Lucene search
K

39001 matches found

0day.today
0day.today
•added 2019/01/20 12:0 a.m.•33 views

7 Tik 1.0.1.0 - Denial of Service Exploit

Exploit Title: 7 Tik 1.0.1.0 - Denial of Service PoC Author: 0xB9 Twitter: @0xB9Sec Contact: 0xB9atpm.me Software Link: https://www.microsoft.com/store/productId/9NQL2QC8S935 Version: 1.0.1.0 Tested on: Windows 10 Proof of Concept: Run the python script, it will create a new file "PoC.txt" Copy t...

7.4AI score
Exploits0
0day.today
0day.today
•added 2019/01/20 12:0 a.m.•108 views

Mozilla Firefox 64 Information Disclosure Exploit

Mozilla Firefox versions 64 and below have an issue where an overly liberal same-origin policy for file URIs and a bug in the implementation of this policy make Firefox vulnerable to exposure of local files to a remote attacker. Product: Firefox Manufacturer: Mozilla Affected Versions: = 64 Teste...

7.2AI score
Exploits0
0day.today
0day.today
•added 2019/01/20 12:0 a.m.•27 views

Watchr 1.1.0.0 - Denial of Service Exploit

Exploit Title: Watchr 1.1.0.0 - Denial of Service PoC Author: 0xB9 Twitter: @0xB9Sec Contact: 0xB9atpm.me Software Link: https://www.microsoft.com/store/productId/9PN12GNX62VZ Version: 1.1.0.0 Tested on: Windows 10 Proof of Concept: Run the python script, it will create a new file "watchr.txt" Co...

7.4AI score
Exploits0
0day.today
0day.today
•added 2019/01/20 12:0 a.m.•28 views

Eco Search 1.0.2.0 - Denial of Service Exploit

Exploit Title: Eco Search 1.0.2.0 - Denial of Service PoC Author: 0xB9 Twitter: @0xB9Sec Contact: 0xB9atpm.me Software Link: https://www.microsoft.com/store/productId/9N05DCQP5C3W Version: 1.0.2.0 Tested on: Windows 10 Proof of Concept: Run the python script, it will create a new file "PoC.txt"...

7.4AI score
Exploits0
0day.today
0day.today
•added 2019/01/20 12:0 a.m.•31 views

SeoToaster Ecommerce / CRM / CMS 3.0.0 - Local File Inclusion Vulnerability

Exploit for php platform in category web applications Exploit Title: SeoToaster Ecommerce 3.0.0 - Local File Inclusion Exploit Author: Ihsan Sencan Vendor Homepage: https://www.seotoaster.com/shopping-cart/ Software Link: https://www.seotoaster.com/downloads/seotoaster.v3.0.0.zip Version: 3.0.0...

7.1AI score
Exploits0
0day.today
0day.today
•added 2019/01/20 12:0 a.m.•62 views

Microsoft Edge Chakra - InlineArrayPush Type Confusion Exploit

/ In Chakra, if you add a numeric property to an object having inlined properties, it will start transition to a new type where the space for some of previously inlined properties become for the pointer to the property slots and the pointer to the object array which stores numeric properties. For...

7.6CVSS0.4AI score0.62483EPSS
Exploits3
0day.today
0day.today
•added 2019/01/20 12:0 a.m.•51 views

Webmin 1.900 - Remote Command Execution Exploit

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' require 'uri' class MetasploitModule 'Webmin 1.900 - Remote Command Execution', 'Description' = %q This module exploits an arbitrary command execution...

Exploits0
0day.today
0day.today
•added 2019/01/20 12:0 a.m.•13 views

FastTube 1.0.1.0 - Denial of Service Exploit

Exploit Title: FastTube 1.0.1.0 - Denial of Service PoC Author: 0xB9 Twitter: @0xB9Sec Contact: 0xB9atpm.me Software Link: https://www.microsoft.com/store/productId/9MXS9JVDP25V Version: 1.0.1.0 Tested on: Windows 10 Proof of Concept: Run the python script, it will create a new file "PoC.txt" Cop...

7.4AI score
Exploits0
0day.today
0day.today
•added 2019/01/20 12:0 a.m.•49 views

Microsoft Windows CONTACT - Remote Code Execution Exploit

Exploit for windows platform in category local exploits + Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/MICROSOFT-WINDOWS-CONTACT-FILE-INSUFFECIENT-UI-WARNING-WEBSITE-LINK-ARBITRARY-CODE-EXECUTION.txt + ISR: ApparitionSec...

