Lucene search
K

39001 matches found

0day.today
0day.today
added 2018/04/09 12:0 a.m.69 views

CyberArk Password Vault < 9.7 / < 10 - Memory Disclosure Vulnerability

Exploit for linux platform in category dos / poc Advisory: CyberArk Password Vault Memory Disclosure Data in the CyberArk Password Vault may be accessed through a proprietary network protocol. While answering to a client's logon request, the vault discloses around 50 bytes of its memory to the...

0.14116EPSS
Exploits12
0day.today
0day.today
added 2018/04/09 12:0 a.m.54 views

WordPress Simple Fields Plugin 0.2 - 0.3.5 - Local/Remote File Inclusion / Remote Code Execution Vul

Exploit for php platform in category web applications Exploit Title: Simple Fields 0.2 - 0.3.5 LFI/RFI/RCE Exploit Author: Graeme Robinson Contact: @Grasec Vendor Homepage: http://simple-fields.com Software Link: https://downloads.wordpress.org/plugin/simple-fields.0.3.5.zip Version: 0.2 - 0.3.5...

Exploits0
0day.today
0day.today
added 2018/04/09 12:0 a.m.45 views

SSH / SSL RSA Private Key Passphrase Dictionary Enumerator Exploit

This is a script to perform SSH/SSL RSA private key passphrase enumeration with a dictionary attack. !/usr/bin/perl SSH/SSL RSA Private Key Passphrase dictionary enumerator Copyright 2018 c Todor Donev https://ethical-hacker.org/ https://facebook.com/ethicalhackerorg email protected$ ssh-keygen -...

0.4AI score
Exploits0
0day.today
0day.today
added 2018/04/09 12:0 a.m.27 views

H2Database - Alias Arbitrary Code Execution Exploit

Exploit for java platform in category local exploits ''' Exploit Title: H2 Database Alias Abuse Date: 05/04/2018 Exploit Author: gambler Vendor Homepage:www.h2database.com Software Link: http://www.h2database.com/html/download.html Version: all versions Tested on: Linux, Mac OS ''' import sys...

0.2AI score
Exploits0
0day.today
0day.today
added 2018/04/09 12:0 a.m.38 views

PMS 0.42 - Local Stack-Based Overflow (ROP) Exploit

Exploit for linux platform in category local exploits Exploit Author: Juan Sacco - http://exploitpack.com Tested on: Kali i686 GNU/Linux Description: PMS 0.42 is prone to a local unauthenticated stack-based overflow The vulnerability is due to an unproper filter of user supplied input while readi...

7.2AI score
Exploits0
0day.today
0day.today
added 2018/04/09 12:0 a.m.26 views

MyBB Recent Threads On Index Plugin - Cross-Site Scripting Vulnerability

Exploit for php platform in category web applications Exploit Title: MyBB Recent threads Exploit Author: Perileos Software Link: https://community.mybb.com/mods.php?action=view&pid=191 Version: 17.0 Tested on: Windows 10 1. Description: This plugin shows recent threads in the side bar on your MyB...

0.1AI score
Exploits0
0day.today
0day.today
added 2018/04/09 12:0 a.m.78 views

WebKit - WebAssembly Parsing Does not Correctly Check Section Order Vulnerability

Exploit for multiple platform in category dos / poc When a WebAssembly binary is parsed in ModuleParser::parse, it is expected to contain certain sections in a certain order, but can also contain custom sections that can appear anywhere in the binary. The ordering check validateOrder does not...

8.3AI score0.13207EPSS
Exploits5
0day.today
0day.today
added 2018/04/09 12:0 a.m.36 views

GoldWave 5.70 - Local Buffer Overflow (SEH Unicode) Exploit

Exploit for windows platform in category local exploits !/usr/bin/python Exploit Author: bzyo Twitter: @bzyo Exploit Title: GoldWave 5.70 - Local Buffer Overflow SEH Unicode Date: 04-05-2018 Vulnerable Software: GoldWave 5.70 Vendor Homepage: https://www.goldwave.com/ Version: 5.70 Software Link:...

