Lucene search
K

39001 matches found

0day.today
0day.today
added 2019/10/15 12:0 a.m.69 views

Podman & Varlink 1.5.1 - Remote Code Execution Exploit

Exploit Title: Podman & Varlink 1.5.1 - Remote Code Execution Exploit Author: Jeremy Brown Date: 2019-10-15 Vendor Homepage: https://podman.io/ Software Link: dnf install podman or https://github.com/containers/libpod/releases Version: 1.5.1 Tested on: Fedora Server 30 !/usr/bin/python -- coding:...

7.4AI score
Exploits0
0day.today
0day.today
added 2019/10/15 12:0 a.m.101 views

Ajenti 2.1.31 - Remote Code Execution Exploit

Exploit for python platform in category web applications Title: Ajenti 2.1.31 - Remote Code Execution Author: Jeremy Brown Software Link: https://github.com/ajenti/ajenti CVE: N/A Tested on: Ubuntu Linux !/usr/bin/python ajentix.py Ajenti Remote Command Execution Exploit ------- Details -------...

7.4AI score
Exploits0
0day.today
0day.today
added 2019/10/14 12:0 a.m.128 views

Uplay 92.0.0.6280 - Local Privilege Escalation Vulnerability

Exploit Title: Uplay 92.0.0.6280 - Local Privilege Escalation Exploit Author: Kusol Watchara-Apanukorn, Pongtorn Angsuchotmetee, Manich Koomsusi Vendor Homepage: https://uplay.ubisoft.com/ Version: 92.0.0.6280 Tested on: Windows 10 x64 CVE : N/A Vulnerability Description: "C:\Program Files...

7.8CVSS0.4AI score0.01663EPSS
Exploits2
0day.today
0day.today
added 2019/10/14 12:0 a.m.47 views

SpotAuditor 5.3.1.0 - Denial of Service Exploit

Exploit Title: SpotAuditor 5.3.1.0 - Denial of Service Author: Sanjana Shetty Version: SpotAuditor 5.3.1.0 Vendor Homepage: http://www.nsauditor.com Software link: http://spotauditor.nsauditor.com/ Steps 1 Install the SpotAuditor software 2 Access the register functionality 3 In the name field...

7.4AI score
Exploits0
0day.today
0day.today
added 2019/10/14 12:0 a.m.160 views

ActiveFax Server 6.92 Build 0316 - (POP3 Server) Denial of Service Exploit

Exploit Title: ActiveFax Server 6.92 Build 0316 - 'POP3 Server' Denial of Service Vendor Homepage: https://www.actfax.com/ Software Link : https://www.actfax.com/download/actfaxsetupx64ge.exe Exploit Author: Achilles Tested Version: 6.92 Tested on: Windows 7 x64 Vulnerability Type: Denial of...

Exploits0
0day.today
0day.today
added 2019/10/14 12:0 a.m.70 views

Express Invoice 7.12 - (Customer) Persistent Cross-Site Scripting Vulnerability

Exploit for php platform in category web applications Exploit Title: Express Invoice 7.12 - 'Customer' Persistent Cross-Site Scripting Exploit Author: Debashis Pal Vendor Homepage: https://www.nchsoftware.com/ Source: https://www.nchsoftware.com/invoice/index.html Version: Express Invoice v7.12 C...

7.1AI score
Exploits0
0day.today
0day.today
added 2019/10/14 12:0 a.m.106 views

Kirona-DRS 5.5.3.5 - Information Disclosure Vulnerability

Exploit for php platform in category web applications Exploit Title: Kirona-DRS 5.5.3.5 - Information Disclosure Shodan Search: /opt-portal/pages/login.xhtml Exploit Author: Ramikan Vendor Homepage: https://www.kirona.com/products/dynamic-resource-scheduler/ Affected Version: DRS 5.5.3.5 may be...

5CVSS0.49236EPSS
Exploits6
0day.today
0day.today
added 2019/10/11 12:0 a.m.76 views

Intelbras Router WRN150 1.0.18 - Persistent Cross-Site Scripting Vulnerability

Exploit for hardware platform in category web applications Exploit Title: Intelbras Router WRN150 1.0.18 - Persistent Cross-Site Scripting Exploit Author: Prof. Joas Antonio Vendor Homepage: https://www.intelbras.com/pt-br/ Software Link: http://en.intelbras.com.br/node/25896 Version: 1.0.18 Test...

