Lucene search
K

39001 matches found

0day.today
0day.today
added 2018/09/07 12:0 a.m.23 views

Tenable WAS-Scanner 7.4.1708 - Remote Command Execution Vulnerability

Exploit Title: Tenable WAS-Scanner 7.4.1708 - Remote Command Execution Discovery by: Sameer Goyal Vendor Homepage: https://www.tenable.com/ Software Link: https://www.tenable.com/products/tenable-io/web-application-scanning Tested Version: WAS-20180328 Vulnerability Type: Remote Command Execution...

0.3AI score
Exploits0
0day.today
0day.today
added 2018/09/07 12:0 a.m.24 views

Ghostscript Failed Restore Command Execution Exploit

This Metasploit module exploits a -dSAFER bypass in Ghostscript to execute arbitrary commands by handling a failed restore grestore in PostScript to disable LockSafetyParams and avoid invalidaccess. This vulnerability is reachable via libraries such as ImageMagick, and this module provides the...

0.3AI score
Exploits0
0day.today
0day.today
added 2018/09/06 12:0 a.m.40 views

WirelessHART Fieldgate SWG70 3.0 - Directory Traversal Vulnerability

Exploit for hardware platform in category web applications Exploit Title: WirelessHART Fieldgate SWG70 3.0 - Directory Traversal Exploit Author: Hamit CİBO Vendor Homepage: http://endress.com Software Link:...

0.5AI score
Exploits0
0day.today
0day.today
added 2018/09/06 12:0 a.m.52 views

Tenda ADSL Router D152 - Cross-Site Scripting Vulnerability

Exploit for hardware platform in category web applications Exploit Title: Tenda D152 ADSL Router - Cross-Site Scripting Exploit Author: Sandip Dey Vendor Homepage: http://www.tendacn.com Hardware Link:...

0.01643EPSS
Exploits5
0day.today
0day.today
added 2018/09/06 12:0 a.m.46 views

Jorani Leave Management 0.6.5 - startdate SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: Jorani Leave Management 0.6.5 – 'startdate' SQL Injection Exploit Author: Javier Olmedo Website: https://hackpuntes.com Vendor: Benjamin BALET Software Link: https://jorani.org/download.html Affected Version: 0.6.5 and possibly...

0.1AI score0.02871EPSS
Exploits5
0day.today
0day.today
added 2018/09/06 12:0 a.m.18 views

Microsoft people 10.1807.2131.0 - Denial of service Exploit

Exploit for windows platform in category dos / poc Exploit Title: Microsoft people 10.1807.2131.0 - Denial of service PoC Exploit Author : L0RD Contact: email protected Vendor Homepage : https://www.microsoft.com Software link:...

7.4AI score
Exploits0
0day.today
0day.today
added 2018/09/06 12:0 a.m.132 views

Opsview Monitor 5.x Command Execution Vulnerability

Exploit for multiple platform in category web applications Opsview Monitor Multiple Vulnerabilities 1. Advisory Information Title: Opsview Monitor Multiple Vulnerabilities Advisory ID: CORE-2018-0008 Advisory URL: http://www.coresecurity.com/advisories/opsview-monitor-multiple-vulnerabilities Dat...

0.3AI score0.32692EPSS
Exploits9
0day.today
0day.today
added 2018/09/06 12:0 a.m.78 views

Apache Roller 5.0.3 - XML External Entity Injection Exploit

Exploit for linux platform in category web applications Exploit Title: Apache Roller 5.0.3 - XML External Entity Injection File Disclosure Google Dork: intext:"apache roller weblogger version vulnerableversionnumber" Exploit Author: Marko Jokic Contact: http://twitter.com/MarkoJokic Vendor...

7.5CVSS9.6AI score0.16867EPSS
Exploits6
0day.today
0day.today
added 2018/09/06 12:0 a.m.41 views

Go Pro Fusion Studio 1.2 Privilege Escalation Vulnerability

Exploit for windows platform in category local exploits Go Pro Fusion Studio 1.2 Privilege Escalation Vendor: GoPro, Inc. Product web page: https://www.gopro.com Software: https://shop.gopro.com/softwareandapp/gopro-fusion-studio-app/fusion-studio.html Affected version: 1.2.1.400 Summary: Go Pro...

