Clik here to view.
NethServer 7.3.1611 Upload.json CSRF Script Insertion
NethServer version 7.3.1611 suffers from a cross site request forgery script insertion vulnerability in Upload.json.MD5 | a9980262ca1346b7e14b6a1188a41a1dDownloadNethServer 7.3.1611 (Upload.json) CSRF...
View ArticleClik here to view.
NethServer 7.3.1611 CSRF Create User / Enable SSH Access
NethServer version 7.3.1611 suffers from a cross site request forgery vulnerability that allows you to create a user and enable SSH access.MD5 |...
View ArticleClik here to view.
NethServer 7.3.1611 - Cross-Site Request Forgery (Create User / Enable SSH...
EDB-ID: 42580Author: LiquidWormPublished: 2017-08-28CVE: N/A Type: WebappsPlatform: JSONVulnerable App: N/A NethServer 7.3.1611 (create.json) CSRF Create User And Enable SSH Access Vendor:...
View ArticleClik here to view.
PHP Video Battle Script 1.0 - SQL Injection
EDB-ID: 42585Author: Ihsan SencanPublished: 2017-08-28CVE: N/A Type: WebappsPlatform: PHPVulnerable App: N/A # Exploit Title: PHP Video Battle Script 1.0 - SQL Injection # Dork: N/A # Date: 28.08.2017...
View ArticleClik here to view.
NethServer 7.3.1611 - Cross-Site Request Forgery / Cross-Site Scripting
EDB-ID: 42579Author: LiquidWormPublished: 2017-08-28CVE: N/A Type: WebappsPlatform: JSONVulnerable App: N/A Vendor: NethServer.org Product web page: https://www.nethserver.org Affected version:...
View ArticleClik here to view.
Car or Cab Booking Script - Authentication Bypass
EDB-ID: 42582Author: Ali BawazeEerPublished: 2017-08-28CVE: N/A Type: WebappsPlatform: PHPVulnerable App: N/A <!-- # Exploit Title: Car or Cab Booking Script - SQL injection login bypass # Exploit...
View ArticleClik here to view.
PHP Appointment Booking Script - Authentication Bypass
EDB-ID: 42583Author: Ali BawazeEerPublished: 2017-08-28CVE: N/A Type: WebappsPlatform: PHPVulnerable App: N/A <!-- # Exploit Title: PHP Appointment Booking Script - injection login bypass # Exploit...
View ArticleClik here to view.
Easy Vedio to PSP Converter 1.6.20 - Buffer Overflow (SEH)
EDB-ID: 42586Author: Kishan SharmaPublished: 2017-08-28CVE: N/A Type: LocalPlatform: WindowsVulnerable App: ############################################################################### # Exploit...
View ArticleClik here to view.
User Login and Management - Multiple Vulnerabilities
EDB-ID: 42584Author: Ali BawazeEerPublished: 2017-08-29CVE: N/A Type: WebappsPlatform: PHPVulnerable App: N/A |<!-- # Exploit Title: User Login and Management PHP Script - multiple vulnerabilities #...
View ArticleClik here to view.
D-Link DIR-600 - Authentication Bypass
EDB-ID: 42581Author: Jithin D KurupPublished: 2017-08-29CVE: CVE-2017-12943 Type: WebappsPlatform: HardwareVulnerable App: N/A # CVE - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12943 #...
View ArticleClik here to view.
Microsoft Windows PPL Process Injection Privilege Escalation
Microsoft Windows suffers from an issue where it is possible to inject code into a PPL protected process by hijacking COM objects leading to accessing PPL processes such as Lsa and AntiMalware from an...
View ArticleClik here to view.
QNAP Transcode Server Command Execution
This Metasploit module exploits an unauthenticated remote command injection vulnerability in QNAP NAS devices. The transcoding server listens on port 9251 by default and is vulnerable to command...
View ArticleClik here to view.
VX Search Enterprise 10.0.14 Buffer Overflow
VX Search Enterprise version 10.0.14 remote buffer overflow exploit.MD5 | c8f09635695ec66379ee35d50d113636Download#!/usr/bin/env python# Exploit Title : VX Search Enterprise v10.0.14 Remote Buffer...
View ArticleClik here to view.
Posty 1.0 SQL Injection
Posty version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.MD5 | db0f72a6622942ad9f7581d8e6777385Download# # # # # # # # # # # # # # # # # # # # # # # # #...
View ArticleClik here to view.
Matrimony 2.7 Cross Site Request Forgery
Matrimony version 2.7 suffers from a cross site request forgery vulnerability.MD5 | 739ff1451258b5d5a264b09d0b92a4b1Download# # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # #...
View ArticleClik here to view.
MISP 2.4.79 Cross Site Scripting
MISP (Malware Information Sharing Platform and Threat Sharing) versions 2.4.79 and below suffer from a cross site scripting vulnerability.MD5 | 48c1325c037dabcc6976b7e66d262524DownloadHi list,We have...
View ArticleClik here to view.
The Next Generation Of Genealogy Sitebuilding SQL Injection
The Next Generation of Genealogy Sitebuilding versions prior to 11.1.1 suffer from a remote SQL injection vulnerability.MD5 |...
View ArticleClik here to view.
Brickcom IP Camera - Credentials Disclosure
EDB-ID: 42588Author: Emiliano IparPublished: 2017-08-29CVE: N/A Type: WebappsPlatform: HardwareVulnerable App: N/A ======================================== Title: Brickcom IP-Camera Remote Credentials...
View ArticleClik here to view.
Joomla! Component Quiz Deluxe 3.7.4 - SQL Injection
EDB-ID: 42589Author: Ihsan SencanPublished: 2017-08-30CVE: N/A Type: WebappsPlatform: PHPVulnerable App: N/A # Exploit Title: Joomla! Component Quiz Deluxe 3.7.4 - SQL Injection # Dork: N/A # Date:...
View ArticleClik here to view.
Joomla! Component Joomanager 2.0.0 - Arbitrary File Download
EDB-ID: 42590Author: Ihsan SencanPublished: 2017-08-30CVE: N/A Type: WebappsPlatform: PHPVulnerable App: N/A # Exploit Title: Joomla! Component Joomanager 2.0.0 - Arbitrary File Download # Dork: N/A #...
View Article