Lucene search
K

39001 matches found

0day.today
0day.today
added 2019/12/31 12:0 a.m.110 views

FreeBSD fd Privilege Escalation Exploit

Local root exploit for the FreeBSD fd vulnerability as disclosed in FreeBSD-SA-19:02.fd. Exploit: FreeBSD-SA-19:02.fd - Privilege Escalation Author: Karsten König of Secfault Security Twitter: @gr4yf0x Kudos: Maik, greg and Dirk for discussion and inspiration CVE: CVE-2019-5596 libmap.conf...

8.8CVSS0.6AI score0.01229EPSS
Exploits4
0day.today
0day.today
added 2019/12/30 12:0 a.m.120 views

MyDomoAtHome REST API Domoticz ISS Gateway 0.2.40 - Information Disclosure Vulnerability

Exploit for hardware platform in category web applications Exploit: MyDomoAtHome REST API Domoticz ISS Gateway 0.2.40 - Information Disclosure Author: LiquidWorm Vendor: Emmanuel Product web page: https://github.com/empierre/MyDomoAtHome https://www.domoticz.com/wiki/ImperiHome...

7.1AI score
Exploits0
0day.today
0day.today
added 2019/12/30 12:0 a.m.143 views

HomeAutomation 3.3.2 - Persistent Cross-Site Scripting Vulnerability

Exploit for hardware platform in category web applications Exploit: HomeAutomation 3.3.2 - Persistent Cross-Site Scripting Author: LiquidWorm Vendor: Tom Rosenback and Daniel Malmgren Product web page: http://karpero.mine.nu/ha/ Affected version: 3.3.2 Tested on: Apache/2.4.41 centos...

7.1AI score
Exploits0
0day.today
0day.today
added 2019/12/30 12:0 a.m.55 views

RICOH SP 4510SF Printer - HTML Injection Vulnerability

Exploit for hardware platform in category web applications Exploit Title: RICOH SP 4510SF Printer - HTML Injection Exploit Author: Ismail Tasdelen Vendor Homepage: https://www.ricoh.com/ Hardware Link: http://support.ricoh.com/bb/html/drute/re1/model/sp4510/sp4510.htm Software: RICOH Printer...

7.1AI score
Exploits0
0day.today
0day.today
added 2019/12/30 12:0 a.m.115 views

Thrive Smart Home 1.1 - Authentication Bypass Vulnerability

Exploit for php platform in category web applications Exploit: Thrive Smart Home 1.1 - Authentication Bypass Author: LiquidWorm Vendor: Thrive Product web page: http://www.thrivesmarthomes.com Affected version: 1.1 Tested on: Apache/2.4.41 centos OpenSSL/1.0.2k-fips Advisory ID: ZSL-2019-5554...

7.1AI score
Exploits0
0day.today
0day.today
added 2019/12/30 12:0 a.m.94 views

NextVPN v4.10 - Insecure File Permissions Vulnerability

Exploit Title: NextVPN v4.10 - Insecure File Permissions Exploit Author: SajjadBnd Contact: email protected Vendor Homepage: https://vm3max.site Software Link:http://dl.spacevm.com/NextVPNSetup-v4.10.exe Version: 4.10 Tested on: Win10 Professional x64 Description The NextVPN Application was...

Exploits0
0day.today
0day.today
added 2019/12/30 12:0 a.m.71 views

Heatmiser Netmonitor 3.03 - HTML Injection Vulnerability

Exploit for hardware platform in category web applications Exploit Title: Heatmiser Netmonitor 3.03 - HTML Injection Exploit Author: Ismail Tasdelen Vendor Homepage: https://www.heatmiser.com/en/ Hardware Link: https://www.zoneregeling.nl/heatmiser/netmonitor-handleiding.pdf Software: Netmonitor...

7.4AI score
Exploits0
0day.today
0day.today
added 2019/12/30 12:0 a.m.84 views

RICOH Web Image Monitor 1.09 - HTML Injection Vulnerability

Exploit for hardware platform in category web applications Exploit Title: RICOH Web Image Monitor 1.09 - HTML Injection Exploit Author: Ismail Tasdelen Vendor Homepage: https://www.ricoh.com/ Hardware Link: http://support-download.com/services/device/webhlp/nb/gen/v140cc1/en/ptop010.html Software...

