Lucene search
K

39001 matches found

0day.today
0day.today
added 2018/01/11 12:0 a.m.54 views

Microsoft Windows - NtImpersonateAnonymousToken LPAC to Non-LPAC Privilege Escalation Exploit

Exploit for windows platform in category dos / poc Windows: NtImpersonateAnonymousToken LPAC to Non-LPAC EoP Platform: Windows 10 1703 and 1709 not tested Windows 8.x Class: Elevation of Privilege Summary: When impersonating the anonymous token in an LPAC the WIN://NOAPPALLPKG security attribute ...

4.6CVSS7.2AI score0.02775EPSS
Exploits2
0day.today
0day.today
added 2018/01/11 12:0 a.m.92 views

Microsoft Windows - NTFS Owner/Mandatory Label Privilege Bypass Exploit

Exploit for windows platform in category dos / poc / Windows: NTFS Owner/Mandatory Label Privilege Bypass EoP Platform: Windows 10 1709 not tested 8.1 Update 2 or Windows 7 Class: Elevation of Privilege Summary: When creating a new file on an NTFS drive it’s possible to circumvent security checks...

4.6CVSS7.5AI score0.02775EPSS
Exploits2
0day.today
0day.today
added 2018/01/11 12:0 a.m.187 views

SAP NetWeaver J2EE Engine 7.40 - SQL Injection Exploit

Exploit for multiple platform in category web applications !/usr/bin/env python coding=utf-8 """ Author: Vahagn Vardanyan https://twitter.com/vah13 Bugs: CVE-2016-2386 SQL injection CVE-2016-2388 Information disclosure CVE-2016-1910 Crypto issue Follow HTTP request is a simple PoC for anon...

7.5CVSS5.7AI score0.7106EPSS
Exploits13
0day.today
0day.today
added 2018/01/11 12:0 a.m.128 views

Python smtplib 2.7.11 / 3.4.4 / 3.5.1 - Man In The Middle StartTLS Stripping Vulnerability

Exploit for multiple platform in category local exploits VuNote ============ Author: Version: 0.2 Date: Nov 25th, 2015 Tag: python smtplib starttls stripping mitm Overview -------- Name: python Vendor: python software foundation References: https://www.python.org/ 1 Version: 2.7.11, 3.4.4, 3.5.1...

5.8CVSS7.1AI score0.14524EPSS
Exploits3
0day.today
0day.today
added 2018/01/11 12:0 a.m.116 views

Microsoft Windows SMB Server (v1 and v2) - Mount Point Arbitrary Device Open Privilege Escalation Ex

Exploit for windows platform in category dos / poc Windows: SMB Server v1 and v2 Mount Point Arbitrary Device Open EoP Platform: Windows 10 1703 and 1709 seems the same on 7 and 8.1 but not extensively tested Class: Elevation of Privilege Summary: The SMB server driver srv.sys and srv2.sys don't...

4.6CVSS7.5AI score0.03206EPSS
Exploits2
0day.today
0day.today
added 2018/01/11 12:0 a.m.68 views

Microsoft Windows - NtImpersonateAnonymousToken AC to Non-AC Privilege Escalation Exploit

Exploit for windows platform in category dos / poc Windows: NtImpersonateAnonymousToken AC to Non-AC EoP Platform: Windows 10 1703 and 1709 Class: Elevation of Privilege Summary: The check for an AC token when impersonating the anonymous token doesn’t check impersonation token’s security level...

3.6CVSS7.2AI score0.0276EPSS
Exploits1
0day.today
0day.today
added 2018/01/11 12:0 a.m.19 views

FreeBSD/x86 - Bind TCP /bin/sh Shell (41254/TCP) Shellcode (115 bytes)

/ FreeBSD shellcode that binds /bin/sh to port 41254 Assembly code and explanation will be released on safemode.org soon. Written by zillion zillion at safemode.org / char shellcode = "\xeb\x64\x5e\x31\xc0\x88\x46\x07\x6a\x06\x6a\x01\x6a\x02\xb0"...

7.1AI score
Exploits0
0day.today
0day.today
added 2018/01/10 12:0 a.m.32 views

Linux/x86 - execve /bin/dash Shellcode (30 bytes)

/ Description ; Title : exec /bin/dash - Shellcode ; Author : Hashim Jawad ; Website : ihack4falafel.com ; Twitter : @ihack4falafel ; SLAE ID : SLAE-1115 ; Purpose : spawn /bin/dash shell ; OS : Linux ; Arch : x86 ; Size : 30 bytes dash.nasm global start section .text start: ; push NULL into the...