6.8AI score
Exploits0
0day.today
0day.today
added 2018/09/06 12:0 a.m.77 views

KONE KGC 4.6.4 - Multiple Vulnerabilities

KONE KGC versions 4.6.4 and below suffer from unauthenticated remote code execution, denial of service, local file inclusion, and missing FTP access control vulnerabilities. Vulnerabilities in KONEs Group Controller KGC -------------------------------------------------------------------------...

0.7AI score0.07659EPSS
Exploits3
0day.today
0day.today
added 2018/09/06 12:0 a.m.28 views

D-Link Dir-600M N150 - Cross-Site Scripting Vulnerability

Exploit for hardware platform in category web applications Exploit Title: D-Link Dir-600M N150 - Cross-Site Scripting Exploit Author: PUNIT DARJI Vendor Homepage: www.dlink.co.in Hardware Link: https://amzn.to/2NUIniO Version: DIR-600M Firmware 3.01 Tested on: Windows 7 ultimate CVE: N/A POC Goto...

0.2AI score
Exploits0
0day.today
0day.today
added 2018/09/06 12:0 a.m.51 views

Cisco Umbrella Roaming Client 2.0.168 - Privilege Escalation Exploit

Exploit for windows platform in category local exploits / Exploit Title: Cisco Umbrella Roaming Client 2.0.168 - Privilege Escalation Exploit Author: paragonsec @ Critical Start Vendor Homepage: https://www.opendns.com/ Version: Umbrella Roaming Client 2.0.168 Tested on: Windows 10 Professional C...

0.2AI score0.01516EPSS
Exploits4
0day.today
0day.today
added 2018/09/06 12:0 a.m.23 views

osCommerce 2.3.4.1 Cross Site Request Forgery Vulnerability

Exploit for php platform in category web applications Exploit Title: osCommerce Add Admin User CSRF Vulnerability Exploit Author: Hesam Bazvand Contact: email protected Download Link: https://www.oscommerce.com/Products&Download=oscom2341 Tested on: Windows 10 / Kali Linux Category: WebApps...

0.1AI score
Exploits0
0day.today
0day.today
added 2018/09/06 12:0 a.m.41 views

Jorani Leave Management 0.6.5 - Cross-Site Scripting Vulnerability

Exploit for php platform in category web applications Exploit Title: Jorani Leave Management System 0.6.5 – Cross-Site Scripting Exploit Author: Javier Olmedo Website: https://hackpuntes.com Vendor: Benjamin BALET Software Link: https://jorani.org/download.html Affected Version: 0.6.5 and possibl...

5.5AI score0.06483EPSS
Exploits5
0day.today
0day.today
added 2018/09/06 12:0 a.m.59 views

NovaRad NovaPACS Diagnostics Viewer 8.5 - XML External Entity Injection Vulnerability

Exploit for xml platform in category web applications Title: NovaRad NovaPACS Diagnostics Viewer 8.5 - XML External Entity Injection File Disclosure Author: Gjoko 'LiquidWorm' Krstic @zeroscience Vendor: NovaRad Corporation Product web page: https://www.novarad.net Affected version: 8.5.19.75...

Exploits0
0day.today
0day.today
added 2018/09/05 12:0 a.m.15 views

FTPShell Server 6.80 - Add Account Name Buffer Overflow (SEH) Exploit

Exploit Title: FTPShell Server 6.80 - 'Add Account Name' Buffer Overflow SEH Discovery by: Luis Martinez Vendor Homepage: http://www.ftpshell.com/ Software Link: http://www.ftpshell.com/downloadserver.htm Tested Version: 6.80 Vulnerability Type: Buffer Overflow SEH Local Tested on OS: Windows XP...

0.6AI score
Exploits0
0day.today
0day.today
added 2018/09/05 12:0 a.m.63 views

FUJI XEROX DocuCentre-V 3065 Printer - Remote Command Execution Exploit

Exploit Title: FUJI XEROX DocuCentre-V 3065 Printer - Remote Command Execution Exploit Author: vrsystem Vendor Homepage: https://www.fujixerox.com.cn/ Software Link: https://www.fujixerox.com.cn/ Version: DocuCentre-IV,DocuCentre-VI,DocuCentre-V,ApeosPort-VI,ApeosPort-V Tested on: DocuCentre-V...

