Lucene search
K

39001 matches found

0day.today
0day.today
added 2018/07/19 12:0 a.m.109 views

Modx Revolution < 2.6.4 - Remote Code Execution Exploit

Exploit for php platform in category web applications Exploit Title: Modx Revolution ' if requests.get target + '/connectors/system/phpthumb.php', verify=verify.statuscode != 404: printFore.GREEN + '/connectors/system/phpthumb.php - found' url = target + '/connectors/system/phpthumb.php' payload ...

7.3AI score0.64088EPSS
Exploits6
0day.today
0day.today
added 2018/07/19 12:0 a.m.37 views

FTP2FTP 1.0 - Arbitrary File Download Vulnerability

Exploit for php platform in category web applications Exploit Title: FTP2FTP 1.0 - Arbitrary File Download Dork: N/A Date: 18.07.2018 Exploit Author: Özkan Mustafa Akkuş AkkuS Vendor Homepage: https://codecanyon.net/item/ftp2ftp-server-to-server-file-transfer-php-script/21972395 Version: 1.0...

7.4AI score
Exploits0
0day.today
0day.today
added 2018/07/19 12:0 a.m.40 views

MyBB New Threads Plugin 1.1 - Cross-Site Scripting Vulnerability

Exploit for php platform in category web applications Exploit Title: MyBB New Threads Plugin - Cross-Site Scripting Author: 0xB9 Twitter: @0xB9Sec Contact: 0xB9atpm.me Software Link: https://community.mybb.com/mods.php?action=view&pid=1143 Version: 1.1 Tested on: Ubuntu 18.04 CVE: CVE-2018-14392 ...

0.1AI score0.48557EPSS
Exploits5
0day.today
0day.today
added 2018/07/19 12:0 a.m.312 views

Linux Kernel < 4.14.8 Sign Extension Local Privilege Escalation Exploit

Linux kernel versions prior to 4.14.8 utilize the Berkeley Packet Filter BPF which contains a vulnerability where it may improperly perform signing for an extension. This can be utilized to escalate privileges. The target system must be compiled with BPF support and must not have...

7.2CVSS0.9AI score0.30052EPSS
Exploits16
0day.today
0day.today
added 2018/07/19 12:0 a.m.36 views

WordPress All In One Favicon 4.6 Plugin - Cross-Site Scripting Vulnerability

Exploit for php platform in category web applications Exploit Title: WordPress Plugin All In One Favicon = 4.6 - Authenticated Multiple XSS Persistent Exploit Author: Javier Olmedo Website: https://hackpuntes.com/ Vendor Homepage: http://www.techotronic.de/ Software Link:...

5.2AI score0.02003EPSS
Exploits6
0day.today
0day.today
added 2018/07/19 12:0 a.m.61 views

Open-AudIT Community 2.1.1 - Cross-Site Scripting Vulnerability

Exploit for multiple platform in category web applications Exploit Title: Open-AudIT Community - 2.1.1 - Cross Site Scripting Vulnerability Google Dork:NA Exploit Author: Ranjeet Jaiswal Vendor Homepage: https://opmantek.com/ Software Link:http://dl-openaudit.opmantek.com/OAE-Win-x8664-...

5.6AI score0.01867EPSS
Exploits5
0day.today
0day.today
added 2018/07/18 12:0 a.m.33 views

Smart SMS & Email Manager 3.3 - contact_type_id SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: Smart SMS & Email Manager v3.3 - SQL Injection Exploit Author: Özkan Mustafa Akkuş AkkuS Vendor Homepage: https://codecanyon.net/item/smart-sms-email-manager-ssem/14817919 Version: 3.3 Tested on: Kali linux...

7.4AI score
Exploits0
0day.today
0day.today
added 2018/07/18 12:0 a.m.31 views

HomeMatic Zentrale CCU2 Unauthenticated Remote Code Execution Exploit

Exploit for hardware platform in category remote exploits Exploit Title: HomeMatic Zentrale CCU2 Unauthenticated RCE Software Link: https://www.homematic.com/ Exploit Author: Kacper Szurek - ESET Contact: https://twitter.com/KacperSzurek Website: https://security.szurek.pl/ YouTube:...