0.1AI score
Exploits0
0day.today
0day.today
added 2018/01/10 12:0 a.m.21 views

WordPress Download Manager 2.9.60 Plugin - Cross-Site Request Forgery Vulnerability

Exploit for php platform in category web applications Exploit Title: WordPress Download Manager CSRF Exploit Author: Panagiotis Vagenas Author Link: https://twitter.com/panVagenas Vendor Homepage: https://www.wpdownloadmanager.com/ Software Link: https://wordpress.org/plugins/download-manager...

7.1AI score
Exploits0
0day.today
0day.today
added 2018/01/10 12:0 a.m.27 views

WordPress Admin Menu Tree Page View 2.6.9 Plugin - Cross-Site Request Forgery / Privilege Escalation

Exploit for php platform in category web applications Exploit Title: Admin Menu Tree Page View CSRF, Privilege Escalation Exploit Author: Panagiotis Vagenas Author Link: https://twitter.com/panVagenas Vendor Homepage: http://eskapism.se/ Software Link:...

7.1AI score
Exploits0
0day.today
0day.today
added 2018/01/10 12:0 a.m.59 views

Joomla Easydiscuss Component < 4.0.21 - Cross-Site Scripting Vulnerability

Exploit for php platform in category web applications Exploit Title: Joomla Plugin Easydiscuss inside the body, everything after the will be executed in the user’s browser. Works with every version up to 4.0.20 2. Proof of Concept Login with permissions to post a message, insert in the body and a...

3.5CVSS5.6AI score0.01581EPSS
Exploits5
0day.today
0day.today
added 2018/01/10 12:0 a.m.40 views

Multiple CPUs - Information Leak Using Speculative Execution Exploit

Exploit for hardware platform in category dos / poc == INTRODUCTION == This is a bug report about a CPU security issue that affects processors by Intel, AMD and to some extent ARM. I have written a PoC for this issue that, when executed in userspace on an Intel Xeon CPU E5-1650 v3 machine with a...

7AI score
Exploits0
0day.today
0day.today
added 2018/01/10 12:0 a.m.84 views

Yawcam 0.6.0 Directory Traversal Vulnerability

Exploit for windows platform in category remote exploits Directory traversal vulnerability in Yawcam webcam server ========================================================= Overview -------- Affected Versions: Yawcam 0.2.6 through 0.6.0 Patched Versions: Yawcam 0.6.1 Vendor: Yawcam Vendor URL:...

5CVSS0.03154EPSS
Exploits3
0day.today
0day.today
added 2018/01/10 12:0 a.m.30 views

Synology Photostation 6.7.2-3429 - Remote Code Execution Exploit

Exploit for php platform in category web applications This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "Synology PhotoStation Multiple Vulnerabilities", 'Description' = %q This module exploits...

7.1AI score
Exploits0
0day.today
0day.today
added 2018/01/10 12:0 a.m.28 views

WordPress Social Media Widget by Acurax 3.2.5 Plugin - Cross-Site Request Forgery Vulnerability

Exploit for php platform in category web applications Exploit Title: Social Media Widget by Acurax CSRF Discovery Date: 2017-12-12 Exploit Author: Panagiotis Vagenas Author Link: https://twitter.com/panVagenas Vendor Homepage: http://www.acurax.com/ Software Link:...

7.1AI score
Exploits0
0day.today
0day.today
added 2018/01/10 12:0 a.m.61 views

Microsoft Edge Chakra JIT - Lowerer::LowerSetConcatStrMultiItem Missing Integer Overflow Check

Exploit for windows platform in category dos / poc / The method "Lowerer::LowerSetConcatStrMultiItem" is used to generate machine code to concatenate strings. Here's a snippet of the method. void Lowerer::LowerSetConcatStrMultiItemIR::Instr instr ... IR::IndirOpnd dstLength =...

7.6CVSS7.5AI score0.80799EPSS
Exploits3
0day.today
0day.today
added 2018/01/10 12:0 a.m.157 views

BSD/x86 - setreuid(geteuid(), geteuid()) + execve(/bin/sh) Shellcode (36 bytes)

/ bsd/x86 setreuid/exec shellcode setreuidgeteuid, geteuid and execve"/bin/sh", "/bin/sh", 0 shellcode based on hkpco's setreuid/exec shellcode for linux Tested on FreeBSD / include include char shellcode = "\x31\xc0\xb0\x19\x50\xcd\x80\x50" "\x50\x31\xc0\xb0\x7e\x50\xcd\x80" // setreuidgeteuid,...

