Lucene search
K

39001 matches found

0day.today
0day.today
added 2018/09/24 12:0 a.m.50 views

Navigate CMS 2.8 - Cross-Site Scripting Vulnerability

Exploit for php platform in category web applications Title: Navigate CMS 2.8 - Cross-Site Scripting Author: Felipe "Renzi" Gabriel Vendor: https://www.navigatecms.com/en/home Software: Navigate CMS 2.8 CVE: CVE-2018-17255 Technical Details & Description: A Reflected Cross-Site Scripting web...

0.2AI score
Exploits4
0day.today
0day.today
added 2018/09/24 12:0 a.m.25 views

Joomla Auction Factory 4.5.5 Component - filter_order SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: Joomla! Component Auction Factory 4.5.5 - 'filterorder' SQL Injection Exploit Author: Ihsan Sencan Vendor Homepage: https://thephpfactory.com/ Software Link:...

0.2AI score
Exploits0
0day.today
0day.today
added 2018/09/24 12:0 a.m.37 views

Linux/ARM - sigaction() Based Egghunter (PWN!) + execve Shellcode (52 Bytes)

/ Title: Linux/ARM - sigaction Based Egghunter PWN! + execve"/bin/sh", NULL, NULL Shellcode 52 Bytes Tested: armv7l Raspberry Pi 3 Model B+ Author: Ken Kitahara System Information pi@raspberrypi: $ uname -a Linux raspberrypi 4.14.52-v7+ 1123 SMP Wed Jun 27 17:35:49 BST 2018 armv7l GNU/Linux...

7.4AI score
Exploits0
0day.today
0day.today
added 2018/09/24 12:0 a.m.82 views

Collectric CMU 1.0 - lang SQL injection Vulnerability

Exploit for php platform in category web applications Exploit Title: Collectric CMU 1.0 - 'lang' SQL injection Google Dork: "Inloggning Collectric CMU" Discoverer: Simon Brannstrom Vendor Homepage: http://ourenergy.se/ Software Link: n/a Version: All known versions Tested on: Linux CVE: N/A About...

7.4AI score
Exploits0
0day.today
0day.today
added 2018/09/22 12:0 a.m.160 views

WebRTC - FEC Out-of-Bounds Read Exploit

Exploit for multiple platform in category dos / poc There is an out-of-bounds read in FEC processing in WebRTC. If a very short RTP packet is received, FEC will assume the packet is longer and process data outside of the allocated buffer. This bug causes the following ASAN crash: ==109993==ERROR:...

9.2AI score0.05264EPSS
Exploits1
0day.today
0day.today
added 2018/09/22 12:0 a.m.102 views

WebRTC - VP9 Processing Use-After-Free Exploit

Exploit for multiple platform in category dos / poc There is a use-after-free in VP9 processing in WebRTC. In the method RtpFrameReferenceFinder::ManageFrameVp9 the following code occurs: auto gofinfoit = gofinfo.findcodecheader.temporalidx == 0 ? codecheader.tl0picidx - 1 : codecheader.tl0picidx...

9.2AI score0.04798EPSS
Exploits1
0day.today
0day.today
added 2018/09/22 12:0 a.m.173 views

Microsoft Windows ALPC Task Scheduler Local Privilege Elevation Exploit

On vulnerable versions of Windows the alpc endpoint method SchRpcSetSecurity implemented by the task scheduler service can be used to write arbitrary DACLs to .job files located in c:\windows\tasks because the scheduler does not use impersonation when checking this location. Since users can creat...

6.9AI score0.18386EPSS
Exploits7
0day.today
0day.today
added 2018/09/22 12:0 a.m.69 views

WordPress FV Flowplayer 7.2.0.727 Cross Site Scripting Vulnerability

Exploit for php platform in category web applications Reflected XSS in FV Flowplayer Wordpress plugin ================================================================ Author: Janek Vind "waraxe" Date: 20. September 2018 Location: Estonia, Tartu Web: http://www.waraxe.us/advisory-107.html Target...

7.4AI score
Exploits0
0day.today
0day.today
added 2018/09/22 12:0 a.m.73 views

Antidote 9.5.1 Code Execution Exploit

CVE-2018-13140 Antidote Remote Code Execution against the update component Description Antidote is a spell checker software for Windows, Linux macOS operating system. Threat The application is affected by a remote code execution against the update component. It leads to code execution with high...

