Showing 51 - 75 of 188

Files

FreeSWITCH 1.10.6 SIP Flooding Denial Of Service: Posted Oct 25, 2021; Authored by Sandro Gauci | Site enablesecurity.com; FreeSWITCH versions 1.10.6 and below suffer from a SIP flooding denial of service vulnerability.; tags | exploit, denial of service; advisories | CVE-2021-41145; SHA-256 | 7c18e335775c034ea43225652189228c8adc2e373dc48c484ae01d61e8dc74a9; Download | Favorite | View

phpMyAdmin 4.8.1 Remote Code Execution: Posted Oct 25, 2021; Authored by samguy; phpMyAdmin version 4.8.1 remote code execution exploit.; tags | exploit, remote, code execution; advisories | CVE-2018-12613; SHA-256 | c7fd500b6b33a3e044159ceaba0504a93de489c811db969c2903f7741e995f09; Download | Favorite | View

FreeSWITCH 1.10.6 SIP Digest Leak: Posted Oct 25, 2021; Authored by Sandro Gauci | Site enablesecurity.com; FreeSWITCH versions 1.10.6 and below suffer from a SIP digest leak vulnerability. An attacker can perform a SIP digest leak attack against FreeSWITCH and receive the challenge response of a gateway configured on the FreeSWITCH server. This is done by challenging FreeSWITCH's SIP requests with the realm set to that of the gateway, thus forcing FreeSWITCH to respond with the challenge response which is based on the password of that targeted gateway.; tags | exploit; advisories | CVE-2021-41158; SHA-256 | f3e80023a973da7d0680ad72ce2905cfe9105bbb49758f1e37e5b0f8f8570020; Download | Favorite | View

GridPro Request Management For Windows Azure Pack 2.0.7905 Directory Traversal: Posted Oct 25, 2021; Authored by Giulian Guran; GridPro Request Management for Windows Azure Pack versions 2.0.7905 and below suffer from a traversal vulnerability that can allow for arbitrary execution of Powershell scripts.; tags | exploit, arbitrary; systems | windows; advisories | CVE-2021-40371; SHA-256 | 513dd9d3220aed0443768d76d63650e8af9dc973885a471803f11ba9b1c10d5c; Download | Favorite | View

Engineers Online Portal 1.0 SQL Injection: Posted Oct 25, 2021; Authored by Alon Leviev; Engineers Online Portal version 1.0 suffers from multiple remote SQL injection vulnerabilities. Original discovery of SQL injection in this version is attributed to nu11secur1ty in October of 2021.; tags | exploit, remote, vulnerability, sql injection; advisories | CVE-2021-42665; SHA-256 | 30deb8df5658bfc5dd34fbe821effad7a6a7d2b3526f7cc61466baadbf42bb0d; Download | Favorite | View

Engineers Online Portal 1.0 Cross Site Scripting: Posted Oct 25, 2021; Authored by Alon Leviev; Engineers Online Portal version 1.0 suffers from a persistent cross site scripting vulnerability.; tags | exploit, xss; SHA-256 | afbeb86d884bde6c22c040b435dfcbe74326668d015dbf13739c92b68a56209a; Download | Favorite | View

Online Event Booking And Reservation System 1.0 Cross Site Scripting: Posted Oct 25, 2021; Authored by Alon Leviev; Online Event Booking and Reservation System version 1.0 suffers from a persistent cross site scripting vulnerability.; tags | exploit, xss; advisories | CVE-2021-42662; SHA-256 | 6fdecfed746cff2b5d05ce8e317ddf7c6eefcb5b4d47fdb604fb434cf1618ba7; Download | Favorite | View

OpenClinic GA 5.194.18 Privilege Escalation: Posted Oct 25, 2021; Authored by Alessandro Salzano; OpenClinic GA version 5.194.18 suffers from a local privilege escalation vulnerability.; tags | exploit, local; SHA-256 | eb0151ef2dbd0d3806aad32979922968347afd7bec9ec3b8c5fe4d996cc09ba1; Download | Favorite | View

Balbooa Joomla Forms Builder 2.0.6 SQL Injection: Posted Oct 25, 2021; Authored by blockomat2100; Balbooa Joomla Forms Builder version 2.0.6 suffers from a remote SQL injection vulnerability.; tags | exploit, remote, sql injection; SHA-256 | 6534a06c02e46c2717ec749267bd8b00797cf3235c0d7c0e2440e7e49bacf779; Download | Favorite | View

Netgear Genie 2.4.64 Unquoted Service Path: Posted Oct 25, 2021; Authored by Mert Das; Netgear Genie version 2.4.64 suffers from an unquoted service path vulnerability.; tags | exploit; SHA-256 | bab104f6c9713f20e72527147150a4ac666acd64cb8edf7929452579dd7088e9; Download | Favorite | View

Build Smart ERP 21.0817 SQL Injection: Posted Oct 25, 2021; Authored by Nehru Sethuraman; Build Smart ERP version 21.0817 suffers from a remote SQL injection vulnerability.; tags | exploit, remote, sql injection; SHA-256 | e275dc473665f7be865de432fffafd4be9966bfab16f5f9b7fea3d3baba14812; Download | Favorite | View

WordPress TaxoPress 3.0.7.1 Cross Site Scripting: Posted Oct 25, 2021; Authored by Akash Rajendra Patil; WordPress TaxoPress plugin version 3.0.l7.1 suffers from a persistent cross site scripting vulnerability.; tags | exploit, xss; advisories | CVE-2021-24444; SHA-256 | 63a3a3d4ad7448e4a59f9d2ea3c18055a16fb6a9b4440543f0f8a76e5eb748fb; Download | Favorite | View

