Clik here to view.
SoftNAS Cloud OS Command Injection
SoftNAS Cloud versions prior to 4.0.3 suffers from an OS command injection vulnerability.MD5 | 57b583fec32a0c97cd4069def2bbac44DownloadCore Security - Corelabs...
View ArticleClik here to view.
QNap QVR Client 5.1.1.30070 - 'Password' Denial of Service (PoC)
EDB-ID: 45092Author: Luis MartÃnezPublished: 2018-07-27CVE: N/A Type: DosPlatform: WindowsVulnerable App: N/A # Discovery by: Luis MartÃnez # Discovery Date: 2018-07-26 # Vendor Homepage:...
View ArticleClik here to view.
Online Trade 1 - Information Disclosure
EDB-ID: 45094Author: DhamotharanPublished: 2018-07-27CVE: CVE-2018-14328 Type: WebappsPlatform: LinuxVulnerable App: N/A # Exploit Author: Dhamotharan # Date: 2018-07-17 # Vendor Homepage:...
View ArticleClik here to view.
NetScanTools Basic Edition 2.5 - 'Hostname' Denial of Service (PoC)
EDB-ID: 45095Author: Luis MartÃnezPublished: 2018-07-27CVE: N/A Type: DosPlatform: WindowsVulnerable App: N/A # Discovery by: Luis MartÃnez # Discovery Date: 2018-07-26 # Vendor Homepage:...
View ArticleClik here to view.
Symfony Remote Information Disclosure
Symfony versions prior to 2.7.13 suffer from a remote information disclosure vulnerability when app_dev is enabled.MD5 | 24ccf4690feb930cce80b458f01201c7Download# Exploit Title: Symfony < 2.7.13 -...
View ArticleClik here to view.
Oracle OAM Padding Oracle CVE-2018-2879 Exploit
IntroductionThis exploit was developed during pentesting activity against oracle OAM 11.1.2.3.0. It was developed based on the technical description by...
View ArticleClik here to view.
ipPulse 1.92 - 'IP Address/HostName-Comment' Denial of Service (PoC)
EDB-ID: 45102Author: Luis MartÃnezPublished: 2018-07-30CVE: N/A Type: DosPlatform: WindowsVulnerable App: N/A # Discovery by: Luis Martinez # Discovery Date: 2018-07-27 # Vendor Homepage:...
View ArticleClik here to view.
IBM Sterling B2B Integrator Multiple Unspecified Cross Site Scripting...
IBM Sterling B2B Integrator is prone to multiple unspecified cross-site scripting vulnerabilities because it fails to sanitize user-supplied input. An attacker may leverage these issues to execute...
View ArticleClik here to view.
SoftNAS Cloud CVE-2018-14417 OS Command Injection Vulnerability
SoftNAS Cloud is prone to an OS command-injection vulnerability because it fails to properly sanitize user-supplied input. An attacker may exploit this issue to inject and execute arbitrary commands...
View ArticleClik here to view.
Microsoft Windows Kernel - 'win32k!NtUserConsoleControl' Denial of Service...
EDB-ID: 45104Author: vportalPublished: 2018-07-30CVE: N/A Type: DosPlatform: WindowsVulnerable App: N/A # Author: vportal # Date: 2018-07-27 # Vendor homepage: http://www.microsoft.com # Version:...
View ArticleClik here to view.
H2 Database 1.4.197 - Information Disclosure
EDB-ID: 45105Author: owodeltaPublished: 2018-07-30CVE: CVE-2018-14335 Type: WebappsPlatform: LinuxVulnerable App: N/A # Date: 2018-07-16 # Exploit Author: owodelta # Vendor Homepage: www.h2database.com...
View ArticleClik here to view.
Charles Proxy 4.2 - Local root Privilege Escalation
EDB-ID: 45107Author: Mark WadhamPublished: 2018-07-30CVE: CVE-2017-15358 Type: LocalPlatform: macOSAliases: N/AAdvisory/Source: LinkTags: LocalVulnerable App: N/A inspecting SSL traffic for any...
View ArticleClik here to view.
fusermount - user_allow_other Restriction Bypass and SELinux Label Control
EDB-ID: 45106Author: Google Security ResearchPublished: 2018-07-30CVE: CVE-2018-10906 Type: DosPlatform: LinuxAliases: N/AAdvisory/Source: LinkTags: N/AVulnerable App: N/A It is possible to bypass...
View ArticleClik here to view.
Super CMS Blog Pro PHP Script 1.0 Cross Site Scripting
Super CMS Blog Pro PHP Script version 1.0 suffers from a cross site scripting vulnerability.MD5 | 65c8fcb0181b7cc5639b9ffd8ad8014cDownload# Exploit Title: Super Cms Blog Pro PHP Script v1.0 - XSS#...
View ArticleClik here to view.
ProjectSend R1053 SQL Injection
ProjectSend version R1053 suffers from a remote SQL injection vulnerability.MD5 | e188d76af8d5bdbce988c0b31f144e58Download# Exploit Title: ProjectSend - SQL Injection# Date: 27/07/2018# Exploit Author:...
View ArticleClik here to view.
Responsive Filemanager 9.13.1 Server-Side Request Forgery
Responsive Filemanager version 9.13.1 suffers from a server-side request forgery vulnerability.MD5 | 9ea189ebe988e84ea737aadd00966199Download # Exploit Title: Responsive filemanager - SSRF# Date:...
View ArticleClik here to view.
Allok MOV Converter 4.6.1217 Buffer Overflow
Allok MOV Converter version 4.6.1217 suffers from a buffer overflow vulnerability.MD5 | d486d9122e1550d3d7d275716808a547Download# Exploit Title : Allok MOV Converter 4.6.1217 - Remote Buffer Overflow #...
View ArticleClik here to view.
ipPulse 1.92 Denial Of Service
ipPulse version 1.92 suffers from a denial of service vulnerability.MD5 | 8561c270f0c8f4d97c126caf721be7c8Download# Exploit Title : ipPulse 1.92 "Enter Key 'Name' - Denial of Service" [POC]# Discovery...
View ArticleClik here to view.
Microsoft Windows Kernel win32k!NtUserConsoleControl Denial Of Service
Microsoft Windows Kernel win32k!NtUserConsoleControl denial of service proof of concept exploit.MD5 | baeebc065565ab91d6585025b4f98177Download# Exploit Title: Microsoft Windows Kernel -...
View ArticleClik here to view.
H2 Database 1.4.197 Information Disclosure
H2 Database version 1.4.197 suffers from an information disclosure vulnerability.MD5 | 8c87f441c10407247f7e65eceec1ee6dDownload# Exploit Title: H2 Database 1.4.197 - Information Disclosure# Date:...
View Article