Lucene search
K

39001 matches found

0day.today
0day.today
added 2018/04/25 12:0 a.m.43 views

Blog Master Pro v1.0 - CSV Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: Blog Master Pro v1.0 - CSV Injection Exploit Author: 8bitsec CVE: CVE-2018-10255 Vendor Homepage: https://codecanyon.net/ Software Link: https://codecanyon.net/item/blog-master-pro/21689781 Version: 1.0 Tested on: Kali Linux 2.0...

0.2AI score0.071EPSS
Exploits4
0day.today
0day.today
added 2018/04/25 12:0 a.m.55 views

Shopy Point of Sale v1.0 - CSV Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: Shopy Point of Sale v1.0 - CSV Injection Exploit Author: 8bitsec CVE: CVE-2018-10258 Vendor Homepage: https://codecanyon.net/ Software Link: https://codecanyon.net/item/shopy-point-of-sales/21730225 Version: 1.0 Tested on: Kali...

0.07459EPSS
Exploits5
0day.today
0day.today
added 2018/04/24 12:0 a.m.34 views

WordPress Woo Import Export 1.0 Plugin - Arbitrary File Deletion Vulnerability

Exploit for php platform in category web applications 0day.today 2018-04-26...

7.4AI score
Exploits0
0day.today
0day.today
added 2018/04/24 12:0 a.m.57 views

Open-AudIT 2.1 - CSV Macro Injection Vulnerability

Exploit for windows platform in category web applications Exploit Title: Open-AudIT 2.1 - CSV Macro Injection Vulnerability Exploit Author: Sureshbabu Narvaneni Author Blog : http://nullnews.in Vendor Homepage: https://opmantek.com Software Link: https://www.open-audit.org/downloads.php Affected...

0.02839EPSS
Exploits5
0day.today
0day.today
added 2018/04/24 12:0 a.m.56 views

Adobe Flash - Overflow in Slab Rendering Exploit

Exploit for multiple platform in category dos / poc The attached fuzzed swf file causes heap or stack corruption depending on platform when rendering a slab. This PoC crashes a little bit unreliably, it is the most reliable in the standalone Flash player and Microsoft Edge. Proof of Concept:...

0.1AI score0.26467EPSS
Exploits2
0day.today
0day.today
added 2018/04/24 12:0 a.m.68 views

Adobe Flash - Info Leak in Image Inflation Exploit

Exploit for multiple platform in category dos / poc The attached image causes an info leak in image inflation. It occasionally crashes when rendered, otherwise it displays uninitialized memory as pixels. To reproduce, put the attached images on a webserver and vist:...

7.6AI score0.23432EPSS
Exploits2
0day.today
0day.today
added 2018/04/24 12:0 a.m.52 views

Adobe Flash - Out-of-Bounds Write in blur Filtering Exploit

Exploit for multiple platform in category dos / poc The attached swf file causes and out-of-bounds write in blur filtering. This PoC crashes reliably in Firefox for Linux. Proof of Concept: https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/bin-sploits/44529.zip...

0.1AI score0.26467EPSS
Exploits2
0day.today
0day.today
added 2018/04/24 12:0 a.m.26 views

MyBB Threads To Link 1.3 Cross Site Scripting Vulnerability

Exploit for php platform in category web applications Exploit Title: MyBB Threads to Link Plugin v1.3 - Persistent XSS Author: 0xB9 Contact: luxorforums.com/User-0xB9 or 0xB9atprotonmail.com Software Link: https://community.mybb.com/mods.php?action=view&pid=1065 Version: v1.3 Tested on: Ubuntu...

7.4AI score
Exploits0
0day.today
0day.today
added 2018/04/24 12:0 a.m.60 views

Zyxel ZyWALL ZLD 4.30 Cross Site Scripting Vulnerability

Exploit for hardware platform in category web applications ======================================================================= title: Reflected Cross-Site Scripting product: Zyxel ZyWALL: see "Vulnerable / tested version" vulnerable version: ZLD 4.30 and before fixed version: ZLD 4.31 CVE...

