Clik here to view.
Astaro Security Gateway 7 - Remote Code Execution
EDB-ID: 42726Author: Jakub PalaczynskiPublished: 2017-09-13CVE: CVE-2017-6315 Type: RemotePlatform: HardwareVulnerable App: N/A # Astaro Security Gateway v7 - Unauthenticated Remote Code Execution #...
View ArticleClik here to view.
XYZ Auto Classifieds 1.0 - SQL Injection
EDB-ID: 42727Author: 8bitsecPublished: 2017-09-12CVE: N/A Type: WebappsPlatform: PHPVulnerable App: N/A # Date: 2017-09-12 # Exploit Author: 8bitsec # Vendor Homepage: http://xyzscripts.com/ # Software...
View ArticleClik here to view.
Microsoft Windows .NET Framework Remote Code Execution
Proof of concept exploit for a Microsoft Windows .NET Framework remote code execution vulnerability. It spawns mspaint.MD5 | d6acb1333fa78b74fd573adf48276c84DownloadSource:packetstormsecurity.com
View ArticleClik here to view.
Cloudview NMS 2.00b Writable Directory Traversal Execution
This Metasploit module exploits a vulnerability found in Cloudview NMS server. The software contains a directory traversal vulnerability that allows a remote attacker to write arbitrary file to the...
View ArticleClik here to view.
Microsoft Edge DuplicateHandle ACG Bypass
ACG (Arbitrary Code Guard) in Microsoft Edge is bypassable. The bypass has been tested on Microsoft Edge 40.15063.0.0 running on Windows 10 Enterprise 64-bit with Creators Update (Version 1703, OS...
View ArticleClik here to view.
Consumer Review Script 1.0 - SQL Injection
EDB-ID: 42728Author: 8bitsecPublished: 2017-09-12CVE: N/A Type: WebappsPlatform: PHPVulnerable App: N/A # Date: 2017-09-12 # Exploit Author: 8bitsec # Vendor Homepage:...
View ArticleClik here to view.
D-Link DIR8xx Routers - Root Remote Code Execution
EDB-ID: 42730Author: embediPublished: 2017-09-12CVE: N/A Type: WebappsPlatform: HardwareAliases: N/AAdvisory/Source: LinkTags: N/AVulnerable App: N/A # E-DB Note:...
View ArticleClik here to view.
D-Link DIR8xx Routers - Leak Credentials
EDB-ID: 42729Author: embediPublished: 2017-09-12CVE: N/A Type: WebappsPlatform: HardwareAliases: N/AAdvisory/Source: LinkTags: N/AVulnerable App: N/A # E-DB Note:...
View ArticleClik here to view.
D-Link DIR8xx Routers - Local Firmware Upload
EDB-ID: 42731Author: embediPublished: 2017-09-12CVE: N/A Type: WebappsPlatform: HardwareAliases: N/AAdvisory/Source: LinkTags: N/AVulnerable App: N/A # If you have access to an ethernet port you can...
View ArticleClik here to view.
Mako Server SSRF / Disclosure / Code Execution
Mako Web Server suffers from file disclosure, remote command execution, and server-side request forgery vulnerabilities.MD5 | a29a13795600789280e244d812b6f170Download[+] SSD Beyond Security:...
View ArticleClik here to view.
IBM Infosphere Information Server / Datastage 11.5 Command Execution / Bypass
IBM Infosphere Information Server / Datastage versions 9.1, 11.3, and 11.5 (including Cloud version 11.5) suffer from bypass, XML external entity injection, DLL side loading, and various other...
View ArticleClik here to view.
VLC Media Player iOS App 2.7.8 File Disclosure
VLC Media Player iOS application version 2.7.8 suffers from a file disclosure vulnerability.MD5 | 617910a26e18078b120c91cf74d082b0DownloadSEC Consult Vulnerability Lab Security Advisory < 20170913-1...
View ArticleClik here to view.
Ubiquiti Networks UniFi Cloud Key Command Injection
Ubiquiti Networks UniFi Cloud Key wwith firmware versions 0.6.4 and below suffer from an authenticated command injection vulnerability.MD5 | 4d0cd508a986d910f949bc461e2fce58DownloadSEC Consult...
View ArticleClik here to view.
SilverStrip CMS 3.5.3 Cross Site Scripting
SilverStripe CMS versions 3.5.3 and below suffer from a persistent cross site scripting vulnerability.MD5 | 4488225884421348eca56ef59a92eb22DownloadSEC Consult Vulnerability Lab Security Advisory <...
View ArticleClik here to view.
D-Link DIR8xx Router Firmware Upload
D-Link DIR8xx routers suffer from a local firmware upload vulnerability.MD5 | cc414650b83164712d221b4de5b2d70fDownload#!/bin/bash# If you have access to an ethernet port you can upload custom firmware...
View ArticleClik here to view.
D-Link DIR8xx Remote Root Code Execution
D-Link DIR8xx routers suffers from a remote root code execution vulnerability.MD5 | d006060c6b96e9ff168c3e4b0bb47faaDownload# Due to error in hnap protocol implementation we can overflow stack and...
View ArticleClik here to view.
D-Link DIR8xx Credential Leak
D-Link DIR8xx routers suffer from a credential disclosure vulnerability.MD5 | caed8d87329d913d76f39a2df76a112aDownload# phpcgi is responsible for processing requests to .php, .asp and .txt pages. Also,...
View ArticleClik here to view.
Consumer Review Script 1.0 SQL Injection
Consumer Review Script version 1.0 suffers from a remote SQL injection vulnerability.MD5 | e9210bbf3b3d7339b5b0e9492145a413Download# Exploit Title: Consumer Review Script v1.0 - SQL Injection# Date:...
View ArticleClik here to view.
XYZ Auto Classifieds 1.0 SQL Injection
XYZ Auto Classifieds version 1.0 suffers from a remote SQL injection vulnerability.MD5 | a59c025d364f6d4da15216c1550a1164Download# Exploit Title: XYZ Auto Classifieds v1.0 - SQL Injection# Date:...
View ArticleClik here to view.
Astaro Security Gateway 7 Remote Code Execution
Astaro Security Gateway 7 suffers from a remote code execution vulnerability.MD5 | 593db61c13a32607441358ca66907051Download#!/usr/bin/python# Astaro Security Gateway v7 - Unauthenticated Remote Code...
View Article