Clik here to view.
Prisma Industriale Checkweigher PrismaWEB 1.21 Authentication Bypass
Prisma Industriale Checkweigher PrismaWEB version 1.21 suffers from a disclosure of hard-coded credentials allowing an attacker to effectively bypass authentication.MD5 |...
View ArticleClik here to view.
Chromium Android Writable SharedMemory Descriptors
Chromium suffers from an issues where read-only SharedMemory descriptors on Android are writable.MD5 | 08491d011bf32134fe1395fcf9073825DownloadSource:packetstormsecurity.com
View ArticleClik here to view.
Chromium mojo::WrapSharedMemoryHandle Insufficient Call
Chromium suffers from an issue where calling mojo::WrapSharedMemoryHandle is insufficient to produce read-only descriptors for IPC.MD5 |...
View ArticleClik here to view.
Chromium memory_instrumentation::mojom::Coordinator Information Disclosure
Chromium suffers from an information disclosure vulnerability via the memory_instrumentation::mojom::Coordinator interface in the resource_coordinator service.MD5 |...
View ArticleClik here to view.
SecurEnvoy SecurMail 9.1.501 XSS / CSRF / Traversal
SecurEnvoy SecurMail version 9.1.501 suffers from cross site request forgery, cross site scripting, insecure direct object reference, missing authentication and authorization, and path traversal...
View ArticleClik here to view.
Sony Playstation 4 (PS4) 4.55 < 5.50 - WebKit Code Execution (PoC)
EDB-ID: 44282Author: qwertyoruiopPublished: 2018-03-10CVE: N/A Type: LocalPlatform: HardwareAliases: N/AAdvisory/Source: LinkTags: N/AVulnerable App: N/A <html> <body> <script>...
View ArticleClik here to view.
MikroTik RouterOS < 6.38.4 (MIPSBE) - 'Chimay Red' Stack Clash Remote Code...
EDB-ID: 44283Author: Lorenzo SantinaPublished: 2018-03-12CVE: N/A Type: RemotePlatform: HardwareAliases: N/AAdvisory/Source: LinkTags: N/AVulnerable App: N/A # Mikrotik Chimay Red Stack Clash Exploit...
View ArticleClik here to view.
MikroTik RouterOS < 6.38.4 (x86) - 'Chimay Red' Stack Clash Remote Code...
EDB-ID: 44284Author: Lorenzo SantinaPublished: 2018-03-12CVE: N/A Type: RemotePlatform: HardwareAliases: N/AAdvisory/Source: LinkTags: N/AVulnerable App: N/A # Mikrotik Chimay Red Stack Clash Exploit...
View ArticleClik here to view.
SecurEnvoy SecurMail 9.1.501 - Multiple Vulnerabilities
EDB-ID: 44285Author: SEC ConsultPublished: 2018-03-13CVE: CVE-2018-7701... Type: WebappsPlatform: ASPXVulnerable App: N/A ======================================================================= title:...
View ArticleClik here to view.
Tuleap 9.17.99.189 - Blind SQL Injection
EDB-ID: 44286Author: Cristiano MarutiPublished: 2018-03-13CVE: CVE-2018-7538 Type: WebappsPlatform: PHPAliases: N/AAdvisory/Source: N/ATags: Blind SQL Injection (bSQLi)Vulnerable App: title: Tuleap SQL...
View ArticleClik here to view.
Shopware 5.3.7 Cross Site Request Forgery
Shopware versions 4.0.1 through 5.3.7 suffer from a cross site request forgery vulnerability. Malicious, third-party websites may abuse this API to list, add or remove products from a user's cart.MD5 |...
View ArticleClik here to view.
Adobe Flash Player CVE-2018-4919 Use After Free Remote Code Execution...
Adobe Flash Player is prone to an unspecified remote code-execution vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the user running the affected...
View ArticleClik here to view.
Advantech WebAccess Directory Traversal / Remote Code Execution
Advantech WebAccess versions less than 8.3 suffer from directory traversal and remote code execution vulnerabilities.MD5 | e67eb41a2e88e0a2d0c8cb8b0a15388bDownload#!/usr/bin/python2.7# Exploit Title:...
View ArticleClik here to view.
ACL Analytics 13.0.0.579 Arbitrary Code Execution
ACL Analytics versions 11.x through 13.0.0.579 suffer from a code execution vulnerability.MD5 | 370a580d896af04875904ff83aa58c20Download# Exploit Title: Arbitrary Code Execution# Google Dork: N/A#...
View ArticleClik here to view.
MikroTik RouterOS Chimay Red Stack Clash Remote Code Execution
MikroTik RouterOS versions prior to 6.38.4 (x86) Chimay Red stack clash remote code execution exploit.MD5 | fa75bb56a5777825b631d7238931d52bDownload#!/usr/bin/env python2# Mikrotik Chimay Red Stack...
View ArticleClik here to view.
Sony Playstation 4 (PS4) WebKit Code Execution
Sony Playstation 4 (PS4) versions 4.55 up to 5.50 WebKit code execution proof of concept exploit.MD5 | be722966f2a039f227ac24c90436ab4eDownload<--- index.html...
View ArticleClik here to view.
MikroTik RouterOS Chimay Red Stack Clash Remote Code Execution
MikroTik RouterOS versions prior to 6.38.4 (MIPSBE) Chimay Red stack clash remote code execution exploit.MD5 | f3f5dcd2d2e5f242462e44acb2fc45aeDownload#!/usr/bin/env python3# Mikrotik Chimay Red Stack...
View ArticleClik here to view.
Textpattern 4.6.2 SQL Injection
Textpattern versions 4.6.2 and below suffer from a remote SQL injection vulnerability.MD5 | 6dc7817cd74785b8fc7670aa22165775Download=============================================MGC ALERT 2018-002-...
View ArticleClik here to view.
ManageEngine Applications Manage 13.5 Remote Code Execution
This Metasploit module exploits command injection vulnerability in the ManageEngine Application Manager product. An unauthenticated user can execute a operating system command under the context of...
View ArticleClik here to view.
OSIsoft PI Vision Cross Site Scripting and Information Disclosure...
OSIsoft PI Vision is prone to a cross-site scripting vulnerability and multiple information-disclosure vulnerabilities. An attacker may leverage these issues to obtain potentially sensitive...
View Article