Lucene search
K

39001 matches found

0day.today
0day.today
added 2018/12/11 12:0 a.m.42 views

Google Chrome 70.0.3538.77 Cross Site Scripting / Man-In-The-Middle Vulnerability

Exploit for windows platform in category local exploits Chrome: malicious WPAD server can proxy localhost leading to XSS in http://localhost:/ VERSION Chrome Version: 70.0.3538.77 stable Operating System: Windows 10 version 1803 When Chrome is installed on Windows and the user joins a malicious...

6.8AI score
Exploits0
0day.today
0day.today
added 2018/12/11 12:0 a.m.177 views

XNU POSIX Shared Memory Mapping Issue Exploit

Exploit for multiple platform in category local exploits XNU: POSIX shared memory mappings have incorrect maximum protection CVE-2018-4435 When the mmap syscall is invoked on a POSIX shared memory segment DTYPEPSXSHM, pshmmmap maps the shared memory segment's pages into the address space of the...

7.7AI score0.03092EPSS
Exploits2
0day.today
0day.today
added 2018/12/11 12:0 a.m.90 views

ZTE Home Gateway ZXHN H168N 2.2 Access Control Bypass Vulnerability

ZTE Home Gateway ZXHN H168N suffers from multiple access bypass and information disclosure vulnerabilities. POC: CVE-2018-7357 and CVE-2018-7358 Disclaimer: This POC is for Educational Purposes , I would Not be responsible for any misuse of the information mentioned in this blog post +...

6.7AI score0.89645EPSS
Exploits6
0day.today
0day.today
added 2018/12/09 12:0 a.m.35 views

i-doit CMDB 1.11.2 - Remote Code Execution Exploit

Exploit for php platform in category web applications Exploit Title: i-doit CMDB 1.11.2 - Remote Code Execution Exploit Author: Özkan Mustafa Akkuş AkkuS Contact: https://pentest.com.tr Vendor Homepage: https://www.i-doit.org/ Software Link: https://www.i-doit.org/i-doit-open-1-11-2/ Version:...

7.4AI score
Exploits0
0day.today
0day.today
added 2018/12/09 12:0 a.m.26 views

Textpad 8.1.2 - Denial Of Service Exploit

Exploit Title: Textpad 8.1.2 - Denial Of Service PoC Author: Gionathan "John" Reale Homepage: https://textpad.com Software Link: https://www.textpad.com/download/v81/win32/txpeng812-32.zip Tested Version: 8.1.2 Tested on OS: Windows 7 32-bit Steps to Reproduce: Run the python exploit script, it...

0.1AI score
Exploits0
0day.today
0day.today
added 2018/12/09 12:0 a.m.56 views

Adiscon LogAnalyzer 4.1.7 - Cross-Site Scripting Vulnerability

Exploit for php platform in category web applications Exploit Title: Adiscon LogAnalyzer 4.1.7 - Cross-Site Scripting Software Link: httpås://loganalyzer.adiscon.com/ https://github.com/rsyslog/loganalyzer Exploit Author: Gustavo Sorondo Contact: http://twitter.com/iampuky Website:...

0.1AI score0.18563EPSS
Exploits5
0day.today
0day.today
added 2018/12/09 12:0 a.m.35 views

DomainMOD 4.11.01 - DisplayName Cross-Site Scripting Vulnerability

Exploit for php platform in category web applications Exploit Title: DomainMOD 4.11.01 - Cross-Site Scripting Exploit Author: Mohammed Abdul Raheem Vendor Homepage: domainmod https://domainmod.org/ Software Link: domainmod https://github.com/domainmod/domainmod Version: v4.09.03 to v4.11.01 CVE :...

0.01514EPSS
Exploits5
0day.today
0day.today
added 2018/12/08 12:0 a.m.91 views

MiniShare 1.4.1 HEAD / POST Buffer Overflow Exploit

Hi!!! playing in 2006.... I have adapted the exploit to python Not only the GET method is vulnerable to BOF CVE-2004-2271. HEAD and POST methods are also vulnerable. The difference is minimal, both are exploited in the same way. Only 1 byte difference: GET = 3, HEAD and POST = 4 length...

