Clik here to view.
Hipchat Data Center / Hipchat Server Code Execution / SSRF
Hipchat Data Center and Hipchat Server suffer from server-side request forgery and remote code execution vulnerabilities.MD5 | e2f2ba4acc611b0394376429fc3f7a13Download-----BEGIN PGP SIGNED...
View ArticleClik here to view.
Hipchat For Mac 4.x Remote Code Execution
Hipchat for Mac desktop client versions prior to 4.30 suffer from a remote code execution vulnerability.MD5 | bc9f76c16c2234a3266f91910a0c367fDownload-----BEGIN PGP SIGNED MESSAGE-----Hash: SHA256This...
View ArticleClik here to view.
Cisco WebEx Meeting Center CVE-2017-12366 Cross Site Scripting Vulnerability
Cisco WebEx Meeting Center is prone to a cross-site scripting vulnerability because it fails to properly sanitize the user-supplied input. An attacker may leverage this issue to execute arbitrary...
View ArticleClik here to view.
Cisco WebEx Meeting Center CVE-2017-12297 URL Redirection Vulnerability
Cisco WebEx Meeting Center is prone to a remote URL-redirection vulnerability. An attacker can leverage this issue by constructing a URI that includes a malicious site redirection. When an...
View ArticleClik here to view.
Cisco Unified Communications Manager CVE-2017-12357 Cross Site Scripting...
Cisco Unified Communications Manager is prone to a cross-site scripting vulnerability because it fails to sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script...
View ArticleClik here to view.
Cisco Jabber CVE-2017-12356 Cross Site Scripting Vulnerability
Cisco Jabber is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the...
View ArticleClik here to view.
Cisco Jabber CVE-2017-12358 Cross Site Scripting Vulnerability
Cisco Jabber is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the...
View ArticleClik here to view.
WordPress Plugin WooCommerce 2.0/3.0 - Directory Traversal
EDB-ID: 43196Author: Fu2x2000Published: 2017-11-28CVE: CVE-2017-17058 Type: WebappsPlatform: PHPVulnerable App: N/A # Date: 28-11-2017 # Software Link: https://wordpress.org/plugins/woocommerce/ #...
View ArticleClik here to view.
Asterisk 13.17.2 - Memory Corruption
EDB-ID: 43197Author: Juan SaccoPublished: 2017-11-15CVE: N/A Type: DosPlatform: LinuxVulnerable App: N/A # Date and time of release: Nov, 15 2017 # Found this and more exploits on my open source...
View ArticleClik here to view.
Linux Kernel - 'The Huge Dirty Cow' Overwriting The Huge Zero Page
EDB-ID: 43199Author: BindecyPublished: 2017-11-30CVE: CVE-2017-1000405 Type: DosPlatform: LinuxAliases: Huge Dirty CowAdvisory/Source: LinkTags: N/AVulnerable App: N/A // EDB Note: Source ~...
View ArticleClik here to view.
macOS High Sierra - Root Privilege Escalation (Metasploit)
EDB-ID: 43201Author: MetasploitPublished: 2017-11-30CVE: N/A Type: LocalPlatform: macOSAliases: N/AAdvisory/Source: LinkTags: Metasploit Framework (MSF)Vulnerable App: N/A # This module requires...
View ArticleClik here to view.
ZKTeco ZKTime Web 2.0.1.12280 Cross Site Scripting
ZKTeco ZKTime Web version 2.0.1.12280 suffers from a cross site scripting vulnerability.MD5 | 291cec77b877a2a698643e15dc38c568Download*1. Introduction*Vendor: ZKTecoAffected Product: ZKTime Web -...
View ArticleClik here to view.
ZKTeco ZKTime Web 2.0.1.12280 Cross Site Request Forgery
ZKTeco ZKTime Web version 2.0.1.12280 suffers from a cross site request forgery vulnerability.MD5 | 49b9af816ec019c072d78c914ee5e93cDownload*1. Introduction*Vendor: ZKTecoAffected Product: ZKTime Web -...
View ArticleClik here to view.
WordPress WooCommerce 2.0 / 3.0 Directory Traversal
WordPress WooCommerce plugin versions 2.0 and 3.0 suffer from a directory traversal vulnerability.MD5 | a9f1c44c58aec447e77edec7cf211eb1Download# Exploit Title: WordPress woocommerce directory...
View ArticleClik here to view.
Huge Dirty Cow Proof Of Concept
This is a proof of concept for the Huge Dirty Cow vulnerability (CVE-2017-1000405). Before running, make sure to set transparent huge pages to "always" with "echo always | sudo tee...
View ArticleClik here to view.
Windows Defender Controlled Folder Bypass
Windows Defender suffers from a controlled folder bypass through the UNC path. Affected includes Windows 10 1709 and Antimalware client version 4.12.16299.15.MD5 |...
View ArticleClik here to view.
Cisco WebEx Network Recording Player DoS / Code Execution
Cisco has released an advisory detailing code execution, out of bounds, and denial of service vulnerabilities in the WebEx Network Recording Player.MD5 |...
View ArticleClik here to view.
Cisco Prime Service Catalog CVE-2017-12364 SQL Injection Vulnerability
Cisco Prime Service Catalog is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow...
View ArticleClik here to view.
ZKTeco ZKTime Web CVE-2017-17057 Cross Site Scripting Vulnerability
ZKTeco ZKTime Web is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in...
View ArticleClik here to view.
ZKTeco ZKTime Web CVE-2017-17056 Cross Site Request Forgery Vulnerability
ZKTeco ZKTime Web is prone to a cross-site request forgery vulnerability because it fails to properly validate HTTP requests. Exploiting this issue may allow a remote attacker to perform certain...
View Article