Lucene search
K

39001 matches found

0day.today
0day.today
added 2019/03/25 12:0 a.m.49 views

Meeplace Business Review Script SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: Meeplace Business Review Script - 'id' SQL Injection Exploit Author: Ahmet Ümit BAYRAM Vendor Homepage: http://www.meeplace.com Demo Site: http://demo.meeplace.com Version: Lastest Tested on: Kali Linux CVE: N/A ----- PoC: SQLi...

0.4AI score
Exploits0
0day.today
0day.today
added 2019/03/25 12:0 a.m.76 views

VMware Workstation 14.1.5 / VMware Player 15.0.2 - Host VMX Process Impersonation Hijack Privilege

The VMX process vmware-vmx.exe process configures and hosts an instance of VM. As is common with desktop virtualization platforms the VM host usually has privileged access into the OS such as mapping physical memory which represents a security risk. To mitigate this the VMX process is created wit...

6.5CVSS0.14757EPSS
Exploits2
0day.today
0day.today
added 2019/03/25 12:0 a.m.138 views

TCPDF 6.2.19 Deserialization / Remote Code Execution Exploit

TCPDF versions 6.2.19 and below suffer from a deserialization vulnerability that can allow for remote code execution. CVE-2018-17057: phar deserialization in TCPDF might lead to RCE --------------------------------------------------------------- Affected products ================= TCPDF While it ...

7.5CVSS0.7AI score0.26172EPSS
Exploits7
0day.today
0day.today
added 2019/03/24 12:0 a.m.304 views

Canarytokens 2019-03-01 - Detection Bypass Exploit

Exploit Title: Canarytokens 2019-03-01 - Detection Bypass Exploit Author: Benjamin Zink Loft, Gionathan "John" Reale Vendor Homepage: https://thinkst.com/ Version: up to 2019-03-01 Software Link: https://github.com/thinkst/canarytokens Google Dork: N/A CVE: 2019-9768...

7.5CVSS7.6AI score0.11682EPSS
Exploits3
0day.today
0day.today
added 2019/03/24 12:0 a.m.454 views

Rails 5.2.1 - Arbitrary File Content Disclosure Exploit

Exploit for multiple platform in category web applications ''' Exploit Title: File Content Disclosure on Rails Date: CVE disclosed 3/16 today's date is 3/20 Exploit Author: NotoriousRebel Vendor Homepage: https://rubyonrails.org/ Software Link: https://github.com/rails/rails Version: Versions...

7.9AI score0.98507EPSS
Exploits18
0day.today
0day.today
added 2019/03/24 12:0 a.m.274 views

snap - seccomp BBlacklist for TIOCSTI can be Circumvented Exploit

/ snap uses a seccomp filter to prevent the use of the TIOCSTI ioctl; in the source code, this filter is expressed as follows: TIOCSTI allows for faking input man ttyioctl TODO: this should be scaled back even more ioctl - !TIOCSTI In the X86-64 version of the compiled seccomp filter, this result...

7.5CVSS7.5AI score0.037EPSS
Exploits3
0day.today
0day.today
added 2019/03/24 12:0 a.m.352 views

DVD X Player 5.5.3 - .plf Buffer Overflow Exploit

Exploit for windows platform in category local exploits !/usr/bin/env python Exploit Title: DVD X Player 5.5.3 Buffer Overflow Date: 20.03.2019 Exploit Author: Paolo Perego - email protected Vendor Homepage: http://www.dvd-x-player.com Software Link:...

6.8CVSS0.2AI score0.04878EPSS
Exploits8
0day.today
0day.today
added 2019/03/24 12:0 a.m.368 views

uHotelBooking System - system_page SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: uHotelBooking System - 'systempage' SQL Injection Exploit Author: Ahmet Ümit BAYRAM Vendor Homepage: https://www.hotel-booking-script.com Demo Site: https://www.hotel-booking-script.com/demo/ Version: Lastest Tested on: Kali Lin...

