Lucene search
K

39001 matches found

0day.today
0day.today
added 2020/02/15 12:0 a.m.111 views

EPSON EasyMP Network Projection 2.81 - (EMP_NSWLSV) Unquoted Service Path Vulnerability

Exploit Title: EPSON EasyMP Network Projection 2.81 - 'EMPNSWLSV' Unquoted Service Path Discovery by: Roberto Piña Vendor Homepage: https://epson.com/support/easymp-network-projection-v2-86-for-windows Software Link :https://ftp.epson.com/drivers/epson16189.exe SEIKO EPSON CORP Tested Version: 2....

0.7AI score
Exploits0
0day.today
0day.today
added 2020/02/15 12:0 a.m.71 views

SprintWork 2.3.1 - Local Privilege Escalation Vulnerability

Exploit Title: SprintWork 2.3.1 - Local Privilege Escalation Exploit Author: boku Vendor Homepage: https://veridium.net Software Link: https://veridium.net/filesu/spx/exe/SprintWork-Setup.exe Version: 2.3.1 Tested On: Windows 10 32-bit Vulnerability Overview: SprintWork v2.3.1 x86 suffers from...

0.2AI score
Exploits0
0day.today
0day.today
added 2020/02/15 12:0 a.m.91 views

HomeGuard Pro 9.3.1 - Insecure Folder Permissions Vulnerability

Exploit Title: HomeGuard Pro 9.3.1 - Insecure Folder Permissions Exploit Author: boku Vendor Homepage: https://veridium.net Software Link: https://veridium.net/filesu/hg-pro/exe/HomeGuardPro-Setup.exe Version 9.3.1 Tested On: Windows 10 32-bit HomeGuard Pro v9.3.1 - Unquoted Service Path + Insecu...

0.3AI score
Exploits0
0day.today
0day.today
added 2020/02/15 12:0 a.m.93 views

PHP 7.0 < 7.4 (Unix) - debug_backtrace disable_functions Bypass Exploit

a; $backtrace = new Exception-getTrace; ; if!isset$backtrace1'args' PHP = 7.4 $backtrace = debugbacktrace; class Helper public $a, $b, $c, $d; function str2ptr&$str, $p = 0, $s = 8 $address = 0; for$j = $s-1; $j = 0; $j-- $address = 8; return $out; function write&$str, $p, $v, $n = 8 $i = 0; for$...

0.4AI score
Exploits0
0day.today
0day.today
added 2020/02/15 12:0 a.m.133 views

Windows Kernel - Information Disclosure Vulnerability

PoC for the SWAPGS attack CVE-2019-1125 This holds the sources for the SWAPGS attack PoC publicly shown at Black Hat USA, 2019. Contents leakgsbkva - variant 1 look for random values in kernel memory; limited to PE kernel image header leakgsbkvat - variant 2 extract random values from kernel...

5.6CVSS7.3AI score0.04521EPSS
Exploits4
0day.today
0day.today
added 2020/02/14 12:0 a.m.90 views

phpMyChat Plus 1.98 - (pmc_username) SQL Injection Vulnerability

Exploit for php platform in category web applications Title: phpMyChat Plus 1.98 - 'pmcusername' SQL Injection Exploit Author: J3rryBl4nks Vendor Homepage: http://ciprianmp.com/latest/ Software Link: https://sourceforge.net/projects/phpmychat/files/phpMyChatPlus/ Version MyChat Plus 1.98 Tested o...

7.1AI score
Exploits0
0day.today
0day.today
added 2020/02/13 12:0 a.m.94 views

WordPress ultimate-member 2.1.3 Plugin - Local File Inclusion Vulnerability

Exploit for php platform in category web applications Title : WordPress Plugin ultimate-member 2.1.3 - Local File Inclusion Author : mehran feizi Vendor : https://wordpress.org/plugins/ultimate-member/ Category : Webapps Vendor home page: https://wordpress.org/plugins/ultimate-member/ Vulnerable...

7.1AI score
Exploits0
0day.today
0day.today
added 2020/02/13 12:0 a.m.84 views

PANDORAFMS 7.0 - Authenticated Remote Code Execution Exploit

Exploit for php platform in category web applications Exploit Title: PANDORAFMS 7.0 - Authenticated Remote Code Execution Exploit Author: Engin Demirbilek Vendor homepage: http://pandorafms.org/ Version: 7.0 Software link: https://pandorafms.org/features/free-download-monitoring-software/ Tested...