0.1AI score
Exploits0
0day.today
0day.today
added 2018/04/24 12:0 a.m.139 views

WordPress WD #Instagram Feed Premium 1.3.0 Cross Site Scripting Vulnerability

Exploit for php platform in category web applications WD Instagram Feed 1.3.0aaaXSS Vulnerabilities Two cross-site scripting vulnerabilities in the WD Instagram Feed WordPress plugin allow attackers to inject arbitrary web script or HTML by passing payloads through the bio of an Instagram profile...

0.00957EPSS
Exploits2
0day.today
0day.today
added 2018/04/24 12:0 a.m.59 views

Adobe Flash - Overflow when Playing Sound Exploit

Exploit for multiple platform in category dos / poc The attached fuzzed swf file causes heap overflow when playing a sound. This PoC crashes a little bit unreliably, it is the most reliable in the standalone Flash player and Microsoft Edge. Proof of Concept:...

0.2AI score0.29073EPSS
Exploits2
0day.today
0day.today
added 2018/04/24 12:0 a.m.67 views

WSO2 Identity Server 5.3.0 Cross Site Scripting Vulnerability

Exploit for php platform in category web applications ======================================================================= title: Multiple Stored XSS Vulnerabilities product: WSO2 Carbon, WSO2 Dashboard Server vulnerable version: WSO2 Identity Server 5.3.0 fixed version: WSO2 Identity Server...

0.39332EPSS
Exploits5
0day.today
0day.today
added 2018/04/24 12:0 a.m.52 views

Easy File Sharing Web Server 7.2 - UserID Remote Buffer Overflow (DEP Bypass) Exploit

Exploit for windows platform in category remote exploits !/usr/bin/env python --------------------------------------------------------------------------------------------------- Exploit Title : Easy File Sharing Web Server 7.2 - 'UserID' Remote Buffer Overflow DEP Bypass Date : 04/24/2018 Exploit...

9.7AI score0.77319EPSS
Exploits6
0day.today
0day.today
added 2018/04/24 12:0 a.m.55 views

WordPress UK Cookie Consent - Persistent Cross-Site Scripting Vulnerability

Exploit for php platform in category web applications Exploit Title: UK Cookie Consent v2.3.9 - Persistent Cross-Site Scripting Exploit Author: B0UG Vendor Homepage: https://catapultthemes.com/ Software Link: https://en-gb.wordpress.org/plugins/uk-cookie-consent/description Version: Tested on...

0.03892EPSS
Exploits5
0day.today
0day.today
added 2018/04/24 12:0 a.m.21 views

Allok Video to DVD Burner 2.6.1217 - Buffer Overflow (SEH) Exploit

Exploit for windows platform in category local exploits Exploit Title: Buffer OverflowSEH on Allok Video to DVD Burner2.6.1217 Exploit Author:T3jv1l Vendor Homepage:http://www.alloksoft.com/ Software: www.alloksoft.com/allokdvdburner.exe Category:Local Contact:https://twitter.com/T3jv1l Version:...

7.2AI score
Exploits0
0day.today
0day.today
added 2018/04/24 12:0 a.m.83 views

Kaspersky KSN Remote Code Execution Exploit

Exploit for windows platform in category remote exploits Exploit Author: Juan Sacco - http://exploitpack.com Vulnerability found using Exploit Pack v10 CVE: NotYet Exploit description: Kaspersky KSN is prone to a remote memory corruption because it fails to properly filter the input on the remote...

0.1AI score
Exploits0
0day.today
0day.today
added 2018/04/24 12:0 a.m.35 views

gif2apng 1.9 - .gif Stack Buffer Overflow Vulnerability

Exploit for linux platform in category dos / poc Exploit Title: gif2apng 1.9 '.gif' Stack-Buffer Overflow Date: 20 April 2018 Exploit Author: Hamm3r.py Vendor Homepage: http://gif2apng.sourceforge.net/ Version: 1.9 Tested on: Ubuntu 16.04 CVE : gif2apng is vulnerable to a stack based buffer...

0.1AI score
Exploits0
0day.today
0day.today
added 2018/04/24 12:0 a.m.43 views

Wuzhi CMS 4.1.0 Cross Site Request Forgery Vulnerability

Exploit for php platform in category web applications Exploit Title: WUZHI CMS 4.1.0 - Cross-Site Request Forgery Exploit Author: jiguang email protected Vendor Homepage: https://github.com/wuzhicms/wuzhicms Software Link: https://github.com/wuzhicms/wuzhicms Version: 4.1.0 CVE: CVE-2018-10312 An...