7.2AI score
Exploits0
0day.today
0day.today
added 2018/04/09 12:0 a.m.74 views

WolfCMS 0.8.3.1 - Cross Site Request Forgery / Open Redirection Vulnerabilities

Exploit for php platform in category web applications Exploit Title: WolfCMS 0.8.3.1 Cross Site Request Forgery Google Dork: N/A Date: 04-04-2018 Exploit Author: Sureshbabu Narvaneni Author Blog : http://nullnews.in Vendor Homepage: http://www.wolfcms.org Software Link:...

0.3AI score0.03403EPSS
Exploits9
0day.today
0day.today
added 2018/04/09 12:0 a.m.60 views

Yahei PHP Prober 0.4.7 - Cross-Site Scripting Vulnerability

Exploit for php platform in category web applications Exploit title: Yahei-PHP Proberv0.4.7 - Cross-Site Scripting Google Dork: intitle:"Proberv0." | inurl:/proberv.php Date: 23/03/2018 Exploit Author: ManhNho Vendor Homepage: http://www.yahei.net/ Software Link: www.yahei.net/tz/tze.zip Version:...

0.02273EPSS
Exploits5
0day.today
0day.today
added 2018/04/09 12:0 a.m.66 views

CyberArk Password Vault Web Access < 9.9.5 / < 9.10 / 10.1 - Remote Code Execution Vulnerabili

The CyberArk Password Vault Web Access application uses authentication tokens which consist of serialized .NET objects. By crafting manipulated tokens, attackers are able to gain unauthenticated remote code execution on the web server. Versions prior to 9.9.5, prior to 10.1, and 10.1 are affected...

1.1AI score0.17336EPSS
Exploits5
0day.today
0day.today
added 2018/04/09 12:0 a.m.32 views

Cobub Razor 0.7.2 - Add New Superuser Account Vulnerability

Exploit for php platform in category web applications Exploit Title: Cobub Razor 0.7.2 Add New Superuser User Exploit Author: ppb(email protected) Vendor Homepage: https://github.com/cobub/razor/ Software Link: https://github.com/cobub/razor/ Version: 0.72 CVE : CVE-2018-7745 There is a...

5CVSS0.1AI score0.12543EPSS
Exploits5
0day.today
0day.today
added 2018/04/08 12:0 a.m.82 views

Cockpit CMS 0.13.0 Server Side Request Forgery Vulnerability

Cockpit CMS version 0.13.0 suffers from a server-side request forgery vulnerability. SSRFPS"Server Side Request ForgeryPSc in Cockpit CMS 0.13.0 CVE-2017-14611 The Cockpit CMS is awesome if you need a flexible content structure but don't want to be limited in how to use the content. Product...

0.5AI score0.0197EPSS
Exploits7
0day.today
0day.today
added 2018/04/08 12:0 a.m.44 views

Onethink CMS Server Side Request Forgery Vulnerability

Onethink CMS versions released up to date 2018/04/06 suffer from a server-side request forgery vulnerability. SSRFPS"Server Side Request ForgeryPSc in Onethink All version CVE-2017-14323 The Onethink is an open source CMSContent Management System.This system is based on the Thinkphp3.2 developmen...

9.2AI score0.04479EPSS
Exploits3
0day.today
0day.today
added 2018/04/07 12:0 a.m.52 views

Cobub Razor 0.7.2 - Cross Site Request Forgery Vulnerability

Exploit for php platform in category web applications Exploit Title: Cobub Razor 0.7.2 Cross Site Request Forgery Date: 2018-03-07 Exploit Author: ppb(email protected) Vendor Homepage: https://github.com/cobub/razor/ Software Link: https://github.com/cobub/razor/ Version: 0.72 CVE : CVE-2018-7746...

4.3CVSS0.1AI score0.0327EPSS
Exploits5
0day.today
0day.today
added 2018/04/07 12:0 a.m.54 views

Dell EMC Avamar / Integrated Data Protection Missing Access Control Vulnerability

The Dell EMC Avamar Installation Manager component, within Dell EMC Avamar Server and Integrated Data Protection Appliance, is affected by a missing access control vulnerability. Dell EMC Avamar Server versions 7.3.1, 7.4.1, 7.50 and Dell EMC Integrated Data Protection Appliance versions 2.0 and...

0.7AI score0.46642EPSS
Exploits5
0day.today
0day.today
added 2018/04/07 12:0 a.m.27 views

Video Downloader Universal Cross Site Scripting Vulnerability

Exploit for php platform in category web applications Video Downloader Extension: Universal XSS Browsing through the list of most popular Chrome extensions, I noticed this extension with 4M users:...

