Lucene search
K

39001 matches found

0day.today
0day.today
added 2019/06/11 12:0 a.m.271 views

Liferay Portal 7.1 CE GA=3 / SimpleCaptcha API - Cross-Site Scripting Vulnerability

Exploit for jsp platform in category web applications Exploit Title: Liferay Portal ” / or ” /. A customized Liferay portlet which directly calls the Simple Captcha API without sanitizing the input could be susceptible to this vulnerability. Poc In a sample scenario of custom code calling the ” /...

2.6CVSS0.2AI score0.02283EPSS
Exploits4
0day.today
0day.today
added 2019/06/11 12:0 a.m.212 views

Webmin 1.910 - (Package Updates) Remote Command Execution Exploit

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Webmin %q This module exploits an arbitrary command execution vulnerability in Webmin 1.910 and lower versions. Any user authorized to the "Packa...

0.7AI score
Exploits0
0day.today
0day.today
added 2019/06/11 12:0 a.m.228 views

ProShow 9.0.3797 - Local Privilege Escalation Exploit

Exploit for windows platform in category local exploits !/usr/bin/python coding:utf-8 Exploit Title: ProShow v9.0.3797 Local Exploit Exploit Author: @YonatanCorrea website with details: https://risataim.blogspot.com/2019/06/exploit-local-para-proshow.html Vendor Homepage:...

0.04452EPSS
Exploits3
0day.today
0day.today
added 2019/06/11 12:0 a.m.83 views

Linux/x86_64 - Bind (4444/TCP) Shell (/bin/sh) Shellcode (104 bytes)

;Title: Linux/x8664 - Bind 4444/TCP Shell /bin/sh 104 bytes ;Author: Aron Mihaljevic ;Architecture: Linux x8664 ;Shellcode Length: 104 bytes ;github = https://github.com/STARRBOY ;test shellcode = after you run the shellcode, open another terminal and run "netcat -vv 0.0.0.0 4444"...

7.4AI score
Exploits0
0day.today
0day.today
added 2019/06/11 12:0 a.m.172 views

WordPress Insert or Embed Articulate Content Plugin - Remote Code Execution Exploit

Exploit for php platform in category web applications Exploit Title: Authenticated code execution in insert-or-embed-articulate-content-into-wordpress Wordpress plugin Description: It is possible to upload and execute a PHP file using the plugin option to upload a zip archive Exploit Author:...

7.1AI score
Exploits0
0day.today
0day.today
added 2019/06/10 12:0 a.m.463 views

Linux/x86_64 - Bind (4444/TCP) Shell (/bin/sh) #Shellcode (131 bytes)

Exploit for linux/x86-64 platform in category shellcode ;Title: Linux/x8664 - Bind 4444/TCP Shell /bin/sh ;Author: Aron Mihaljevic ;Architecture: Linux x8664 ;Shellcode Length: 131 bytes ;github = https://github.com/STARRBOY ;test shellcode = after you run the shellcode, open another terminal and...

7.4AI score
Exploits0
0day.today
0day.today
added 2019/06/10 12:0 a.m.975 views

Ubuntu 18.04 - (lxd) Privilege Escalation Exploit #LPE #RCE

Exploit for linux platform in category local exploits !/usr/bin/env bash ---------------------------------- Authors: Marcelo Vazquez S4vitar Victor Lasa vowkin ---------------------------------- Step 1: Download build-alpine = wget...

Exploits0
0day.today
0day.today
added 2019/06/10 12:0 a.m.201 views

UliCMS 2019.1 Spitting Lama - Persistent Cross-Site Scripting Vulnerability

Exploit for php platform in category web applications Exploit Title: UliCMS 2019.1 "Spitting Lama" - Stored Cross-Site Scripting Google Dork: intext:"by UliCMS" Exploit Author: Unk9vvN Vendor Homepage: https://en.ulicms.de Software Link:...

4.3CVSS6.3AI score0.03473EPSS
Exploits9
0day.today
0day.today
added 2019/06/07 12:0 a.m.650 views

Exim 4.87 < 4.91 - (Local / Remote) Command Execution Exploit

Qualys Security Advisory The Return of the WIZard: RCE in Exim CVE-2019-10149 ======================================================================== Contents ======================================================================== Summary Local exploitation Remote exploitation - Non-default...