0.1AI score0.0248EPSS
Exploits5
0day.today
0day.today
added 2018/04/24 12:0 a.m.41 views

R 3.4.4 fow Windows - Local Buffer Overflow Exploit

Exploit for windows platform in category local exploits !/usr/bin/python Exploit Author: bzyo CVE: CVE-2018-9060 Twitter: @bzyo Exploit Title: R 3.4.4 - Local Buffer Overflow Date: 03-27-2018 Vulnerable Software: R 3.4.4 Vendor Homepage: https://www.r-project.org/ Version: 3.4.4 Software Link:...

0.2AI score
Exploits4
0day.today
0day.today
added 2018/04/24 12:0 a.m.43 views

Ericsson-LG iPECS NMS A.1Ac - Cleartext Credential Disclosure Exploit

Exploit for php platform in category web applications -- coding: utf-8 -- Exploit Title: Ericsson-LG iPECS NMS - Cleartext Cred. Dump Vendor Notification: 03-03-2018 - No response Initial CVE: 04-04-2018 Disclosure: 21-04-2018 Exploit Author: Berk Cem Göksel Contact: twitter.com/berkcgoksel ||...

9.3AI score0.13229EPSS
Exploits4
0day.today
0day.today
added 2018/04/23 12:0 a.m.64 views

Apache CouchDB 1.7.0 and 2.x before 2.1.1 - Remote Privilege Escalation Exploit

Exploit for linux platform in category web applications Exploit Title: Apache CouchDB JSON 1.7.0 and 2.x before 2.1.1 - Remote Privilege Escalation Date: 2017-08-07 Exploit Author: Sebastián Castro @r4wd3r Vendor Homepage:...

10CVSS0.1AI score0.99838EPSS
Exploits21
0day.today
0day.today
added 2018/04/23 12:0 a.m.58 views

Monstra cms 3.0.4 - Persitent Cross-Site Scripting Vulnerability

Exploit for php platform in category web applications Exploit Title: Monstra cms 3.0.4 - Persitent Cross-Site Scripting Exploit Author: Wenming Jiang Vendor Homepage: https://github.com/monstra-cms/monstra Software Link: https://github.com/monstra-cms/monstra Version: 3.0.4 Tested on: php 5.6,...

0.02195EPSS
Exploits5
0day.today
0day.today
added 2018/04/23 12:0 a.m.53 views

PRTG Network Monitor < 18.1.39.1648 - Stack Overflow Denial of Service Exploit

Exploit for windows platform in category dos / poc Exploit Title: PRTG 18.1.39.1648 - Stack Overflow Exploit Author: Lucas "luriel" Carmo Vendor Homepage: https://www.paessler.com/prtg Software Link: https://www.paessler.com/download/prtg-download Version: 18.1.39.1648 CVE : CVE-2018-10253 Post...

7.6AI score0.07627EPSS
Exploits4
0day.today
0day.today
added 2018/04/23 12:0 a.m.103 views

Ncomputing vSpace Pro v10 and v11 - Directory Traversal PoC

Exploit for windows platform in category web applications Exploit Title: Ncomputing vSpace Pro v10 and v11 - Directory Traversal Vulnerability Software Vendor: NComputing Software Link: Author: Javier Bernardo CVE: CVE-2018-10201 Category: Webapps Description It is possible to read arbitrary file...

7.8AI score0.45627EPSS
Exploits5
0day.today
0day.today
added 2018/04/23 12:0 a.m.88 views

phpMyAdmin 4.8.0 / 4.8.0-1 - Cross-Site Request Forgery Vulnerability

Exploit for php platform in category web applications Exploit Title: phpMyAdmin 4.8.0 Drop database 3. Solution: Upgrade to phpMyAdmin 4.8.0-1 or newer. 4. Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10188 0day.today 2018-04-23...

0.1AI score0.04218EPSS
Exploits5
0day.today
0day.today
added 2018/04/22 12:0 a.m.193 views

Interspire Email Marketer - Remote Admin Authentication Bypass Exploit

The function in charge of checking whether the user is already logged in init.php in Interspire Email Marketer IEM prior to 6.1.6 allows remote attackers to bypass authentication and obtain administrative access by using the IEMCookieLogin cookie with a specially crafted value. On top of that, if...