7.4AI score
Exploits0
0day.today
0day.today
added 2019/10/11 12:0 a.m.69 views

National Instruments Circuit Design Suite 14.0 - Local Privilege Escalation Vulnerability

Exploit Title: National Instruments Circuit Design Suite 14.0 - Local Privilege Escalation Exploit Author: Ivan Marmolejo Vendor Homepage: http://www.ni.com/en-us.html Software Link: https://www.ni.com/en-us/shop/select/circuit-design-suite Version: 14.0 Vulnerability Type: Local Tested on: Windo...

0.3AI score
Exploits0
0day.today
0day.today
added 2019/10/11 12:0 a.m.80 views

WordPress Arforms 3.7.1 - Directory Traversal Exploit

Exploit for php platform in category web applications Exploit Title: WordPress Arforms 3.7.1 - Directory Traversal Exploit Author: Ahmad Almorabea Updated version of the exploit can be found always at : http://almorabea.net/cve-2019-16902.txt Software Link:...

7.1AI score0.09726EPSS
Exploits5
0day.today
0day.today
added 2019/10/10 12:0 a.m.100 views

Windows Kernel - Out-of-Bounds Read in nt!MiRelocateImage While Parsing Malformed PE File Exploit

We have encountered a Windows kernel crash in memcpy called by nt!MiRelocateImage while trying to load a malformed PE image into the process address space as a data file i.e. LoadLibraryExLOADLIBRARYASDATAFILE | LOADLIBRARYASIMAGERESOURCE. An example crash log generated after triggering the bug i...

6.5CVSS7.6AI score0.13988EPSS
Exploits1
0day.today
0day.today
added 2019/10/10 12:0 a.m.54 views

Linux/x86 - Add User to /etc/passwd Shellcode (59 bytes)

Exploit Title: Linux/x86 - Add User to /etc/passwd Shellcode 59 bytes Exploit Author: sagar.offsec VL43CK Guided by: Touhid M.Shaikh Designation: Security Consultant at SecureLayer7 Website: https://www.sagaroffsec.com Tested on: Ubuntu i386 GNU/LINUX Shellcode Length: 59...

Exploits0
0day.today
0day.today
added 2019/10/10 12:0 a.m.110 views

Windows Kernel - Out-of-Bounds Read in CI!HashKComputeFirstPageHash While Parsing Malformed PE File

We have encountered a Windows kernel crash in CI!HashKComputeFirstPageHash while trying to load a malformed PE image into the process address space as a data file i.e. LoadLibraryExLOADLIBRARYASDATAFILE | LOADLIBRARYASIMAGERESOURCE. An example crash log generated after triggering the bug is shown...

6.5CVSS8.1AI score0.10221EPSS
Exploits1
0day.today
0day.today
added 2019/10/10 12:0 a.m.246 views

Windows Kernel - Out-of-Bounds Read in CI!CipFixImageType While Parsing Malformed PE File

We have encountered a Windows kernel crash in CI!CipFixImageType while trying to load a malformed PE image into the process address space as a data file i.e. LoadLibraryExLOADLIBRARYASDATAFILE | LOADLIBRARYASIMAGERESOURCE. An example crash log generated after triggering the bug is shown below: --...

5.5CVSS0.1AI score0.02863EPSS
Exploits1
0day.today
0day.today
added 2019/10/10 12:0 a.m.97 views

SMA Solar Technology AG Sunny WebBox device - 1.6 - Cross-Site Request Forgery Vulnerability

Exploit for hardware platform in category web applications Exploit Title: SMA Solar Technology AG Sunny WebBox device - 1.6 - Cross-Site Request Forgery Exploit Author: Borja Merino and Eduardo Villaverde Vendor Homepage: https://www.sma.de Version: Firmware Version 1.6 and prior Tested on: Sunny...

6.8CVSS8.6AI score0.0223EPSS
Exploits4
0day.today
0day.today
added 2019/10/10 12:0 a.m.118 views

ASX to MP3 converter 3.1.3.7 - (.asx) Local Stack Overflow (DEP Bypass) Exploit

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class MetasploitModule "ASX to MP3 converter 3.1.3.7 - '.asx' Local Stack Overflow DEP", 'Description' = %q This module exploits a stack buffer overfl...

