Clik here to view.
NfSec 1.3.7 / AlienVault USM/OSSIM 5.3.4 Command Injection
NfSec version 1.3.7 and AlienVault USM/OSSIM version 5.3.4 suffer from a remote command injection vulnerability.MD5 | a5c06ecae8b80e27d7f7876e20f6c2d1Download# Exploit Title: NfSen/AlienVault remote...
View ArticleClik here to view.
Pulse Connect Secure 8.3R1 CSRF / XSS
Pulse Connect Secure version 8.3R1 suffer from cross site scripting and cross site request forgery vulnerabilities.MD5 | f881d55ec2c771f14be93daa0a0887bfDownloadSource:packetstormsecurity.com
View ArticleClik here to view.
Rise Ultimate Project Manager 1.8 Cross Site Scripting
Rise Ultimate Project Manager version 1.8 suffers from a cross site scripting vulnerability.MD5 | 777631a23b625f4d7d95e352bf19262cDownload# Exploit Title: Rise Ultimate Project Manager - Authenticated...
View ArticleClik here to view.
Apache Impala 2.8.0 Authentication Bypass
Apache Impala versions 2.7.0 through 2.8.0 suffers from an information disclosure vulnerability. It was noticed that a malicious process impersonating an Impala daemon could cause Impala daemons to...
View ArticleClik here to view.
Apache Impala 2.8.0 Plain-Text Information Disclosure
Apache Impala versions 2.7.0 through 2.8.0 suffers from an information disclosure vulnerability. During a routine security analysis, it was found that one of the ports sent data in plaintext even when...
View ArticleClik here to view.
Shenzhen C-Data CD7201 Command Injection / Cross Site Scripting
Shenzhen C-Data CD7201 with software version 2.4.6b and firmware version 7.1.0 suffer from authentication bypass, command injection, and cross site scripting vulnerabilities.MD5 |...
View ArticleClik here to view.
Schneider Electric Pelco Sarix/Spectra Cameras XSS
Pelco cameras suffer from multiple dom-based, stored and reflected XSS vulnerabilities when input passed via several parameters to several scripts is not properly sanitized before being returned to the...
View ArticleClik here to view.
Schneider Electric Pelco Sarix/Spectra Cameras CSRF Enable SSH Root Access
Pelco IP cameras suffer from a cross site request forgery vulnerability. The application interface allows users to perform certain actions via HTTP requests without performing any validity checks to...
View ArticleClik here to view.
Schneider Electric Pelco Sarix/Spectra Cameras Root Remote Code Execution
Pelco IP cameras suffer from a code execution vulnerability. The affected cameras suffer from authenticated remote code execution vulnerability. The POST parameter 'enable_leds' located in the update()...
View ArticleClik here to view.
Schneider Electric Pelco VideoXpert Privilege Escalation
Schneider Electric Pelco VideoXpert is vulnerable to an elevation of privileges vulnerability which can be used by a simple user that can change the executable file with a binary of choice. The...
View ArticleClik here to view.
Schneider Electric Pelco VideoXpert Core Admin Portal Directory Traversal
Pelco VideoXpert suffers from a directory traversal vulnerability. Exploiting this issue will allow an unauthenticated attacker to view arbitrary files within the context of the web server.MD5 |...
View ArticleClik here to view.
Schneider Electric Pelco VideoXpert Missing Encryption
Schneider Electric Pelco VideoXpert transmits sensitive data using double Base64 encoding for the Cookie 'auth_token' in a communication channel that can be sniffed by unauthorized actors or...
View ArticleClik here to view.
WMI Event Subscription Persistence
This Metasploit module will create a permanent WMI event subscription to achieve file-less persistence using one of five methods.MD5 | 9b9c4b840ab1d202f27dcae39886e71aDownload### This module requires...
View ArticleClik here to view.
Pelco VideoXpert 1.12.105 - Directory Traversal
EDB-ID: 42311Author: LiquidWormPublished: 2017-07-10CVE: N/A Type: WebappsPlatform: WindowsVulnerable App: N/A Vendor: Schneider Electric SE Product web page: https://www.pelco.com Affected version:...
View ArticleClik here to view.
Pelco Sarix/Spectra Cameras - Cross-Site Request Forgery / Cross-Site Scripting
EDB-ID: 42307Author: LiquidWormPublished: 2017-07-10CVE: N/A Type: WebappsPlatform: HardwareVulnerable App: N/A Vendor: Schneider Electric SE Product web page: https://www.pelco.com Affected version:...
View ArticleClik here to view.
Pelco VideoXpert 1.12.105 - Privilege Escalation
EDB-ID: 42310Author: LiquidWormPublished: 2017-07-10CVE: N/A Type: LocalPlatform: WindowsVulnerable App: N/A Vendor: Schneider Electric SE Product web page: https://www.pelco.com Affected version: Core...
View ArticleClik here to view.
Pelco Sarix/Spectra Cameras - Remote Code Execution
EDB-ID: 42309Author: LiquidWormPublished: 2017-07-10CVE: N/A Type: WebappsPlatform: HardwareVulnerable App: N/A Vendor: Schneider Electric SE Product web page: https://www.pelco.com Affected version:...
View ArticleClik here to view.
Pelco VideoXpert 1.12.105 - Information Disclosure
EDB-ID: 42312Author: LiquidWormPublished: 2017-07-10CVE: N/A Type: WebappsPlatform: WindowsVulnerable App: N/A Vendor: Schneider Electric SE Product web page: https://www.pelco.com Affected version:...
View ArticleClik here to view.
Pelco Sarix/Spectra Cameras - Cross-Site Request Forgery (Enable SSH Root...
EDB-ID: 42308Author: LiquidWormPublished: 2017-07-10CVE: N/A Type: WebappsPlatform: HardwareVulnerable App: N/A Vendor: Schneider Electric SE Product web page: https://www.pelco.com Affected version:...
View ArticleClik here to view.
Microsoft Windows Windows 7/8.1/2008 R2/2012 R2/2016 R2 - 'EternalBlue' SMB...
EDB-ID: 42315Author: sleepyaPublished: 2017-07-11CVE: N/A Type: RemotePlatform: WindowsAliases: EternalBlueAdvisory/Source: LinkTags: N/AVulnerable App: N/A from impacket import smb, smbconnection from...
View Article