9CVSS7AI score0.22476EPSS
Exploits5
0day.today
0day.today
added 2020/02/13 12:0 a.m.63 views

OpenTFTP 1.66 - Local Privilege Escalation Vulnerability

Exploit Title: OpenTFTP 1.66 - Local Privilege Escalation Exploit Author: boku Vendor Homepage: https://sourceforge.net/projects/tftp-server/ Software Link: https://sourceforge.net/projects/tftp-server/files/tftp%20server%20single%20port/OpenTFTPServerSPInstallerV1.66.exe/download Version: 1.66...

0.6AI score
Exploits0
0day.today
0day.today
added 2020/02/12 12:0 a.m.1246 views

WordPress Contact-Form-7 5.1.6 File Upload Vulnerability

Exploit for php platform in category web applications - Tile: Wordpress Plugin contact-form-7 5.1.6 - Remote File Upload - Author: mehran feizi - Category: webapps - Date: 2020.02.11 - vendor home page: https://wordpress.org/plugins/contact-form-7/ Vulnerable Source: 134: moveuploadedfile...

0.1AI score
Exploits0
0day.today
0day.today
added 2020/02/12 12:0 a.m.96 views

WordPress Wordfence 7.4.5 Local File Disclosure Vulnerability

Exploit for php platform in category web applications - Tile: Wordpress Plugin wordfence.7.4.5 - Local File Disclosure - Author: mehran feizi - Category: webapps - Date: 2020.02.12 - vendor home page: https://wordpress.org/plugins/wordfence/...

7.1AI score
Exploits0
0day.today
0day.today
added 2020/02/12 12:0 a.m.63 views

WordPress Tutor 1.5.3 Cross Site Scripting Vulnerability

Exploit for php platform in category web applications - Tile: Wordpress Plugin tutor.1.5.3 - Cross-Site Scripting - Author: mehran feizi - Category: webapps =================================================================== Vulnerable page: /Quiz.php...

7.1AI score
Exploits0
0day.today
0day.today
added 2020/02/12 12:0 a.m.120 views

Samsung SEND_FILE_WITH_HEADER Use-After-Free Exploit

Samsung suffers from a use-after-free vulnerability due to a missing lock in the SENDFILEWITHHEADER handler in fmtpsamsung.c. Samsung: UAF via missing locking in SENDFILEWITHHEADER handler in fmtpsamsung.c Tested on a Samsung A50 SM-A505FN, running build...

7.3AI score
Exploits0
0day.today
0day.today
added 2020/02/12 12:0 a.m.87 views

WordPress Tutor 1.5.3 Local File Inclusion Vulnerability

Exploit for php platform in category web applications - Tile: Wordpress Plugin tutor.1.5.3 - Local File Inclusion - Author: mehran feizi - Category: webapps - Date: 2020.02.12 - vendor home page: https://wordpress.org/plugins/tutor/...

7.1AI score
Exploits0
0day.today
0day.today
added 2020/02/12 12:0 a.m.121 views

HP System Event Utility - Local Privilege Escalation Exploit

The HP System Event service "HPMSGSVC.exe" will load an arbitrary EXE and execute it with SYSTEM integrity. HPMSGSVC.exe runs a background process that delivers push notifications. The problem is that the HP Message Service will load and execute any arbitrary executable named "Program.exe" if it ...

7.8CVSS0.8AI score0.01478EPSS
Exploits5
0day.today
0day.today
added 2020/02/12 12:0 a.m.59 views

MyVideoConverter Pro 3.14 - (Output Folder) Buffer Overflow Exploit

Exploit Title: MyVideoConverter Pro 3.14 - 'Output Folder' Buffer Overflow Exploit Author : ZwX Vendor Homepage : http://www.ivideogo.com/ Tested on OS: Windows 10 v1803 Social: twitter.com/ZwX2a Steps to Reproduce: 1. Run the python exploit script, it will create a new file with the name...

0.2AI score
Exploits0
0day.today
0day.today
added 2020/02/12 12:0 a.m.77 views

MyVideoConverter Pro 3.14 - (TVSeries) Buffer Overflow Exploit

Exploit Title: MyVideoConverter Pro 3.14 - 'TVSeries' Buffer Overflow Exploit Author : ZwX Vendor Homepage : http://www.ivideogo.com/ Tested on OS: Windows 10 v1803 Social: twitter.com/ZwX2a Steps to Reproduce: 1. Run the python exploit script, it will create a new file with the name "Shell.txt"...