7.1AI score
Exploits0
0day.today
0day.today
added 2018/01/10 12:0 a.m.30 views

Muviko 1.1 - SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: Muviko 1.1 - Multiple SQL Injection Exploit Author: Ahmad Mahfouz Contact: http://twitter.com/eln1x Date: 09/01/2018 CVE: CVE-2017-17970 Vendor Homepage: https://www.muvikoscript.com Version: 1.1 Tested on: Mac OS...

0.3AI score0.05412EPSS
Exploits5
0day.today
0day.today
added 2018/01/10 12:0 a.m.18 views

WordPress CMS Tree Page View 1.4 Plugin - Cross-Site Request Forgery / Privilege Escalation Exploit

Exploit for php platform in category web applications Exploit Title: CMS Tree Page View CSRF, Privilege Escalation Discovery Date: 2017-12-12 Exploit Author: Panagiotis Vagenas Author Link: https://twitter.com/panVagenas Vendor Homepage: http://eskapism.se/ Software Link:...

7.1AI score
Exploits0
0day.today
0day.today
added 2018/01/10 12:0 a.m.24 views

Alpha - /bin/sh Shellcode (80 bytes)

/ Lamont Granquist email protected email protected / int rawcode = 0x2230fec4, / subq $16,0x13c,$17 2000/ 0x47ff0412, / clr $18 2000/ 0x42509532, / subq $18, 0x84 2000/ 0x239fffff, / xor $18, 0xffffffff, $18 / 0x4b84169c, 0x465c0812, 0xb2510134, / stl $18, 0x134$172000/ 0x265cff98, / lda $18,...

7.1AI score
Exploits0
0day.today
0day.today
added 2018/01/10 12:0 a.m.25 views

Alpha - setuid() Shellcode (156 bytes)

char shellcode= "\x30\x15\xd9\x43" / subq $30,200,$16 / "\x11\x74\xf0\x47" / bis $31,0x83,$17 / "\x12\x14\x02\x42" / addq $16,16,$18 / "\xfc\xff\x32\xb2" / stl $17,-4$18 / "\x12\x94\x09\x42" / addq $16,76,$18 / "\xfc\xff\x32\xb2" / stl $17,-4$18 / "\xff\x47\x3f\x26" / ldah $17,0x47ff$31 /...

0.5AI score
Exploits0
0day.today
0day.today
added 2018/01/10 12:0 a.m.31 views

Alpha - execve() Shellcode (112 bytes)

char shellcode= "\x30\x15\xd9\x43" / subq $30,200,$16 / / $16 = $30 - 200 / $16 must have the shellcode address. However, before / / the bsr instruction, $16 can't have the address. / / This instruction just store the meaningless address. / / The all instruction before bsr are meaningless. /...

7.1AI score
Exploits0
0day.today
0day.today
added 2018/01/10 12:0 a.m.21 views

Linux/x86 - execve(/bin/sh) Polymorphic Shellcode (53 bytes)

/ Title: Linux/x86 - execve/bin/sh Polymorphic Shellcode 53 bytes Date: 10-Jan-2018 Exploit Author: Debashis Pal SLAE-1122 Tested on: i686 GNU/Linux '//bin/sh' = 0x68732f6e 0x69622f2f polymorphic.nasm global start section .text start: add esi, 0x30 ;junk xor ecx, ecx mul ecx mov dword esp-4, ecx...

7.4AI score
Exploits0
0day.today
0day.today
added 2018/01/10 12:0 a.m.63 views

WordPress Events Calendar Plugin - event_id SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: Wichipi Events Calendar - SQL Injection Date: 09-01-2018 Exploit Author: Dennis Veninga Contact Author: d.veninga at networking4all.com Vendor Homepage: codecanyon.net/user/wachipi Version: 1.0 CVE-ID: CVE-2018-5315 Events...

7.5CVSS9.2AI score0.0487EPSS
Exploits5
0day.today
0day.today
added 2018/01/10 12:0 a.m.81 views

HPE iMC dbman RestartDB Unauthenticated Remote Command Execution Exploit

This Metasploit module exploits a remote command execution vulnerability in Hewlett Packard Enterprise Intelligent Management Center before version 7.3 E0504P04. The dbman service allows unauthenticated remote users to restart a user-specified database instance OpCode 10008, however the instance ...