0.2AI score
Exploits0
0day.today
0day.today
added 2019/03/24 12:0 a.m.249 views

The Company Business Website CMS - Multiple Vulnerabilities

Exploit for php platform in category web applications Exploit Title: The Company Business Website CMS - 'username' SQL Injection Exploit Author: Ahmet Ümit BAYRAM Vendor Homepage: https://www.codester.com/items/6806/the-company-business-website-cms Demo Site: http://thecompany.morkocbilisim.com...

7.4AI score
Exploits0
0day.today
0day.today
added 2019/03/21 12:0 a.m.51 views

NSS Netscape Certificate Sequences CERT_DecodeCertPackage() Crash Vulnerability

NSS suffers from a NULL dereference issue when parsing Netscape Certificate Sequences in CERTDecodeCertPackage. nss: CERTDecodeCertPackage crash with Netscape Certificate Sequences I noticed that the main entrypoint for decoding DER blobs in NSS, CERTDecodeCertPackage, actually handles multiple...

0.2AI score
Exploits0
0day.today
0day.today
added 2019/03/21 12:0 a.m.85 views

JFrog Artifactory Administrator Authentication Bypass Exploit

JFrog Artifactory versions prior to 6.8.7 suffer from an administrative access bypass vulnerability due to relying on an X-Forwarded-For header. JFrog Artifactory Administrator Authentication Bypass Introduction ============ JFrog Artifactory https://jfrog.com/artifactory/ is a popular universal...

9.2AI score0.53879EPSS
Exploits3
0day.today
0day.today
added 2019/03/20 12:0 a.m.41 views

Netartmedia PHP Dating Site - SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: Netartmedia Php Dating Site - SQL Injection Exploit Author: Ahmet Ümit BAYRAM Vendor Homepage: https://www.netartmedia.net/datingsite/ Demo Site: https://www.phpscriptdemos.com/dating/ Version: Lastest Tested on: Kali Linux CVE:...

0.1AI score
Exploits0
0day.today
0day.today
added 2019/03/20 12:0 a.m.102 views

NetShareWatcher 1.5.8.0 - Local SEH Buffer Overflow Exploit

Exploit for windows platform in category local exploits Exploit Title: NetShareWatcher 1.5.8.0 - SEH Buffer Overflow Vendor Homepage: http://netsharewatcher.nsauditor.com Software Link: http://netsharewatcher.nsauditor.com/downloads/NetShareWatchersetup.exe Exploit Author: Peyman Forouzan Tested...

0.1AI score
Exploits0
0day.today
0day.today
added 2019/03/20 12:0 a.m.34 views

Netartmedia PHP Business Directory 4.2 - SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: Netartmedia PHP Business Directory 4.2 - SQL Injection Exploit Author: Ahmet Ümit BAYRAM Vendor Homepage: https://www.phpbusinessdirectory.com/ Demo Site: https://www.bizwebdirectory.com/ Version: 4.2 Tested on: Kali Linux CVE:...

0.6AI score
Exploits0
0day.today
0day.today
added 2019/03/20 12:0 a.m.52 views

Netartmedia Deals Portal - Email SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: Netartmedia Deals Portal - 'Email' SQL Injection Exploit Author: Ahmet Ümit BAYRAM Vendor Homepage: https://www.netartmedia.net/dealsportal/ Demo Site: https://www.phpscriptdemos.com/deals/i Version: Lastest Tested on: Kali Linu...

0.3AI score
Exploits0
0day.today
0day.today
added 2019/03/20 12:0 a.m.71 views

PLC Wireless Router GPN2.4P21-C-CN - Incorrect Access Control Exploit

Exploit for hardware platform in category web applications Exploit Title: PLC Wireless Router GPN2.4P21-C-CN -Incorrect Access Control Exploit Author: Kumar Saurav Reference: https://0dayfindings.home.blog/2019/01/15/plc-wireless-router-gpn2-4p21-c-cn-incorrect-access-control/ Vendor: ChinaMobile...

0.2AI score0.07526EPSS
Exploits7
0day.today
0day.today
added 2019/03/20 12:0 a.m.26 views

Netartmedia Vlog System - email SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: Netartmedia Vlog System - 'email' SQL Injection Exploit Author: Ahmet Ümit BAYRAM Vendor Homepage: https://www.netartmedia.net/vlogsystem/ Demo Site: https://www.phpscriptdemos.com/vlogs/ Version: Lastest Tested on: Kali Linux...