0.6AI score
Exploits0
0day.today
0day.today
added 2020/02/12 12:0 a.m.59 views

MyVideoConverter Pro 3.14 - (Movie) Buffer Overflow Exploit

Exploit Title: MyVideoConverter Pro 3.14 - 'Movie' Buffer Overflow Exploit Author : ZwX Vendor Homepage : http://www.ivideogo.com/ Tested on OS: Windows 10 v1803 Social: twitter.com/ZwX2a Steps to Reproduce: 1. Run the python exploit script, it will create a new file with the name "Shell.txt". 2...

0.4AI score
Exploits0
0day.today
0day.today
added 2020/02/11 12:0 a.m.66 views

Disk Sorter Enterprise 12.4.16 - (Disk Sorter Enterprise) Unquoted Service Path Vulnerability

Exploit Title: Disk Sorter Enterprise 12.4.16 - 'Disk Sorter Enterprise' Unquoted Service Path Exploit Author: boku Vendor Homepage: http://www.disksorter.com Software Link: http://www.disksorter.com/setups/disksorterentsetupv12.4.16.exe Version: 12.4.16 Tested On: Windows 10 32-bit...

0.2AI score
Exploits0
0day.today
0day.today
added 2020/02/11 12:0 a.m.1162 views

Microsoft SharePoint - Deserialization Remote Code Execution Exploit

!/usr/bin/env python3 -- coding: utf-8 -- import requests import sys from xml.sax.saxutils import escape from lxml import html import codecs import readline from clint.arguments import Args import signal def serializecommandcmd: total = "" for x in cmd: a = codecs.encodex,"utf-16be" b =...

9.8CVSS0.3AI score0.99913EPSS
Exploits29
0day.today
0day.today
added 2020/02/11 12:0 a.m.78 views

Disk Savvy Enterprise 12.3.18 - Unquoted Service Path Vulnerability

Exploit Title: Disk Savvy Enterprise 12.3.18 - Unquoted Service Path Exploit Author: boku Vendor Homepage: http://www.disksavvy.com Software Link: http://www.disksavvy.com/setups/disksavvyentsetupv12.3.18.exe Version: 12.3.18 Tested On: Windows 10 32-bit C:\Users\nightelfwmic service get name,...

0.5AI score
Exploits0
0day.today
0day.today
added 2020/02/11 12:0 a.m.51 views

DVD Photo Slideshow Professional 8.07 - (Name) Buffer Overflow Vulnerability

Exploit Title: DVD Photo Slideshow Professional 8.07 - 'Name' Buffer Overflow Exploit Author : ZwX Vendor Homepage : http://www.picture-on-tv.com/ Tested on OS: Windows 10 v1803 Social: twitter.com/ZwX2a Steps to Reproduce: 1. Run the python exploit script, it will create a new file with the name...

0.5AI score
Exploits0
0day.today
0day.today
added 2020/02/11 12:0 a.m.73 views

Sync Breeze Enterprise 12.4.18 - (Sync Breeze Enterprise) Unquoted Service Path Vulnerability

Exploit Title: Sync Breeze Enterprise 12.4.18 - 'Sync Breeze Enterprise' Unquoted Service Path Exploit Author: boku Vendor Homepage: http://www.syncbreeze.com Software Link: http://www.syncbreeze.com/setups/syncbreezeentsetupv12.4.18.exe Version: 12.4.18 Tested On: Windows 10 32-bit...

0.2AI score
Exploits0
0day.today
0day.today
added 2020/02/11 12:0 a.m.47 views

Wedding Slideshow Studio 1.36 - (Name) Buffer Overflow Exploit

Exploit Title: Wedding Slideshow Studio 1.36 - 'Name' Buffer Overflow Exploit Author : ZwX Vendor Homepage : http://www.wedding-slideshow-studio.com/ Tested on OS: Windows 10 v1803 Social: twitter.com/ZwX2a Steps to Reproduce: 1. Run the python exploit script, it will create a new file with the...

Exploits0
0day.today
0day.today
added 2020/02/11 12:0 a.m.93 views

freeFTPd v1.0.13 - (freeFTPdService) Unquoted Service Path Vulnerability

Exploit Title: freeFTPd v1.0.13 - 'freeFTPdService' Unquoted Service Path Exploit Author: boku Vendor Homepage: http://www.freesshd.com Software Link: http://www.freesshd.com/freeFTPd.exe Version: 1.0.13 Tested On: Windows 10 32-bit C:\Users\nightelfwmic service get name, pathname, startmode |...

