Clik here to view.
KomSeo Cart 1.3 - 'my_item_search' SQL Injection
EDB-ID: 44753Author: AkkuSPublished: 2018-05-25CVE: N/A Type: WebappsPlatform: PHPVulnerable App: N/A # Dork: N/A # Date: 25.05.2018 # Exploit Author: Özkan Mustafa Akkuş (AkkuS) # Vendor: SITEMAKIN #...
View ArticleClik here to view.
Oracle WebCenter Sites 11.1.1.8.0/12.2.1.x - Cross-Site Scripting
EDB-ID: 44752Author: Richard AlviarezPublished: 2018-05-25CVE: CVE-2018-2791 Type: WebappsPlatform: MultipleVulnerable App: N/A Server) 7.x < 11gR1 # Dork: inurl:Satellite?c # Date: 18.12.201 #...
View ArticleClik here to view.
SAP Internet Transaction Server 6200.x - Session Fixation / Cross-Site...
EDB-ID: 44755Author: J. Carrillo LencinaPublished: 2018-05-25CVE: CVE-2018-11415 Type: WebappsPlatform: MultipleVulnerable App: N/A # Dork: /scripts/wgate/ # Date: 25.05.2018 # Exploit Author: J....
View ArticleClik here to view.
Skia and Firefox - Integer Overflow in SkTDArray Leading to Out-of-Bounds Write
EDB-ID: 44759Author: Google Security ResearchPublished: 2018-05-25CVE: CVE-2018-5159 Type: DosPlatform: MultipleAliases: N/AAdvisory/Source: LinkTags: Out Of Bounds, Integer OverflowVulnerable App: N/A...
View ArticleClik here to view.
Oracle WebCenter FatWire Content Server < 7 - Improper Access Control
EDB-ID: 44757Author: Sebastian CornejoPublished: 2018-05-25CVE: CVE-2017-10033 Type: WebappsPlatform: LinuxVulnerable App: N/A # Dork: inurl:Satellite?pagename # Date: 2017-10-17 # Exploit Author:...
View ArticleClik here to view.
Microsoft Edge Chakra - Cross Context Use-After-Free
EDB-ID: 44758Author: Google Security ResearchPublished: 2018-05-25CVE: CVE-2018-0946 Type: DosPlatform: WindowsAliases: N/AAdvisory/Source: LinkTags: Use After Free (UAF)Vulnerable App: N/A 1....
View ArticleClik here to view.
D-Link DSL-2750B - OS Command Injection (Metasploit)
EDB-ID: 44760Author: MetasploitPublished: 2018-05-25CVE: N/A Type: RemotePlatform: HardwareAliases: N/AAdvisory/Source: LinkTags: Metasploit Framework (MSF), Command InjectionVulnerable App: N/A # This...
View ArticleClik here to view.
mySurvey 1.0 - 'id' SQL Injection
EDB-ID: 44766Author: AkkuSPublished: 2018-05-26CVE: N/A Type: WebappsPlatform: PHPVulnerable App: N/A # Dork: N/A # Date: 25.05.2018 # Exploit Author: Özkan Mustafa Akkuş (AkkuS) # Vendor Homepage:...
View ArticleClik here to view.
EasyService Billing 1.0 - 'q' SQL Injection
EDB-ID: 44765Author: Divya JainPublished: 2018-05-26CVE: CVE-2018-11444 Type: WebappsPlatform: PHPVulnerable App: N/A # Exploit Title: EasyService Billing 1.0 SQL Injection on page...
View ArticleClik here to view.
easyLetters 1.0 - 'id' SQL Injection
EDB-ID: 44767Author: AkkuSPublished: 2018-05-26CVE: N/A Type: WebappsPlatform: PHPVulnerable App: N/A # Dork: N/A # Date: 25.05.2018 # Exploit Author: Özkan Mustafa Akkuş (AkkuS) # Vendor Homepage:...
View ArticleClik here to view.
Symfony 2.7.0 < 4.0.10 - Denial of Service
EDB-ID: 44768Author: Federico StangePublished: 2018-05-26CVE: N/A Type: DosPlatform: PHPVulnerable App: N/A An application is vulnerable when: - It is using PDOSessionHandler to store its sessions; -...
View ArticleClik here to view.
Oracle WebCenter (Fatwire) 7.x Cross Site Scripting
Oracle WebCenter versions 7.x prior to 11gR1 suffer from multiple cross site scripting vulnerabilities.MD5 | f3b2a6ff308869a19a7de037bfd7c7d7Download# Application: Oracle WebCenter Sites (FatWire...
View ArticleClik here to view.
Android OS FLAG_SECURE Information Disclosure
Android OS did not use the FLAG_SECURE flag for sensitive settings, potentially exposing sensitive data to other applications on the same device with the screen capture permissions. The vendor (Google)...
View ArticleClik here to view.
Symfony PdoSessionHandler Denial Of Service
Symfony versions 2.7.0 up to but not including 4.0.10 suffer from a denial of service vulnerability.MD5 | 4a5da39e598d6b9e2c67117935f6ce7cDownloadSource:packetstormsecurity.com
View ArticleClik here to view.
KomSeo Cart 1.3 SQL Injection
KomSeo Cart version 1.3 suffers from a remote SQL injection vulnerability.MD5 | a35edf6b3f6ddb9da3500aa37bdba9f2Download# Exploit Title: KomSeo Cart 1.3 - 'edit.php' SQL Injection# Dork: N/A# Date:...
View ArticleClik here to view.
MyBB Moderator Log Notes 1.1 Cross Site Scripting
MyBB Moderator Log Notes plugin version 1.1 suffers from a cross site scripting vulnerability.MD5 | c8b9c3ea3ab1417a75a93cc210758d0bDownload# Exploit Title: MyBB Moderator Log Notes Plugin 1.1 -...
View ArticleClik here to view.
SAP Internet Transaction Server 6200.x Session Fixation / Cross Site Scripting
SAP Internet Transaction Server 6200.x suffers from session fixation and cross site scripting vulnerabilities.MD5 | 5f425a0378b0023e63a4376f5f7c1283Download# Exploit Title: SAP Internet Transaction...
View ArticleClik here to view.
Oracle WebCenter (Fatwire) Improper Access Control
Oracle WebCenter (Fatwire) Content Server versions prior to 7 suffer from an improper access control vulnerability.MD5 | d8910a7d98d0280a9d45740f1b6a3484Download# Exploit Title: Oracle WebCenter...
View ArticleClik here to view.
Microsoft Windows Paint Security Feature Bypass / Unsafe File Creation
Microsoft Windows Paint suffers from security feature bypass and unsafe file creation vulnerabilities.MD5 | da3594505f62c1e8ec64fd08c44fb673DownloadSource:packetstormsecurity.com
View ArticleClik here to view.
Ruckus (Brocade) ICX7450-48 Reflected Cross Site Scripting
Ruckus (Brocade) ICX7450-48 web application has a reflected cross site scripting vulnerability. A successful exploit could allow the attacker to execute arbitrary script code in the context of the...
View Article