7.1AI score
Exploits0
0day.today
0day.today
added 2019/12/30 12:0 a.m.100 views

Domain Quester Pro 6.02 - Stack Overflow (SEH) Exploit

Exploit Title: Domain Quester Pro 6.02 - Stack Overflow SEH Exploit Author: boku Software Vendor: http://www.internet-soft.com/ Software Link: http://www.internet-soft.com/DEMO/questerprosetup.exe Version: Version 6.02 Tested on: Microsoft Windows 7 Enterprise - 6.1.7601 Service Pack 1 Build 7601...

0.3AI score
Exploits0
0day.today
0day.today
added 2019/12/30 12:0 a.m.61 views

elearning-script 1.0 - Authentication Bypass Vulnerability

Exploit for windows platform in category web applications Exploit Title: elearning-script 1.0 - Authentication Bypass Author: riamloo Vendor Homepage: https://github.com/amitkolloldey/elearning-script Software Link: https://github.com/amitkolloldey/elearning-script/archive/master.zip Version: 1...

7.1AI score
Exploits0
0day.today
0day.today
added 2019/12/30 12:0 a.m.156 views

XEROX WorkCentre 6655 Printer - Cross-Site Request Forgery (Add Admin) Vulnerability

Exploit for hardware platform in category web applications Exploit Title: XEROX WorkCentre 6655 Printer - Cross-Site Request Forgery Add Admin Exploit Author: Ismail Tasdelen Vendor Homepage: https://www.xerox.com/ Hardware Link :...

0.6AI score
Exploits0
0day.today
0day.today
added 2019/12/30 12:0 a.m.77 views

Heatmiser Netmonitor 3.03 - Hardcoded Credentials Vulnerability

Exploit for hardware platform in category web applications Exploit Title: Heatmiser Netmonitor 3.03 - Hardcoded Credentials Exploit Author: Ismail Tasdelen Vendor Homepage: https://www.heatmiser.com/en/ Hardware Link: https://www.zoneregeling.nl/heatmiser/netmonitor-handleiding.pdf Software:...

7.1AI score
Exploits0
0day.today
0day.today
added 2019/12/30 12:0 a.m.178 views

HomeAutomation 3.3.2 - Authentication Bypass Vulnerability

Exploit for php platform in category web applications Exploit: HomeAutomation 3.3.2 - Authentication Bypass Author: LiquidWorm Vendor: Tom Rosenback and Daniel Malmgren Product web page: http://karpero.mine.nu/ha/ Affected version: 3.3.2 Tested on: Apache/2.4.41 centos OpenSSL/1.0.2k-fips Advisor...

7.1AI score
Exploits0
0day.today
0day.today
added 2019/12/30 12:0 a.m.97 views

Wing FTP Server 6.0.7 - Unquoted Service Path Vulnerability

Exploit Title: Wing FTP Server 6.0.7 - Unquoted Service Path Exploit Author: Nawaf Alkeraithe Vendor Homepage: https://www.wftpserver.com/ Version: 6.0.7 Tested on: Windows 10 CVE : N/A PoC: C:\Users\usersc qc "Wing FTP Server" SC QueryServiceConfig SUCCESS SERVICENAME: Wing FTP Server TYPE : 10...

Exploits0
0day.today
0day.today
added 2019/12/30 12:0 a.m.106 views

WEMS BEMS 21.3.1 - Undocumented Backdoor Account Vulnerability

Exploit for hardware platform in category web applications Exploit: WEMS BEMS 21.3.1 - Undocumented Backdoor Account Author: LiquidWorm Vendor: WEMS Limited Product web page: https://www.wems.co.uk Advisory ID: ZSL-2019-5552 Advisory URL:...

7.1AI score
Exploits0
0day.today
0day.today
added 2019/12/30 12:0 a.m.52 views

XEROX WorkCentre 7830 Printer - Cross-Site Request Forgery (Add Admin) Vulnerability

Exploit for hardware platform in category web applications Exploit Title: XEROX WorkCentre 7830 Printer - Cross-Site Request Forgery Add Admin Exploit Author: Ismail Tasdelen Vendor Homepage: https://www.xerox.com/ Hardware Link :...

0.7AI score
Exploits0
0day.today
0day.today
added 2019/12/30 12:0 a.m.74 views

XEROX WorkCentre 7855 Printer - Cross-Site Request Forgery (Add Admin) Vulnerability

Exploit for hardware platform in category web applications Exploit Title: XEROX WorkCentre 7855 Printer - Cross-Site Request Forgery Add Admin Exploit Author: Ismail Tasdelen Vendor Homepage: https://www.xerox.com/ Hardware Link :...

