Lucene search
K

39001 matches found

0day.today
0day.today
added 2019/04/17 12:0 a.m.59 views

DHCP Server 2.5.2 - Denial of Service Exploit

Exploit Title: DHCP Server 2.5.2 - Denial of Service PoC Discovery by: Victor Mondragón Vendor Homepage: http://www.dhcpserver.de/cms/ Software Link: http://www.dhcpserver.de/cms/wp-content/plugins/download-attachments Tested Version: 2.5.2 Tested on: Windows 7 x32 Service Pack 1 Steps to produce...

7.4AI score
Exploits0
0day.today
0day.today
added 2019/04/16 12:0 a.m.80 views

PCHelpWare V2 1.0.0.5 - (SC) Denial of Service Exploit

-- coding: utf-8 -- Exploit Title: PCHelpWareV2 1.0.0.5 - 'SC' Denial of Service PoC Author: Alejandra Sánchez Vendor Homepage: https://www.uvnc.com/home.html Software Link: http://www.uvnc.eu/download/pchw2/PCHelpWareV2.msi Version: 1.0.0.5 Tested on: Windows 10 Proof of Concept: 1.- Run the...

0.3AI score
Exploits0
0day.today
0day.today
added 2019/04/16 12:0 a.m.76 views

Microsoft Windows 10 1809 - LUAFV Delayed Virtualization MAXIMUM_ACCESS DesiredAccess Exploit

Exploit for windows platform in category local exploits Windows: LUAFV Delayed Virtualization MAXIMUMACCESS DesiredAccess EoP Platform: Windows 10 1809 not tested earlier Class: Elevation of Privilege Security Boundary per Windows Security Service Criteria: User boundary Summary: The LUAFV driver...

4.6CVSS7AI score0.04352EPSS
Exploits2
0day.today
0day.today
added 2019/04/16 12:0 a.m.145 views

Joomla Core 1.5.0 - 3.9.4 - Directory Traversal / Authenticated Arbitrary File Deletion Exploit

Exploit for php platform in category web applications Exploit Title: Joomla Core 1.5.0 through 3.9.4 - Directory Traversal && Authenticated Arbitrary File Deletion Exploit Author: Haboob Team Web Site: haboob.sa Email: email protected Software Link: https://www.joomla.org/ Versions: Joomla 1.5.0...

7.5CVSS9.2AI score0.38018EPSS
Exploits7
0day.today
0day.today
added 2019/04/16 12:0 a.m.42 views

PCHelpWare V2 1.0.0.5 - (Group) Denial of Service Exploit

-- coding: utf-8 -- Exploit Title: PCHelpWareV2 1.0.0.5 - 'Group' Denial of Service PoC Author: Alejandra Sánchez Vendor Homepage: https://www.uvnc.com/home.html Software Link: http://www.uvnc.eu/download/pchw2/PCHelpWareV2.msi Version: 1.0.0.5 Tested on: Windows 10 Proof of Concept: 1.- Run the...

7.4AI score
Exploits0
0day.today
0day.today
added 2019/04/16 12:0 a.m.75 views

Microsoft Windows 10 1809 LUAFV Delayed Virtualization Cache Manager Poisoning Privilege Escalation

Exploit for windows platform in category local exploits Windows: LUAFV Delayed Virtualization Cache Manager Poisoning EoP Platform: Windows 10 1809 not tested earlier Class: Elevation of Privilege Security Boundary per Windows Security Service Criteria: User boundary Summary: The LUAFV driver can...

4.6CVSS7AI score0.02785EPSS
Exploits2
0day.today
0day.today
added 2019/04/16 12:0 a.m.101 views

Microsoft Windows 10 1809 - LUAFV LuafvCopyShortName Arbitrary Short Name Privilege Escalation

Exploit for windows platform in category local exploits Windows: LUAFV LuafvCopyShortName Arbitrary Short Name EoP Platform: Windows 10 1809 not tested earlier Class: Elevation of Privilege Security Boundary per Windows Security Service Criteria: User boundary Summary: The LUAFV driver bypasses...

2.1CVSS7AI score0.0424EPSS
Exploits2
0day.today
0day.today
added 2019/04/16 12:0 a.m.79 views

Microsoft Windows 10 1809 - LUAFV Delayed Virtualization Cross Process Handle Duplication Exploit

Exploit for windows platform in category local exploits Windows: LUAFV Delayed Virtualization Cross Process Handle Duplication EoP Platform: Windows 10 1809 not tested earlier Class: Elevation of Privilege Security Boundary per Windows Security Service Criteria: User boundary Summary: The LUAFV...

