Результаты поиска

Joomla! Component NextGen Editor 2.1.0 - 'plname' SQL Injection # # # # # # Exploit Title: Joomla! Component NextGen Editor 2.1.0 - SQL Injection # Dork: N/A # Date: 19.12.2017 # Vendor Homepage: hhttp://nextgeneditor.com/ # Software Link...

Microsoft Windows - 'jscript!NameTbl::GetValDef' Use-After-Free <!-- Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1376 There is a use-after-free vulnerability in jscript.dll. This issue could potentially be exploited through multiple vectors: - An attacker on the local...

Zoom Linux Client 2.0.106600.0904 - Stack-Based Buffer Overflow (PoC) [CONVISO-17-002] - Zoom Linux Client Stack-based Buffer Overflow Vulnerability 1. Advisory Information Conviso Advisory ID: CONVISO-17-002 CVE ID: CVE-2017-15048 CVSS v2: 6.8, (AV:N/AC:M/Au:N/C:P/I:P/A:P)...

Western Digital MyCloud - 'multi_uploadify' File Upload (Metasploit) ## # This module requires Metasploit: https://metasploit.com/download # Current source: https://github.com/rapid7/metasploit-framework ## class MetasploitModule < Msf::Exploit::Remote Rank = ExcellentRanking...

GoAhead Web Server 2.5 < 3.6.5 - HTTPd 'LD_PRELOAD' Remote Code Execution #!/usr/bin/python # GoAhead httpd/2.5 to 3.6.5 LD_PRELOAD remote code execution exploit # EDB Note: Payloads ~ https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/43360.zip # EDB Note...

Joomla! Component JB Visa 1.0 - 'visatype' SQL Injection # # # # # # Exploit Title: Joomla! Component JB Visa 1.0 - SQL Injection # Dork: N/A # Date: 17.12.2017 # Vendor Homepage: http://joombooking.com/ # Software Link...

CDex 1.96 - Buffer Overflow (PoC) #!/usr/bin/python # # Exploit Author: bzyo # Twitter: @bzyo_ # Exploit Title: CDex 1.96 - Local Stack Buffer Overflow # Date: 17-12-2017 # Vulnerable Software: CDex 1.96 (Unicode Build) # Vendor Homepage: http://cdex.mu/ # Version: v1.96 # Software Link...

Outlook for Android - Attachment Download Directory Traversal ''' There is a directory traversal issue in attachment downloads in Outlook for Android. There is no path sanitization on the attachment filename in the app. If the email account is a Hotmail account, this will be sanitized by the...

Zoom Linux Client 2.0.106600.0904 - Command Injection [CONVISO-17-003] - Zoom Linux Client Command Injection Vulnerability (RCE) 1. Advisory Information Conviso Advisory ID: CONVISO-17-003 CVE ID: CVE-2017-15049 CVSS v2: 10, (AV:N/AC:L/Au:N/C:C/I:C/A:C) Date: 2017-10-01 2...

Palo Alto Networks Firewalls - Root Remote Code Execution This is a public advisory for CVE-2017-15944 which is a remote root code execution bug in Palo Alto Networks firewalls. Three separate bugs can be used together to remotely execute commands as root through the web management interface...

Movie Guide 2.0 - SQL Injection # # # # # # Exploit Title: Movie Guide 2.0 - SQL Injection # Dork: N/A # Date: 15.12.2017 # Vendor Homepage: http://applebitemedia.com/ # Software Link: http://applebitemedia.com/amwdl/AM_Movie_Guide.tar.gz # Version: 2.0 # Category: Webapps # Tested on...

Monstra CMS 3.0.4 - (Authenticated) Arbitrary File Upload / Remote Code Execution Exploit Title: Monstra CMS - 3.0.4 RCE Vendor Homepage: http://monstra.org/ Software Link: https://bitbucket.org/Awilum/monstra/downloads/monstra-3.0.4.zip Discovered by: Ishaq Mohammed Contact...

