Clik here to view.
Microsoft Windows - Token Process Trust SID Access Check Bypass Privilege...
EDB-ID: 44630Author: Google Security ResearchPublished: 2018-05-16CVE: CVE-2018-8134 Type: LocalPlatform: WindowsAliases: N/AAdvisory/Source: LinkTags: LocalVulnerable App: N/A Platform: Windows 10...
View ArticleClik here to view.
WordPress Plugin Metronet Tag Manager 1.2.7 - Cross-Site Request Forgery
EDB-ID: 44632Author: dxwPublished: 2018-05-16CVE: N/A Type: WebappsPlatform: PHPAliases: N/AAdvisory/Source: LinkTags: Cross-Site Request Forgery (CSRF)Vulnerable App: Details ================...
View ArticleClik here to view.
RSA Authentication Manager 8.2.1.4.0-build1394922 / < 8.3 P1 - XML External...
EDB-ID: 44634Author: SEC ConsultPublished: 2018-05-16CVE: CVE-2018-1247 Type: WebappsPlatform: JavaAliases: N/AAdvisory/Source: N/ATags: Cross-Site Scripting (XSS), XML External Entity (XXE)Vulnerable...
View ArticleClik here to view.
Libuser - roothelper Privilege Escalation (Metasploit)
EDB-ID: 44633Author: MetasploitPublished: 2018-05-16CVE: CVE-2015-3245... Type: LocalPlatform: LinuxAliases: N/AAdvisory/Source: LinkTags: Metasploit Framework (MSF), LocalVulnerable App: N/A # This...
View ArticleClik here to view.
Inteno IOPSYS 2.0 - 4.2.0 p910nd - Remote Command Execution
EDB-ID: 44635Author: neonseaPublished: 2018-05-16CVE: CVE-2018-10123 Type: RemotePlatform: HardwareAliases: N/AAdvisory/Source: LinkTags: RemoteVulnerable App: N/A Any authenticated user can modify the...
View ArticleClik here to view.
vcftools 0.1.15 Out-Of-Bounds Read / Denial Of Service / Buffer Overflow
vcftools version 0.1.15 suffers from out-of-bounds read, denial of service, buffer overflow, and use-after-free vulnerabilities.MD5 | 2651784ca5ca6bc6e1c40cc6eaf3dd7eDownloadvcftools multiple...
View ArticleClik here to view.
Inteno IOPSYS 2.0 - 4.2.0 p910nd Remote Command Execution
Inteno IOPSYS version 2.0 - 4.2.0 p910nd suffers from a remote command execution vulnerability.MD5 | f12cc1a1d1f999986c5f4c6d593268a7Download'''Any authenticated user can modify the configuration for...
View ArticleClik here to view.
Horse Market Sell And Rent Portal Script 1.5.7 CSRF
Horse Market Sell and Rent Port Script version 1.5.7 suffers from a cross site request forgery vulnerability.MD5 | d826df440ff29bb5f9a74c3f7a7f6608Download Exploit Title: Horse Market Sell & Rent...
View ArticleClik here to view.
Multiplayer BlackJack Online Casino Game 2.5 Cross Site Scripting
Multiplayer BlackJack Online Casino Game version 2.5 suffers from a persistent cross site scripting vulnerability.MD5 | 820b5f66fc1bdf7f53d42cbc7040ce2bDownload# Exploit Title: Multiplayer BlackJack -...
View ArticleClik here to view.
Rockwell Scada System 27.011 Cross Site Scripting
Rockwell Scada System version 27.011 suffers from a cross site scripting vulnerability.MD5 | 77c12966701cd16cfeafb126846ac1d6Download# Exploit Title: Rockwell Scada System - Cross-Site Scripting# Date:...
View ArticleClik here to view.
VirtueMart 3.1.14 Cross Site Scripting
VirtueMart version 3.1.14 suffers from a cross site scripting vulnerability.MD5 | e4badb4b696a84752a25e2c7846f6cafDownload# Exploit Title: VirtueMart 3.1.14 - Persistent Cross-Site Scripting# Date:...
View ArticleClik here to view.
MyBB Admin Notes 1.1 Cross Site Request Forgery
MyBB Admin Notes plugin version 1.1 suffers from a cross site request forgery vulnerability.MD5 | 7d7f773fd053f17acf139e4e91b09a31Download# Exploit Title: MyBB Admin Notes Plugin - CSRF# Date:...
View ArticleClik here to view.
Signal Desktop HTML Tag Injection Variant 2
This advisory documents proof of concept flows for manipulation the HTML tag injection vulnerability discovered in Signal Desktop. Versions affected include 1.7.1, 1.8.0, 1.9.0, 1.10.0, and 1.10.1.MD5...
View ArticleClik here to view.
Apache Struts 2 Struts 1 Plugin Showcase OGNL Code Execution
This Metasploit module exploits a remote code execution vulnerability in the Struts Showcase app in the Struts 1 plugin example in Struts 2.3.x series. Remote code execution can be performed via a...
View ArticleClik here to view.
Jenkins CLI HTTP Java Deserialization
This Metasploit module exploits a vulnerability in Jenkins. An unsafe deserialization bug exists on the Jenkins, which allows remote arbitrary code execution via HTTP. Authentication is not required to...
View ArticleClik here to view.
RSA Authentication Manager XML Injection / Cross Site Scripting
RS Authentication Manager versions prior to 8.3 P1 suffer from cross site scripting and XML external entity injection vulnerabilities.MD5 | 64f46f62982ecef4ac4dd6fbab721205DownloadSEC Consult...
View ArticleClik here to view.
NodAPS 4.0 - SQL injection / Cross-Site Request Forgery
EDB-ID: 44636Author: L0RDPublished: 2018-05-17CVE: N/A Type: WebappsPlatform: PHPVulnerable App: N/A # Date: 2018-05-16 # Exploit Author: Borna nematzadeh (L0RD) # Vendor Homepage:...
View ArticleClik here to view.
Intelbras NCLOUD 300 1.0 - Authentication bypass
EDB-ID: 44637Author: Pedro AguiarPublished: 2018-05-17CVE: CVE-2018-11094 Type: WebappsPlatform: HardwareVulnerable App: N/A # Exploit Title: Intelbras NCloud Authentication bypass # Date: 16/05/2018 #...
View ArticleClik here to view.
Nanopool Claymore Dual Miner 7.3 - Remote Code Execution
EDB-ID: 44638Author: ReverseBrainPublished: 2018-05-17CVE: CVE-2018-1000049 Type: RemotePlatform: WindowsVulnerable App: N/A # Date: 2018/02/09 # Exploit Author: ReverseBrain # Vendor Homepage:...
View ArticleClik here to view.
SuperCom Online Shopping Ecommerce Cart 1 - Persistent Cross-Site scripting...
EDB-ID: 44639Author: L0RDPublished: 2018-05-17CVE: N/A Type: WebappsPlatform: PHPVulnerable App: N/A # Date: 2018-05-17 # Exploit Author: L0RD # Vendor Homepage:...
View Article