9.4AI score0.86466EPSS
Exploits13
0day.today
0day.today
added 2018/01/10 12:0 a.m.127 views

HPE iMC dbman RestoreDBase Unauthenticated Remote Command Execution Exploit

This Metasploit module exploits a remote command execution vulnerability in Hewlett Packard Enterprise Intelligent Management Center before version 7.3 E0504P04. The dbman service allows unauthenticated remote users to restore a user-specified database OpCode 10007, however the database connectio...

10CVSS9.4AI score0.82877EPSS
Exploits8
0day.today
0day.today
added 2018/01/10 12:0 a.m.13 views

Worpress Service Finder Booking < 3.2 Plugin - Local File Disclosure Vulnerability

Exploit for php platform in category web applications Exploit Title: Worpress Plugin Service Finder Booking 3.2 - Local File Disclosure Google Dork: N/A Date: 09/01/2018 GMT+7 Exploit Author: telahdihapus Vendor Homepage: https://themeforest.net/user/aonetheme Software Link:...

7.1AI score
Exploits0
0day.today
0day.today
added 2018/01/10 12:0 a.m.44 views

DiskBoss Enterprise 8.8.16 - Buffer Overflow Exploit

Exploit for windows platform in category remote exploits Exploit Title: DiskBoss = 8.8.16 - Unauthenticated Remote Code Execution Date: 2017-08-27 Exploit Author: Arris Huijgen Vendor Homepage: http://www.diskboss.com/ Software Link: http://www.diskboss.com/setups/diskbossentsetupv8.8.16.exe...

10CVSS9.2AI score0.39123EPSS
Exploits5
0day.today
0day.today
added 2018/01/09 12:0 a.m.57 views

Microsoft Edge Chakra JIT - Escape Analysis Bug Exploit

Exploit for windows platform in category dos / poc / Escape analysis: https://en.wikipedia.org/wiki/Escapeanalysis Chakra fails to detect if "tmp" escapes the scope, allocates it to the stack. This may lead to dereference uninitialized stack values. PoC: / function opt let tmp = ; tmp0 = tmp;...

7.6CVSS7.8AI score0.62646EPSS
Exploits3
0day.today
0day.today
added 2018/01/09 12:0 a.m.28 views

Commvault Communications Service (cvd) - Command Injection Exploit

Exploit for windows platform in category remote exploits This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core/exploit/powershell' class MetasploitModule 'Commvault Communications Service cvd Command...

7.1AI score
Exploits0
0day.today
0day.today
added 2018/01/09 12:0 a.m.18 views

Microsoft Windows - Local XPS Print Spooler Sandbox Escape Exploit

Exploit for windows platform in category local exploits Windows: Local XPS Print Spooler Sandbox Escape Platform: Windows 10 1703 and 1709 not tested Windows 7 or 8.x Class: Elevation of Privilege Summary: The local print spooler can be abused to create an arbitrary file from a low privilege...

6.8AI score
Exploits0
0day.today
0day.today
added 2018/01/09 12:0 a.m.53 views

Microsoft Edge Chakra JIT - BackwardPass::RemoveEmptyLoopAfterMemOp Does not Insert Branches

Exploit for windows platform in category dos / poc / The optimizations for memory operations may leave empty loops as follows: for let i = 0; i arr.length; i++ arri = 0; Becomes: Memsetarr, 0, arr.length; for let i = 0; i arr.length; i++ // empty! These empty loops will be removed by...

7.6CVSS7.8AI score0.6546EPSS
Exploits3
0day.today
0day.today
added 2018/01/09 12:0 a.m.54 views

Microsoft Windows - nt!NtQuerySystemInformation (information class 138, QueryMemoryTopologyInformati

Exploit for windows platform in category dos / poc / We have discovered that the nt!NtQuerySystemInformation system call invoked with the 138 information class discloses portions of uninitialized kernel pool memory to user-mode clients. The specific information class is handled by an internal...

1.9CVSS5.4AI score0.04075EPSS
Exploits1
0day.today
0day.today
added 2018/01/09 12:0 a.m.57 views

Microsoft Edge Chakra asm.js Out-of-Bounds Read Exploit

Exploit for windows platform in category dos / poc / Here's a snippet of AsmJSByteCodeGenerator::EmitAsmJsFunctionBody. AsmJsVar initSource = nullptr; if decl-sxVar.pnodeInit-nop == knopName AsmJsSymbol initSym = mCompiler-LookupIdentifierdecl-sxVar.pnodeInit-name, mFunction; if...