7.5AI score
Exploits0
0day.today
0day.today
added 2018/07/18 12:0 a.m.83 views

PrestaShop < 1.6.1.19 - BlowFish ECD Privilege Escalation Exploit

Exploit for php platform in category web applications !/usr/bin/env python3 PrestaShop = 1.6.1.19 Privilege Escalation Charles Fol 2018-07-10 See https://ambionics.io/blog/prestashop-privilege-escalation The condition for this exploit to work is for an employee to have the same password as a...

0.16666EPSS
Exploits3
0day.today
0day.today
added 2018/07/18 12:0 a.m.64 views

PrestaShop < 1.6.1.19 - AES CBC Privilege Escalation Exploit

Exploit for php platform in category web applications !/usr/bin/env python3 PrestaShop = 1.6.1.19 AES Rijndael / opensslencrypt Cookie Read Charles Fol See https://ambionics.io/blog/prestashop-privilege-escalation This POC will reveal the content of an employee's cookie. By modifying it one can...

0.6AI score0.16666EPSS
Exploits3
0day.today
0day.today
added 2018/07/18 12:0 a.m.103 views

JavaScript Core - Arbitrary Code Execution Exploit

Exploit for multiple platform in category local exploits // Load Int library, thanks saelo! load'util.js'; load'int64.js'; // Helpers to convert from float to in a few random places var conva = new ArrayBuffer8; var convf = new Float64Arrayconva; var convi = new Uint32Arrayconva; var convi8 = new...

5.1CVSS0.4AI score0.12472EPSS
Exploits3
0day.today
0day.today
added 2018/07/17 12:0 a.m.79 views

Nanopool Claymore Dual Miner APIs Remote Code Execution Exploit

Exploit for multiple platform in category remote exploits This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core/exploit/powershell' class MetasploitModule 'Nanopool Claymore Dual Miner APIs RCE',...

4.3CVSS6.6AI score0.77297EPSS
Exploits15
0day.today
0day.today
added 2018/07/17 12:0 a.m.46 views

Microhard Systems 3G/4G Cellular Ethernet and Serial Gateway - Configuration Download Vulnerability

Exploit for hardware platform in category web applications Microhard Systems 3G/4G Cellular Ethernet and Serial Gateway Configuration Download Vendor: Microhard Systems Inc. Product web page: http://www.microhardcorp.com Affected version: IPn4G 1.1.0 build 1098 IPn3Gb 2.2.0 build 2160 IPn4Gb 1.1....

7.1AI score
Exploits0
0day.today
0day.today
added 2018/07/17 12:0 a.m.25 views

Linux/x64 - Reverse (::1:1337/TCP) + IPv6 + Password (pwnd) Shellcode (115 bytes)

/ ; Title : Reverse Shell IPv6 with Password - Shellcode ; Author : Hashim Jawad @ihack4falafel ; OS : Linux kali 4.15.0-kali2-amd64 1 SMP Debian 4.15.11-1kali1 2018-03-21 x8664 GNU/Linux ; Arch : x8664 ; Size : 115 bytes section .text global start start: ; int socketint domain, int type, int...

7.4AI score
Exploits0
0day.today
0day.today
added 2018/07/17 12:0 a.m.200 views

TPLink Archer C60 1.0 Code Execution Exploit

Exploit for hardware platform in category web applications Exploit Title: UnAuthenticated Remote Code Execution at TP-Link Archer C60 Router Date: 16.07.2018 Exploit Author: Ismail Tasdelen Vendor Homepage: https://www.tp-link.com/ Hardware Link :...

0.2AI score
Exploits0
0day.today
0day.today
added 2018/07/17 12:0 a.m.52 views

Microhard Systems 3G/4G Cellular Ethernet and Serial Gateway - Restricted Shell Escape Vulnerability

Exploit for hardware platform in category local exploits Microhard Systems 3G/4G Cellular Ethernet and Serial Gateway Backdoor Jailbreak Vendor: Microhard Systems Inc. Product web page: http://www.microhardcorp.com Affected version: IPn4G 1.1.0 build 1098 IPn3Gb 2.2.0 build 2160 IPn4Gb 1.1.6 buil...