Exploits0
0day.today
0day.today
added 2018/04/07 12:0 a.m.304 views

LineageOS 14.1 Blueborne - Remote Code Execution Vulnerability

Exploit for Android platform in category remote exploits Exploit Title: LineageOS 14.1 Android 7.1.2 Blueborne RCE CVE-2017-0781 Exploit Author: Marcin Kozlowski Tested on: LinageOS 14.1 Android 7.1.2 without BlueBorne Patch CVE : CVE-2017-0781 Provided for legal security research and testing...

8.3CVSS0.3AI score0.2285EPSS
Exploits13
0day.today
0day.today
added 2018/04/07 12:0 a.m.64 views

Atlassian Bamboo 6.x Code Execution Vulnerability

Atlassian Bamboo versions 2.7.0 through 6.3.2 and 6.4.0 suffer from a code execution vulnerability. This email refers to the advisory found at https://confluence.atlassian.com/x/PS9sO . CVE ID: CVE-2018-5224. Product: Bamboo. Affected Bamboo product versions: 2.7.0 = 2.7.0 but less than 6.3.3 the...

0.8AI score0.02822EPSS
Exploits1
0day.today
0day.today
added 2018/04/07 12:0 a.m.277 views

Atlassian Fisheye / Crucible 4.5.2 Code Execution Vulnerability

Atlassian Fisheye and Crucible versions 4.5.0 through 4.5.2 suffer from a code execution vulnerability. This email refers to the advisory found at https://confluence.atlassian.com/x/aS5sO and https://confluence.atlassian.com/x/Zi5sO . CVE ID: CVE-2018-5223. Product: Fisheye and Crucible. Affected...

7.3AI score0.02203EPSS
Exploits1
0day.today
0day.today
added 2018/04/05 12:0 a.m.142 views

Microsoft Windows Defender - mpengine.dll Memory Corruption Exploit

Exploit for windows platform in category dos / poc Windows Defender inspects a variety of different archive formats, among others RAR. Inspection of mpengine.dll revealed that the code responsible for processing RAR archives appears to be a forked and modified version of the original unrar code;...

8.7AI score0.61482EPSS
Exploits5
0day.today
0day.today
added 2018/04/05 12:0 a.m.29 views

MyBB Downloads 2.0.3 Plugin - Cross-Site Scripting Vulnerability

Exploit for php platform in category web applications Exploit Title: MyBB Downloads Plugin v2.0.3 - Persistent XSS Author: 0xB9 Contact: luxorforums.com/User-0xB9 or 0xB9atprotonmail.com Software Link: https://community.mybb.com/mods.php?action=view&pid=854 Version: 2.0.3 Tested on: Ubuntu 17.10 ...

0.1AI score
Exploits0
0day.today
0day.today
added 2018/04/05 12:0 a.m.77 views

WebRTC - Private IP Leakage Exploit

Exploit for multiple platform in category web applications This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "Private IP Leakage to WebPage using WebRTC Function.", 'Description' = %q This module...

0.2AI score0.30144EPSS
Exploits7
0day.today
0day.today
added 2018/04/05 12:0 a.m.48 views

Z-Blog 1.5.1.1740 - Full Path Disclosure Vulnerability

Exploit for php platform in category web applications Exploit Title: Z-Blog 1.5.1.1740 Web Site physical path leakage Vulnerability Exploit Author: zzw email protected Vendor Homepage: https://www.zblogcn.com/ Software Link: https://github.com/zblogcn/zblogphp Version: 1.5.1.1740 CVE :...

5CVSS0.08817EPSS
Exploits5
0day.today
0day.today
added 2018/04/05 12:0 a.m.73 views

Z-Blog 1.5.1.1740 - Cross-Site Scripting Vulnerability

Exploit for php platform in category web applications Exploit Title: Z-Blog 1.5.1.1740 XSS Vulnerability Exploit Author: zzw email protected Vendor Homepage: https://www.zblogcn.com/ Software Link: https://github.com/zblogcn/zblogphp Version: 1.5.1.1740 CVE : CVE-2018-7736 This is a XSS...

