Lucene search
K

39001 matches found

0day.today
0day.today
added 2017/12/22 12:0 a.m.80 views

WordPress mgl-instagram-gallery Plugin Cross Site Scripting Vulnerability

Exploit for php platform in category web applications + Title: WordPress mgl-instagram-gallery Plugin Cross Site Scripting XSS + Author: Mostafa Gharzi + Vendor Homepage: www.Wordpress.org , www.pluginu.com/mgl-instagram-gallery/ + Tested on: Windows 10 & Kali Linux + Vulnerable File:...

7.1AI score
Exploits0
0day.today
0day.today
added 2017/12/22 12:0 a.m.75 views

Technicolor DPC3928SL - SNMP Authentication Bypass Exploit

Exploit for hardware platform in category remote exploits !/usr/bin/python -- coding: utf-8 -- StringBleed - CVE-2017-5135 author = "Nixawk" funcs = 'generatesnmpcommunitystr', 'generatesnmpprotopayload', 'sendsnmprequest', 'readsnmpcommunitystr', 'readsnmpvarbindstr', 'snmplogin',...

6.4CVSS9.4AI score0.17534EPSS
Exploits3
0day.today
0day.today
added 2017/12/22 12:0 a.m.92 views

Netcore / Netis Routers - UDP Backdoor Exploit

Exploit for hardware platform in category remote exploits !/usr/bin/python -- coding: utf8 -- NETCORE / NETDIS UDP 53413 BACKDOOR https://netisscan.shadowserver.org/ http://blog.trendmicro.com/trendlabs-security-intelligence/netis-routers-leave-wide-open-backdoor/...

7.1AI score
Exploits0
0day.today
0day.today
added 2017/12/22 12:0 a.m.43 views

ServersCheck Monitoring Software Cross Site Scripting Vulnerability

ServersCheck Monitoring Software versions prior to 14.2.3 suffers from a cross site scripting vulnerability. Exploit Title: ServersCheck Monitoring Software before 14.2.3 Cross-site scripting vulnerability CVE: CVE-2017-17832 Date: 21-12-2017 Exploit Author: Aloyce J. Makalanga Contact:...

3.5CVSS5.3AI score0.00707EPSS
Exploits2
0day.today
0day.today
added 2017/12/22 12:0 a.m.52 views

Oracle MySQL UDF Payload Execution Exploit

This Metasploit module creates and enables a custom UDF user defined function on the target host via the SELECT ... into DUMPFILE method of binary injection. On default Microsoft Windows installations of MySQL versions 5.5.9 and below, directory write permissions not enforced, and the MySQL servi...

7.3AI score
Exploits0
0day.today
0day.today
added 2017/12/22 12:0 a.m.46 views

Fortinet FortiGate 4.x < 5.0.7 - SSH Backdoor Exploit

Exploit for linux platform in category remote exploits !/usr/bin/env python SSH Backdoor for FortiGate OS Version 4.x up to 5.0.7 Usage: ./fgtsshbackdoor.py import socket import select import sys import paramiko from paramiko.py3compat import u import base64 import hashlib import termios import t...

7.1AI score
Exploits0
0day.today
0day.today
added 2017/12/22 12:0 a.m.26 views

Roommate And Real Estate Listing Classified Response 1.0 XSS Vulnerability

Roommate and Real Estate Listing Classified Response version 1.0 suffers from a cross site scripting vulnerability. Exploit Title: Roommate and Real Estate Listing Classified Responsive Web Application - Cross Site Scripting Google Dork: N/A Date: 2017/22/12 Exploit Author: ShanoWeb Author Mail :...

6.6AI score
Exploits0
0day.today
0day.today
added 2017/12/22 12:0 a.m.137 views

Ruby < 2.2.8 / < 2.3.5 / < 2.4.2 / < 2.5.0-preview1 - NET::Ftp Command Injection Exploit

Exploit for ruby platform in category local exploits While using NET::Ftp I realised you could get command execution through "malicious" file names. The problem lies in the gettextfileremotefile, localfile = File.basenameremotefile method. When looking at the source code, you'll note: def...