6.8AI score
Exploits0
0day.today
0day.today
•added 2019/01/20 12:0 a.m.•109 views

Siemens SICAM A8000 Series Denial Of Service Exploit

Exploit for windows platform in category web applications Product: SICAM A8000 Series Vendor: Siemens CSNC ID: CSNC-2019-002 CVE ID: CVE-2018-13798 Subject: SICAM Webinterface XXE DoS Risk: Medium CVSS 3.0 Base Score: 5.3 CVSS 3.0: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C Effect...

7.6AI score0.01986EPSS
Exploits2
0day.today
0day.today
•added 2019/01/20 12:0 a.m.•119 views

Microsoft Edge Chakra - InitClass Type Confusion Exploit

/ Issue description This is similar to issue 1702 https://www.exploit-db.com/exploits/46203 . This time, it uses an InitClass instruction to reach the SetIsPrototype method. PoC: / function opto, c, value o.b = 1; class A extends c o.a = value; function main for let i = 0; i 2000; i++ let o = a: ...

7.6CVSS0.1AI score0.82902EPSS
Exploits8
0day.today
0day.today
•added 2019/01/20 12:0 a.m.•65 views

Joomla Core 3.9.1 - Persistent Cross-Site Scripting in Global Configuration Textfilter Settings

Exploit for php platform in category web applications Exploit Title: Joomla Global Configuration Text Filter settings Stored XSS Vulnerability Exploit Author: Praveen Sutar , Twitter: @praveensutar123 Vendor Homepage: https://www.joomla.org/ Affected Versions: Joomla versions 2.5.0 through 3.9.1...

3.5CVSS5.7AI score0.035EPSS
Exploits5
0day.today
0day.today
•added 2019/01/20 12:0 a.m.•166 views

Pydio / AjaXplorer < 5.0.4 - Unauthenticated Arbitrary File Upload Exploit

Exploit for php platform in category web applications Exploit Title: Unauthenticated Arbitrary File Upload Vulnerability In Pydio/AjaXplorer 5.0.3 – 3.3.5 Exploit Author: @jazz Vendor Homepage: https://pydio.com/ Software Link:...

7.5CVSS6.5AI score0.07962EPSS
Exploits5
0day.today
0day.today
•added 2019/01/20 12:0 a.m.•33826 views

OpenSSH 7.6p1 SCP Client - Multiple Vulnerabilities (SSHtranger Things) Exploit

Exploit Title: SSHtranger Things Exploit Author: Mark E. Haase Vendor Homepage: https://www.openssh.com/ Software Link: download link if available Version: OpenSSH 7.6p1 Tested on: Ubuntu 18.04.1 LTS CVE : CVE-2019-6111, CVE-2019-6110 ''' Title: SSHtranger Things Author: Mark E. Haase Homepage:...

6.8CVSS0.58204EPSS
Exploits10
0day.today
0day.today
•added 2019/01/20 12:0 a.m.•117 views

Microsoft Edge Chakra - NewScObjectNoCtor or InitProto Type Confusion Exploit

NewScObjectNoCtor and InitProto opcodes are treated as having no side effects, but actually they can have via the SetIsPrototype method of the type handler that can cause transition to a new type. This can lead to type confusion in the JITed code. In the PoC, it overwrites the pointer to property...

7.6CVSS0.4AI score0.82902EPSS
Exploits10
0day.today
0day.today
•added 2019/01/20 12:0 a.m.•95 views

phpTransformer 2016.9 - SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: phpTransformer 2016.9 - SQL Injection Exploit Author: Ihsan Sencan Vendor Homepage: http://phptransformer.com/ Software Link: https://netcologne.dl.sourceforge.net/project/phptransformer/Version%202016.9/release2016.9.zip Versio...

0.1AI score
Exploits0
0day.today
0day.today
•added 2019/01/20 12:0 a.m.•27 views

phpTransformer 2016.9 - Directory Traversal Vulnerability

Exploit for php platform in category web applications Exploit Title: phpTransformer 2016.9 - Directory Traversal Exploit Author: Ihsan Sencan Vendor Homepage: http://phptransformer.com/ Software Link: https://netcologne.dl.sourceforge.net/project/phptransformer/Version%202016.9/release2016.9.zip...