0.5AI score
Exploits0
0day.today
0day.today
added 2018/09/04 12:0 a.m.29 views

Simple POS 4.0.24 - columns[0][search][value] SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: Simple POS 4.0.24 - 'columns0searchvalue' SQL Injection Exploit Author: Renos Nikolaou Software Link: https://codecanyon.net/item/simple-pos-point-of-sale-made-easy/3947976 Vendor Homepage: https://tecdiary.com/ Version: 4.0.24...

0.4AI score
Exploits0
0day.today
0day.today
added 2018/09/04 12:0 a.m.25 views

mooSocial Store Plugin 2.6 - SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: mooSocial Store Plugin 2.6 - SQL Injection Exploit Author: Andrea Bocchetti Vendor: https://moosocial.com/product/store-plugins/ Software Link: https://moosocial.com/product/store-plugins/ Demo URL:...

Exploits0
0day.today
0day.today
added 2018/09/04 12:0 a.m.28 views

Linux/ARM - read(0, buf, 0xff) stager + execve("/bin/sh", NULL, NULL) Shellcode 20 Bytes

/ Title: Linux/ARM - read0, buf, 0xff stager + execve"/bin/sh", NULL, NULL Shellcode 20 Bytes Tested: armv7l Raspberry Pi 3 Model B+ Author: Ken Kitahara System Information pi@raspberrypi: $ uname -a Linux raspberrypi 4.14.52-v7+ 1123 SMP Wed Jun 27 17:35:49 BST 2018 armv7l GNU/Linux...

7.4AI score
Exploits0
0day.today
0day.today
added 2018/09/04 12:0 a.m.31 views

Soroush IM Desktop App 0.17.0 - Authentication Bypass Vulnerability

Exploit for windows platform in category local exploits Exploit Title: Soroush IM Desktop App 0.17.0 - Authentication Bypass Exploit Author: VortexNeoX64 Vendor Homepage: https://soroush-app.ir Software Link: http://54.36.43.176/SoroushSetup0.17.0.exe Version: 0.17.0 BETA Tested on: Windows 10 18...

7.2AI score
Exploits0
0day.today
0day.today
added 2018/09/04 12:0 a.m.25 views

iSmartViewPro 1.5 - DDNS Buffer Overflow Exploit

Exploit for windows platform in category local exploits Exploit Title: iSmartViewPro 1.5 - 'DDNS/IP/DID' Buffer Overflow Discovery by: Luis Martinez Vendor Homepage: https://securimport.com/ Software Link:...

0.1AI score
Exploits0
0day.today
0day.today
added 2018/09/04 12:0 a.m.20 views

Logicspice FAQ Script 2.9.7 - Remote Code Execution Vulnerability

Exploit for php platform in category web applications Exploit Title: Logicspice FAQ Script 2.9.7 - Remote Code Execution Exploit Author: Özkan Mustafa Akkuş AkkuS Vendor Homepage: https://www.logicspice.com/products/faq-script Software Link:...

Exploits0
0day.today
0day.today
added 2018/09/04 12:0 a.m.19 views

PHP File Browser Script 1 - Directory Traversal Vulnerability

Exploit for php platform in category web applications Exploit Title: PHP File Browser Script 1 - Directory Traversal Exploit Author: Özkan Mustafa Akkuş AkkuS Vendor Homepage: https://www.hscripts.com/scripts/php/file-browser.php Software...

7.4AI score
Exploits0
0day.today
0day.today
added 2018/09/04 12:0 a.m.29 views

Online Quiz Maker 1.0 - File Include Vulnerability

Exploit for php platform in category web applications Exploit Title: Online Quiz Maker 1.0 - File Include Vulnerability Vendor Homepage: https://www.hscripts.com/scripts/php/quiz-maker.php Software Link:https://www.hscripts.com/scripts/php/downloads/quiz-maker.zip Version: 1.0 Category: Webapps P...