10CVSS9.8AI score0.99961EPSS
Exploits27
0day.today
0day.today
added 2019/06/07 12:0 a.m.105 views

Supra Smart Cloud TV - openLiveURL() Remote File Inclusion Vulnerability

Exploit for hardware platform in category web applications Supra Smart Cloud TV - 'openLiveURL' Remote File Inclusion Exploit Author: Dhiraj Mishra Vendor Homepage: https://supra.ru Software Link: https://supra.ru/catalog/televizory/televizorsuprastvlc40lt0020f/ CVE: CVE-2019-12477 References:...

0.13318EPSS
Exploits7
0day.today
0day.today
added 2019/06/07 12:0 a.m.196 views

Linux/x86_64 - Bind (4444/TCP) Shell (/bin/sh) Shellcode (131 bytes)

;Title: Linux/x8664 - Bind 4444/TCP Shell /bin/sh ;Author: Aron Mihaljevic ;Architecture: Linux x8664 ;Shellcode Length: 131 bytes ;github = https://github.com/STARRBOY ;test shellcode = after you run the shellcode, open another terminal and run "netcat -vv 0.0.0.0 4444" ================== ASSEMB...

0.1AI score
Exploits0
0day.today
0day.today
added 2019/06/07 12:0 a.m.287 views

Microsoft Windows - AppX Deployment Service Local Privilege Escalation (3) Exploit

Exploit for windows platform in category local exploits Microsoft Windows - AppX Deployment Service Local Privilege Escalation 3 CVE-2019-0841 BYPASS 2 There is a second bypass for CVE-2019-0841. This can be triggered as following: Delete all files and subfolders within...

7.2CVSS6.8AI score0.414EPSS
Exploits19
0day.today
0day.today
added 2019/06/07 12:0 a.m.216 views

Vim < 8.1.1365 / Neovim < 0.3.6 - Arbitrary Code Execution Vulnerability

Exploit for linux platform in category local exploits by Arminius @rawsec Vim/Neovim Arbitrary Code Execution via Modelines ================================================= Product: Vim 8.1.1365, Neovim 0.3.6 Type: Arbitrary Code Execution CVE: CVE-2019-12735 Date: 2019-06-04 Author: Arminius...

9.3CVSS7.4AI score0.25314EPSS
Exploits5
0day.today
0day.today
added 2019/06/07 12:0 a.m.242 views

Nvidia GeForce Experience Web Helper - Command Injection Exploit

Exploit for windows platform in category local exploits //Send request to local GFE server function submitRequestport,secret var xhr = new XMLHttpRequest; xhr.open"POST", "http://127.0.0.1:"+port+"/gfeupdate/autoGFEInstall/", true; xhr.setRequestHeader"Accept",...

6.8AI score0.00932EPSS
Exploits3
0day.today
0day.today
added 2019/06/06 12:0 a.m.709 views

Zimbra < 8.8.11 - XML External Entity Injection / Server-Side Request Forgery Vulnerability

Exploit for jsp platform in category web applications Zimbra |";int c;while c = in.read != -1 out.printcharc;in.close;out.print"|' printbaseurl dtd file url dtdurl="https://k8gege.github.io/zimbra.dtd" """ " !ENTITY % all "!ENTITY fileContents '%start;...

5CVSS7.7AI score0.80906EPSS
Exploits10
0day.today
0day.today
added 2019/06/06 12:0 a.m.128 views

Zoho ManageEngine ServiceDesk Plus 9.3 - (PurchaseRequest.do) Cross-Site Scripting Vulnerability

Exploit for java platform in category web applications Exploit Title: Zoho ManageEngine ServiceDesk Plus 9.3 Cross-Site Scripting via PurchaseRequest.do Exploit Author: Tarantula Team - VinCSS a member of Vingroup Vendor Homepage: https://www.manageengine.com/products/service-desk Version: Zoho...

4.3CVSS6.4AI score0.06056EPSS
Exploits5
0day.today
0day.today
added 2019/06/05 12:0 a.m.132 views

LibreNMS - addhost Command Injection Exploit

This Metasploit module exploits a command injection vulnerability in the open source network management software known as LibreNMS. The community parameter used in a POST request to the addhost functionality is unsanitized. This parameter is later used as part of a shell command that gets passed ...