0.7AI score
Exploits0
0day.today
0day.today
added 2019/12/30 12:0 a.m.78 views

HomeAutomation 3.3.2 - Cross-Site Request Forgery (Add Admin) Vulnerability

Exploit for php platform in category web applications Exploit: HomeAutomation 3.3.2 - Cross-Site Request Forgery Add Admin Author: LiquidWorm Vendor: Tom Rosenback and Daniel Malmgren Product web page: http://karpero.mine.nu/ha/ Affected version: 3.3.2 Tested on: Apache/2.4.41 centos...

Exploits0
0day.today
0day.today
added 2019/12/30 12:0 a.m.178 views

HomeAutomation 3.3.2 - Remote Code Execution Vulnerability

Exploit for php platform in category web applications Exploit: HomeAutomation 3.3.2 - Remote Code Execution Author: LiquidWorm Vendor: Tom Rosenback and Daniel Malmgren Product web page: http://karpero.mine.nu/ha/ Affected version: 3.3.2 Tested on: Apache/2.4.41 centos OpenSSL/1.0.2k-fips Advisor...

7.1AI score
Exploits0
0day.today
0day.today
added 2019/12/27 12:0 a.m.132 views

AVE DOMINAplus 1.10.x Credential Disclosure Exploit

!/usr/bin/env python AVE DOMINAplus =1.10.x Credentials Disclosure Exploit Vendor: AVE S.p.A. Product web page: https://www.ave.it | https://www.domoticaplus.it Affected version: Web Server Code 53AB-WBS - 1.10.62 Touch Screen Code TS01 - 1.0.65 Touch Screen Code TS03x-V | TS04X-V - 1.10.45a Touc...

7.1AI score
Exploits0
0day.today
0day.today
added 2019/12/27 12:0 a.m.285 views

OpenBSD Dynamic Loader chpass Privilege Escalation Exploit

This Metasploit module exploits a vulnerability in the OpenBSD ld.so dynamic loader CVE-2019-19726. The dlgetenv function fails to reset the LDLIBRARYPATH environment variable when set with approximately ARGMAX colons. This can be abused to load libutil.so from an untrusted path, using...

7.8CVSS0.5AI score0.03522EPSS
Exploits12
0day.today
0day.today
added 2019/12/27 12:0 a.m.115 views

AVE DOMINAplus 1.10.x Unauthenticated Remote Reboot Vulnerability

AVE DOMINAplus =1.10.x Unauthenticated Remote Reboot Vendor: AVE S.p.A. Product web page: https://www.ave.it | https://www.domoticaplus.it Affected version: Web Server Code 53AB-WBS - 1.10.62 Touch Screen Code TS01 - 1.0.65 Touch Screen Code TS03x-V | TS04X-V - 1.10.45a Touch Screen Code TS05 -...

0.4AI score
Exploits0
0day.today
0day.today
added 2019/12/27 12:0 a.m.125 views

AVE DOMINAplus 1.10.x Cross Site Request Forgery / Cross Site Scripting Vulnerabilities

AVE DOMINAplus =1.10.x CSRF/XSS Vulnerabilities Vendor: AVE S.p.A. Product web page: https://www.ave.it | https://www.domoticaplus.it Affected version: Web Server Code 53AB-WBS - 1.10.62 Touch Screen Code TS01 - 1.0.65 Touch Screen Code TS03x-V | TS04X-V - 1.10.45a Touch Screen Code TS05 - 1.10.3...

0.1AI score
Exploits0
0day.today
0day.today
added 2019/12/27 12:0 a.m.207 views

AVE DOMINAplus 1.10.x Authentication Bypass Vulnerability

AVE DOMINAplus =1.10.x Authentication Bypass Exploit Vendor: AVE S.p.A. Product web page: https://www.ave.it | https://www.domoticaplus.it Affected version: Web Server Code 53AB-WBS - 1.10.62 Touch Screen Code TS01 - 1.0.65 Touch Screen Code TS03x-V | TS04X-V - 1.10.45a Touch Screen Code TS05 -...