0.1AI score0.05457EPSS
Exploits8
0day.today
0day.today
added 2019/10/10 12:0 a.m.148 views

Windows Kernel - Out-of-Bounds Read in nt!MiParseImageLoadConfig While Parsing Malformed PE File

We have encountered a Windows kernel crash in memcpy called by nt!MiParseImageLoadConfig while trying to load a malformed PE image into the process address space as a data file i.e. LoadLibraryExLOADLIBRARYASDATAFILE | LOADLIBRARYASIMAGERESOURCE. An example crash log generated after triggering th...

5.5CVSS7.3AI score0.02834EPSS
Exploits1
0day.today
0day.today
added 2019/10/10 12:0 a.m.139 views

TP-Link TL-WR1043ND 2 - Authentication Bypass Exploit

Exploit for hardware platform in category web applications Exploit Title: TP-Link TL-WR1043ND 2 - Authentication Bypass Exploit Author: Uriel Kosayev Vendor Homepage: https://www.tp-link.com Version: TL-WR1043ND V2 Tested on: TL-WR1043ND V2 CVE : CVE-2019-6971 CVE Link:...

10CVSS9.2AI score0.13711EPSS
Exploits5
0day.today
0day.today
added 2019/10/10 12:0 a.m.103 views

Windows Kernel - NULL Pointer Dereference in nt!MiOffsetToProtos While Parsing Malformed PE File

We have encountered a Windows kernel crash in nt!MiOffsetToProtos while trying to load a malformed PE image into the process address space as a data file i.e. LoadLibraryExLOADLIBRARYASDATAFILE | LOADLIBRARYASIMAGERESOURCE. An example crash log generated after triggering the bug is shown below: -...

6.5CVSS0.1AI score0.10221EPSS
Exploits1
0day.today
0day.today
added 2019/10/10 12:0 a.m.128 views

Windows Kernel - win32k.sys TTF Font Processing Pool Corruption in win32k!ulClearTypeFilter Exploit

We have encountered a Windows kernel crash in the win32k.sys driver while processing a corrupted TTF font file. An example crash log excerpt generated after triggering the bug is shown below: --- cut --- Fatal System Error: 0x00000050...

7.8CVSS0.6AI score0.02685EPSS
Exploits1
0day.today
0day.today
added 2019/10/09 12:0 a.m.60 views

Foscam Video Management System 1.1.6.6 - (UID) Denial of Service Exploit

Exploit Title: Foscam Video Management System 1.1.6.6 - 'UID' Denial of Service PoC Author: Alessandro Magnosi Vendor Homepage: https://www.foscam.com/ Software Link : https://www.foscam.com/downloads/appsoftware.html?id=5 Tested Version: 1.1.6.6 Vulnerability Type: Denial of Service DoS Local...

Exploits0
0day.today
0day.today
added 2019/10/09 12:0 a.m.87 views

DeviceViewer 3.12.0.1 - (add user) Local Buffer Overflow (DEP Bypass) Exploit

Exploit Title: Sricam DeviceViewer 3.12.0.1 - 'add user' Local Buffer Overflow DEP Bypass Date: 08/10/2019 Exploit Author: Alessandro Magnosi Vendor Homepage: http://www.sricam.com/ Software Link: http://download.sricam.com/Manual/DeviceViewer.exe Version: v3.12.0.1 Exploit type: Local Tested on:...

7.4AI score
Exploits0
0day.today
0day.today
added 2019/10/09 12:0 a.m.119 views

XNU - Remote Double-Free via Data Race in IPComp Input Path Exploit

=== Summary === This report describes a bug in the XNU implementation of the IPComp protocol https://tools.ietf.org/html/rfc3173. This bug can be remotely triggered by an attacker who is able to send traffic to a macOS system iOS AFAIK isn't affected over two network interfaces at the same time...

7.8CVSS0.7AI score0.01288EPSS
Exploits1
0day.today
0day.today
added 2019/10/07 12:0 a.m.390 views

logrotten 3.15.1 - Privilege Escalation Exploit

Exploit Title: logrotten 3.15.1 - Privilege Escalation Exploit Author: Wolfgang Hotwagner Vendor Homepage: https://github.com/logrotate/logrotate Software Link: https://github.com/logrotate/logrotate/releases/tag/3.15.1 Version: all versions through 3.15.1 Tested on: Debian GNU/Linux 9.5 stretch...

