Counter-Strike version 1.6 GameInfo query reflection denial of service proof of concept exploit.
d88c5d35e07f94e50c9cdb08db697a01e63c1bfaa68fe25c3c562c74dc0ed946
Joomla Helpdesk Pro versions prior to 1.4.0 suffers from cross site scripting, local file disclosure, remote file upload, remote SQL injection, and insecure direct object reference vulnerabilities.
9712ee16b62ebd84fa316ca9325157ce4e08bf0486e35985aa2ded84460b3fa7
WordPress Portfolio plugin version 1.0 suffers from a cross site request forgery vulnerability.
bbfb396ecb41eebf274e643cf76d32fbc4d7901ac899120d06b816988c0822c0
tcpdump suffers from a rpki_rtr_pdu_print denial of service vulnerability. Versions affected include 4.6.2, 4.5.1, and 4.4.0.
76f3283d0ab1af6950691a1d53179bcf5061e40fa7a181aa998c1ee2900c4473
Microsoft Word, Excel, and Powerpoint 2007 contain a remote code execution vulnerability because it is possible to reference documents such as Works document (.wps) as HTML. It will process HTML and script code in the context of the local machine zone of Internet Explorer which leads to arbitrary code execution. By persuading users into opening eg. specially crafted .WPS, ".doc ", ".RTF " (with a space at the end) it is possible to trigger the vulnerability and run arbitrary code in the context of the logged on Windows user. Google flags this as malware so only use this if you know what you are doing. The password to unarchive this zip is the word "infected".
80524257f08622d540b1f1a756c7449341987c8dd9213ef86ba1e8b6a1038bf6
Internet Download Manager OLE automation array remote code execution exploit.
9fee27531464c1903e96190b869e185a39b391d09399d36916a4e68518150a8b
This Metasploit module exploits a file upload vulnerability in SysAid Help Desk v14.3 and v14.4. The vulnerability exists in the RdsLogsEntry servlet which accepts unauthenticated file uploads and handles zip file contents in a insecure way. By combining both weaknesses, a remote attacker can accomplish remote code execution. Note that this will only work if the target is running Java 6 or 7 up to 7u25, as Java 7u40 and above introduces a protection against null byte injection in file names. This Metasploit module has been tested successfully on version v14.3.12 b22 and v14.4.32 b25 in Linux. In theory this module also works on Windows, but SysAid seems to bundle Java 7u40 and above with the Windows package which prevents the vulnerability from being exploited.
1e9a143a1b5de756cddc1fdd9fa8d7bc4b814bf2c25ac0074023cc3b3fb3e4be
Airdroid version 3.1.3 suffers from a malicious script insertion vulnerability.
16bdfffa85eb8722d4f81f39619c9f5161666f6be0e5e6d7a1e8482054755700
WordPress Mobile Pack plugin version 2.1.2 suffers from an information disclosure vulnerability.
86b11c51c08452116cdba134c05255d187c7e8adb670829ed17ec574ea6f3a48
OpenSSH allows for unlimited password cracking in a two minute timeframe.
25629b480318a8e57f7afa8ce9daa4ea9ed171b4e2087d872c4851d327423301
Active Super Shop version 1.0 suffers from a cross site scripting vulnerability.
3869aba5e13206d5477fbcf9ad1903f84c9bfa9ec684f5add583c66d48339757
WordPress Mailcwp plugin version 1.99 suffers from a remote shell upload vulnerability.
b6c75244bccb060654da18817320f01d79e2899cd3f9645e3a63098f65ced174
Chrome suffers from a ui::AXTree::Unserialize related use-after-free vulnerability.
c401c178ffecc2c543e0506717b170b45cb01c6106506bf7304ac67f0c08bfb4
This Metasploit module exploits a file upload vulnerability in SysAid Help Desk. The vulnerability exists in the ChangePhoto.jsp in the administrator portal, which does not handle correctly directory traversal sequences and does not enforce file extension restrictions. You need to have an administrator account, but there is a Metasploit auxiliary module that can create one for you. This Metasploit module has been tested in SysAid v14.4 in both Linux and Windows.
0c208d2f198e77dc853b8bf460e5001c9fc1655e2c941edb66fcee493d8b936a
This Metasploit module exploits a file upload vulnerability in SysAid Help Desk v14.3 and v14.4. The vulnerability exists in the RdsLogsEntry servlet which accepts unauthenticated file uploads and handles zip file contents in a insecure way. Combining both weaknesses a remote attacker can accomplish remote code execution. Note that this will only work if the target is running Java 6 or 7 up to 7u25, as Java 7u40 and above introduce a protection against null byte injection in file names. This Metasploit module has been tested successfully on version v14.3.12 b22 and v14.4.32 b25 in Linux. In theory this module also works on Windows, but SysAid seems to bundle Java 7u40 and above with the Windows package which prevents the vulnerability from being exploited.
f551636c73e5b60b9c38cb4bdd3c80dbbb6ea337669f453ce8ca689cbfedd936
Novell GroupWise 2014 suffers from a cross site scripting vulnerability.
4c4c6296fd8b81448615d8372109d7607ccf6820ff46fc08d334d2f7a8f513c2
UDID+ version 2.5 suffers from a command injection vulnerability.
761145c7197c1353abee758af1de37e76bf21669162d014b72a9a6a9cc8cb015
FoxyCart suffers from filter bypass and input validation vulnerabilities.
718fd95d80edef23b0352b7f8154fc54cb785b8980a88329772638cb021700da
AirDroid ID suffers from suffers from a script insertion vulnerability.
826719c31357000a9eed1c066020ee4e4342aa7e36f9d47701bd3128c7d4b9db
NetBIOS NBSTAT name query reflection denial of service proof of concept exploit.
64eedc77e04daae82e3317cca2ba26267d63f8097003b3f9fcc142d9311aa277
This Metasploit module exploits an anonymous remote upload and code execution vulnerability on different D-Link devices. The vulnerability is a command injection in the cookie handling process of the lighttpd web server when handling specially crafted cookie values. This Metasploit module has been successfully tested on D-Link DSP-W110A1_FW105B01 in emulated environment.
0775e7d0aff2f6e2825635c995a83bb54708fc9752c08058d2dc8f04aed2e87c
The gReport Controls Sort Widget in Oracle Application Express is prone to permanent cross site scripting. The setting "display as" of the column attributes is ignored for the filter list. Versions prior to 4.2.3.00.08 are affected.
c9ce7cae929b2bfcfbbd561c21486f566a196d3064d30611bb77669161526837
Three proof of concept exploits demonstrating double-free issues with glibc, tcmalloc, and jemalloc.
e7f0fbeb3a092dc3418be3ce25fae479f87f00d498e749ac4c04652d49e094e2
Impero Education Pro suffers from a remote SYSTEM command execution vulnerability.
52a912335707a2c2f5ffd89fb25efa0c054326c82bae73267bb04bd65910dcf7
8 TOTOLINK router models have backdoor hardcoded credentials and suffer from remote command execution vulnerabilities.
da4f3b45bf033743303421b024a5e6709556b805b29ed6d02f62e31906abb380