Lucene search
K

39001 matches found

0day.today
0day.today
added 2018/11/20 12:0 a.m.80 views

ImageMagick - Memory Leak Exploit

Exploit for multiple platform in category local exploits !/bin/bash help echo "Usage poc generator: basename $0 gen WIDTHxHEIGHT NAME.xbm minimal" echo " Example gen: basename $0 gen 512x512 poc.xbm" echo "Usage result recovery: basename $0 recover SAVEDPREVIEW.png|jpeg|gif|etc" echo " Example...

4.3CVSS0.49324EPSS
Exploits3
0day.today
0day.today
added 2018/11/20 12:0 a.m.34 views

Synaccess netBooter NP-0801DU 7.4 Cross Site Request Forgery Vulnerability

Exploit for hardware platform in category web applications 0day.today 2018-12-12...

7.1AI score
Exploits0
0day.today
0day.today
added 2018/11/19 12:0 a.m.278 views

HTML Video Player 1.2.5 - Buffer-Overflow (SEH) Exploit

Exploit for windows platform in category local exploits Exploit Title: HTML Video Player 1.2.5 - Buffer-Overflow SEH Author: Kağan Çapar Software Link: http://www.html5videoplayer.net/html5videoplayer-setup.exe Vendor Homepage : http://www.html5videoplayer.net Tested Version: 1.2.5 Tested on OS:...

0.2AI score
Exploits0
0day.today
0day.today
added 2018/11/19 12:0 a.m.323 views

XMPlay 3.8.3 - .m3u Denial of Service Exploit

Exploit for windows platform in category dos / poc Exploit Title: XMPlay 3.8.3 - '.m3u' Denial of Service PoC Exploit Author: s7acktrac3 Vendor Homepage: https://www.xmplay.com/ Software Link: https://support.xmplay.com/filesview.php?fileid=676 Version: 3.8.3 latest Tested on: Windows XP/7/8 CVE ...

7.4AI score
Exploits0
0day.today
0day.today
added 2018/11/19 12:0 a.m.48 views

Microsoft Edge Chakra - OP_Memset Type Confusion Exploit

Exploit for windows platform in category dos / poc Microsoft Edge Chakra - OPMemset Type Confusion / Since the patch for CVE-2018-8372, it checks all inputs to native arrays, and if any input equals to the MissingItem value which can cause type confusion, it starts the bailout process. But it...

7AI score0.24766EPSS
Exploits4
0day.today
0day.today
added 2018/11/17 12:0 a.m.273 views

Budabot 4.0 Denial Of Service Vulnerability

Exploit for php platform in category dos / poc 4.0 Tested on: 4.0 CVE: CVE-2018-19290 1. Description In modules/HELPBOTMODULE in Budabot 0.6 through 4.0, lax syntax validation allows remote attackers to perform a command injection attack against the PHP daemon with a crafted command, resulting in...

9.7AI score0.04048EPSS
Exploits6
0day.today
0day.today
added 2018/11/16 12:0 a.m.283 views

Helpdezk 1.1.1 - Arbitrary File Upload Vulnerability

Exploit for php platform in category web applications Exploit Title: Helpdezk 1.1.1 - Arbitrary File Upload Exploit Author: Ihsan Sencan Vendor Homepage: http://www.helpdezk.org/ Software Link: https://netcologne.dl.sourceforge.net/project/helpdezk/helpdezk-1.1.1.zip Version: 1.1.1 Category:...

0.3AI score
Exploits0
0day.today
0day.today
added 2018/11/16 12:0 a.m.410 views

Linux - Broken uid/gid Mapping for Nested User Namespaces Exploit

Exploit for linux platform in category local exploits Linux - Broken uid/gid Mapping for Nested User Namespaces Exploit commit 6397fac4915a "userns: bump idmap limits to 340" increases the number of possible uid/gid mappings that a namespace can have from 5 to 340. This is implemented by switchin...

