Clik here to view.
PhpIX 2012 Professional (Beta) SQL Injection
PhpIX 2012 Professional (Beta) suffers from a remote SQL injection vulnerability.MD5 |...
View ArticleClik here to view.
Business Live Chat Software 1.0 Cross Site Request Forgery
Business Live Chat Software version 1.0 suffers from a cross site request forgery vulnerability.MD5 | 1d1320830e23d19fa1d2597a945b9b99Download# Exploit Title: Business Live Chat Software 1.0 -...
View ArticleClik here to view.
PHP-Fusion CMS 9.03 Cross Site Scripting
PHP-Fusion CMS versions 9 through 9.03 suffer from multiple cross site scripting vulnerabilities.MD5 | 36a37562129264fbf48b58ea5bfeefa3DownloadSEC Consult Vulnerability Lab Security Advisory <...
View ArticleClik here to view.
Comtrend VR-3033 Command Injection
Comtrend VR-3033 suffers from a command injection vulnerability.MD5 | 1068034443ae0a1d32707c90982e884dDownload##Timeline :*Bug sent to vendor : 17-02-2020*No Response after 10 days* Public disclosure:...
View ArticleClik here to view.
Samsung Kernel /dev/vipx Pointer Leak
The function __vipx_ioctl_put_container() in the Samsung kernel calls copy_to_user() on a vs4l_container_list structure that contains a kernel pointer, exposing that kernel pointer to userspace just...
View ArticleClik here to view.
Samsung Kernel /dev/hdcp2 hdcp_session_close() Race Condition
In the Samsung kernel, the /dev/hdcp2 device ioctls seem to implement no locking, leading to multiple exploitable race conditions. For example, you can open a session with the HDCP_IOC_SESSION_OPEN...
View ArticleClik here to view.
XNU tcp_input Use-After-Free
XNU suffers from a use-after-free vulnerability in tcp_input.MD5 | 5109da3d6da1dda43fca2c712bf5f5a2DownloadSource:packetstormsecurity.com
View ArticleClik here to view.
Samsung Kernel Arbitrary /dev/vipx / /dev/vertex kfree
This function, reached through ioctl VS4L_VERTEXIOC_QBUF in the Samsung kernel, has an error case that cannot function correctly. It reads in an array of pointers from userspace and in-place replaces...
View ArticleClik here to view.
Chrome DesktopMediaPickerController::WebContentsDestroyed Use-After-Free
Chrome suffers from a heap use-after-free vulnerability in DesktopMediaPickerController::WebContentsDestroyed.MD5 | 696153f1a945a02c625d23a13667f869DownloadSource:packetstormsecurity.com
View ArticleClik here to view.
Nimsoft nimcontroller 7.80 Remote Code Execution
Nimsoft nimcontroller version 7.80 suffers from an unauthenticated remote code execution vulnerability.MD5 |...
View ArticleClik here to view.
qdPM Remote Code Execution
qdPM versions prior to 9.1 suffer from a remote shell upload vulnerability that allows for remote code execution.MD5 |...
View ArticleClik here to view.
Microsoft Windows Kernel Privilege Escalation
This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target...
View ArticleClik here to view.
MITREid 1.3.3 Cross Site Scripting
MITREid versions 1.3.3 and below suffer from a cross site scripting vulnerability.MD5 | 4af01c468a0b4372b4ec0d37a9c3cbb6DownloadMITREid Connect...
View ArticleClik here to view.
Joplin Desktop 1.0.184 Cross Site Scripting
Joplin Desktop version 1.0.184 suffers from a cross site scripting vulnerability.MD5 | a39577ab43a6ccb0a439fe8666c863acDownload# Exploit Title: Joplin Desktop 1.0.184 - Cross-Site Scripting# Exploit...
View ArticleClik here to view.
Wing FTP Server 6.2.5 Privilege Escalation
Wing FTP Server version 6.2.5 suffers from a privilege escalation vulnerability.MD5 | 94c9cff08d8ed9f26e94d37311beaa3fDownload# Exploit Title: Wing FTP Server 6.2.5 - Privilege Escalation# Google Dork:...
View ArticleClik here to view.
TP-Link TL-WR849N Remote Code Execution
TP-Link TL-WR849N suffers from a remote code execution vulnerability.MD5 | edfc7196db196658aa9ca7bde6deb539Download# Exploit Title: TP LINK TL-WR849N - Remote Code Execution# Date: 2019-11-20# Exploit...
View ArticleClik here to view.
WordPress Tutor LMS 1.5.3 Cross Site Request Forgery
WordPress Tutor LMS plugin version 1.5.3 suffers from a cross site request forgery vulnerability.MD5 | a3195f351910c4acd40c82f3afff25c6Download# Exploit Title: Wordpress Plugin Tutor LMS 1.5.3 -...
View ArticleClik here to view.
TP-Link TL-WR849N 0.9.1 4.16 Authentication Bypass
TP-Link TL-WR849N version 0.9.1 4.16 suffers from a firmware upload authentication bypass vulnerability.MD5 | 5fc10515451b2b85ebfa1e9f129e6190Download# Exploit Title: TL-WR849N 0.9.1 4.16 -...
View ArticleClik here to view.
Cyberoam Authentication Client 2.1.2.7 Buffer Overflow
Cyberoam Authentication Client version 2.1.2.7 suffers from a buffer overflow vulnerability.MD5 | eddba6d1362143102912cf298aa013f1Download# Exploit Title: Cyberoam Authentication Client 2.1.2.7 -...
View ArticleClik here to view.
Netis WF2419 2.2.36123 Remote Code Execution
Netis WF2419 version 2.2.36123 suffers from a remote code execution vulnerability.MD5 | dbd50affdbcb32ab1bb41adb5453cfebDownload# Exploit Title: Netis WF2419 2.2.36123 - Remote Code Execution # Exploit...
View Article