4.6CVSS7AI score0.04352EPSS
Exploits2
0day.today
0day.today
added 2019/04/16 12:0 a.m.29 views

AdminExpress 1.2.5 - Folder Path Denial of Service Exploit

-- coding: utf-8 -- !/usr/bin/python Exploit Title: AdminExpress 1.2.5 - Denial of Service PoC Date: 2019-04-12 Exploit Author: Mücahit İsmail Aktaş Software Link: https://admin-express.en.softonic.com/ Version: 1.2.5.485 Tested on: Windows XP Professional SP2 Description: 1 Click the "System...

0.1AI score
Exploits0
0day.today
0day.today
added 2019/04/16 12:0 a.m.104 views

Microsoft Windows 10 1809 / 1709 - CSRSS SxSSrv Cached Manifest Privilege Escalation Exploit

Exploit for windows platform in category local exploits Windows: CSRSS SxSSrv Cached Manifest EoP Platform: Windows 10 1809, 1709 Class: Elevation of Privilege Security Boundary per Windows Security Service Criteria: User boundary and others Summary: The SxS manifest cache in CSRSS uses a weak ke...

7.2CVSS8.1AI score0.03662EPSS
Exploits2
0day.today
0day.today
added 2019/04/16 12:0 a.m.94 views

Zyxel ZyWall 310 / ZyWall 110 / USG1900 / ATP500 / USG40 - Login Page Cross-Site Scripting

Exploit for hardware platform in category web applications Exploit Title: Reflected XSS on Zyxel login pages Exploit Author: Aaron Bishop Vendor Homepage: https://www.zyxel.com/us/en/ Version: V4.31 Tested on: ZyWall 310, ZyWall 110, USG1900, ATP500, USG40 - weblogin.cgi, webauthrelogin.cgi CVE :...

0.1AI score0.2095EPSS
Exploits3
0day.today
0day.today
added 2019/04/16 12:0 a.m.185 views

Microsoft Windows 10 1809 - LUAFV PostLuafvPostReadWrite SECTION_OBJECT_POINTERS Race Condition

Exploit for windows platform in category local exploits Windows: LUAFV PostLuafvPostReadWrite SECTIONOBJECTPOINTERS Race Condition EoP Platform: Windows 10 1809 not tested earlier Class: Elevation of Privilege Security Boundary per Windows Security Service Criteria: User boundary Summary: The LUA...

4.6CVSS7AI score0.04139EPSS
Exploits2
0day.today
0day.today
added 2019/04/16 12:0 a.m.55 views

Zoho ManageEngine ADManager Plus 6.6 (Build < 6659) - Privilege Escalation Vulnerability

Exploit for windows platform in category local exploits Exploit Title: Zoho ManageEngine ADManager Plus 6.6 Build 6659 Privilege Escalation Exploit Author: Digital Interruption Vendor Homepage: https://www.manageengine.co.uk/ Version: 6.6 Build 6658 Tested on: Windows Server 2012 R2 CVE :...

0.1AI score0.0108EPSS
Exploits5
0day.today
0day.today
added 2019/04/16 12:0 a.m.76 views

Microsoft Windows 10 1809 - LUAFV NtSetCachedSigningLevel Device Guard Bypass Exploit

Exploit for windows platform in category local exploits Windows: LUAFV NtSetCachedSigningLevel Device Guard Bypass Platform: Windows 10 1809 not tested earlier. Note I’ve not tested this on Windows 10 SMode. Class: Security Feature Bypass Summary: The NtSetCachedSigningLevel system call can be...

4.6CVSS8.1AI score0.03776EPSS
Exploits2
0day.today
0day.today
added 2019/04/15 12:0 a.m.64 views

DirectAdmin 1.561 - Multiple Vulnerabilities

Exploit for php platform in category web applications Title: DirectAdmin Multiple Vulnerabilities to Takeover the Server = v1.561 Author: InfinitumIT Vendor Homepage: https://www.directadmin.com/ Version: Up to v1.561. CVE: CVE-2019-11193 email protected && infinitumit.com.tr Description: Multipl...