0.3AI score
Exploits0
0day.today
0day.today
added 2020/02/11 12:0 a.m.78 views

FreeSSHd 1.3.1 - (FreeSSHDService) Unquoted Service Path Vulnerability

Exploit Title: FreeSSHd 1.3.1 - 'FreeSSHDService' Unquoted Service Path Exploit Author: boku Vendor Homepage: http://www.freesshd.com Software Link: http://www.freesshd.com/freeSSHd.exe Version: 1.3.1 Tested On: Windows 10 32-bit C:\Users\nightelfwmic service get name, pathname, startmode | finds...

0.1AI score
Exploits0
0day.today
0day.today
added 2020/02/11 12:0 a.m.75 views

DVD Photo Slideshow Professional 8.07 - (Key) Buffer Overflow Exploit

Exploit Title: DVD Photo Slideshow Professional 8.07 - 'Key' Buffer Overflow Exploit Author : ZwX Vendor Homepage : http://www.picture-on-tv.com/ Tested on OS: Windows 10 v1803 Social: twitter.com/ZwX2a Steps to Reproduce: 1. Run the python exploit script, it will create a new file with the name...

0.3AI score
Exploits0
0day.today
0day.today
added 2020/02/11 12:0 a.m.539 views

QuickDate 1.3.2 SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: QuickDate 1.3.2 - SQL Injection Exploit Author: Ihsan Sencan Vendor Homepage: https://quickdatescript.com/ Version: 1.3.2 Tested on: Linux CVE: N/A POC: 1 POST /findmatches HTTP/1.1 Host: localhost User-Agent: Mozilla/5.0 X11;...

7.1AI score
Exploits0
0day.today
0day.today
added 2020/02/11 12:0 a.m.65 views

Vanilla Forums 2.6.3 - Persistent Cross-Site Scripting Vulnerability

Exploit for php platform in category web applications Exploit Title: Vanilla Forums 2.6.3 - Persistent Cross-Site Scripting Exploit Author: Sayak Naskar Vendor Homepage: https://vanillaforums.com/en/ Version: 2.6.3 Tested on: Windows, Linux CVE : CVE-2020-8825 A Stored xss was found in Vanillafor...

3.5CVSS5.6AI score0.01875EPSS
Exploits5
0day.today
0day.today
added 2020/02/11 12:0 a.m.63 views

WordPress InfiniteWP Client Authentication Bypass Exploit

This Metasploit module exploits an authentication bypass in the WordPress InfiniteWP Client plugin to log in as an administrator and execute arbitrary PHP code by overwriting the file specified by PLUGINFILE. The module will attempt to retrieve the original PLUGINFILE contents and restore them...

8AI score
Exploits0
0day.today
0day.today
added 2020/02/11 12:0 a.m.90 views

Torrent iPod Video Converter 1.51 - Stack Overflow Exploit

Exploit Title: Torrent iPod Video Converter 1.51 - Stack Overflow Exploit Author: boku Software Vendor: torrentrockyou Vendor Homepage: http://www.torrentrockyou.com Software Link: http://www.torrentrockyou.com/download/tripodconverter.exe Version: Torrent iPod Video Converter Version 1.51 Build...

0.1AI score
Exploits0
0day.today
0day.today
added 2020/02/11 12:0 a.m.115 views

OpenSMTPD 6.6.1 - Local Privilege Escalation Exploit

Exploit Title: OpenSMTPD 6.6.1 - Local Privilege Escalation Date: 2020-02-02 Exploit Author: Marco Ivaldi Vendor Homepage: https://www.opensmtpd.org/ Version: OpenSMTPD 6.4.0 - 6.6.1 Tested on: OpenBSD 6.6, Debian GNU/Linux bullseye/sid with opensmtpd 6.6.1p1-1 CVE: CVE-2020-7247 !/usr/bin/perl...

10CVSS9.2AI score0.98946EPSS
Exploits27
0day.today
0day.today
added 2020/02/11 12:0 a.m.74 views

CHIYU BF430 TCP IP Converter - Stored Cross-Site Scripting Vulnerability

Exploit for cgi platform in category web applications Exploit Title: CHIYU BF430 TCP IP Converter - Stored Cross-Site Scripting Google Dork: In Shodan search engine, the filter is "CHIYU" Exploit Author: Luca.Chiou Vendor Homepage: https://www.chiyu-t.com.tw/en/ Version: BF430 232/485 TCP/IP...

