Clik here to view.
FiberHome VDSL2 Modem HG 150-UB - Authentication Bypass
EDB-ID: 44413Author: Noman RiffatPublished: 2018-04-06CVE: CVE-2018-9248 Type: WebappsPlatform: HardwareVulnerable App: N/A # Date: 04/03/2018 # Exploit Author: Noman Riffat # Vendor Homepage:...
View ArticleClik here to view.
DotNetNuke DNNarticle Module 11 - Directory Traversal
EDB-ID: 44414Author: Esmaeil RahimianPublished: 2018-04-06CVE: CVE-2018-9126 Type: WebappsPlatform: WindowsVulnerable App: N/A 01. ### Advisory Information ### Title: Directory Traversal Vulnerability...
View ArticleClik here to view.
LineageOS 14.1 Blueborne - RCE
EDB-ID: 44415Author: Marcin KozlowskiPublished: 2018-04-06CVE: CVE-2017-0781 Type: RemotePlatform: AndroidVulnerable App: N/A # Date: 04/01/2018 # Exploit Author: Marcin Kozlowski...
View ArticleClik here to view.
Cobub Razor 0.7.2 - Cross Site Request Forgery
EDB-ID: 44416Author: ppbPublished: 2018-04-06CVE: CVE-2018-7746 Type: WebappsPlatform: PHPVulnerable App: N/A # Date: [2018-03-07] # Exploit Author: [ppb(ppb@5ecurity.cn)] # Vendor Homepage:...
View ArticleClik here to view.
Onethink CMS Server Side Request Forgery
Onethink CMS versions released up to date 2018/04/06 suffer from a server-side request forgery vulnerability.MD5 | 37fbf6905231e41dc7ab8bbf92cf136cDownload# SSRFPS"Server Side Request ForgeryPS(c) in...
View ArticleClik here to view.
WebKit WebAssembly Missing Order Check
When a WebAssembly binary is parsed in ModuleParser::parse, it is expected to contain certain sections in a certain order, but can also contain custom sections that can appear anywhere in the binary....
View ArticleClik here to view.
LineageOS 14.1 Blueborne Remote Code Execution
LineageOS version 14.1 Blueborne suffers from a remote code execution vulnerability.MD5 | 90410d5586fb58a108784ae1818b9a2bDownload# Exploit Title: LineageOS 14.1 (Android 7.1.2) Blueborne RCE...
View ArticleClik here to view.
Cockpit CMS 0.13.0 Server Side Request Forgery
Cockpit CMS version 0.13.0 suffers from a server-side request forgery vulnerability.MD5 | a8f5621bbb2134b06037d093d935393eDownload# SSRFPS"Server Side Request ForgeryPS(c) in Cockpit CMS 0.13.0...
View ArticleClik here to view.
Cobub Razor 0.7.2 Cross Site Request Forgery
Cobub Razor version 0.7.2 suffers from a cross site request forgery vulnerability.MD5 | b8e2eb4df5cce7fb90eec9d6b2f756fdDownload# Exploit Title: [Cobub Razor 0.7.2 Cross Site Request Forgery]# Date:...
View ArticleClik here to view.
H2 Database Arbitrary Code Execution
H2 Database suffers from an alias related arbitrary code execution vulnerability.MD5 | 6258e5f0b2d9984d657f41ca330733fbDownload'''Exploit Title: H2 Database Alias AbuseDate: 05/04/2018Exploit Author:...
View ArticleClik here to view.
GoldWave 5.70 Local Buffer Overflow
GoldWave version 5.70 SEH unicode local buffer overflow exploit.MD5 | 544a4441dc2643b7e93657646a616123Download#!/usr/bin/python## Exploit Author: bzyo# Twitter: @bzyo_# Exploit Title: GoldWave 5.70 -...
View ArticleClik here to view.
CyberArk Password Vault Memory Disclosure
CyberArk Password Vault versions prior to 9.7 and 10 suffer from a memory disclosure vulnerability.MD5 | b723ff08301bf0026842a24515018be5DownloadAdvisory: CyberArk Password Vault Memory DisclosureData...
View ArticleClik here to view.
KYOCERA Net Admin 3.4 Cross Site Scripting
KYOCERA Net Admin version 3.4.0906 suffers from a cross site scripting vulnerability.MD5 | 018207298d9757ca292421d347ec5edbDownloadKYOCERA Net Admin 3.4 Multiple XSS VulnerabilitiesVendor: KYOCERA...
View ArticleClik here to view.
KYOCERA Net Admin 3.4 Cross Site Request Forgery
KYOCERA Net Admin version 3.4.0906 suffers from a cross site request forgery vulnerability.MD5 | 7ad8f76f1fae53993f2d3a96a9888f6fDownload<!--KYOCERA Net Admin 3.4 CSRF Add Admin ExploitVendor:...
View ArticleClik here to view.
MyBB Recent Threads On Index 17.0 Cross Site Scripting
MyBB Recent Threads On Index plugin version 17.0 suffers from a cross site scripting vulnerability.MD5 | 8307c11ddec1b8fa0f7961c36a8fbefcDownload# Exploit Title: MyBB Recent threads# Date: 4th April...
View ArticleClik here to view.
WolfCMS 0.8.3.1 Open Redirect
WolfCMS 0.8.3.1 suffers from an open redirect vulnerability.MD5 | 9659658b3ba770b72d025bbfce1467caDownload######################################## Exploit Title: WolfCMS 0.8.3.1 Open Redirection...
View ArticleClik here to view.
WordPress Simple Fields 0.3.5 File Inclusion / Remote Code Execution
WordPress Simple Fields plugin versions 0.2 through 0.3.5 suffer from file inclusion and remote code execution vulnerabilities.MD5 | 6e2bf334cdac7f3f761fe52b39953c1eDownload# Exploit Title: Simple...
View ArticleClik here to view.
KYOCERA Multi-Set Template Editor 3.4 Out-Of-Band XML External Entity Injection
KYOCERA Multi-Set Template Editor version 3.4.0906 suffers from an out-of-band XML external entity injection vulnerability.MD5 | 0c8850a036da5916bbb8e718eccc4d21DownloadKYOCERA Multi-Set Template...
View ArticleClik here to view.
CyberArk Password Vault Web Access Remote Code Execution
The CyberArk Password Vault Web Access application uses authentication tokens which consist of serialized .NET objects. By crafting manipulated tokens, attackers are able to gain unauthenticated remote...
View ArticleClik here to view.
Buddypress Xprofile Custom Fields Type 2.6.3 - Remote Code Execution
EDB-ID: 44432Author: Lenon LeitePublished: 2018-04-09CVE: N/A Type: WebappsPlatform: PHPVulnerable App: N/A # Date: 08/04/2018 # Exploit Author: Lenon Leite # Vendor Homepage: #...
View Article