Clik here to view.
OpenStego Free Steganography Solution 0.7.2
OpenStego is a tool implemented in Java for generic steganography, with support for password-based encryption of the data. It supports plugins for various steganographic algorithms (currently, only...
View ArticleClik here to view.
Adobe Connect Multiple Security Vulnerabilities
Adobe Connect is prone to multiple security vulnerabilities. Successfully exploiting these issues may allow attackers to bypass security restrictions, gain unauthorized access to the affected...
View ArticleClik here to view.
ImageMagick CVE-2017-17681 Denial of Service Vulnerability
ImageMagick is prone to a denial-of-service vulnerability. An attacker may exploit this issue to cause CPU exhaustion, resulting in denial-of-service conditions. ImageMagick 7.0.7-12 is vulnerable;...
View ArticleClik here to view.
Linux kernel < 4.10.15 - Race Condition Privilege Escalation
EDB-ID: 43345Author: anonymousPublished: 2017-12-15CVE: CVE-2017-10661 Type: LocalPlatform: LinuxVulnerable App: N/A * PoC for CVE-2017-10661, triggers UAF with KASan enabled in kernel 4.10 */ #include...
View ArticleClik here to view.
Zoom Linux Client 2.0.106600.0904 - Command Injection
EDB-ID: 43354Author: ConvisoPublished: 2017-12-18CVE: CVE-2017-15049 Type: DosPlatform: LinuxAliases: N/AAdvisory/Source: LinkTags: N/AVulnerable App: N/A 1. Advisory Information Conviso Advisory ID:...
View ArticleClik here to view.
Joomla! Component My Projects 2.0 - SQL Injection
EDB-ID: 43358Author: Ihsan SencanPublished: 2017-12-18CVE: N/A Type: WebappsPlatform: PHPVulnerable App: N/A # Exploit Title: Joomla! Component My Projects 2.0 - SQL Injection # Dork: N/A # Date:...
View ArticleClik here to view.
Western Digital MyCloud - 'multi_uploadify' File Upload (Metasploit)
EDB-ID: 43356Author: MetasploitPublished: 2017-12-18CVE: CVE-2017-17560 Type: RemotePlatform: PHPAliases: N/AAdvisory/Source: LinkTags: Metasploit Framework (MSF)Vulnerable App: N/A # This module...
View ArticleClik here to view.
CDex 1.96 - Buffer Overflow
EDB-ID: 43352Author: bzyoPublished: 2017-12-18CVE: N/A Type: DosPlatform: WindowsVulnerable App: # # Exploit Author: bzyo # Twitter: @bzyo_ # Exploit Title: CDex 1.96 - Local Stack Buffer Overflow #...
View ArticleClik here to view.
Outlook for Android - Attachment Download Directory Traversal
EDB-ID: 43353Author: Google Security ResearchPublished: 2017-12-18CVE: N/A Type: RemotePlatform: AndroidAliases: N/AAdvisory/Source: LinkTags: N/AVulnerable App: N/A There is a directory traversal...
View ArticleClik here to view.
Joomla! Component User Bench 1.0 - 'userid' SQL Injection
EDB-ID: 43357Author: Ihsan SencanPublished: 2017-12-18CVE: N/A Type: WebappsPlatform: PHPVulnerable App: N/A # Exploit Title: Joomla! Component User Bench 1.0 - SQL Injection # Dork: N/A # Date:...
View ArticleClik here to view.
Zoom Linux Client 2.0.106600.0904 - Stack-Based Buffer Overflow
EDB-ID: 43355Author: ConvisoPublished: 2017-12-18CVE: CVE-2017-15048 Type: DosPlatform: LinuxAliases: N/AAdvisory/Source: LinkTags: Buffer OverflowVulnerable App: N/A 1. Advisory Information Conviso...
View ArticleClik here to view.
Rapid7 Nexpose CVE-2017-5264 Cross Site Request Forgery Vulnerability
Nexpose is prone to a cross-site request-forgery vulnerability.Exploiting this issue may allow a remote attacker to perform certain unauthorized actions and gain access to the affected application....
View ArticleClik here to view.
vBulletin 5 - 'cacheTemplates' Unauthenticated Remote Arbitrary File Deletion
EDB-ID: 43362Author: SecuriTeamPublished: 2017-12-13CVE: CVE-2017-17672 Type: WebappsPlatform: MultipleAliases: N/AAdvisory/Source: LinkTags: N/AVulnerable App: N/A Source:...
View ArticleClik here to view.
vBulletin 5 - 'routestring' Unauthenticated Remote Code Execution
EDB-ID: 43361Author: SecuriTeamPublished: 2017-12-13CVE: N/A Type: WebappsPlatform: MultipleAliases: N/AAdvisory/Source: LinkTags: N/AVulnerable App: N/A Source:...
View ArticleClik here to view.
WordPress Yakadanda Google+ Hangout Events 0.3.7 XSS
WordPress Yakadanda Google+ Hangout Events plugin version 0.3.7 suffers from a cross site scripting vulnerability.MD5 | 0cf37c2b6acfe4ef6a2fcef9bda9bcb5DownloadClass Input Validation ErrorRemote...
View ArticleClik here to view.
Clockwork SMS Cross Site Scripting
Eight different Clockwork SMS WordPress plugins suffer from cross site scripting vulnerabilities.MD5 |...
View ArticleClik here to view.
Joomla! Guru Pro SQL Injection
Joomla! Guru Pro component suffers from a remote SQL injection vulnerability.MD5 | 6bcc9ffa556598c711e6441c5ca6c96eDownload# # # # ## Exploit Title: Joomla! Component Guru Pro 'promocode'- SQL...
View ArticleClik here to view.
WIndows jscript!JsArraySlice Uninitialized Variable
There is an uninitialized variable vulnerability in jscript.dll. This issue could potentially be exploited through multiple vectors.MD5 | 07bd43902bf61cc1da46b2ac1db3304cDownloadWindows: Uninitialized...
View ArticleClik here to view.
CDex 1.96 Stack Buffer Overflow
CDex version 1.96 suffers from a local stack buffer overflow vulnerability.MD5 | d81dc1a4ab91adc10b15ae556ba4dc07Download#!/usr/bin/python## Exploit Author: bzyo# Twitter: @bzyo_# Exploit Title: CDex...
View ArticleClik here to view.
Joomla! My Projects 2.0 SQL Injection
Joomla! My Projects component version 2.0 suffers from a remote SQL injection vulnerability.MD5 | 1ee1a7305c003aca777f6b9ef8b13a9fDownload# # # # ## Exploit Title: Joomla! Component My Projects 2.0 -...
View Article