9.3CVSS7.7AI score0.73927EPSS
Exploits5
0day.today
0day.today
added 2017/12/21 12:0 a.m.30 views

WordPress Grifus 4.0.1 Cross Site Scripting Vulnerability

Exploit for php platform in category web applications ====== Title: Grifus WordPress Themes XSS Vuln Version: 4.0.1 Homepage: https://mundothemes.com/grifus/ ======= Description ================ Grifus WordPress theme For movies Web POC: ======== 1. Go To Terget Web 2. Click Search box 3. Now Giv...

7.1AI score
Exploits0
0day.today
0day.today
added 2017/12/21 12:0 a.m.28 views

Conarc iChannel - Improper Access Restrictions Vulnerability

Exploit for multiple platform in category web applications Exploit Title: Conarc iChannel - Unauthenticated Access/Default Webserver Misconfiguration allows for compromise of server Date: 2017-12-19 Exploit Author: Information Paradox CVE : CVE-2017-17759...

10CVSS9.3AI score0.11292EPSS
Exploits3
0day.today
0day.today
added 2017/12/21 12:0 a.m.25 views

WordPress WebConnex Form Management 1.6.3 Cross Site Scripting Vulnerability

Exploit for php platform in category web applications Credit Ricardo Sanchez Vulnerable WebConnex Form Management 1.6.3 WebConnex Form Management is prone to a stored cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this iss...

7.1AI score
Exploits0
0day.today
0day.today
added 2017/12/21 12:0 a.m.24 views

WordPress Itinerary 1.0.0 Cross Site Scripting Vulnerability

Exploit for php platform in category web applications Credit Ricardo Sanchez Vulnerable Itinerary 1.0.0 Itinerary is prone to a stored cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script...

7.1AI score
Exploits0
0day.today
0day.today
added 2017/12/20 12:0 a.m.38 views

WordPress Clean Up Optimizer 4.0.0 SQL Injection Vulnerability

WordPress Clean Up Optimizer plugin versions 4.0.0 and below suffer from a remote SQL injection vulnerability. Advisory Title: WordPress Clean Up Optimizer Plugin Security Vulnerability Advisory URL: http://www.defensecode.com/advisories.php Software: WordPress Clean Up Optimizer plugin Language:...

0.2AI score
Exploits0
0day.today
0day.today
added 2017/12/20 12:0 a.m.29 views

Samsung Internet Browser - SOP Bypass Exploit

Exploit for Android platform in category remote exploits This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Samsung Internet Browser SOP Bypass', 'Description' = %q This module takes advantage of ...

5CVSS7.6AI score0.78843EPSS
Exploits7
0day.today
0day.today
added 2017/12/20 12:0 a.m.75 views

TP-Link TL-SG108E XSS / Weak Access Control Vulnerability

TP-Link TL-SG108E with firmware 1.0.0 Build 20160722 Rel.50167 suffers from cross site scripting and weak access control vulnerabilities. Overview ------------- Three vulnerabilities have been discovered in the TP-Link TL-SG108E, firmware 1.0.0 Build 20160722 Rel.50167: CVE-2017-17745 - Cross Sit...

3.5CVSS5.8AI score0.02039EPSS
Exploits5
0day.today
0day.today
added 2017/12/20 12:0 a.m.52 views

Ability Mail Server 3.3.2 - Cross-Site Scripting Exploit

Exploit for multiple platform in category web applications Exploit Title: Ability Mail Server 3.3.2 Persistent Cross Site Scripting XSS CVE: CVE-2017-17752 Date: 19-12-2017 Software Link: http://download.codecrafters.com/ams3.exe Exploit Author: Aloyce J. Makalanga Contact:...

4.3CVSS6.4AI score0.01383EPSS
Exploits5
0day.today
0day.today
added 2017/12/20 12:0 a.m.55 views

WordPress Custom Map 1.1 Cross Site Scripting Vulnerability

WordPress Custom Map plugin version 1.1 suffers from a cross site scripting vulnerability. Product: Custom Map WordPress Plugin - https://wordpress.org/plugins/custom-map/ Vendor: webdesi9 Tested version: 1.1 CVE ID: CVE-2017-17744 CVE description A cross-site scripting XSS vulnerability in the...