10CVSS0.8AI score0.71487EPSS
Exploits9
0day.today
0day.today
added 2019/06/05 12:0 a.m.99 views

Google Chrome 73.0.3683.103 - WasmMemoryObject::Grow Use-After-Free Exploit

Google Chrome 73.0.3683.103 - WasmMemoryObject::Grow Use-After-Free Exploit memoryobject, uint32t pages ... Handle newbuffer; if oldbuffer-isshared // Adjust protections for the buffer. if !AdjustBufferPermissionsisolate, oldbuffer, newsize return -1; void backingstore = oldbuffer-backingstore; i...

7.4AI score
Exploits0
0day.today
0day.today
added 2019/06/05 12:0 a.m.261 views

Inateck 2.4 GHz Wearable Wireless Presenter WP2002 Keystroke Injection Vulnerability

Product: 2.4 GHz Wearable Wireless Presenter WP2002 Manufacturer: Inateck Affected Versions: n/a Tested Versions: n/a Vulnerability Type: Insufficient Verification of Data Authenticity CWE-345 Keystroke Injection Vulnerability Risk Level: High Solution Status: Open Manufacturer Notification:...

8.8CVSS0.6AI score0.0192EPSS
Exploits1
0day.today
0day.today
added 2019/06/05 12:0 a.m.93 views

DVD X Player 5.5 Pro - Local Buffer Overflow (SEH) Exploit

Exploit for windows platform in category local exploits Exploit Title: DVDXPlayer 5.5 Pro Local Buffer Overflow with SEH Exploit Author: Kevin Randall Vendor Homepage: http://www.dvd-x-player.com/download.htmldvdPlayer Software Link: http://www.dvd-x-player.com/download.htmldvdPlayer Version: 5.5...

6.8AI score
Exploits0
0day.today
0day.today
added 2019/06/05 12:0 a.m.82 views

IceWarp 10.4.4 - Local File Inclusion Vulnerability

Exploit for php platform in category web applications Exploit Title: IceWarp =10.4.4 local file include Exploit Author: JameelNabbo Website: uitsec.com Vendor Homepage: http://www.icewarp.com Software Link: https://www.icewarp.com/downloads/trial/ Version: 10.4.4 Tested on: Windows 10 CVE:...

5CVSS0.1AI score0.40965EPSS
Exploits5
0day.today
0day.today
added 2019/06/05 12:0 a.m.132 views

IBM Websphere Application Server - Network Deployment Untrusted Data Deserialization Exploit

This Metasploit module exploits untrusted serialized data processed by the WAS DMGR Server and Cells in the IBM Websphere Application Server. NOTE: There is a required 2 minute timeout between attempts as the neighbor being added must be reset. This module requires Metasploit:...

9.8CVSS0.3AI score0.06283EPSS
Exploits3
0day.today
0day.today
added 2019/06/05 12:0 a.m.120 views

Zoho ManageEngine ServiceDesk Plus 9.3 - (SiteLookup.do) Cross-Site Scripting Vulnerability

Exploit for java platform in category web applications Exploit Title: Zoho ManageEngine ServiceDesk Plus 9.3 Cross-Site Scripting via SiteLookup.do Exploit Author: Tarantula Team - VinCSS a member of Vingroup Vendor Homepage: https://www.manageengine.com/products/service-desk Version: Zoho...

4.3CVSS6.4AI score0.06029EPSS
Exploits5
0day.today
0day.today
added 2019/06/05 12:0 a.m.103 views

Zoho ManageEngine ServiceDesk Plus 9.3 - (SolutionSearch.do) Cross-Site Scripting Vulnerability

Exploit for java platform in category web applications Exploit Title: Zoho ManageEngine ServiceDesk Plus 9.3 Cross-Site Scripting via SolutionSearch.do Exploit Author: Tarantula Team - VinCSS a member of Vingroup Vendor Homepage: https://www.manageengine.com/products/service-desk Version: Zoho...

4.3CVSS6.4AI score0.06029EPSS
Exploits5
0day.today
0day.today
added 2019/06/05 12:0 a.m.102 views

Zoho ManageEngine ServiceDesk Plus 9.3 - (SearchN.do) Cross-Site Scripting Vulnerability

Exploit for java platform in category web applications Exploit Title: Zoho ManageEngine ServiceDesk Plus 9.3 Cross-Site Scripting via SearchN.do Exploit Author: Tarantula Team - VinCSS a member of Vingroup Vendor Homepage: https://www.manageengine.com/products/service-desk Version: Zoho...

