Lucene search
K

39001 matches found

0day.today
0day.today
added 2019/12/03 12:0 a.m.462 views

SALTO ProAccess SPACE 5.5 Traversal / File Write / XSS / Bypass Vulnerabilities

SALTO ProAccess SPACE versions 5.5 and below suffer from path traversal, arbitrary file write, persistent cross site scripting, privilege escalation, and clear text transmission of sensitive data vulnerabilities. ======================================================================= title:...

0.4AI score0.03508EPSS
Exploits6
0day.today
0day.today
added 2019/12/03 12:0 a.m.251 views

Revive Adserver 4.2 - Remote Code Execution Exploit

Exploit for php platform in category web applications Exploit Title: Revive Adserver 4.2 - Remote Code Execution Google Dork: "inurl:www/delivery filetype:php" Exploit Author: crlf Vendor Homepage: https://www.revive-adserver.com/ Software Link: https://www.revive-adserver.com/download/archive/...

7.5CVSS9.2AI score0.57022EPSS
Exploits7
0day.today
0day.today
added 2019/12/03 12:0 a.m.172 views

Microsoft Windows Media Center 2002 - XML External Entity MotW Bypass Vulnerability

Exploit Title: Microsoft Windows Media Center 2002 - XML External Entity MotW Bypass Discovery by: hyp3rlinx Date: 2019-12-03 Vendor Homepage: www.microsoft.com CVE: N/A + Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source:...

7.4AI score
Exploits0
0day.today
0day.today
added 2019/12/03 12:0 a.m.203 views

Intelbras Router RF1200 1.1.3 - Cross-Site Request Forgery Vulnerability

Exploit for hardware platform in category web applications Exploit Title: Intelbras Router RF1200 1.1.3 - Cross-Site Request Forgery Exploit Author: Joas Antonio Vendor Homepage: intelbras.com.br Software Link: https://www.intelbras.com/pt-br/roteador-wireless-smart-dual-band-action-rf-1200...

0.5AI score0.09632EPSS
Exploits5
0day.today
0day.today
added 2019/12/02 12:0 a.m.121 views

Visual Studio 2008 - XML External Entity Injection Vulnerability

Exploit Title: Visual Studio 2008 - XML External Entity Injection Discovery by: hyp3rlinx Date: 2019-12-02 Vendor Homepage: www.microsoft.com Software Link: Visual Studio 2008 Express IDE Tested Version: 2008 CVE: N/A + Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source...

0.5AI score
Exploits0
0day.today
0day.today
added 2019/12/02 12:0 a.m.127 views

Anviz CrossChex 4.3.12 - Local Buffer Overflow Exploit

Exploit Title: Anviz CrossChex 4.3.12 - Local Buffer Overflow Exploit Author: Luis Catarino & Pedro Rodrigues Vendor Homepage: https://www.anviz.com/ Software Link: https://www.anviz.com/download.html Version: Crosschex Standard x86 = V4.3.12 Tested on: 4.3.8.0, 4.3.12 CVE : N/A More info:...

0.4AI score
Exploits0
0day.today
0day.today
added 2019/12/02 12:0 a.m.127 views

Max Secure Anti Virus Plus 19.0.4.020 - Insecure File Permissions Vulnerability

Exploit Title: Max Secure Anti Virus Plus 19.0.4.020 - Insecure File Permissions Discovery by: hyp3rlinx Vendor Homepage: www.maxpcsecure.com Tested Version: 19.0.4.020 CVE: N/A + Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source:...

0.2AI score
Exploits0
0day.today
0day.today
added 2019/11/30 12:0 a.m.119 views

Microsoft Excel 2016 1901 Import Error XML Injection Vulnerability

Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/MICROSOFT-EXCEL-2016-v1901-IMPORT-ERROR-EXTERNAL-ENTITY-INJECTION.txt + ISR: ApparitionSec Vendor www.microsoft.com Product Excel 2016 v1901 Microsoft Excel is a spreadsheet...

0.3AI score
Exploits0
0day.today
0day.today
added 2019/11/30 12:0 a.m.147 views

Allied Telesis AT-GS950/8 Directory Traversal Vulnerability

Exploit for hardware platform in category web applications ============================================= CVEID: CVE-2019-18922 NAME OF AFFECTED PRODUCT: Allied Telesis AT-GS950/8 until Firmware AT-S107 V.1.1.3 1.00.047 PROBLEM TYPE: Directory Traversal DESCRIPTION: A Directory Traversal in the We...