0.5AI score
Exploits0
0day.today
0day.today
added 2019/12/27 12:0 a.m.494 views

Linux/x86 Encoder / Decoder Shellcode (117 bytes)

Title : Linux/x86 - Encoder - Random Bytes + XOR/SUB/NOT/ROR / Decoder - ROL/NOT/ADD/XOR execve/bin/sh Shellcode 117 bytes Author : Xenofon Vassilakopoulos Date : July, 2019 Tested on : Linux kali 5.3.0-kali2-686-pae 1 SMP Debian 5.3.9-3kali1 2019-11-20 i686 GNU/Linux Architecture : i686 GNU/Linu...

7.1AI score
Exploits0
0day.today
0day.today
added 2019/12/24 12:0 a.m.284 views

Reptile Rootkit reptile_cmd Privilege Escalation Exploit

This Metasploit module uses Reptile rootkit's reptilecmd backdoor executable to gain root privileges using the root command. This module has been tested successfully with Reptile from master branch 2019-03-04 on Ubuntu 18.04.3 x64 and Linux Mint 19 x64. This module requires Metasploit:...

0.5AI score
Exploits0
0day.today
0day.today
added 2019/12/24 12:0 a.m.217 views

Prime95 Version 29.8 build 6 - Buffer Overflow (SEH) Exploit

Exploit Title: Prime95 Version 29.8 build 6 - Buffer Overflow SEH Vendor Homepage: https://www.mersenne.org Software Link: http://www.mersenne.org/ftproot/gimps/p95v298b6.win32.zip Exploit Author: Achilles Tested Version: 29.8 build 6 Tested on: Windows 7 x64 1.- Run python code:Prime95.py 2.- Op...

7.4AI score
Exploits0
0day.today
0day.today
added 2019/12/24 12:0 a.m.115 views

Django < 3.0 < 2.2 < 1.11 - Account Hijack Vulnerability

Exploit for python platform in category web applications Django from django.contrib.auth import getusermodel User = getusermodel User.objects.createuser'mike123', 'email protected', 'test123' Procedure For Reproducing 1. Run ./manage.py runserver 1. Open...

5CVSS0.6AI score0.3481EPSS
Exploits7
0day.today
0day.today
added 2019/12/24 12:0 a.m.515 views

vReliable Datagram Sockets (RDS) rds_page_copy_user Privilege Escalation Exploit

This Metasploit module exploits a vulnerability in the rdspagecopyuser function in net/rds/page.c RDS in Linux kernel versions 2.6.30 to 2.6.36-rc8 to execute code as root CVE-2010-3904. This module has been tested successfully on Fedora 13 i686 kernel version 2.6.33.3-85.fc13.i686.PAE and Ubuntu...

7.8CVSS0.6AI score0.11217EPSS
Exploits16
0day.today
0day.today
added 2019/12/23 12:0 a.m.140 views

phpMyChat-Plus 1.98 - (pmc_username) Reflected Cross-Site Scripting Vulnerability

Exploit for php platform in category web applications Exploit Title: phpMyChat-Plus 1.98 - 'pmcusername' Reflected Cross-Site Scripting Exploit Author: Chris Inzinga Vendor Homepage: http://ciprianmp.com/latest/ Download: https://sourceforge.net/projects/phpmychat/ Tested On: Linux & Mac Version:...

7.1AI score0.21232EPSS
Exploits4
0day.today
0day.today
added 2019/12/23 12:0 a.m.138 views

Microsoft Windows 10 BasicRender.sys - Denial of Service Exploit

Exploit Title: Microsoft Windows 10 BasicRender.sys - Denial of Service PoC Exploit author: vportal Vendor homepage: http://www.microsoft.com Version: Windows 10 1803 x86 Tested on: Windows 10 1803 x86 CVE: N/A A Null pointer deference exists in the WARPGPUCMDSYNC function of the BasicRender.sys...

7.4AI score
Exploits0
0day.today
0day.today
added 2019/12/23 12:0 a.m.347 views

WordPress Core < 5.3.x - (xmlrpc.php) Denial of Service Exploit

Exploit for php platform in category web applications !/usr/bin/env python WordPress methodNamepingback.ping" entry += f"paramspingback/COUNT" entry += f"paramspingback/uuid.uuid4" entry += f"target/?p=1" entry += f"target/e" taxes DB more return entry def buildrequestpingback,target,entries:...

0.3AI score
Exploits0
0day.today
0day.today
added 2019/12/23 12:0 a.m.560 views

FreeSWITCH 1.10.1 - Command Execution Exploit

Exploit Title: FreeSWITCH 1.10.1 - Command Execution Exploit Author: 1F98D Vendor Homepage: https://freeswitch.com/ Software Link: https://files.freeswitch.org/windows/installer/x64/FreeSWITCH-1.10.1-Release-x64.msi Version: 1.10.1 Tested on: Windows 10 x64 FreeSWITCH listens on port 8021 by...

