Clik here to view.
Shopware 5.2.5 / 5.3 Cross Site Scripting
Shopware versions 5.2.5 and 5.3 suffer from multiple cross site scripting vulnerabilities.MD5 | 5f5351510b7d98d6bccbea93109fa0c5DownloadDocument Title:===============Shopware 5.2.5 & v5.3 -...
View ArticleClik here to view.
CentOS Web Panel 0.9.8.12 Cross Site Scripting
CentOS Web Panel version 0.9.8.12 suffers from multiple cross site scripting vulnerabilities.MD5 | d4e1642698943201c71ed84ba0b37e4eDownloadDocument Title:===============CentOS Web Panel v0.9.8.12 -...
View ArticleClik here to view.
DarkComet (C2 Server) - File Upload
EDB-ID: 43847Author: Pseudo LaboratoriesPublished: 2018-01-15CVE: N/A Type: WebappsPlatform: MultipleAliases: N/AAdvisory/Source: LinkTags: MalwareVulnerable App: N/A # # EDB Note: Source ~...
View ArticleClik here to view.
Oracle JDeveloper 11.1.x/12.x - Directory Traversal
EDB-ID: 43848Author: hyp3rlinxPublished: 2018-01-21CVE: CVE-2017-10273 Type: WebappsPlatform: JavaVulnerable App: N/A [+] Website: hyp3rlinx.altervista.org [+] Source:...
View ArticleClik here to view.
Shopware 5.2.5/5.3 - Cross-Site Scripting
EDB-ID: 43849Author: Vulnerability-LabPublished: 2018-01-21CVE: CVE-2017-15374 Type: WebappsPlatform: JSONVulnerable App: N/A =============== Shopware 5.2.5 & v5.3 - Multiple Cross Site Scripting...
View ArticleClik here to view.
CentOS Web Panel 0.9.8.12 - Multiple Vulnerabilities
EDB-ID: 43850Author: Vulnerability-LabPublished: 2018-01-21CVE: N/A Type: WebappsPlatform: PHPVulnerable App: N/A =============== CentOS Web Panel v0.9.8.12 - Multiple Persistent Web Vulnerabilities...
View ArticleClik here to view.
PHPFreeChat 1.7 - Denial of Service
EDB-ID: 43852Author: A. PakbazPublished: 2018-01-21CVE: CVE-2018-5954 Type: WebappsPlatform: PHPVulnerable App: N/A # Version: 1.7 and earlier # Date: 21/01/2018 # Vendor Homepage:...
View ArticleClik here to view.
OTRS 5.0.x/6.0.x - Remote Command Execution
EDB-ID: 43853Author: Bæln0rnPublished: 2018-01-21CVE: CVE-2017-16921 Type: WebappsPlatform: PerlVulnerable App: # Date: 21-01-2018 # Exploit Author: Bæln0rn # Vendor Homepage: https://www.otrs.com/ #...
View ArticleClik here to view.
Moodle CVE-2018-1044 Unauthorized Access Vulnerability
Moodle is prone to an unauthorized-access vulnerability. Attackers can exploit this issue to gain unauthorized access and perform unauthorized actions. This may aid in further attacks.Moodle 3.1...
View ArticleClik here to view.
Apache Hadoop 0.23.x Private File Disclosure
A vulnerability allows a cluster user to expose private files owned by the user running the MapReduce job history server process. The malicious user can construct a configuration file containing XML...
View ArticleClik here to view.
Linux x86 ROT-N + Shift-N + XOR-N Encoded /bin/sh Shellcode
77 bytes small Linux/x86 ROT-N + Shift-N + XOR-N encoded /bin/sh shellcode. Tested on Ubuntu 12.04.5 LTS.MD5 | c4e2f2606edd62c35ccc15418da04f55Download/*#################################### Description...
View ArticleClik here to view.
NEC Univerge SV9100/SV8100 WebPro 10.0 Remote Configuration Download
NEC Univerge SV9100/SV8100 WebPro version 10.0 suffers from a remote configuration download vulnerability. The gzipped telephone system configuration file 'config.gz' or 'config.pcpx' that contains the...
View ArticleClik here to view.
Blizzard Agent RPC Auth DNS Rebinding
Blizzard's agent rpc authentication mechanism is vulnerable to DNS rebinding attacks.MD5 | b6789d74b5b3b1095d488a9c4d2dcf9dDownloadSource:packetstormsecurity.com
View ArticleClik here to view.
MixPad 5.00 - Buffer Overflow
EDB-ID: 43854Author: bzyoPublished: 2018-01-23CVE: N/A Type: DosPlatform: WindowsVulnerable App: # # Exploit Author: bzyo # Twitter: @bzyo_ # Exploit Title: NCH Software MixPad v5.00 - Unicode Buffer...
View ArticleClik here to view.
CentOS Web Panel 0.9.8.12 - 'row_id' / 'domain' SQL Injection
EDB-ID: 43855Author: Vulnerability-LabPublished: 2018-01-23CVE: N/A Type: WebappsPlatform: PHPVulnerable App: N/A =============== CentOS Web Panel v0.9.8.12 - Remote SQL Injection Vulnerabilities...
View ArticleClik here to view.
RAVPower 2.000.056 - Memory Disclosure
EDB-ID: 43856Author: Daniele LinguaglossaPublished: 2018-01-23CVE: CVE-2018-5319 Type: DosPlatform: HardwareVulnerable App: N/A # Exploit Title: RAVPower - remote stack disclosure # Date: 22/01/2018 #...
View ArticleClik here to view.
Cisco Policy Suite CVE-2018-0089 Information Disclosure Vulnerability
Cisco Policy Suite is prone to an information-disclosure vulnerability. An attacker can exploit this issue to obtain sensitive information. This may aid in further attacks. This issue is being tracked...
View ArticleClik here to view.
NEC Univerge SV9100/SV8100 WebPro 10.0 - Configuration Download
EDB-ID: 43858Author: LiquidWormPublished: 2018-01-23CVE: N/A Type: WebappsPlatform: MultipleVulnerable App: N/A Vendor: NEC Corporation Product web page: http://www.nec.com Affected version: WebPro...
View ArticleClik here to view.
HP Connected Backup 8.6/8.8.6 - Local Privilege Escalation
EDB-ID: 43857Author: Peter LappPublished: 2018-01-23CVE: CVE-2017-14355 Type: LocalPlatform: WindowsVulnerable App: N/A import os import sys import time import requests from bs4 import BeautifulSoup...
View ArticleClik here to view.
RSVP Invitation Online 1.0 - Cross-Site Request Forgery (Update Admin)
EDB-ID: 43862Author: Ihsan SencanPublished: 2018-01-23CVE: CVE-2018-5976 Type: WebappsPlatform: PHPVulnerable App: N/A # # # # # # Exploit Title: RSVP Invitation Online 1.0 - Cross-Site Request Forgery...
View Article