Hikvision Web Server Build 210702 Command Injection: Posted Oct 25, 2021; Authored by bashis; Hikvision Web Server Build 210702 suffers from a command injection vulnerability.; tags | exploit, web; advisories | CVE-2021-36260; SHA-256 | 6f3b4e5a9c425280adc8f7457f3b39a4875de53beec44c5e9cbfa151788ff314; Download | Favorite | View

Apache HTTP Server 2.4.50 Remote Code Execution: Posted Oct 24, 2021; Authored by thelastvvv; Apache HTTP Server version 2.4.50 remote code execution exploit.; tags | exploit, remote, web, code execution; advisories | CVE-2021-42013; SHA-256 | 486eba2974d21ce35aa31dc7a6504701fc48220f6cf03add5457f12164885ccf; Download | Favorite | View

Engineers Online Portal 1.0 Shell Upload: Posted Oct 23, 2021; Authored by SadKris; Engineers Online Portal version 1.0 suffers from a remote shell upload vulnerability.; tags | exploit, remote, shell; advisories | CVE-2021-42671; SHA-256 | 432861b01a3782f95e8327c54c6f8cef9f8af6913d7b57e85785b4e710ea1c1d; Download | Favorite | View

Windows IKEEXT AuthIP Unvalidated GSS_ID Privilege Escalation: Posted Oct 22, 2021; Authored by James Forshaw, Google Security Research; The Windows IKEEXT service does not verify the SPN when performing AuthIP authentication leading to leaking authentication tokens to untrusted systems.; tags | exploit; systems | windows; SHA-256 | 0079ebd509ea0915ed3e16a7c9804d1538ef4af1d978ab5d1ad291080c5dd106; Download | Favorite | View

Online Course Registration 1.0 SQL Injection: Posted Oct 22, 2021; Authored by Drew Jones, Sam Ferguson; Online Course Registration version 1.0 suffers from a blind boolean-based remote SQL injection vulnerability.; tags | exploit, remote, sql injection; SHA-256 | 7a2b88e12b269b54cb21377981ddc1a6971c0d2cdd29f7e161bc42db12bed913; Download | Favorite | View

Clinic Management System 1.0 Code Execution / SQL Injection: Posted Oct 22, 2021; Authored by Pablo Santiago; Clinic Management System version 1.0 suffers from a remote SQL injection vulnerability that allows for a shell upload.; tags | exploit, remote, shell, sql injection; SHA-256 | f5c56bd725c4d429d8538d02faa6b5e7639510b64d58be8816511e188df9be9a; Download | Favorite | View

Jetty 9.4.37.v20210219 Information Disclosure: Posted Oct 22, 2021; Authored by Mayank Deshmukh; Jetty version 9.4.37.v20210219 suffers from an information disclosure vulnerability.; tags | exploit, info disclosure; advisories | CVE-2021-28164; SHA-256 | 2db5d62005c6515d8366be3e8c08c4df222e8620470f674dec2932c545737167; Download | Favorite | View

Small CRM 3.0 Cross Site Scripting: Posted Oct 21, 2021; Authored by Ghuliev; Small CRM version 3.0 suffers from a persistent cross site scripting vulnerability.; tags | exploit, xss; SHA-256 | 91bdac6892b221d8473764d59181a6ac580096d02f6dd03c3f4b363c420b0cd3; Download | Favorite | View

NIMax 5.3.1f0 Denial Of Service: Posted Oct 21, 2021; Authored by LinxzSec; NIMax version 5.3.1f0 suffers from multiple denial of service vulnerabilities.; tags | exploit, denial of service, vulnerability; SHA-256 | 0b4d286de91da9cf52dd9a38b1c4395c9aee3038e965c44379ad95530663f942; Download | Favorite | View

Easy Chat Server 3.1 Directory Traversal: Posted Oct 21, 2021; Authored by z4nd3r; Easy Chat Server version 3.1 suffers from a directory traversal vulnerability.; tags | exploit, file inclusion; SHA-256 | 150a2df0dc9b5819ab9a78ae0931157f91fe7bf5cead4d5aca7928ae3c7fd059; Download | Favorite | View

SonicWall SMA 10.2.1.0-17sv Password Reset: Posted Oct 20, 2021; Authored by Jacob Baines; SonicWall SMA version 10.2.1.0-17sv suffers from a remote password reset vulnerability.; tags | exploit, remote; advisories | CVE-2021-20034; SHA-256 | 1d7256a24120e085899614766e31ffce8d24fab7f97df961712c94b274e8994d; Download | Favorite | View

Macro Expert 4.7 Unquoted Service Path: Posted Oct 20, 2021; Authored by Mert Das; Macro Expert version 4.7 suffers from an unquoted service path vulnerability.; tags | exploit; SHA-256 | c53ffdacaf887c5e3bbef8ab750fa2e27d1f78ad6d36aff867e3b82dc9cf39c8; Download | Favorite | View

WordPress Enfold Theme 4.8.3 Cross Site Scripting: Posted Oct 19, 2021; Authored by Francisco Diaz-Pache Alonso, Sergio Corral Cristo, David Alvarez Robles; WordPress Enfold theme version 4.8.3 suffers from a cross site scripting vulnerability.; tags | exploit, xss; advisories | CVE-2021-24719; SHA-256 | e601e283e6e6ab65b36187c0b6f5ebf2902d2c2f0650cdecd9115bb090521162; Download | Favorite | View

Page 3 of 8 Back 1 2 3 4 5 Next

Top Authors In Last 30 Days

Red Hat 254 files
Ubuntu 57 files
Gentoo 33 files
Debian 24 files
Apple 9 files
malvuln 7 files
Ahmet Umit Bayram 4 files
nu11secur1ty 4 files
Google Security Research 4 files
Jann Horn 4 files

Files

Top Authors In Last 30 Days

Recent News