0.3AI score
Exploits0
0day.today
0day.today
•added 2019/01/20 12:0 a.m.•98 views

Kentix MultiSensor-LAN 5.63.00 Authentication Bypass Vulnerability

Kentix MultiSensor-LAN versions 5.63.00 and below suffer from an authentication bypass vulnerability. The web based application is not using a usual session concept with a session cookie for managing authenticated user sessions. Some URLs are protected with HTTP Basic Authentication, but the user...

1.9AI score0.03636EPSS
Exploits3
0day.today
0day.today
•added 2019/01/20 12:0 a.m.•61 views

One Search 1.1.0.0 - Denial of Service Exploit

Exploit Title: One Search 1.1.0.0 - Denial of Service PoC Author: 0xB9 Twitter: @0xB9Sec Contact: 0xB9atpm.me Software Link: https://www.microsoft.com/store/productId/9PMR5QNS5LTL Version: 1.1.0.0 Tested on: Windows 10 Proof of Concept: Run the python script, it will create a new file "PoC.txt"...

7.4AI score
Exploits0
0day.today
0day.today
•added 2019/01/20 12:0 a.m.•57 views

Microsoft Edge Chakra - JsBuiltInEngineInterfaceExtensionObject::InjectJsBuiltInLibraryCode

/ The JsBuiltInEngineInterfaceExtensionObject::InjectJsBuiltInLibraryCode method is used to execute JsBuiltIn.js which initializes some builtin objects. Because it's essentially written in JavaScript, it needs to clear the disable-implicit-call flag before calling the JavaScript code, otherwise i...

7.6CVSS0.1AI score0.69455EPSS
Exploits3
0day.today
0day.today
•added 2019/01/20 12:0 a.m.•31 views

Oracle Reports Developer Component 12.2.1.3 - Cross-site Scripting Vulnerability

Exploit for php platform in category web applications Exploit Title: Cross-site Scripting XSS Exploit Author: Mohamed M.Fouad - From SecureMisr Company Vendor Homepage: https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html Version: 12.2.1.3 REQUIRED Tested on: Windows 10 CV...

7.1AI score0.06466EPSS
Exploits5
0day.today
0day.today
•added 2019/01/17 12:0 a.m.•24 views

Google Chrome V8 JavaScript Engine 71.0.3578.98 - Out-of-Memory in Invalid Array Length

function main var ar = ; forlet i = 0; i...

0.2AI score
Exploits0
0day.today
0day.today
•added 2019/01/17 12:0 a.m.•17 views

Spotify 1.0.96.181 - Proxy configuration Denial of Service Exploit

Exploit Title: Spotify 1.0.96.181 - "Proxy configuration" Denial of Service PoC Discovery by: Aaron V. Hernandez Vendor Homepage: https://www.spotify.com Software Link: https://www.spotify.com/mx/download/windows/ Tested Version: 1.0.96.181 Vulnerability Type: Denial of Service DoS Local Tested o...

7.4AI score
Exploits0
0day.today
0day.today
•added 2019/01/17 12:0 a.m.•37 views

NTPsec 1.1.2 - ntp_control Authenticated NULL Pointer Dereference Exploit

!/usr/bin/env python Exploit Title: ntpsec 1.1.2 authenticated NULL pointer exception Proof of concept Bug Discovery: Magnus Klaaborg Stubman @magnusstubman Exploit Author: Magnus Klaaborg Stubman @magnusstubman Website: https://dumpco.re/bugs/ntpsec-authed-npe Vendor Homepage: https://ntpsec.org...

6.5CVSS0.1AI score0.14076EPSS
Exploits5
0day.today
0day.today
•added 2019/01/17 12:0 a.m.•67 views

Microsoft Windows 10 - RestrictedErrorInfo Unmarshal Section Handle Use-After-Free Exploit

Windows: RestrictedErrorInfo Unmarshal Section Handle UAF EoP Platform: Windows 10 1709/1809 Class: Elevation of Privilege Security Boundary per Windows Security Service Criteria: User boundary Summary: The WinRT RestrictedErrorInfo doesn’t correctly check the validity of a handle to a section...