9.3CVSS0.06631EPSS
Exploits3
0day.today
0day.today
added 2018/09/22 12:0 a.m.77 views

MyBB Visual Editor 1.8.18 Cross Site Scripting Vulnerability

Exploit for php platform in category web applications + Title: MyBB Visual Editor Stored XSS YLOADhttp://victim.com/video 4- Post the thread. While victim user replying your post, his browser will run JavaScript. Vulnerable pages: editpost.php newreply.php private.php and all Visual Editor embedd...

0.1AI score0.74752EPSS
Exploits5
0day.today
0day.today
added 2018/09/22 12:0 a.m.445 views

Staubli Jacquard Industrial System JC6 Shellshock Vulnerability

Staubli Jacquard Industrial System JC6 suffers from a bash environment variable handling code injection vulnerability. Exploit Title: Staubli Jacquard Industrial System | GNU Bash Environment Variable Handling Code Injection Shellshock Exploit Author: t4rkd3vilz Vendor Homepage:...

10CVSS0.1AI score0.99999EPSS
Exploits131
0day.today
0day.today
added 2018/09/21 12:0 a.m.60 views

HylaFAX 6.0.6 / 5.6.0 Uninitialized Pointer / Out Of Bounds Write Vulnerabilities

Multiple bugs were found in the code handling fax page reception in JPEG format that allow arbitrary writes to an uninitialized pointer by remote parties dialing in. When processing an specially crafted input, the issue could lead to remote code execution. HylaFAX versions 6.0.6 and 5.6.0 are...

0.8AI score0.05588EPSS
Exploits2
0day.today
0day.today
added 2018/09/21 12:0 a.m.103 views

mgetty 1.2.0 Buffer Overflow / Privilege Escalation Vulnerabilities

mgetty version 1.2.0 suffers from buffer overflow, code execution, and various other privilege escalation related vulnerabilities. Multiple Vulnerabilities in mgetty ================================== Overview - -------- Confirmed Affected Versions: 1.2.0 Patched Versions: 1.2.1 Vendor: mgetty...

0.9AI score0.01323EPSS
Exploits6
0day.today
0day.today
added 2018/09/20 12:0 a.m.25 views

NICO-FTP 3.0.1.19 - Buffer Overflow (SEH) Exploit

Exploit for windows platform in category local exploits Exploit Title: NICO-FTP 3.0.1.19 - Buffer Overflow SEH Author: Abdullah Alıç Software link: https://en.softonic.com/download/nico-ftp/windows/post-download Tested Version: 3.0.1.19 Vulnerability Type: Buffer Overflow SEH Tested on OS: Window...

0.1AI score
Exploits0
0day.today
0day.today
added 2018/09/20 12:0 a.m.47 views

ManageEngine SupportCenter Plus 8.1.0 Cross Site Scripting Vulnerability

Exploit for php platform in category web applications Exploit Title: ManageEngine SupportCenter Plus 8.1.0 - HTML Injection and Stored XSS Exploit Author: Ismail Tasdelen Vendor Homepage: https://www.manageengine.com/ Hardware Link : https://www.manageengine.com/products/support-center/ Software ...

0.02549EPSS
Exploits2
0day.today
0day.today
added 2018/09/20 12:0 a.m.47 views

ManageEngine Desktop Central 10.0.271 Cross Site Scripting Vulnerability

Exploit for php platform in category web applications Exploit Title: ManageEngine Desktop Central 10 - Cross-Site Scripting Exploit Author: Ismail Tasdelen Vendor Homepage: https://www.manageengine.com/ Hardware Link : https://www.manageengine.com/products/desktop-central/ Software : ZOHO Corp...

0.2AI score0.65406EPSS
Exploits6
0day.today
0day.today
added 2018/09/20 12:0 a.m.35 views

LimeSurvey 3.14.7 Cross Site Scripting Vulnerability

Exploit for php platform in category web applications Exploit Title: LimeSurvey 3.14.7 - HTML Injection and Stored XSS Exploit Author: Ismail Tasdelen Vendor Homepage: https://www.limesurvey.org/ Software Link : https://github.com/LimeSurvey/LimeSurvey Software : LimeSurvey 3.14.7 Product Version...

