Lucene search
K

39001 matches found

0day.today
0day.today
added 2018/12/01 12:0 a.m.19 views

KPOT Botnet - File Download/Source Code Disclosure Vulnerability

Exploit for php platform in category web applications Exploit Title: KPOT Botnet - File Download/Source Code Disclosure Vulnerability Google Dork: n/a Date: 26/11/2018 Exploit Author: n4pst3r Vendor Homepage: unkn0wn Software Link: https://bhf.io/threads/515432/ Version: unkn0wn Tested on: Window...

7.4AI score
Exploits0
0day.today
0day.today
added 2018/12/01 12:0 a.m.41 views

xorg-x11-server < 1.20.3 - modulepath Local Privilege Escalation Exploit

Exploit for openbsd platform in category local exploits !/bin/sh raptorxorgy - xorg-x11-server LPE via modulepath switch Copyright c 2018 Marco Ivaldi A flaw was found in xorg-x11-server before 1.20.3. An incorrect permission check for -modulepath and -logfile options when starting Xorg. X server...

6.8AI score0.2704EPSS
Exploits40
0day.today
0day.today
added 2018/12/01 12:0 a.m.120 views

Linux Kernel 4.8 (Ubuntu 16.04) - Leak sctp Kernel Pointer Exploit

Exploit Title: Linux Kernel 4.8 Ubuntu 16.04 - Leak sctp kernel pointer Google Dork: - Date: 2018-11-20 Exploit Author: Jinbum Park Vendor Homepage: - Software Link: - Version: Linux Kernel 4.8 Ubuntu 16.04 Tested on: 4.8.0-36-generic 3616.04.1-Ubuntu SMP Sun Feb 5 09:39:57 UTC 2017 x8664 x8664...

7.5CVSS6.5AI score0.03763EPSS
Exploits4
0day.today
0day.today
added 2018/12/01 12:0 a.m.65 views

Moxa NPort W2x50A 2.1 OS Command Injection Vulnerability

Moxa NPort W2x50A products with firmware version 2.1 Build17112017 or lower are vulnerable to several authenticated OS command injection vulnerabilities. Moxa NPort W2x50A products with firmware version 2.1 Build17112017 or lower are vulnerable to several authenticated OS Command Injection...

9CVSS0.30868EPSS
Exploits6
0day.today
0day.today
added 2018/12/01 12:0 a.m.63 views

Schneider Electric PLC - Session Calculation Authentication Bypass Exploit

Exploit for hardware platform in category web applications ! /usr/bin/env python ''' Copyright 2018 Photubiasc Exploit Title: Schneider Session Calculation - CVE-2017-6026 Date: 2018-09-30 Exploit Author: Deneut Tijl Vendor Homepage: www.schneider-electric.com Software Link:...

0.3182EPSS
Exploits5
0day.today
0day.today
added 2018/12/01 12:0 a.m.133 views

Microsoft VBScript OLEAUT32!VariantClear / scrrun!VBADictionary::put_Item Use-After-Free

vbscript: use-after-free in OLEAUT32!VariantClear and scrrun!VBADictionary::putItem CVE-2018-8544 There is a use-after-free vulnerability possibly two vulnerabilities triggerable by the same PoC, see below in Microsoft VBScript. The vulnerability has been confirmed in Internet Explorer on Windows...

9.3CVSS1AI score0.47556EPSS
Exploits3
0day.today
0day.today
added 2018/12/01 12:0 a.m.62 views

Tarantella Enterprise Security Bypass Vulnerability

Exploit for cgi platform in category web applications &ms=unique Where the parameter un is the username you know. You recive the message: "The content of this file must be language independent! This applet immediately loads a new document in a named frame here WebtopFrame, which will be so...

6.5CVSS0.02621EPSS
Exploits3
0day.today
0day.today
added 2018/11/30 12:0 a.m.263 views

QQ Mail hijacking account 0day Exploit

Using 0day exploit you can hijack any account and take possession of the correspondence...

