Clik here to view.
Apache Tomcat JSP Upload Bypass / Remote Code Execution
Apache Tomcat versions prior to 9.0.1 (Beta), 8.5.23, 8.0.47, and 7.0.8 suffer from a jsp upload bypass vulnerability that allows for remote code execution.MD5 |...
View ArticleClik here to view.
EPESI 1.8.2 Revision 20170830 Cross Site Scripting
EPESI version 1.8.2 revision 20170830 suffers from a cross site scripting vulnerability.MD5 | f9d422039547e917ef1215c6f65ce74cDownload# Exploit Title: Multiple Stored XSS in EPESI# Date: 10/03/2017#...
View ArticleClik here to view.
Fiberhome AN5506-04-F Command Injection
Fiberhome AN5506-05-F suffers from a command injection vulnerability.MD5 | 060deecd3c2ad0da82d4a03242288cfcDownload# Exploit Title: Fiberhome an5506-04-f a -PING- COMMAND INJECTION# Date: 03.10.2017#...
View ArticleClik here to view.
ClipBucket 2.8.3 Remote Code Execution
ClipBucket version 2.8.3 suffers from a remote code execution vulnerability.MD5 | f13ec94b270861446ac3f3edfb30d15aDownload# Exploit Title: ClipBucket PHP Script Remote Code Execution (RCE) # Date:...
View ArticleClik here to view.
DiskBoss Enterprise 8.4.16 Local Buffer Overflow
DiskBoss Enterprise version 8.4.16 suffers from a local buffer overflow vulnerability.MD5 |...
View ArticleClik here to view.
UCOPIA Wireless Appliance 5.1 Code Execution
UCOPIA Wireless Appliance versions 5.1 and below suffer from a captive portal remote root code execution vulnerability.MD5 | 030235cff7891b7fb5266503f44d6d01Download# Exploit Title: Unauthenticated...
View ArticleClik here to view.
NETGEAR ReadyNAS Surveillance 1.4.3-16 - Remote Command Execution
EDB-ID: 42956Author: Kacper SzurekPublished: 2017-09-27CVE: N/A Type: WebappsPlatform: HardwareVulnerable App: N/A # Date: 27.09.2017 # Software Link: https://www.netgear.com/ # Exploit Author: Kacper...
View ArticleClik here to view.
Microsoft Windows CVE-2014-6332 OLE Remote Code Execution Vulnerability
Microsoft Windows is prone to a remote code-execution vulnerability. An attacker can leverage this issue to execute arbitrary code and gain elevated privileges in the context of the currently...
View ArticleClik here to view.
Adobe Flash Player and AIR CVE-2014-8440 Unspecified Memory Corruption...
Adobe Flash Player and AIR are prone to an unspecified memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the user running the affected...
View ArticleClik here to view.
Adobe Flash Player CVE-2014-8439 Remote Code Execution Vulnerability
Adobe Flash Player is prone to an unspecified remote code-execution vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the user running the affected...
View ArticleClik here to view.
Adobe Flash Player and AIR CVE-2014-0569 Integer Overflow Vulnerability
Adobe Flash Player and AIR are prone to an unspecified integer-overflow vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the user running the affected...
View ArticleClik here to view.
Unitrends UEB 9.1 - Privilege Escalation
EDB-ID: 42959Author: Jared AravePublished: 2017-08-08CVE: CVE-2017-12479 Type: WebappsPlatform: PHPVulnerable App: N/A # Date: 08/08/2017 # Exploit Authors: Benny Husted, Jared Arave, Cale Smith #...
View ArticleClik here to view.
Unitrends UEB 9.1 - Authentication Bypass / Remote Command Execution
EDB-ID: 42958Author: Jared AravePublished: 2017-08-08CVE: CVE-2017-12478 Type: RemotePlatform: LinuxVulnerable App: N/A # Date: 08/08/2017 # Exploit Authors: Cale Smith, Benny Husted, Jared Arave #...
View ArticleClik here to view.
Unitrends UEB 9.1 - 'Unitrends bpserverd' Remote Command Execution
EDB-ID: 42957Author: Jared AravePublished: 2017-08-08CVE: CVE-2017-12477 Type: RemotePlatform: LinuxVulnerable App: N/A # Date: 08/08/2017 # Exploit Authors: Jared Arave, Cale Smith, Benny Husted #...
View ArticleClik here to view.
Microsoft Windows 10 x64 RS2 - 'win32kfull!bFill' Pool Overflow
EDB-ID: 42960Author: siberasPublished: 2017-10-06CVE: CVE-2016-3309 Type: LocalPlatform: Win_x86-64Aliases: N/AAdvisory/Source: LinkTags: N/AVulnerable App: N/A...
View ArticleClik here to view.
Unitrends UEB 9.1 Privilege Escalation
Unitrends UEB version 9.1 suffers from a privilege escalation vulnerability.MD5 | 54ea4c79a90bb7589d2d48f383e0346fDownload# Exploit Title: Authenticated lowpriv RCE for Unitrends UEB 9.1# Date:...
View ArticleClik here to view.
Unitrends UEB 9.1 Authentication Bypass / Remote Command Execution
Unitrends UEB version 9.1 suffers from authentication bypass and remote command execution vulnerabilities.MD5 | 9d6d20dd61555d23609e4ebabde10468Download# Exploit Title: Unauthenticated root RCE for...
View ArticleClik here to view.
Magento Cross Site Requst Forgery / Cross Site Scripting
During a security audit of Magento Community Edition / Open Source and Commerce, cross site request forgery and stored cross site scripting vulnerabilities were discovered that could lead to...
View ArticleClik here to view.
Unitrends UEB 9.1 bpserverd Remote Command Execution
Unitrends UEB version 9.1 bpserverd remote command execution exploit.MD5 | 86ffe075c5b3d2bfe96d722173434124Download# Exploit Title: Unauthenticated root RCE for Unitrends UEB 9.1# Date: 08/08/2017#...
View ArticleClik here to view.
Lansweeper 6.0.0.63 Cross Site Scripting
Lansweeper version 6.0.0.63 suffers from a cross site scripting vulnerability.MD5 | cc332dfef0e4384c4af89d99a87ae698Download=============================================- Release date: October 05th,...
View Article