0.3AI score0.24742EPSS
Exploits2
0day.today
0day.today
added 2019/11/30 12:0 a.m.214 views

WordPress Plainview Activity Monitor 20161228 Remote Command Execution Exploit

WordPress Plainview Activity Monitor plugin is vulnerable to OS command injection which allows an attacker to remotely execute commands on the underlying system. Application passes unsafe user supplied data to ip parameter into activitiesoverview.php. Privileges are required in order to exploit...

9CVSS1.2AI score0.7699EPSS
Exploits11
0day.today
0day.today
added 2019/11/30 12:0 a.m.121 views

OwnCloud 8.1.8 Username Disclosure Vulnerability

OwnCloud version 8.1.8 suffers from a username disclosure vulnerability. OwnCloud version 8.1.8 stable are vulnerable to recovery all username login list. PoC: 1. Create an account in OwnCloud 2. Intercept connection with Burp 3. Share a file, typing anything...

7.2AI score
Exploits0
0day.today
0day.today
added 2019/11/30 12:0 a.m.191 views

Xinet Elegant 6 Asset Library Web Interface 6.1.655 SQL Injection Vulnerability

NAPC Xinet interface Elegant 6 Asset Library version 6.1.655 allows pre-authentication error-based SQL injection via the /elegant6/login LoginFormusername field when double quotes are used. + Credits: hyp3rlinx + Website: hyp3rlinx.altervista.org + Source:...

10AI score0.07941EPSS
Exploits3
0day.today
0day.today
added 2019/11/30 12:0 a.m.203 views

Carlo Gavazzi SmartHouse 6.5.33 XSS / Cross Site Request Forgery Vulnerabilities

Carlo Gavazzi SmartHouse version 6.5.33 suffers from cross site request forgery along with both reflective and persistent cross site scripting vulnerabilities. Carlo Gavazzi SmartHouse Webapp 6.5.33 CSRF/XSS Vulnerabilities Vendor: Carlo Gavazzi Automation S.p.A Product web page:...

6.9AI score
Exploits0
0day.today
0day.today
added 2019/11/29 12:0 a.m.80 views

Online Inventory Manager 3.2 - Persistent Cross-Site Scripting Vulnerability

Exploit for php platform in category web applications Exploit Title: Online Inventory Manager 3.2 - Persistent Cross-Site Scripting Exploit Author: Cemal Cihad ÇİFTÇİ Vendor Homepage: https://bigprof.com Software Link : https://bigprof.com/appgini/applications/online-inventory-manager Software :...

7.1AI score
Exploits0
0day.today
0day.today
added 2019/11/29 12:0 a.m.165 views

Bash 5.0 Patch 11 - SUID Priv Drop Exploit

Exploit Title : Bash 5.0 Patch 11 - SUID Priv Drop Exploit Original Author: Ian Pudney , Chet Ramey Exploit Author : Mohin Paramasivam Shad0wQu35t Version : pwn.c cat pwn.c include include include void attributec...

7.8CVSS0.02608EPSS
Exploits5
0day.today
0day.today
added 2019/11/29 12:0 a.m.301 views

FortiOS 6.0.6 / FortiClientWindows 6.0.6 / FortiClientMac 6.2.1 XOR Encryption Vulnerability

Fortinet products, including FortiGate and Forticlient, regularly send information to Fortinet servers using XOR "encryption" with a static key. FortiClientWindows versions 6.0.6 and below, and FortiClientMac versions 6.2.1 and below. After this advisory was released, Fortinet has confirmed that...

4.3CVSS5.6AI score0.01766EPSS
Exploits2
0day.today
0day.today
added 2019/11/29 12:0 a.m.112 views

Mersive Solstice 2.8.0 - Remote Code Execution Exploit

Exploit for hardware platform in category web applications Exploit Title: Mersive Solstice 2.8.0 - Remote Code Execution Exploit Author: Alexandre Teyar Vendor Homepage: https://www2.mersive.com/ Firmware Link: http://www.mersive.com/Support/Releases/SolsticeServer/SGE/Android/2.8.0/Solstice.apk...

