Clik here to view.
Tenda FH303/A300 Firmware V5.07.68_EN - Remote DNS Change
EDB-ID: 44381Author: Todor DonevPublished: 2018-03-30CVE: N/A Type: WebappsPlatform: ASPVulnerable App: N/A # # Tenda FH303/A300 Firmware V5.07.68_EN # Cookie Session Weakness Remote DNS Change PoC # #...
View ArticleClik here to view.
Vtiger CRM 6.3.0 - Authenticated Arbitrary File Upload (Metasploit)
EDB-ID: 44379Author: Touhid M.ShaikhPublished: 2018-03-30CVE: CVE-2016-1713 Type: WebappsPlatform: PHPAliases: N/AAdvisory/Source: N/ATags: Metasploit Framework (MSF)Vulnerable App: N/A # This module...
View ArticleClik here to view.
Faleemi Windows Desktop Software - (DDNS/IP) Local Buffer Overflow
EDB-ID: 44382Author: Himavanth ReddyPublished: 2018-03-30CVE: N/A Type: LocalPlatform: WindowsVulnerable App: Faleemi Desktop Software for Windows- (DDNS/IP) Local Buffer Overflow Vuln Description:...
View ArticleClik here to view.
MiniCMS 1.10 Cross Site Request Forgery
MiniCMS version 1.10 suffers from a cross site request forgery vulnerability.MD5 | 97c6dc6f6b82be0fcab7b002954881feDownload<--# Exploit Title: MiniCMS 1.10 CSRF Vulnerability# Date: 2018-03-28#...
View ArticleClik here to view.
osCommerce 2.3.4.1 Remote Code Execution
osCommerce version 2.3.4.1 suffers from a code execution vulnerability.MD5 | 6f7265771c718c685efc486888ad79f0Download# Exploit Title: osCommerce 2.3.4.1 Remote Code Execution# Date: 29.0.3.2018#...
View ArticleClik here to view.
Joomla Acymailing Starter 5.9.5 CSV Macro Injection
Joomla Acymailing Starter component version 5.9.5 suffers from a CSV macro injection vulnerability.MD5 | 7380103268de41373ddb632cdbae3bcdDownload# Exploit Title: Joomla! Component Acymailing Starter...
View ArticleClik here to view.
WordPress Contact Form 7 To Database Extension 2.10.32 CSV Injection
WordPress Contact Form 7 to Database Extension plugin version 2.10.32 suffers from a CSV injection vulnerability.MD5 | d056556b41893a0bc49c21fed4a47543Download# Exploit Title : Contact Form 7 to...
View ArticleClik here to view.
Nginx 1.13.10 Accept-Encoding Line Feed Injection
Nginx version 1.3.10 may suffer from a line feed injection issue in its Accept-Encoding header.MD5 | e34c40aec4ccadf96254f66606e9bfaeDownload// Underground_Agency (UA) - (koa, bacL, g3kko,...
View ArticleClik here to view.
Frog CMS 0.9.5 Cross Site Request Forgery
Frog CMS version 0.9.5 suffers from a cross site request forgery vulnerability.MD5 | 3ce17661ab9805b355896a7666068e2dDownload# Exploit Title:aa Cross Site Request Forgery- Frog CMS# Date: 31-03-2018#...
View ArticleClik here to view.
Homematic CCU2 2.29.23 Arbitrary File Write
Homematic CCU2 version 2.29.23 suffers from an arbitrary file write vulnerability.MD5 | 009117d41ee7e2bc477a58b95a3c2182Download#!/usr/bin/ruby# Exploit Title: Homematic CCU2 Arbitrary File Write#...
View ArticleClik here to view.
DotNetNuke DNNarticle Directory Traversal
The DNNarticle module in DotNetNuke version 11 suffers from a directory traversal vulnerability.MD5 | f2257e5d010096de5399fbe05af13b4fDownload ##############################01. ### Advisory Information...
View ArticleClik here to view.
VideoFlow Digital Video Protection DVP 10 Authenticated Directory Traversal
VideoFlow Digital Video Protection DVP 10 version 2.10 suffers from an authenticated arbitrary file disclosure vulnerability including no session expiration. Input passed via the 'ID' parameter in...
View ArticleClik here to view.
VideoFlow Digital Video Protection DVP 10 Authenticated Root Remote Code...
VideoFlow Digital Video Protection DVP 10 version 2.10 suffers from authenticated remote code execution vulnerability. Including a cross site request forgery vulnerability, a remote attacker can...
View ArticleClik here to view.
D-Link DIR-601 Admin Password Disclosure
D-Link DIR-601 suffers from an administrative password disclosure vulnerability.MD5 | 40a6025fc8e6ae90da64784c850bfc84Download# Exploit Title: DLink DIR-601 Unauthenticated Admin password disclosure#...
View ArticleClik here to view.
IBM Virtual Security Operations Center (VSOC) Cross Site Scripting
IBM Virtual Security Operations Center (VSOC) suffers from a cross site scripting vulnerability.MD5 | 730874343abb82714bb5f8a229fd5b6dDownload# Exploit Title: IBM Virtual Security Operations Center...
View ArticleClik here to view.
WebLog Expert Enterprise 9.4 Privilege Escalation
WebLog Expert Enterprise version 9.4 suffers from a privilege escalation vulnerability.MD5 | 21e2f82d1153349195d1ab250999713fDownloadExploit Author: bzyoTwitter: @bzyo_Exploit Title: WebLog Expert...
View ArticleClik here to view.
WampServer 3.1.2 Cross Site Request Forgery
WampServer version 3.1.2 suffers from a cross site request forgery vulnerability.MD5 | 4139924603829682cf0be995ba66e7f0Download# Exploit Title: WampServer 3.1.2 CSRF to add or delete any virtual...
View ArticleClik here to view.
Secutech RiS-11/RiS-22/RiS-33 5.07.52_es_FRI01 Remote DNS Changer
Secutech RiS-11/RiS-22/RiS-33 version 5.07.52_es_FRI01 remote DNS changer proof of concept exploit.MD5 | b9610e5f8f43db01a247cd469065591eDownload### Secutech RiS-11/RiS-22/RiS-33 V5.07.52_es_FRI01#...
View ArticleClik here to view.
OpenCMS 10.5.3 - Cross-Site Request Forgery
EDB-ID: 44391Author: Sureshbabu NarvaneniPublished: 2018-04-02CVE: CVE-2018-8811 Type: WebappsPlatform: PHPVulnerable App: N/A Injection # Google Dork: N/A # Date: 02-04-2018...
View ArticleClik here to view.
OpenCMS 10.5.3 - Cross-Site Scripting
EDB-ID: 44392Author: Sureshbabu NarvaneniPublished: 2018-04-02CVE: CVE-2018-8815 Type: WebappsPlatform: PHPVulnerable App: N/A # Google Dork: N/A # Date: 02-04-2018...
View Article