0.1AI score0.01009EPSS
Exploits2
0day.today
0day.today
added 2018/09/20 12:0 a.m.48 views

Telegram Desktop 1.3.14 denial of service Vulnerability

Exploit for linux platform in category dos / poc Telegram Desktop aka tdesktop 1.3.14 might allow attackers to cause a denial of service assertion failure and application exit via an "Edit color palette" search that triggers an "index out of range" condition. NOTE: this issue is disputed by...

7.4AI score
Exploits0
0day.today
0day.today
added 2018/09/20 12:0 a.m.21 views

Linux/x86 - Egghunter + sigaction-based Shellcode (27 bytes)

/ Title: Linux/x86 - Egghunter + sigaction-based Shellcode 27 bytes Author:Valbrux This exploit is a dirty-slow but small version of the sigaction-based egg hunter shellcode global start section .text ;zeroing ecx xor ecx,ecx start: ;increment inc ecx ;sigaction syscall number push byte 67 pop ea...

0.1AI score
Exploits0
0day.today
0day.today
added 2018/09/19 12:0 a.m.107 views

Moodle 3.x PHP Unserialize Remote Code Execution Exploit

Exploit for php platform in category web applications ======================================================================= title: Remote Code Execution via PHP unserialize product: Moodle - Open-source learning platform vulnerable version: 3.5 to 3.5.1, 3.4 to 3.4.4, 3.1 to 3.1.13 and earlier...

0.1AI score0.04425EPSS
Exploits3
0day.today
0day.today
added 2018/09/19 12:0 a.m.99 views

Microsoft Windows - Double Dereference in NtEnumerateKey Elevation of Privilege Exploit

Exploit for windows platform in category dos / poc Windows: Double Dereference in NtEnumerateKey Elevation of Privilege Platform: Windows 10 1803 not vulnerable in earlier versions Class: Elevation of Privilege Summary: A number of registry system calls do not correctly handle pre-defined keys...

7AI score0.03978EPSS
Exploits2
0day.today
0day.today
added 2018/09/19 12:0 a.m.62 views

WesternDigital #MyCloud Authentication Bypass Vulnerability

It was discovered that the Western Digital My Cloud is affected by an authentication bypass vulnerability. An unauthenticated attacker can exploit this vulnerability to authenticate as an admin user without needing to provide a password, thereby gaining full control of the My Cloud device. This...

0.3AI score0.86586EPSS
Exploits6
0day.today
0day.today
added 2018/09/19 12:0 a.m.130 views

Microsoft Windows - CiSetFileCache WDAC Security Feature Bypass TOCTOU Exploit

Exploit for windows platform in category dos / poc Windows: CiSetFileCache TOCTOU CVE-2017-11830 Variant WDAC Security Feature Bypass Platform: Windows 10 1803, 1709 should include S-Mode but not tested Class: Security Feature Bypass Summary: While the TOCTOU attack against cache signing has been...

7.2AI score0.03109EPSS
Exploits8
0day.today
0day.today
added 2018/09/19 12:0 a.m.33 views

WordPress Wechat Broadcast 1.2.0 Plugin - Local File Inclusion Vulnerability

Exploit for php platform in category web applications Exploit Title: WordPress Plugin Wechat Broadcast 1.2.0 - Local File Inclusion Author: Manuel Garcia Cardenas Software link: https://es.wordpress.org/plugins/wechat-broadcast/ CVE: N/A Description This bug was found in the file:...

Exploits0
0day.today
0day.today
added 2018/09/19 12:0 a.m.43 views

LG SuperSign EZ CMS 2.5 - Local File Inclusion Vulnerability

Exploit for hardware platform in category web applications Exploit Title: LG SuperSign EZ CMS 2.5 - Local File Inclusion Exploit Author: Alejandro Fanjul Vendor Homepage: https://www.lg.com/ar/software-lg-supersign Version: SuperSign EZ CMS Tested on: Web OS 4.0 CVE : CVE-2018-16288 More info:...

0.35258EPSS
Exploits5
0day.today
0day.today
added 2018/09/19 12:0 a.m.30 views

WordPress Localize My Post 1.0 Plugin - Local File Inclusion Vulnerability

Exploit for php platform in category web applications Exploit Title: WordPress Plugin Localize My Post 1.0 - Local File Inclusion Author: Manuel Garcia Cardenas Software link: https://es.wordpress.org/plugins/localize-my-post/ CVE: N/A DESCRIPTION This bug was found in the file:...