4.3CVSS6.2AI score0.00938EPSS
Exploits3
0day.today
0day.today
added 2017/12/20 12:0 a.m.56 views

WordPress CSV Import-Export 1.1 Cross Site Scripting Vulnerability

WordPress CSV Import-Export plugin version 1.1 suffers from a cross site scripting vulnerability. Product: CSV Import-Export Wordpress Plugin - https://wordpress.org/plugins/csv-import-export/ Vendor: eSparkBiz Tested version: 1.1 CVE ID: CVE-2017-17753 CVE description Multiple cross-site scripti...

4.3CVSS6.2AI score0.00845EPSS
Exploits2
0day.today
0day.today
added 2017/12/20 12:0 a.m.32 views

Microsoft Windows 10 Hello Face Authentication Bypass Vulnerability

Microsoft Windows 10 offers a biometric authentication mechanism using "near infrared" face recognition technology with specific Windows Hello compatible cameras. Due to an insecure implementation of the biometric face recognition in some Windows 10 versions, it is possible to bypass the Windows...

7AI score
Exploits0
0day.today
0day.today
added 2017/12/20 12:0 a.m.55 views

WordPress Concours 1.1 Cross Site Scripting Vulnerability

Exploit for php platform in category web applications Product: WordPress Concours Plugin - https://wordpress.org/plugins/wp-concours/ Vendor: Olyos Tested version: 1.1 CVE ID: CVE-2017-17719 CVE description A cross-site scripting XSS vulnerability in the wp-concours plugin through 1.1 for WordPre...

6.4AI score0.00938EPSS
Exploits3
0day.today
0day.today
added 2017/12/20 12:0 a.m.48 views

WordPress Booking Calendar 7.0 / 7.1 SQL Injection / Local File Inclusion Vulnerabilities

WordPress Booking Calendar plugin versions 7.1, 7.0, and below suffer from remote SQL injection and local file inclusion vulnerabilities. Advisory Title: WordPress Booking Calendar Plugin Multiple Vulnerabilities Advisory URL: http://www.defensecode.com/advisories.php Software: WordPress Booking...

8AI score
Exploits0
0day.today
0day.today
added 2017/12/20 12:0 a.m.54 views

BEIMS ContractorWeb 5.18.0.0 - SQL Injection Vulnerability

Exploit for windows platform in category web applications Exploit Title: SQL Injection Date: 18 December, 2017 Exploit Author: Rajwinder Singh Vendor Homepage: http://www.beims.com/products/ Software Link: http://www.beims.com/optional-modules/ccw Version: BEIMS ContractorWeb .NET System 5.18.0.0...

7.5CVSS0.1AI score0.03596EPSS
Exploits4
0day.today
0day.today
added 2017/12/20 12:0 a.m.152 views

Intel Content Protection HECI Service - Type Confusion Privilege Escalation Exploit

Exploit for windows platform in category dos / poc Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1358 Intel Content Protection HECI Service Type Confusion EoP Platform: Tested on Windows 10, service version 9.0.2.117 Class: Elevation of Privilege Summary: The Intel Content...

7.2CVSS0.1AI score0.01445EPSS
Exploits1
0day.today
0day.today
added 2017/12/20 12:0 a.m.22 views

TeamViewer 11 < 13 (Windows 10 x86) - Inline Hooking / Direct Memory Modification Permission Chan

Exploit for windows platform in category local exploits --- A proof of concept injectable C++ DLL, that uses naked inline hooking and direct memory modification to change TeamViewer permissions. Features As the Server - Enables extra menu item options on the right side pop-up menu. Most useful so...