7AI score0.07611EPSS
Exploits24
0day.today
0day.today
added 2018/11/16 12:0 a.m.255 views

EverSync 0.5 - Arbitrary File Download Vulnerability

Exploit for php platform in category web applications Exploit Title: EverSync 0.5 - Arbitrary File Download Exploit Author: Ihsan Sencan Vendor Homepage: https://phpmassmail.sourceforge.io/ Software Link:...

Exploits0
0day.today
0day.today
added 2018/11/16 12:0 a.m.288 views

BitZoom 1.0 - rollno SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: BitZoom 1.0 - 'rollno' SQL Injection Exploit Author: Ihsan Sencan Vendor Homepage: https://bitzoom.sourceforge.io/ Software Link: https://excellmedia.dl.sourceforge.net/project/bitzoom/bitzoom-master.zip Version: 1.0 Category:...

0.2AI score
Exploits0
0day.today
0day.today
added 2018/11/16 12:0 a.m.285 views

Mumsoft Easy Software 2.0 - Denial of Service Exploit

Exploit for windows platform in category dos / poc Exploit Title: Mumsoft Easy Software 2.0 - Denial of Service PoC Exploit Author: Ihsan Sencan Vendor Homepage: https://www.munsoft.com/EasyRARRecovery/ Software Link:...

7.4AI score
Exploits0
0day.today
0day.today
added 2018/11/16 12:0 a.m.267 views

2-Plan Team 1.0.4 - Arbitrary File Upload Vulnerability

Exploit for php platform in category web applications Exploit Title: 2-Plan Team 1.0.4 - Arbitrary File Upload Exploit Author: Ihsan Sencan Vendor Homepage: http://2-plan.com/ Software Link: https://datapacket.dl.sourceforge.net/project/to-plan-team/1.1.0/2-plan-team.tgz Version: 1.0.4 Category:...

7.4AI score
Exploits0
0day.today
0day.today
added 2018/11/16 12:0 a.m.272 views

PHP Mass Mail 1.0 - Arbitrary File Upload Vulnerability

Exploit for php platform in category web applications Exploit Title: PHP Mass Mail 1.0 - Arbitrary File Upload Exploit Author: Ihsan Sencan Vendor Homepage: https://phpmassmail.sourceforge.io/ Software Link: https://netix.dl.sourceforge.net/project/phpmassmail/phpmassmail/1.0.0/phpmassmail.zip...

7.4AI score
Exploits0
0day.today
0day.today
added 2018/11/16 12:0 a.m.366 views

Meneame English Pligg 5.8 - search SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: Meneame English Pligg 5.8 - 'search' SQL Injection Exploit Author: Ihsan Sencan Vendor Homepage: https://sourceforge.net/projects/meneame-english/ Software Link:...

7.1AI score
Exploits0
0day.today
0day.today
added 2018/11/16 12:0 a.m.266 views

Galaxy Forces MMORPG 0.5.8 - type SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: Galaxy Forces MMORPG 0.5.8 - 'type' SQL Injection Exploit Author: Ihsan Sencan Vendor Homepage: http://galaxy.alyx.pl/ Software Link: https://excellmedia.dl.sourceforge.net/project/galaxyforces/galaxy/0.5.8/galaxy-0.5.8.7z...

0.2AI score
Exploits0
0day.today
0day.today
added 2018/11/16 12:0 a.m.271 views

Simple E-Document 1.31 - username SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: Simple E-Document 1.31 - 'username' SQL Injection Exploit Author: Ihsan Sencan Vendor Homepage: http://www.tecorange.com/index.php/download-free-open-source-software/79-simple-e-document-free-open-source-document-and-paper-m...

7.4AI score
Exploits0
0day.today
0day.today
added 2018/11/16 12:0 a.m.287 views

PHP 5.2.3 imap (Debian Based) - imap_open Disable Functions Bypass Vulnerability

Exploit for linux platform in category local exploits PHP 5.2.3 imap Debian Based - imapopen Disable Functions Bypass Vulnerability /tmp/test0001 $server = "x -oProxyCommand=echo\tZWNobyAnMTIzNDU2Nzg5MCc+L3RtcC90ZXN0MDAwMQo=|base64\t-d|sh"; imapopen''.$server.':143/imapINBOX', '', '' or...

