Clik here to view.
2345 Security Guard 3.7 - '2345BdPcSafe.sys' Denial of Service
EDB-ID: 44615Author: anhkggPublished: 2018-05-11CVE: CVE-2018- 10830 Type: DosPlatform: WindowsVulnerable App: # Date: [20180509] # Exploit Author: [anhkgg] # Vendor Homepage: [http://safe.2345.cc/] #...
View ArticleClik here to view.
WordPress WP User Groups 2.0.0 Cross Site Request Forgery
WordPress WP User Groups plugin version 2.0.0 suffers from a cross site request forgery vulnerability.MD5 | b7e665854b071ff3573e0b4fc76df293DownloadDetails================Software: WP User...
View ArticleClik here to view.
WUZHI CMS 4.1.0 - 'tag[pinyin]' Cross-Site Scripting
EDB-ID: 44618Author: jiguangPublished: 2018-05-13CVE: CVE-2018-10311 Type: WebappsPlatform: PHPVulnerable App: N/A # Date: 2018-4-23 # Exploit Author: jiguang (s1@jiguang.in) # Vendor Homepage:...
View ArticleClik here to view.
WUZHI CMS 4.1.0 - 'form[qq_10]' Cross-Site Scripting
EDB-ID: 44617Author: jiguangPublished: 2018-05-13CVE: CVE-2018-10313 Type: WebappsPlatform: PHPVulnerable App: N/A # Date: 2018-4-23 # Exploit Author: jiguang (s1@jiguang.in) # Vendor Homepage:...
View ArticleClik here to view.
XATABoost 1.0.0 SQL Injection
XATABoost version 1.0.0 suffers from a remote SQL injection vulnerability.MD5 | f10d0c627bcc189cec5effc5ae675414Download# Exploit Title: XATABoost CMS Sql Injection# Google Dork: inurl:php?id= Powered...
View ArticleClik here to view.
Open-AudIT Professional 2.1.1 Cross Site Scripting
Open-AudIT Professional version 2.1.1 suffers from multiple cross site scripting vulnerabilities.MD5 | ae6eca29911ffa12f20ca19d997f6800Download# Exploit Title: Open-AudIT Professional 2.1.1 a Multiple...
View ArticleClik here to view.
Open-AudIT Community 2.2.0 Cross Site Scripting
Open-AudIT Community version 2.2.0 suffers from multiple cross site scripting vulnerabilities.MD5 | 28975f4a5b48b01868e1b3723d21d788Download# Exploit Title: Open-AudIT Community - 2.2.0 a Cross-Site...
View ArticleClik here to view.
EMC RecoverPoint 4.3 Admin CLI Command Injection
EMC RecoverPoint version 4.3 suffers from an administrative CLI command injectionv vulnerability.MD5 | 74681e8d90f13459f9d0a81fa0ea5de4Download# Exploit Title: EMC RecoverPoint 4.3 - Admin CLI Command...
View ArticleClik here to view.
Wuzhi CMS 4.1.0 Cross Site Scripting
Wuzhi CMS version 4.1.0 suffers from multiple cross site scripting vulnerabilities.MD5 | 8ee02c1b3618e60ffa9ff63d0d268b62DownloadExploit 1 of 2:# Exploit Title: WUZHI CMS 4.1.0 XSS Vulnerability# Date:...
View ArticleClik here to view.
Libuser roothelper Privilege Escalation
This Metasploit module attempts to gain root privileges on Red Hat based Linux systems, including RHEL, Fedora and CentOS, by exploiting a newline injection vulnerability in libuser and userhelper...
View ArticleClik here to view.
IBM Flashsystem / Storwize CSRF / Arbitrary File Read / Information Disclosure
Vulnerabilities were identified in the IBM Flashsystem 840, IBM Flashsystem 900 and IBM Storwize V7000. They include cross site request forgery, arbitrary file read, unauthenticated access, and various...
View ArticleClik here to view.
Calamp.com Incorrect Privilege Assignment
Calamp.com suffers from an incorrect privilege assignment that could lead to full user compromise.MD5 | 669486a177cbb9617e6004e6bdde10e7DownloadThere is also a full write up on...
View ArticleClik here to view.
ProjectPier 0.8.8 SQL Injection / Authentication Bypass / RFI
ProjectPier versions 0.8.8 and below suffer from remote file inclusion, authentication bypass, remote shell upload, and remote SQL injection vulnerabilities.MD5 |...
View ArticleClik here to view.
GD bbPress 2.5 Cross Site Scripting
GD bbPress versions 2.5 and below suffer from a cross site scripting vulnerability.MD5 | 087c655ff43ee9dfeea459aa735151b0DownloadAn authenticated user of a bbPress forum, who can attach a file, can...
View ArticleClik here to view.
xls2csv 0.95 Buffer Overflow
xls2csv version 0.95 suffers from a buffer overflow vulnerability.MD5 | f750738e8735e0b33c3f768f0151558dDownloadSource:packetstormsecurity.com
View ArticleClik here to view.
MyBiz MyProcureNet 5.0.0 File Upload / Cross Site Scripting
MyBiz MyProcureNet version 5.0.0 suffers from remote file upload and cross site scripting vulnerabilities.MD5 | 9d259792840d984bdc75e2b482b86e96DownloadSEC Consult Vulnerability Lab Security Advisory...
View ArticleClik here to view.
2345 Security Guard 3.7 - '2345NsProtect.sys' Denial of Service
EDB-ID: 44619Author: anhkggPublished: 2018-05-14CVE: CVE-2018-11034 Type: DosPlatform: WindowsVulnerable App: # Date: [20180513] # Exploit Author: [anhkgg] # Vendor Homepage: [http://safe.2345.cc/] #...
View ArticleClik here to view.
Monstra CMS 3.0.4 - Remote Code Execution
EDB-ID: 44621Author: JameelNabboPublished: 2018-05-14CVE: CVE-2018-9037 Type: WebappsPlatform: PHPVulnerable App: # Date: 2018-05-14 # Exploit Author: Jameel Nabbo # Vendor Homepage:...
View ArticleClik here to view.
Linux/x86 - Reverse TCP (127.0.0.1:4444/TCP) Shell Shellcode (96 Bytes)
EDB-ID: 44620Author: Paolo PeregoPublished: 2018-05-14CVE: N/A Type: ShellcodePlatform: Linux_x86Shellcode: Download / View Raw Shellcode Size: 96 bytes ; Title: Linux/x86 - TCP reverse shell ; Author:...
View ArticleClik here to view.
XATABoost 1.0.0 - SQL Injection
EDB-ID: 44622Author: MgThuraMoeMyintPublished: 2018-05-14CVE: N/A Type: WebappsPlatform: PHPVulnerable App: N/A # Google Dork: inurl:php?id= Powered by XATABOOST # Date: 02.01.2018 # Exploit Author:...
View Article