Dup Scout Enterprise - 'Login' Buffer Overflow (Metasploit) ## # This module requires Metasploit: https://metasploit.com/download # Current source: https://github.com/rapid7/metasploit-framework ## class MetasploitModule < Msf::Exploit::Remote Rank = ExcellentRanking include...

Advantech WebAccess 8.2-2017.03.31 - Webvrpcs Service Opcode 80061 Stack Buffer Overflow (Metasploit) ## # This module requires Metasploit: http://metasploit.com/download # Current source: https://github.com/rapid7/metasploit-framework ## class MetasploitModule < Msf::Exploit::Remote Rank...

pfSense 2.4.1 - Cross-Site Request Forgery Error Page Clickjacking (Metasploit) ## # This module requires Metasploit: http://metasploit.com/download # Current source: https://github.com/rapid7/metasploit-framework ## class MetasploitModule < Msf::Exploit::Remote Rank = NormalRanking...

FS Lynda Clone 1.0 - SQL Injection <!-- # # # # # # Exploit Title: FS Lynda Clone 1.0 - SQL Injection # Dork: N/A # Date: 13.12.2017 # Vendor Homepage: https://fortunescripts.com/ # Software Link: https://fortunescripts.com/product/lynda-clone/ # Version: 1.0 # Category: Webapps # Tested on...

Bus Booking Script 1.0 - 'txtname' SQL Injection <!-- # # # # # # Exploit Title: Bus Booking Script 1.0 - SQL Injection # Dork: N/A # Date: 13.12.2017 # Vendor Homepage: http://www.phpautoclassifiedscript.com/ # Software Link: http://www.phpautoclassifiedscript.com/bus-booking-script.html #...

Microsoft Office - Dynamic Data Exchange 'DDE' Payload Delivery (Metasploit) ## # This module requires Metasploit: https://metasploit.com/download # Current source: https://github.com/rapid7/metasploit-framework ## class MetasploitModule < Msf::Exploit::Remote Rank = ManualRanking...

Joomla! Component JEXTN Video Gallery 3.0.5 - 'id' SQL Injection # # # # # # Exploit Title: Joomla! Component JEXTN Video Gallery 3.0.5 - SQL Injection # Dork: N/A # Date: 13.12.2017 # Vendor Homepage: http://jextn.com/ # Software Link...

GNU C Library Dynamic Loader glibc ld.so - Memory Leak / Buffer Overflow Qualys Security Advisory Buffer overflow in glibc's ld.so ======================================================================== Contents ========================================================================...

Paid To Read Script 2.0.5 - 'uid' / 'fnum' / 'fn' SQL Injection # # # # # # Exploit Title: Paid To Read Script 2.0.5 - SQL Injection # Dork: N/A # Date: 13.12.2017 # Vendor Homepage: https://www.phpscriptsmall.com/ # Software Link: https://www.phpscriptsmall.com/product/paid-to-read-script/ #...

Apple macOS - Kernel Code Execution due to Lack of Bounds Checking in AppleIntelCapriController::GetLinkConfig /* Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1375 AppleIntelCapriController::GetLinkConfig trusts a user-supplied value in the structure input which it uses...

Apple macOS/iOS - Kernel Double Free due to Incorrect API Usage in Flow Divert Socket Option Handling /* Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1373 SO_FLOW_DIVERT_TOKEN is a socket option on the SOL_SOCKET layer. It's implemented by flow_divert_token_set(struct...

Joomla! Component JEXTN Question And Answer 3.1.0 - SQL Injection # # # # # # Exploit Title: Joomla! Component JEXTN Question And Answer 3.1.0 - SQL Injection # Dork: N/A # Date: 13.12.2017 # Vendor Homepage: http://jextn.com/ # Software Link...

Joomla! Component JBuildozer 1.4.1 - 'appid' SQL Injection # # # # # # Exploit Title: Joomla! Component JBuildozer 1.4.1 - SQL Injection # Dork: N/A # Date: 12.12.2017 # Vendor Homepage: http://jbuildozer.com/ # Software Link...