Showing 76 - 100 of 161

Files

Dolibarr ERP-CRM 10.0.1 Cross Site Scripting: Posted Sep 13, 2019; Authored by Metin Yunus Kandemir; Dolibarr ERP-CRM version 10.0.1 suffers from a user-agent cross site scripting vulnerability.; tags | exploit, xss; advisories | CVE-2019-16197; SHA-256 | 0187de9002d59f341d170b546ca8984e4ebf01432ab6172e13141bf0b1e44251; Download | Favorite | View

Folder Lock 7.7.9 Denial Of Service: Posted Sep 13, 2019; Authored by Achilles; Folder Lock version 7.7.9 suffers from a denial of service vulnerability.; tags | exploit, denial of service; SHA-256 | a2d5ca402cd81d6b3b4997fcc78e9714cb8af7d57a844b1148c8aa88da349a3a; Download | Favorite | View

FTPShell Client 6.74 Buffer Overflow: Posted Sep 13, 2019; Authored by Debashis Pal; FTPShell Client version 6.74 suffers from a local buffer overflow denial of service vulnerability.; tags | exploit, denial of service, overflow, local; SHA-256 | 2289dadc1d05440dd5dd8dffb82ee765b6becd294b086efe6730efbd6e4f86ef; Download | Favorite | View

LimeSurvey 3.17.13 Cross Site Scripting: Posted Sep 12, 2019; Authored by Andreas Kolbeck, David Haintz | Site sec-consult.com; LimeSurvey versions 3.17.13 and below suffer from reflective and persistent cross site scripting vulnerabilities.; tags | exploit, vulnerability, xss; advisories | CVE-2019-16172, CVE-2019-16173; SHA-256 | 573baf1603249a448f854d8c59cc5938e7334c20fe44126259027c9914a5cfd5; Download | Favorite | View

Generic Zip Slip Traversal: Posted Sep 12, 2019; Authored by sinn3r, Snyk | Site metasploit.com; This is a generic arbitrary file overwrite technique, which typically results in remote command execution. This targets a simple yet widespread vulnerability that has been seen affecting a variety of popular products including HP, Amazon, Apache, Cisco, etc. The idea is that often archive extraction libraries have no mitigations against directory traversal attacks. If an application uses it, there is a risk when opening an archive that is maliciously modified, and results in the embedded payload to be written to an arbitrary location (such as a web root), and results in remote code execution.; tags | exploit, remote, web, arbitrary, root, code execution; systems | cisco; SHA-256 | 8f0ccbdfa41b81ddec1fba4936ed5ca28502dd6600b5ac754d4fe23b7ec5988d; Download | Favorite | View

Opencart 2.3.0.2 Pre-Auth Remote Command Execution: Posted Sep 12, 2019; Authored by Todor Donev; Opencart version 2.3.0.2 pre-authentication remote command execution exploit.; tags | exploit, remote; SHA-256 | 241c2df2c06d04ed1d46433e033708608f5d3557b99ec80f4c641aa0910f2a98; Download | Favorite | View

Microsoft DirectWrite sfac_GetSbitBitmap Out-Of-Bounds Read: Posted Sep 11, 2019; Authored by Google Security Research, mjurczyk; Microsoft DirectWrite suffers from an out-of-bounds read in sfac_GetSbitBitmap while processing TTF fonts.; tags | exploit; advisories | CVE-2019-1244; SHA-256 | aa2d5d7be90b6f28c281bef6187c775b1dfc2408d2066e1d3ea3a0b1eeca0a0e; Download | Favorite | View

Microsoft DirectWrite SplicePixel Invalid Read: Posted Sep 11, 2019; Authored by Google Security Research, mjurczyk; Microsoft DirectWrite suffers from an invalid read in SplicePixel while processing OTF fonts.; tags | exploit; advisories | CVE-2019-1245; SHA-256 | 4d40188c13a19d3f86978a4337818897a6919c2d01372f9e540c97358af7ad4a; Download | Favorite | View

eWON Flexy 13.0 Authentication Bypass: Posted Sep 11, 2019; Authored by Photubias; eWON Flexy with firmware version 13.0 suffers from an authentication bypass vulnerability.; tags | exploit, bypass; SHA-256 | 76bf027bea193d108094970bd462dd2ebb200858467fc02d58f0a91a682501e5; Download | Favorite | View

