today
0day.today
added 2020/03/24 12:0 a.m.384 views

UCM6202 1.0.18.13 - Remote Command Injection Exploit

Exploit for hardware platform in category web applications Exploit Title: UCM6202 1.0.18.13 - Remote Command Injection Exploit Author: Jacob Baines Vendor: http://www.grandstream.com Product Link: http://www.grandstream.com/products/ip-pbxs/ucm-series-ip-pbxs/product/ucm6200-series Tested on:...

9.5AI score0.83926EPSS
Exploits8
0day.today
0day.today
added 2020/03/24 12:0 a.m.167 views

Veyon 4.3.4 - (VeyonService) Unquoted Service Path Vulnerability

Exploit Title: Veyon 4.3.4 - 'VeyonService' Unquoted Service Path Discovery by: Víctor García Vendor Homepage: https://veyon.io/ Software Link: https://github.com/veyon/veyon/releases/download/v4.3.4/veyon-4.3.4.0-win64-setup.exe Tested Version: 4.3.4 Vulnerability Type: Unquoted Service Path...

0.4AI score
Exploits0
0day.today
0day.today
added 2020/03/24 12:0 a.m.124 views

UliCMS 2020.1 - Persistent Cross-Site Scripting Vulnerability

Exploit for hardware platform in category web applications Exploit Title: UliCMS 2020.1 - Persistent Cross-Site Scripting Exploit Author: SunCSR Vendor Homepage: https://en.ulicms.de Software Link: https://en.ulicms.de/currentversions.html Version: 2020.1 Tested on: Windows CVE : N/A Vulnerabilit...

7.1AI score
Exploits0
0day.today
0day.today
added 2020/03/23 12:0 a.m.240 views

CyberArk PSMP 10.9.1 - Policy Restriction Bypass Vulnerability

Exploit Title: CyberArk PSMP 10.9.1 - Policy Restriction Bypass Exploit Author: LAHBAL Said Vendor Homepage: https://www.cyberark.com/ Software Link: https://www.cyberark.com/ Version: PSMP = 11.1 Prerequisites Policy allows us to overwrite PSMRemoteMachine Description An issue was discovered in...

Exploits0
0day.today
0day.today
added 2020/03/23 12:0 a.m.561 views

Windows/x64 - WinExec Add-Admin Dynamic Null-Free Shellcode (210 Bytes)

210 bytes small WinExec add-admin dynamic null-free shellcode. // Shellcode Title: WinExec Add-Admin Dynamic Null-Free Shellcode 210 Bytes // Shellcode Author: Bobby Cooke // Date: March 21st, 2020 // Tested on: Windows 10 Home - 1909 x8664, Windows 10 Pro - 1909 x86 // Description: Windows...

7.1AI score
Exploits0
0day.today
0day.today
added 2020/03/23 12:0 a.m.179 views

Linux/x86 - (reboot) polymorphic Shellcode (26 bytes)

Exploit Title: Linux\x86 - 'reboot' polymorphic Shellcode 26 bytes Purpose: This is a x86 Linux null-free polymorphic shellcode for forcing a reboot. Author: Upayan a.k.a. slaeryan Contact: email protected SLAE: 1525 Vendor Homepage: None Software Link: None Tested on: Linux x86 CVE: N/A / ;...

0.4AI score
Exploits0
0day.today
0day.today
added 2020/03/23 12:0 a.m.160 views

ProficySCADA for iOS 5.0.25920 - (Password) Denial of Service Exploit

Exploit Title: ProficySCADA for iOS 5.0.25920 - 'Password' Denial of Service PoC Author: Ivan Marmolejo Vendor Homepage: https://apps.apple.com/us/app/proficyscada/id525792142 Software Link: App Store for iOS devices Tested Version: 5.0.25920 Vulnerability Type: Denial of Service DoS Local Tested...

0.3AI score
Exploits0
0day.today
0day.today
added 2020/03/23 12:0 a.m.293 views

Horde 5.2.22 CSV Import Code Execution Exploit

The HordeData module version 2.1.4 and before present in Horde Groupware version 5.2.22 allows authenticated users to inject arbitrary PHP code thus achieving remote code execution the server hosting the web application. This module requires Metasploit: https://metasploit.com/download Current...