7.6CVSS7.8AI score0.6546EPSS
Exploits3
0day.today
0day.today
added 2018/01/09 12:0 a.m.60 views

Microsoft Edge Chakra JIT - Op_MaxInAnArray and Op_MinInAnArray can Explicitly call User-Defined Jav

Exploit for windows platform in category dos / poc / 1. Call patterns like "Math.max.applyMath, 1, 2, 3, 4, 5" and "Math.max.applyMath, arr" can be optimized to directly call the method "JavascriptMath::MaxInAnArray" in the Inline Phase. 2. The method takes the original method "Math.max" as the...

7.6CVSS7.8AI score0.68491EPSS
Exploits3
0day.today
0day.today
added 2018/01/09 12:0 a.m.44 views

Android - Inter-Process munmap due to Race Condition in ashmem Exploit

Exploit for Android platform in category dos / poc The MemoryIntArray class allows processes to share an in-memory array of integers backed by an "ashmem" file descriptor. As the class implements the Parcelable interface, it can be inserted into a Parcel, and optionally placed in a Bundle and...

7.2CVSS7.8AI score0.02535EPSS
Exploits5
0day.today
0day.today
added 2018/01/09 12:0 a.m.59 views

Microsoft Windows - nt!NtQueryInformationProcess (information class 76, QueryProcessEnergyValues) Ke

Exploit for windows platform in category dos / poc / We have discovered that the nt!NtQueryInformationProcess system call invoked with the 76 information class discloses portions of uninitialized kernel stack memory to user-mode clients. The specific information class is handled by an internal...

1.9CVSS5.6AI score0.02867EPSS
Exploits1
0day.today
0day.today
added 2018/01/08 12:0 a.m.39 views

Disk Pulse Enterprise 10.1.18 - Denial of Service Exploit

Exploit for windows platform in category remote exploits Exploit Title: Disk Pulse Enterprise Server v10.1.18 - DOS, Date: 2017-10-20 Exploit Author: Ahmad Mahfouz Software Link: http://www.diskpulse.com/setups/diskpulsesrvsetupv10.1.18.exe Version: v10.1.18 Category; Windows Remote DOS CVE:...

5CVSS7.6AI score0.13176EPSS
Exploits8
0day.today
0day.today
added 2018/01/08 12:0 a.m.70 views

FiberHome LM53Q1 - Multiple Vulnerabilities

Exploit for hardware platform in category web applications !/usr/bin/python Exploit Title: FiberHome MIFI LM53Q1 Multiple Vulnerabilities Exploit Author: Ibad Shah Vendor Homepage: www.fiberhome.com Version: VH519R05C01S38 Tested on: Linux Platform : Hardware CVE : CVE-2017-16885, CVE-2017-16886,...

6.8CVSS9.2AI score0.36627EPSS
Exploits7
0day.today
0day.today
added 2018/01/08 12:0 a.m.57 views

Sync Breeze Enterprise 10.1.16 - Denial of Service Exploit

Exploit for windows platform in category dos / poc Exploit Title: Sync Breeze Enterprise Server v10.1.16 - Denial of Service Date: 2017-10-20 Exploit Author: Ahmad Mahfouz Software Link: http://www.syncbreeze.com/setups/syncbreezesrvsetupv10.1.16.exe Version: v10.1.16 Category; Windows Remote DOS...

7.5AI score0.09145EPSS
Exploits5
0day.today
0day.today
added 2018/01/08 12:0 a.m.39 views

VX Search Enterprise 10.1.12 - Denial of Service Exploit

Exploit for windows platform in category dos / poc Exploit Title: VX Search Enterprise Server v10.1.12 - Denial of Service Date: 2017-10-20 Exploit Author: Ahmad Mahfouz Software Link: http://www.vxsearch.com/setups/vxsearchsrvsetupv10.1.12.exe Version: v10.1.12 Category; Windows Remote DOS CVE:...

5CVSS7.5AI score0.09145EPSS
Exploits5
0day.today
0day.today
added 2018/01/08 12:0 a.m.40 views

WordPress LearnDash 2.5.3 Plugin - Arbitrary File Upload Vulnerability

Exploit for php platform in category web applications Exploit Title: WordPress LearnDash 2.5.3 Unauthenticated Arbitrary File Upload Date: 07-01-2018 Vendor Homepage: https://www.learndash.com/ Vendor Changelog: https://www.learndash.com/changelog/ Version: 2.5.3 Exploit Author: NinTechNet Author...