0.1AI score
Exploits0
0day.today
0day.today
added 2019/03/20 12:0 a.m.42 views

Netartmedia PHP Mall 4.1 - SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: Netartmedia PHP Mall 4.1 - Multiple SQL Injection Exploit Author: Ahmet Ümit BAYRAM Vendor Homepage: https://www.netartmedia.net/mall/ Demo Site: https://www.phpscriptdemos.com/mall/ Version: 4.1 Tested on: Kali Linux CVE: N/A...

0.1AI score
Exploits0
0day.today
0day.today
added 2019/03/20 12:0 a.m.53 views

PLC Wireless Router GPN2.4P21-C-CN - Cross-Site Request Forgery Exploit

Exploit for hardware platform in category web applications Exploit Title: PLC Wireless Router GPN2.4P21-C-CN -Cross-Site Request Forgery CSRF Exploit Author: Kumar Saurav Reference: https://0dayfindings.home.blog/2019/01/15/plc-wireless-router-gpn2-4p21-c-cn-cross-site-request-forgery-csrf/ Vendo...

0.03041EPSS
Exploits7
0day.today
0day.today
added 2019/03/20 12:0 a.m.98 views

Netartmedia PHP Car Dealer - SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: Netartmedia PHP Car Dealer- SQL Injection Exploit Author: Ahmet Ümit BAYRAM Vendor Homepage: https://www.netartmedia.net/autodealer/ Demo Site: https://www.phpscriptdemos.com/autodealer/ Version: Lastest Tested on: Kali Linux CV...

0.2AI score
Exploits0
0day.today
0day.today
added 2019/03/20 12:0 a.m.26 views

Netartmedia PHP Real Estate Agency 4.0 - SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: Netartmedia PHP Real Estate Agency 4.0 - SQL Injection Exploit Author: Ahmet Ümit BAYRAM Vendor Homepage: https://www.netartmedia.net/propertyagency/ Demo Site: https://www.phpscriptdemos.com/agency/ Version: 4.0 Tested on: Kali...

0.1AI score
Exploits0
0day.today
0day.today
added 2019/03/20 12:0 a.m.42 views

202CMS v10beta - Multiple SQL Injection Vulnerabilities

Exploit for php platform in category web applications =========================================================================================== Exploit Title: 202CMS - 'loguser' SQL Inj. Exploit Author: Mehmet EMIROGLU Vendor Homepage: https://sourceforge.net/projects/b202cms/ Software Link:...

Exploits0
0day.today
0day.today
added 2019/03/19 12:0 a.m.76 views

Advanced Host Monitor 11.92 beta - Local Buffer Overflow Exploit

Exploit for windows platform in category local exploits !/usr/bin/env python ------------------------------------------------------------------------------------------------------------------------------------ Exploit: Advanced Host Monitor 11.92 beta - Local Buffer Overflow EggHunter Date:...

7.2AI score
Exploits0
0day.today
0day.today
added 2019/03/19 12:0 a.m.41 views

eNdonesia Portal 8.7 - Multiple Vulnerabilities

Exploit for php platform in category web applications =========================================================================================== Exploit Title: eNdonesia Portal 'banners.php' SQL Inj. Dork: N/A Date: 19-03-2019 Exploit Author: Mehmet EMIROGLU Vendor Homepage:...

0.3AI score
Exploits0
0day.today
0day.today
added 2019/03/19 12:0 a.m.129 views

Gila CMS 1.9.1 - Cross-Site Scripting Vulnerability

Exploit for php platform in category web applications Exploit Title: Gila CMS search Cross Site Scripting Google Dork: intext:"Powered By Gila CMS" Exploit Author: Ahmet Ümit BAYRAM Vendor Homepage: https://gilacms.com Software Link: https://gilacms.com/packages/downloadRelease/1.9.1.zip Demo Sit...