0.1AI score0.1745EPSS
Exploits5
0day.today
0day.today
added 2019/11/29 12:0 a.m.321 views

Android-Gif-Drawable Double-Free Vulnerability

A double free vulnerability in the DDGifSlurp function in decoding.c in libpldroidsonroidsgif before 1.2.15, as used in WhatsApp for Android before 2.19.244, allows remote attackers to execute arbitrary code or cause a denial of service. CVE-2019-11932 is a vulnerability in the android-gif-drawab...

8.8CVSS0.6AI score0.4453EPSS
Exploits16
0day.today
0day.today
added 2019/11/29 12:0 a.m.124 views

Debian pari/gp 2.x Arbitrary File Overwrite Vulnerability

pari/gp versions 2.9.1 on Debian Stretch and 2.11 on Debian Buster allow arbitrary file write and hence arbitrary code execution. pari/gp on debian stable allow arbitrary file write pari/gp is CAS computer algebra system. pari/gp version 2.9.1 on debian stretch and 2.11 on debian buster allow...

0.9AI score
Exploits0
0day.today
0day.today
added 2019/11/29 12:0 a.m.84 views

SpotAuditor 5.3.2 - (Name) Denial of Service Exploit

Exploit Title: SpotAuditor 5.3.2 - 'Name' Denial Of Service Exploit Author : ZwX Vendor Homepage : http://www.nsauditor.com/ Link Software : http://spotauditor.nsauditor.com/downloads/spotauditorsetup.exe Tested on OS: Windows 7 Social: twitter.com/ZwX2a contact: email protected ''' Proof of...

7.4AI score
Exploits0
0day.today
0day.today
added 2019/11/29 12:0 a.m.70 views

SpotAuditor 5.3.2 - (Key) Denial of Service Exploit

Exploit Title: SpotAuditor 5.3.2 - 'Key' Denial of Service Exploit Author : ZwX Vendor Homepage : http://www.nsauditor.com/ Link Software : http://spotauditor.nsauditor.com/downloads/spotauditorsetup.exe Tested on OS: Windows 7 Social: twitter.com/ZwX2a ''' Proof of Concept PoC:...

Exploits0
0day.today
0day.today
added 2019/11/29 12:0 a.m.176 views

TexasSoft CyberPlanet 6.4.131 - (CCSrvProxy) Unquoted Service Path Vulnerability

Exploit Title: TexasSoft CyberPlanet 6.4.131 - 'CCSrvProxy' Unquoted Service Path Exploit Author: Cristian Ayala G Vendor Homepage: https://tenaxsoft.com/index.html Software Link: https://tenaxsoft.com/descargas.html Version: 6.4.131 Tested on: Windows 10 Pro x64 Step to discover the unquoted...

0.2AI score
Exploits0
0day.today
0day.today
added 2019/11/29 12:0 a.m.753 views

Xiaomi Mi Box Display Corruption Exploit

The vulnerability allows rescaling and corrupting the Xiaomi Mi Box model: MIBOX3, build.id : MHC19 display without any privilege requirement, thus creating an opportunity for a non-privilege malicious app to disable the basic functionalities that the TV box is offering or can even be used for...

0.7AI score
Exploits0
0day.today
0day.today
added 2019/11/29 12:0 a.m.196 views

Wordpress 5.3 - User Disclosure Exploit

Exploit for php platform in category web applications Exploit Title : Wordpress 5.3 - User Disclosure Author: SajjadBnd Software Link: https://wordpress.org/download/ version : wp ' vuln = url + "/wp-json/wp/v2/users/" while True: try: r = requests.getvuln,verify=False content = json.loadsr.text...

7.4AI score
Exploits0
0day.today
0day.today
added 2019/11/28 12:0 a.m.100 views

GHIA CamIP 1.2 for iOS - (Password) Denial of Service Exploit

Exploit Title: GHIA CamIP 1.2 for iOS - 'Password' Denial of Service PoC Discovery by: Ivan Marmolejo Vendor Homepage: https://apps.apple.com/mx/app/ghia-camip/id1342090963 Software Link: App Store for iOS devices Tested Version: 1.2 Vulnerability Type: Denial of Service DoS Local Tested on OS:...

7.4AI score
Exploits0
0day.today
0day.today
added 2019/11/27 12:0 a.m.70 views

Microsoft DirectX SDK 2010 - (.PIXrun) Denial Of Service Exploit

Exploit Title: Microsoft DirectX SDK 2010 - '.PIXrun' Denial Of Service PoC Exploit Author : ZwX Vendor Homepage : https://www.microsoft.com/ Link Software : https://www.microsoft.com/en-us/download/details.aspx?id=681 Tested on OS: Windows 7 Proof of Concept PoC: ======================= 1.Downlo...