4.3CVSS0.2AI score0.03393EPSS
Exploits5
0day.today
0day.today
added 2018/04/05 12:0 a.m.52 views

YzmCMS 3.6 - Cross-Site Scripting Vulnerability

Exploit for php platform in category web applications Exploit Title: YzmCMS 3.6 XSS Vulnerability Exploit Author: zzw email protected Vendor Homepage: http://www.yzmcms.com/ Software Link: http://www.yzmcms.com/ Version: 3.6 CVE : CVE-2018-7653 This is a XSS vulnerability than can attack the user...

4.3CVSS0.1AI score0.08861EPSS
Exploits5
0day.today
0day.today
added 2018/04/05 12:0 a.m.63 views

Microsoft Windows - Multiple Use-After-Free Issues in jscript Array Methods Exploit

Exploit for windows platform in category dos / poc !-- There are multiple use-after-free issues in Array methods in jscript. When jscript executes an Array method such as Array.join, it first retrieves the length of an array. If the input is not an array but an object, then the length property of...

7.6CVSS6.5AI score0.55876EPSS
Exploits3
0day.today
0day.today
added 2018/04/05 12:0 a.m.42 views

GetSimple CMS 3.3.13 - Cross-Site Scripting Vulnerability

Exploit for php platform in category web applications Exploit Title: GetSimple CMS 3.3.13 - Cross Site Scripting Vulnerability Exploit Author: Sureshbabu Narvaneni Author Blog : http://nullnews.in Vendor Homepage: http://get-simple.info/ Software Link: http://get-simple.info/download/ Affected...

6.3AI score0.02496EPSS
Exploits5
0day.today
0day.today
added 2018/04/05 12:0 a.m.68 views

Joomla JS Jobs 1.2.0 Component - Cross-Site Scripting Vulnerability

Exploit for php platform in category web applications Exploit Title: Joomla! Component JS Jobs 1.2.0 - Cross Site Scripting Exploit Author: Sureshbabu Narvaneni Author Blog : http://nullnews.in Vendor Homepage: https://www.joomsky.com/products/js-jobs.html Software Link:...

5.6AI score0.02314EPSS
Exploits5
0day.today
0day.today
added 2018/04/04 12:0 a.m.40 views

Sophos Endpoint Protection 10.7 Insecure Cryptography Vulnerability

Sophos Endpoint Protection version 10.7 control panel authentication uses a weak unsalted unicoded cryptographic hash SHA1 function. Not using a salt allows attackers that gain access to hash ability to conduct faster cracking attacks using pre-computed dictionaries, e.g. rainbow tables. This can...

0.2AI score0.01744EPSS
Exploits5
0day.today
0day.today
added 2018/04/04 12:0 a.m.108 views

Adobe Flash 28.0.0.137 Remote Code Execution Exploit

Adobe Flash versions 28.0.0.137 and below remote code execution proof of concept exploit. !/usr/bin/env python coding: UTF-8 import BaseHTTPServer import sys from SimpleHTTPServer import SimpleHTTPRequestHandler print "@Syfi2k" print "+ CVE-2018-4878 poc " print "--------------------------------"...

7.5CVSS0.8AI score0.89618EPSS
Exploits19
0day.today
0day.today
added 2018/04/04 12:0 a.m.58 views

KeePass Simple Dictionary Password Enumerator Exploit

This is a simple perl script to perform dictionary attacks against the KeePass password manager. !/usr/bin/perl KeePass simple dictionary password enumerator Copyright 2018 c Todor Donev https://ethical-hacker.org/ https://facebook.com/ethicalhackerorg KeePass is a free open source password...

7.1AI score
Exploits0
0day.today
0day.today
added 2018/04/04 12:0 a.m.32 views

ProcessMaker - Plugin Upload Exploit

This Metasploit module will generate and upload a plugin to ProcessMaker resulting in execution of PHP code as the web server user. Credentials for a valid user account with Administrator roles is required to run this module. This Metasploit module has been tested successfully on ProcessMaker...

0.3AI score
Exploits0
0day.today
0day.today
added 2018/04/04 12:0 a.m.47 views

FiberHome VDSL2 Modem HG 150-UB Login Bypass Vulnerability

Exploit for hardware platform in category web applications Exploit Title: FiberHome VDSL2 Modem HG 150-UB Login Bypass Exploit Author: Noman Riffat Vendor Homepage: http://www.fiberhome.com/ The vulnerability exists in plain text & hard coded cookie. Using any cookie manager extension, an attacke...