7.1AI score
Exploits0
0day.today
0day.today
added 2018/01/08 12:0 a.m.69 views

Vanilla < 2.1.5 - Cross-Site Request Forgery Vulnerability

Exploit for php platform in category web applications Exploit Title: CSRF vulnerabilities in Vanilla Forums below 2.1.5-CVE-2017-1000432 Google Dork: NA Date: 7/1/2018 Contact: https://twitter.com/anandm47 website: https://anandtechzone.blogspot.in Exploit Author: Anand Meyyappan Vendor Homepage:...

7.2CVSS0.2AI score0.01647EPSS
Exploits12
0day.today
0day.today
added 2018/01/08 12:0 a.m.29 views

BarcodeWiz ActiveX Control < 6.7 - Buffer Overflow (PoC) Vulnerability

Exploit for windows platform in category dos / poc + Credits: John Page aka hyp3rlinx Vendor: ================= www.barcodewiz.com Product: ============= BarcodeWiz ActiveX Control 6.7 BarCodeWiz OnLabel. Generates dynamic barcodes from your imported Excel, CSV, or Access files. Print auto...

7AI score0.03914EPSS
Exploits6
0day.today
0day.today
added 2018/01/08 12:0 a.m.165 views

Synology DiskStation Manager (DSM) < 6.1.3-15152 - forget_passwd.cgi User Enumeration

Exploit for cgi platform in category web applications Exploit Title: Synology DiskStation Manager DSM 6.1.3-15152 - 'forgetpasswd.cgi' User Enumeration Date: 01/05/2018 Exploit Author: Steve Kaun Vendor Homepage: https://www.synology.com Version: Before 6.1.3-15152 CVE : CVE-2017-9554 Previously...

5CVSS5.7AI score0.75016EPSS
Exploits6
0day.today
0day.today
added 2018/01/08 12:0 a.m.52 views

DiskBoss Enterprise 8.5.12 - Denial of Service Exploit

Exploit for windows platform in category dos / poc Exploit Title: DiskBoss Enterprise Server 8.5.12 - Denial of Service Date: 2017-10-20 Exploit Author: Ahmad Mahfouz Software Link: http:///www.diskboss.com/setups/diskbosssrvsetupv8.5.12.exe Version: v10.1.16 Category; Windows Remote DOS CVE:...

7.5AI score0.09145EPSS
Exploits5
0day.today
0day.today
added 2018/01/08 12:0 a.m.247 views

Oracle WebLogic < 10.3.6 - wls-wsat Component Deserialisation Remote Command Execution Exploit

Exploit for multiple platform in category remote exploits !/usr/bin/env python -- coding: utf-8 -- Exploit Title: Weblogic wls-wsat Component Deserialization RCE Date Authored: Jan 3, 2018 Date Announced: 10/19/2017 Exploit Author: Kevin Kirsche d3c3pt10n Exploit Github:...

5CVSS0.1AI score0.99993EPSS
Exploits45
0day.today
0day.today
added 2018/01/08 12:0 a.m.35 views

D-Link DNS-320 ShareCenter < 1.06 - Backdoor Access Vulnerability

Exploit for hardware platform in category web applications DNS-320L ShareCenter Backdoor Vendor: D-Link Product: DNS-320L ShareCenter Version: = 1.06 -- Table of contents 00 - Introduction 00.1 Background 01 - Hard coded...

7.1AI score
Exploits0
0day.today
0day.today
added 2018/01/07 12:0 a.m.26 views

Joomla VMap 1.9.2 SQL Injection Vulnerability

Exploit for php platform in category web applications Title: Joomla! VMap 1.9.2 - SQL injection Credit: Bilal KARDADOU Vendor: https://www.wdmtech.com URL: https://extensions.joomla.org/extensions/extension/maps-a-weather/maps-a-locations/vmap/ Product: 'Joomla! VMap 1.9.2' Developer: WDMtech...

7.4AI score
Exploits0
0day.today
0day.today
added 2018/01/07 12:0 a.m.59 views

Western Digital WDMyCloud 2.30.165 Multiple Vulnerabilities

WDMyCloud versions 2.30.165 and below suffer from file upload, hard coded backdoor, command injection, cross site request forgery, denial of service, and information disclosure vulnerabilities. WDMyCloud = 2.30.165 Multiple Vulnerabilities Released Date: 2018-01-04 Last Modified: 2017-06-11 Compa...

0.2AI score
Exploits0
Total number of security vulnerabilities39001