Clik here to view.
Apple AppleBCMWLANCore Driver Heap Overflow
There is a heap overflow in Apple's AppleBCMWLANCore driver when handling Completed Firmware Timestamp messages (0x27).MD5 | 9e2eb777a0c25de2a642bb1b840b9f64DownloadApple: Heap Overflow in...
View ArticleClik here to view.
Apple assembleBGScanResults Heap Overflow
There is a heap overflow vulnerability in Apple's assembleBGScanResults when handling ioctl results.MD5 | 92a298553ffecc17b336c053ef27d831DownloadApple: Heap overflow in "assembleBGScanResults" when...
View ArticleClik here to view.
Microsoft Edge Chakra Incorrect Parse
Microsoft Edge Charka incorrectly parses object patterns.MD5 | adcfdebb66197fad09cf1524ba76fe89DownloadMicrosoft Edge: Chakra incorrectly parses object patterns CVE-2017-8729When the Chakra's parser...
View ArticleClik here to view.
Microsoft Edge Charka Wrong Scopes In Deferred Parsing
Microsoft Edge Chakra makes wrong scopes in deferred parsing.MD5 | 64d004e6d66edefe6e65486064501fc5DownloadMicrosoft Edge: Chakra: Deferred parsing makes wrong scopes CVE-2017-8740(function f(a =...
View ArticleClik here to view.
Apple updateRateSetAsyncCallback Heap Overflow
A heap overflow vulnerability exists in Apple's updateRateSetAsyncCallback when handling ioctl results.MD5 | 1e92daae67494ac51cfa3e9e9cd67bceDownloadApple: Heap overflow in "updateRateSetAsyncCallback"...
View ArticleClik here to view.
Apple setVendorIE Heap Overflow / Information Disclosure
Heap overflow and information disclosure vulnerabilities exist in Apple's setVendorIE when handling ioctl results.MD5 | 3777e2aae23fd65779213ee09ccc433bDownloadApple: Heap overflow and information...
View ArticleClik here to view.
Microsoft Edge Chakra Parser::ParseCatch Failed eval Handle
Microsoft Edge Chakra Parser::ParseCatch fail to handle eval properly.MD5 | 89fd9d095aadad5c335a31930ad47781DownloadMicrosoft Edge: Chakra: Parser::ParseCatch doesn't handle "eval"CVE-2017-11764In...
View ArticleClik here to view.
Microsoft Edge Chakra JavascriptFunction::ReparseAsmJsModule Parsing Issue
Microsoft Edge Chakra JavascriptFunction::ReparseAsmJsModule suffers from a parsing issue.MD5 | e42ea1ce1dac6aa761323bae506ada67DownloadMicrosoft Edge: Chakra: JavascriptFunction::ReparseAsmJsModule...
View ArticleClik here to view.
DenyAll Web Application Firewall Remote Code Execution
This Metasploit module exploits the command injection vulnerability of DenyAll Web Application Firewall. Unauthenticated users can execute a terminal command under the context of the web server...
View ArticleClik here to view.
Lending And Borrowing - 'pid' Parameter SQL Injection
EDB-ID: 42770Author: Ihsan SencanPublished: 2017-09-22CVE: N/A Type: WebappsPlatform: PHPVulnerable App: N/A # Exploit Title: Lending And Borrowing Script - SQL Injection # Dork: N/A # Date: 22.09.2017...
View ArticleClik here to view.
PHP Auction Ecommerce Script 1.6 - SQL Injection
EDB-ID: 42775Author: 8bitsecPublished: 2017-09-22CVE: N/A Type: WebappsPlatform: PHPVulnerable App: N/A # Date: 2017-09-22 # Exploit Author: 8bitsec # Vendor Homepage: http://www.phpscriptsmall.com/ #...
View ArticleClik here to view.
Multi Level Marketing - SQL Injection
EDB-ID: 42771Author: Ihsan SencanPublished: 2017-09-22CVE: N/A Type: WebappsPlatform: PHPVulnerable App: N/A # Exploit Title: Multi Level Marketing Script - SQL Injection # Dork: N/A # Date: 22.09.2017...
View ArticleClik here to view.
Cash Back Comparison Script 1.0 - SQL Injection
EDB-ID: 42772Author: Ihsan SencanPublished: 2017-09-22CVE: CVE-2017-14703 Type: WebappsPlatform: PHPVulnerable App: N/A # # # # # # Exploit Title: Cash Back Comparison Script 1.0 - SQL Injection #...
View ArticleClik here to view.
Secure E-commerce Script 1.02 - 'sid' Parameter SQL Injection
EDB-ID: 42774Author: 8bitsecPublished: 2017-09-22CVE: N/A Type: WebappsPlatform: PHPVulnerable App: N/A # Date: 2017-09-22 # Exploit Author: 8bitsec # Vendor Homepage: http://www.phpscriptsmall.com/ #...
View ArticleClik here to view.
Claydip Airbnb Clone 1.0 - Arbitrary File Upload
EDB-ID: 42773Author: Ihsan SencanPublished: 2017-09-22CVE: CVE-2017-14704 Type: WebappsPlatform: PHPVulnerable App: N/A # Exploit Title: Claydip Laravel Airbnb Clone 1.0 - Arbitrary File Upload # Dork:...
View ArticleClik here to view.
CyberLink LabelPrint
EDB-ID: 42777Author: f3ciPublished: 2017-09-23CVE: CVE-2017-14627 Type: LocalPlatform: WindowsVulnerable App: # Exploit Title: CyberLink LabelPrint <=2.5 File Project Processing Unicode Stack...
View ArticleClik here to view.
Disk Pulse Enterprise 10.0.12 - GET Buffer Overflow (SEH)
EDB-ID: 42778Author: sicknessPublished: 2017-09-25CVE: N/A Type: RemotePlatform: WindowsVulnerable App: # The application requires to have the web server enabled. #!/usr/bin/python import socket,...
View ArticleClik here to view.
IPython JSON Error Responses Multiple Cross Site Scripting Vulnerabilities
IPython is prone to multiple cross-site scripting vulnerabilities because it fails to sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the...
View ArticleClik here to view.
JitBit HelpDesk
EDB-ID: 42776Author: Kc57Published: 2017-09-22CVE: N/A Type: WebappsPlatform: ASPVulnerable App: # Google Dork: "Powered by Jitbit HelpDesk" -site:jitbit.com # Date: 09/22/2017 # Exploit Author: Rob...
View ArticleClik here to view.
Kaltura 13.1.0 Code Execution / Cross Site Scripting
Kaltura versions 13.1.0 and below suffer from code execution and cross site scripting vulnerabilities.MD5 | 3e43a4778a84729244f3253a3a15898cDownload Telekom Security security.telekom.com Advisory:...
View Article