0.2AI score0.02094EPSS
Exploits5
0day.today
0day.today
added 2019/04/15 12:0 a.m.46 views

Linux/x86 - Cat File Encode to base64 and post via curl to Webserver Shellcode (125 bytes)

Exploit Title: Linux/x86 cat file encode to base64 and post via curl to webserver 125 bytes Exploit Author: strider Vendor Homepage: None Software Link: None Tested on: Debian 9 Stretch i386/ Kali Linux i386 CVE : None Shellcode Length: 125...

7.4AI score
Exploits0
0day.today
0day.today
added 2019/04/15 12:0 a.m.71 views

Linux/x86 - MMX-PUNPCKLBW Encoder Shellcode (61 bytes)

INTRO Exploit Title: MMX-PUNPCKLBW Encoder Description: Payload encoder using MMX PUNPCKLBW instruction Date: 13/04/2019 Exploit Author: Petr Javorik Tested on: Linux ubuntu 3.13.0-32-generic x86 Shellcode length: 61 ENCODER !/usr/bin/env python stack execve SHELLCODE = bytearray...

0.3AI score
Exploits0
0day.today
0day.today
added 2019/04/15 12:0 a.m.260 views

MailCarrier 2.51 - POP3 (USER) Buffer Overflow Exploit

!/usr/bin/python Exploit Title: MailCarrier 2.51 - Remote Buffer Overflow in "USER" commandPOP3 Exploit Author: Dino Covotsos - Telspace Systems Vendor Homepage: https://www.tabslab.com/ Version: 2.51 Software Link: N.A Contact: [email protected] Twitter: @telspacesystems Greets to the...

0.3AI score
Exploits0
0day.today
0day.today
added 2019/04/15 12:0 a.m.115 views

Nagios XI 5.5.10 XSS / Remote Code Execution Vulnerability

Various vulnerabilities have been found in Nagios XI version 5.5.10, which allow a remote attacker able to trick an authenticated victim with "autodiscovery job" creation privileges to visit a malicious URL to obtain a remote root shell via a reflected cross site scripting, an authenticated remot...

7.5CVSS0.9AI score0.45972EPSS
Exploits8
0day.today
0day.today
added 2019/04/15 12:0 a.m.47 views

UltraVNC Launcher 1.2.2.4 - Path Denial of Service Exploit

Exploit Title: UltraVNC Launcher 1.2.2.4 - Denial of Service PoC Discovery by: Victor Mondragón Vendor Homepage: https://www.uvnc.com/ Software Link: https://www.uvnc.com/downloads/ultravnc/126-download-ultravnc-1224.html Tested Version: 1.2.2.4 Tested on: Windows 7 x64 Service Pack 1 Steps to...

7.4AI score
Exploits0
0day.today
0day.today
added 2019/04/15 12:0 a.m.78 views

Cisco RV130W Routers Management Interface Remote Command Execution Exploit

A vulnerability in the web-based management interface of the Cisco RV130W Wireless-N Multifunction VPN Router could allow an unauthenticated, remote attacker to execute arbitrary code on an affected device. The vulnerability is due to improper validation of user-supplied data in the web-based...

10CVSS1AI score0.95707EPSS
Exploits15
0day.today
0day.today
added 2019/04/15 12:0 a.m.307 views

CuteNews 2.1.2 - avatar Remote Code Execution Exploit

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "CuteNews 2.1.2 - 'avatar' Remote Code Execution", 'Description' = %q This module exploits a command execution vulnerability in CuteNews prior to...

0.1AI score
Exploits0
0day.today
0day.today
added 2019/04/15 12:0 a.m.85 views

UltraVNC Viewer 1.2.2.4 - VNC Server Denial of Service Exploit

Exploit Title: UltraVNC Viewer 1.2.2.4 - Denial of Service PoC Discovery by: Victor Mondragón Vendor Homepage: https://www.uvnc.com/ Software Link: https://www.uvnc.com/downloads/ultravnc/126-download-ultravnc-1224.html Tested Version: 1.2.2.4 Tested on: Windows 7 x64 Service Pack 1 Steps to...

0.6AI score
Exploits0
0day.today
0day.today
added 2019/04/15 12:0 a.m.45 views

Jobberbase CMS 2.0 SQL Injection Vulnerability

Exploit for php platform in category web applications =========================================================================================== Exploit Title: Jobberbase CMS - 'jobs-in' SQL Injection Exploit Author: Suvadip Kar Vendor Homepage: http://jobberbase.com/ Software Link:...

