Clik here to view.
Easy MPEG/AVI/DIVX/WMV/RM to DVD - 'Enter User Name' Buffer Overflow (SEH)
EDB-ID: 43104Author: Venkat RajgorPublished: 2017-10-05CVE: N/A Type: LocalPlatform: WindowsVulnerable App: ############################################################################### # Exploit...
View ArticleClik here to view.
Oracle Java SE - Web Start jnlp XML External Entity Processing Information...
EDB-ID: 43103Author: mr_mePublished: 2017-10-30CVE: CVE-2017-10309 Type: WebappsPlatform: XMLAliases: N/AAdvisory/Source: LinkTags: N/AVulnerable App: N/A """ Oracle Java SE Web Start jnlp XML External...
View ArticleClik here to view.
ZyXEL PK5001Z Modem - Backdoor Account
EDB-ID: 43105Author: Matthew SheimoPublished: 2017-10-31CVE: CVE-2016-10401 Type: RemotePlatform: HardwareVulnerable App: N/A # Google Dork: n/a # Date: 2017-10-31 # Exploit Author: Matthew Sheimo #...
View ArticleClik here to view.
Vir.IT eXplorer Anti-Virus 8.5.39 - 'VIAGLT64.SYS' Privilege Escalation
EDB-ID: 43109Author: Parvez AnwarPublished: 2017-11-01CVE: CVE-2017-16237 Type: LocalPlatform: WindowsAliases: N/AAdvisory/Source: LinkTags: N/AVulnerable App: N/A Exploit Title - Vir.IT eXplorer...
View ArticleClik here to view.
Ingenious School Management System 2.3.0 - 'friend_index' SQL injection
EDB-ID: 43108Author: Giulio ComiPublished: 2017-11-01CVE: N/A Type: WebappsPlatform: PHPVulnerable App: N/A # Date: 01.11.2017 # Vendor Homepage: http://iloveprograming.com/ # Software Link:...
View ArticleClik here to view.
OctoberCMS 1.0.426 (Build 426) - Cross-Site Request Forgery
EDB-ID: 43106Author: Zain SabahatPublished: 2017-11-01CVE: CVE-2017-16244 Type: WebappsPlatform: PHPVulnerable App: N/A # Vendor Homepage: https://octobercms.com # Software Link:...
View ArticleClik here to view.
WhatsApp 2.17.52 - Memory Corruption
EDB-ID: 43107Author: Juan SaccoPublished: 2017-11-01CVE: N/A Type: DosPlatform: iOSVulnerable App: N/A # -*- coding: utf-8 -*- # Found this and more exploits on my open source security project:...
View ArticleClik here to view.
Debut Embedded httpd 1.20 - Denial of Service
EDB-ID: 43119Author: z00nPublished: 2017-11-02CVE: CVE-2017-16249 Type: DosPlatform: HardwareVulnerable App: N/A # Date: 11/02/2017 # Exploit Author: z00n (@0xz00n) # Vendor Homepage:...
View ArticleClik here to view.
tnftp - 'savefile' Arbitrary Command Execution (Metasploit)
EDB-ID: 43112Author: MetasploitPublished: 2017-11-03CVE: CVE-2014-8517 Type: RemotePlatform: UnixAliases: N/AAdvisory/Source: LinkTags: Metasploit Framework (MSF)Vulnerable App: N/A # This module...
View ArticleClik here to view.
Ipswitch WS_FTP Professional < 12.6.0.3 - Local Buffer Overflow (SEH)
EDB-ID: 43115Author: Kevin McGuiganPublished: 2017-11-03CVE: CVE-2017-16513 Type: DosPlatform: WindowsVulnerable App: N/A #Title: Ipswitch WS_FTP Professional Local Buffer Overflow (SEH) #Author: Kevin...
View ArticleClik here to view.
Logitech Media Server 7.9.0 - 'Radio URL' Cross-Site Scripting
EDB-ID: 43123Author: Dewank PantPublished: 2017-11-03CVE: CVE-2017-16568 Type: WebappsPlatform: MultipleVulnerable App: N/A # Shodan Dork: Search Logitech Media Server # Date: 11/03/2017 # Exploit...
View ArticleClik here to view.
Logitech Media Server 7.9.0 - 'favorites' Cross-Site Scripting
EDB-ID: 43122Author: Dewank PantPublished: 2017-11-03CVE: CVE-2017-16567 Type: WebappsPlatform: MultipleVulnerable App: N/A # Shodan Dork: Search Logitech Media Server # Date: 11/03/2017 # Exploit...
View ArticleClik here to view.
WordPress Plugin JTRT Responsive Tables 4.1 - SQL Injection
EDB-ID: 43110Author: Lenon LeitePublished: 2017-11-03CVE: N/A Type: WebappsPlatform: PHPVulnerable App: # Exploit Author: Lenon Leite # Vendor Homepage:...
View ArticleClik here to view.
Ladon Framework for Python 0.9.40 - XML External Entity Expansion
EDB-ID: 43113Author: RedTeam PentestingPublished: 2017-11-03CVE: N/A Type: WebappsPlatform: XMLAliases: N/AAdvisory/Source: LinkTags: XML External Entity (XXE)Vulnerable App: Attackers who can send...
View ArticleClik here to view.
GraphicsMagick - Memory Disclosure / Heap Overflow
EDB-ID: 43111Author: SecuriTeamPublished: 2017-11-03CVE: CVE-2017-16352... Type: DosPlatform: MultipleAliases: N/AAdvisory/Source: LinkTags: N/AVulnerable App: N/A The following advisory describes two...
View ArticleClik here to view.
Actiontec C1000A Modem - Backdoor Account
EDB-ID: 43118Author: Joseph McDonaghPublished: 2017-11-04CVE: N/A Type: RemotePlatform: HardwareVulnerable App: N/A # Google Dork: NA # Date: 11/04/2017 # Exploit Author: Joseph McDonagh # Vendor...
View ArticleClik here to view.
WordPress Plugin Userpro < 4.9.17.1 - Authentication Bypass
EDB-ID: 43117Author: Colette ChamberlandPublished: 2017-11-04CVE: CVE-2017-16562 Type: WebappsPlatform: PHPVulnerable App: N/A # Google Dork: inurl:/plugins/userpro # Date: 11.04.2017 # Exploit Author:...
View ArticleClik here to view.
SMPlayer 17.11.0 - '.m3u' Buffer Overflow (PoC)
EDB-ID: 43124Author: bzyoPublished: 2017-11-05CVE: N/A Type: DosPlatform: WindowsVulnerable App: N/A # # Exploit Author: bzyo # Twitter: @bzyo_ # Exploit Title: SMPlayer 17.11.0 - '.m3u' Crash (PoC) #...
View ArticleClik here to view.
Avaya OfficeScan (IPO) < 10.1 - ActiveX Buffer Overflow
EDB-ID: 43120Author: hyp3rlinxPublished: 2017-11-05CVE: CVE-2017-12969 Type: DosPlatform: WindowsVulnerable App: N/A [+] Website: hyp3rlinx.altervista.org [+] Source:...
View ArticleClik here to view.
Avaya OfficeScan (IPO) < 10.1 - 'SoftConsole' Buffer Overflow (SEH)
EDB-ID: 43121Author: hyp3rlinxPublished: 2017-11-05CVE: CVE-2017-11309 Type: RemotePlatform: WindowsVulnerable App: N/A [+] Website: hyp3rlinx.altervista.org [+] Source:...
View Article