7.4AI score
Exploits0
0day.today
0day.today
added 2019/12/19 12:0 a.m.115 views

FTP Navigator 8.03 - (Custom Command) Denial of Service Exploit

Exploit Title: FTP Navigator 8.03 - 'Custom Command' Denial of Service SEH Exploit Author: Chris Inzinga Vendor Homepage: http://www.internet-soft.com/ Software Link: https://www.softpedia.com/dyn-postdownload.php/5edd515b8045f156a9dd48599c2539e5/5dfa4560/d0c/0/1 Version: 8.03 Tested on: Windows ...

7.4AI score
Exploits0
0day.today
0day.today
added 2019/12/19 12:0 a.m.524 views

Microsoft UPnP Local Privilege Elevation Exploit

This Metasploit module exploits two vulnerabilities to execute a command as an elevated user. The first CVE-2019-1405 uses the UPnP Device Host Service to elevate to NT AUTHORITY\LOCAL SERVICE. The second CVE-2019-1322 leverages the Update Orchestrator Service to elevate from NT AUTHORITY\LOCAL...

7.8CVSS0.3AI score0.2995EPSS
Exploits25
0day.today
0day.today
added 2019/12/18 12:0 a.m.123 views

AVS Audio Converter 9.1 - (Exit folder) Buffer Overflow Exploit

Exploit Title: AVS Audio Converter 9.1 - 'Exit folder' Buffer Overflow Exploit Author : ZwX Vendor Homepage : http://www.avs4you.com/ Link Software : http://www.avs4you.com/avs-audio-converter.aspx Tested on OS: Windows 7 ''' Technical Details & Description: ================================ A loc...

0.3AI score
Exploits0
0day.today
0day.today
added 2019/12/18 12:0 a.m.138 views

OpenMRS - Java Deserialization Remote Code Execution Exploit

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'OpenMRS Java Deserialization RCE', 'Description' = %q OpenMRS is an open-source platform that supplies users with a customizable medical record...

10CVSS0.6AI score0.98811EPSS
Exploits10
0day.today
0day.today
added 2019/12/18 12:0 a.m.677 views

Telerik UI - Remote Code Execution via Insecure Deserialization Exploit

Exploit for asp platform in category web applications Telerik UI - Remote Code Execution via Insecure Deserialization Exploit See the full write-up at Bishop Fox, CVE-2019-18935: https://know.bishopfox.com/research/cve-2019-18935-remote-code-execution-in-telerik-ui, for a complete walkthrough of...

0.3AI score0.99737EPSS
Exploits16
0day.today
0day.today
added 2019/12/18 12:0 a.m.98 views

Rumpus FTP Web File Manager 8.2.9.1 - Reflected Cross-Site Scripting Vulnerability

Exploit for asp platform in category web applications Exploit Title: Rumpus FTP Web File Manager 8.2.9.1 - Reflected Cross-Site Scripting Google Dork: site:..com "Web File Manager" inurl:?login= Shodan Dork: Server: Rumpus Exploit Author: Harshit Shukla, Sudeepto Roy Vendor Homepage:...

6.4AI score0.2102EPSS
Exploits5
0day.today
0day.today
added 2019/12/18 12:0 a.m.95 views

XnView 2.49.1 - (Research) Denial of Service Exploit

Exploit Title: XnView 2.49.1 - 'Research' Denial of Service PoC Exploit Author : ZwX Vendor Homepage : http://www.xnview.com Link Software : https://www.xnview.com/fr/xnview/downloads Tested on OS: Windows 7 ''' Proof of Concept PoC: ======================= 1.Download and install XnView 2.Open th...

0.1AI score
Exploits0
0day.today
0day.today
added 2019/12/18 12:0 a.m.141 views

macOS 10.14.6 (18G87) - Kernel Use-After-Free due to Race Condition in wait_for_namespace_event()

macOS 10.14.6 18G87 - Kernel Use-After-Free due to Race Condition in waitfornamespaceevent Exploit The XNU function waitfornamespaceevent in bsd/vfs/vfssyscalls.c releases a file descriptor for use by userspace but may then subsequently destroy that file descriptor using fpfree, which...