7.8CVSS7.6AI score0.02995EPSS
Exploits2
0day.today
0day.today
•added 2019/01/17 12:0 a.m.•65 views

blueman - set_dhcp_handler D-Bus Privilege Escalation Exploit

Exploit for linux platform in category local exploits This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'blueman setdhcphandler D-Bus Privilege Escalation', 'Description' = %q This module attempts...

7.2CVSS0.3AI score0.0634EPSS
Exploits4
0day.today
0day.today
•added 2019/01/17 12:0 a.m.•52 views

WebKit JSC JIT - GetIndexedPropertyStorage Use-After-Free Exploit

/ The doesGC function simply takes a node, and tells if it might cause a garbage collection. This function is used to determine whether to insert write barriers. But it's missing GetIndexedPropertyStorage that can cause a garbage collection via rope strings. As a result, it can lead to UaF. PoC: ...

8.8CVSS0.3AI score0.05827EPSS
Exploits2
0day.today
0day.today
•added 2019/01/17 12:0 a.m.•32 views

NTPsec 1.1.2 - config Authenticated Out-of-Bounds Write Denial of Service Exploit

!/usr/bin/env python Exploit Title: ntpsec 1.1.2 authenticated out of bounds write proof of concept DoS Bug Discovery: Magnus Klaaborg Stubman @magnusstubman Exploit Author: Magnus Klaaborg Stubman @magnusstubman Website: https://dumpco.re/bugs/ntpsec-authed-oobwrite Vendor Homepage:...

6.5CVSS0.1AI score0.1371EPSS
Exploits5
0day.today
0day.today
•added 2019/01/17 12:0 a.m.•82 views

Microsoft Windows 10 - XmlDocument Insecure Sharing Privilege Escalation Exploit

Exploit for windows platform in category local exploits Windows: XmlDocument Insecure Sharing Elevation of Privilege Platform: Windows 10 1809 almost certainly earlier versions as well. Class: Elevation of Privilege Security Boundary per Windows Security Service Criteria: AppContainer Sandbox...

4.4CVSS8.1AI score0.0243EPSS
Exploits2
0day.today
0day.today
•added 2019/01/17 12:0 a.m.•45 views

NTPsec 1.1.2 - ntp_control Out-of-Bounds Read Exploit

!/usr/bin/env python Exploit Title: ntpsec 1.1.2 OOB read Proof of concept Bug Discovery: Magnus Klaaborg Stubman @magnusstubman Exploit Author: Magnus Klaaborg Stubman @magnusstubman Website: https://dumpco.re/bugs/ntpsec-oobread2 Vendor Homepage: https://ntpsec.org/ Software Link:...

9.1CVSS9.3AI score0.45719EPSS
Exploits5
0day.today
0day.today
•added 2019/01/17 12:0 a.m.•40 views

NTPsec 1.1.2 - ctl_getitem Out-of-Bounds Read Exploit

!/usr/bin/env python Exploit Title: ntpsec 1.1.2 OOB read Proof of concept Bug Discovery: Magnus Klaaborg Stubman @magnusstubman Exploit Author: Magnus Klaaborg Stubman @magnusstubman Website: https://dumpco.re/bugs/ntpsec-oobread1 Vendor Homepage: https://ntpsec.org/ Software Link:...

9.1CVSS8.4AI score0.66881EPSS
Exploits5
0day.today
0day.today
•added 2019/01/15 12:0 a.m.•60 views

Microsoft Windows 10 - DSSVC DSOpenSharedFile Arbitrary File Open Privilege Escalation Exploit

Exploit for windows platform in category local exploits Windows: DSSVC DSOpenSharedFile Arbitrary File Open EoP Platform: Windows 10 1803 and 1809. Class: Elevation of Privilege Security Boundary per Windows Security Service Criteria: User boundary NOTE: This is one of multiple issues I’m reporti...

6.8CVSS7.5AI score0.25141EPSS
Exploits2
0day.today
0day.today
•added 2019/01/15 12:0 a.m.•17 views

ownDMS 4.7 - SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: ownDMS 4.7 - SQL Injection Exploit Author: Ihsan Sencan Vendor Homepage: http://www.owndms.com/ Software Link: https://datapacket.dl.sourceforge.net/project/owndms/owndms47.zip Version: 4.7 Category: Webapps Tested on:...

