Clik here to view.
glibc '$ORIGIN' Expansion Privilege Escalation
This Metasploit module attempts to gain root privileges on Linux systems by abusing a vulnerability in the GNU C Library (glibc) dynamic linker. glibc ld.so in versions before 2.11.3, and 2.12.x before...
View ArticleClik here to view.
WordPress Bookly Lite 13.2 Cross Site Scripting
WordPress Bookly Lite plugin version 13.2 suffers from a persistent cross site scripting vulnerability.MD5 | 112e7dd3b55bbb6e67772fd4f3728bd9DownloadIn January I found a stored XSS in Bookly WP Plugin...
View ArticleClik here to view.
Paypal Clone Script 1.0.9 - 'id' / 'acctype' SQL Injection
EDB-ID: 44017Author: L0RDPublished: 2018-02-11CVE: N/A Type: WebappsPlatform: PHPVulnerable App: N/A # Dork: N/A # Date: 2018-02-10 # Exploit Author: Borna nematzadeh (L0RD) or...
View ArticleClik here to view.
SoapUI 5.3.0 Code Execution
SoapUI suffers from an arbitrary code execution vulnerability via a maliciously imported project.MD5 | af94c76942326df1e15c78f2c95be4bcDownloadDocument Title:===============SoapUI Arbitrary Code...
View ArticleClik here to view.
Juju-run Agent Privilege Escalation
This Metasploit module attempts to gain root privileges on Juju agent systems running the juju-run agent utility. Juju agent systems running agent tools prior to version 1.25.12, 2.0.x before 2.0.4,...
View ArticleClik here to view.
Mandos Encrypted File System Unattended Reboot Utility 1.7.17
The Mandos system allows computers to have encrypted root file systems and at the same time be capable of remote or unattended reboots. The computers run a small client program in the initial RAM disk...
View ArticleClik here to view.
Readymade Video Sharing Script 3.2 - 'search' SQL Injection
EDB-ID: 44018Author: Varun BagariaPublished: 2018-02-11CVE: N/A Type: WebappsPlatform: PHPVulnerable App: N/A # Exploit Title: Readymade Video Sharing Script - SQL Injection (Error Based) # Google...
View ArticleClik here to view.
LogicalDOC Enterprise 7.7.4 - Directory Traversal
EDB-ID: 44019Author: LiquidWormPublished: 2018-02-12CVE: N/A Type: WebappsPlatform: JavaVulnerable App: N/A Vendor: LogicalDOC Srl Product web page: https://www.logicaldoc.com Affected version: 7.7.4...
View ArticleClik here to view.
LogicalDOC Enterprise 7.7.4 - User Enumeration
EDB-ID: 44020Author: LiquidWormPublished: 2018-02-12CVE: N/A Type: WebappsPlatform: JavaVulnerable App: N/A Vendor: LogicalDOC Srl Product web page: https://www.logicaldoc.com Affected version: 7.7.4...
View ArticleClik here to view.
LogicalDOC Enterprise 7.7.4 - Root Remote Code Execution
EDB-ID: 44021Author: LiquidWormPublished: 2018-02-12CVE: N/A Type: WebappsPlatform: JavaVulnerable App: N/A Vendor: LogicalDOC Srl Product web page: https://www.logicaldoc.com Affected version: 7.7.4...
View ArticleClik here to view.
LibreOffice < 6.0.1 - '=WEBSERVICE' Remote Arbitrary File Disclosure
EDB-ID: 44022Author: Mikhail KlementevPublished: 2018-02-10CVE: CVE-2018-6871 Type: RemotePlatform: LinuxAliases: N/AAdvisory/Source: LinkTags: N/AVulnerable App: N/A...
View ArticleClik here to view.
Juju-run Agent - Privilege Escalation (Metasploit)
EDB-ID: 44023Author: MetasploitPublished: 2018-02-12CVE: CVE-2017-9232 Type: LocalPlatform: LinuxAliases: N/AAdvisory/Source: LinkTags: Metasploit Framework (MSF)Vulnerable App: N/A # This module...
View ArticleClik here to view.
glibc - LD_AUDIT Arbitrary DSO Load Privilege Escalation (Metasploit)
EDB-ID: 44025Author: MetasploitPublished: 2018-02-12CVE: CVE-2010-3847... Type: LocalPlatform: LinuxAliases: N/AAdvisory/Source: LinkTags: Metasploit Framework (MSF), LocalVulnerable App: N/A # This...
View ArticleClik here to view.
glibc - '$ORIGIN' Expansion Privilege Escalation (Metasploit)
EDB-ID: 44024Author: MetasploitPublished: 2018-02-12CVE: CVE-2010-3847 Type: LocalPlatform: LinuxAliases: N/AAdvisory/Source: LinkTags: Metasploit Framework (MSF), LocalVulnerable App: N/A # This...
View ArticleClik here to view.
Readymade Video Sharing Script 3.2 SQL Injection
Readymade Video Sharing Script version 3.2 suffers from a remote SQL injection vulnerability.MD5 |...
View ArticleClik here to view.
Paypal / Money Transfer Clone Script 1.0.9 SQL Injection
Paypal / Money Transfer Clone Script version 1.0.9 suffers from a remote SQL injection vulnerability.MD5 | 3c06a3a40d3c1be8a884ee1cb6267931Download# Exploit Title: Paypal / Money Transfer Clone Script...
View ArticleClik here to view.
LogicalDOC Enterprise 7.7.4 Reflected Cross Site Scripting
LogicalDOC Enterprise version 7.7.4 suffers from reflected cross site scripting vulnerabilities.MD5 | 86803762f6ec08d63b2138780616ee41Download<!--LogicalDOC Enterprise 7.7.4 Reflected Cross-Site...
View ArticleClik here to view.
LogicalDOC Enterprise 7.7.4 Directory Traversal
LogicalDOC Enterprise version 7.7.4 suffers from directory traversal vulnerabilities.MD5 | 9ee220e0a17d5ba3310790d0d9187453DownloadLogicalDOC Enterprise 7.7.4 Multiple Directory Traversal...
View ArticleClik here to view.
LogicalDOC Enterprise 7.7.4 Username Enumeration Weakness
LogicalDOC Enterprise version 7.7.4 suffers from a username enumeration weakness vulnerability.MD5 | 7eb4ae7f1eb49cf2bba6c2410c67f20eDownloadLogicalDOC Enterprise 7.7.4 Username Enumeration...
View ArticleClik here to view.
LogicalDOC Enterprise 7.7.4 Post-Auth Command Execution
LogicalDOC Enterprise version 7.7.4 suffers from a post-authentication command execution vulnerability via binary path manipulation.MD5 | e3fe47ad35b3d7c50efc277593f5c2e8DownloadLogicalDOC Enterprise...
View Article