7.1AI score
Exploits0
0day.today
0day.today
added 2019/04/15 12:0 a.m.189 views

RemoteMouse 3.008 - Arbitrary Remote Command Execution Exploit

""" Exploit Title: Remote Mouse 3.008 Failure to Authenticate Date: 4/9/2019 Exploit Author: 0rphon Software Link: https://www.remotemouse.net/ Version: 3.008 Tested on: Windows 10 Remote Mouse 3.008 fails to check for authenication and will execute any command any machine gives it This script po...

0.9AI score
Exploits0
0day.today
0day.today
added 2019/04/15 12:0 a.m.99 views

MailCarrier 2.51 - POP3 (TOP) SEH Buffer Overflow Exploit

!/usr/bin/python Exploit Title: MailCarrier 2.51 - SEH Remote Buffer Overflow in "TOP" commandPOP3 Exploit Author: Dino Covotsos - Telspace Systems Vendor Homepage: https://www.tabslab.com/ Version: 2.51 Software Link: N.A Contact: [email protected] Twitter: @telspacesystems Greets to the...

0.1AI score
Exploits0
0day.today
0day.today
added 2019/04/15 12:0 a.m.74 views

MailCarrier 2.51 - (RCPT TO) Buffer Overflow Exploit

!/usr/bin/python Exploit Title: MailCarrier 2.51 'RCPT TO' - Buffer Overflow Remote Exploit Author: Dino Covotsos - Telspace Systems Vendor Homepage: https://www.tabslab.com/ Version: 2.51 Software Link: N.A Contact: [email protected] Twitter: @telspacesystems Greets to the Telspace Crew...

0.2AI score
Exploits0
0day.today
0day.today
added 2019/04/15 12:0 a.m.25 views

MailCarrier 2.51 - POP3 (LIST) SEH Buffer Overflow Exploit

!/usr/bin/python Exploit Title: MailCarrier 2.51 - SEH Remote Buffer Overflow in "LIST" commandPOP3 Exploit Author: Dino Covotsos - Telspace Systems Vendor Homepage: https://www.tabslab.com/ Version: 2.51 Software Link: N.A Contact: [email protected] Twitter: @telspacesystems Greets to the...

0.1AI score
Exploits0
0day.today
0day.today
added 2019/04/14 12:0 a.m.64 views

Linux/x86 - add user to passwd file Shellcode (149 bytes)

Exploit Title: Linux/x86 add user to passwd file shellcode 149 bytes Google Dork: None Date: 11.04.2019 Exploit Author: strider Vendor Homepage: None Software Link: None Tested on: Debian 9 Stretch i386/ Kali Linux i386 CVE : None Shellcode Length: 149...

0.3AI score
Exploits0
0day.today
0day.today
added 2019/04/12 12:0 a.m.162 views

CyberArk EPM 10.2.1.603 - Security Restrictions #Bypass Exploit

Exploit for windows platform in category local exploits Exploit Title: CyberArk Endpoint bypass Exploit Author: Alpcan Onaran Vendor Homepage: https://www.cyberark.com Software Link: - Version: 10.2.1.603 Tested on: Windows 10 CVE : CVE-2018-14894 //If user needs admin privileges, CyberArk gives...

4.6CVSS7.6AI score0.01927EPSS
Exploits5
0day.today
0day.today
added 2019/04/12 12:0 a.m.331 views

ATutor 2.2.4 - file_manager Remote Code Execution Exploit #RCE

Exploit for php platform in category web applications This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "ATutor %q This module allows the user to run commands on the server with teacher user...

7.1AI score
Exploits0
0day.today
0day.today
added 2019/04/11 12:0 a.m.88 views

Microsoft Windows Contact File Format Arbitary Code Execution Exploit

This Metasploit module allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The flaw is due to processing of contact...

0.1AI score
Exploits0
0day.today
0day.today
added 2019/04/11 12:0 a.m.142 views

Microsoft Internet Explorer 11 XML Injection Exploit

Exploit for windows platform in category remote exploits + Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/MICROSOFT-INTERNET-EXPLORER-v11-XML-EXTERNAL-ENTITY-INJECTION-0DAY.txt + ISR: ApparitionSec Vendor www.microsoft.com...

7.1AI score
Exploits0
0day.today
0day.today
added 2019/04/11 12:0 a.m.1144 views

Zimbra Collaboration Autodiscover Servlet XXE / ProxyServlet SSRF Exploit

This Metasploit module exploits an XML external entity vulnerability and a server side request forgery to get unauthenticated code execution on Zimbra Collaboration Suite. The XML external entity vulnerability in the Autodiscover Servlet is used to read a Zimbra configuration file that contains a...