9.8CVSS0.3AI score0.71908EPSS
Exploits11
0day.today
0day.today
added 2018/12/08 12:0 a.m.159 views

FutureNet NXR-G240 Series ShellShock Command Injection Exploit

-- coding: utf-8 -- Title: FutureNet NXR-G240 Series - "ShellShock" Remote Command Injection Author: Nassim Asrir You have a Q ? Contact me at: https://www.linkedin.com/in/nassim-asrir-b73a57122/ Vendor: http://www.centurysys.co.jp/ CVE: CVE-2014-6271 Greetz to : Nadia BENCHIKHA for the great hel...

10CVSS0.1AI score0.99999EPSS
Exploits131
0day.today
0day.today
added 2018/12/06 12:0 a.m.66 views

macOS 10.14.1 Carbon Core Memory corruption Vulnerability

CVE: CVE-2018-4463 Old and funny bug CVE-2018-4463 was patched by Apple in last macOS security update. Since 2015 Apple was exposing the users using Apple’s filesystem for stack overflow and infection by hidedd malware in DMG image. Insufficient patch for old vulnerability is the cause of problem...

9.3CVSS0.2AI score0.00796EPSS
Exploits1
0day.today
0day.today
added 2018/12/06 12:0 a.m.151 views

Chrome V8 Math.expm1 Incorrect Type Information Vulnerability

Chrome: V8: incorrect type information on Math.expm1 The typer sets the type of Math.expm1 to be UnionPlainNumber, NaN. This is missing the -0 case: Math.expm1-0 returns -0. Tracked in: https://bugs.chromium.org/p/chromium/issues/detail?id=880207 Here's a quick example that showcases the issue:...

0.1AI score
Exploits0
0day.today
0day.today
added 2018/12/05 12:0 a.m.98 views

Rockwell Automation Allen-Bradley 1752-EN2T/C, 1769-L33ER/A Cross Site Scripting Vulnerability

Exploit for hardware platform in category web applications Exploit Title: Rockwell Automation Allen-Bradley 1752-EN2T/C, 1769-L33ER/A LOGIX5333ER Cross Site Scripting Google Dork: N/A Date: 5/12/2018 Exploit Author: n4pst3r Vendor Homepage: https://www.rockwellautomation.com/ Software Link: unkn0...

7.4AI score
Exploits0
0day.today
0day.today
added 2018/12/05 12:0 a.m.38 views

HasanMWB 1.0 - SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: HasanMWB 1.0 - SQL Injection Exploit Author: Ihsan Sencan Vendor Homepage: https://sourceforge.net/projects/hasanmwb/ Software Link: https://netcologne.dl.sourceforge.net/project/hasanmwb/HasanMWB-v1.zip Version: 1.0 Category:...

0.1AI score
Exploits0
0day.today
0day.today
added 2018/12/04 12:0 a.m.43 views

DomainMOD 4.11.01 - Custom SSL Fields Cross-Site Scripting Vulnerability

Exploit for php platform in category web applications Exploit Title: DomainMOD 4.11.01 - Cross-Site Scripting Exploit Author: Mohammed Abdul Raheem Vendor Homepage: domainmod https://domainmod.org/ Software Link: domainmod https://github.com/DomainMod/DomainMod Version: v4.09.03 to v4.11.01 CVE :...

5.7AI score0.03316EPSS
Exploits6
0day.today
0day.today
added 2018/12/04 12:0 a.m.113 views

NEC Univerge Sv9100 WebPro - 6.00 - Predictable Session ID / Clear Text Password Storage

Exploit for hardware platform in category web applications ''' + Credits: hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/NEC-UNIVERGE-WEBPRO-v6.00-PREDICTABLE-SESSIONID-CLEARTEXT-PASSWORDS.txt + ISR: ApparitionSec Greetz: indoushka | Eduardo B...

0.17886EPSS
Exploits6
0day.today
0day.today
added 2018/12/04 12:0 a.m.36 views

FreshRSS 1.11.1 - Cross-Site Scripting Vulnerability

Exploit for php platform in category web applications...

1.8AI score0.04432EPSS
Exploits5
0day.today
0day.today
added 2018/12/04 12:0 a.m.15 views

Linux/x86 - /usr/bin/head -n99 cat etc/passwd Shellcode (61 Bytes)

; Exploit Title: /usr/bin/head -n99 cat etc/passwd poly shellcode-571.php ; Exploit Author: Nelis ; Version: 0.2 ; Tested on: Ubuntu 12.10 ; Filename: headpass.nasm ; SLAE-ID: 1327 ; Based on: http://shell-storm.org/shellcode/files/shellcode-571.php ;...

