Clik here to view.
Trend Micro Threat Discovery Appliance 2.6.1062r1 - 'dlp_policy_upload.cgi'...
EDB-ID: 43920Author: mr_mePublished: 2018-01-28CVE: N/A Type: RemotePlatform: LinuxVulnerable App: N/A """ Trend Micro Threat Discovery Appliance <= 2.6.1062r1 dlp_policy_upload.cgi Remote Code...
View ArticleClik here to view.
Joomla! Component JS Support Ticket 1.1.0 - Cross-Site Request Forgery
EDB-ID: 43912Author: Ihsan SencanPublished: 2018-01-28CVE: CVE-2018-6007 Type: WebappsPlatform: PHPVulnerable App: N/A # # # # # # Exploit Title: Joomla! Component JS Support Ticket 1.1.0 - Cross-Site...
View ArticleClik here to view.
Multilanguage Real Estate MLM Script 3.0 - 'srch' SQL Injection
EDB-ID: 43917Author: Ihsan SencanPublished: 2018-01-28CVE: N/A Type: WebappsPlatform: PHPVulnerable App: N/A # Exploit Title: Multilanguage Real Estate MLM Script <= 3.0 - SQL Injection # Dork: N/A...
View ArticleClik here to view.
Linux/ARM - Reverse TCP (192.168.1.1:4444/TCP) Shell (/bin/sh) Null Free...
EDB-ID: 43921Author: rtmcxPublished: 2018-01-28CVE: N/A Type: ShellcodePlatform: ARMShellcode: Download / View Raw Shellcode Size: 80 bytes * Title: Linux/ARM - Reverse Shell TCP (/bin/sh). Null free...
View ArticleClik here to view.
KeystoneJS < 4.0.0-beta.7 - Cross-Site Request Forgery
EDB-ID: 43922Author: Saurabh BanawarPublished: 2018-01-28CVE: CVE-2017-16570 Type: WebappsPlatform: NodeJSVulnerable App: N/A # Date: Sep, 2017 # Exploit Author: Saurabh Banawar # Vendor Homepage:...
View ArticleClik here to view.
PACSOne Server 6.6.2 DICOM Web Viewer - SQL Injection
EDB-ID: 43908Author: Carlos AvilaPublished: 2018-01-28CVE: N/A Type: WebappsPlatform: PHPVulnerable App: N/A # Date: 08/14/2017 # Software Link: http://www.pacsone.net/download.htm # Version: PACSOne...
View ArticleClik here to view.
PACSOne Server 6.6.2 DICOM Web Viewer - Directory Trasversal
EDB-ID: 43907Author: Carlos AvilaPublished: 2018-01-28CVE: N/A Type: WebappsPlatform: PHPVulnerable App: N/A # Date: 08/14/2017 # Software Link: http://www.pacsone.net/download.htm # Google Dork:...
View ArticleClik here to view.
Joomla! Component Jtag Members Directory 5.3.7 - Arbitrary File Download
EDB-ID: 43913Author: Ihsan SencanPublished: 2018-01-28CVE: CVE-2018-6008 Type: WebappsPlatform: PHPVulnerable App: N/A # Exploit Title: Joomla! Component Jtag Members Directory 5.3.7 - Arbitrary File...
View ArticleClik here to view.
Hot Scripts Clone - 'subctid' SQL Injection
EDB-ID: 43916Author: Ihsan SencanPublished: 2018-01-28CVE: N/A Type: WebappsPlatform: PHPVulnerable App: N/A # Exploit Title: Hot Scripts Clone Script 1.0 - SQL Injection # Dork: N/A # Date: 27.01.2018...
View ArticleClik here to view.
TSiteBuilder 1.0 - SQL Injection
EDB-ID: 43915Author: Ihsan SencanPublished: 2018-01-28CVE: N/A Type: WebappsPlatform: PHPVulnerable App: N/A # Exploit Title: TSiteBuilder 1.0 - SQL Injection # Dork: N/A # Date: 27.01.2018 # Vendor...
View ArticleClik here to view.
Linux/x86 - Egghunter Shellcode (12 Bytes)
EDB-ID: 43910Author: Nipun JaswalPublished: 2018-01-28CVE: N/A Type: ShellcodePlatform: Linux_x86Shellcode: Download / View Raw Shellcode Size: 12 bytes Title: Linux/x86 - EggHunter Shellcode (12...
View ArticleClik here to view.
Buddy Zone 2.9.9 - SQL Injection
EDB-ID: 43918Author: Ihsan SencanPublished: 2018-01-28CVE: N/A Type: WebappsPlatform: PHPVulnerable App: N/A # Exploit Title: Vastal I-Tech Facebook Clone 2.9.9 - SQL Injection # Dork: N/A # Date:...
View ArticleClik here to view.
Nexpose < 6.4.66 - Cross-Site Request Forgery
EDB-ID: 43911Author: Shwetabh VishnoiPublished: 2018-01-28CVE: CVE-2017-5264 Type: WebappsPlatform: MultipleVulnerable App: N/A # Release Date: [2017-12-13] # Exploit Author: [Shwetabh Vishnoi] # Link:...
View ArticleClik here to view.
RETIRED: Jenkins CVE-2017-1000392 HTML Injection Vulnerability
Jenkins is prone to an HTML-injection vulnerability because it fails to properly sanitize user-supplied input. Successful exploits will result in the execution of arbitrary attacker-supplied HTML and...
View ArticleClik here to view.
macOS - 'sysctl_vfs_generic_conf' Stack Leak Through Struct Padding
EDB-ID: 43923Author: Google Security ResearchPublished: 2018-01-29CVE: CVE-2018-4090 Type: DosPlatform: macOSAliases: N/AAdvisory/Source: LinkTags: N/AVulnerable App: N/A The sysctls vfs.generic.conf.*...
View ArticleClik here to view.
Oracle WebLogic - wls-wsat Component Deserialization Remote Code Execution...
EDB-ID: 43924Author: MetasploitPublished: 2018-01-29CVE: CVE-2017-10271 Type: RemotePlatform: MultipleAliases: N/AAdvisory/Source: LinkTags: Metasploit Framework (MSF), RemoteVulnerable App: N/A # This...
View ArticleClik here to view.
Arq 5.10 - Local root Privilege Escalation
EDB-ID: 43925Author: Mark WadhamPublished: 2018-01-29CVE: CVE-2017-16928 Type: LocalPlatform: macOSAliases: N/AAdvisory/Source: LinkTags: LocalVulnerable App: N/A...
View ArticleClik here to view.
Arq 5.10 - Local root Privilege Escalation (2)
EDB-ID: 43926Author: Mark WadhamPublished: 2018-01-29CVE: CVE-2017-16945 Type: LocalPlatform: macOSAliases: N/AAdvisory/Source: LinkTags: LocalVulnerable App: N/A...
View ArticleClik here to view.
HPE iMC 7.3 - RMI Java Deserialization
EDB-ID: 43927Author: Chris LynePublished: 2018-01-30CVE: CVE-2017-5792 Type: RemotePlatform: WindowsVulnerable App: N/A # Date: 01-28-2018 # Exploit Author: Chris Lyne (@lynerc) # Vendor Homepage:...
View ArticleClik here to view.
Advantech WebAccess < 8.3 - SQL Injection
EDB-ID: 43928Author: Chris LynePublished: 2018-01-30CVE: CVE-2017-16716 Type: WebappsPlatform: WindowsVulnerable App: N/A # Exploit Title: Advantech WebAccess BWSCADARest Login Method SQL Injection...
View Article