7.4AI score
Exploits0
0day.today
0day.today
added 2019/11/27 12:0 a.m.80 views

SpotAuditor 5.3.2 - (Base64) Denial Of Service Exploit

Exploit Title: SpotAuditor 5.3.2 - 'Base64' Denial Of Service PoC Exploit Author : ZwX Vendor Homepage : http://www.nsauditor.com/ Link Software : http://spotauditor.nsauditor.com/downloads/spotauditorsetup.exe Tested on OS: Windows 7 ''' Proof of Concept PoC: ======================= 1.Download a...

7.4AI score
Exploits0
0day.today
0day.today
added 2019/11/27 12:0 a.m.94 views

InduSoft Web Studio 8.1 SP1 - (Atributos) Denial of Service Exploit

Exploit Title: InduSoft Web Studio 8.1 SP1 - "Atributos" Denial of Service PoC Discovery by: chuyreds Vendor Homepage: http://www.indusoft.com/ Software Link : http://www.indusoft.com/Products-Downloads Tested Version: 8.1 SP1 Vulnerability Type: Denial of Service DoS Local Tested on OS: Windows ...

7.4AI score
Exploits0
0day.today
0day.today
added 2019/11/27 12:0 a.m.163 views

ClamAV < 0.102.0 - (bytecode_vm) Code Execution Exploit

!/usr/bin/python ''' Finished : 22/07/2019 Pu8lished : 31/10/2019 Versi0n : Current ./exploit.py clambc --debug exploit SNIP $ ''' names = 'test1', 'read', 'write', 'seek', 'setvirusname', 'debugprintstr', 'debugpr...

Exploits0
0day.today
0day.today
added 2019/11/26 12:0 a.m.87 views

InTouch Machine Edition 8.1 SP1 - (Atributos) Denial of Service Exploit

Exploit Title: InTouch Machine Edition 8.1 SP1 - 'Atributos' Denial of Service PoC Discovery by: chuyreds Vendor Homepage: https://on.wonderware.com/ Software Link : https://on.wonderware.com/intouch-machine-edition Tested Version: 8.1 SP1 Vulnerability Type: Denial of Service DoS Local Tested on...

Exploits0
0day.today
0day.today
added 2019/11/26 12:0 a.m.61 views

Easy-Hide-IP 5.0.0.3 - (EasyRedirect) Unquoted Service Path Vulnerability

Exploit Title: Easy-Hide-IP 5.0.0.3 - 'EasyRedirect' Unquoted Service Path Exploit Author: Rene Cortes S Vendor Homepage: https://easy-hide-ip.com Software Link: https://easy-hide-ip.com Version: 5.0.0.3 Tested on: Windows 7 Professional Service Pack 1 Step to discover the unquoted Service:...

0.3AI score
Exploits0
0day.today
0day.today
added 2019/11/26 12:0 a.m.278 views

Microsoft Windows AppXsvc Deployment Extension - Privilege Escalation Vulnerability

Exploit Title: Microsoft Windows AppXsvc Deployment Extension - Privilege Escalation Exploit Author: Abdelhamid Naceri Vendor Homepage: www.microsoft.com Tested on: Windows 10 1903 CVE : CVE-2019-1385 Windows: "AppX Deployment Service" AppXSVC elevation of privilege vulnerability Class: Local...

7.8CVSS0.8AI score0.03595EPSS
Exploits4
0day.today
0day.today
added 2019/11/25 12:0 a.m.185 views

VMware WorkStation 12.5.5 - Virtual Machine Escape Exploit

VMware Escape Exploit VMware Escape Exploit before VMware WorkStation 12.5.5 Host Target: Win10 x64 Compiler: VS2013 Test on VMware 12.5.2 build-4638234 Known issues Failing to heap manipulation causes host process crash. Not quite elaborate because I'm not good at doing heap "fengshui" on winows...