0.2AI score
Exploits0
0day.today
0day.today
added 2018/09/03 12:0 a.m.38 views

Trend Micro Virtual Mobile Infrastructure 5.5.1336 - Server address Denial of Service Exploit

Exploit for windows platform in category dos / poc Exploit Title: Trend Micro Virtual Mobile Infrastructure 5.5.1336 - 'Server address' Denial of Service PoC Discovery by: Luis Martinez Vendor Homepage: http://www.trendmicro.com.tr/media/ds/virtual-mobile-infrastructure-datasheet-en.pdf Software...

7.4AI score
Exploits0
0day.today
0day.today
added 2018/09/03 12:0 a.m.42 views

Visual Ping 0.8.0.0 - Host Denial of Service Exploit

Exploit for windows platform in category dos / poc Exploit Title: Visual Ping 0.8.0.0 - 'Host' Denial of Service PoC Exploit Author: Uriel Corral Salinas Vendor Homepage: http://www.itlights.com Software Link: http://www.scanwith.com/download/FreeVisualPing.htm Version: Free Visual Ping Version...

7.4AI score
Exploits0
0day.today
0day.today
added 2018/09/03 12:0 a.m.20 views

Wikipedia 12.0 - Denial of Service Exploit

Exploit for windows platform in category dos / poc Exploit Title: Wikipedia 12.0 - Denial of Service PoC Author: 0xB9 Twitter: @0xB9Sec Contact: 0xB9atpm.me Software Link: https://www.microsoft.com/en-us/p/wikipedia/9wzdncrfhwm4?activetab=pivot%3aoverviewtab Version: 12.0 Tested on: Windows 10...

7.4AI score
Exploits0
0day.today
0day.today
added 2018/09/03 12:0 a.m.93 views

Xiaomi MIWiFi Xiaomi_55DD 2.8.50 Out-Of-Band Resource Load Vulnerability

An out-of-band resource load issue was discovered on Xiaomi MIWiFi Xiaomi55DD version 2.8.50 devices. It is possible to induce the application to retrieve the contents of an arbitrary external URL and return those contents in its own response. If a domain name containing a random string is used i...

0.5AI score0.01967EPSS
Exploits3
0day.today
0day.today
added 2018/09/03 12:0 a.m.92 views

Online Quiz Maker 1.0 - catid SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: Online Quiz Maker 1.0 - 'catid' SQL Injection Exploit Author: Özkan Mustafa Akkuş AkkuS Vendor Homepage: https://www.hscripts.com/scripts/php/quiz-maker.php Software...

7.4AI score
Exploits0
0day.today
0day.today
added 2018/09/03 12:0 a.m.37 views

Symantec Mobile Encryption for iPhone 2.1.0 - Server Denial of Service Exploit

Exploit for iOS platform in category dos / poc Exploit Title: Symantec Mobile Encryption for iPhone 2.1.0 - 'Server' Denial of Service PoC Discovery by: Luis Martinez Vendor Homepage: https://www.symantec.com/ Software Link:...

7.1AI score
Exploits0
0day.today
0day.today
added 2018/09/03 12:0 a.m.49 views

Admidio 3.3.5 - Cross-Site Request Forgery (Change Permissions) Vulnerability

Exploit for php platform in category web applications Exploit Title: Admidio 3.3.5 - Cross-Site Request Forgery Change Permissions Author: Nawaf Alkeraithe Vendor Homepage: https://www.admidio.org/ Software Link:...

0.7AI score
Exploits0
0day.today
0day.today
added 2018/09/03 12:0 a.m.28 views

FsPro Labs Event Log Explorer v4.6.1.2115 - XML External Entity Injection Vulnerability

Exploit for windows platform in category web applications Title: FsPro Labs Event Log Explorer v4.6.1.2115 - XML External Entity Injection Author: hyp3rlinx Vendor: www.eventlogxp.com Software: https://eventlogxp.com/download.php Affected Component: elex.exe CVE: N/A Description: Upon opening a...

7.4AI score
Exploits0
0day.today
0day.today
added 2018/09/03 12:0 a.m.23 views

VSAXESS V2.6.2.70 build20171226_053 - Nickname Denial of Service Exploit

Exploit for windows platform in category dos / poc Exploit Title: VSAXESS V2.6.2.70 build20171226053 - 'Nickname' Denial of Service PoC Discovery by: Diego Santamaria Vendor Homepage: https:https://www.visionistech.com/en/home/ Software Link:...