OpenEdx Ironwood.1 Cross Site Scripting: Posted Sep 10, 2019; Authored by Daniel Bishtawi | Site netsparker.com; OpenEdx Ironwood.1 suffers from multiple cross site scripting vulnerabilities.; tags | exploit, vulnerability, xss; SHA-256 | 8168f8986249d0eda2a31569d08e72a792784a43838118fa1bb7f6d84e1e7f61; Download | Favorite | View

WordPress SlickQuiz 1.3.7.1 SQL Injection: Posted Sep 10, 2019; Authored by Julien Ahrens | Site rcesecurity.com; WordPress SlickQuiz plugin version 1.3.7.1 suffers from a remote SQL injection vulnerability.; tags | exploit, remote, sql injection; advisories | CVE-2019-12516; SHA-256 | 3b3f2021735ae446297196ed34135cc91bdd1359c4dc4c1847d8a05052387e80; Download | Favorite | View

WordPress SlickQuiz 1.3.7.1 Cross Site Scripting: Posted Sep 10, 2019; Authored by Julien Ahrens | Site rcesecurity.com; WordPress SlickQuiz plugin version 1.3.7.1 suffers from a persistent cross site scripting vulnerability.; tags | exploit, xss; advisories | CVE-2019-12517; SHA-256 | cbb9b82d8abba98ceec52791f9d154653f25751db87716fba4d0f5bdb5a37486; Download | Favorite | View

AVCON6 Systems Management Platform Remote Root: Posted Sep 10, 2019; Authored by Nassim Asrir; AVCON6 Systems Management Platform suffers from a remote root command execution vulnerability.; tags | exploit, remote, root; SHA-256 | 1dd0d5b962a6b8f0b0dc6267e2fc5ca01c3e4382c0782267388eb383cd70e571; Download | Favorite | View

WordPress Checklist 1.1.5 Cross Site Scripting: Posted Sep 10, 2019; Authored by Ricardo Sanchez; WordPress Checklist plugin version 1.1.5 suffers from a cross site scripting vulnerability.; tags | exploit, xss; SHA-256 | 817d94f07556f4882cc6d45a7809768465e34cb74d87172d7a9ac95f95c8bf04; Download | Favorite | View

WordPress Photo Gallery 1.5.34 Cross Site Scripting: Posted Sep 10, 2019; Authored by MTK; WordPress Photo Gallery plugin version 1.5.34 suffers from multiple cross site scripting vulnerabilities.; tags | exploit, vulnerability, xss; advisories | CVE-2019-16117, CVE-2019-16118; SHA-256 | 4fed05720ee4fecd2da49f336d79b68ed8843b63367bb135080f3301ff646e73; Download | Favorite | View

WordPress Photo Gallery 1.5.34 SQL Injection: Posted Sep 10, 2019; Authored by MTK; WordPress Photo Gallery plugin version 1.5.34 suffers from a remote SQL injection vulnerability.; tags | exploit, remote, sql injection; advisories | CVE-2019-16119; SHA-256 | 950d9d2613c0929b824d90f41698923dce59107a3eccab59751a55e01c8fc896; Download | Favorite | View

Rifatron Intelligent Digital Security System (animate.cgi) Stream Disclosure: Posted Sep 9, 2019; Authored by LiquidWorm | Site zeroscience.mk; The Rifatron Intelligent Digital Security System DVR suffers from an unauthenticated and unauthorized live stream disclosure when animate.cgi script is called through Mobile Web Viewer module.; tags | exploit, web, cgi; SHA-256 | 0ac770f479e014f7c5b8c6027c620e27b00efd876208dd79b63187fd39efe9df; Download | Favorite | View