9.8CVSS0.1AI score0.99986EPSS
Exploits11
0day.today
0day.today
added 2019/04/10 12:0 a.m.30 views

FTPShell Server 6.83 - Virtual Path Mapping Local Buffer Exploit

Exploit for windows platform in category local exploits !/usr/bin/python Exploit Title: FTP Shell Server 6.83 'Virtual Path Mapping' Buffer Overflow Exploit Author: Dino Covotsos - Telspace Systems Vendor Homepage: http://www.ftpshell.com/index.htm Version: 6.83 Software Link :...

0.1AI score
Exploits0
0day.today
0day.today
added 2019/04/10 12:0 a.m.54 views

D-Link DI-524 V2.06RU - Multiple Cross-Site Scripting Vulnerability

Exploit for hardware platform in category web applications Exploit Title: Multiple Stored and Reflected XSS vulnerabilities in D-Link DI-524 Exploit Author: Semen Alexandrovich Lyhin https://www.linkedin.com/in/semenlyhin/ Vendor Homepage: https://www.dlink.com Version: D-Link DI-524 - V2.06RU CV...

0.01515EPSS
Exploits5
0day.today
0day.today
added 2019/04/10 12:0 a.m.25 views

FTPShell Server 6.83 - Account name to ban Local Buffer Exploit

Exploit for windows platform in category local exploits !/usr/bin/python Exploit Title: FTP Shell Server 6.83 'Account name to ban' Buffer Overflow Exploit Author: Dino Covotsos - Telspace Systems Vendor Homepage: http://www.ftpshell.com/index.htm Version: 6.83 Software Link :...

7.2AI score
Exploits0
0day.today
0day.today
added 2019/04/10 12:0 a.m.253 views

Dell KACE Systems Management Appliance (K1000) 6.4.120756 - Remote Code Execution Expoit

Exploit for php platform in category web applications !/usr/bin/python Exploit Title: Dell KACE Systems Management Appliance K1000 = 6.4.120756 Unauthenticated RCE Version: = 6.4.120756 Author: Julien Ahrens @MrTuxracer Software Link:...

7.4AI score
Exploits0
0day.today
0day.today
added 2019/04/10 12:0 a.m.178 views

Loytec LGATE-902 XSS / Traversal / File Deletion Vulnerabilities

Loytec LGATE-902 versions prior to 6.4.2 suffer from cross site scripting, arbitrary file deletion, and directory traversal vulnerabilities. Loytec LGATE-902 XSS / Traversal / File Deletion Vulnerabilities INFORMATION Product: Loytec LGATE-902 https://www.loytec.com/ Affected versions: 6.4.2 test...

0.17982EPSS
Exploits5
0day.today
0day.today
added 2019/04/10 12:0 a.m.261 views

EasyIO 30P Authentication Bypass / Cross Site Scripting Vulnerabilities

EasyIO 30P versions prior to 2.0.5.27 suffer from authentication bypass and cross site scripting vulnerabilities. EasyIO 30P Authentication Bypass / Cross Site Scripting Vulnerabilities INFORMATION Product: EasyIO 30P http://www.easyio.com Affected versions: 2.0.5.27 tested on version 2.0.5.16 CV...

0.1AI score0.0181EPSS
Exploits4
0day.today
0day.today
added 2019/04/10 12:0 a.m.87 views

Microsoft Windows - AppX Deployment Service Privilege Escalation Exploit

Exploit for windows platform in category local exploits Microsoft Windows - AppX Deployment Service Privilege Escalation Exploit This vulnerability allows low privileged users to hijack file that are owned by NT AUTHORITY\SYSTEM by overwriting permissions on the targeted file. Successful...

7.2CVSS6.8AI score0.414EPSS
Exploits19
0day.today
0day.today
added 2019/04/09 12:0 a.m.412 views

AllPlayer 7.4 - SEH Buffer Overflow (Unicode) Exploit

Exploit for windows platform in category local exploits !/usr/bin/python -w Exploit Author: Chris Au Exploit Title: AllPlayer V7.4 - Local Buffer Overflow SEH Unicode Vulnerable Software: AllPlayer V7.4 Vendor Homepage: https://www.allplayer.org/ Version: 7.4 Software Link:...