4.3CVSS0.1AI score0.02071EPSS
Exploits5
0day.today
0day.today
added 2020/02/10 12:0 a.m.209 views

iOS / macOS - Out-of-Bounds Timestamp Write in IOAccelCommandQueue2::processSegmentKernelCommand()

While investigating possible shared memory issues in AGXCommandQueue::processSegmentKernelCommand, I noticed that the size checks used to parse the IOAccelKernelCommand in IOAccelCommandQueue2::processSegmentKernelCommand are incorrect. The IOAccelKernelCommand contains an 8-byte header consistin...

7.8CVSS0.1AI score0.16111EPSS
Exploits1
0day.today
0day.today
added 2020/02/10 12:0 a.m.83 views

D-Link Devices - Unauthenticated Remote Command Execution in ssdpcgi Exploit

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'D-Link Devices Unauthenticated Remote Command Execution in ssdpcgi', 'Description' = %q D-Link Devices Unauthenticated Remote Command Execution i...

10CVSS1.1AI score0.75105EPSS
Exploits6
0day.today
0day.today
added 2020/02/10 12:0 a.m.110 views

WordPress LMS Plugin 3.1.2 - Reflective Cross-Site Scripting Vulnerability

Exploit for multiple platform in category web applications Exploit Title: LearnDash WordPress LMS Plugin 3.1.2 - Reflective Cross-Site Scripting Vendor Homepage: https://www.learndash.com Vendor Changelog: https://learndash.releasenotes.io/release/uCskc-version-312 Exploit Author: Jinson Varghese...

4.3CVSS0.1AI score0.03458EPSS
Exploits6
0day.today
0day.today
added 2020/02/10 12:0 a.m.91 views

usersctp - Out-of-Bounds Reads in sctp_load_addresses_from_init Exploit

usersctp is SCTP library used by a variety of software including WebRTC. There is a vulnerability in the sctploadaddressesfrominit function of usersctp that can lead to a number of out-of-bound reads. The input to sctploadaddressesfrominit is verified by calling sctparethereunrecognizedparameters...

6.8AI score
Exploits0
0day.today
0day.today
added 2020/02/10 12:0 a.m.95 views

Dota 2 7.23f - Denial of Service Exploit

Exploit Title: Dota 2 7.23f - Denial of Service PoC Exploit Author: Bogdan Kurinnoy email protected bi7s Vendor Homepage: https://www.valvesoftware.com/en/ Software Link: N/A Version: 7.23f Tested on: Windows 10 x64 CVE : CVE-2020-7949 Valve Dota 2 schemasystem.dll before 7.23f allows remote...

7.8CVSS7.7AI score0.04165EPSS
Exploits4
0day.today
0day.today
added 2020/02/10 12:0 a.m.111 views

Forcepoint WebSecurity 8.5 - Reflective Cross-Site Scripting Vulnerability

Exploit for multiple platform in category web applications Exploit Title: Forcepoint WebSecurity 8.5 - Reflective Cross-Site Scripting Exploit Author: Prasenjit Kanti Paul Vendor Homepage: https://www.forcepoint.com/ Software Link: https://www.forcepoint.com/product/cloud-security/web-security...

4.3CVSS6.4AI score0.0298EPSS
Exploits4
0day.today
0day.today
added 2020/02/10 12:0 a.m.162 views

Linux/x86 - Bind Shell Generator Shellcode (114 bytes)

Title: Linux/x86 - Bind Shell Generator Shellcode 114 bytes Author: Bobby Cooke Tested On: Ubuntu 3.13.0-32-generic 57precise1-Ubuntu i386 !/usr/bin/python Take users TCP port as input port = rawinput"Enter TCP Port Number: " Convert input string to an integer deciPort = intport Format the intege...

0.2AI score
Exploits0
0day.today
0day.today
added 2020/02/10 12:0 a.m.207 views

Ricoh Driver - Privilege Escalation Exploit

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core/exploit/exe' class MetasploitModule 'Ricoh Driver Privilege Escalation', 'Description' = %q Various Ricoh printer drivers allow escalation of privilege...