1.9AI score
Exploits0
0day.today
0day.today
added 2018/11/29 12:0 a.m.55 views

WebKit JSC JIT - ByteCodeParser::handleIntrinsicCall Type Confusion Exploit

WebKit JIT - ByteCodeParser::handleIntrinsicCall Type Confusion Exploit / case ArrayPushIntrinsic: ... if staticcastargumentCountIncludingThis = MINSPARSEARRAYINDEX return false; ArrayMode arrayMode = getArrayModemcurrentInstructionOPCODELENGTHopcall - 2.u.arrayProfile, Array::Write; ... This cod...

8.8CVSS8.3AI score0.05827EPSS
Exploits2
0day.today
0day.today
added 2018/11/29 12:0 a.m.37 views

WebKit JSC JIT - JSPropertyNameEnumerator Type Confusion Exploit

WebKit JSC JIT - JSPropertyNameEnumerator Type Confusion Exploit / When a for-in loop is executed, a JSPropertyNameEnumerator object is created at the beginning and used to store the information of the input object to the for-in loop. Inside the loop, the structure ID of the "this" object of ever...

8.8CVSS0.4AI score0.34173EPSS
Exploits2
0day.today
0day.today
added 2018/11/29 12:0 a.m.58 views

WebKit JSC - BytecodeGenerator::hoistSloppyModeFunctionIfNecessary Exploit

WebKit JSC - BytecodeGenerator::hoistSloppyModeFunctionIfNecessary Does not Invalidate the ForInContext Object / This is simillar to issue 1263 . When hoisting a function onto the outer scope, if it overwrites the iteration variable for a for-in loop it should invalidate the corresponding...

8.8CVSS0.1AI score0.06463EPSS
Exploits6
0day.today
0day.today
added 2018/11/28 12:0 a.m.40 views

Unitrends Enterprise Backup bpserverd Privilege Escalation Exploit

It was discovered that the Unitrends bpserverd proprietary protocol, as exposed via xinetd, has an issue in which its authentication can be bypassed. A remote attacker could use this issue to execute arbitrary commands with root privilege on the target system. This is very similar to...

7.5CVSS0.8AI score0.62464EPSS
Exploits7
0day.today
0day.today
added 2018/11/28 12:0 a.m.77 views

Mac OS X libxpc MITM Privilege Escalation Exploit

This Metasploit module exploits a vulnerability in libxpc on macOS versions 10.13.3 and below. The tasksetspecialport API allows callers to overwrite their bootstrap port, which is used to communicate with launchd. This port is inherited across forks: child processes will use the same bootstrap...

6.8CVSS0.1AI score0.1392EPSS
Exploits5
0day.today
0day.today
added 2018/11/28 12:0 a.m.42 views

PHP imap_open Remote Code Execution Exploit

The imapopen function within PHP, if called without the /norsh flag, will attempt to preauthenticate an IMAP session. On Debian based systems, including Ubuntu, rsh is mapped to the ssh binary. Ssh's ProxyCommand option can be passed from imapopen to execute arbitrary commands. While many custom...

0.3AI score
Exploits0
0day.today
0day.today
added 2018/11/28 12:0 a.m.33 views

TeamCity Agent XML-RPC Command Execution Exploit

This Metasploit module allows remote code execution on TeamCity Agents configured to use bidirectional communication via xml-rpc. In bidirectional mode the TeamCity server pushes build commands to the Build Agents over port TCP/9090 without requiring authentication. Up until version 10 this was t...

0.4AI score
Exploits0
0day.today
0day.today
added 2018/11/28 12:0 a.m.48 views

BMC Remedy 7.1 User Impersonation Vulnerability

Exploit for jsp platform in category web applications !-- Exploit Title: Impersonation may lead to incorrect user context in Remedy AR System Server in BMC Remedy 7.1 Exploit Author: Rafael Pedrero Vendor Homepage: http://www.bmc.com/ Software Link: http://www.bmc.com/ Version: Impersonation may...