0.1AI score0.02261EPSS
Exploits5
0day.today
0day.today
added 2019/03/19 12:0 a.m.53 views

Google Chrome < M73 - MidiManagerWin Use-After-Free Exploit

Google Chrome M73 - MidiManagerWin Use-After-Free Exploit MidiManagerWin uses a similar instanceid mechanism to the TaskService implementation to ensure that delayed tasks are only executed if the MidiManager instance that they were scheduled on is still alive. However, this instanceid is an int,...

8.8CVSS0.6AI score0.07287EPSS
Exploits1
0day.today
0day.today
added 2019/03/19 12:0 a.m.75 views

Microsoft VBScript - VbsErase Memory Corruption Exploit

r eax=0000600c ebx=05dc10dc ecx=00000000 edx=00000000 esi=13371337 edi=05c5ca44 eip=6e0fc9fa esp=05c5ca28 ebp=05c5ca48 iopl=0 nv up ei pl zr na pe nc cs=0023 ss=002b ds=002b es=002b fs=0053 gs=002b efl=00010246 VBSCRIPT!VbsErase+0x5a: 6e0fc9fa 8b3e mov edi,dword ptr esi ds:002b:13371337=????????...

7.5CVSS0.6AI score0.3126EPSS
Exploits1
0day.today
0day.today
added 2019/03/19 12:0 a.m.68 views

Microsoft Edge - Flash click2play Bypass with CObjectElement::FinalCreateObject Exploit

Microsoft Edge - Flash click2play Bypass with CObjectElement::FinalCreateObject Exploit Attached is a PoC file that bypasses Flash click2play in Microsoft Edge. This was tested on Windows 10 64bit v 1809 with the latest patches applied. The PoC currently loads a swf from wwwimages.adobe.com...

5.3CVSS0.1AI score0.10514EPSS
Exploits1
0day.today
0day.today
added 2019/03/19 12:0 a.m.75 views

exacqVision 9.8 Unquoted Service Path Privilege Escalation Vulnerability

exacqVision version 9.8 suffers from an unquoted search path issue impacting the services exacqVisionServer, dvrdhcpserver and mdnsresponder for Windows deployed as part of exacqVision software application. This could potentially allow an authorized but non-privileged local user to execute...

7.8AI score
Exploits0
0day.today
0day.today
added 2019/03/19 12:0 a.m.29 views

Netartmedia Real Estate Portal 5.0 - SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: Netartmedia Real Estate Portal 5.0 - Multiple SQL Injection Date: 19.03.2019 Exploit Author: Ahmet Ümit BAYRAM Vendor Homepage: https://www.netartmedia.net/realestate/ Demo Site: https://www.phpscriptdemos.com/realestate/ Versio...

0.2AI score
Exploits0
0day.today
0day.today
added 2019/03/19 12:0 a.m.20 views

libseccomp < 2.4.0 - Incorrect Compilation of Arithmetic Comparisons Exploit

When libseccomp compiles filters for 64-bit systems, it needs to split 64-bit comparisons into 32-bit comparisons because classic BPF can't operate on 64-bit values directly. libseccomp offers both bitwise comparisons NE, EQ, MASKEDEQ and arithmetic comparisons LT, LE, GE, GT. Bitwise comparisons...

7.1AI score
Exploits0
0day.today
0day.today
added 2019/03/19 12:0 a.m.87 views

Microsoft Internet Explorer 11 - VBScript Execution Policy Bypass in MSHTML Exploit

!-- Windows: Windows: IE11 VBScript execution policy bypass in MSHTML Platform: Windows 10 1809 not tested earlier Class: Security Feature Bypass Summary: MSHTML only checks for the CLSID associated with VBScript when blocking in the Internet Zone, but doesn’t check other VBScript CLSIDs which...

4.3CVSS0.3AI score0.48501EPSS
Exploits6
0day.today
0day.today
added 2019/03/19 12:0 a.m.41 views

Google Chrome < M73 - Double-Destruction Race in StoragePartitionService Exploit

Google Chrome M73 - Double-Destruction Race in StoragePartitionService There's a race condition in the destruction of the BindingState for bindings to the StoragePartitionService. It looks like the root cause of the issue is that since we can get two concurrent calls to callbacks returned from...