Exploits0
0day.today
0day.today
•added 2019/01/15 12:0 a.m.•78 views

Dokany 1.2.0.1000 - Stack-Based Buffer Overflow Privilege Escalation Exploit

Exploit for windows platform in category local exploits / Exploit Title - Dokany Stack-based Buffer Overflow Privilege Escalation Date - 14th January 2019 Discovered by - Parvez Anwar @parvezghh Vendor Homepage - http://dokan-dev.github.io Tested Version - 1.2.0.1000 Driver Version - 1.2.0.1000 -...

7.2CVSS0.3AI score0.01594EPSS
Exploits5
0day.today
0day.today
•added 2019/01/15 12:0 a.m.•55 views

Microsoft Windows 10 - DSSVC DSOpenSharedFile Arbitrary File Delete Privilege Escalation Exploit

Exploit for windows platform in category local exploits Windows: DSSVC DSOpenSharedFile Arbitrary File Delete EoP Platform: Windows 10 1803 and 1809. Class: Elevation of Privilege Security Boundary per Windows Security Service Criteria: User boundary NOTE: This is one of multiple issues I’m...

6.8CVSS0.2AI score0.20144EPSS
Exploits2
0day.today
0day.today
•added 2019/01/15 12:0 a.m.•56 views

Microsoft Windows 10 - Browser Broker Cross Session Privilege Escalation Exploit

Exploit for windows platform in category local exploits Windows: Browser Broker Cross Session EoP Platform: Windows 10 1803 not tested anything else. Class: Elevation of Privilege Security Boundary per Windows Security Service Criteria: Session Boundary Summary: The Browser Broker COM object...

6.8CVSS8.5AI score0.18617EPSS
Exploits2
0day.today
0day.today
•added 2019/01/15 12:0 a.m.•49 views

1Password < 7.0 - Denial of Service Exploit

Description The 1Password application 7.0 for Android is affected by a Denial Of Service vulnerability. By starting the activity com.agilebits.onepassword.filling.openyolo.OpenYoloDeleteActivity or com.agilebits.onepassword.filling.openyolo.OpenYoloRetrieveActivity from an external application...

5.9CVSS0.2AI score0.0789EPSS
Exploits2
0day.today
0day.today
•added 2019/01/15 12:0 a.m.•61 views

Microsoft Windows 10 - DSSVC MoveFileInheritSecurity Privilege Escalation Exploit

Exploit for windows platform in category local exploits Windows: DSSVC MoveFileInheritSecurity Multiple Issues EoP Platform: Windows 10 1803 and 1809. Class: Elevation of Privilege Security Boundary per Windows Security Service Criteria: User boundary NOTE: This is one of multiple issues I’m...

6.8CVSS0.6AI score0.19445EPSS
Exploits2
0day.today
0day.today
•added 2019/01/15 12:0 a.m.•62 views

Microsoft Windows 10 - DSSVC CanonicalAndValidateFilePath Security Feature Bypass Exploit

Exploit for windows platform in category local exploits Windows: DSSVC CanonicalAndValidateFilePath Security Feature Bypass Platform: Windows 10 1803 and 1809. Class: Security Feature Bypass/Elevation of Privilege Security Boundary per Windows Security Service Criteria: User boundary NOTE: This i...

6.8CVSS7.5AI score0.15845EPSS
Exploits2
0day.today
0day.today
•added 2019/01/15 12:0 a.m.•97 views

Microsoft Windows 10 - COM Desktop Broker Privilege Escalation Exploit

Exploit for windows platform in category local exploits Windows: COM Desktop Broker Elevation of Privilege Platform: Windows 10 1809 almost certainly earlier versions as well. Class: Elevation of Privilege Security Boundary per Windows Security Service Criteria: AppContainer Sandbox Summary: The...

4.6CVSS8.5AI score0.23425EPSS
Exploits12
0day.today
0day.today
•added 2019/01/15 12:0 a.m.•84 views

Microsoft Windows 10 - SSPI Network Authentication Session 0 Privilege Escalation Exploit

Exploit for windows platform in category local exploits Windows: SSPI Network Authentication Session 0 EoP Platform: Windows 10 1803/1809 not tested earlier versions Class: Elevation of Privilege Security Boundary per Windows Security Service Criteria: Session boundary Summary: Performing an NTLM...