Core FTP LE Version 2.2 Build 1935 Buffer Overflow: Posted Sep 9, 2019; Authored by Debashis Pal; Core FTP LE version 2.2 build 1935 suffers from buffer overflow vulnerability.; tags | exploit, overflow; SHA-256 | 2b347f042a2ee7a96ebba7c78aeb582f058f85fdaf4466b5097f76b87cc59fc9; Download | Favorite | View

Tibco JasperSoft Path Traversal: Posted Sep 9, 2019; Authored by Elar Lang; Tibco JasperSoft suffers from a path traversal vulnerability.; tags | exploit, file inclusion; advisories | CVE-2018-18809; SHA-256 | 3d5803f45be81659caf4f3bffb04cadddfd4a598bf1a1150dafa4203a2d45984; Download | Favorite | View

Cisco Content Security Virtual Appliance M380 IronPort Remote Cross Site Host Modification: Posted Sep 9, 2019; Authored by Todor Donev; Cisco Content Security Virtual Appliance M380 IronPort remote cross site host modification demo exploit.; tags | exploit, remote; systems | cisco; SHA-256 | 73c9d99009b7401255bba6a1f56507939d40908be4130273b2c562c5a4a3adb6; Download | Favorite | View

WordPress Qwiz Online Quizzes And Flashcards 3.36 Cross Site Scripting: Posted Sep 9, 2019; Authored by Ricardo Sanchez; WordPress Qwiz Online Quizzes and Flashcards plugin version 3.36 suffers from a cross site scripting vulnerability.; tags | exploit, xss; SHA-256 | 634c7369106c5e8fe42529b05f448cc52e6022665ac665f210efa6c734e5fed6; Download | Favorite | View

Dabman And Imperial Web Radio Devices Undocumented Telnet Backdoor: Posted Sep 9, 2019; Authored by Benjamin Kunz Mejri, Vulnerability Laboratory | Site vulnerability-lab.com; Dabman and Imperial Web Radio Devices suffers from undocumented telnet backdoor and command execution vulnerabilities.; tags | exploit, web, vulnerability; advisories | CVE-2019-13473; SHA-256 | 6e28c900f138b4c227460279ef44595a12f751de44f3a06844fa9e9ce1c87e2a; Download | Favorite | View

Dolibarr ERP-CRM 10.0.1 SQL Injection: Posted Sep 9, 2019; Authored by Metin Yunus Kandemir; Dolibarr ERP-CRM version 10.0.1 suffers from a remote SQL injection vulnerability.; tags | exploit, remote, sql injection; SHA-256 | 6826dc0ef459539b9dbd73ad177cbaf6ed9ed2ece658f77e4b7715a8c0b04c36; Download | Favorite | View

Enigma NMS 65.0.0 SQL Injection: Posted Sep 9, 2019; Authored by Mark Cross; Enigma NMS version 65.0.0 suffers from a remote SQL injection vulnerability.; tags | exploit, remote, sql injection; SHA-256 | 4cc7a0a98cea7b8dd397f89ccfa2628dded3cba0ac317b141cc5f674ab88b466; Download | Favorite | View

Dolibarr ERP-CRM 10.0.1 SQL Injection: Posted Sep 9, 2019; Authored by Metin Yunus Kandemir; Dolibarr ERP-CRM version 10.0.1 suffers from a remote SQL injection vulnerability.; tags | exploit, remote, sql injection; SHA-256 | bab53fc3d093813545a41360b16744c1c7a3723c574c2a429a2b935572a6e1be; Download | Favorite | View

Page 4 of 7 Back 2 3 4 5 6 Next

Top Authors In Last 30 Days

Red Hat 254 files
Ubuntu 57 files
Gentoo 33 files
Debian 24 files
Apple 9 files
malvuln 7 files
Ahmet Umit Bayram 4 files
nu11secur1ty 4 files
Google Security Research 4 files
Jann Horn 4 files

Files

Top Authors In Last 30 Days

Recent News