Clik here to view.
OpenText Documentum Administrator / Webtop Open Redirection
OpenText Documentum Administrator version 7.2.0180.0055 and Documentum Webtop version 6.8.0160.0073 suffer from an open redirection vulnerability.MD5 | 6f1d71c20b10167ef7e933c29c03e1f4DownloadTitle:...
View ArticleClik here to view.
OpenText Documentum Administrator / Webtop XXE Injection
OpenText Documentum Administrator version 7.2.0180.0055 and Documentum Webtop version 6.8.0160.0073 suffer from XML external entity injection vulnerabilities.MD5 |...
View ArticleClik here to view.
Bitdefender Total Security Local Code Execution Vulnerability
Bitdefender Total Security is prone to a local code-execution vulnerability. A local attacker can leverage this issue to execute arbitrary code in the context of affected application. Failed attempts...
View ArticleClik here to view.
Broadcom TCP KeepAlive Offloading DoS / Out-Of-Bounds Read
Broadcom suffers from denial of service and out-of-bounds read vulnerabilities in TCP KeepAlive Offloading.MD5 | 879a8ac244f3f3230f4a9c7db76d35f4DownloadBroadcom: Denial of service and OOB read in TCP...
View ArticleClik here to view.
EMC Elastic Cloud Storage Undocumented Account
ECS versions prior to 3.1 contain an undocumented account (emcservice) that is protected with a default password. This user account is intended for use by customer support representatives to...
View ArticleClik here to view.
EMC AppSync Host Plug-In 3.5 Denial Of Service
EMC AppSync host plug-in on Windows platform includes a denial of service (DoS) vulnerability that could potentially be exploited by malicious users to compromise the affected system. Versions 3.5 and...
View ArticleClik here to view.
Git cvsserver Remote Command Execution
The git subcommand cvsserver is a Perl script which makes excessive use of the backtick operator to invoke git. Unfortunately user input is used within some of those invocations and it allows for OS...
View ArticleClik here to view.
WordPress Content Audit 1.9.1 Cross Site Request Forgery / Cross Site Scripting
WordPress Content Audit plugin version 1.9.1 suffers from cross site request forgery and cross site scripting vulnerabilities.MD5 |...
View ArticleClik here to view.
WordPress School Management System SQL Injection
WordPress School Management System extension suffers from a remote SQL injection vulnerability.MD5 | 0cda76a901e15da566800aa0938da66eDownload# # # # # # Exploit Title: School Management System for...
View ArticleClik here to view.
WordPress Hospital Management System SQL Injection
WordPress Hospital Management System extension suffers from a remote SQL injection vulnerability.MD5 | 8682387811a842d29be436f261c6077fDownload# # # # # # Exploit Title: Hospital Management System for...
View ArticleClik here to view.
Fibaro Home Center 2 Remote Command Execution
Fibaro Home Center 2 suffers from a remote command execution vulnerability.MD5 | 09c6be8673678a057db790d7e6a6f990Download#!/usr/bin/pythonimport requestsimport argparseimport urllibimport base64import...
View ArticleClik here to view.
WordPress Apartment Management System SQL Injection
WordPress Apartment Management System extension suffers from a remote SQL injection vulnerability.MD5 | 30c295cccd89b1bc7f06ff8685aac83bDownload# # # # # # Exploit Title: WPAMS - Apartment Management...
View ArticleClik here to view.
WordPress Church SQL Injection
WordPress Church extension suffers from a remote SQL injection vulnerability.MD5 | 4488b1a12240008c1826df8741897ae9Download# # # # # # Exploit Title: WPCHURCH - Church Management System for Wordpress -...
View ArticleClik here to view.
AMC Master Arbitrary File Upload
AMC Master suffers from a remote file upload vulnerability.MD5 | bcf491f81b1630a2aa969382acd21c1dDownload# # # # # # Exploit Title: Annual Maintenance Contract Management System - Arbitrary File...
View ArticleClik here to view.
Drupal Ctools Module Cross Site Scripting and Access Bypass Vulnerabilities
The Ctools module for Drupal is prone to a cross-site scripting vulnerability and an access-bypass vulnerability. An attacker can exploit these issues to execute arbitrary script code in the context...
View ArticleClik here to view.
LAquis SCADA 4.1.0.2385 - Directory Traversal (Metasploit)
EDB-ID: 42885Author: James FittsPublished: 2017-09-27CVE: CVE-2017-6020 Type: RemotePlatform: MultipleVulnerable App: N/A class MetasploitModule < Msf::Auxiliary Rank = GreatRanking include...
View ArticleClik here to view.
Cisco Prime Collaboration Provisioning < 12.1 - Authentication Bypass /...
EDB-ID: 42888Author: Adam BrownPublished: 2017-09-27CVE: CVE-2017-6622 Type: RemotePlatform: HardwareVulnerable App: N/A # Date: 09/27/2017 # Exploit Author: Adam Brown # Vendor Homepage:...
View ArticleClik here to view.
libvorbis CVE-2017-14160 Denial of Service Vulnerability
libvorbis is prone to a denial-of-service vulnerability. Successfully exploiting this issue allows remote attackers to crash the affected application, denying service to legitimate users. libvorbis...
View ArticleClik here to view.
Microsoft XML Core Services CVE-2017-0022 Information Disclosure Vulnerability
Microsoft XML Core Services (MSXML) is prone to an information-disclosure vulnerability. An attacker can exploit this issue by enticing an unsuspecting user to visit a specially crafted webpage. An...
View ArticleClik here to view.
Microsoft Internet Explorer and Edge CVE-2017-0037 Remote Memory Corruption...
Microsoft Internet Explorer and Edge are prone to a remote memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user....
View Article