Clik here to view.
Linux 4.8.0 < 4.8.0-46 - AF_PACKET packet_set_ring Privilege Escalation...
EDB-ID: 44654Author: MetasploitPublished: 2018-05-18CVE: CVE-2017-7308 Type: LocalPlatform: LinuxAliases: N/AAdvisory/Source: LinkTags: Metasploit Framework (MSF), LocalVulnerable App: N/A # This...
View ArticleClik here to view.
Microsoft Edge Chakra JIT - Bound Check Elimination Bug
EDB-ID: 44653Author: Google Security ResearchPublished: 2018-05-18CVE: CVE-2018-0980 Type: DosPlatform: WindowsAliases: N/AAdvisory/Source: LinkTags: N/AVulnerable App: N/A Chakra uses the...
View ArticleClik here to view.
SAP B2B / B2C CRM 2.x < 4.x - Local File Inclusion
EDB-ID: 44655Author: Richard AlviarezPublished: 2018-05-18CVE: N/A Type: WebappsPlatform: LinuxVulnerable App: N/A # Application:SAP B2B OR B2C is CRM # Versions Affected: SAP B2B OR B2C is CRM 2.x 3.x...
View ArticleClik here to view.
Monstra CMS Cross Site Scripting
Monstra CMS versions prior to 3.0.4 suffer from a cross site scripting vulnerability.MD5 | 1f1f0e7cdd0eff105e7fcaf27d217cefDownload# Exploit Title: Monstra CMS 3.0.4 - Cross-Site Scripting# Date:...
View ArticleClik here to view.
SAP NetWeaver Web Dynpro Information Disclosure
SAP NetWeaver Web Dynpro versions 6.4 up to 7.5 suffer from an information disclosure vulnerability.MD5 | 8067c3689144753ad6dd851439ba0e9fDownload# Application: SAP NetWeaver Web Dynpro 6.4 to 7.5 -...
View ArticleClik here to view.
Siemens SIMATIC Panels Cross Site Request Forgery / Cross Site Scripting
Multiple Siemens SIMATIC panels suffer from cross site request forgery and cross site scripting vulnerabilities.MD5 | 52fd7f7488e289fc4a42c19a2bd6d53bDownload# Exploit Title: Siemens SIMATIC Panels...
View ArticleClik here to view.
Cisco SA520W Security Appliance Path Traversal
Cisco SA520W Security Appliance suffers from a path traversal vulnerability.MD5 | d8f45b8bfc45f6a23ec142f301ed9a58Download# Title: Cisco SA520W Security Appliance - Path Traversal# Author: Nassim...
View ArticleClik here to view.
Prime95 29.4b8 Stack Buffer Overflow
Prime95 version 29.4b8 SEH buffer overflow exploit.MD5 | f8f20d97ff558024599a9ee8ee40f52eDownload# Exploit Title: Prime95 Local Buffer Overflow (SEH)# Date: 13-4-2018# Exploit Author: crash_manucoot#...
View ArticleClik here to view.
Infinity Market Classified Ads Script 1.6.2 Cross Site Request Forgery
Infinity Market Classified Ads Script version 1.6.2 suffers from a cross site request forgery vulnerability.MD5 | bd90cdb52547245a61c4cbdb0d6e87eeDownload# Exploit Title: Infinity Market Classified Ads...
View ArticleClik here to view.
DynoRoot DHCP Command Injection
DynoRoot DHCP suffers from a client command injection vulnerability.MD5 | 2e8a721a5d5bb1c6f66a40274aea5ae1Download# Exploit Title: DynoRoot DHCP - Client Command Injection# Date: 2018-05-18# Exploit...
View ArticleClik here to view.
SAP B2B / B2C CRM Local File Inclusion
SAP B2B / B2C CRM versions 2.x up to 4.x suffer from a local file inclusion vulnerability.MD5 | d9253407b7b389816488abe6d1a1e481Download# Title: SAP B2B / B2C CRM 2.x < 4.x - Local File Inclusion#...
View ArticleClik here to view.
HPE iMC 7.3 Remote Code Execution
This Metasploit module exploits an expression language injection vulnerability, along with an authentication bypass vulnerability in Hewlett Packard Enterprise Intelligent Management Center before...
View ArticleClik here to view.
Healwire Online Pharmacy 3.0 Cross Site Request Forgery / Cross Site Scripting
Healwire Online Pharmacy version 3.0 suffers from cross site request forgery and cross site scripting vulnerabilities.MD5 | 9196695291014c0d67db9bdd80d678ffDownload# Exploit Title: Healwire Online...
View ArticleClik here to view.
Reliable Datagram Sockets (RDS) Privilege Escalation
This Metasploit module exploits a vulnerability in the rds_page_copy_user function in net/rds/page.c (RDS) in Linux kernel versions 2.6.30 to 2.6.36-rc8 to execute code as root (CVE-2010-3904). This...
View ArticleClik here to view.
GitBucket 4.23.1 - Remote Code Execution
EDB-ID: 44668Author: Kacper SzurekPublished: 2018-05-21CVE: N/A Type: WebappsPlatform: JavaVulnerable App: # Date: 21-05-2018 # Software Link: https://github.com/gitbucket/gitbucket # Exploit Author:...
View ArticleClik here to view.
Karenderia Multiple Restaurant System < 4.5 - Blind SQL Injection
EDB-ID: 44669Author: telahdihapusPublished: 2018-05-21CVE: N/A Type: WebappsPlatform: PHPVulnerable App: N/A # Google Dork: N/A # Date: 2018-05-10 # Exploit Author: telahdihapus # Email Author:...
View ArticleClik here to view.
Teradek VidiU Pro 3.0.3 - Cross-Site Request Forgery
EDB-ID: 44671Author: LiquidWormPublished: 2018-05-21CVE: N/A Type: WebappsPlatform: HardwareVulnerable App: N/A Teradek VidiU Pro 3.0.3 CSRF Change Password Exploit Vendor: Teradek, LLC Product web...
View ArticleClik here to view.
Teradek VidiU Pro 3.0.3 - Server-Side Request Forgery
EDB-ID: 44672Author: LiquidWormPublished: 2018-05-21CVE: N/A Type: WebappsPlatform: HardwareVulnerable App: N/A Vendor: Teradek, LLC Product web page: https://www.teradek.com Affected version: VidiU,...
View ArticleClik here to view.
Linux 2.6.30 - 2.6.36-rc8 - Reliable Datagram Sockets (RDS) Privilege...
EDB-ID: 44677Author: MetasploitPublished: 2018-05-21CVE: CVE-2010-3904 Type: LocalPlatform: LinuxAliases: N/AAdvisory/Source: LinkTags: Metasploit Framework (MSF), LocalVulnerable App: # This module...
View ArticleClik here to view.
Teradek Cube 7.3.6 - Cross-Site Request Forgery
EDB-ID: 44675Author: LiquidWormPublished: 2018-05-21CVE: N/A Type: WebappsPlatform: HardwareVulnerable App: N/A Teradek Cube 7.3.6 CSRF Change Password Exploit Vendor: Teradek, LLC Product web page:...
View Article