4CVSS6.6AI score0.01581EPSS
Exploits2
0day.today
0day.today
added 2018/11/28 12:0 a.m.284 views

Linux Nested User Namespace idmap Limit Local Privilege Escalation Exploit

This Metasploit module exploits a vulnerability in Linux kernels 4.15.0 to 4.18.18, and 4.19.0 to 4.19.1, where broken uid/gid mappings between nested user namespaces and kernel uid/gid mappings allow elevation to root CVE-2018-18955. The target system must have unprivileged user namespaces enabl...

0.3AI score0.07611EPSS
Exploits24
0day.today
0day.today
added 2018/11/28 12:0 a.m.82 views

Cisco WebEx Meetings Privilege Escalation Vulnerability

A vulnerability in the update service of Cisco Webex Meetings Desktop App for Windows could allow a local attacker to elevate privileges. This vulnerability is related to a previous security issue fixed by Cisco in October. Affected versions include Cisco Webex Meetings Desktop App releases prior...

7.5AI score0.1602EPSS
Exploits14
0day.today
0day.today
added 2018/11/28 12:0 a.m.145 views

SonarSource SonarQube 7.3 Information Disclosure Vulnerability

Exploit for multiple platform in category web applications Exploit Title: SonarSource SonarQube 7.3 - Information Disclosure Vendor Homepage: https://www.sonarsource.com/ Software Link: https://www.sonarqube.org/downloads/ Version: 7.3 and prior CVE : CVE-2018-19413 Description: A vulnerability i...

4CVSS4.8AI score0.0115EPSS
Exploits1
0day.today
0day.today
added 2018/11/28 12:0 a.m.81 views

Avahi 0.7 Denial Of Service Vulnerability

Avahi-daemon in Avahi version through 0.7 inadvertently sends Legacy Unicast Responses to IPv4 unicast queries with source addresses that are not link-local, which allows remote attackers to cause a denial of service traffic amplification or obtain potentially sensitive information via port-5353...

6.8AI score
Exploits0
0day.today
0day.today
added 2018/11/27 12:0 a.m.125 views

phpMyAdmin 4.8.1 Authenticated Local File Inclusion Vulnerability

Exploit for php platform in category web applications Exploit Title: phpMyAdmin 4.8.1 - Authenticated Local File Inclusion Exploit Author: Lucian Ioan Nitescu Contact: https://twitter.com/LucianNitescu Webiste: https://nitesculucian.github.io Vendor Homepage: https://www.phpmyadmin.net/ Software...

6.5CVSS8.8AI score0.98391EPSS
Exploits20
0day.today
0day.today
added 2018/11/27 12:0 a.m.69 views

Netgear Unauthenticated Remote Command Execution Exploit

Netgear WN604 versions before 3.3.3 and WN802Tv2, WNAP210v2, WNAP320, WNDAP350, WNDAP360, and WNDAP660 versions before 3.5.5.0 allow remote attackers to execute arbitrary commands. This module requires Metasploit: https://metasploit.com/download Current source:...

10CVSS1.1AI score0.98325EPSS
Exploits5
0day.today
0day.today
added 2018/11/26 12:0 a.m.16 views

No-Cms 1.0 - order_by SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: No-Cms 1.0 - 'orderby' SQL Injection Exploit Author: Loading Kura Kura Vendor Homepage: https://github.com/goFrendiAsgard/No-CMS Software Link: https://codeload.github.com/goFrendiAsgard/No-CMS/zip/master Tested on: Win10/Kali...

0.1AI score
Exploits0
0day.today
0day.today
added 2018/11/26 12:0 a.m.65 views

ELBA5 5.8.0 - Remote Code Execution Exploit

Exploit Title: ELBA5 5.8.0 - Remote Code Execution Exploit Author: Florian Bogner Vendor Homepage: https://www.elba.at Vulnerable Software: https://www.elba.at/eBusiness/01template1/1206507788612244132-12065155957890496571206515641959948315-1292519691128454196-NA-38-NA.html Version: up to 5.8.0...

7.4AI score
Exploits0
0day.today
0day.today
added 2018/11/26 12:0 a.m.29 views

MariaDB Client 10.1.26 - Denial of Service Exploit

Exploit Title: MariaDB Client 10.1.26 - Denial of Service PoC Google Dork: None Date: 2018-11-16 Exploit Author: strider Software Link: https://github.com/MariaDB/server Version: mysql Ver 15.1 Distrib 10.1.26-MariaDB, for debian-linux-gnu x8664 using readline 5.2 Tested on: Debian 9 Stretch x64 ...