4.6CVSS8.1AI score0.04718EPSS
Exploits2
0day.today
0day.today
•added 2019/01/14 12:0 a.m.•49 views

Cleanto 5.0 - SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: Cleanto 5.0 - SQL Injection Exploit Author: Ihsan Sencan Vendor Homepage: http://skymoonlabs.com/ Software Link: https://codecanyon.net/item/appointment-booking-software-for-cleaning-maintenance-businesses-cleanto/18397969...

7.1AI score
Exploits0
0day.today
0day.today
•added 2019/01/14 12:0 a.m.•56 views

PORTIER 4.4.4.2 / 4.4.4.6 Cryptographic Issues Exploit

Exploit for php platform in category web applications PORTIER 4.4.4.2 / 4.4.4.6 Cryptographic Issues Exploit Product: PORTIER Affected Versions: 4.4.4.2, 4.4.4.6 Tested Versions: 4.4.4.2, 4.4.4.6 Vulnerability Type: Cryptographic Issues CWE-310 Risk Level: HIGH Solution Status: Open Manufacturer...

0.4AI score0.01081EPSS
Exploits3
0day.today
0day.today
•added 2019/01/14 12:0 a.m.•53 views

Hootoo HT-05 - Remote Code Execution Exploit

require 'msf/core' require 'net/http' require "uri" class MetasploitModule 'Hootoo HT-05 remote shell exploit', 'Description' = %q This module tries to open a door in the device by exploiting the RemoteCodeExecution by creating a backdoor inside the device This exploit was written by Andrei Manol...

0.1AI score
Exploits0
0day.today
0day.today
•added 2019/01/14 12:0 a.m.•53 views

Live Call Support Widget 1.5 - Remote Code Execution / SQL Injection Vulnerabilities

Exploit for php platform in category web applications Exploit Title: Live Call Support 1.5 - Remote Code Execution / SQL Injection Exploit Author: Ihsan Sencan Vendor Homepage: http://ranksol.com/ Software Link:...

0.6AI score
Exploits0
0day.today
0day.today
•added 2019/01/14 12:0 a.m.•25 views

Find a Place CMS Directory 1.5 - SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: Locations CMS 1.5 - SQL Injection Exploit Author: Ihsan Sencan Vendor Homepage: https://themerig.com/ Software Link: https://codecanyon.net/item/locations-multipurpose-cms-directory-theme/21098597 Version: 1.0 Category: Webapps...

0.2AI score
Exploits0
0day.today
0day.today
•added 2019/01/14 12:0 a.m.•19 views

Lenovo R2105 - Cross-Site Request Forgery Exploit

Exploit for hardware platform in category web applications Exploit Title: Lenovo R2105 Remote Code Execution through CSRF Date: 01/14/2019 Exploit Author: Nathu Nandwani Website: http://nandtech.co/ Version: 1.0 Tested on: Windows 10 x64 Note: The administrator who opens the URL should be...

7.4AI score
Exploits0
0day.today
0day.today
•added 2019/01/14 12:0 a.m.•64 views

Horde Imp - imap_open Remote Command Execution

Exploit for php platform in category web applications Exploit Title: Horde Imp Unauthenticated Remote Command Execution Google Dork: inurl:/imp/login.php Exploit Author: Paolo Serracino - Pietro Minniti - Damiano Proietti Vendor Homepage: https://www.horde.org/apps/imp/ Software Link:...

7.1AI score
Exploits0
0day.today
0day.today
•added 2019/01/14 12:0 a.m.•30 views

Hucart CMS 5.7.4 - Cross-Site Request Forgery Vulnerability

Exploit for php platform in category web applications function posturl,fields var p = document.createElement"form"; p.action = url; p.innerHTML = fields; p.target = "self"; p.method = "post"; document.body.appendChildp; p.submit; function csrfhack var fields; fields += ""; fields += ""; fields +=...

6.8CVSS0.4AI score0.02979EPSS
Exploits5
0day.today
0day.today
•added 2019/01/14 12:0 a.m.•28 views

Bigcart - Ecommerce Multivendor System 1.0 - SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: Bigcart - Ecommerce Multivendor System 1.0 - SQL Injection Exploit Author: Ihsan Sencan Vendor Homepage: http://ocsolutions.co.in/ Software Link:...

7.1AI score
Exploits0
Total number of security vulnerabilities39001