Clik here to view.
Pale Moon Browser < 27.9.3 - Use After Free (PoC)
EDB-ID: 44900Author: Berk Cem GökselPublished: 2018-06-18CVE: CVE-2018-12292 Type: LocalPlatform: WindowsVulnerable App: N/A # Date: 2018-06-13 # Author - Berk Cem Goksel # Vendor Homepage:...
View ArticleClik here to view.
Redis-cli < 5.0 - Buffer Overflow (PoC)
EDB-ID: 44904Author: Fakhri ZulkifliPublished: 2018-06-18CVE: CVE-2018-12326 Type: LocalPlatform: LinuxVulnerable App: N/A # Date: 2018-06-13 # Exploit Author: Fakhri Zulkifli # Vendor Homepage:...
View ArticleClik here to view.
Airbnb Knowledge Repo CVE-2018-12104 Cross Site Scripting Vulnerability
Airbnb Knowledge Repo is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code...
View ArticleClik here to view.
CheckSec Canopy Cross Site Scripting
CheckSec Canopy versions 3.x before 3.0.7 suffer from a persistent cross site scripting vulnerability.MD5 | daa2b14fa0901040bb1767ab4d5b50bfDownload[Title]XSS in Canopy login...
View ArticleClik here to view.
MagniComp SysInfo Information Exposure
MagniComp SysInfo contains a information exposure vulnerability through debug functionality. Versions SysInfo 10-H81 and above are not affected.MD5 | 05af244c6663efde83caac79a67b4878DownloadMagniComp...
View ArticleClik here to view.
Microsoft Windows Desktop Bridge Activation Arbitrary Directory Creation
The activator for Desktop Bridge applications calls CreateAppContainerToken while running as a privileged account leading to creation of arbitrary object directories leading to privilege escalation.MD5...
View ArticleClik here to view.
Microsoft Windows Desktop Bridge Virtual Registry Incomplete Fix
The handling of the virtual registry for desktop bridge applications can allow an application to create arbitrary files as system resulting in privilege escalation. This is because the fix for...
View ArticleClik here to view.
Mirasys DVMS Workstation 5.12.6 - Path Traversal
EDB-ID: 44907Author: OnvioPublished: 2018-06-20CVE: N/A Type: WebappsPlatform: WindowsVulnerable App: N/A # Date: 10-06-2018 # Exploit Author: Onvio, Dick Snel, https://www.onvio.nl # Vendor Homepage:...
View ArticleClik here to view.
Redis 5.0 - Denial of Service
EDB-ID: 44908Author: Fakhri ZulkifliPublished: 2018-06-20CVE: CVE-2018-12453 Type: DosPlatform: LinuxVulnerable App: N/A # Date: 2018-06-13 # Exploit Author: Fakhri Zulkifli (@d0lph1n98) # Vendor...
View ArticleClik here to view.
ntp 4.2.8p11 - Local Buffer Overflow (PoC)
EDB-ID: 44909Author: Fakhri ZulkifliPublished: 2018-06-20CVE: CVE-2018-12327 Type: DosPlatform: LinuxVulnerable App: # Date: 2018-06-06 # Exploit Author: Fakhri Zulkifli (@d0lph1n98) # Vendor Homepage:...
View ArticleClik here to view.
MaDDash 2.0.2 - Directory Listing
EDB-ID: 44910Author: ManhNhoPublished: 2018-06-20CVE: CVE-2018-12522... Type: WebappsPlatform: JavaVulnerable App: N/A # Date: 2018-06-18 # Vendor: perfSONAR # Download Link:...
View ArticleClik here to view.
NewMark CMS 2.1 - 'sec_id' SQL Injection
EDB-ID: 44911Author: Berk DusunurPublished: 2018-06-20CVE: N/A Type: WebappsPlatform: LinuxVulnerable App: N/A # Google Dork: /catalog/?sect_id= # Date: 2018-06-20 # Exploit Author: Berk Dusunur #...
View ArticleClik here to view.
Apache CouchDB < 2.1.0 - Remote Code Execution
EDB-ID: 44913Author: Cody ZachariasPublished: 2018-06-20CVE: CVE-2017-12636 Type: WebappsPlatform: LinuxVulnerable App: N/A # Author: Cody Zacharias # Shodan Dork: port:5984 # Vendor Homepage:...
View ArticleClik here to view.
TP-Link TL-WA850RE - Remote Command Execution
EDB-ID: 44912Author: yoresongoPublished: 2018-06-20CVE: N/A Type: WebappsPlatform: HardwareVulnerable App: N/A # Exploit Title: TP-Link Technologies TL-WA850RE Wi-Fi Range Extender - Command Execution...
View ArticleClik here to view.
Windows 10 - Desktop Bridge Virtual Registry CVE-2018-0880 Incomplete Fix...
EDB-ID: 44915Author: Google Security ResearchPublished: 2018-06-20CVE: CVE-2018-8214 Type: DosPlatform: WindowsAliases: N/AAdvisory/Source: LinkTags: LocalVulnerable App: N/A Platform: Windows 1709...
View ArticleClik here to view.
Windows 10 - Desktop Bridge Activation Arbitrary Directory Creation...
EDB-ID: 44914Author: Google Security ResearchPublished: 2018-06-20CVE: CVE-2018-8208 Type: DosPlatform: WindowsAliases: N/AAdvisory/Source: LinkTags: LocalVulnerable App: N/A Platform: Windows 10 1703,...
View ArticleClik here to view.
IPConfigure Orchid VMS 2.0.5 - Directory Traversal Information Disclosure...
EDB-ID: 44916Author: NettitudePublished: 2018-06-20CVE: CVE-2018-10956 Type: WebappsPlatform: MultipleAliases: N/AAdvisory/Source: LinkTags: Metasploit Framework (MSF), TraversalVulnerable App: class...
View ArticleClik here to view.
VideoInsight WebClient 5 - SQL Injection
EDB-ID: 44917Author: vosecPublished: 2018-06-20CVE: N/A Type: WebappsPlatform: WindowsVulnerable App: N/A # Date: 2018-05-06 # Author: vosec # Vendor Homepage: https://www.security.us.panasonic.com/ #...
View ArticleClik here to view.
LFCMS 3.7.0 - Cross-Site Request Forgery (Add User)
EDB-ID: 44918Author: bay0netPublished: 2018-06-21CVE: CVE-2018-12602 Type: WebappsPlatform: PHPVulnerable App: N/A # Date: 2018-06-20 # Exploit Author: bay0net # Vendor Homepage:...
View ArticleClik here to view.
LFCMS 3.7.0 - Cross-Site Request Forgery (Add Admin)
EDB-ID: 44919Author: bay0netPublished: 2018-06-21CVE: CVE-2018-12603 Type: WebappsPlatform: PHPVulnerable App: N/A # Date: 2018-06-20 # Exploit Author: bay0net # Vendor Homepage:...
View Article