Clik here to view.
NSClient++ 0.5.2.35 Authenticated Remote Code Execution
NSClient++ version 0.5.2.35 suffers from an authenticated remote code execution vulnerability.MD5 | 68ce84ab7e7e2791a90fa81b059e375aDownload# Exploit Title: NSClient++ 0.5.2.35 - Authenticated Remote...
View ArticleClik here to view.
Spiderman2 2.1.1 Buffer Overflow
Spiderman2 version 2.1.1 suffers from a buffer overflow vulnerability.MD5 | 72b8f45c1f4a3f5253daa9b1399b79ddDownload# Exploit Title: Spiderman2 - Buffer Overflow# Exploit Author: HexraiN# Vendor...
View ArticleClik here to view.
jizhi CMS 1.6.7 Arbitrary File Download
jizhi CMS version 1.6.7 suffers from an arbitrary file download vulnerability.MD5 | ad568dbe47d72686d13f81d317694b8aDownload# Exploit Title: jizhi CMS 1.6.7 - Arbitrary File Download# Google Dork:...
View ArticleClik here to view.
Sysaid 20.1.11 b26 Remote Command Execution
Sysaid version 20.1.11 b26 suffers from an AJP13 remote command execution vulnerability.MD5 | aa02b3b8eb6735d2b6c2a11c9efc3402Download# Exploit Title: Sysaid 20.1.11 b26 - Remote Command Execution#...
View ArticleClik here to view.
PMB 5.6 SQL Injection
PMB version 5.6 suffers from a remote SQL injection vulnerability.MD5 | 0c69bdd7b85530a8fbd9d3ae78931726Download# Exploit Title: PMB 5.6 - 'logid' SQL Injection# Google Dork: inurl:opac_css# Date:...
View ArticleClik here to view.
P5 FNIP-8x16A/FNIP-4xSH CSRF / Cross Site Scripting
P5 FNIP-8x16A / FNIP-4xSH versions 1.0.20 and 1.0.11 suffer from cross site request forgery and cross site scripting vulnerabilities.MD5 | 1c782b6ec67ea3314c3e252545f9fbdfDownload<!--P5...
View ArticleClik here to view.
Neowise CarbonFTP 1.4 Insecure Proprietary Password Encryption
Neowise CarbonFTP version 1.4 suffers from an insecure proprietary password encryption implementation. Second version of this exploit that is updated to work with Python 3.MD5 |...
View ArticleClik here to view.
haproxy hpack-tbl.c Out-Of-Bounds Write
The haproxy hpack implementation in hpack-tbl.c handles 0-length HTTP headers incorrectly. This can lead to a fully controlled relative out-of-bounds write when processing a malicious HTTP2 request (or...
View ArticleClik here to view.
Mahara 19.10.2 Cross Site Scripting
Mahara version 19.10.2 suffers from a persistent cross site scripting vulnerability.MD5 | 2ceb51c35c29fa3430da64dc10fe32bcDownloadDocument Title:===============Mahara v19.10.2 CMS - Persistent Cross...
View ArticleClik here to view.
Sky File 2.1.0 Cross Site Scripting / Directory Traversal
Sky File version 2.1.0 for iOS suffers from cross site scripting and directory traversal vulnerabilities.MD5 | 68257141fc51e78cb831d3a1949e1aafDownloadDocument Title:===============Sky File v2.1.0 iOS...
View ArticleClik here to view.
QRadar Community Edition 7.3.1.6 Default Credentials
QRadar Community Edition version 7.3.1.6 is deployed with a default password for the ConfigServices account. Using this default password it is possible to download configuration sets containing...
View ArticleClik here to view.
QRadar Community Edition 7.3.1.6 Server Side Request Forgery
QRadar Community Edition version 7.3.1.6 has an issue where the RssFeedItem class of the QRadar web application is used to fetch and parse RSS feeds. No validation is performed on the user-supplied RSS...
View ArticleClik here to view.
QRadar Community Edition 7.3.1.6 CSRF / Weak Access Control
QRadar Community Edition version 7.3.1.6 suffers from cross site request forgery and weak access control vulnerabilities.MD5 |...
View ArticleClik here to view.
QRadar Community Edition 7.3.1.6 Cross Site Scripting
QRadar Community Edition version 7.3.1.6 suffers from a reflective cross site scripting vulnerability in the Forensics link analysis page.MD5 |...
View ArticleClik here to view.
QRadar Community Edition 7.3.1.6 Insecure File Permissions
QRadar Community Edition version 7.3.1.6 suffers from a local privilege escalation due to insecure file permissions with run-result-reader.sh.MD5 |...
View ArticleClik here to view.
QRadar Community Edition 7.3.1.6 PHP Object Injection
QRadar Community Edition version 7.3.1.6 suffers from a php object injection vulnerability.MD5 |...
View ArticleClik here to view.
QRadar Community Edition 7.3.1.6 Arbitrary Object Instantiation
QRadar Community Edition version 7.3.1.6 is vulnerable to instantiation of arbitrary objects based on user-supplied input. An authenticated attacker can abuse this to perform various types of attacks...
View ArticleClik here to view.
QRadar Community Edition 7.3.1.6 Authorization Bypass
QRadar Community Edition version 7.3.1.6 suffers from an authorization bypass vulnerability.MD5 |...
View ArticleClik here to view.
QRadar Community Edition 7.3.1.6 Path Traversal
QRadar Community Edition version 7.3.1.6 has a path traversal that exists in the session validation functionality. In particular, the vulnerability is present in the part that handles session tokens...
View ArticleClik here to view.
Cisco AnyConnect Secure Mobility Client 4.8.01090 Privilege Escalation
Cisco AnyConnect Secure Mobility Client for Windows version 4.8.01090 suffer from a privilege escalation vulnerability due to insecure handling of path names.MD5 |...
View Article