10CVSS0.4AI score0.36505EPSS
Exploits6
0day.today
0day.today
added 2018/04/22 12:0 a.m.183 views

ASUS infosvr Authentication Bypass Command Execution Exploit

This Metasploit module exploits an authentication bypass vulnerability in the infosvr service running on UDP port 9999 on various ASUS routers to execute arbitrary commands as root. This Metasploit module launches the BusyBox Telnet daemon on the port specified in the TelnetPort option to gain an...

10CVSS0.2AI score0.80731EPSS
Exploits12
0day.today
0day.today
added 2018/04/22 12:0 a.m.61 views

lastore-daemon D-Bus Privilege Escalation Exploit

This Metasploit module attempts to gain root privileges on Deepin Linux systems by using lastore-daemon to install a package. The lastore-daemon D-Bus configuration on Deepin Linux 15.5 permits any user in the sudo group to install arbitrary system packages without providing a password, resulting...

0.5AI score
Exploits0
0day.today
0day.today
added 2018/04/22 12:0 a.m.53 views

Microsoft Internet Explorer 11.371.16299.0 Denial Of Service Exploit

Exploit for windows platform in category dos / poc + Credits: John Page aka hyp3rlinx Vendor: ======= www.microsoft.com Product: ======== Internet Explorer Windows 10 v11.371.16299.0 Internet Explorer is a series of graphical web browsers developed by Microsoft and included in the Microsoft Windo...

7.4AI score
Exploits0
0day.today
0day.today
added 2018/04/22 12:0 a.m.46 views

Chrome V8 JIT NodeProperties::InferReceiverMaps Type Confusion Exploit

Exploit for multiple platform in category dos / poc Chrome: V8: JIT: Type confusion in NodeProperties::InferReceiverMaps https://cs.chromium.org/chromium/src/v8/src/compiler/node-properties.cc?rcl=df84e87191022bf6914f9570069908f10b303245&l=416 Here's a snippet of NodeProperties::InferReceiverMaps...

7.4AI score
Exploits0
0day.today
0day.today
added 2018/04/22 12:0 a.m.116 views

Drupal Avatar Uploader 7.x-1.0-beta8 Arbitary File Download Vulnerability

Exploit for php platform in category web applications Title: Arbitrary file download vulnerability in Drupal module avataruploader v7.x-1.0-beta8 Author: Larry W. Cashdollar CVE-ID:CVE-2018-9205 Download Site: https://www.drupal.org/project/avataruploader Vendor: https://www.drupal.org/u/robbinzh...

7.6AI score0.56924EPSS
Exploits6
0day.today
0day.today
added 2018/04/22 12:0 a.m.61 views

Linux/x86 Reverse TCP 127.1.1.1:5555 #Shellcode (73 Bytes)

/ Linux x86 Reverse TCP shellcode 127.1.1.1/5555 Shellcode Author: Anurag Srivastava Shellcode Length: 73 Student-ID: SLAE-1219 Note http://www.theanuragsrivastava.in/2018/04/reverse-tcp-shellcode-x86-slae.html reverse: file format elf32-i386 Disassembly of section .text: 08048060 : 8048060: 6a 6...

7.4AI score
Exploits0
0day.today
0day.today
added 2018/04/21 12:0 a.m.79 views

WordPress WooCommerce 2.0 / 3.0 Directory Traversal Vulnerability

Exploit for php platform in category web applications Exploit Title: WordPress woocommerce directory traversal Date: 28-11-2017 Software Link: https://wordpress.org/plugins/woocommerce/ Exploit Author:fu2x2000 Contact: email protected CVE:2017-17058 Version:Tested on WordPress 4.8.3 woocommerce...

6.7AI score
Exploits0
0day.today
0day.today
added 2018/04/20 12:0 a.m.32 views

Cobub Razor 0.8.0 - Physical path Leakage Vulnerability

Exploit for php platform in category web applications Exploit Title: Cobub Razor 0.8.0 Physical path Leakage Vulnerability Exploit Author: Kyhvedn Vendor Homepage: http://www.cobub.com/ Software Link: https://github.com/cobub/razor Version: 0.8.0 CVE : CVE-2018-8770 PoC: URL:...

