Clik here to view.
Real Estate MLM Plan Script 1.0 SQL Injection
Real Estate MLM Plan Script version 1.0 suffers from a remote SQL injection vulnerability.MD5 | 0cd884f3def31a868827da84334f37d9Download# Exploit Title: Real Estate MLM plan script v1.0 - 'srch'...
View ArticleClik here to view.
ConverTo Video Downloader And Converter 1.4.1 Arbitrary File Download
ConverTo Video Downloader and Converter version 1.4.1 suffers from an arbitrary file download vulnerability.MD5 | 9550c87c8c12e80189ebc2e3b3d5d021Download# # # # # # Exploit Title: ConverTo Video...
View ArticleClik here to view.
HBGK DVR 3.0.0 Build 20161206 Authentication Bypass
HBGK DVR version 3.0.0 build 20161206 suffers from an authentication bypass vulnerability.MD5 | 53b9a4b42fdf8345ff9dc8a81140c248Download# Exploit Title: HBGK DVR V3.0.0 build20161206 - Authentication...
View ArticleClik here to view.
Microsoft Office 2007 Word Information Disclosure
Microsoft Office 2007 Word suffers from an information disclosure vulnerability.MD5 | d686982e4ceeea6c798b900fd87cb2b2DownloadMS Office Word Information Disclosure VulnerabilityVendor homepage:...
View ArticleClik here to view.
Microsoft Excel Remote Code Execution
Microsoft Excel contains a remote code execution vulnerability upon processing OLE objects. Versions 2007, 2010, 2013, and 2016 are affected on both architectures.MD5 |...
View ArticleClik here to view.
Microsoft Office 2007 Groove Security Bypass / Code Execution
Microsoft Office 2007 Groove contains a security bypass issue regarding 'Workspace Shortcut' files (.GLK) because it allows arbitrary (registered) URL Protocols to be passed, when only...
View ArticleClik here to view.
Linux Kernel < 4.14.rc3 - Local Denial of Service
EDB-ID: 42932Author: Wang ChenyuPublished: 2017-10-02CVE: CVE-2017-14489 Type: DosPlatform: LinuxVulnerable App: N/A # Date: 2017-Oct-02 # Exploit Author: Wang Chenyu (Nanyang Technological University)...
View ArticleClik here to view.
SolarWinds Network Performance Monitor CVE-2017-9538 Denial of Service...
SolarWinds Network Performance Monitor is prone to a denial-of-service vulnerability. Remote attackers may exploit this issue to cause denial-of-service conditions, denying service to legitimate...
View ArticleClik here to view.
SolarWinds Network Performance Monitor CVE-2017-9537 Multiple HTML Injection...
SolarWinds Network Performance Monitor is prone to multiple HTML-injection vulnerabilities because it fails to properly sanitize user-supplied input. Successful exploits will allow attacker-supplied...
View ArticleClik here to view.
NPM-V (Network Power Manager) 2.4.1 - Password Reset
EDB-ID: 42933Author: Saeed reza ZamanianPublished: 2017-10-02CVE: N/A Type: WebappsPlatform: HardwareVulnerable App: N/A Author: Saeed reza Zamanian [penetrationtest @ Linkedin] Product: NPM-V Affected...
View ArticleClik here to view.
UCOPIA Wireless Appliance < 5.1.8 - Restricted Shell Escape
EDB-ID: 42937Author: SysdreamPublished: 2017-10-02CVE: CVE-2017-11321 Type: LocalPlatform: LinuxVulnerable App: N/A ## Asset Description UCOPIA solutions bring together a combination of software,...
View ArticleClik here to view.
phpCollab 2.5.1 - Arbitrary File Upload
EDB-ID: 42934Author: SysdreamPublished: 2017-10-02CVE: CVE-2017-6090 Type: WebappsPlatform: PHPVulnerable App: ## Description PhpCollab is an open source web-based project management system, that...
View ArticleClik here to view.
phpCollab 2.5.1 - SQL Injection
EDB-ID: 42935Author: SysdreamPublished: 2017-10-02CVE: CVE-2017-6089 Type: WebappsPlatform: PHPVulnerable App: ## Description PhpCollab is an open source web-based project management system, that...
View ArticleClik here to view.
UCOPIA Wireless Appliance < 5.1.8 - Privilege Escalation
EDB-ID: 42936Author: SysdreamPublished: 2017-10-02CVE: CVE-2017-11322 Type: LocalPlatform: LinuxVulnerable App: N/A ## Asset description UCOPIA solutions bring together a combination of software,...
View ArticleClik here to view.
OpenText Document Sciences xPression 4.5SP1 Patch 13 - 'jobRunId' SQL Injection
EDB-ID: 42939Author: Marcin WoloszynPublished: 2017-10-02CVE: CVE-2017-14758 Type: WebappsPlatform: JSPAliases: N/AAdvisory/Source: N/ATags: SQL Injection (SQLi)Vulnerable App: N/A Sciences xPression)...
View ArticleClik here to view.
OpenText Document Sciences xPression 4.5SP1 Patch 13 - 'documentId' SQL...
EDB-ID: 42940Author: Marcin WoloszynPublished: 2017-10-02CVE: CVE-2017-14757 Type: WebappsPlatform: JSPAliases: N/AAdvisory/Source: N/ATags: SQL Injection (SQLi)Vulnerable App: N/A Sciences xPression)...
View ArticleClik here to view.
Qmail SMTP - Bash Environment Variable Injection (Metasploit)
EDB-ID: 42938Author: MetasploitPublished: 2017-10-02CVE: CVE-2014-6271 Type: RemotePlatform: LinuxAliases: N/AAdvisory/Source: LinkTags: Metasploit FrameworkVulnerable App: N/A # This module requires...
View ArticleClik here to view.
Dnsmasq < 2.78 - 2-byte Heap-Based Overflow
EDB-ID: 42941Author: Google Security ResearchPublished: 2017-10-02CVE: CVE-2017-14491 Type: DosPlatform: MultipleAliases: N/AAdvisory/Source: LinkTags: N/AVulnerable App: N/A Sources:...
View ArticleClik here to view.
Dnsmasq < 2.78 - Heap-Based Overflow
EDB-ID: 42942Author: Google Security ResearchPublished: 2017-10-02CVE: CVE-2017-14492 Type: DosPlatform: MultipleAliases: N/AAdvisory/Source: LinkTags: N/AVulnerable App: N/A Sources:...
View ArticleClik here to view.
Dnsmasq < 2.78 - Information Leak
EDB-ID: 42944Author: Google Security ResearchPublished: 2017-10-02CVE: CVE-2017-14494 Type: DosPlatform: MultipleAliases: N/AAdvisory/Source: LinkTags: N/AVulnerable App: N/A Sources:...
View Article