Clik here to view.
Oracle MySQL UDF Payload Execution
This Metasploit module creates and enables a custom UDF (user defined function) on the target host via the SELECT ... into DUMPFILE method of binary injection. On default Microsoft Windows...
View ArticleClik here to view.
Trend Micro Smart Protection Server - Session Hijacking / Log File...
EDB-ID: 43388Author: CoreLabsPublished: 2017-12-19CVE: CVE-2017-11398... Type: RemotePlatform: MultipleAliases: N/AAdvisory/Source: LinkTags: N/AVulnerable App: N/A ## 1. Advisory Information...
View ArticleClik here to view.
Kisisel Portfolyo Scripti 4.031 SQL Injection
Kisisel Portfolyo Scripti version 4.031 suffers from a remote SQL injection vulnerability.MD5 |...
View ArticleClik here to view.
Kurumsal Firma Scripti 2 SQL Injection
Kurumsal Firma version 2 suffers from a remote SQL injection vulnerability.MD5 | 1bd793e7f4bf1435b9620d5698b79d58Download========================================================================| #...
View ArticleClik here to view.
GetGo Download Manager 5.3.0.2712 Buffer Overflow
GetGo Download Manager version 5.3.0.2712 suffers from a buffer overflow vulnerability.MD5 | f7ccc852513bb0a9f11ee82f7f107cd1Download# Exploit Title: Buffer overflow vulnerability in GetGo Download...
View ArticleClik here to view.
News PHP 1.031 SQL Injection
News PHP version 1.031 suffers from a remote SQL injection vulnerability.MD5 | 90590b5eba822a955be805b62b4b2633Download========================================================================| # Title...
View ArticleClik here to view.
Ubiquiti UniFi Video 3.7.3 (Windows) Local Privilege Escalation
Ubiquiti UniFi Video version 3.7.3 (Windows) suffers from a local privilege escalation vulnerability due to insecure directory permissions.MD5 | a82e1d218ea5e2d055d53ff0277ba737DownloadRCE Security...
View ArticleClik here to view.
EMC VNX1 / VNX2 Family Cross Site Scripting
A fix is available for certain versions of VNX Control Station for VNX1 and VNX2 that contain a reflected cross site scripting vulnerability. This vulnerability could potentially be exploited by...
View ArticleClik here to view.
Vitek Remote Code Execution / Information Disclosure
Vitek suffers from remote code execution and information disclosure vulnerabilities.MD5 | 67181149efb9d820a28d085e1d6f3ac8Download[STX]Subject: Vitek RCE and Information Disclosure (and possible other...
View ArticleClik here to view.
COMTREND ADSL Router CT-5367 - Remote Code Execution
EDB-ID: 43389Author: TnMchPublished: 2017-12-26CVE: N/A Type: RemotePlatform: HardwareVulnerable App: N/A # Date: 11-12-2017 # Exploit Author: TnMch # Software Link : null # Type : HardWare # Risk of...
View ArticleClik here to view.
Ubiquiti UniFi Video 3.7.3 - Local Privilege Escalation
EDB-ID: 43390Author: Julien AhrensPublished: 2017-12-26CVE: CVE-2016-6914 Type: LocalPlatform: WindowsVulnerable App: N/A https://www.rcesecurity.com 1. ADVISORY INFORMATION =======================...
View ArticleClik here to view.
GetGo Download Manager 5.3.0.2712 - Buffer Overflow
EDB-ID: 43391Author: Aloyce J. MakalangaPublished: 2017-12-26CVE: CVE-2017-17849 Type: DosPlatform: WindowsVulnerable App: # CVE: CVE-2017-17849 # Date: 22-12-2017 # Tested on Windows 10 32 bits #...
View ArticleClik here to view.
Joomla! Component JEXTN FAQ Pro 4.0.0 - 'id' SQL Injection
EDB-ID: 43393Author: Ihsan SencanPublished: 2017-12-26CVE: CVE-2017-17875 Type: WebappsPlatform: PHPVulnerable App: N/A # Exploit Title: Joomla! Component JEXTN FAQ Pro 4.0.0 - SQL Injection # Dork:...
View ArticleClik here to view.
Biometric Shift Employee Management System 3.0 - Local File Disclosure
EDB-ID: 43394Author: Ihsan SencanPublished: 2017-12-26CVE: CVE-2017-17876 Type: WebappsPlatform: PHPVulnerable App: N/A # Exploit Title: Biometric Shift Employee Management System 3.0 - Local File...
View ArticleClik here to view.
Sendroid < 6.5.0 - SQL Injection
EDB-ID: 43395Author: Onwuka GideonPublished: 2017-12-26CVE: N/A Type: WebappsPlatform: PHPVulnerable App: N/A # Google Dork: "welcome to * SMS portal" # Date: 22/12/2017 # Exploit Author: Onwuka Gideon...
View ArticleClik here to view.
SilverStripe CMS 3.6.2 - CSV Excel Macro Injection
EDB-ID: 43396Author: Ishaq MohammedPublished: 2017-12-26CVE: N/A Type: WebappsPlatform: PHPVulnerable App: N/A Vendor Homepage: https://www.silverstripe.org/ Software Link:...
View ArticleClik here to view.
Sony Playstation 4 4.05 FW - Local Kernel Exploit
EDB-ID: 43397Author: SpecterPublished: 2017-12-27CVE: N/A Type: LocalPlatform: BSDAliases: N/ATags: N/AVulnerable App: N/A --- ## Summary In this project you will find a full implementation of the...
View ArticleClik here to view.
Easy!Appointments 1.2.1 - Cross-Site Scripting
EDB-ID: 43399Author: LiquidWormPublished: 2017-12-27CVE: N/A Type: WebappsPlatform: PHPVulnerable App: Vendor: Alex Tselegidis Product web page: http://www.easyappointments.org Affected version: 1.2.1...
View ArticleClik here to view.
Telesquare SKT LTE Router SDT-CS3B1 - Cross-Site Request Forgery
EDB-ID: 43400Author: LiquidWormPublished: 2017-12-27CVE: N/A Type: WebappsPlatform: HardwareVulnerable App: N/A Vendor: Telesquare Co., Ltd. Product web page: http://www.telesquare.co.kr Affected...
View ArticleClik here to view.
Telesquare SKT LTE Router SDT-CS3B1 - Denial of Service
EDB-ID: 43401Author: LiquidWormPublished: 2017-12-27CVE: N/A Type: DosPlatform: HardwareVulnerable App: N/A # # # Telesquare SKT LTE Router SDT-CS3B1 Remote Reboot Denial Of Service # # # Vendor:...
View Article