4.3CVSS6.4AI score0.06029EPSS
Exploits5
0day.today
0day.today
added 2019/06/05 12:0 a.m.143 views

Logitech R700 Laser Presentation Remote Keystroke Injection Vulnerability

Product: R700 Laser Presentation Remote Manufacturer: Logitech Affected Versions: Model R-R0010 PID WD904XM and PID WD802XM Tested Versions: Model R-R0010 PID WD904XM and PID WD802XM Vulnerability Type: Insufficient Verification of Data Authenticity CWE-345 Keystroke Injection Vulnerability Risk...

8.8CVSS0.6AI score0.01347EPSS
Exploits2
0day.today
0day.today
added 2019/06/05 12:0 a.m.272 views

Inateck 2.4 GHz Wireless Presenter WP1001 Keystroke Injection Vulnerability

Product: 2.4 GHz Wireless Presenter WP1001 Manufacturer: Inateck Affected Versions: Rev. v1.3C Tested Versions: Rev. v1.3C Vulnerability Type: Insufficient Verification of Data Authenticity CWE-345 Keystroke Injection Vulnerability Risk Level: High Solution Status: Open Manufacturer Notification:...

8.8CVSS0.4AI score0.01333EPSS
Exploits1
0day.today
0day.today
added 2019/06/04 12:0 a.m.250 views

NUUO NVRMini 2 3.9.1 - (sscanf) Stack Overflow Exploit

!/usr/bin/python Exploit Title: NUUO NVRMini2 3.9.1 'sscanf' stack overflow Google Dork: n/a Date: Advisory Published: Nov 18 Exploit Author: @0x00string Vendor Homepage: nuuo.com Software Link: https://www.nuuo.com/ProductNode.php?node=2 Version: 3.9.1 and prior Tested on: 3.9.1 CVE :...

10CVSS0.2AI score0.24808EPSS
Exploits4
0day.today
0day.today
added 2019/06/04 12:0 a.m.309 views

Cisco RV130W 1.0.3.44 - Remote Stack Overflow Exploit

!/usr/bin/python Exploit Title: Cisco RV130W Remote Stack Overflow Google Dork: n/a Date: Advisory Published: Feb 2019 Exploit Author: @0x00string Vendor Homepage: cisco.com Software Link: https://www.cisco.com/c/en/us/products/routers/rv130w-wireless-n-multifunction-vpn-router/index.html Version...

10CVSS0.3AI score0.95707EPSS
Exploits15
0day.today
0day.today
added 2019/06/03 12:0 a.m.150 views

AUO Solar Data Recorder < 1.3.0 - Incorrect Access Control

Exploit for hardware platform in category web applications Exploit Title: AUO Solar Data Recorder - Incorrect Access Control Exploit Author: Luca.Chiou Vendor Homepage: https://www.auo.com/zh-TW Version: AUO Solar Data Recorder all versions prior to v1.3.0 Tested on: It is a proprietary devices:...

7.1AI score0.0282EPSS
Exploits5
0day.today
0day.today
added 2019/06/03 12:0 a.m.262 views

KACE System Management Appliance (SMA) < 9.0.270 - Multiple Vulnerabilities

Exploit for php platform in category web applications Exploit Title: Dell Kace Appliance Multiple Vulnerabilities Exploit Author: SlidingWindow, Twitter: @kapilkhot Vendor Homepage: https://www.quest.com/products/kace-systems-management-appliance/ Affected Versions: KACE SMA versions prior to...

7.3AI score0.12206EPSS
Exploits6
0day.today
0day.today
added 2019/06/03 12:0 a.m.232 views

ZyXEL P-660HN-T1 V2 Missing Authentication / Password Disclosure Vulnerabilities

Exploit for hardware platform in category web applications Description: The rpWLANRedirect.asp ASP page is accessible without authentication on ZyXEL P-660HN-T1 V2 2.00AAKK.3 devices. After accessing the page, the admin user's password can be obtained by viewing the HTML source code, and the...

0.3AI score0.01785EPSS
Exploits2
0day.today
0day.today
added 2019/06/03 12:0 a.m.319 views

WordPress Form Maker 1.13.3 Plugin - SQL Injection Exploit

Exploit for php platform in category web applications -- coding: utf-8 -- Exploit Title: WordPress Plugin Form Maker 1.13.3 - SQL Injection Exploit Author: Daniele Scanu @ Certimeter Group Vendor Homepage: https://10web.io/plugins/ Software Link: https://wordpress.org/plugins/form-maker/ Version:...