7.4AI score
Exploits0
0day.today
0day.today
added 2018/09/19 12:0 a.m.42 views

Roundcube rcfilters plugin 2.1.6 - Cross-Site Scripting Vulnerability

Exploit for linux platform in category web applications Exploit Title: Roundcube rcfilters plugin 2.1.6 - Cross-Site Scripting Exploit Author: Fahimeh Rezaei Vendor Homepage: https://plugins.roundcube.net/packages/eagle00789/rcfilters Software Link:...

5.6AI score0.02602EPSS
Exploits5
0day.today
0day.today
added 2018/09/19 12:0 a.m.7082 views

Radan-http service for Linux remote code execute Exploit

Injection into a web application Hack all servers have webapp open port 8088 Ok so the web application attack has 2 steps. 1: Create a new application done with post request to /newappication, 2: Now once we done that we can execute commands inside of it. Usage Info 1 You need to scan ip list wit...

0.6AI score
Exploits0
0day.today
0day.today
added 2018/09/18 12:0 a.m.21 views

TeamViewer App 13.0.100.0 - Denial of Service Exploit

Exploit for windows platform in category dos / poc Exploit Title: TeamViewer App 13.0.100.0 - Denial of Service PoC Exploit Author: Ali Alipour WebSite: http://Alipour.it Vendor Homepage: https://www.teamviewer.com Software Link...

7.4AI score
Exploits0
0day.today
0day.today
added 2018/09/18 12:0 a.m.29 views

Infiltrator Network Security Scanner 4.6 - Denial of Service Exploit

Exploit for windows platform in category dos / poc Exploit Title: Infiltrator Network Security Scanner 4.6 - Denial of Service PoC Author: Gionathan "John" Reale Software Link: https://www.infiltration-systems.com/download.shtml Tested Version: 4.6 Tested on OS: Windows 7 32-bit Steps to Reproduc...

7.4AI score
Exploits0
0day.today
0day.today
added 2018/09/18 12:0 a.m.19 views

Clone2Go Video to iPod Converter 2.5.0 - Denial of Service Exploit

Exploit for windows platform in category dos / poc Exploit Title: Clone2Go Video to iPod Converter 2.5.0 - Denial of Service PoC Exploit Author: ZwX Vendor Homepage : http://www.clone2go.com/ Software Link: http://www.clone2go.com/down/video-to-ipod-setup.exe Tested on OS: Windows 7 Proof of...

Exploits0
0day.today
0day.today
added 2018/09/18 12:0 a.m.98 views

WordPress Arigato Autoresponder And Newsletter 2.5 SQL Injection / XSS Vulnerabilities

Exploit for php platform in category web applications Title: Blind SQL injection and multiple reflected XSS vulnerabilities in Wordpress Plugin Arigato Autoresponder and Newsletter v2.5 Author: Larry W. Cashdollar, @larry0 Date: 2018-08-22...

0.1AI score0.04354EPSS
Exploits14
0day.today
0day.today
added 2018/09/18 12:0 a.m.111 views

Apple macOS 10.13.4 - Denial of Service Exploit

Exploit for macOS platform in category dos / poc Exploit Title: Apple MacOS 10.13.4 - Denial of Service PoC Exploit Author: Sriram @SriHxor Vendor Homepage: https://support.apple.com/en-in/HT208848 Tested on: macOS High Sierra 10.13.4, iOS 11.3, tvOS 11.3, watchOS 4.3.0 CVE : CVE-2018-4240 2018 P...

4.3CVSS7.1AI score0.06994EPSS
Exploits5
0day.today
0day.today
added 2018/09/18 12:0 a.m.26 views

InfraRecorder 0.53 - (.txt) Denial of Service Exploit

Exploit for windows platform in category dos / poc Exploit Title: InfraRecorder 0.53 - '.txt' Denial of Service PoC Exploit Author: Gionathan "John" Reale Version: version 0.53 Download: http://sourceforge.net/projects/infrarecorder/files/InfraRecorder/0.53/ir053.exe/download Tested on: Windows 7...