7.2AI score
Exploits0
0day.today
0day.today
added 2017/12/20 12:0 a.m.36 views

Microsoft Windows Kernel - NtQueryVirtualMemory(MemoryMappedFilenameInformation) Double-Write Ring-0

Exploit for windows platform in category dos / poc / Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1456 We have discovered that it is possible to disclose addresses of kernel-mode Paged Pool allocations via a race-condition in the implementation of the NtQueryVirtualMemory...

7AI score
Exploits0
0day.today
0day.today
added 2017/12/19 12:0 a.m.27 views

WordPress Yakadanda Google+ Hangout Events 0.3.7 XSS Vulnerability

WordPress Yakadanda Google+ Hangout Events plugin version 0.3.7 suffers from a cross site scripting vulnerability. Credit Ricardo Sanchez Vulnerable Yakadanda Google+ Hangout Events 0.3.7 Yakadanda Google+ Hangout Events is prone to a stored cross-site scripting vulnerability because it fails to...

6.7AI score
Exploits0
0day.today
0day.today
added 2017/12/19 12:0 a.m.27 views

WordPress Share This Image 1.03 Cross Site Scripting Vulnerability

Exploit for php platform in category web applications Credit Ricardo Sanchez Vulnerable Share This Image 1.03 Share This Image is prone to a stored cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute...

Exploits0
0day.today
0day.today
added 2017/12/19 12:0 a.m.73 views

Microsoft Windows Array.sort jscript.dll Heap Overflow Exploit

There is an heap overflow vulnerability in jscript.dll library used in IE, WPAD and other places. The bug affects 2 functions, JsArrayStringHeapSort and JsArrayFunctionHeapSort. Windows: heap overflow in jscript.dll in Array.sort CVE-2017-11907 There is an heap overflow vulnerability in jscript.d...

7.6CVSS8AI score0.64164EPSS
Exploits4
0day.today
0day.today
added 2017/12/19 12:0 a.m.161 views

Linksys WVBR0 - User-Agent Remote Command Injection Exploit

Exploit for hardware platform in category web applications -- coding: utf-8 -- Author: Nixawk CVE-2017-17411 Linksys WVBR0 25 Command Injection """ $ python2.7 exploit-CVE-2017-17411.py Usage: python exploit-CVE-2017-17411.py $ python2.7 exploit-CVE-2017-17411.py http://example.com/ + Target is...

10CVSS9.2AI score0.87929EPSS
Exploits9
0day.today
0day.today
added 2017/12/19 12:0 a.m.43 views

Tuleap 9.6 Second-Order PHP Object Injection Exploit

This Metasploit module exploits a Second-Order PHP Object Injection vulnerability in Tuleap 'Tuleap 9.6 Second-Order PHP Object Injection', 'Description' = %q This module exploits a Second-Order PHP Object Injection vulnerability in Tuleap = 9.6 which could be abused by authenticated users to...

6.5CVSS9.2AI score0.66632EPSS
Exploits6
0day.today
0day.today
added 2017/12/19 12:0 a.m.61 views

Microsoft Windows jscript!RegExpFncObj::LastParen Out-Of-Bounds Read Exploit

Exploit for windows platform in category dos / poc Windows: out-of-bounds read in jscript!RegExpFncObj::LastParen CVE-2017-11906 There is an out-of-bounds read in jscript.dll library used in IE, WPAD and other places: PoC for IE note: page heap might be required to obsorve the crash:...

2.6CVSS6.7AI score0.25116EPSS
Exploits4
0day.today
0day.today
added 2017/12/19 12:0 a.m.60 views

Microsoft Windows jscript!RegExpComp::Compile Heap Overflow Exploit

There is a heap overflow in jscript.dll when compiling a regex. This issue could potentially be exploited through multiple vectors. Windows: Heap overflow in jscript!RegExpComp::Compile through IE or local network via WPAD CVE-2017-11890 There is a heap overflow in jscript.dll when compiling a...

7.6CVSS7.9AI score0.49398EPSS
Exploits4
0day.today
0day.today
added 2017/12/19 12:0 a.m.63 views

Microsoft Windows jscript!JsArraySlice Uninitialized Variable Exploit

Exploit for windows platform in category dos / poc Windows: Uninitialized variable in jscript!JsArraySlice CVE-2017-11855 There is an uninitialized variable vulnerability in jscript.dll. This issue could potentially be exploited through multiple vectors: - By opening a malicious web page in...