7.4AI score
Exploits0
0day.today
0day.today
added 2018/09/03 12:0 a.m.21 views

Microsoft Windows Explorer Out-of-Bound Read - Denial of Service Exploit

Exploit for windows platform in category dos / poc Exploit Title: Microsoft Windows Explorer Out-of-Bound read - Denial of Service PoC Exploit Author: Ghaaf Vendor Homepage: http://www.microsoft.com Version: Windows 7x86/x64 Tested on: 6.1.7601 Service Pack 1 Build 7601 CVE: N/A buffer = '' buffe...

7.4AI score
Exploits0
0day.today
0day.today
added 2018/09/03 12:0 a.m.75 views

D-Link DIR-615 - Denial of Service Vulnerability

Exploit for hardware platform in category dos / poc Exploit Title: D-Link DIR-615 - Denial of Service PoC Vendor Homepage: http://www.dlink.co.in Hardware Link: https://www.amazon.in/D-Link-DIR-615-Wireless-N300-Router-Black/dp/B0085IATT6 Version: D-Link DIR-615 Category: Hardware Exploit Author:...

9.7AI score0.45347EPSS
Exploits4
0day.today
0day.today
added 2018/09/01 12:0 a.m.56 views

gVisor Sentry Invalid Access Vulnerability

gVisor Sentry permits access to the renameat syscall. As the sentry is not chrooted, it permits renaming files in the host system. gVisor sentry can call renameat The seccomp sandbox of the gVisor sentry permits access to the renameat syscall:...

0.1AI score
Exploits0
0day.today
0day.today
added 2018/09/01 12:0 a.m.185 views

AZORult Stealer 2 Botnet SQL Injection Vulnerability

Exploit for php platform in category web applications Title: AZORult Stealer v2 Botnet - SQL injection Credit: Bilal KARDADOU URL: https://www.rekings.com/shop/azorult-stealer/ Product: 'AZORult Stealer v2 Botnet' Type: Paid Google Dork: N/A Description: Stealer of stored passwords, cookies,...

Exploits0
0day.today
0day.today
added 2018/09/01 12:0 a.m.37 views

DamiCMS 6.0.0 - Cross-Site Request Forgery (Change Admin Password) Vulnerability

Exploit for php platform in category web applications 0day.today 2018-09-01...

2AI score
Exploits0
0day.today
0day.today
added 2018/09/01 12:0 a.m.27 views

Acunetix WVS Reporter 10.0 - Denial of Service Exploit

Exploit for windows platform in category dos / poc Exploit Title: Acunetix WVS Reporter 10.0 - Denial of Service PoC Exploit Author: Ali Alipour Vendor Homepage : https://www.acunetix.com/ Tested on : Windows 10 - 64-bit Steps to Reproduce Run the python exploit script, it will create a new file...

7.4AI score
Exploits0
0day.today
0day.today
added 2018/08/31 12:0 a.m.33 views

Vox TG790 ADSL Router - Cross-Site Scripting Vulnerability

Exploit for hardware platform in category web applications Title: Vox TG790 ADSL Router - Cross-Site Scripting Author: Cakes Vendor: Vox Telecom Link: https://www.vox.co.za/ Firmware Version: 6.2.W.1 CVE: N/A Description Due to improper user iunput management low privilege users are able to creat...

Exploits0
0day.today
0day.today
added 2018/08/31 12:0 a.m.27 views

Linux/ARM - read(0, buf, 0xff) stager + execve("/bin/sh", NULL, NULL) Shellcode 28 Bytes

/ Title: Linux/ARM - read0, buf, 0xff stager + execve"/bin/sh", NULL, NULL Shellcode 28 Bytes Date: 2018-08-30 Tested: armv7l Raspberry Pi 3 Model B+ Author: Ken Kitahara pi@raspberrypi: $ uname -a Linux raspberrypi 4.14.52-v7+ 1123 SMP Wed Jun 27 17:35:49 BST 2018 armv7l GNU/Linux pi@raspberrypi...