7.8CVSS0.7AI score0.04566EPSS
Exploits8
0day.today
0day.today
added 2020/02/10 12:0 a.m.53 views

Wedding Slideshow Studio 1.36 - (Key) Buffer Overflow Exploit

Exploit Title: Wedding Slideshow Studio 1.36 - 'Key' Buffer Overflow Vendor Homepage : http://www.wedding-slideshow-studio.com/ Tested on OS: Windows 10 v1803 Social: twitter.com/ZwX2a Steps to Reproduce: 1. Run the python exploit script, it will create a new file with the name "poc.txt". 2. Just...

7.4AI score
Exploits0
0day.today
0day.today
added 2020/02/10 12:0 a.m.210 views

OpenSMTPD - MAIL FROM Remote Code Execution Exploit

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'OpenSMTPD MAIL FROM Remote Code Execution', 'Description' = %q This module exploits a command injection in the MAIL FROM field during SMTP...

10CVSS9.7AI score0.98946EPSS
Exploits27
0day.today
0day.today
added 2020/02/09 12:0 a.m.122 views

iCloud reset mail Account Authentication Elevation Of Privilege 0day Exploit

This vulnerability allows attackers to execute arbitrary code on vulnerable installations of Apple OS X. An attacker must have shell access to exploit this vulnerability, however Guest access is sufficient. The specific flaw exists within the authentication of users who use their iCloud account a...

7.9AI score
Exploits0
0day.today
0day.today
added 2020/02/07 12:0 a.m.81 views

VehicleWorkshop 1.0 - (bookingid) SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: VehicleWorkshop 1.0 - 'bookingid' SQL Injection Exploit Author: Mehran Feizi Vendor HomagePage: https://github.com/spiritson/VehicleWorkshop Tested on: Windows Google Dork: N/A ========= Vulnerable Page: =========...

7.1AI score
Exploits0
0day.today
0day.today
added 2020/02/07 12:0 a.m.118 views

Google Invisible RECAPTCHA 3 Spoof Bypass Exploit

Exploit for multiple platform in category web applications Exploit Title: Google Invisible RECAPTCHA 3 - Spoof Bypass Vendor Homepage: https://developers.google.com/recaptcha/docs/invisible Exploit Git Repo: https://github.com/matamorphosis/Browser-Exploits/tree/master/RECAPTCHABypass Exploit...

0.2AI score
Exploits0
0day.today
0day.today
added 2020/02/07 12:0 a.m.66 views

PackWeb Formap E-learning 1.0 - (NumCours) SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: PackWeb Formap E-learning 1.0 - 'NumCours' SQL Injection Google Dork: intitle: "PackWeb Formap E-learning" Exploit Author: Amel BOUZIANE-LEBLOND Vendor Homepage: https://www.ediser.com/ Software Link:...

0.2AI score
Exploits0
0day.today
0day.today
added 2020/02/07 12:0 a.m.86 views

EyesOfNetwork 5.3 Remote Code Execution Exploit

Exploit for php platform in category web applications Exploit Title: EyesOfNetwork 5.3 - Remote Code Execution Exploit Author: Clément Billac Vendor Homepage: https://www.eyesofnetwork.com/ Software Link: http://download.eyesofnetwork.com/EyesOfNetwork-5.3-x8664-bin.iso Version: 5.3 CVE :...

9.3CVSS0.85646EPSS
Exploits11
0day.today
0day.today
added 2020/02/07 12:0 a.m.58 views

ExpertGPS 6.38 - XML External Entity Injection Vulnerability

Exploit for xml platform in category web applications + Exploit Title: ExpertGPS 6.38 - XML External Entity Injection + Exploit Author: Trent Gordon + Vendor Homepage: https://www.topografix.com/ + Software Link: http://download.expertgps.com/SetupExpertGPS.exe + Disclosed at: 7FEB2020 + Version:...

7.1AI score
Exploits0
0day.today
0day.today
added 2020/02/06 12:0 a.m.148 views

ELAN Smart-Pad 11.10.15.1 - (ETDService) Unquoted Service Path Vulnerability

Exploit Title: ELAN Smart-Pad 11.10.15.1 - 'ETDService' Unquoted Service Path Exploit Author : ZwX Vendor : ELAN Microelectronics Vendor Homepage : http://www.emc.com.tw/ Tested on OS: Windows 10 v1803 Analyze PoC : ============== C:\Users\ZwXsc qc ETDService SC QueryServiceConfig réussites...

0.6AI score
Exploits0
Total number of security vulnerabilities39001