7.4AI score
Exploits0
0day.today
0day.today
added 2019/03/19 12:0 a.m.27 views

Netartmedia Jobs Portal 6.1 - SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: Netartmedia Jobs Portal 6.1 - SQL Injection Exploit Author: Ahmet Ümit BAYRAM Vendor Homepage: https://www.netartmedia.net/jobsportal/ Demo Site: https://www.ittjobs.com/ Version: 6.1 Tested on: Kali Linux CVE: N/A ----- PoC SQL...

0.3AI score
Exploits0
0day.today
0day.today
added 2019/03/19 12:0 a.m.57 views

Google Chrome < M73 - Data Race in ExtensionsGuestViewMessageFilter Exploit

Google Chrome M73 - Data Race in ExtensionsGuestViewMessageFilter Exploit There appears to be a race condition in the destruction of the ExtensionsGuestViewMessageFilter if the ProcessIdToFilterMap is modified concurrently. See the comment in the code:...

7.5CVSS8.2AI score0.04674EPSS
Exploits1
0day.today
0day.today
added 2019/03/19 12:0 a.m.48 views

Netartmedia Event Portal 2.0 - Email SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: Netartmedia Event Portal 2.0 - 'Email' SQL Injection Date: 19.03.2019 Exploit Author: Ahmet Ümit BAYRAM Vendor Homepage: https://www.netartmedia.net/eventportal/ Demo Site: https://www.phpscriptdemos.com/events/ Version: 2.0...

0.1AI score
Exploits0
0day.today
0day.today
added 2019/03/19 12:0 a.m.153 views

MyBB Upcoming Events Plugin 1.32 - Cross-Site Scripting Vulnerability

Exploit for php platform in category web applications Exploit Title: MyBB Upcoming Events Plugin 1.32 - Cross-Site Scripting Author: 0xB9 Twitter: @0xB9Sec Contact: 0xB9atpm.me Software Link: https://community.mybb.com/mods.php?action=view&pid=1231 Version: 1.32 Tested on: Ubuntu 18.04 CVE:...

4.3CVSS0.03393EPSS
Exploits5
0day.today
0day.today
added 2019/03/19 12:0 a.m.59 views

Google Chrome < M73 - FileSystemOperationRunner Use-After-Free Exploit

Google Chrome operation OperationID id = nextoperationid++; // TODOhttps://crbug.com/864351: Diagnostic to determine whether OperationID // wrap-around is occurring in the wild. DCHECKoperations.findid == operations.end; // ! If id already in operations, this will free operation...

8.8CVSS0.4AI score0.07151EPSS
Exploits1
0day.today
0day.today
added 2019/03/19 12:0 a.m.294 views

Jenkins 2.137 and Pipeline Groovy Plugin 2.61 - ACL Bypass and Metaprogramming RCE Exploit

This Metasploit module exploits a vulnerability in Jenkins dynamic routing to bypass the Overall/Read ACL and leverage Groovy metaprogramming to download and execute a malicious JAR file. The ACL bypass gadget is specific to Jenkins versions 2.137 and below and will not work on later versions of...

8.8CVSS0.1AI score0.98428EPSS
Exploits17
0day.today
0day.today
added 2019/03/18 12:0 a.m.77 views

TheCarProject v2 - Multiple SQL Injection Vulnerability

Exploit for php platform in category web applications =========================================================================================== Exploit Title: TheCarProject v2 - 'manid' SQL Inj. Exploit Author: Mehmet EMIROGLU Vendor Homepage: https://thecarproject.org/ Software Link:...

Exploits0
0day.today
0day.today
added 2019/03/18 12:0 a.m.31 views

BMC Patrol Agent - Privilege Escalation Cmd Execution Exploit

This Metasploit module leverages the remote command execution feature provided by the BMC Patrol Agent software. It can also be used to escalate privileges on Windows hosts as the software runs as SYSTEM but only verifies that the password of the provided user is correct. This also means if the...

7.8CVSS0.8AI score0.07488EPSS
Exploits6
0day.today
0day.today
added 2019/03/18 12:0 a.m.416 views

WinRAR 5.61 - Path Traversal Exploit

Exploit for windows platform in category local exploits !/usr/bin/env python3 import os import re import zlib import binascii The archive filename you want rarfilename = "test.rar" The evil file you want to run evilfilename = "calc.exe" The decompression path you want, such shown below...