7.1AI score
Exploits0
0day.today
0day.today
added 2018/04/04 12:0 a.m.42 views

PMS 0.42 Stack-Based Buffer Overflow Exploit

Exploit for linux platform in category dos / poc Exploit Author: Juan Sacco - http://exploitpack.com Vulnerability found using Exploit Pack v10 - Fuzzer local module Tested on: Kali i686 GNU/Linux Description: PMS 0.42 is prone to a local unauthenticated stack-based overflow The vulnerability is...

7.4AI score
Exploits0
0day.today
0day.today
added 2018/04/04 12:0 a.m.68 views

Sophos Endpoint Protection 10.7 Tamper Protection Bypass Vulnerability

Sophos Endpoint Protection version 10.7 suffers from a tamper protection bypass vulnerability. + Credits: John Page aka hyp3rlinx Vendor: ============= www.sophos.com Product: =========== Sophos Endpoint Protection v10.7 Sophos Endpoint Protection helps secure your workstation by adding preventio...

0.01247EPSS
Exploits5
0day.today
0day.today
added 2018/04/04 12:0 a.m.26 views

Microsoft Sharepoint 14.x Cross Site Scripting Vulnerability

Exploit for asp platform in category web applications + Title: Microsoft-sharepoint FilterValue Cross Site Scripting XSS + Date: 2018/04/04 + Author: Mostafa Gharzi + Team: Maher - CertCC.ir + Vendor Homepage: https://products.office.com/en-us/sharepoint/collaboration + Tested on: Windows 10 & Ka...

7.4AI score
Exploits0
0day.today
0day.today
added 2018/04/04 12:0 a.m.46 views

Moxa AWK-3131A 1.4 < 1.7 - Username OS Command Injection Exploit

Exploit for hardware platform in category remote exploits !/usr/bin/env python2 import telnetlib import re import random import string Split string into chunks, of which each is /var/a' - 1 completed = temp = re.split'\n', script for content in temp: if lencontent != 0: for s in re.split' ',...

9.7AI score0.12169EPSS
Exploits1
0day.today
0day.today
added 2018/04/03 12:0 a.m.47 views

ShoprLynx 9.2.3 Insecure File Permissions Vulnerability

ShoprLynx version 9.2.3 suffers from an insecure file permissions vulnerability. ShaprLynx v9.2.3 Insecure File Permissions Vendor: Lynx Software Pty Ltd. Product web page: https://www.sharplynx.com Affected version: 9.02.0003 Summary: Back Office Software for Sharp POS Terminals. Catering for th...

7.1AI score
Exploits0
0day.today
0day.today
added 2018/04/03 12:0 a.m.42 views

Tpshop <= 2.0.6 Server Side Request Forgery Vulnerability

Exploit for php platform in category web applications SSRF(Server Side Request Forgery) in Tpshop = 2.0.6 CVE-2017-16614 The Tpshop open source mall system is a multi-merchant mode mall system developed by Shenzhen Leopard Network Co., Ltd.This system is based on the Thinkphp development framewor...

9.2AI score0.03001EPSS
Exploits1
0day.today
0day.today
added 2018/04/03 12:0 a.m.66 views

Google Chrome V8 - ElementsAccessorBase::CollectValuesOrEntriesImpl Type Confusion

Exploit for multiple platform in category dos / poc / Here's a snippet of the method. https://cs.chromium.org/chromium/src/v8/src/elements.cc?rcl=3cbf26e8a21aa76703d2c3c51adb9c96119500da&l=1051 static Maybe CollectValuesOrEntriesImpl Isolate isolate, Handle object, Handle valuesorentries, bool...

0.06892EPSS
Exploits2
0day.today
0day.today
added 2018/04/03 12:0 a.m.33 views

Google Chrome V8 - Genesis::InitializeGlobal Out-of-Bounds Read/Write Exploit

Exploit for multiple platform in category dos / poc / Bug: The Genesis::InitializeGlobal method initializes the constructor of RegExp as follows: // Builtin functions for RegExp.prototype. Handle regexpfun = InstallFunction global, "RegExp", JSREGEXPTYPE, JSRegExp::kSize +...