0.60586EPSS
Exploits5
0day.today
0day.today
added 2018/04/19 12:0 a.m.59 views

Digital Guardian Management Console 7.1.2.0015 XXE Injection Vulnerability

Exploit for asp platform in category web applications Title: Digital Guardian Managment Console - XML External Entity Vulnerability Author: Pawel Gocyla Date: 18 April 2018 CVE: CVE-2018-10175 Affected software: ================== Digital Guardian Managment Console Version 7.1.2.0015 Description:...

0.2AI score0.01214EPSS
Exploits2
0day.today
0day.today
added 2018/04/19 12:0 a.m.57 views

Linux/x86 TCP Port 1337 Bindshell Shellcode

92 bytes small Linux x86 tcp/1337 bindshell shellcode. / Linux x86 Bind TCP shellcode This shellcode will listen on port 1337 and give you /bin/sh Shellcode Author: Anurag Srivastava Shellcode Length: 92 Student-ID: SLAE-1219 Note...

7.3AI score
Exploits0
0day.today
0day.today
added 2018/04/19 12:0 a.m.56 views

Digital Guardian Management Console 7.1.2.0015 Server Side Request Forgery Vulnerability

Exploit for asp platform in category web applications Title: Digital Guardian Managment Console - Server Side Request Forgery Vulnerability Author: Pawel Gocyla Date: 18 April 2018 CVE: CVE-2018-10174 Affected software: ================== Digital Guardian Managment Console Version 7.1.2.0015...

0.2AI score0.01195EPSS
Exploits2
0day.today
0day.today
added 2018/04/18 12:0 a.m.59 views

Geist WatchDog Console 3.2.2 - Multiple Vulnerabilities

Exploit for multiple platform in category web applications Exploit Author: bzyo CVE: CVE-2018-10077, CVE-2018-10078, CVE-2018-10079 Twitter: @bzyo Exploit Title: Geist WatchDog Console 3.2.2 - Multiple Vulnerabilities Date: 04-17-18 Vulnerable Software: WatchDog Console - 3.2.2 Vendor Homepage:...

0.08296EPSS
Exploits7
0day.today
0day.today
added 2018/04/18 12:0 a.m.38 views

Match Clone Script 1.0.4 - Cross-Site Scripting Vulnerability

Exploit for php platform in category web applications Exploit Title: Match Clone Script 1.0.4 - Cross-Site Scripting Vendor Homepage: https://www.phpscriptsmall.com/ Software Link: https://www.phpscriptsmall.com/product/match-clone/ Category: Web Application Exploit Author: ManhNho Version: 1.0.4...

0.1AI score0.02273EPSS
Exploits5
0day.today
0day.today
added 2018/04/18 12:0 a.m.53 views

Kodi 17.6 - Persistent Cross-Site Scripting Vulnerability

Exploit for multiple platform in category web applications ============================================= MGC ALERT 2018-003 - Original release date: March 19, 2018 - Last revised: April 16, 2018 - Discovered by: Manuel Garcia Cardenas - Severity: 4,8/10 CVSS Base Score - CVE-ID: CVE-2018-8831...

0.1AI score0.53883EPSS
Exploits5
0day.today
0day.today
added 2018/04/18 12:0 a.m.38 views

Easy File Sharing Web Server 7.2 - Stack Buffer Overflow Exploit

Exploit for windows platform in category remote exploits Exploit Title: Easy File Sharing Web Server 7.2 stack buffer overflow Exploit Author: rebeyond - http://www.rebeyond.net Vendor Homepage: http://www.sharing-file.com/ Software Link: http://www.sharing-file.com/efssetup.exe Version: 7.2 CVE:...

9.8AI score0.77319EPSS
Exploits6
0day.today
0day.today
added 2018/04/18 12:0 a.m.56 views

MySQL Squid Access Report 2.1.4 - SQL Injection / Cross-Site Scripting Vulnerabilities

Exploit for php platform in category web applications...

