Clik here to view.
ADB Authorization Bypass
Depending on the firmware version/feature-set of the ISP deploying the ADB device, a standard user account may not have all settings enabled within the web GUI. An authenticated attacker is able to...
View ArticleClik here to view.
ADB Group Manipulation Privilege Escalation
An attacker with standard / low access rights within the web GUI is able to gain access to the CLI (if it has been previously disabled by the configuration) and escalate his privileges. Depending on...
View ArticleClik here to view.
Intel Processor Diagnostic Tool (IPDT) Privilege Escalation
Intel Processor Diagnostic Tool (IPDT) versions prior to 4.1.0.27 suffer from three code execution and privilege escalation vulnerabilities.MD5 | e27a62a998247161335280f046236c59DownloadHi @ll,the...
View ArticleClik here to view.
SoftExpert Excellence Suite 2.0 SQL Injection
SoftExpert Excellence Suite version 2.0 suffers from a remote SQL injection vulnerability.MD5 | 6e9dfb20185111d3b41a7c5c89f34a9eDownload# Exploit Title: SoftExpert Excellence Suite 2.0 - 'cddocument'...
View ArticleClik here to view.
PolarisOffice 2017 8 - Remote Code Execution
EDB-ID: 44985Author: hyp3rlinxPublished: 2018-07-06CVE: CVE-2018-12589 Type: RemotePlatform: WindowsVulnerable App: N/A [+] Website: hyp3rlinx.altervista.org [+] Source:...
View ArticleClik here to view.
Airties AIR5444TT - Cross-Site Scripting
EDB-ID: 44986Author: Raif Berkay DincelPublished: 2018-07-06CVE: CVE-2018-8738 Type: WebappsPlatform: WindowsVulnerable App: N/A # Date: 2018-07-06 # Exploit Author: Raif Berkay Dincel # Vendor...
View ArticleClik here to view.
Info-Zip Zip 3.0-11 Crash
Info-Zip's zip binary version 3.0-11 may suffer from an off by one vulnerability.MD5 | 6139519aad8232ae7c1faab25f613857DownloadHello,I found info-zip's zip command's crash.This vulnerability is occured...
View ArticleClik here to view.
RSA Identity Governance And Lifecycle Uncontrolled Search Path
RSA Identity Governance and Lifecycle, RSA Via Lifecycle and Governance, and RSA IMG releases have an uncontrolled search vulnerability. The installation scripts set an environment variable in an...
View ArticleClik here to view.
Subrion CMS 4.2.1 Cross Site Scripting
Subrion CMS version 4.2.1 suffers from a persistent cross site scripting vulnerability.MD5 | c050d3f68c4691a99cbb80bb3bbb2b64Download# Exploit Title: [ Stored XSS at Subrion CMS 4.2.1 ]# Date: [...
View ArticleClik here to view.
Airties AIR5444TT Cross Site Scripting
Airties AIR5444TT suffers from a cross site scripting vulnerability.MD5 | 0dd6ee33fe368a4f8be66f74c0a28165Download# Exploit Title: Airties AIR5444TT - Cross-Site Scripting# Date: 2018-07-06 # Exploit...
View ArticleClik here to view.
SeoChecker 1.9.2 Cross Site Scripting
SeoChecker Umbraco CMS plugin version 1.9.2 suffers from stored cross site scripting vulnerabilities.MD5 | a96d379727f9195ab3a19721905af0f2Download####################### Author Information...
View ArticleClik here to view.
Linux Awk To Perl Translator Buffer Overflow
Linux Awk to Perl (/usr/bin/a2p) suffers from a buffer overflow vulnerability.MD5 | 5f941b7a5f120e4ea63ce6593fdf699aDownload### Linux Awk to Perl translator `/usr/bin/a2p` Buffer Overflow (PoC)##...
View ArticleClik here to view.
GitList 0.6.0 Argument Injection
This Metasploit module exploits an argument injection vulnerability in GitList version 0.6.0. The vulnerability arises from GitList improperly validating input using the php function...
View ArticleClik here to view.
HID discoveryd command_blink_on Unauthenticated Remote Command Execution
This Metasploit module exploits an unauthenticated remote command execution vulnerability in the discoveryd service exposed by HID VertX and Edge door controllers. This Metasploit module was tested...
View ArticleClik here to view.
HP VAN SDN Controller Root Command Injection
This Metasploit module exploits a hardcoded service token or default credentials in HPE VAN SDN Controller versions 2.7.18.0503 and below to execute a payload as root. A root command injection was...
View ArticleClik here to view.
Activision Infinity Ward Call of Duty Modern Warfare 2 - Buffer Overflow
EDB-ID: 44987Author: Maurice HeumannPublished: 2018-07-09CVE: CVE-2018-10718 Type: RemotePlatform: WindowsVulnerable App: N/A # Date: 14-12-2017 # Exploit Author: Maurice Heumann # Contact:...
View ArticleClik here to view.
Apache Solr CVE-2018-8026 XML External Entity Multiple Information Disclosure...
Apache Solr is prone to multiple information-disclosure vulnerabilities. An attacker can exploit these issues to gain access to sensitive information that may lead to further attacks. Apache Solr...
View ArticleClik here to view.
Boxoft WAV To WMA Converter 1.0 Buffer Overflow
Boxoft WAV to WMA Converter version 1.0 local SEH buffer overflow exploit.MD5 | c8413f466674af9bf346693014e1a07dDownload# Exploit Title: Boxoft wav-wma Converter - Local Buffer Overflow (SEH) # Date:...
View ArticleClik here to view.
Linux/x86 Kill Process Shellcode
20 bytes small Linux/x86 kill process shellcode.MD5 | 85b2934d4f610ce119d7650948da097eDownload/* Exploit Title: Kill PID shellcode Date: 07/09/2018 Exploit Author: Nathu Nandwani Platform: Linux/x86...
View ArticleClik here to view.
Grundig Smart Inter@ctive 3.0 Insecure Direct Object Reference
Grundig Smart Inter@ctive version 3.0 suffers from an insecure direct object reference vulnerability.MD5 | 962b3362b63453f87e81101d6581d13dDownload# Exploit Title: Grundig Smart Remote App CSRF# Google...
View Article