Clik here to view.
GitList 0.6 Remote Code Execution
GitList version 0.6 unauthenticated remote code execution exploit.MD5 | 5147c5d3c0bfde4c345eae7b7486b30bDownload# Exploit Title: GitList 0.6 Unauthenticated RCE# Date: 25-04-2018# Software Link:...
View ArticleClik here to view.
Drupal Drupalgeddon 2 Forms API Property Injection
This Metasploit module exploits a Drupal property injection in the Forms API. Drupal versions 6.x, less than 7.58, 8.2.x, less than 8.3.9, less than 8.4.6, and less than 8.5.1 are vulnerable.MD5 |...
View ArticleClik here to view.
Frog CMS 0.9.5 - Persistent Cross-Site Scripting
EDB-ID: 44551Author: Wenming JiangPublished: 2018-04-26CVE: CVE-2018-10321 Type: WebappsPlatform: PHPVulnerable App: # Date: 2018-04-23 # Exploit Author: Wenming Jiang # Vendor Homepage:...
View ArticleClik here to view.
Frog CMS 0.9.5 Cross Site Scripting
Frog CMS version 0.9.5 suffers from a persistent cross site scripting vulnerability.MD5 | 12b55e239f7f68c79833ccc14795cba9Download# Exploit Title: Frog CMS 0.9.5 has a stored Cross Site Scripting...
View ArticleClik here to view.
TP-Link Technologies TL-WA850RE Wi-Fi Range Extender Unauthorized Remote Reboot
TP-Link Technologies TL-WA850RE Wi-Fi Range Extender suffers from an unauthorized remote reboot vulnerability.MD5 | 23502cfb730225f75e213d5693e508e8Download# Exploit Title: TP-Link Technologies...
View ArticleClik here to view.
Oracle Weblogic Server 10.3.6.0 / 12.1.3.0 / 12.2.1.2 / 12.2.1.3 -...
EDB-ID: 44553Author: brianwrfPublished: 2018-04-22CVE: CVE-2018-2628 Type: RemotePlatform: MultipleAliases: N/AAdvisory/Source: LinkTags: N/AVulnerable App: N/A # Oracle Weblogic Server (10.3.6.0,...
View ArticleClik here to view.
Drupal < 7.58 - 'Drupalgeddon3' Authenticated Remote Code (Metasploit)
EDB-ID: 44557Author: SixP4ck3rPublished: 2018-04-30CVE: CVE-2018-7602 Type: RemotePlatform: PHPAliases: Drupalgeddon3Advisory/Source: N/ATags: Metasploit Framework (MSF)Vulnerable App: # This module...
View ArticleClik here to view.
Navicat < 12.0.27 - Oracle Connection Overflow
EDB-ID: 44558Author: Kevin McGuiganPublished: 2018-04-30CVE: N/A Type: DosPlatform: WindowsVulnerable App: N/A # Title: Navicat < 12.0.27 Oracle Connection Overflow # Author: Kevin McGuigan #...
View ArticleClik here to view.
Nagios XI 5.2.[6-9], 5.3, 5.4 - Chained Remote Root
EDB-ID: 44560Author: Jared AravePublished: 2018-04-30CVE: CVE-2018-8733... Type: WebappsPlatform: PHPAliases: N/AAdvisory/Source: LinkTags: N/AVulnerable App: N/A # Date: 4/17/2018 # Exploit Authors:...
View ArticleClik here to view.
macOS/iOS - ReportCrash mach port Replacement due to Failure to Respect MIG...
EDB-ID: 44562Author: Google Security ResearchPublished: 2018-04-30CVE: CVE-2018-4206 Type: DosPlatform: MultipleAliases: N/AAdvisory/Source: LinkTags: N/AVulnerable App: N/A ReportCrash is the daemon...
View ArticleClik here to view.
WordPress Plugin Form Maker 1.12.20 - CSV Injection
EDB-ID: 44559Author: Sairam JettyPublished: 2018-04-30CVE: CVE-2018-10504 Type: WebappsPlatform: PHPVulnerable App: # Google Dork: N/A # Date: 27-04-2018 ################################ # Exploit...
View ArticleClik here to view.
macOS 10.13.2 - Double mach_port_deallocate in kextd due to Failure to...
EDB-ID: 44561Author: Google Security ResearchPublished: 2018-04-30CVE: CVE-2018-4139 Type: DosPlatform: macOSAliases: N/AAdvisory/Source: LinkTags: N/AVulnerable App: N/A kern_return_t...
View ArticleClik here to view.
GIMP CVE-2017-17789 Heap Buffer Overflow Vulnerability
GIMP is prone to a heap-based buffer-overflow vulnerability because it fails to properly bounds check user-supplied input. Successfully exploiting this issue may allow attackers to execute arbitrary...
View ArticleClik here to view.
Wordpress Responsive Cookie Consent v1.5 / v1.6 / v1.7 - Authenticated...
EDB-ID: 44563Author: B0UGPublished: 2018-05-01CVE: CVE-2018-10309 Type: WebappsPlatform: PHPVulnerable App: N/A # Date: 2018-04-20 # Exploit Author: B0UG # Vendor Homepage:...
View ArticleClik here to view.
Linux Kernel CVE-2016-3672 ASLR Implementation Local Security Weakness
Linux Kernel is prone to a local security weakness. An attacker can exploit this issue to perform certain unauthorized actions. InformationBugtraq ID: 85884 Class: Design Error CVE:...
View ArticleClik here to view.
Easy MPEG to DVD Burner 1.7.11 - SEH Local Buffer Overflow
EDB-ID: 44565Author: Marwan ShamelPublished: 2018-05-02CVE: N/A Type: LocalPlatform: WindowsAliases: N/AAdvisory/Source: N/ATags: LocalVulnerable App: # Exploit Title: Easy MPEG to DVD Burner 1.7.11...
View ArticleClik here to view.
LibreOffice/Open Office - '.odt' Information Disclosure
EDB-ID: 44564Author: Richard DavyPublished: 2018-05-02CVE: CVE-2018-10583 Type: LocalPlatform: WindowsVulnerable App: N/A # Exploit Title: Malicious ODF File Creator # Date: 1st May 2018 # Exploit...
View ArticleClik here to view.
WebKit - 'WebCore::jsElementScrollHeightGetter' Use-After-Free
EDB-ID: 44566Author: Google Security ResearchPublished: 2018-05-02CVE: CVE-2018-4200 Type: DosPlatform: MultipleAliases: N/AAdvisory/Source: LinkTags: Use After Free (UAF)Vulnerable App: N/A There is a...
View ArticleClik here to view.
Cockpit CMS 0.4.4-0.5.5 - Server-Side Request Forgery
EDB-ID: 44567Author: Qian Wu, Bo Wang, Jiawang ZhangPublished: 2018-05-02CVE: CVE-2018-9302 Type: WebappsPlatform: PHPAliases: N/AAdvisory/Source: N/ATags: Server-Side Request Forgery (SSRF)Vulnerable...
View ArticleClik here to view.
xdebug - Unauthenticated OS Command Execution (Metasploit)
EDB-ID: 44568Author: MetasploitPublished: 2018-05-02CVE: N/A Type: RemotePlatform: PHPAliases: N/AAdvisory/Source: LinkTags: Metasploit Framework (MSF)Vulnerable App: # This module requires Metasploit:...
View Article