0.1AI score
Exploits0
0day.today
0day.today
added 2018/11/16 12:0 a.m.294 views

PHP-Proxy 5.1.0 - Local File Inclusion Vulnerability

Exploit for php platform in category web applications Exploit Title: PHP-Proxy 5.1.0 - Local File Inclusion Exploit Author: Ameer Pornillos Contact: https://ethicalhackers.club Vendor Homepage: https://www.php-proxy.com/ Software Link: https://www.php-proxy.com/download/php-proxy.zip Version: 5.1...

0.21951EPSS
Exploits5
0day.today
0day.today
added 2018/11/16 12:0 a.m.282 views

Easy Outlook Express Recovery 2.0 - Denial of Service Exploit

Exploit for windows platform in category dos / poc Exploit Title: Easy Outlook Express Recovery 2.0 - Denial of Service PoC Exploit Author: Ihsan Sencan Vendor Homepage: https://www.munsoft.com/EasyOutlookExpressRecovery/ Software Link:...

7.4AI score
Exploits0
0day.today
0day.today
added 2018/11/16 12:0 a.m.314 views

DomainMOD 4.11.01 - Cross-Site Scripting Vulnerability

Exploit for php platform in category web applications Exploit Title: DomainMOD 4.11.01 - Cross-Site Scripting Exploit Author: Dawood Ansar Vendor Homepage: domainmod https://domainmod.org/ Software Link: domainmod https://github.com/domainmod/domainmod Version: v4.09.03 to v4.11.01 CVE :...

6.6AI score0.06653EPSS
Exploits5
0day.today
0day.today
added 2018/11/16 12:0 a.m.296 views

Kordil EDMS 2.2.60rc3 - Arbitrary File Upload Vulnerability

Exploit for php platform in category web applications Exploit Title: Kordil EDMS 2.2.60rc3 - Arbitrary File Upload Exploit Author: Ihsan Sencan Vendor Homepage: http://www.kordil.net/ Software Link:...

0.1AI score
Exploits0
0day.today
0day.today
added 2018/11/16 12:0 a.m.259 views

Notepad3 1.0.2.350 - Denial of Service Exploit

Exploit for windows platform in category dos / poc Exploit Title: Notepad3 1.0.2.350 - Denial of Service PoC Exploit Author: Ihsan Sencan Vendor Homepage: http://www.rizonesoft.com/ Software Link: https://netix.dl.sourceforge.net/project/notepad3/Notepad3%20Build%20350/Notepad3-1.0.2.350.exe...

7.4AI score
Exploits0
0day.today
0day.today
added 2018/11/16 12:0 a.m.284 views

Net-Billetterie 2.9 - login SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: Net-Billetterie 2.9 - 'login' SQL Injection Exploit Author: Ihsan Sencan Vendor Homepage: http://net-billetterie.tuxfamily.org/ Software Link: https://netix.dl.sourceforge.net/project/netbilletterie/Netbilletterie2.9.zip Version...

Exploits0
0day.today
0day.today
added 2018/11/15 12:0 a.m.266 views

Precurio Intranet Portal 2.0 - Cross-Site Request Forgery (Add Admin) Vulnerability

Exploit for php platform in category web applications Exploit Title: Precurio Intranet Portal 2.0 - Cross-Site Request Forgery Add Admin Exploit Author: Ihsan Sencan Vendor Homepage: http://www.precurio.org Software Link:...

0.5AI score
Exploits0
0day.today
0day.today
added 2018/11/15 12:0 a.m.261 views

WordPress Custom Frontend Login Registration Form 1.01 Cross Site Scripting Vulnerability

Exploit for php platform in category web applications ======================================================================================== Custom Frontend Login Registration Form v1.01 WP Plugin - Multiple XSS Vulnerabilities...