7.4AI score
Exploits0
0day.today
0day.today
added 2018/12/04 12:0 a.m.147 views

Rockwell Automation Allen-Bradley PowerMonitor 1000 - Incorrect Access Control Authentication Bypass

Exploit for hardware platform in category web applications Exploit Title: Rockwell Automation Allen-Bradley PowerMonitor 1000 - Incorrect Access Control Exploit Author: Luca.Chiou Vendor Homepage: https://www.rockwellautomation.com/ Version: 1408-EM3A-ENT B Tested on: It is a proprietary devices:...

0.3AI score0.30295EPSS
Exploits4
0day.today
0day.today
added 2018/12/04 12:0 a.m.38 views

Dolibarr ERP/CRM 8.0.3 - Cross-Site Scripting Vulnerability

Exploit for php platform in category web applications Exploit Title: Dolibarr ERP/CRM = 8.0.3 - Cross-Site Scripting CVE: CVE-2018-19799 Exploit Author: Özkan Mustafa Akkuş AkkuS Contact: https://pentest.com.tr Vendor Homepage: https://dolibarr.org Software Link:...

0.2AI score0.04479EPSS
Exploits5
0day.today
0day.today
added 2018/12/04 12:0 a.m.25 views

Wireshark - find_signature Heap Out-of-Bounds Read Vulnerability

The following crash due to a heap-based out-of-bounds read can be observed in an ASAN build of Wireshark current git master, by feeding a malformed file to tshark "$ ./tshark -nVxr /path/to/file": --- cut --- ==35788==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x62d0000e4400 at pc...

0.1AI score
Exploits0
0day.today
0day.today
added 2018/12/04 12:0 a.m.41 views

DomainMOD 4.11.01 - Owner name Field Cross-Site Scripting Vulnerability

Exploit for php platform in category web applications Exploit Title: DomainMOD 4.11.01 - Cross-Site Scripting Exploit Author: Mohammed Abdul Raheem Vendor Homepage: domainmod https://domainmod.org/ Software Link: domainmod https://github.com/domainmod/domainmod Version: v4.09.03 to v4.11.01 CVE :...

0.03316EPSS
Exploits6
0day.today
0day.today
added 2018/12/04 12:0 a.m.102 views

DomainMOD 4.11.01 - Custom Domain Fields Cross-Site Scripting Vulnerability

Exploit for php platform in category web applications Exploit Title: DomainMOD 4.11.01 - Cross-Site Scripting Exploit Author: Mohammed Abdul Raheem Vendor Homepage: domainmod https://domainmod.org/ Software Link: domainmod https://github.com/domainmod/domainmod Version: v4.09.03 to v4.11.01 CVE :...

0.01796EPSS
Exploits6
0day.today
0day.today
added 2018/12/04 12:0 a.m.30 views

CubeCart 6.2.2 Cross Site Scripting Vulnerability

Exploit for php platform in category web applications Reflected Cross-site Scripting Vulnerability in CubeCart 6.2.2 Information -------------------- Advisory by Netsparker Name: Reflected Cross-site Scripting Vulnerability in CubeCart Affected Software: CubeCart Affected Versions: 6.2.2 Homepage...

7.1AI score
Exploits0
0day.today
0day.today
added 2018/12/04 12:0 a.m.32 views

Emacs - movemail Privilege Escalation Exploit

This Metasploit module exploits a SUID installation of the Emacs movemail utility to run a command as root by writing to 4.3BSD's /usr/lib/crontab.local. The vulnerability is documented in Cliff Stoll's book The Cuckoo's Egg. This module requires Metasploit: https://metasploit.com/download Curren...

0.7AI score
Exploits0
0day.today
0day.today
added 2018/12/04 12:0 a.m.37 views

Wireshark - cdma2k_message_ACTIVE_SET_RECORD_FIELDS Stack Corruption Vulnerability

The following crash due to a stack-based out-of-bounds memory access can be observed in an ASAN build of Wireshark current git master, by feeding a malformed file to tshark "$ ./tshark -nVxr /path/to/file": Attached are three files which trigger the crash. --- cut --- ==25039==ERROR:...