0.1AI score
Exploits0
0day.today
0day.today
added 2018/07/17 12:0 a.m.138 views

Microsoft Windows #MicrosoftWindows .library-ms Information Disclosure Vulnerability

Library description files are XML files that define libraries. Libraries aggregate items from local and remote storage locations into a single view in Windows Explorer. Library description files follow the Library Description schema and are saved as .library-ms files. The .library-ms filetype...

7.5AI score
Exploits0
0day.today
0day.today
added 2018/07/17 12:0 a.m.44 views

Microhard Systems 3G/4G Cellular Ethernet and Serial Gateway - Default Credentials Vulnerability

Exploit for hardware platform in category remote exploits Microhard Systems 3G/4G Cellular Ethernet and Serial Gateway Default Credentials Vendor: Microhard Systems Inc. Product web page: http://www.microhardcorp.com Affected version: IPn4G 1.1.0 build 1098 IPn3Gb 2.2.0 build 2160 IPn4Gb 1.1.6...

7.1AI score
Exploits0
0day.today
0day.today
added 2018/07/17 12:0 a.m.20 views

LinkedIn account bypassed 2-Factor-Authentication Exploit

Exploit can reset any LinkedIn account while bypassing callphone authentication. This is private exploit. You can buy it at https://0day.today...

1.3AI score
Exploits0
0day.today
0day.today
added 2018/07/17 12:0 a.m.46 views

QNAP #QCenter change_passwd Command Execution Exploit

This Metasploit module exploits a command injection vulnerability in the changepasswd API method within the web interface of QNAP Q'Center virtual appliance versions prior to 1.7.1083. The vulnerability allows the 'admin' privileged user account to execute arbitrary commands as the 'admin'...

0.4AI score0.59215EPSS
Exploits9
0day.today
0day.today
added 2018/07/17 12:0 a.m.41 views

Microhard Systems 3G/4G Cellular Ethernet and Serial Gateway - File Manipulation Vulnerability

Exploit for hardware platform in category web applications Microhard Systems 3G/4G Cellular Ethernet and Serial Gateway Arbitrary File Attacks Vendor: Microhard Systems Inc. Product web page: http://www.microhardcorp.com Affected version: IPn4G 1.1.0 build 1098 IPn3Gb 2.2.0 build 2160 IPn4Gb 1.1....

7.1AI score
Exploits0
0day.today
0day.today
added 2018/07/17 12:0 a.m.68 views

Microhard Systems 3G/4G Cellular Ethernet and Serial Gateway - Denial of Service Vulnerability

Exploit for hardware platform in category dos / poc Microhard Systems 3G/4G Cellular Ethernet and Serial Gateway Service Control DoS Vendor: Microhard Systems Inc. Product web page: http://www.microhardcorp.com Affected version: IPn4G 1.1.0 build 1098 IPn3Gb 2.2.0 build 2160 IPn4Gb 1.1.6 build...

7AI score
Exploits0
0day.today
0day.today
added 2018/07/17 12:0 a.m.56 views

Microhard Systems 3G/4G Cellular Ethernet and Serial Gateway - Cross-Site Request Forgery Vulnerabil

Exploit for hardware platform in category web applications Microhard Systems 3G/4G Cellular Ethernet and Serial Gateway CSRF Vulnerabilities Vendor: Microhard Systems Inc. Product web page: http://www.microhardcorp.com Affected version: IPn4G 1.1.0 build 1098 IPn3Gb 2.2.0 build 2160 IPn4Gb 1.1.6...

0.3AI score
Exploits0
0day.today
0day.today
added 2018/07/17 12:0 a.m.55 views

Microhard Systems 3G/4G Cellular Ethernet and Serial Gateway - Remote Root Vulnerability

Exploit for hardware platform in category web applications Microhard Systems 3G/4G Cellular Ethernet and Serial Gateway Remote Root Exploit Vendor: Microhard Systems Inc. Product web page: http://www.microhardcorp.com Affected version: IPn4G 1.1.0 build 1098 IPn3Gb 2.2.0 build 2160 IPn4Gb 1.1.6...