7.4AI score
Exploits0
0day.today
0day.today
added 2018/11/15 12:0 a.m.293 views

Wordpress Ninja Forms 3.3.17 Plugin - Cross-Site Scripting Vulnerability

Exploit for php platform in category web applications Exploit Title: Wordpress Plugin Ninja Forms 3.3.17 - Cross-Site Scripting Exploit Author: MTK Vendor Homepage: https://ninjaforms.com Softwae Link: https://wordpress.org/plugins/ninja-forms/ Version: Up to V3.3.17 Tested on: Debian 9 - Apache2...

0.08903EPSS
Exploits5
0day.today
0day.today
added 2018/11/14 12:0 a.m.90 views

Dell OpenManage Network Manager 6.2.0.51 SP3 - Multiple Vulnerabilities

Exploit for linux platform in category web applications ''' KL-001-2018-009 : Dell OpenManage Network Manager Multiple Vulnerabilities Title: Dell OpenManage Network Manager Multiple Vulnerabilities Advisory ID: KL-001-2018-009 Publication Date: 2018.11.05 Publication URL:...

7.7AI score0.12324EPSS
Exploits7
0day.today
0day.today
added 2018/11/14 12:0 a.m.266 views

Maitra Mail Tracking System 1.7.2 - SQL Injection / Database File Download Vulnerabilities

Exploit for php platform in category web applications Exploit Title: Maitra - Mail Tracking System 1.7.2 - SQL Injection / Database File Download Exploit Author: Ihsan Sencan Vendor Homepage: http://salzertechnologies.com/ Software Link:...

0.1AI score
Exploits0
0day.today
0day.today
added 2018/11/14 12:0 a.m.261 views

Rmedia SMS 1.0 - SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: Rmedia SMS 1.0 - SQL Injection Exploit Author: Ihsan Sencan Vendor Homepage: http://sms.rmediaindia.com/ Software Link: https://master.dl.sourceforge.net/project/rmediasms/rmediasms.rar Version: 1.0 Category: Webapps Tested on:...

0.1AI score
Exploits0
0day.today
0day.today
added 2018/11/14 12:0 a.m.278 views

Pedidos 1.0 - SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: Pedidos 1.0 - SQL Injection Exploit Author: Ihsan Sencan Vendor Homepage: http://obedalvarado.pw/ Software Link: https://netcologne.dl.sourceforge.net/project/sistema-web-de-pedidos-php/pedidos.zip Version: 1.0 Category: Webapps...

Exploits0
0day.today
0day.today
added 2018/11/14 12:0 a.m.268 views

Tina4 Stack 1.0.3 - SQL Injection / Database File Download Vulnerabilities

Exploit for php platform in category web applications Exploit Title: Tina4 Stack 1.0.3 - SQL Injection / Database File Download Exploit Author: Ihsan Sencan Vendor Homepage: http://tina4.com/ Software Link: https://ayera.dl.sourceforge.net/project/tina4stack/v1.0.3/Release%20V1.0.3.zip Version:...

7.1AI score
Exploits0
0day.today
0day.today
added 2018/11/14 12:0 a.m.272 views

Alienor Web Libre 2.0 - SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: Alienor Web Libre 2.0 - SQL Injection Exploit Author: Ihsan Sencan Vendor Homepage: http://alienor.org/ Software Link: https://excellmedia.dl.sourceforge.net/project/alienorweblibre/alienorweblibre.zip Version: 2.0 Category:...

0.1AI score
Exploits0
0day.today
0day.today
added 2018/11/14 12:0 a.m.371 views

SwitchVPN For MacOS / Windows 2.1012.03 Man-In-The-Middle Vulnerability

Exploit for multiple platform in category local exploits ======================================================================= Title: Insecure Update Process and RCE Product: SwitchVPN for MacOS, Windows Vulnerable version: 2.1012.03 CVE ID: Requested Impact: Critical Homepage:...