Exploits0
0day.today
0day.today
added 2018/09/18 12:0 a.m.82 views

CA Release Automation NiMi 6.5 - Remote Command Execution Exploit

Exploit Title: CA Release Automation NiMi 6.5 - Remote Command Execution Exploit Authors: Jakub Palaczynski, Maciej Grabiec Vendor Homepage: http://www.ca.com/ Software Link: https://docops.ca.com/ca-release-automation/5-5-2/en/installation/deploy-agents/ Version: CA Release Automation NiMi 5.X,...

9.8CVSS0.2AI score0.16764EPSS
Exploits5
0day.today
0day.today
added 2018/09/18 12:0 a.m.90 views

XAMPP Control Panel 3.2.2 - Denial of Service Exploit

Exploit for windows platform in category dos / poc Exploit Title: XAMPP Control Panel 3.2.2 - Denial of Service PoC Exploit Author: Gionathan "John" Reale Software: XAMPP Version: 3.2.2 / 7.2.9 Newest version at time of writing Download:...

7.4AI score
Exploits0
0day.today
0day.today
added 2018/09/18 12:0 a.m.64 views

Ubisoft Uplay Desktop Client 63.0.5699.0 - Remote Code Execution Exploit

Exploit Title: Ubisoft Uplay Desktop Client 63.0.5699.0 - Remote Code Execution Exploit Author: Che-Chun Kuo Vulnerability Type: URI Parsing Command Injection Vendor Homepage: https://www.ubisoft.com/en-us/ Software Link: https://uplay.ubi.com/ Version: 63.0.5699.0 Tested on: Windows, Microsoft...

0.2AI score
Exploits0
0day.today
0day.today
added 2018/09/18 12:0 a.m.36 views

CdBurnerXP 4.5.8.6795 - File Name Denial of Service Exploit

Exploit for windows platform in category dos / poc Exploit Title: CdBurnerXP 4.5.8.6795 - 'File Name' Denial of Service PoC Discovery by: Alan Baeza Vendor Homepage: https://cdburnerxp.se/ Software Link: https://cdburnerxp.se/downloadsetup.exe Tested Version: 4.5.8.6795 Tested on OS : Windows 10...

Exploits0
0day.today
0day.today
added 2018/09/18 12:0 a.m.90 views

Solaris libnspr NSPR_LOG_FILE Privilege Escalation Exploit

This Metasploit module exploits an arbitrary file write vulnerability in the Netscape Portable Runtime library libnspr on unpatched Solaris systems prior to Solaris 10u3 which allows users to gain root privileges. libnspr versions prior to 4.6.3 allow users to specify a log file with the...

3.6CVSS0.6AI score0.07683EPSS
Exploits27
0day.today
0day.today
added 2018/09/18 12:0 a.m.55 views

NUUO NVRMini2 3.8 - cgi_system Buffer Overflow (Enable Telnet) Exploit

Exploit Title: NUUO NVRMini2 3.8 - 'cgisystem' Buffer Overflow Enable Telnet Exploit Author: Jacob Baines Vendor Homepage: https://www.nuuo.com/ Device: NRVMini2 Software Link: https://www.nuuo.com/ProductNode.php?node=2 Versions: 3.8.0 and below Tested Against: 03.07.0000.0011 and 03.08.0000.000...

Exploits0
0day.today
0day.today
added 2018/09/18 12:0 a.m.37 views

jiNa OCR Image to Text 1.0 - Denial of Service Exploit

Exploit for windows platform in category dos / poc Exploit Title: jiNa OCR Image to Text 1.0 - Denial of Service PoC Author: Gionathan "John" Reale Software Link: http://www.convertimagetotext.net/downloadsoftware.php Tested Version: 1.0 Tested on OS: Windows 7 32-bit Steps to Reproduce: Run the...

7.4AI score
Exploits0
0day.today
0day.today
added 2018/09/18 12:0 a.m.31 views

RoboImport 1.2.0.72 - Denial of Service Exploit

Exploit for windows platform in category dos / poc Exploit Title: RoboImport 1.2.0.72 - Denial of Service PoC Author: Gionathan "John" Reale Software Link: http://www.picajet.com/download/RoboImportInstall.exe Tested Version: 1.2.0.72 Tested on OS: Windows 7 32-bit Steps to Reproduce: Run the...