7.5CVSS0.2AI score0.06214EPSS
Exploits6
0day.today
0day.today
added 2019/06/03 12:0 a.m.1397 views

Safari Webkit Proxy Object Type Confusion Exploit

This Metasploit module exploits a type confusion bug in the Javascript Proxy object in WebKit. The DFG JIT does not take into account that, through the use of a Proxy, it is possible to run arbitrary JS code during the execution of a CreateThis operation. This makes it possible to change the...

9.3CVSS0.5AI score0.53772EPSS
Exploits16
0day.today
0day.today
added 2019/05/31 12:0 a.m.1072 views

Microsoft Windows Remote Desktop - BlueKeep Denial of Service Exploit

import socket, sys, struct from OpenSSL import SSL from impacket.structure import Structure I'm not responsible for what you use this to accomplish and should only be used for education purposes Could clean these up since I don't even use them class TPKTStructure: commonHdr = 'Version','B=3',...

9.8CVSS10AI score0.99999EPSS
Exploits123
0day.today
0day.today
added 2019/05/30 12:0 a.m.281 views

Serv-U FTP Server 15.1.6.25 Local Privilege Escalation Vulnerability

Exploit for multiple platform in category local exploits CVE: CVE-2018-19999 Security researcher: Chris Moberly @ The Missing Link Security Product name: Serv-U FTP Server Product version: Tested on 15.1.6.25 current as of Dec 2018 Fixed in: 15.1.7 Overview The Serv-U FTP Server is vulnerable to...

0.3AI score0.00605EPSS
Exploits2
0day.today
0day.today
added 2019/05/30 12:0 a.m.763 views

Microsoft Windows 8.1 / Server 2012 - Win32k.sys Local Privilege Escalation (MS14-058) Exploit

Exploit for windows platform in category local exploits include "hd.h" // EDB Note Download: https://github.com/offensive-security/exploitdb-bin-sploits/raw/master/bin-sploits/46945.rar byte scode= 0x48 ,0x8B ,0xC4 ,0x48 ,0x89 ,0x58 ,0x08 ,0x48 ,0x89 ,0x68 ,0x20 ,0x56 ,0x57 ,0x41 ,0x56 ,0x48 , 0x...

7.2CVSS7.9AI score0.87042EPSS
Exploits22
0day.today
0day.today
added 2019/05/29 12:0 a.m.1313 views

Siemens LOGO! 8 Hard-Coded Cryptographic Key Vulnerability

Due to the use of a hard-coded cryptographic key, an attacker can put the integrity and confidentiality of encrypted data of all Siemens LOGO! 8 PLCs using this key at risk, for instance decrypting network communication during a man-in-the-middle attack. Siemens LOGO! 8 Hard-Coded Cryptographic K...

7.5CVSS0.4AI score0.01504EPSS
Exploits2
0day.today
0day.today
added 2019/05/29 12:0 a.m.284 views

Qualcomm Android - Kernel Use-After-Free via Incorrect set_page_dirty() in KGSL Exploit

The following issue exists in the android-msm-wahoo-4.4-pie branch of https://android.googlesource.com/kernel/msm and possibly others: When kgslmementrydestroy in drivers/gpu/msm/kgsl.c is called for a writable entry with memtype KGSLMEMENTRYUSER, it attempts to mark the entry's pages as dirty...

8.1CVSS8.2AI score0.01738EPSS
Exploits1
0day.today
0day.today
added 2019/05/29 12:0 a.m.189 views

Siemens LOGO! 8 Missing Authentication Vulnerability

Due to storing passwords in a recoverable format on Siemens LOGO! 8 PLCs, an attacker can gain access to configured passwords as cleartext. Siemens LOGO! 8 Missing Authentication Vulnerability Product: LOGO! Manufacturer: Siemens Affected Versions: LOGO! 8 all versions Tested Versions: LOGO! 8,...

9.4CVSS0.5AI score0.02746EPSS
Exploits3
0day.today
0day.today
added 2019/05/29 12:0 a.m.329 views

Microsoft Windows - AppX Deployment Service Local Privilege Escalation (2) Exploit

Exploit for windows platform in category local exploits Microsoft Windows - AppX Deployment Service Local Privilege Escalation 2 Exploit There is still a vuln in the code triggered by CVE-2019-0841 The bug that this guy found:...