7.6CVSS7.5AI score0.47913EPSS
Exploits4
0day.today
0day.today
added 2017/12/19 12:0 a.m.27 views

Joomla NextGen Editor 2.1.0 Component - plname SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: Joomla! Component NextGen Editor 2.1.0 - SQL Injection Dork: N/A Date: 19.12.2017 Vendor Homepage: hhttp://nextgeneditor.com/ Software Link: https://extensions.joomla.org/extension/nextgen-editor/ Software Download:...

7.1AI score
Exploits0
0day.today
0day.today
added 2017/12/19 12:0 a.m.73 views

Microsoft Internet Explorer 11 jscript!JSONStringifyObject Use-After-Free Exploit

There is a use-after-free in jscript.dll library that can be exploited in IE11. IE11: use-after-free in jscript!JSONStringifyObject CVE-2017-11793 There is a use-after-free in jscript.dll library that can be exploited in IE11. PoC: ========================================= var o1 = toJSON:functio...

7.6CVSS7.7AI score0.48907EPSS
Exploits3
0day.today
0day.today
added 2017/12/19 12:0 a.m.58 views

BrightSign Digital Signage - Multiple Vulnerablities

Exploit for hardware platform in category web applications Exploit Title: BrightSign Digital Signage Multiple Vulnerabilities Date: 12/15/17 Exploit Author: email protected Vectors: XSS, Directory Traversal, File Modification, Information Leakage The BrightSign Digital Signage 4k242 device Firmwa...

7.5CVSS0.1AI score0.1189EPSS
Exploits5
0day.today
0day.today
added 2017/12/19 12:0 a.m.68 views

Microsoft Windows jscript!NameTbl::GetValDef Use-After-Free Exploit

Exploit for windows platform in category dos / poc Windows: use-after-free in jscript!NameTbl::GetValDef CVE-2017-11903 There is a use-after-free vulnerability in jscript.dll. This issue could potentially be exploited through multiple vectors: - An attacker on the local network could exploit this...

7.6CVSS7.8AI score0.46179EPSS
Exploits4
0day.today
0day.today
added 2017/12/19 12:0 a.m.170 views

Jenkins XStream Groovy classpath Deserialization Exploit

This Metasploit module exploits CVE-2016-0792 a vulnerability in Jenkins versions older than 1.650 and Jenkins LTS versions older than 1.642.2 which is caused by unsafe deserialization in XStream with Groovy in the classpath, which allows remote arbitrary code execution. The issue affects default...

9CVSS8.9AI score0.82697EPSS
Exploits23
0day.today
0day.today
added 2017/12/18 12:0 a.m.15 views

CDex 1.96 - Buffer Overflow Exploit

Exploit for windows platform in category dos / poc !/usr/bin/python Exploit Author: bzyo Twitter: @bzyo Exploit Title: CDex 1.96 - Local Stack Buffer Overflow Date: 17-12-2017 Vulnerable Software: CDex 1.96 Unicode Build Vendor Homepage: http://cdex.mu/ Version: v1.96 Software Link:...

7AI score
Exploits0
0day.today
0day.today
added 2017/12/18 12:0 a.m.36 views

Joomla User Bench 1.0 Component - userid SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: Joomla! Component User Bench 1.0 - SQL Injection Dork: N/A Date: 18.12.2017 Vendor Homepage: http://www.gegabyte.org/ Software Link:...

7.1AI score
Exploits0
0day.today
0day.today
added 2017/12/18 12:0 a.m.258 views

Linux kernel < 4.10.15 - Race Condition Privilege Escalation Exploit

Exploit for linux platform in category local exploits PoC for CVE-2017-10661, triggers UAF with KASan enabled in kernel 4.10 / include include include include include include include include include include include include include include include include include define RACETIME 1000000 int fd; in...