7.4AI score
Exploits0
0day.today
0day.today
added 2018/09/18 12:0 a.m.31 views

PixGPS 1.1.8 - Denial of Service Exploit

Exploit for windows platform in category dos / poc Exploit Title: PixGPS 1.1.8 - Denial of Service PoC Author: Gionathan "John" Reale Software Link: http://www.br-software.com/pixgps11setup.exe Tested Version: 1.1.8 Tested on OS: Windows 7 32-bit Steps to Reproduce: Run the python exploit script,...

7.4AI score
Exploits0
0day.today
0day.today
added 2018/09/18 12:0 a.m.68 views

Microsoft Edge Chakra JIT localeCompare Type Confusion Exploit

Exploit for windows platform in category dos / poc Microsoft Edge: Chakra: JIT: Type confusion with localeCompare CVE-2018-8355 A call to the String.prototype.localeCompare method can be inlineed when it only takes one argument. There are two versions of String.prototype.localeCompare, one 1 is...

6.8AI score0.68242EPSS
Exploits3
0day.today
0day.today
added 2018/09/18 12:0 a.m.34 views

iCash 7.6.5 - Denial of Service Exploit

Exploit for windows platform in category dos / poc Exploit Title: iCash 7.6.5 - Denial of Service PoC Author: Gionathan "John" Reale Software Link: https://www.maxprog.com/site/misc/downloadsus.php Tested Version: 7.6.5 Tested on OS: Windows 7 32-bit Steps to Reproduce: Run the python exploit...

7.4AI score
Exploits0
0day.today
0day.today
added 2018/09/18 12:0 a.m.37 views

Linux/ARM - Jump Back Shellcode + execve("/bin/sh", NULL, NULL) Shellcode (4 Bytes)

/ Title: Linux/ARM - Jump Back Shellcode + execve"/bin/sh", NULL, NULL Shellcode 4 Bytes Author: Ken Kitahara Tested: armv7l Raspberry Pi 3 Model B+ System Information pi@raspberrypi: $ uname -a Linux raspberrypi 4.14.52-v7+ 1123 SMP Wed Jun 27 17:35:49 BST 2018 armv7l GNU/Linux pi@raspberrypi: $...

7.4AI score
Exploits0
0day.today
0day.today
added 2018/09/18 12:0 a.m.40 views

Faleemi Plus 1.0.2 - Denial of Service Exploit

Exploit for windows platform in category dos / poc Exploit Title: Faleemi Plus 1.0.2 - Denial of Service PoC Author: Gionathan "John" Reale Software Link: http://support.faleemi.com/fsc776/FaleemiPlusv1.0.2.exe Tested Version: 1.0.2 Tested on OS: Windows 10 Steps to Reproduce: Run the python...

7.4AI score
Exploits0
0day.today
0day.today
added 2018/09/18 12:0 a.m.67 views

Microsoft Edge Chakra PathTypeHandlerBase::SetAttributesHelper Type Confusion Exploit

Exploit for windows platform in category dos / poc Microsoft Edge: Chakra: Type confusion with PathTypeHandlerBase::SetAttributesHelper CVE-2018-8384 Here's a snippet of PathTypeHandlerBase::SetAttributesHelper. PathTypeHandlerBase predTypeHandler = this; DynamicType currentType =...

7.7AI score0.6211EPSS
Exploits2
0day.today
0day.today
added 2018/09/18 12:0 a.m.26 views

PicaJet FX 2.6.5 - Denial of Service Exploit

Exploit for windows platform in category dos / poc Exploit Title: PicaJet FX 2.6.5 - Denial of Service PoC Author: Gionathan "John" Reale Software Link: http://www.picajet.com/download/PicaJetFXInstall.exe Tested Version: 2.6.5 Tested on OS: Windows 7 32-bit Steps to Reproduce: Run the python...

7.4AI score
Exploits0
0day.today
0day.today
added 2018/09/18 12:0 a.m.63 views

Notebook Pro 2.0 - Denial Of Service Exploit

Exploit for windows platform in category dos / poc Exploit Title : Notebook Pro 2.0 - Denial Of Service PoC Exploit Author : Ali Alipour WebSite : http://Alipour.it Vendor Homepage : http://www.stokedonit.com/apps/notebook-pro/ Software Link Download :...

7.4AI score
Exploits0
Total number of security vulnerabilities39001