0.6AI score
Exploits0
0day.today
0day.today
added 2018/12/04 12:0 a.m.55 views

NUUO NVRMini2 3.9.1 - Authenticated Command Injection Exploit

Exploit for php platform in category web applications Exploit Title: NUUO NVRMini2 Authenticated Command Injection Exploit Author: Artem Metla Vendor Homepage: https://www.nuuo.com/ProductNode.php?node=2 Version: 3.9.1 Tested on: NUUO NVRMini2 with firmware 3.9.1 CVE : CVE-2018-15716 Advisory:...

0.18498EPSS
Exploits5
0day.today
0day.today
added 2018/12/04 12:0 a.m.48 views

Linux/x64 - Reverse (0.0.0.0:1907/TCP) Shell Shellcode (119 Bytes)

/ reverse shell tcp 1907 port shellcode C language - Linux/x8664 Author : Kağan Çapar contact: email protected shellcode len : 119 bytes compilation: gcc -fno-stack-protector -z execstack reverse-shell.c -o reverse-shell Test: run your machine: nc -vlp 1907 and run exploit ./reverse-shell check...

0.2AI score
Exploits0
0day.today
0day.today
added 2018/12/04 12:0 a.m.69 views

Microsoft Lync for Mac 2011 - Injection Forced Browsing/Download Exploit

Exploit Title: Microsoft Lync for Mac 2011 Injection Forced Browsing/Download Author: @nyxgeek - TrustedSec Vendor Homepage: microsoft.com Software Link: https://www.microsoft.com/en-us/download/details.aspx?id=36517 CVE: CVE-2018-8474 Version: Lync:Mac 2011 14.4.3, likely earlier versions Tested...

7.5CVSS7.7AI score0.38177EPSS
Exploits5
0day.today
0day.today
added 2018/12/04 12:0 a.m.60 views

Xorg X11 Server (AIX) - Local Privilege Escalation Exploit

Exploit for aix platform in category local exploits Exploit Title: AIX Xorg X11 Server - Local Privilege Escalation Date: 29/11/2018 Exploit Author: @0xdono Original Discovery and Exploit: Narendra Shinde Vendor Homepage: https://www.x.org/ Platform: AIX Version: X Window System Version 7.1.1...

0.1AI score0.2704EPSS
Exploits39
0day.today
0day.today
added 2018/12/04 12:0 a.m.51 views

DomainMOD 4.11.01 - Registrar Cross-Site Scripting Vulnerability

Exploit for php platform in category web applications Exploit Title: DomainMOD 4.11.01 - Cross-Site Scripting Exploit Author: Mohammed Abdul Raheem Vendor Homepage: domainmod https://domainmod.org/ Software Link: domainmod https://github.com/DomainMod/DomainMod Version: v4.09.03 to v4.11.01 CVE :...

5.5AI score0.03316EPSS
Exploits6
0day.today
0day.today
added 2018/12/04 12:0 a.m.6278 views

OpenSSH < 7.7 - User Enumeration Exploit (2)

!/usr/bin/env python2 CVE-2018-15473 SSH User Enumeration by Leap Security @LeapSecurity https://leapsecurity.io Credits: Matthew Daley, Justin Gardner, Lee David Painter import argparse, logging, paramiko, socket, sys, os class InvalidUsernameException: pass malicious function to malform packet...

5.3CVSS0.98631EPSS
Exploits23
0day.today
0day.today
added 2018/12/04 12:0 a.m.134 views

HP Intelligent Management Java Deserialization Remote Code Execution Exploit

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett Packard Enterprise Intelligent Management Center. Authentication is not required to exploit this vulnerability. The specific flaw exists within the WebDMDebugServlet, which listens on TCP...

10CVSS0.1AI score0.80119EPSS
Exploits5
0day.today
0day.today
added 2018/12/03 12:0 a.m.37 views

PaloAlto Networks Expedition Migration Tool 1.0.106 - Information Disclosure Exploit

Exploit for linux platform in category web applications Exploit Title: PaloAlto Networks Expedition Migration Tool 1.0.106 - Information Disclosure Exploit Author: paragonsec @ Critical Start Vendor Homepage: https://live.paloaltonetworks.com/t5/Expedition-Migration-Tool/ct-p/migrationtool Softwa...