7.1AI score
Exploits0
0day.today
0day.today
added 2018/11/26 12:0 a.m.53 views

Zyxel VMG1312-B10D 5.13AAXA.8 - Directory Traversal Vulnerability

Exploit for hardware platform in category web applications Exploit Title: Zyxel VMG1312-B10D 5.13AAXA.8 - Directory Traversal Exploit Author: numan türle Vendor Homepage: https://www.zyxel.com/ Software Link:...

0.4AI score
Exploits0
0day.today
0day.today
added 2018/11/26 12:0 a.m.29 views

Consona Password Reset Security Bypass Vulnerability

Exploit for php platform in category web applications 8 years ago, I discovered this vulnerability, CVE-2010-1910, and now, you can see the details. https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1910 The login page, "/sdcxuser/asp/login.asp", had a commented access to the page that...

5.1CVSS6.8AI score0.02464EPSS
Exploits2
0day.today
0day.today
added 2018/11/26 12:0 a.m.45 views

Oracle Secure Global Desktop Administration Console 4.4 Cross Site Scripting Vulnerability

Oracle Secure Global Desktop Administration Console version 4.4 build 20080807152602 suffers from cross site scripting vulnerabilities. alert"XSS" helpFile=concepts.html&pageTitle=Administrator Help&mastheadUrl=/images/productNameSecondaryMasthead.png&mastheadDescription=Sun Secure Global Desktop...

4.3CVSS6.3AI score0.20457EPSS
Exploits3
0day.today
0day.today
added 2018/11/26 12:0 a.m.27 views

Arm Whois 3.11 - Buffer Overflow (ASLR) Exploit

Exploit for windows platform in category local exploits Exploit Title: Arm Whois 3.11 - Buffer Overflow ASLR Google Dork: if applicable Exploit Author: zephyr Vendor Homepage: http://www.armcode.com Software Link: http://www.armcode.com/downloads/arm-whois.exe Version: 3.11 Tested on: Windows Vis...

0.3AI score
Exploits0
0day.today
0day.today
added 2018/11/26 12:0 a.m.25 views

Cory Support 1.0 SQL Injection Vulnerability

Cory Support version 1.0 suffers from a remote time-based SQL injection vulnerability. ============================================================ Cory Support v1.0 - Time-Based SQL Injection in 'signin.php' ============================================================ Exploit Title: Cory Support...

0.3AI score
Exploits0
0day.today
0day.today
added 2018/11/26 12:0 a.m.18 views

Wordpress Easy Testimonials 3.2 Plugins - Cross-Site Scripting Vulnerability

Exploit for php platform in category web applications Exploit Title: Wordpress Plugins Easy Testimonials 3.2 - Cross-Site Scripting Exploit Author: Endust Vendor Homepage: https://wordpress.org/plugins/easy-testimonials/ Software Link: https://wordpress.org/plugins/easy-testimonials/ Version: 3.2...

Exploits0
0day.today
0day.today
added 2018/11/26 12:0 a.m.32 views

Ticketly 1.0 - kind_id SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: Ticketly 1.0 – Multiple SQL Injection Exploit Author: Javier Olmedo Website: https://hackpuntes.com Google Dork: N/A Vendor: Abisoft https://abisoftgt.net Software Link:...

0.03213EPSS
Exploits8
0day.today
0day.today
added 2018/11/26 12:0 a.m.476 views

Xorg X11 Server SUID Privilege Escalation Exploit

This Metasploit module attempts to gain root privileges with SUID Xorg X11 server versions 1.19.0 up to 1.20.3. A permission check flaw exists for -modulepath and -logfile options when starting Xorg. This allows unprivileged users that can start the server the ability to elevate privileges and ru...