6.8CVSS7.6AI score0.96274EPSS
Exploits13
0day.today
0day.today
added 2019/03/16 12:0 a.m.359 views

BMC Patrol Agent Privilege Escalation / Command Execution Exploit

This Metasploit module leverages the remote command execution feature provided by the BMC Patrol Agent software. It can also be used to escalate privileges on Windows hosts as the software runs as SYSTEM but only verifies that the password of the provided user is correct. This also means if the...

7.8CVSS1AI score0.07488EPSS
Exploits6
0day.today
0day.today
added 2019/03/16 12:0 a.m.377 views

Webmin 1.900 Upload Authenticated Remote Command Execution Exploit

This Metasploit module exploits an arbitrary command execution vulnerability in Webmin 1.900 and lower versions. Any user authorized to the "Upload and Download" module can execute arbitrary commands with root privileges. In addition, if the Running Processes proc privilege is set the user can...

0.6AI score
Exploits0
0day.today
0day.today
added 2019/03/16 12:0 a.m.75 views

WinAVI iPod/3GP/MP4/PSP Converter 4.4.2 Local Dos Exploit

Exploit Title: WinAVI iPod/3GP/MP4/PSP Converter 4.4.2 Local Dos Exploit Date: 16.03.2019 Vendor Homepage:http://www.winavi.com Software Link: http://www.winavi.com/user/download/WinAVIiPod3GPMP4PSPConverter.exe Exploit Author: Achilles Tested Version: 4.4.2 Tested on: Windows XP SP3 EN Windows 7...

0.1AI score
Exploits0
0day.today
0day.today
added 2019/03/15 12:0 a.m.137 views

Laundry CMS - Multiple Vulnerabilities

Exploit for php platform in category web applications =========================================================================================== Exploit Title: Laundry CMS clothcode SQL Inj. Dork: N/A Date: 09-03-2019 Exploit Author: Mehmet EMIROGLU Vendor Homepage: http://laundry.rpcits.co.in/...

0.1AI score
Exploits0
0day.today
0day.today
added 2019/03/15 12:0 a.m.84 views

Mail Carrier 2.5.1 - MAIL FROM Buffer Overflow Exploit

Exploit Title: Tabs Mail Carrier 2.5.1 MAIL FROM: Buffer Overflow Exploit Author: Joseph McDonagh Vendor Homepage: N/A Software Link: N/A Version: Mail Carrier 2.5.1 Tested on: Windows Vista Home Basic SP2 CVE: None !/usr/bin/python This script started from PWK, Chapter 6 I am re-purposing it Tab...

Exploits0
0day.today
0day.today
added 2019/03/15 12:0 a.m.71 views

NetData 1.13.0 - HTML Injection Vulnerability

Exploit for multiple platform in category web applications Author: Marcelo Vázquez aka s4vitar NetData v1.13.0 HTML Injection Vulnerability Exploit Title: NetData v1.13.0 HTML Injection Vulnerability Exploit Author: Marcelo Vázquez aka s4vitar Collaborators: Victor Lasa aka vowkin Vendor Homepage...

7.1AI score
Exploits0
0day.today
0day.today
added 2019/03/15 12:0 a.m.1636 views

Moodle 3.4.1 - Remote Code Execution Exploit

Exploit for php platform in category web applications php MoodleExploit.php url=http://example.com user=teacher pass=password ip=10.10.10.10 port=1010 course=1 user The account username pass The password to the account ip Callback IP port Callback Port course Valid course ID belonging to the...

6.5CVSS8.8AI score0.32234EPSS
Exploits5
0day.today
0day.today
added 2019/03/15 12:0 a.m.99 views

ICE HRM 23.0 - Multiple Vulnerabilities

Exploit for php platform in category web applications =========================================================================================== Exploit Title: ICE HRM - ’ob’ SQL Inj. Dork: N/A Date: 14-03-2019 Exploit Author: Mehmet EMIROGLU Vendor Homepage: http://icehrm.org Software Link:...

0.2AI score
Exploits0
Total number of security vulnerabilities39001