Clik here to view.
School Management Script 3.0.4 SQL Injection
School Management Script version 3.0.4 suffers from a remote SQL injection vulnerability that allows for authentication bypass.MD5 | d390ad349e460d35d8493fd77e7a9e2dDownload# Exploit Title: SQL...
View ArticleClik here to view.
ActivePDF Toolkit Code Execution
ActivePDF Toolkit versions prior to 8.1.0 suffer from multiple code execution vulnerabilities.MD5 | 63ce9599e9a3f793133d10673c89b97bDownloadActivePDF Toolkit < 8.1.0 multiple...
View ArticleClik here to view.
Sony Playstation 4 (PS4) 5.0x Code Execution
Sony Playstation 4 (PS4) 5.01 through 5.04 webkit code execution proof of concept exploit.MD5 | a43934fa8d5e7b94f0eaaf0e4f5fb50fDownloadSource:packetstormsecurity.com
View ArticleClik here to view.
ClipBucket SQL Injection / Command Injection / File Upload
ClipBucket versions prior to 4.0.0 Release 4902 suffer from OS command injection, arbitrary file upload, and remote SQL injection vulnerabilities.MD5 | 5f01efc19d73b84eb391886d4efcadc7DownloadSEC...
View ArticleClik here to view.
Apple iOS 11.2.5 / watchOS 4.2.2 / tvOS 11.2.5 bluetoothd Memory Corruption
Apple iOS version 11.2.5, watchOS version 4.2.2, and tvOS version 11.2.5 bluetoothd memory corruption proof of concept exploit.MD5 | 7d79bebc40c0934cc9aa2386f131cd30Download//// main.m//...
View ArticleClik here to view.
Routers2 2.24 Cross Site Scripting
Routers2 version 2.24 suffers from a cross site scripting vulnerability.MD5 | 05082de90f90321cffd27dcc0d0594ffDownload# Exploit Title: Routers2 2.24 - Reflected Cross-Site Scripting# Date: 18-01-18#...
View ArticleClik here to view.
AxxonSoft Axxon Next Directory Traversal
AxxonSoft Axxon Next suffers from a directory traversal vulnerability.MD5 | 8aa82dd140782ee575d7d92ca6ddea9eDownloadTitleAxxonSoft Axxon Next - AxxonSoft Client Directory Traversal via an...
View ArticleClik here to view.
TestLink Open Source Test Management Insecure Direct Object Reference
TestLink Open Source Test Management versions prior to 1.9.17 suffer from an insecure direct object reference.MD5 | 64c620e2f1d03d7aaf509219b7585ba8DownloadSEC Consult Vulnerability Lab Security...
View ArticleClik here to view.
Apple iOS 11.2.5 / watchOS 4.2.2 / tvOS 11.2.5 - 'bluetoothd' Memory Corruption
EDB-ID: 44215Author: Zimperium zLabs TeamPublished: 2018-02-28CVE: CVE-2018-4087 Type: DosPlatform: MultipleAliases: N/AAdvisory/Source: LinkTags: N/AVulnerable App: N/A // main.m // bluetoothdPoC //...
View ArticleClik here to view.
Routers2 2.24 - Cross-Site Scripting
EDB-ID: 44216Author: Lorenzo Di FucciaPublished: 2018-02-28CVE: CVE-2018-6193 Type: WebappsPlatform: PerlVulnerable App: N/A # Date: 18-01-18 # Vendor Homepage: http://www.steveshipway.org/software/ #...
View ArticleClik here to view.
D-Link DGS-3000-10TC Cross Site Request Forgery
D-Link DGS-3000-10TC with firmware 2.00.006 suffers from a cross site request forgery vulnerability.MD5 | 3eada4bfaab57fa02b4f2c5447fbd766DownloadHello list!There are Cross-Site Request Forgery...
View ArticleClik here to view.
Linux Kernel _sctp_make_chunk() Denial Of Service
Secunia Research has discovered a vulnerability in Linux Kernel, which can be exploited by malicious, local users to cause a DoS (Denial of Service). An error in the "_sctp_make_chunk()" function...
View ArticleClik here to view.
IrfanView 4.44 Email Plugin - Buffer Overflow (SEH)
EDB-ID: 44217Author: bzyoPublished: 2018-03-02CVE: N/A Type: LocalPlatform: WindowsVulnerable App: N/A # # Exploit Author: bzyo # Twitter: @bzyo_ # Exploit Title: IrfanView 4.44 Email PlugIn - Local...
View ArticleClik here to view.
IrfanView 4.50 Email Plugin - Buffer Overflow (SEH Unicode)
EDB-ID: 44218Author: bzyoPublished: 2018-03-02CVE: N/A Type: LocalPlatform: WindowsVulnerable App: # # Exploit Author: bzyo # Twitter: @bzyo_ # Exploit Title: IrfanView 4.50 Email PlugIn - Local Buffer...
View ArticleClik here to view.
D-Link DIR-600M Wireless - Cross-Site Scripting
EDB-ID: 44219Author: Prasenjit Kanti PaulPublished: 2018-03-02CVE: CVE-2018-6936 Type: WebappsPlatform: HardwareVulnerable App: N/A # Exploit Title: D-Link DIR-600M Wireless - Persistent Cross Site...
View ArticleClik here to view.
SEGGER embOS/IP FTP Server 3.22 - Denial of Service
EDB-ID: 44221Author: hyp3rlinxPublished: 2018-03-02CVE: CVE-2018-7449 Type: DosPlatform: WindowsVulnerable App: N/A [+] Website: hyp3rlinx.altervista.org [+] Source:...
View ArticleClik here to view.
Dovecot CVE-2017-14461 Out-Of-Bounds Read Information Disclosure Vulnerability
Dovecot is prone to an information-disclosure vulnerability. An attacker can exploit this issue to obtain sensitive information. Failed exploit attempts will result in a denial-of-service condition....
View ArticleClik here to view.
DualDesk 20 - 'Proxy.exe' Denial of Service
EDB-ID: 44222Author: hyp3rlinxPublished: 2018-03-02CVE: CVE-2018-7583 Type: DosPlatform: WindowsVulnerable App: N/A [+] Website: hyp3rlinx.altervista.org [+] Source:...
View ArticleClik here to view.
uWSGI < 2.0.17 - Directory Traversal
EDB-ID: 44223Author: Marios NicolaidesPublished: 2018-03-02CVE: CVE-2018-7490 Type: WebappsPlatform: PHPVulnerable App: # Date: 01-03-2018 # Exploit Author: Marios Nicolaides - RUNESEC # Reviewers:...
View ArticleClik here to view.
WordPress Plugin Polls 1.2.4 - SQL Injection (PoC)
EDB-ID: 44229Author: Manish TanwarPublished: 2017-10-22CVE: N/A Type: RemotePlatform: PHPAliases: N/AAdvisory/Source: LinkTags: N/AVulnerable App: N/A <br> Vulnerable version:<=1.2.4...
View Article