Clik here to view.
Rvsitebuilder CMS Database Backup Download
Rvsitebuilder CMS suffers from a backup disclosure vulnerability.MD5 | 46aa749ab9797f353df4c50755a57811Download# Exploit Title: Rvsitebuilder CMS Database Backup Download# Exploit Author: Hesam...
View ArticleClik here to view.
Geist WatchDog Console 3.2.2 XSS / XML Injection / Insecure Permissions
Geist WatchDog Console version 3.2.2 suffers from cross site scripting, XML external entity injection, and insecure file permission vulnerabilities.MD5 | 4811ca31e7f5fe461ed4376e43851eccDownload#...
View ArticleClik here to view.
Joomla JS Jobs 1.2.0 Cross Site Request Forgery
Joomla JS Jobs component version 1.2.0 suffers from a cross site request forgery vulnerability.MD5 | 767f3b2c945b596633a81343fe04997dDownload######################################## Exploit Title:...
View ArticleClik here to view.
Facebook Graph Groups Crosswalk User Metadata Mapping Weakness
Facebook Graph groups crosswalk user's metadata mapping weakness demo proof of concept script.MD5 | cedc3e5b3dddf3d9c0b7c2ff3cd164acDownload#!/usr/bin/perl## Facebook (facebug) 'Graph' Groups crosswalk...
View ArticleClik here to view.
WordPress Caldera Forms 1.5.9.1 Cross Site Scripting
WordPress Caldera Forms plugin version 1.5.9.1 suffers from a cross site scripting vulnerability.MD5 | 8a71154dd8f78326e22e2125132af1b6Download# Exploit Title: CalderaForms 1.5.9.1 - multiple XSS#...
View ArticleClik here to view.
Lutron Quantum 3.2.243 Information Disclosure
Lutron Quantum versions 2.0 through 3.2.243 suffer from an information disclosure vulnerability.MD5 | 5fbf3f349a5f2b4e47f15ecd8b2d37f3Download# Exploit Title: Login bypass and data leak - Lutron...
View ArticleClik here to view.
Digital Guardian Management Console 7.1.2.0015 Server Side Request Forgery
Digital Guardian Management Console version 7.1.2.0015 suffer from a server-side request forgery vulnerability.MD5 | fb6b58b0bab3666f08404066bdb8c0bcDownloadTitle: Digital Guardian Managment Console -...
View ArticleClik here to view.
Digital Guardian Management Console 7.1.2.0015 XXE Injection
Digital Guardian Management Console version 7.1.2.0015 suffers from an XML external entity injection vulnerability.MD5 | 4580a4c26b72fed29c24bcb9499af56fDownloadTitle: Digital Guardian Managment...
View ArticleClik here to view.
Linux x86 TCP Port 1337 Bindshell Shellcode
92 bytes small Linux x86 tcp/1337 bindshell shellcode.MD5 | ff78686f2571f1c5269ce33e66a58c85Download/**# Linux x86 Bind TCP shellcode# This shellcode will listen on port 1337 and give you /bin/sh#...
View ArticleClik here to view.
Microsoft Windows WLDP CLSID Policy .NET COM Instantiation UMCI Bypass
The enlightened Windows Lockdown Policy check for COM Class instantiation can be bypassed by using a bug in .NET leading to arbitrary code execution on a system with UMCI enabled (e.g. Device...
View ArticleClik here to view.
Seagate Media Server Path Traversal
Seagate Personal Cloud model SRN21C running firmware versions 4.3.16.0 and 4.3.18.0 suffer from a path traversal vulnerability.MD5 |...
View ArticleClik here to view.
Seagate Personal Cloud SRN21C Arbitrary File Move
Seagate Personal Cloud model SRN21C running firmware versions 4.3.16.0 and 4.3.18.0 allows for moving of arbitrary files.MD5 |...
View ArticleClik here to view.
Seagate Media Server SRN21C Cross Site Scripting
Seagate Personal Cloud model SRN21C running firmware versions 4.3.16.0 and 4.3.18.0 suffers from a persistent cross site scripting vulnerabilities.MD5 |...
View ArticleClik here to view.
WordPress WooCommerce 2.0 / 3.0 Directory Traversal
WordPress WooCommerce plugin versions 2.0 and 3.0 suffer from a directory traversal vulnerability.MD5 | a9f1c44c58aec447e77edec7cf211eb1Download\n\n# Exploit Title: WordPress woocommerce directory...
View ArticleClik here to view.
Chakra CFG Bypass With leafInterpreterFrame
Chakra suffers from a CFG bypass with leafInterpreterFrame. Every JavaScript variable in Chakra (except a tagged int) is a pointer. From this pointer, using an arbitrary read, it is possible to follow...
View ArticleClik here to view.
Cobub Razor 0.8.0 - Physical path Leakage
EDB-ID: 44495Author: KyhvednPublished: 2018-04-20CVE: CVE-2018-8056... Type: WebappsPlatform: PHPVulnerable App: N/A # Date: 2018-04-19 # Exploit Author: Kyhvedn # Vendor Homepage:...
View ArticleClik here to view.
Cobub Razor 0.8.0 Path Disclosure
Cobub Razor version 0.8.0 suffers from a path disclosure vulnerability.MD5 | 576cf5b28eecb06a93ee4f29e77f29c5Download# Exploit Title: Cobub Razor 0.8.0 Physical path Leakage Vulnerability# Date:...
View ArticleClik here to view.
Linux x86 Reverse TCP 127.1.1.1:5555 Shellcode
73 bytes small Linux x86 reverse TCP shellcode that binds to 127.1.1.1:5555.MD5 | 9e96cce76f9491a2d09409a32e416c26Download/**# Linux x86 Reverse TCP shellcode# 127.1.1.1/5555# Shellcode Author: Anurag...
View ArticleClik here to view.
Microsoft Internet Explorer 11.371.16299.0 Denial Of Service
Microsoft Internet Explorer version 11.371.16299.0 suffers from a denial of service vulnerability.MD5 | 8f802c6b5e7355817d785abe182618e6Download[+] Credits: John Page (aka hyp3rlinx) [+] Website:...
View ArticleClik here to view.
DrayTek VigorACS 2 Unsafe Flex AMF Java Object Deserialization
DrayTek Vigor ACS server, a remote enterprise management system for DrayTek routers, uses a vulnerable version of the Adobe / Apache Flex Java library that has a deserialisation vulnerability. This can...
View Article