Clik here to view.
SUSE/Portus 2.2 Cross Site Scripting
SUSE/Portus version 2.2 suffers from a persistent cross site scripting vulnerability.MD5 | 45c4673d073bbdcf395b309bad7cd3d0DownloadClass Input Validation ErrorRemote YesStored YesCredit...
View ArticleClik here to view.
Microsoft Edge 38.14393.1066.0 - Memory Corruption with Partial Page Loading
EDB-ID: 42758Author: Google Security ResearchPublished: 2017-09-19CVE: CVE-2017-8731 Type: DosPlatform: WindowsAliases: N/AAdvisory/Source: LinkTags: Denial of Service (DoS)Vulnerable App: N/A There is...
View ArticleClik here to view.
Microsoft Edge 38.14393.1066.0 - 'COptionsCollectionCacheItem::GetAt'...
EDB-ID: 42759Author: Google Security ResearchPublished: 2017-09-19CVE: CVE-2017-8734 Type: DosPlatform: WindowsAliases: N/AAdvisory/Source: LinkTags: Out Of BoundsVulnerable App: N/A Source:...
View ArticleClik here to view.
WordPress Prior to 4.8.2 Multiple Input Validation Security Vulnerabilities
WordPress is prone to the following input-validation security vulnerabilities because it fails to sufficiently sanitize user-supplied input: 1. Multiple cross-site scripting vulnerabilities 2....
View ArticleClik here to view.
WordPress 2kb Amazon Affiliates Store 2.1.0 Cross Site Scripting
WordPress 2kb Amazon Affiliates Store plugin versions 2.1.0 and below suffer from a cross site scripting vulnerability.MD5 | ed7cc9ee351abba47e1139929002ac68DownloadClass Input Validation...
View ArticleClik here to view.
Disk Pulse Enterprise 9.9.16 GET Buffer Overflow
This Metasploit module exploits an SEH buffer overflow in Disk Pulse Enterprise version 9.9.16. If a malicious user sends a crafted HTTP GET request it is possible to execute a payload that would run...
View ArticleClik here to view.
PHPMyFAQ 2.9.8 - Cross-Site Scripting
EDB-ID: 42761Author: Ishaq MohammedPublished: 2017-09-21CVE: CVE-2017-14618 Type: WebappsPlatform: PHPVulnerable App: # Vendor Homepage: http://www.phpmyfaq.de/ # Software Link:...
View ArticleClik here to view.
Microsoft Edge Chakra - 'JavascriptFunction::ReparseAsmJsModule' Incorrectly...
EDB-ID: 42766Author: Google Security ResearchPublished: 2017-09-21CVE: CVE-2017-8755 Type: DosPlatform: WindowsAliases: N/AAdvisory/Source: LinkTags: N/AVulnerable App: N/A Source:...
View ArticleClik here to view.
Microsoft Edge Chakra - 'Parser::ParseCatch' does not Handle 'eval'
EDB-ID: 42765Author: Google Security ResearchPublished: 2017-09-21CVE: CVE-2017-11764 Type: DosPlatform: WindowsAliases: N/AAdvisory/Source: LinkTags: N/AVulnerable App: N/A Source:...
View ArticleClik here to view.
Microsoft Edge Chakra - Deferred Parsing Makes Wrong Scopes
EDB-ID: 42764Author: Google Security ResearchPublished: 2017-09-21CVE: CVE-2017-8740 Type: DosPlatform: WindowsAliases: N/AAdvisory/Source: LinkTags: N/AVulnerable App: N/A Source:...
View ArticleClik here to view.
Linux Kernel
EDB-ID: 42762Author: Marcin KozlowskiPublished: 2017-09-21CVE: CVE-2017-1000251 Type: DosPlatform: LinuxVulnerable App: N/A DoS (Crash) only # Date: 09/21/2017 # Exploit Author: Marcin Kozlowski...
View ArticleClik here to view.
Microsoft Edge - Chakra Incorrectly Parses Object Patterns
EDB-ID: 42763Author: Google Security ResearchPublished: 2017-09-21CVE: CVE-2017-8729 Type: DosPlatform: WindowsAliases: N/AAdvisory/Source: LinkTags: N/AVulnerable App: N/A Source:...
View ArticleClik here to view.
Disk Pulse Enterprise 9.9.16 - GET Buffer Overflow (Metasploit)
EDB-ID: 42767Author: MetasploitPublished: 2017-09-21CVE: N/A Type: RemotePlatform: WindowsAliases: N/AAdvisory/Source: LinkTags: Metasploit FrameworkVulnerable App: # This module requires Metasploit:...
View ArticleClik here to view.
Stock Photo Selling 1.0 - SQL Injection
EDB-ID: 42768Author: Ihsan SencanPublished: 2017-09-22CVE: N/A Type: WebappsPlatform: PHPVulnerable App: N/A # # # # # # Exploit Title: Stock Photo Selling Script 1.0 - SQL Injection # Dork: N/A #...
View ArticleClik here to view.
EMC ViPR SRM for SAS Directory Traversal / Denial Of Service
EMC ViPR SRM, EMC Storage M and R, EMC VNX M and R, EMC M and R (Watch4Net) for SAS Solution Packs contain directory traversal and denial of service vulnerabilities.MD5 |...
View ArticleClik here to view.
Pixie Image Editor 1.7 Server-Side Request Forgery
Pixie Image Editor versions 1.4 and 1.7 suffer from a server-side request forgery vulnerability.MD5 | 6ae5751a6dc8636ad952d34e7678cc2aDownloadPixie image Editor SSRF vulnerability for...
View ArticleClik here to view.
Mongoose Embedded Web Server Library 6.8 Buffer Overflow
Mongoose Embedded Web Server Library versions 6.8 and below suffer from a stack-based buffer overflow vulnerability.MD5 |...
View ArticleClik here to view.
WordPress Responsive Image Gallery 1.1.8 SQL Injection
WordPress Responsive Image Gallery plugin version 1.1.8 suffers from a remote SQL injection vulnerability.MD5 | fb882fae7dbe8d7978e4631e09eda175Download=============================================MGC...
View ArticleClik here to view.
phpMyFAQ 2.9.8 Cross Site Scripting
phpMyFAQ version 2.9.8 suffers from a persistent cross site scripting vulnerability.MD5 | 2b2916bf8ae5e462ba6e63e2b70a1165Download# Exploit Title: phpMyFAQ 2.9.8 Stored XSS# Vendor Homepage:...
View ArticleClik here to view.
DenyAll WAF < 6.3.0 - Remote Code Execution (Metasploit)
EDB-ID: 42769Author: Mehmet IncePublished: 2017-09-19CVE: N/A Type: WebappsPlatform: LinuxAliases: N/AAdvisory/Source: N/ATags: Metasploit FrameworkVulnerable App: N/A # This module requires...
View Article