7.2AI score
Exploits0
0day.today
0day.today
added 2018/11/14 12:0 a.m.255 views

iServiceOnline 1.0 - r SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: iServiceOnline 1.0 - 'r' SQL Injection Exploit Author: Ihsan Sencan Vendor Homepage: https://sourceforge.net/projects/iserviceonline/ Software Link: https://netcologne.dl.sourceforge.net/project/iserviceonline/iServiceEng.zip...

0.2AI score
Exploits0
0day.today
0day.today
added 2018/11/14 12:0 a.m.264 views

Data Center Audit 2.6.2 - Cross-Site Request Forgery (Update Admin) Vulnerability

Exploit for php platform in category web applications Exploit Title: Data Center Audit 2.6.2 - Cross-Site Request Forgery Update Admin Exploit Author: Ihsan Sencan Vendor Homepage: https://sourceforge.net/projects/datacenteraudit/ Software Link:...

0.4AI score
Exploits0
0day.today
0day.today
added 2018/11/14 12:0 a.m.258 views

Atlassian Jira Authenticated Upload Code Execution Exploit

This Metasploit module can be used to execute a payload on Atlassian Jira via the Universal Plugin ManagerUPM. The module requires valid login credentials to an account that has access to the plugin manager. The payload is uploaded as a JAR archive containing a servlet using a POST request agains...

Exploits0
0day.today
0day.today
added 2018/11/14 12:0 a.m.262 views

EdTv 2 - id SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: EdTv 2 - 'id' SQL Injection Exploit Author: Ihsan Sencan Vendor Homepage: http://edtv.edsup.org/ Software Link: https://ayera.dl.sourceforge.net/project/edtv/beta/edtv2go.zip Version: 2 Category: Webapps Tested on:...

0.3AI score
Exploits0
0day.today
0day.today
added 2018/11/14 12:0 a.m.275 views

DoceboLMS 1.2 - SQL Injection / Arbitrary File Upload Vulnerabilities

Exploit for php platform in category web applications Exploit Title: DoceboLMS 1.2 - SQL Injection Exploit Author: Ihsan Sencan Vendor Homepage: http://www.spaghettilearning.com/ Software Link:...

7.1AI score
Exploits0
0day.today
0day.today
added 2018/11/14 12:0 a.m.268 views

Electricks eCommerce 1.0 - Persistent Cross-Site Scripting Vulnerability

Exploit for php platform in category web applications Exploit Title: Electricks eCommerce 1.0 - Cross-Site Scripting Exploit Author: Nawaf Alkeraithe Software Link: https://www.sourcecodester.com/sites/default/files/download/billyblue/electricks.zip Version: 1.0 When a user signs up for an accoun...

7.4AI score
Exploits0
0day.today
0day.today
added 2018/11/14 12:0 a.m.120 views

Electricks eCommerce 1.0 - Cross-Site Request Forgery (Change Admin Password) Vulnerability

Exploit for php platform in category web applications Exploit Title: Electricks eCommerce 1.0 - Cross-Site Request Forgery Change Admin Password Exploit Author: Nawaf Alkeraithe Software Link: https://www.sourcecodester.com/sites/default/files/download/billyblue/electricks.zip Version: 1.0 PoC:...

0.4AI score
Exploits0
0day.today
0day.today
added 2018/11/14 12:0 a.m.254 views

Tina4 Stack 1.0.3 - Cross-Site Request Forgery (Update Admin) Vulnerability

Exploit for php platform in category web applications Exploit Title: Tina4 Stack 1.0.3 - Cross-Site Request Forgery Update Admin Exploit Author: Ihsan Sencan Vendor Homepage: http://tina4.com/ Software Link: https://ayera.dl.sourceforge.net/project/tina4stack/v1.0.3/Release%20V1.0.3.zip Version:...

7.1AI score
Exploits0
0day.today
0day.today
added 2018/11/14 12:0 a.m.135 views

Easyndexer 1.0 - Arbitrary File Download Vulnerability

Exploit for php platform in category web applications Exploit Title: Easyndexer 1.0 - Arbitrary File Download Exploit Author: Ihsan Sencan Vendor Homepage: https://sourceforge.net/projects/easyndexer/ Software Link: https://ayera.dl.sourceforge.net/project/easyndexer/easyndexerwin32.exe Version:...

