Clik here to view.
WordPress User Login History 1.5.2 Cross Site Scripting
WordPress User Login History plugin version 1.5.2 suffers from a cross site scripting vulnerability.MD5 | 55794b951aa88e688d42b194d06710b9DownloadProduct: User Login History Wordpress Plugin -...
View ArticleClik here to view.
Sync Breeze 10.1.16 Buffer Overflow
Sync Breeze version 10.1.16 is vulnerable to a buffer overflow vulnerability, which can be exploited remotely or locally to achieve arbitrary code execution. The flaw is triggered by providing a long...
View ArticleClik here to view.
Joomla! NS Download Shop Component CVE-2017-15965 SQL Injection Vulnerability
The NS Download Shop component for Joomla! is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. An attacker may...
View ArticleClik here to view.
D-Link DSL-2740E ADSL Router Multiple HTML Injection Vulnerabilities
D-Link DSL-2740E ADSL Router is prone to multiple HTML-injection vulnerabilities because it fails to properly sanitize user-supplied input.An attacker may leverage these issues to execute arbitrary...
View ArticleClik here to view.
HP ArcSight ESM and ArcSight ESM Express CVE-2017-14356 SQL Injection...
HP ArcSight ESM and ArcSight ESM Express are prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied input before using it in an SQL query. An attacker can...
View ArticleClik here to view.
GNU Wget CVE-2016-7098 Security Bypass Vulnerability
GNU Wget is prone to a security-bypass vulnerability. An attacker can exploit this issue to bypass the security mechanism and perform unauthorized actions. InformationBugtraq ID: 93157 Class: Design...
View ArticleClik here to view.
Easy MPEG/AVI/DIVX/WMV/RM to DVD - 'Enter User Name' Buffer Overflow (SEH)
EDB-ID: 43104Author: Venkat RajgorPublished: 2017-10-05CVE: N/A Type: LocalPlatform: WindowsVulnerable App: ############################################################################### # Exploit...
View ArticleClik here to view.
WhatsApp 2.17.52 Memory Corruption
WhatsApp versions 2.17.52 and below suffer from a memory corruption vulnerability that can result in a denial of service.MD5 | 52cf023f313d359776c21c2b3eebd1fbDownload#!/usr/bin/env python# -*- coding:...
View ArticleClik here to view.
ZyXEL PK5001Z Modem - Backdoor Account
EDB-ID: 43105Author: Matthew SheimoPublished: 2017-10-31CVE: CVE-2016-10401 Type: RemotePlatform: HardwareVulnerable App: N/A # Google Dork: n/a # Date: 2017-10-31 # Exploit Author: Matthew Sheimo #...
View ArticleClik here to view.
OctoberCMS 1.0.426 (Build 426) - Cross-Site Request Forgery
EDB-ID: 43106Author: Zain SabahatPublished: 2017-11-01CVE: CVE-2017-16244 Type: WebappsPlatform: PHPVulnerable App: N/A # Vendor Homepage: https://octobercms.com # Software Link:...
View ArticleClik here to view.
Ingenious School Management System 2.3.0 - 'friend_index' SQL injection
EDB-ID: 43108Author: Giulio ComiPublished: 2017-11-01CVE: N/A Type: WebappsPlatform: PHPVulnerable App: N/A # Date: 01.11.2017 # Vendor Homepage: http://iloveprograming.com/ # Software Link:...
View ArticleClik here to view.
WhatsApp 2.17.52 - Memory Corruption
EDB-ID: 43107Author: Juan SaccoPublished: 2017-11-01CVE: N/A Type: DosPlatform: iOSVulnerable App: N/A # -*- coding: utf-8 -*- # Found this and more exploits on my open source security project:...
View ArticleClik here to view.
OpenText Documentum Content Server Multiple Security Vulnerabilities
OpenText Documentum Content Server is prone to multiple security vulnerabilities. An attacker can leverage these issues to obtain sensitive information, and execute arbitrary code with elevated...
View ArticleClik here to view.
WordPress 'wpdb::prepare()' Method SQL Injection Vulnerability
WordPress is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to...
View ArticleClik here to view.
Cisco Prime Collaboration Provisioning CVE-2017-12276 SQL Injection...
Cisco Prime Collaboration Provisioning is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue...
View ArticleClik here to view.
Apache Wicket CVE-2012-5636 Cross Site Scripting Vulnerability
Apache Wicket is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the...
View ArticleClik here to view.
Nice PHP FAQ Script SQL Injection
Nice PHP FAQ Script suffers from a remote SQL injection vulnerability.MD5 | b4185cf54601d59702e05dc954376f11Download# # # # # # Exploit Title: Nice PHP FAQ Script - SQL Injection# Dork: N/A# Date:...
View ArticleClik here to view.
Vir.IT eXplorer Anti-Virus - Privilege Escalation
EDB-ID: 43109Author: Parvez AnwarPublished: 2017-11-01CVE: CVE-2017-16237 Type: LocalPlatform: WindowsVulnerable App: N/A Exploit Title - Vir.IT eXplorer Anti-Virus Arbitrary Write Privilege Escalation...
View ArticleClik here to view.
Fake Magazine Cover Script SQL Injection
Fake Magazine Cover Script suffers from a remote SQL injection vulnerability.MD5 | 573e0c8d715e51ab511fc89086ffe6b2Download# # # # # # Exploit Title: Fake Magazine Cover Script - SQL Injection# Dork:...
View ArticleClik here to view.
CPA Lead Reward Script SQL Injection
CPA Lead Reward Script suffers from a remote SQL injection vulnerability.MD5 | 558916d02a80acb2e76e6c0a883e125bDownload<!--# # # # # # Exploit Title: CPA Lead Reward Script - SQL Injection# Dork:...
View Article