5CVSS7.7AI score0.0216EPSS
Exploits1
0day.today
0day.today
added 2018/12/03 12:0 a.m.53 views

Wordpress Advanced-Custom-Fields 5.7.7 Plugins - Cross-Site Scripting Vulnerability

Exploit for php platform in category web applications Exploit Title: Wordpress Plugins Advanced-custom-fields 5.7.7 - Cross-Site Scripting Google Dork: N/A Exploit Author: Loading Kura Kura Vendor Homepage: https://www.advancedcustomfields.com/ Software Link: https://www.advancedcustomfields.com/...

Exploits0
0day.today
0day.today
added 2018/12/03 12:0 a.m.19 views

Mozilla Firefox 63.0.1 - Denial of Service Exploit

Exploit Title: Mozilla Firefox 63.0.1 - Denial of Service PoC Exploit Author: SAIKUMAR CHEBROLU Vendor Homepage: https://www.mozilla.org/en-US/firefox/new/ Bugzilla report: https://bugzilla.mozilla.org/showbug.cgi?id=1504512 Version: Firefox 63.0.1 Tested on: Windows 10 CVE : No CVE is been...

7.4AI score
Exploits0
0day.today
0day.today
added 2018/12/03 12:0 a.m.32 views

KeyBase Botnet v1.5 - SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: KeyBase Botnet v1.5 - SQL Injection Vulnerability Google Dork: intitle:"KeyBase: Login" + intext:" Login to get access to your logs " Date: 3/12/2018 Exploit Author: n4pst3r Vendor Homepage: unkn0wn Software Link: unkn0wn Versio...

0.2AI score
Exploits0
0day.today
0day.today
added 2018/12/03 12:0 a.m.42 views

Fleetco Fleet Maintenance Management 1.2 - Remote Code Execution Exploit

Exploit for php platform in category web applications Exploit Title: Fleetco Fleet Maintenance Management 1.2 - Remote Code Execution Exploit Author: Özkan Mustafa Akkuş AkkuS Contact: https://pentest.com.tr Vendor Homepage: https://www.fleetco.space Software Link:...

7.4AI score
Exploits0
0day.today
0day.today
added 2018/12/03 12:0 a.m.87 views

CyberArk 9.7 - Memory Disclosure Exploit

Exploit Title: CyberArk 9.7 - Memory Disclosure Exploit Author: Thomas Zuk @Freakazoidile Vendor Homepage: https://www.cyberark.com/products/privileged-account-security-solution/enterprise-password-vault/ Version: 9.7 and 10 Tested on: Windows 2008, Windows 2012, Windows 7, Windows 8, Windows 10...

5.3CVSS5.2AI score0.14116EPSS
Exploits12
0day.today
0day.today
added 2018/12/03 12:0 a.m.40 views

Joomla JE Photo Gallery 1.1 Component - categoryid SQL Injection Exploit

Exploit for php platform in category web applications Exploit Title: Joomla! Component JE Photo Gallery 1.1 - SQL Injection Exploit Author: Ihsan Sencan Vendor Homepage: https://joomlaextensions.co.in Software Link:...

Exploits0
0day.today
0day.today
added 2018/12/03 12:0 a.m.19 views

PHP Server Monitor 3.3.1 - Cross-Site Request Forgery Vulnerability

Exploit for php platform in category web applications Exploit Title: PHP Server Monitor 3.3.1 - Cross-Site Request Forgery Exploit Author: Javier Olmedo Website: https://www.sidertia.com Google Dork: N/A Vendor: https://www.phpservermonitor.org/ Software Link:...

7.4AI score
Exploits0
0day.today
0day.today
added 2018/12/03 12:0 a.m.50 views

Apache Superset 0.23 - Remote Code Execution Exploit

Exploit for linux platform in category web applications Exploit Title: Apache Superset 0.23 - Remote Code Execution Exploit Author: David May email protected Vendor Homepage: https://superset.apache.org/ Software Link: https://github.com/apache/incubator-superset Version: Any before 0.23 Tested o...

9.8AI score0.53655EPSS
Exploits5
0day.today
0day.today
added 2018/12/03 12:0 a.m.52 views

Rockwell Automation Allen-Bradley PowerMonitor 1000 - Cross-Site Scripting Vulnerability

Exploit for hardware platform in category web applications Exploit Title: Rockwell Automation Allen-Bradley PowerMonitor 1000 - Cross-Site Scripting Exploit Author: Luca.Chiou Vendor Homepage: https://www.rockwellautomation.com/ Version: 1408-EM3A-ENT B Tested on: It is a proprietary devices:...