9.9CVSS0.6AI score0.1994EPSS
Exploits5
0day.today
0day.today
added 2019/11/25 12:0 a.m.168 views

Waves MaxxAudio Drivers 1.1.6.0 - (WavesSysSvc64) Unquoted Service Path Vulnerability

Exploit Title: Waves MaxxAudio Drivers 1.1.6.0 - 'WavesSysSvc64' Unquoted Service Path Discovery by: Luis Martinez Vendor Homepage: https://www.dell.com/ Software Link : https://www.dell.com/support/home/mx/es/mxbsdt1/drivers/driversdetails?driverid=vwpkk Tested Version: 1.1.6.0 Vulnerability Typ...

0.8AI score
Exploits0
0day.today
0day.today
added 2019/11/25 12:0 a.m.182 views

Jalios JCMS 10 Backdoor Account / Authentication Bypass Vulnerabilities

Jalios JCMS 10 allows attackers to access any part of the website and the WebDAV server with administrative privileges via a backdoor account using any username and a specific password. Jalios JCMS 10 Backdoor Account / Authentication Bypass Vulnerabilities I. VULNERABILITY...

1.5AI score0.03347EPSS
Exploits3
0day.today
0day.today
added 2019/11/25 12:0 a.m.322 views

VMware WorkStation 12.5.3 - Virtual Machine Escape Exploit

VMware Escape Exploit VMware Escape Exploit before VMware WorkStation 12.5.3 Host Target: Win10 x64 Compiler: VS2013 Test on VMware 12.5.2 build-4638234 Known issues Failing to heap manipulation causes host process crash. About 50% successful rate Not quite elaborate because I'm not good at doing...

9.9CVSS0.6AI score0.1994EPSS
Exploits6
0day.today
0day.today
added 2019/11/24 12:0 a.m.61 views

SMPlayer 19.5.0 - Denial of Service Exploit

Title : SMPlayer 19.5.0 - Denial of Service PoC Tested on : Windows 7 64 bit Vulnerable Software: SMPlayer v 19.5.0 Exploit Author: Malav Vyas Vendor Homepage: https://smplayer.info Version : 19.5.0 Software Link : https://smplayer.info/en/downloads POC run this python file, which will generate...

0.1AI score
Exploits0
0day.today
0day.today
added 2019/11/22 12:0 a.m.160 views

GNU Mailutils 3.7 - Privilege Escalation Exploit

Exploit Title: GNU Mailutils 3.7 - Local Privilege Escalation Date: 2019-11-06 Exploit Author: Mike Gualtieri Vendor Homepage: https://mailutils.org/ Software Link: https://ftp.gnu.org/gnu/mailutils/mailutils-3.7.tar.gz Version: 2.0 = 3.7 Tested on: Gentoo CVE : CVE-2019-18862 Title : GNU Mailuti...

7.8CVSS0.4AI score0.01135EPSS
Exploits5
0day.today
0day.today
added 2019/11/22 12:0 a.m.114 views

Internet Explorer - Use-After-Free in JScript Arguments During toJSON Callback Exploit

There is a use-after-free issue in JSCript triggerable via Internet Explorer where the members of the 'arguments' object aren't tracked by the garbage collector during the 'toJSON' callback. Thus, during the 'toJSON' callback, it is possible to assign a variable to the 'arguments' object, have it...

7.5CVSS7.7AI score0.72626EPSS
Exploits3
0day.today
0day.today
added 2019/11/22 12:0 a.m.144 views

macOS 10.14.6 - root->kernel Privilege Escalation via update_dyld_shared_cache Exploit

Tested on macOS Mojave 10.14.6, 18G87 and Catalina Beta 10.15 Beta 19A536g. On macOS, the dyld shared cache in /private/var/db/dyld/ is generated locally on the system and therefore doesn't have a real code signature; instead, SIP seems to be the only mechanism that prevents modifications of the...

0.8AI score
Exploits0
0day.today
0day.today
added 2019/11/22 12:0 a.m.195 views

ProShow Producer 9.0.3797 - (ScsiAccess) Unquoted Service Path Vulnerability

Exploit Title: ProShow Producer 9.0.3797 - 'ScsiAccess' Unquoted Service Path Exploit Author : ZwX Exploit Date: 2019-11-21 Vendor Homepage : http://www.photodex.com/ Link Software : http://files.photodex.com/release/pspro903797.exe Tested on OS: Windows 7 Analyze PoC : ==============...