7.1AI score
Exploits0
0day.today
0day.today
added 2018/07/16 12:0 a.m.71 views

Wordpress Job Manager 4.1.0 Plugin - Cross-Site Scripting Vulnerability

Exploit for php platform in category web applications Exploit Title: Wordpress Plugin Job Manager v4.1.0 Stored Cross Site Scripting Google Dork: N/A Date: 2018-07-15 Exploit Author: Berk Dusunur & Selimcan Ozdemir Vendor Homepage: https://wpjobmanager.com Software Link:...

Exploits0
0day.today
0day.today
added 2018/07/16 12:0 a.m.32 views

Linux/ARM - Bind (/TCP) Shell Shellcode (104 bytes)

/ Copyright © 2017 Odzhan. All Rights Reserved. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: 1. Redistributions of source code must retain the above copyright notice, this list of conditions and the...

Exploits0
0day.today
0day.today
added 2018/07/16 12:0 a.m.48 views

VelotiSmart WiFi B-380 Camera - Directory Traversal Vulnerability

Exploit for hardware platform in category web applications Title: Vulnerability in VelotiSmart Wifi - Directory Traversal Date: 12-07-2018 Scope: Directory Traversal Platforms: Unix Author: Miguel Mendez Z Vendor: VelotiSmart Version: B380 CVE: CVE-2018–14064 Vulnerability description...

0.7AI score0.3757EPSS
Exploits5
0day.today
0day.today
added 2018/07/16 12:0 a.m.26 views

Microsoft Enterprise Mode Site List Manager - XML External Entity Injection Vulnerability

Exploit for windows platform in category local exploits + Credits: John Page aka hyp3rlinx Vendor ============= www.microsoft Product =========== Enterprise Mode Site List Manager versions1/2 You can use IE11 and the Enterprise Mode Site List Manager to add individual website domains and domain...

Exploits0
0day.today
0day.today
added 2018/07/16 12:0 a.m.86 views

Fortify Software Security Center (SSC) 17.x/18.1 - XML External Entity Injection Vulnerability

Exploit for java platform in category web applications Details ================ Software: Fortify SSC Software Security Center Version: 17.10, 17.20 & 18.10 Homepage: https://www.microfocus.com Advisory report: https://github.com/alt3kx/CVE-2018-12463 CVE: CVE-2018-12463 at...

0.2AI score0.13849EPSS
Exploits4
0day.today
0day.today
added 2018/07/16 12:0 a.m.32 views

macOS / iOS - JavaScript Injection Bug in OfficeImporter Exploit

Exploit for multiple platform in category dos / poc QuickLook is a widely used feature in macOS/iOS which allows you to preview various formats such as pdf, docx, pptx, etc. The way it uses to show office files is quite interesting. First it parses the office file and converts it to HTML code usi...

Exploits0
0day.today
0day.today
added 2018/07/16 12:0 a.m.259 views

Linux Ubuntu - Other Users coredumps can be read via setgid Directory and killpriv Bypass Exploit

Exploit for linux platform in category dos / poc / Note: I am both sending this bug report to email protected and filing it in the Ubuntu bugtracker because I can't tell whether this counts as a kernel bug or as a Ubuntu bug. You may wish to talk to each other to determine the best place to fix...

8.3AI score0.0101EPSS
Exploits2
0day.today
0day.today
added 2018/07/14 12:0 a.m.40 views

Linux #Ubuntu Coredump Reading Access Bypass Vulnerability

Linux/Ubuntu suffers from a vulnerability where other users' coredumps can be read via a setgid directory and killpriv bypass. Linux/Ubuntu: other users' coredumps can be read via setgid directory and killpriv bypass Note: I am both sending this bug report to email protected and filing it in the...

0.4AI score
Exploits0
0day.today
0day.today
added 2018/07/13 12:0 a.m.29 views

Apache #Hadoop YARN ResourceManager Unauthenticated Command Execution Exploit

This Metasploit module exploits an unauthenticated command execution vulnerability in Apache Hadoop through ResourceManager REST API. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Hadoop YARN...

0.4AI score
Exploits0
0day.today
0day.today
added 2018/07/13 12:0 a.m.126 views

Apache #CouchDB Arbitrary Command Execution Exploit

CouchDB administrative users can configure the database server via HTTPS. Some of the configuration options include paths for operating system-level binaries that are subsequently launched by CouchDB. This allows an admin user in Apache CouchDB before 1.7.0 and 2.x before 2.1.1 to execute arbitra...