7.6CVSS7.5AI score0.13378EPSS
Exploits3
0day.today
0day.today
added 2017/12/18 12:0 a.m.36 views

Joomla Guru Pro Component - promocode SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: Joomla! Component Guru Pro 'promocode'- SQL Injection Dork: N/A Date: 17.12.2017 Vendor Homepage: https://www.ijoomla.com/ Software Link:...

7.1AI score
Exploits0
0day.today
0day.today
added 2017/12/18 12:0 a.m.28 views

Joomla JB Visa 1.0 Component - visatype SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: Joomla! Component JB Visa 1.0 - SQL Injection Dork: N/A Date: 17.12.2017 Vendor Homepage: http://joombooking.com/ Software Link: https://extensions.joomla.org/extensions/extension/vertical-markets/booking-a-reservations/jb-visa/...

0.1AI score
Exploits0
0day.today
0day.today
added 2017/12/18 12:0 a.m.177 views

GoAhead httpd 2.5 < 3.6.5 - LD_PRELOAD Remote Code Execution Exploit

Exploit for linux platform in category remote exploits !/usr/bin/python GoAhead httpd/2.5 to 3.6.5 LDPRELOAD remote code execution exploit EDB Note: Payloads https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/bin-sploits/43360.zip EDB Note: Source...

8.1AI score0.96327EPSS
Exploits15
0day.today
0day.today
added 2017/12/18 12:0 a.m.14 views

Outlook for Android - Attachment Download Directory Traversal Exploit

Exploit for Android platform in category remote exploits ''' There is a directory traversal issue in attachment downloads in Outlook for Android. There is no path sanitization on the attachment filename in the app. If the email account is a Hotmail account, this will be sanitized by the server, b...

0.3AI score
Exploits0
0day.today
0day.today
added 2017/12/18 12:0 a.m.27 views

Joomla My Projects 2.0 Component - SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: Joomla! Component My Projects 2.0 - SQL Injection Dork: N/A Date: 18.12.2017 Vendor Homepage: http://www.gegabyte.org/ Software Link:...

7.4AI score
Exploits0
0day.today
0day.today
added 2017/12/17 12:0 a.m.80 views

Zoom Linux Client 2.0.106600.0904 Command Injection Vulnerability

The binary /opt/zoom/ZoomLauncher is vulnerable to command injection because it uses user input to construct a shell command without proper sanitization. The client registers a scheme handler zoommtg:// and this makes possible to trigger the vulnerability remotely. Version 2.0.106600.0904 is...

9.3CVSS8.9AI score0.17048EPSS
Exploits5
0day.today
0day.today
added 2017/12/17 12:0 a.m.92 views

Zoom Linux Client 2.0.106600.0904 Buffer Overflow Vulnerability

The binary /opt/zoom/ZoomLauncher is vulnerable to a buffer overflow because it concatenates a overly long user input to a stack variable without checking if the destination buffer is long enough to hold the data. The binary also has important security features like canary turned off. The client...

6.8CVSS8.9AI score0.10163EPSS
Exploits5
0day.today
0day.today
added 2017/12/17 12:0 a.m.32 views

WordPress Sagepay Server Gateway For WooCommerce 1.0.7 XSS Vulnerability

WordPress Sagepay Server Gateway For WooCommerce plugin version 1.0.7 suffers from a persistent cross site scripting vulnerability. Credit Ricardo Sanchez Vulnerable SagePay Server Gateway for WooCommerce 1.0.7 SagePay Server Gateway for WooCommerce is prone to a stored cross-site scripting...

6.7AI score
Exploits0
0day.today
0day.today
added 2017/12/17 12:0 a.m.23 views

WordPress Placemarks 2.0.0 Cross Site Scripting Vulnerability

WordPress Placemarks plugin version 2.0.0 suffers from a persistent cross site scripting vulnerability. Credit Ricardo Sanchez Vulnerable Placemarks 2.0.0 Placemarks is prone to a stored cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker m...

6.6AI score
Exploits0
Total number of security vulnerabilities39001