7.4AI score
Exploits0
0day.today
0day.today
added 2018/04/03 12:0 a.m.71 views

Microsoft Edge Chakra JIT - Stack-to-Heap Copy (Incomplete Fix) Exploit

Exploit for windows platform in category dos / poc / Here's a snippet of JavascriptArray::BoxStackInstance. To fix issue 1420 , "deepCopy" was introduced. But it only deep-copies the array when "instance-head" is on the stack. So simply by adding a single line of code that allocates "head" to the...

7.6CVSS7.6AI score0.66554EPSS
Exploits6
0day.today
0day.today
added 2018/04/03 12:0 a.m.70 views

Bomgar Remote Support Portal JavaStart Applet <= 52970 - Path Traversal Vulnerability

Exploit for java platform in category web applications The Path Traversal vulnerability was found in the component of the Bomgar Remote Support Portal RSP 1. The affected component is a JavaStart.jar applet that is hosted at https://TARGET/api/content/JavaStart.jar on the vulnerable RSP...

0.01991EPSS
Exploits2
0day.today
0day.today
added 2018/04/03 12:0 a.m.253 views

ModSecurity WAF 3.0 for Nginx - Denial of Service Vulnerability

Exploit for linux platform in category dos / poc / 1. Use-After-Free UAF / During one of the engagements my team tested a WAF running in production Nginx + ModSecurity + OWASP Core Rule Set 123. In the system logs I found information about the Nginx worker processes being terminated due to memory...

7AI score
Exploits0
0day.today
0day.today
added 2018/04/03 12:0 a.m.66 views

Microsoft Edge Chakra JIT - Stack-to-Heap Copy (Incomplete Fix 2) Exploit

Exploit for windows platform in category dos / poc / Here's a snippet of JavascriptArray::BoxStackInstance. template T JavascriptArray::BoxStackInstanceT instance, bool deepCopy AssertThreadContext::IsOnStackinstance; // On the stack, the we reserved a pointer before the object as to store the...

7.6CVSS7.6AI score0.66473EPSS
Exploits4
0day.today
0day.today
added 2018/04/02 12:0 a.m.69 views

OpenCMS 10.5.3 - Cross-Site Scripting Vulnerability

Exploit for php platform in category web applications Exploit Title: OpenCMS 10.5.3 Stored Cross Site Scripting Vulnerability Google Dork: N/A Date: 02-04-2018 Exploit Author: Sureshbabu Narvaneni Author Blog : http://nullnews.in Vendor Homepage: http://www.opencms.org/en/ Software Link:...

5.3AI score0.01405EPSS
Exploits5
0day.today
0day.today
added 2018/04/02 12:0 a.m.47 views

Secutech RiS-11/RiS-22/RiS-33 5.07.52_es_FRI01 Remote DNS Changer Vulnerability

Exploit for hardware platform in category web applications Secutech RiS-11/RiS-22/RiS-33 V5.07.52esFRI01 Remote DNS Change PoC Copyright 2018 c Todor Donev https://ethical-hacker.org/ https://facebook.com/ethicalhackerorg Once modified, systems use foreign DNS servers, which are usually set up by...

0.2AI score
Exploits0
0day.today
0day.today
added 2018/04/02 12:0 a.m.36 views

WebLog Expert Enterprise 9.4 - Privilege Escalation Vulnerability

Exploit for windows platform in category local exploits Exploit Author: bzyo Twitter: @bzyo Exploit Title: WebLog Expert Enterprise 9.4 - Privilege Escalation Vulnerable Software: WebLog Expert Enterprise 9.4 Vendor Homepage: https://www.weblogexpert.com/ Version: 9.4 Software Link:...

Exploits0
0day.today
0day.today
added 2018/04/02 12:0 a.m.194 views

Nginx 1.13.10 Accept-Encoding Line Feed Injection Exploit

Exploit for linux platform in category remote exploits // UndergroundAgency UA - koa, bacL, g3kko, Dostoyevsky // trigger nginx 1.13.10 latest logic flaw / bug // 2018 // Tested on Ubuntu 17.10 x86 4.13.0-21-generic include include include include include include include int mainint argc, char ar...

7.1AI score
Exploits0
Total number of security vulnerabilities39001