9.8CVSS0.4AI score0.71135EPSS
Exploits5
0day.today
0day.today
added 2020/03/23 12:0 a.m.933 views

Joomla com_hdwplayer 4.2 - (search.php) SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: Joomla! comhdwplayer 4.2 - 'search.php' SQL Injection Dork: inurl:"index.php?option=comhdwplayer" Exploit Author: qw3rTyTy Vendor Homepage: https://www.hdwplayer.com/ Software Link: https://www.hdwplayer.com/download/ Version: 4...

7.1AI score
Exploits0
0day.today
0day.today
added 2020/03/23 12:0 a.m.179 views

EnovaNet Chateau-Thierry FormaLog WebService02 eChampagne 7.0 XSS / SQL Injection Vulnerabilities

EnovaNet Chateau-Thierry FormaLog WebService02 eChampagne version 7.0 suffers from cross site scripting and remote SQL injection vulnerabilities. Exploit Title : EnovaNet Chateau-Thierry FormaLog WebService02 eChampagne 7.0 XSS SQL Injection Author Discovered By : KingSkrupellos Vendor Homepages ...

7.9AI score
Exploits0
0day.today
0day.today
added 2020/03/23 12:0 a.m.173 views

rConfig 3.9.4 - (search.crud.php) Remote Command Injection Exploit

Exploit for php platform in category web applications Exploit Title: rConfig 3.9.4 - 'search.crud.php' Remote Command Injection Exploit Author: Matthew Aberegg, Michael Burkey Vendor Homepage: https://www.rconfig.com Software Link: https://www.rconfig.com/downloads/rconfig-3.9.4.zip Version:...

7.4AI score
Exploits0
0day.today
0day.today
added 2020/03/23 12:0 a.m.338 views

Google Chrome 80.0.3987.87 - Heap-Corruption Remote Denial of Service Exploit

Exploit Title: Google Chrome 80.0.3987.87 - Heap-Corruption Remote Denial of Service PoC Exploit Author: Cem Onat Karagun of Diesec GmBH Vendor Homepage: https://www.google.com/ Version: Google Chrome 80.0.3987.87 Tested on: Windows x64 / Linux Debian x64 / MacOS CVE: CVE-2020-6404 PoC Video:...

8.8CVSS8.3AI score0.02045EPSS
Exploits5
0day.today
0day.today
added 2020/03/23 12:0 a.m.510 views

360 Security Sandbox Escape 0day Exploit

Sandbox is a feature introduced to isolate risky programs. Application running in sandbox have only limited access and it wont allow tasks such as network communication , creating file or anything malicious in nature A vulnerability in 360 security sandbox allows attackers to escape from the...

1.5AI score
Exploits0
0day.today
0day.today
added 2020/03/23 12:0 a.m.280 views

FIBARO System Home Center 5.021 - Remote File Include Vulnerability

Exploit for multiple platform in category web applications Exploit Title: FIBARO System Home Center 5.021 - Remote File Include Author: LiquidWorm Vendor: https://www.fibaro.com CVE: N/A Vendor: FIBAR GROUP S.A. Product web page: https://www.fibaro.com Affected version: Home Center 3, Home Center...

7.1AI score
Exploits0
0day.today
0day.today
added 2020/03/21 12:0 a.m.409 views

Avast Secure Browser 76.0.1659.101 Local Privilege Escalation Vulnerability

A local privilege escalation issue was discovered in Avast Secure Browser version 76.0.1659.101. The vulnerability is due to an insecure ACL set by the AvastBrowserUpdate.exe which is running as NT AUTHORITY\SYSTEM when AvastSecureBrowser.exe checks for new updates. Avast Secure Browser...

7.8CVSS0.3AI score0.00522EPSS
Exploits1
0day.today
0day.today
added 2020/03/20 12:0 a.m.138 views

Exagate Sysguard 6001 - Cross-Site Request Forgery (Add Admin) Vulnerability

Exploit for php platform in category web applications Exploit Title: Exagate Sysguard 6001 - Cross-Site Request Forgery Add Admin Exploit Author: Metin Yunus Kandemir Vendor Homepage: https://www.exagate.com/ Software Link: https://www.exagate.com/sysguard-6001 Version: SYSGuard 6001 HTML CSRF Po...

0.3AI score
Exploits0
Total number of security vulnerabilities39001