Clik here to view.
Powerlogic/Schneider Electric IONXXXX Series - Cross-Site Request Forgery
EDB-ID: 44640Author: t4rkd3vilzPublished: 2018-05-17CVE: CVE-2016-5809 Type: WebappsPlatform: LinuxVulnerable App: N/A # Date: 2018-05-17 # Exploit Author: t4rkd3vilz # Vendor Homepage:...
View ArticleClik here to view.
Linux < 4.16.9 / < 4.14.41 - 4-byte Infoleak via Uninitialized Struct Field...
EDB-ID: 44641Author: Google Security ResearchPublished: 2018-05-17CVE: N/A Type: DosPlatform: LinuxAliases: N/AAdvisory/Source: LinkTags: N/AVulnerable App: N/A Commit 3a4d44b61625 ("ntp: Move adjtimex...
View ArticleClik here to view.
Jenkins CLI - HTTP Java Deserialization (Metasploit)
EDB-ID: 44642Author: MetasploitPublished: 2018-05-17CVE: CVE-2016-9299 Type: RemotePlatform: LinuxAliases: N/AAdvisory/Source: LinkTags: Metasploit Framework (MSF), RemoteVulnerable App: N/A # This...
View ArticleClik here to view.
Apache Struts 2 - Struts 1 Plugin Showcase OGNL Code Execution (Metasploit)
EDB-ID: 44643Author: MetasploitPublished: 2018-05-17CVE: CVE-2017-9791 Type: RemotePlatform: MultipleAliases: N/AAdvisory/Source: LinkTags: Metasploit Framework (MSF), RemoteVulnerable App: N/A # This...
View ArticleClik here to view.
NodAPS 4.0 Cross Site Request Forgery / SQL Injection
NodAPS version 4.0 suffers from cross site request forgery and remote SQL injection vulnerabilities.MD5 | c44435ac73194c9205c2e0f6fdab2a8bDownload# Exploit Title: Online Booking system - NodAPS 4.0 -...
View ArticleClik here to view.
SuperCom Online Shopping Ecommerce Cart 1 XSS / CSRF / SQL Injection
SuperCom Online Shopping Ecommerce Cart 1 suffers from remote SQL injection, cross site request forgery, and cross site scripting vulnerabilities.MD5 | eee904a60e89110b7191ba2d167bbfb3Download# Exploit...
View ArticleClik here to view.
Powerlogic/Schneider Electric IONXXXX Series Cross Site Request Forgery
Powerlogic/Schneider Electric IONXXXX Series suffers from a cross site request forgery vulnerability.MD5 | 2ef17c9ee603982d018c378cdb7b105cDownload# Exploit Title: Powerlogic Schneider Electric IONXXXX...
View ArticleClik here to view.
Nanopool Claymore Dual Miner 7.3 Remote Code Execution
Nanopool Claymore Dual Miner version 7.3 suffers from a remote code execution vulnerability.MD5 | 8623321185104823c8fa7a0e5ca0190fDownload# Exploit Title: Nanopool Claymore Dual Miner >= 7.3 Remote...
View ArticleClik here to view.
Intelbras NCLOUD 300 1.0 Authentication Bypass
Intelbras NCLOUD 300 version 1.0 suffers from an authentication bypass vulnerability.MD5 | 388ac8e1c27e9c1b841bbf975ca1481aDownload# coding: utf-8# Exploit Title: Intelbras NCloud Authentication...
View ArticleClik here to view.
AF_PACKET packet_set_ring Privilege Escalation
This Metasploit module exploits a heap-out-of-bounds write in the packet_set_ring function in net/packet/af_packet.c (AF_PACKET) in the Linux kernel to execute code as root (CVE-2017-7308). The bug was...
View ArticleClik here to view.
Microsoft Edge Chakra JIT Bounce Check Elimination Bug
Chakra uses the InvariantBlockBackwardIterator class to backpropagate the information about the hoisted bound checks. But the class follows the linked list instead of the control flow. This may lead to...
View ArticleClik here to view.
Linux 4-Byte Information Leak
Linux suffers from a 4-byte information leak via an uninitialized struct field in the compat adjtimex syscall.MD5 | 3e22473d4edff1e68082884c6f7a235bDownloadSource:packetstormsecurity.com
View ArticleClik here to view.
Healwire Online Pharmacy 3.0 - Persistent Cross-Site Scripting / Cross-Site...
EDB-ID: 44645Author: L0RDPublished: 2018-05-18CVE: N/A Type: WebappsPlatform: PHPVulnerable App: N/A # Date: 2018-05-17 # Exploit Author: L0RD # Vendor Homepage:...
View ArticleClik here to view.
Monstra CMS before 3.0.4 - Cross-Site Scripting
EDB-ID: 44646Author: Berk DusunurPublished: 2018-05-18CVE: N/A Type: WebappsPlatform: PHPVulnerable App: N/A # Date: 2018-05-17 # Exploit Author: Berk Dusunur # Vendor Homepage: https://monstra.org #...
View ArticleClik here to view.
SAP NetWeaver Web Dynpro 6.4 to 7.5 - Information disclosure
EDB-ID: 44647Author: Richard AlviarezPublished: 2018-05-18CVE: N/A Type: WebappsPlatform: LinuxVulnerable App: N/A # Versions Affected: SAP NetWeaver 6.4 - 7.5 # Vendor URL: http://SAP.com # Bugs:...
View ArticleClik here to view.
HPE iMC 7.3 - Remote Code Execution (Metasploit)
EDB-ID: 44648Author: TrendyTofuPublished: 2018-05-18CVE: CVE-2017-12500... Type: RemotePlatform: WindowsVulnerable App: N/A # Date: 6 February, 2018 # Exploit Author: TrendyTofu # Vendor Homepage:...
View ArticleClik here to view.
Prime95 29.4b8 - Stack Buffer Overflow (SEH)
EDB-ID: 44649Author: crash_manucootPublished: 2018-05-18CVE: N/A Type: LocalPlatform: WindowsVulnerable App: # Date: 13-4-2018 # Exploit Author: crash_manucoot # Contact: twitter.com/crash_manucoot #...
View ArticleClik here to view.
Cisco SA520W Security Appliance - Path Traversal
EDB-ID: 44650Author: Nassim AsrirPublished: 2018-05-18CVE: N/A Type: WebappsPlatform: HardwareVulnerable App: N/A # Author: Nassim Asrir # Contact: wassline@gmail.com /...
View ArticleClik here to view.
Infinity Market Classified Ads Script 1.6.2 - Cross-Site Request Forgery
EDB-ID: 44651Author: L0RDPublished: 2018-05-18CVE: N/A Type: WebappsPlatform: PHPVulnerable App: N/A # Date: 2018-05-18 # Exploit Author: L0RD # Vendor Homepage:...
View ArticleClik here to view.
DynoRoot DHCP - Client Command Injection
EDB-ID: 44652Author: Kevin KirschePublished: 2018-05-18CVE: CVE-2018-1111 Type: LocalPlatform: LinuxVulnerable App: N/A # Date: 2018-05-18 # Exploit Author: Kevin Kirsche # Exploit Repository:...
View Article