7.1AI score
Exploits0
0day.today
0day.today
added 2018/08/31 12:0 a.m.96 views

Cybrotech CyBroHttpServer 1.0.3 Cross Site Scripting Vulnerability

Exploit for windows platform in category web applications Exploit Title: Cybrotech CyBroHttpServer 1.0.3 - Cross-Site Scripting Exploit Author: Emre AVANA Vendor Homepage: http://www.cybrotech.com/ Software Link: http://www.cybrotech.com/wp-content/uploads/2016/11/CyBroHttpServer-v1.0.3.zip...

6.4AI score0.03986EPSS
Exploits5
0day.today
0day.today
added 2018/08/31 12:0 a.m.90 views

ownCloud 0.1.2 User Impersonation Authorization Bypass Vulnerability

Exploit for php platform in category web applications Product: ownCloud Impersonate Vendor: ownCloud CSNC ID: CSNC-2018-015 CVE ID: N/A Subject: Authorization bypass Risk: High Effect: Remotely exploitable Author: Thierry Viaccoz Date: 29.08.2018 Introduction: ------------- ownCloud 1 is a suite ...

0.2AI score
Exploits0
0day.today
0day.today
added 2018/08/31 12:0 a.m.41 views

WordPress Quizlord 2.0 Cross Site Scripting Vulnerability

Exploit for php platform in category web applications Exploit Title: WordPress Plugin Quizlord 2.0 - Cross-Site Scripting Exploit Author: Renos Nikolaou Software Link: https://downloads.wordpress.org/plugin/quizlord.zip Version: 2.0 Tested on: Kali Linux CVE: N/A Description : Quizlord is prone t...

7.4AI score
Exploits0
0day.today
0day.today
added 2018/08/31 12:0 a.m.68 views

Network Manager VPNC Username Privilege Escalation

This Metasploit module exploits an injection vulnerability in the Network Manager VPNC plugin to gain root privileges. This Metasploit module uses a new line injection vulnerability in the configured username for a VPN network connection to inject a Password helper configuration directive into th...

8.8CVSS0.3AI score0.05059EPSS
Exploits7
0day.today
0day.today
added 2018/08/30 12:0 a.m.40 views

DLink DIR-601 - Credential Disclosure Vulnerability

Exploit for hardware platform in category web applications Exploit Title: DLink DIR-601 - Credential Disclosure Exploit Author: Kevin Randall Vendor Homepage: https://www.dlink.com Software Link: N/A Version: Firmware: 2.02NA Hardware Version B1 Tested on: Windows 10 + Mozilla Firefox CVE :...

8.2AI score0.76507EPSS
Exploits4
0day.today
0day.today
added 2018/08/30 12:0 a.m.49 views

Linux/MIPS64 - execve(/bin/sh) Shellcode (48 bytes)

/ Title: Linux/MIPS64 - execve/bin/sh Shellcode 48 bytes Author: Antonio execve/bin/sh shellcode for MIPS64 tested on MIPS Malta - Linux debian-mips64el 4.9.0-3-5kc-malta 48 bytes gcc -fno-stack-protector -z execstack main.c -o main -g adp, SLAE - 1326, 2018. / include include / .text .global sta...

0.1AI score
Exploits0
0day.today
0day.today
added 2018/08/30 12:0 a.m.34 views

Linux/x86 - IPv6 Reverse TCP Shellcode Generator (94 bytes)

!/usr/bin/env python3 Exploit Title: Linux x86 IPv6 Reverse TCP Shellcode Generator 94 bytes Shellcode Author: Kevin Kirsche Shellcode Repository: https://github.com/kkirsche/SLAE/tree/master/assignment2-reverseshell Tested on: Shell on Ubuntu 18.04 with gcc 7.3.0 / Connecting to Kali 2018.2 This...

7.4AI score
Exploits0
0day.today
0day.today
added 2018/08/30 12:0 a.m.175 views

Nord VPN 6.14.31 - Denial of Service Exploit

Exploit for windows platform in category dos / poc Exploit Title: Nord VPN = 6.14.31 - Denial of Service PoC Exploit Author : L0RD borna nematzadeh Contact: email protected Vendor Homepage : https://nordvpn.com Software link: https://nordvpn.com/download/ Version: = 6.14.31 Tested on: Windows 10...

7.4AI score
Exploits0
Total number of security vulnerabilities39001