10CVSS0.4AI score0.99838EPSS
Exploits21
0day.today
0day.today
added 2018/07/13 12:0 a.m.137 views

phpMyAdmin Authenticated Remote Code Execution Exploit

phpMyAdmin v4.8.0 and v4.8.1 are vulnerable to local file inclusion, which can be exploited post-authentication to execute PHP code by application. The module has been tested with phpMyAdmin v4.8.1. This module requires Metasploit: https://metasploit.com/download Current source:...

0.1AI score0.98391EPSS
Exploits20
0day.today
0day.today
added 2018/07/13 12:0 a.m.60 views

OpenConext-EngineBlock 5.7.3 Cross Site Scripting Vulnerability

Exploit for php platform in category web applications XSS vulnerabilities were found in multiple pages that allows an attacker to inject arbitrary web scripts. The Twig PHP extension configuration was not sanitizing user input before display it to the user. Issues fixed in version 5.7.4 and 5.8.0...

0.0084EPSS
Exploits2
0day.today
0day.today
added 2018/07/13 12:0 a.m.56 views

Chrome V8 KeyAccumulator Bug Exploit

Chrome V8 suffers from a bug in KeyAccumulator that can cause a crash. Chrome: V8: A bug with KeyAccumulator PoC: for let i = 0; i https://cs.chromium.org/chromium/src/v8/src/objects.cc?rcl=a2ca1996873f3ffa79d9495fb2cf4e7c0e51d9e9&l=18369. The new table is directly used as the backing store of th...

0.5AI score
Exploits0
0day.today
0day.today
added 2018/07/13 12:0 a.m.97 views

Microsoft Windows #MicrosoftWindows POP/MOV SS Local Privilege Elevation Exploit

This Metasploit module exploits a vulnerability in a statement in the system programming guide of the Intel 64 and IA-32 architectures software developer's manual being mishandled in various operating system kernels, resulting in unexpected behavior for DB exceptions that are deferred by MOV SS o...

7.2CVSS0.4AI score0.18404EPSS
Exploits9
0day.today
0day.today
added 2018/07/13 12:0 a.m.91 views

Zeta Producer Desktop CMS 14.2.0 Code Execution / File Disclosure Vulnerabilities

Zeta Producer Desktop CMS versions 14.2.0 and below suffers from code execution and file disclosure vulnerabilities. ======================================================================= title: Remote Code Execution & Local File Disclosure product: Zeta Producer Desktop CMS vulnerable version:...

0.3AI score0.17282EPSS
Exploits6
0day.today
0day.today
added 2018/07/13 12:0 a.m.55 views

Grundig Smart [email protected] 3.0 - Cross-Site Request Forgery Vulnerability

Exploit for hardware platform in category web applications Exploit Title: Grundig Smart email protected 3.0 - Cross-Site Request Forgery Exploit Author: Ahmethan-Gultekin - t4rkd3vilz Vendor Homepage: https://www.grundig.com/ Software Link: https://play.google.com/store/apps/details?id=arcelik...

0.4AI score0.03183EPSS
Exploits4
0day.today
0day.today
added 2018/07/13 12:0 a.m.79 views

ISS For Business 14.0.1400.2029 Blue Screen Of Death Vulnerability

In MicroWorld eScan Internet Security Suite ISS for Business version 14.0.1400.2029, the driver econceal.sys allows a non-privileged user to send a 0x830020E0 IOCTL request to \.\econceal to cause a denial of service BSOD. ===== Tempest Security Intelligence - ADV-24/2018 === eScan ISS for...

6.8AI score0.06271EPSS
Exploits6
0day.today
0day.today
added 2018/07/13 12:0 a.m.70 views

G DATA Total Security 25.4.0.3 - Activex Buffer Overflow Exploit

Exploit for windows platform in category dos / poc 'for debugging/custom prolog targetFile = "C:\Program Files\G DATA\TotalSecurity\ASK\GDASpam.dll" prototype = "Function IsBlackL...