Exploits0
0day.today
0day.today
added 2019/04/09 12:0 a.m.530 views

CentOS Web Panel 0.9.8.793 (Free) / 0.9.8.753 (Pro) - Cross-Site Scripting Vulnerability

Exploit for php platform in category web applications Exploit Title: CentOS Web Panel v0.9.8.793 Free and v0.9.8.753 Pro - Email Field Stored Cross-Site Scripting Vulnerability Google Dork: N/A Exploit Author: DKM Vendor Homepage: http://centos-webpanel.com Software Link: http://centos-webpanel.c...

5.5AI score0.02879EPSS
Exploits5
0day.today
0day.today
added 2019/04/09 12:0 a.m.21 views

River Past Cam Do 3.7.6 - Activation Code Local Buffer Overflow Exploit

Exploit for windows platform in category local exploits !/usr/bin/python -w Exploit Author: Chris Au Exploit Title: River Past Cam Do 3.7.6 Local Buffer Overflow in Activation Code Vulnerable Software: River Past Cam Do 3.7.6 Vendor Homepage: http://www.flexhex.com Version: 3.7.6 Software Link:...

6.8AI score
Exploits0
0day.today
0day.today
added 2019/04/09 12:0 a.m.76 views

FlexHEX 2.71 - SEH Buffer Overflow (Unicode) Exploit

Exploit for windows platform in category local exploits !/usr/bin/python -w Exploit Author: Chris Au Exploit Title: FlexHEX 2.71 - Local Buffer Overflow SEH Unicode Date: 06-04-2019 Vulnerable Software: FlexHEX 2.71 Vendor Homepage: http://www.flexhex.com Version: 2.71 Software Link:...

0.1AI score
Exploits0
0day.today
0day.today
added 2019/04/09 12:0 a.m.29 views

Linux/x64 - XANAX Decoder Shellcode (127 bytes)

Linux/x64 - XANAX Decoder Shellcode 127 bytes ; Date: 08/04/2019 ; XANAX Decoder ; Author: Alan Vivona ; Description: Reverts the xor-add-not-add-xor sequence using the same 4 byte key and executes the encoded payload. ; Tested on: x86-x64 GNU/Linux global start section .text keys.xor1 equ 0x29...

0.5AI score
Exploits0
0day.today
0day.today
added 2019/04/09 12:0 a.m.46 views

SaLICru -SLC-20-cube3(5) - HTML Injection Vulnerability

Exploit for hardware platform in category web applications Exploit Title: Reflected HTML Injection Google Dork: None Exploit Author: Ramikan Vendor Homepage:https://www.salicru.com/en/ Software Link: N/A Version: Tested on SaLICru -SLC-20-cube35. Firmware: cs121-SNMP v4.54.82.130611 CVE :...

4.3CVSS0.05817EPSS
Exploits5
0day.today
0day.today
added 2019/04/09 12:0 a.m.98 views

Tradebox CryptoCurrency - symbol SQL Injection Vulnerability

Exploit for php platform in category web applications Title: Tradebox - CryptoCurrency Buy Sell and Trading Exploit Author: Abdullah Çelebi Vendor Homepage: https://www.bdtask.com Software Link: tradebox.bdtask.com/demo-v5.3/ Version: 5.4 Category: Webapps Tested on: WAMPP @Win Software...

0.1AI score
Exploits0
0day.today
0day.today
added 2019/04/09 12:0 a.m.472 views

Apache Axis 1.4 - Remote Code Execution Exploit

+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Apache Axis 1.4 Remote Code Execution CVE-2019-0227 https://rhinosecuritylabs.com/Application-Security/CVE-2019-0227-Expired-Domain-to-RCE-in-Apache-Axis Author: David Yesland @daveysec, Rhino...

7.5CVSS0.86503EPSS
Exploits7
0day.today
0day.today
added 2019/04/09 12:0 a.m.886 views

PHP 7.2 - imagecolormatch() Out of Band Heap Write Exploit

&c= Example: GET/POST /exploit.php?f=0x7fe83d1bb480&c=id++/dev/shm/titi Target: PHP 7.2.x Tested on: PHP 7.2.12 / buf = unsigned long safeemallocsizeofunsigned long, 5 im2-colorsTotal, 0; for x=0; xsx; x++ for y=0; ysy; y++ color = im2-pixelsyx; rgb = im1-tpixelsyx; bp = buf + color 5; bp++++; bp...

8.8CVSS0.2AI score0.65116EPSS
Exploits7
Total number of security vulnerabilities39001