0.3AI score0.2704EPSS
Exploits39
0day.today
0day.today
added 2018/11/25 12:0 a.m.58 views

WordPress Absolutely Glamorous Custom Admin 6.4.1 Database Disclosure Vulnerability

WordPress Absolutely Glamorous Custom Admin plugin version 6.4.1 suffers from a database disclosure vulnerability. Exploit Title : WordPress Absolutely Glamorous Custom Admin ag-custom-admin Plugin Database Backup Arbitrary File Download Vulnerability Author Discovered By : KingSkrupellos from...

0.4AI score
Exploits0
0day.today
0day.today
added 2018/11/25 12:0 a.m.65 views

Joomla Admin 3.7.4 Database Disclosure Vulnerability

Joomla comadmin component versions 2.5.4 through 3.7.4 suffer from a database disclosure vulnerability. Exploit Title : Joomla comadmin Components from V2.5.4 to V3.7.4 Database Backup Arbitrary File Download Vulnerability Author Discovered By : KingSkrupellos from Cyberizm Digital Security Army...

Exploits0
0day.today
0day.today
added 2018/11/25 12:0 a.m.30 views

WordPress Universal Post Manager 1.5.0 Database Disclosure Vulnerability

WordPress Universal Post Manager plugin version 1.5.0 suffers from a database disclosure vulnerability. Exploit Title : WordPress universal-post-manager 1.5.0 Plugins Database Backup Information Disclosure Vulnerability Author Discovered By : KingSkrupellos from Cyberizm Digital Security Army...

7.2AI score
Exploits0
0day.today
0day.today
added 2018/11/25 12:0 a.m.47 views

Joomla MacGallery Database Disclosure Vulnerability

The Joomla commacgallery component suffers from a database disclosure vulnerability. Exploit Title : Joomla commacgallery Components Apptha Install-Uninstall Database Backup Information Disclosure Vulnerability Author Discovered By : KingSkrupellos from Cyberizm Digital Security Army Vendor...

7.2AI score
Exploits0
0day.today
0day.today
added 2018/11/25 12:0 a.m.26 views

WordPress Pods 2.7.9 Database Disclosure Vulnerability

WordPress Pods plugin version 2.7.9 suffers from a database disclosure vulnerability. Exploit Title : WordPress Pods Plugins 2.7.9 Database Backup Arbitrary File Download Vulnerability Author Discovered By : KingSkrupellos from Cyberizm Digital Security Army Vendor Homepage : +...

6.9AI score
Exploits0
0day.today
0day.today
added 2018/11/21 12:0 a.m.61 views

Governikus Autent SDK 3.8.1 Signature Bypass Vulnerability

Governikus Autent SDK versions 3.8.1 and below suffer from a signature bypass vulnerability. This vulnerability could allow an attacker to impersonate any German citizen on a vulnerable web application. ======================================================================= title: Signature Bypas...

0.4AI score
Exploits0
0day.today
0day.today
added 2018/11/21 12:0 a.m.72 views

Miss Marple Enterprise Edition File Upload / Hardcoded AES Key Vulnerability

Exploit for windows platform in category local exploits ======================================================================= title: Multiple critical vulnerabilities product: Miss Marple Enterprise Edition vulnerable version: 2.0 fixed version: 2.0 CVE number: CVE-2018-19233, CVE-2018-19234...

7.9AI score0.03296EPSS
Exploits1
0day.today
0day.today
added 2018/11/21 12:0 a.m.18 views

WebOfisi E-Ticaret V4 - urun SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: WebOfisi E-Ticaret V4 - 'urun' SQL Injection Exploit Author: Özkan Mustafa Akkuş AkkuS Contact: https://pentest.com.tr Vendor Homepage: https://www.web-ofisi.com Software Demo: http://demobul.net/eticaretv4/ Software Link:...

0.1AI score
Exploits0
0day.today
0day.today
added 2018/11/21 12:0 a.m.25 views

Ticketly 1.0 - name SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: Ticketly 1.0 – 'name' SQL Injection Exploit Author: Javier Olmedo Website: https://hackpuntes.com Vendor: Abisoft https://abisoftgt.net Software Link: https://abisoftgt.net/software/6/sistema-de-tickets-y-soporte-con-php-y-mysql...