0.2AI score
Exploits0
0day.today
0day.today
added 2019/11/22 12:0 a.m.74 views

LiteManager 4.5.0 - Insecure File Permissions Exploit

Exploit Title: LiteManager 4.5.0 - Insecure File Permissions Exploit Author: ZwX Exploit Date: 2019-11-21 Vendor Homepage : LiteManager Team Software Link: http://html.tucows.com/preview/1594042/LiteManager-Free?q=remote+support Tested on OS: Windows 7 Proof of Concept PoC:...

7.4AI score
Exploits0
0day.today
0day.today
added 2019/11/21 12:0 a.m.1574 views

Network Management Card 6.2.0 - Host Header Injection Vulnerability

Exploit for hardware platform in category web applications Exploit Title: Network Management Card 6.2.0 - Host Header Injection Exploit Author: Amal E Thamban,Kamal Paul Vendor Homepage: https://www.apc.com/in/en/ Software Link: https://www.apc.com/shop/in/en/products/Network-Management-Card...

7.1AI score
Exploits0
0day.today
0day.today
added 2019/11/20 12:0 a.m.938 views

OpenNetAdmin 18.1.1 - Remote Code Execution Exploit

Exploit for php platform in category web applications Exploit Title: OpenNetAdmin v18.1.1 RCE Exploit Author: mattpascoe Vendor Homepage: http://opennetadmin.com/ Software Link: https://github.com/opennetadmin/ona Version: v18.1.1 Tested on: Linux !/bin/bash URL="$1" while true;do echo -n "$ ";...

0.1AI score
Exploits0
0day.today
0day.today
added 2019/11/20 12:0 a.m.143 views

Ubuntu 19.10 - Refcount Underflow and Type Confusion in shiftfs Exploit

Tested on Ubuntu 19.10, kernel "5.3.0-19-generic 20-Ubuntu". Ubuntu ships a filesystem "shiftfs" in fs/shiftfs.c in the kernel tree that doesn't exist upstream. This filesystem can be mounted from user namespaces, meaning that this is attack surface from unprivileged userspace in the default...

8.8CVSS8.2AI score0.01317EPSS
Exploits2
0day.today
0day.today
added 2019/11/20 12:0 a.m.203 views

Ubuntu 19.10 - ubuntu-aufs-modified mmap_region() Breaks Refcounting in overlayfs/shiftfs Error Path

Tested on 19.10. Ubuntu's aufs kernel patch includes the following change which I interestingly can't see in the AUFS code at https://github.com/sfjro/aufs5-linux/blob/master/mm/mmap.c: ================================================================== +define vmafputvma vmadofputvma, func, LINE...

7.1CVSS7.4AI score0.01158EPSS
Exploits2
0day.today
0day.today
added 2019/11/20 12:0 a.m.86 views

iOS 12.4 - Sandbox Escape due to Integer Overflow in mediaserverd Exploit

mediaserverd has various media parsing responsibilities; its reachable from various sandboxes and is able to talk to interesting kernel drivers so is a valid target in an exploit chain. One of the services it vends is com.apple.audio.AudioFileServer, a fairly simple XPC service which will parse...

Exploits0
0day.today
0day.today
added 2019/11/20 12:0 a.m.3234 views

WordPress Core 5.2.3 - Viewing Unauthenticated/Password/Private Posts Vulnerability

Exploit for multiple platform in category web applications WordPress Core 5.2.3 - Viewing Unauthenticated/Password/Private Posts So far we know that adding ?static=1 to a wordpress URL should leak its secret content Here are a few ways to manipulate the returned entries: - order with asc or desc ...

5CVSS0.6AI score0.36503EPSS
Exploits2
0day.today
0day.today
added 2019/11/20 12:0 a.m.245 views

Bludit - Directory Traversal Image File Upload Exploit

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "Bludit Directory Traversal Image File Upload Vulnerability", 'Description' = %q This module exploits a vulnerability in Bludit. A remote user cou...

8.8CVSS8.7AI score0.77962EPSS
Exploits16
0day.today
0day.today
added 2019/11/19 12:0 a.m.74 views

Centova Cast 3.2.12 - Denial of Service Exploit

Exploit Title: Centova Cast 3.2.12 - Denial of Service PoC Exploit Author: DroidU Vendor Homepage: https://centova.com Affected Version: =v3.2.12 Tested on: Debian 9, CentOS 7 =============================================== The Centova Cast becomes out of control and causes 100% CPU load on all...

7.4AI score
Exploits0
Total number of security vulnerabilities39001