0.6AI score
Exploits0
0day.today
0day.today
added 2019/10/07 12:0 a.m.96 views

Zabbix 4.2 - Authentication Bypass Vulnerability

Exploit for php platform in category web applications Exploit Title: Zabbix 4.2 - Authentication Bypass Date: 2019-10-06 Exploit Author: Milad Khoshdel Software Link: https://www.zabbix.com/download Version: Zabbix 2.x , 3.x , 4.x Tested on latest version Zabbix 4.2 Tested on: Linux Apache/2...

7.1AI score
Exploits0
0day.today
0day.today
added 2019/10/07 12:0 a.m.65 views

Tellion TE01-005H HomeHub Router Remote Configuration Disclosure Exploit

!/usr/bin/perl -w Tellion TE01-005H HomeHub Router Remote Configuration Disclosure Copyright 2019 c Todor Donev Disclaimer: This or previous programs are for Educational purpose ONLY. Do not use it without permission. The usual disclaimer applies, especially the fact that Todor Donev is not liabl...

0.2AI score
Exploits0
0day.today
0day.today
added 2019/10/07 12:0 a.m.149 views

Linux/ARM - Fork Bomb Shellcode (20 bytes)

Title: Linux/ARM - Fork Bomb Shellcode 20 bytes Category: Shellcode Tested: armv7l 32-bitRaspberry Pi 2 Model B OS: Raspbian Buster Lite Author: CJHackerz Description: This shellcode creates new processes in infinite loop to exhaust CPU resources leading to crash / Compilation instruction...

7.4AI score
Exploits0
0day.today
0day.today
added 2019/10/07 12:0 a.m.119 views

Hisilicon Hi3518 HD Camera Remote Configuration Disclosure Exploit

!/usr/bin/perl -w Hisilicon Hi3518 HD Camera Remote Configuration Disclosure Copyright 2019 c Todor Donev Disclaimer: This or previous programs are for Educational purpose ONLY. Do not use it without permission. The usual disclaimer applies, especially the fact that Todor Donev is not liable for...

7.4AI score
Exploits0
0day.today
0day.today
added 2019/10/07 12:0 a.m.75 views

Microsoft Windows Silent Process Exit Persistence Exploit

This Metasploit module uploads a payload and declares that it is the debug process to launch when a specified process exits. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core/post/file' require...

0.1AI score
Exploits0
0day.today
0day.today
added 2019/10/07 12:0 a.m.104 views

Zabbix 4.4 Authentication Bypass Exploit

Exploit for php platform in category web applications !/usr/bin/perl -w Zabbix Zabbix Initializing the browser Referer = User-Agent = Opera/9.61 Macintosh; Intel Mac OS X; U; de Presto/2.1.1 Content-Type = application/x-www-form-urlencoded no-store, no-cache, must-revalidate close Mon, 07 Oct 201...

7.1AI score
Exploits0
0day.today
0day.today
added 2019/10/07 12:0 a.m.160 views

Joomla 3.4.6 - (configuration.php) Remote Code Execution Exploit

Exploit for php platform in category web applications Exploit Title: Joomla 3.4.6 - 'configuration.php' Remote Code Execution Google Dork: N/A Date: 2019-10-02 Exploit Author: Alessandro Groppo @Hacktive Security Vendor Homepage: https//www.joomla.it/ Software Link:...

7.1AI score
Exploits0
0day.today
0day.today
added 2019/10/07 12:0 a.m.88 views

vBulletin 5.0 < 5.5.4 - (updateAvatar) Authenticated Remote Code Execution Exploit

Exploit for php platform in category web applications ?php / --------------------------------------------------------------------- vBulletin = 5.5.4 updateAvatar Remote Code Execution Vulnerability --------------------------------------------------------------------- author..............: Egidio...

6.8CVSS0.1178EPSS
Exploits4
0day.today
0day.today
added 2019/10/07 12:0 a.m.203 views

Linux/x86 - NOT + XOR-N + Random Encoded /bin/sh Shellcode (132 bytes)

Date: 4th October 2019 Shellcode Author: @bolonobolo - https://bolonobolo.github.io Tested on: Linux x86 execve.asm global start section .text start: ; put NULL bytes in the stack xor eax, eax push eax //bin/sh push 0x68732f6e push 0x69622f2f mov ebx, esp ; push NULL in the EDX position push eax...