7.4AI score
Exploits0
0day.today
0day.today
added 2019/12/18 12:0 a.m.123 views

Tautulli 2.1.9 - Cross-Site Request Forgery (ShutDown) Vulnerability

Exploit for windows platform in category web applications Exploit Title: Tautulli 2.1.9 - Cross-Site Request Forgery ShutDown Exploit Author: Ismail Tasdelen Vendor Homepage: https://tautulli.com/ Software : https://github.com/Tautulli/Tautulli Product Version: v2.1.9 Platform: Windows 10...

7.1AI score
Exploits0
0day.today
0day.today
added 2019/12/17 12:0 a.m.158 views

Zendesk App SweetHawk Survey 1.6 - Persistent Cross-Site Scripting Vulnerability

Exploit for java platform in category web applications Exploit Title: Zendesk App SweetHawk Survey 1.6 - Persistent Cross-Site Scripting Exploit Author: MTK Vendor Homepage: https://sweethawk.co/zendesk/survey-app Software Link: https://www.zendesk.com/apps/support/survey/ Version: Up to v1.6...

7.1AI score
Exploits0
0day.today
0day.today
added 2019/12/17 12:0 a.m.108 views

Xerox AltaLink C8035 Printer Cross Site Request Forgery Vulnerability

Exploit for hardware platform in category web applications Exploit Title: Xerox AltaLink C8035 Printer - Cross-Site Request Forgery Add Admin Exploit Author: Ismail Tasdelen Vendor Homepage: https://www.xerox.com/ Hardware Link :...

0.5AI score0.00681EPSS
Exploits3
0day.today
0day.today
added 2019/12/17 12:0 a.m.237 views

Serv-U FTP Server 15.1.7 Cross Site Scripting Vulnerability

Exploit for windows platform in category web applications Exploit Title: Serv-U FTP Server 15.1.7 Cross Site Scripting Vulnerability Exploit Author: Cyb0r9 Vendor Homepage: https://www.serv-u.com/ Software Link: https://www.serv-u.com/downloads Version: SOLARWIND Serv-U FTP Server v15.1.7 Tested...

5.9AI score0.02269EPSS
Exploits3
0day.today
0day.today
added 2019/12/17 12:0 a.m.321 views

Metasploit Sample Linux Privilege Escalation Exploit

This Metasploit exploit module illustrates how a vulnerability could be exploited in a linux command for privilege escalation. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework This exploit sample shows how an exploit...

0.5AI score
Exploits0
0day.today
0day.today
added 2019/12/17 12:0 a.m.104 views

Linux/x64 - Reverse TCP Stager Shellcode (188 bytes)

; Title: Linux/x64 - Reverse TCP Stager Shellcode 188 bytes ; Author: Lee Mazzoleni ; Tested on: Ubuntu 18.04.2 LTS ; reverse tcp stager - download and execute up to 4096 bytes of additional payload - no null bytes in this ; this code is 188 bytes total less if you delete the exit syscall at the...

7.1AI score
Exploits0
0day.today
0day.today
added 2019/12/17 12:0 a.m.129 views

NopCommerce 4.2.0 - Privilege Escalation Vulnerability

Exploit for asp platform in category web applications Vulnerability Title: NopCommerce 4.2.0 - Privilege Escalation Author: Alessandro Magnosi d3adc0de Vendor Homepage: https://www.nopcommerce.com/ Software Link : https://www.nopcommerce.com/ Tested Version: 4.2.0 Vulnerability Type: Privilege...

7.1AI score
Exploits0
0day.today
0day.today
added 2019/12/17 12:0 a.m.229 views

Serv-U FTP Server 15.1.7 Persistent Cross Site Scripting Vulnerability

Exploit for windows platform in category web applications Issue: Serv-U FTP Server 15.1.7 Persistent Cross Site Scripting Vulnerability CVE: CVE-2019-13182 Security researcher: Richard Tan @ The Missing Link Security Product name: Serv-U FTP Server Product version: Tested on 15.1.7 Fixed in: Serv...

5.8AI score0.06397EPSS
Exploits2
0day.today
0day.today
added 2019/12/17 12:0 a.m.369 views

OpenBSD 6.x - Dynamic Loader Privilege Escalation Exploit

Local Privilege Escalation in OpenBSD's dynamic loader CVE-2019-19726 ============================================================================== Contents ============================================================================== Summary Analysis Demonstration Acknowledgments...

7.8CVSS0.7AI score0.03522EPSS
Exploits12
Total number of security vulnerabilities39001