7.1AI score0.03213EPSS
Exploits8
0day.today
0day.today
added 2018/11/21 12:0 a.m.51 views

WordPress CherryFramework Themes 3.1.4 - Backup File Download Vulnerability

Exploit for php platform in category web applications Exploit Title: Wordpress CherryFramework Themes 3.1.4 - Backup File Download Google Dork: inurl:/wp-content/themes/CherryFramework Exploit Author: b1p0l4r Vendor Homepage: http://www.cherryframework.com/ Software Link:...

Exploits0
0day.today
0day.today
added 2018/11/21 12:0 a.m.349 views

Richfaces 3.x Remote Code Execution Vulnerability

Exploit for multiple platform in category web applications Original report+advisories: TITLE: ==================== Unauthenticated Remote Code execution in WebApps using Richfaces 3.X all versions. RESUME ==================== RichFaces Framework 3.X through 3.3.4 all versions is vulnerable to...

0.74171EPSS
Exploits6
0day.today
0day.today
added 2018/11/20 12:0 a.m.54 views

Ticketly 1.0 - Cross-Site Request Forgery (Add Admin) Vulnerability

Exploit for php platform in category web applications Exploit Title: Ticketly 1.0 - Cross-Site Request Forgery Add Admin Exploit Author: Javier Olmedo Website: https://hackpuntes.com Vendor: Abisoft https://abisoftgt.net Software Link:...

9.8AI score0.02426EPSS
Exploits5
0day.today
0day.today
added 2018/11/20 12:0 a.m.20 views

macOS 10.13 - workq_kernreturn Denial of Service Exploit

Exploit for macOS platform in category dos / poc Exploit Title: MacOS 10.13 - 'workqkernreturn' Denial of Service PoC Exploit Author: Fabiano Anemone Vendor Homepage: https://www.apple.com/ Version: iOS 11.4.1 / MacOS 10.13.6 Tested on: iOS / MacOS CVE: Not assigned Tweet:...

7.3AI score
Exploits0
0day.today
0day.today
added 2018/11/20 12:0 a.m.60 views

Zoho ManageEngine OpManager 12.3 Cross Site Scripting Vulnerability

Zoho ManageEngine OpManager versions 12.3 before build 123223 have a cross site scripting vulnerability via the updateWidget API. I. VULNERABILITY ------------------------- Zoho ManageEngine OpManager 12.3 before Build 123223 has XSS via the updateWidget API. II. CVE REFERENCE...

4.3CVSS0.6AI score0.02411EPSS
Exploits1
0day.today
0day.today
added 2018/11/20 12:0 a.m.87 views

Microsoft Windows - DfMarshal Unsafe Unmarshaling Privilege Escalation Exploit

Exploit for windows platform in category local exploits Windows: DfMarshal Unsafe Unmarshaling Elevation of Privilege Master Platform: Windows 10 1803 not tested earlier, although code looks similar on Win8+ Class: Elevation of Privilege Note, this is the master issue report for the DfMarshal...

8.6AI score0.03295EPSS
Exploits4
0day.today
0day.today
added 2018/11/20 12:0 a.m.58 views

Ricoh myPrint Hardcoded Credentials / Information Disclosure Vulnerability

Ricoh myPrint suffers from hardcoded application credential and information disclosure vulnerabilities. The myPrint windows client version 2.9.2.4 and myPrint android client version 2.2.7 are both affected. Exploit Title: Ricoh myPrint - Hardcoded application credentials and information disclosur...

9.3AI score0.21492EPSS
Exploits3
0day.today
0day.today
added 2018/11/20 12:0 a.m.41 views

Synaccess netBooter NP-02x / NP-08x 6.8 Authentication Bypass Vulnerability

Synaccess netBooter NP-02x and NP-08x version 6.8 suffer from an authentication bypass vulnerability due to a missing control check when calling the webNewAcct.cgi script while creating users. This allows an unauthenticated attacker to create an admin user account and bypass authentication giving...

0.6AI score
Exploits0
Total number of security vulnerabilities39001