0.2AI score
Exploits0
0day.today
0day.today
added 2018/11/14 12:0 a.m.289 views

Surreal ToDo 0.6.1.2 - SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: Surreal ToDo 0.6.1.2 - SQL Injection Exploit Author: Ihsan Sencan Vendor Homepage: http://getsurreal.com/surrealtodo Software Link: https://netcologne.dl.sourceforge.net/project/surrealtodo/Surreal%20ToDo/surrealtodov0.6.1.2.zip...

0.2AI score
Exploits0
0day.today
0day.today
added 2018/11/14 12:0 a.m.480 views

Surreal ToDo 0.6.1.2 - Local File Inclusion Vulnerability

Exploit for php platform in category web applications Exploit Title: Surreal ToDo 0.6.1.2 - Local File Inclusion Exploit Author: Ihsan Sencan Vendor Homepage: http://getsurreal.com/surrealtodo Software Link:...

7.4AI score
Exploits0
0day.today
0day.today
added 2018/11/14 12:0 a.m.265 views

Alive Parish 2.0.4 - SQL Injection / Arbitrary File Upload Vulnerabilities

Exploit for php platform in category web applications Exploit Title: Alive Parish 2.0.4 - SQL Injection / Arbitrary File Upload Exploit Author: Ihsan Sencan Vendor Homepage: https://demo.aliveparish.com Software Link: https://netcologne.dl.sourceforge.net/project/aliveparish/aliveparish-v2.0.zip...

7.1AI score
Exploits0
0day.today
0day.today
added 2018/11/14 12:0 a.m.126 views

Webiness Inventory 2.3 - Arbitrary File Upload / Cross-Site Request Forgery (Add Admin)

Exploit for php platform in category web applications Exploit Title: Webiness Inventory 2.3 - Arbitrary File Upload / Cross-Site Request Forgery Add Admin Exploit Author: Ihsan Sencan Vendor Homepage: https://github.com/webiness/webinessinventory Software Link:...

0.2AI score
Exploits0
0day.today
0day.today
added 2018/11/14 12:0 a.m.270 views

SIPve 0.0.2-R19 - SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: SIPve 0.0.2-R19 - SQL Injection Exploit Author: Ihsan Sencan Vendor Homepage: https://sourceforge.net/projects/sipve/ Software Link: https://datapacket.dl.sourceforge.net/project/sipve/sipve-v0.0.2-R19.tar.gz Version: 0.0.2-R19...

0.2AI score
Exploits0
0day.today
0day.today
added 2018/11/14 12:0 a.m.256 views

Webiness Inventory 2.3 - SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: Webiness Inventory 2.3 - SQL Injection Exploit Author: Ihsan Sencan Vendor Homepage: https://github.com/webiness/webinessinventory Software Link:...

0.2AI score
Exploits0
0day.today
0day.today
added 2018/11/14 12:0 a.m.14 views

Silurus Classifieds Script 2.0 - wcategory SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: Silurus Classifieds Script 2.0 - SQL Injection Exploit Author: Ihsan Sencan Vendor Homepage: http://snowhall.com/store/silurus/ Software Link: https://netcologne.dl.sourceforge.net/project/silurus/silurus2.0.zip Version: 2.0...

0.5AI score
Exploits0
0day.today
0day.today
added 2018/11/14 12:0 a.m.305 views

ClipperCMS 1.3.3 - Cross-Site Request Forgery (File Upload) Vulnerability

Exploit for php platform in category web applications Exploit Title: ClipperCMS 1.3.3 File Upload CSRF Vulnerability Exploit Author: Ameer Pornillos Website: http://ethicalhackers.club Vendor Homepage: http://www.clippercms.com/ Software Link:...

0.4AI score0.02962EPSS
Exploits5
Total number of security vulnerabilities39001