7.2CVSS6.8AI score0.414EPSS
Exploits19
0day.today
0day.today
added 2019/05/29 12:0 a.m.299 views

Siemens LOGO! 8 Recoverable Password Format Vulnerability

Due to storing passwords in a recoverable format on Siemens LOGO! 8 PLCs, an attacker can gain access to configured passwords as cleartext. Siemens LOGO! 8 Recoverable Password Format Vulnerability Product: LOGO! Manufacturer: Siemens Affected Versions: LOGO! 8 all versions Tested Versions: LOGO!...

7.5CVSS0.2AI score0.02447EPSS
Exploits3
0day.today
0day.today
added 2019/05/28 12:0 a.m.163 views

Oracle Application Testing Suite WebLogic Server Administration Console War Deployment Exploit

This Metasploit module abuses a feature in WebLogic Server's Administration Console to install a malicious Java application in order to gain remote code execution. Authentication is required, however by default, Oracle ships with a "oats" account that you could log in with, which grants you...

7.1CVSS0.2AI score0.30876EPSS
Exploits4
0day.today
0day.today
added 2019/05/28 12:0 a.m.53 views

Cyberoam Transparent Authentication Suite 2.1.2.5 NetBIOS Name / FQDN Denial Of Service Exploit

Cyberoam Transparent Authentication Suite version 2.1.2.5 Fully Qualified Domain Name and NetBIOS Name proof of concept denial of service exploits. Exploit Title: Cyberoam Transparent Authentication Suite 2.1.2.5 - 'Fully Qualified Domain Name' Denial of Service PoC Discovery by: Victor Mondragón...

7AI score
Exploits0
0day.today
0day.today
added 2019/05/28 12:0 a.m.110 views

CMS Made Simple 2.2.10 Cross Site Scripting Vulnerability

Exploit for php platform in category web applications ============================================= MGC ALERT 2019-002 - Original release date: April 10, 2019 - Last revised: May 22, 2019 - Discovered by: Manuel Garcia Cardenas - Severity: 4,8/10 CVSS Base Score - CVE-ID: CVE-2019-11226...

5.9AI score0.00917EPSS
Exploits3
0day.today
0day.today
added 2019/05/28 12:0 a.m.60 views

Deltek Maconomy 2.2.5 Local File Inclusion Vulnerability

Exploit for cgi platform in category web applications Exploit Title: Maconomy Erp local file include Exploit Author: JameelNabbo Website: jameelnabbo.com Vendor Homepage: https://www.deltek.com Software Link: https://www.deltek.com/en-gb/products/project-erp/maconomy CVE: CVE-2019-12314 POC: POC:...

7.5CVSS9.2AI score0.8422EPSS
Exploits6
0day.today
0day.today
added 2019/05/28 12:0 a.m.221 views

JavaScript V8 Turbofan Out-Of-Bounds Read Exploit

V8: Turbofan may read a Map pointer out-of-bounds when optimizing Reflect.construct The following JavaScript program found through fuzzing triggers an assertion failure in debug builds of the latest v8 and the current release branch, 7.2.502.28: function farg const o =...

7.4AI score
Exploits0
0day.today
0day.today
added 2019/05/28 12:0 a.m.233 views

EquityPandit 1.0 - Password Disclosure Vulnerability

Exploit for Android platform in category local exploits...

1.8AI score
Exploits0
0day.today
0day.today
added 2019/05/28 12:0 a.m.58 views

Cyberoam General Authentication Client 2.1.2.7 Server Address Denial Of Service Exploit

Exploit Title: Cyberoam General Authentication Client 2.1.2.7 - Denial of Service PoC Discovery by: Victor Mondragón Vendor Homepage: https://www.cyberoam.com Software Link: https://download.cyberoam.com/solution/optionals/i18n/Cyberoam%20General%20Authentication%20Client%202.1.2.7.zip Tested...

7.4AI score
Exploits0
0day.today
0day.today
added 2019/05/28 12:0 a.m.272 views

Phraseanet < 4.0.7 - Cross-Site Scripting Vulnerability

Exploit for multiple platform in category web applications Exploit title: Stored XSS vulnerability in Phraseanet DAM Open Source software Exploit Author: Krzysztof Szulski Vendor Homepage: https://www.phraseanet.com Software Link also VM: https://www.phraseanet.com/en/download/ Version affected:...

7.4AI score
Exploits0
Total number of security vulnerabilities39001