Dimofinf version 3.0.0 cookie SQL injection exploit.
ae127634dd77d4b81b85ee2ddebae17c44d195b88e620121ef01740d5ac84f53
SAP Mobile Platform version 2.3 suffers from an XML external entity injection vulnerability.
763ac979871c176d5a9e6b1f185a1e6109b4d7b5f4517066de0a8a2a92f8f153
SAP NetWeaver version 7.4 suffers from an XML external entity injection vulnerability.
b5a92464ff47c770ab76479c835e0239d3e5db4770ef988ae3b50741e8e7356c
Celoxis versions 9.5 and below suffer from a cross site scripting vulnerability.
0ce327191126fee2975846ae4df13c4f34768a717772e1666d36b2e5d8b59286
Apache Flex BlazeDS versions 4.7.0 and 4.7.1 suffer from a server-side request forgery vulnerability.
0005b6103d499d01523afeee675b0ec07725b42b1b1468d91a6d3b6c8f9096ae
vBulletin version 5.x suffers from a code execution vulnerability.
8bae9267f14bc87a02271f45d06cb5b550d1a16db3443ab464810a2e31344f2b
This Metasploit module exploits a SQL injection vulnerability found in Joomla versions 3.2 up to 3.4.4. The vulnerability exists in the Content History administrator component in the core of Joomla. Triggering the SQL injection makes it possible to retrieve active Super User sessions. The cookie can be used to login to the Joomla administrator backend. By creating a new template file containing our payload, remote code execution is made possible.
53518655f45dd51e0502900828af9b020e75d493ef442b649696eaac77fb78b1
ZTE ADSL ZXV10 W300 modems suffer from insufficient authorization controls, information disclosure, and a backdoor account feature.
f638139811112ec6d7f34ff1e8acef146adf3549a65b832da61f1755c75c498d
ZTE ZXHN H108N R1A and ZXV10 W300 routers suffer from path traversal, information disclosure, improper authorization, and hard-coded credential vulnerabilities.
2735f65d35edc3931a3eae6069d85013b997afb9f924b5865ac99b6d29c02f0f
Atlassian Bamboo remote code execution exploit that leverages the java deserialization vulnerability as noted in CVE-2015-6576.
607a629353c90b0d484735e431ce673d9f7f7ae92d4516f5a50546cb0b881ca6
Traffic CMS version 1.4.x suffers from a local file inclusion vulnerability.
624c98b778717d19759cfb903dc4a9bfd8c1114710a9bd101578150c371516af
Chkrootkit before 0.50 will run any executable file named /tmp/update as root, allowing a trivial privsec. WfsDelay is set to 24h, since this is how often a chkrootkit scan is scheduled by default.
0747e7950fe687c3ab16c47390e8715755184a47efb63dffd00b15a5ba393195
Cambium ePMP 1000 suffers from a remote OS command injection and privilege escalation vulnerabilities.
f3f71e560f8ee614e20bf5956339837e20028c8d5053172f3eb99639d547b9e1
There is an integer overflow issue in sanity checking section lengths when parsing the vcdiff format (used in SDCH content encoding). This results in the parser parsing outside of sane memory bounds when parsing the contents of a vcdiff windowThere's an integer overflow issue in sanity checking section lengths when parsing the vcdiff format (used in SDCH content encoding). This results in the parser parsing outside of sane memory bounds when parsing the contents of a vcdiff window.
7dd26a5b0e5074777454a033d2a5cf9abf8079a2604f2b566807914eb6911c4b
SuperScan version 4.1 suffers from multiple buffer overflow vulnerabilities. Three exploits included.
faab1615119f9b0f7d4655030b73df369c1177c71211dfa8835d2279b858b83d
Netwin SurgeFTP server version 23d6 suffers from multiple stored cross site scripting vulnerabilities.
8a738fcf73b0741fa19ac83402727e9db5fc3288bf5f2c65355a00eec7780e86
The Help Forum on LinkedIn suffered from a cross site scripting vulnerability.
2a9bd1ced4f661fb3399fe7cdf77a6afff11cf4a90862e613b8e31b764cbbe69
SHAREit WebShare version 2.3.80 suffers from a cross site request forgery vulnerability.
490d8d74a088ae1e4e4d195dd7241004c00b9d1b1902cad5c9bccb3ab6cd3669
This Metasploit module exploits an authenticated privilege escalation vulnerability in the iControl API on the F5 BIG-IP LTM (and likely other F5 devices). This requires valid credentials and the Resource Administrator role. The exploit should work on BIG-IP 11.3.0 - 11.6.0, (11.5.x < 11.5.3 HF2 or 11.6.x < 11.6.0 HF6, see references for more details).
f329ba79799be3587e190db0a03ebd17f524e5bca267576582b6c1d628f1c3ce
IBM i Access for Windows is vulnerability to a stack buffer overflow denial of service vulnerability.
11b7e54cc3e17a00c343563a50236ca59bcf4030efc0d0a5c7c6a895e9014571
IBM i Access for Windows is vulnerable to a buffer overflow. A local attacker could overflow a buffer and execute arbitrary code on the Windows PC.
c580fc339b55fe7d4d1b8c410eb204c7360f55941a779e5f137933f2389ba06d
Horde Groupware version 5.2.10 suffers from a cross site request forgery vulnerability.
c4fc067423fe364eb06a86f8f53f8d241025ebcaec8ec8d5e2dbc2baea883140
Adobe Premiere Clip version 1.1.1 suffers from a filter bypass vulnerability.
51ff395ba796da8216a974270c7449690e7f1776d4051a48b6068c307b81af02
Zenario CMS versions 7.0.7c and 7.1.0 and below suffer from a remote code execution vulnerability.
5f5fa492d07b379d353348483114df240fb9fd248fc6a68f0cf87fbfd453f295
WordPress Users Ultra plugin version 1.5.50 suffers from an unrestricted file upload vulnerability.
f4e18695ac4a2dc4e8ed14fa0c0404f778a68636ebbcfff81a444eeb1f0669e7