7.1AI score
Exploits0
0day.today
0day.today
added 2019/10/07 12:0 a.m.144 views

freeFTP 1.0.8 - Remote Buffer Overflow Exploit

Exploit Title: freeFTP 1.0.8 - Remote Buffer Overflow Author: Chet Manly Software Link: https://download.cnet.com/FreeFTP/3000-21604-10047242.html Version: 1.0.8 CVE: N/A from ftplib import FTP buf = "" buf += "\x89\xe1\xdb\xdf\xd9\x71\xf4\x5e\x56\x59\x49\x49\x49" buf +=...

0.2AI score
Exploits0
0day.today
0day.today
added 2019/10/07 12:0 a.m.225 views

CheckPoint Endpoint Security Client/ZoneAlarm 15.4.062.17802 - Privilege Escalation Vulnerability

Exploit Title: CheckPoint Endpoint Security Client/ZoneAlarm 15.4.062.17802 - Privilege Escalation Exploit Author: Jakub Palaczynski Vendor Homepage: https://www.checkpoint.com/ Version: Check Point Endpoint Security VPN = E80.87 Build 986009514 Version: Check Point ZoneAlarm = 15.4.062.17802 CVE...

7.8CVSS0.5AI score0.01038EPSS
Exploits5
0day.today
0day.today
added 2019/10/07 12:0 a.m.122 views

GitLab Omnibus 12.2.1 Logrotate Privilege Escalation Vulnerability

Gitlab Omnibus versions 7.4 through 12.2.1 suffer from a privilege escalation vulnerability that leverages a race condition in logrotate, resulting in a root shell. Privilege Escalation via Logrotate in Gitlab Omnibus Overview Target: GitLab Omnibus Vendor: GitLab Version: 7.4 through 12.2.1 Fixe...

9.8CVSS1AI score0.03073EPSS
Exploits3
0day.today
0day.today
added 2019/10/07 12:0 a.m.156 views

Tellion HN-2204AP Router Remote Configuration Disclosure Exploit

!/usr/bin/perl -w Tellion HN-2204AP Router Remote Configuration Disclosure Exploit Copyright 2019 c Todor Donev Disclaimer: This or previous programs are for Educational purpose ONLY. Do not use it without permission. The usual disclaimer applies, especially the fact that Todor Donev is not liabl...

0.3AI score
Exploits0
0day.today
0day.today
added 2019/10/07 12:0 a.m.57 views

IBM Bigfix Platform 9.5.9.62 - Arbitrary File Upload Vulnerability

Exploit for java platform in category web applications Exploit Title: IBM Bigfix Platform 9.5.9.62 - Arbitrary File Upload Exploit Authors: Jakub Palaczynski Vendor Homepage: https://www.ibm.com/ Version: IBM Bigfix Platform Software Add Software" menu. Here user needs to choose upload via URL...

9CVSS9.2AI score0.14106EPSS
Exploits4
0day.today
0day.today
added 2019/10/07 12:0 a.m.191 views

ASX to MP3 converter 3.1.3.7 - (.asx) Local Stack Overflow (DEP) Exploit

Exploit Title: ASX to MP3 converter 3.1.3.7 - '.asx' Local Stack Overflow DEP Exploit Author: max7253 Vendor Homepage: http://www.mini-stream.net/ Software Link: https://www.exploit-db.com/apps/f4da5b43ca4b035aae55dfa68daa67c9-ASXtoMP3Converter.exe Version: 3.1.3.7.2010.11.05 Tested on: Microsoft...

Exploits0
0day.today
0day.today
added 2019/10/07 12:0 a.m.100 views

Subrion 4.2.1 - (Email) Persistant Cross-Site Scripting Vulnerability

Exploit for php platform in category web applications Title: Subrion 4.2.1 - 'Email' Persistant Cross-Site Scripting Author: Min Ko Ko Creatigon Vendor Homepage: https://subrion.org/ CVE : https://nvd.nist.gov/vuln/detail/CVE-2019-17225 Website : https://l33thacker.com Description : Allows XSS vi...

3.5CVSS5.6AI score0.01938EPSS
Exploits5
0day.today
0day.today
added 2019/10/04 12:0 a.m.65 views

PHP 7.0 < 7.3 (Unix) - (gc) Disable Functions Bypass Exploit

Exploit for php platform in category web applications = 0; $j-- $address = 8; return $out; function write&$str, $p, $v, $n = 8 $i = 0; for$i = 0; $i = 8; function leak$addr, $p = 0, $s = 8 global $abc, $helper; write$abc, 0x68, $addr + $p - 0x10; $leak = strlen$helper-a; if$s != 8 $leak %= 2 $s 8...