0.3AI score0.06271EPSS
Exploits6
0day.today
0day.today
added 2018/07/13 12:0 a.m.71 views

#ManageEngine Exchange Reporter Plus Unauthenticated Remote Code Execution Exploit

This Metasploit module exploits a remote code execution vulnerability that exists in Exchange Reporter Plus versions 5310 and below, caused by execution of bcp.exe file inside ADSHACluster servlet This module requires Metasploit: https://metasploit.com/download Current source:...

0.3AI score
Exploits0
0day.today
0day.today
added 2018/07/13 12:0 a.m.122 views

QNAP Qcenter Virtual Appliance 1.6.x Information Disclosure / Command Injection Vulnerabilities

QNAP Qcenter Virtual Appliance versions 1.6.1056 20170825 and 1.6.1075 20171123 suffer from information disclosure and command injection vulnerabilities. QNAP Qcenter Virtual Appliance Multiple Vulnerabilities 1. Advisory Information Title: QNAP Qcenter Virtual Appliance Multiple Vulnerabilities...

0.4AI score0.59215EPSS
Exploits12
0day.today
0day.today
added 2018/07/12 12:0 a.m.84 views

MonstraCMS Authenticated Arbitrary File Upload Exploit

Monstra CMS 3.0.4 allows users to upload arbitrary files which leads to remote command execution on the remote server. An attacker may choose to upload a file containing PHP code and run this code by accessing the resulting PHP file. This Metasploit module was tested against Monstra CMS 3.0.4. Th...

6.5CVSS8.9AI score0.63355EPSS
Exploits6
0day.today
0day.today
added 2018/07/12 12:0 a.m.296 views

Linux Kernel < 4.13.9 (Ubuntu 16.04/Fedora 27) - Local Privilege Escalation Exploit

Exploit for linux platform in category local exploits / Credit @bleidl, this is a slight modification to his original POC https://github.com/brl/grlh/blob/master/get-rekt-linux-hardened.c For details on how the exploit works, please visit...

7.2CVSS0.2AI score0.30052EPSS
Exploits16
0day.today
0day.today
added 2018/07/12 12:0 a.m.53 views

Microsoft Edge Chakra JIT - Type Confusion with Hoisted SetConcatStrMultiItemBE Instructions Exploit

Exploit for windows platform in category dos / poc / Here's a PoC: / function optstr for let i = 0; i .var s9.var = LdSlot s32s18l53.var s7.var = LdSlot s20s18l51.var s8.var = LdSlot s19s18l52.var s1Object.var = LdA 0x7FFFF47A0000 GlobalObjectObject.var s2.var = LdCAI4 0 0x0.i32 s3.var = LdCAI4 2...

7.8AI score0.7131EPSS
Exploits2
0day.today
0day.today
added 2018/07/12 12:0 a.m.41 views

Microsoft Edge Chakra JIT - BoundFunction::NewInstance Out-of-Bounds Read Exploit

Exploit for windows platform in category dos / poc / BoundFunction::NewInstance is used to handle calls to a bound function. The method first allocates a new argument array and copies the prepended arguments and others into the new argument array and calls the actual function. The problem is, it...

7.6CVSS7.8AI score0.66913EPSS
Exploits3
0day.today
0day.today
added 2018/07/12 12:0 a.m.116 views

WAGO e!DISPLAY 7300T XSS / File Upload / Code Execution Vulnerabilities

WAGO e!DISPLAY 7300T WP 4.3 480x272 PIO1 version FW 01 - 01.01.1001 suffer from code execution, cross site scripting, weak permission, and remote file upload vulnerabilities. ======================================================================= title: Remote code execution via multiple attack...

6.8AI score0.3014EPSS
Exploits8
0day.today
0day.today
added 2018/07/12 12:0 a.m.41 views

Dicoogle PACS 2.5.0 - Directory Traversal Vulnerability

Exploit for windows platform in category web applications Exploit Title: Dicoogle PACS 2.5.0 - Directory Traversal Software Link: http://www.dicoogle.com/home Version: Dicoogle PACS 2.5.0-201712291522 Category: webapps Tested on: Windows 2012 R2 Exploit Author: Carlos Avila Contact:...

7.4AI score
Exploits0
Total number of security vulnerabilities39001