1.7AI score
Exploits0
0day.today
0day.today
added 2018/04/18 12:0 a.m.25 views

PDFunite 0.41.0 - .pdf Local Buffer Overflow Exploit

Exploit for windows platform in category dos / poc Exploit Title: PDFunite Malformed pdf buffer overflow Exploit Author: Hamm3r.py Vendor Homepage: https://launchpad.net/ubuntu/artful/+package/poppler-utils Software Link: https://launchpad.net/ubuntu/+source/poppler/0.57.0-2ubuntu4.2 Version:...

7.4AI score
Exploits0
0day.today
0day.today
added 2018/04/18 12:0 a.m.51 views

Joomla JS Jobs 1.2.0 Component - Cross-Site Request Forgery Vulnerability

Exploit for php platform in category web applications Exploit Title: Joomla! Component Js Jobs - Multiple Cross Site Request Forgery Vulnerabilities Google Dork: N/A Date: 17-04-2018 Exploit Author: Sureshbabu Narvaneni Author Blog : http://nullnews.in Vendor Homepage: https://www.joomsky.com...

0.1AI score
Exploits0
0day.today
0day.today
added 2018/04/18 12:0 a.m.26 views

VX Search 10.6.18 - directory Local Buffer Overflow Exploit

Exploit for windows platform in category dos / poc !/usr/bin/python Title: VX Search 10.6.18 Local Buffer Overflow Author: Kevin McGuigan Twitter: @h3xagram Author Website: https://www.7elements.co.uk Vendor Website: http://www.vxsearch.com Version: 10.6.18 Tested on: Windows 7 32-bit Vendor did...

0.3AI score
Exploits0
0day.today
0day.today
added 2018/04/18 12:0 a.m.32 views

RSVG 2.40.13 / 2.42.2 - .svg Buffer Overflow Exploit

Exploit for windows platform in category dos / poc Exploit Title: Buffer-overflow in RSVG while converting a malformed svg Exploit Author: Hamm3r.py Vendor Homepage: https://launchpad.net/ubuntu/xenial/+package/librsvg2-bin Software Link: https://launchpad.net/ubuntu/xenial/+package/librsvg2-bin...

7.4AI score
Exploits0
0day.today
0day.today
added 2018/04/18 12:0 a.m.26 views

Lutron Quantum 2.0 - 3.2.243 - Information Disclosure Exploit

Exploit for hardware platform in category web applications ''' Exploit Title: Login bypass and data leak - Lutron Quantum 2.0 - 3.2.243 firmware Date: 20-03-2018 Exploit Author: David Castro Contact: https://twitter.com/SadFud75 Vendor Homepage: http://www.lutron.com Software Link:...

0.14047EPSS
Exploits5
0day.today
0day.today
added 2018/04/18 12:0 a.m.61 views

Rvsitebuilder CMS - Database Backup Download Vulnerability

Exploit for php platform in category web applications Exploit Title: Rvsitebuilder CMS Database Backup Download Exploit Author: Hesam Bazvand Contact: email protected Software Link: http://www.rvsitebuilder.com Version: All Version Tested on: Windows 7 / Kali Linux Category: WebApps Dork :...

0.2AI score
Exploits0
0day.today
0day.today
added 2018/04/18 12:0 a.m.57 views

WordPress Caldera Forms 1.5.9.1 Plugin - Cross-Site Scripting Vulnerability

Exploit for php platform in category web applications Exploit Title: CalderaForms 1.5.9.1 - multiple XSS Exploit Author: Federico Scalco fscalco at mentat dot is @mindpr00f Vendor Homepage: https://calderaforms.com/ Software Link: https://wordpress.org/plugins/caldera-forms/ Vulnerable App:...

0.2AI score0.04578EPSS
Exploits4
0day.today
0day.today
added 2018/04/18 12:0 a.m.183 views

Drupal < 8.3.9 / < 8.4.6 / < 8.5.1 - Drupalgeddon2 Remote Code Execution Exploit

Exploit for php platform in category web applications !/usr/bin/env import sys import requests print '' print ' Proof-Of-Concept for CVE-2018-7600' print ' by Vitalii Rudnykh' print ' Thanks by AlbinoDrought, RicterZ, FindYanot, CostelSalanders' print ' https://github.com/a2u/CVE-2018-7600' print...

0.1AI score0.99993EPSS
Exploits46
Total number of security vulnerabilities39001