7.4AI score
Exploits0
0day.today
0day.today
added 2018/12/03 12:0 a.m.32 views

Budabot 4.0 - Denial of Service Exploit

Exploit Title: Budabot 4.0 - Denial of Service PoC Date: 2018-10-15 Exploit Author: Ryan Delaney Author Contact: email protected Vendor Homepage: http://budabot.com/ Software Link: http://budabot.com/forum/viewtopic.php?f=8&t=1413 Version: 0.6 - 4.0 Tested on: 4.0 CVE: CVE-2018-19290 1. Descripti...

9.8CVSS9.7AI score0.04048EPSS
Exploits6
0day.today
0day.today
added 2018/12/01 12:0 a.m.61 views

Tarantella Enterprise Security Bypass Vulnerability

Exploit for cgi platform in category web applications &ms=unique Where the parameter un is the username you know. You recive the message: "The content of this file must be language independent! This applet immediately loads a new document in a named frame here WebtopFrame, which will be so...

6.5CVSS0.02621EPSS
Exploits3
0day.today
0day.today
added 2018/12/01 12:0 a.m.46 views

knc (Kerberized NetCat) Denial Of Service Exploit

knc Kerberised NetCat versions before 1.11-1 are vulnerable to denial of service memory exhaustion that can be exploited remotely without authentication, possibly affecting another service running on the targeted host. Proof of concept included. Product "KNC is Kerberised NetCat. It works in...

7.5CVSS0.1AI score0.04044EPSS
Exploits3
0day.today
0day.today
added 2018/12/01 12:0 a.m.42 views

ATool 1.0.0.22 Stack Buffer Overflow Vulnerability

Exploit for windows platform in category local exploits Exploit Title: Kernel stack buffer overflow ATool - 1.0.0.22 0day CVE: CVE-2018-19650 Software Link: http://www.antiy.net/ Vendor Homepage: http://www.antiy.net/ http://www.antiy.net/ Category: Windows Attack Type: local Impact:Code...

0.00613EPSS
Exploits2
0day.today
0day.today
added 2018/12/01 12:0 a.m.132 views

Microsoft VBScript OLEAUT32!VariantClear / scrrun!VBADictionary::put_Item Use-After-Free

vbscript: use-after-free in OLEAUT32!VariantClear and scrrun!VBADictionary::putItem CVE-2018-8544 There is a use-after-free vulnerability possibly two vulnerabilities triggerable by the same PoC, see below in Microsoft VBScript. The vulnerability has been confirmed in Internet Explorer on Windows...

9.3CVSS1AI score0.47556EPSS
Exploits3
0day.today
0day.today
added 2018/12/01 12:0 a.m.35 views

Synaccess netBooter NP-02x/NP-08x 6.8 - Authentication Bypass Vulnerability

Exploit for cgi platform in category web applications Synaccess netBooter NP-02x/NP-08x 6.8 Authentication Bypass Vendor: Synaccess Networks Inc. Product web page: https://www.synaccess-net.com Affected version: NP-0201D ver 6.8C NP-02 ver 6.5C NP-02 ver 6.4BC NP-0801D ver 6.4A NP-08 ver 6.10 NP-...

7.1AI score
Exploits0
0day.today
0day.today
added 2018/12/01 12:0 a.m.62 views

Schneider Electric PLC - Session Calculation Authentication Bypass Exploit

Exploit for hardware platform in category web applications ! /usr/bin/env python ''' Copyright 2018 Photubiasc Exploit Title: Schneider Session Calculation - CVE-2017-6026 Date: 2018-09-30 Exploit Author: Deneut Tijl Vendor Homepage: www.schneider-electric.com Software Link:...

0.3182EPSS
Exploits5
0day.today
0day.today
added 2018/12/01 12:0 a.m.42 views

Apache Spark - Unauthenticated Command Execution Exploit

This Metasploit module exploits an unauthenticated command execution vulnerability in Apache Spark with standalone cluster mode through the REST API. It uses the function CreateSubmissionRequest to submit a malicious java class and triggers it. This module requires Metasploit:...

0.7AI score
Exploits0
Total number of security vulnerabilities39001