Exploits0
0day.today
0day.today
added 2019/10/04 12:0 a.m.106 views

DameWare Remote Support 12.1.0.34 - Buffer Overflow (SEH) Exploit

!/usr/bin/env python Author: Xavi Beltran Contact: email protected Exploit Development: https://xavibel.com/2019/08/31/seh-based-local-buffer-overflow-dameware-remote-support-v-12-1-0-34/ Date: 14/7/2019 Description: SEH based Buffer Overflow DameWare Remote Support V. 12.1.0.34 Tools Computer...

0.1AI score
Exploits0
0day.today
0day.today
added 2019/10/04 12:0 a.m.301 views

Android - Binder Driver Use-After-Free Exploit

The following issue exists in the android-msm-wahoo-4.4-pie branch of https://android.googlesource.com/kernel/msm and possibly others: There is a use-after-free of the wait member in the binderthread struct in the binder driver at /drivers/android/binder.c. As described in the upstream commit:...

7.8CVSS0.2AI score0.72105EPSS
Exploits27
0day.today
0day.today
added 2019/10/04 12:0 a.m.68 views

mintinstall 7.9.9 - Code Execution Exploit

Exploit for linux platform in category web applications Exploit Title: mintinstall aka Software Manager object injection Exploit Author: Andhrimnirr Vendor Homepage: https://www.linuxmint.com/ Software Link: mintinstall aka Software Manager Version: 7.9.9 Tested on: Linux Mint CVE : CVE-2019-1708...

6.8CVSS0.08204EPSS
Exploits5
0day.today
0day.today
added 2019/10/04 12:0 a.m.55 views

LabCollector 5.423 - SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: LabCollector Laboratory Information System 5.423 - Multiples SQL Injection Software Links/Project: https://www.labcollector.com/clientarea/downloads.php Version: LabCollector Laboratory Information System 5.423 Exploit Author:...

7.1AI score
Exploits0
0day.today
0day.today
added 2019/10/04 12:0 a.m.428 views

DOUBLEPULSAR - Payload Execution and Neutralization Exploit

This Metasploit module executes a Metasploit payload against the Equation Group's DOUBLEPULSAR implant for SMB as popularly deployed by ETERNALBLUE. While this module primarily performs code execution against the implant, the "Neutralize implant" target allows you to disable the implant. This...

9.3CVSS8.2AI score0.99693EPSS
Exploits93
0day.today
0day.today
added 2019/10/03 12:0 a.m.71 views

AnchorCMS < 0.12.3a - Information Disclosure Exploit

Exploit for multiple platform in category web applications Exploit Title: Information disclosure MySQL password in error log Exploit Author: Tijme Gommers https://twitter.com/finnwea/ Vendor Homepage: https://anchorcms.com/ Software Link: https://github.com/anchorcms/anchor-cms/releases Version:...

5CVSS9.6AI score0.72272EPSS
Exploits4
0day.today
0day.today
added 2019/10/02 12:0 a.m.89 views

Detrix EDMS 1.2.3.1505 - SQL Injection Vulnerability

Exploit for php platform in category web applications !/usr/bin/php / Exploit Title: Detrix EDMS cleartext user password remote SQLI exploit Google Dork: Date: Jul 2019 Exploit Author: Burov Konstantin Vendor Homepage: forum.detrix.kz Software Link:...

7.1AI score
Exploits0
0day.today
0day.today
added 2019/10/02 12:0 a.m.149 views

vBulletin 5.0 < 5.5.4 - Unauthenticated Remote Code Execution Exploit

Exploit for php platform in category web applications !/usr/bin/python vBulletin 5.x 0day pre-auth RCE exploit This should work on all versions from 5.0.0 till 5.5.4 Google Dorks: - site:.vbulletin.net - "Powered by vBulletin Version 5.5.4" import requests import sys if lensys.argv != 2:...

0.3AI score
Exploits0
0day.today
0day.today
added 2019/10/02 12:0 a.m.64 views

PHP 7.1 < 7.3 - (json serializer) Disable Functions Bypass Exploit

Exploit for multiple platform in category web applications = 8; public function str2ptr&$str, $p = 0, $s = 8 $address = 0; for$j = $s-1; $j = 0; $j-- $address = 8; return $out; unable to leak ro segments public function leak1$addr global $spl1; $this-write$this-abc, 8, $addr - 0x10; return...

7.1AI score
Exploits0
Total number of security vulnerabilities39001