WordPress Bonkersbeat theme version 1.0, Method theme version 1.8, and Awake theme version 3.2 suffer from an arbitrary file download vulnerability.
377a2155b0b3a216d8785b603e4c0e98fe506d4f486ab4cbaece2ea45ce60a06
BENIGNCERTAIN is a remote exploit to extract Cisco VPN private keys. Note that this exploit is part of the recent public disclosure from the "Shadow Brokers" who claim to have compromised data from a team known as the "Equation Group", however, there is no author data available in this content. The tool references Cisco PIX versions 5.2(9) to 6.3(4), which were released in 2004.
f1cc0ef523db5ceca559ff6245e673e90a6309eaeaf13d63e575e3e9b70a5ea8
This Metasploit module exploits a remote code execution in the web panel of Phoenix Exploit Kit via the geoip.php. The Phoenix Exploit Kit is a popular commercial crimeware tool that probes the browser of the visitor for the presence of outdated and insecure versions of browser plugins like Java, and Adobe Flash and Reader which then silently installs malware.
aad984f8708901b83c5d2147e19d13750c153fefe31400973769c9a1fcdedf8c
Jaws CMS version 1.1.1 suffers from a cross site request forgery vulnerability.
4c7cb7244f6adffe5ed1f13324e54993002a2ec03435b20c3011a615f7c706b9
phpCollab CMS version 2.5 suffers from a cross site request forgery vulnerability.
8f9e3cce787d1818859b78c4a1a0f36e22a4f9771670aa92f3509e1deec787c5
AVS Audio Converter version 8.2.1 suffers from a buffer overflow vulnerability.
7afcffa21ea4851d253f1a3293dc20489b947ede25b757fba0c6ccc047eef575
ISPconfig version 3.0.5.4 p6 suffers from a cross site scripting vulnerability. It also leaks exception information.
9b4e17f23d24a8657ca32e66aeb0806fdf89bf27015fdfef444397eb7a0a7850
ObiHai ObiPhone 1032/1062 with firmware less than 5-0-0-3497 suffers from buffer overflow, cross site scripting, cross site request forgery, command injection, denial of service, and various other vulnerabilities.
c01c956473f4e72a247182e6bcb22fe0af02e5eb1aefac7e5b88a3868d051233
Newtec Satellite Modem version MDM6000 2.2.5 suffers from a cross site scripting vulnerability.
66bc91a91c3296445a0ce9b51f0b9593e0c5ff0d247b6788f617a033992cf9be
Sakai version 10.7 suffers from cross site scripting and local file inclusion vulnerabilities.
8cb08ef574e8508f30e00deef1ab74e79262f9ff08d0758749576594bd1523ed
WordPress version 4.5.3 suffers from a path traversal vulnerability in the core ajax handlers.
78a9e8298d6dbe41d508c8f450f6b57d41e9ba8bdefa0dd06867e661676810ca
This exploit demonstrates an authentication bypass on multiple MESSOA IP cameras that can change the admin username and password.
68666b30d1b6dddf00299fd74cd0dc2022915959fe608e0c0d8ec6d47b0aad91
Vanderbilt IP-Camera versions CCPW3025-IR and CVMW3025-IR suffer from a remote credential disclosure vulnerability.
8768c389705867bfdae855f0a77fb9311338ceaed42f658f408ad91c5f29ad63
JVC IP-Camera version VN-T216VPRU suffers from a remote credential disclosure vulnerability.
c0d860339fe71a02d203cce656f6cc5c8f1279fdea6c4f598f0d62e666604633
C2S types IRDOME-II-C2S, IRBOX-II-C2S, and DVR suffer from remote credential disclosure and authentication bypass vulnerabilities.
e73e89f000fcdea1c330da9b5c60fde2f83706e600950d25d0e7c67d5a83009d
tcPBX suffers from a remote file disclosure vulnerability.
bb4bbff19dfe898efeea66662739f83a07b1fec11a4de51e1520dbbc6f187bf4
Karenderia Multiple Restaurant System version 3.2 suffers from a cross site scripting vulnerability.
8a15d46fc106a549f3f10eacafa0bdb6250a56230d7b8d16bd9fb3582cc3784c
ZYCOO IP phone system suffers from a remote command execution vulnerability.
fe4566ca116a6959a9c74396d2775c6aef5c966959905b694638e5886241a34c
IpNetCam A107WIRF-HNH-03 IP-Camera release 0.376.223 suffers from an authentication bypass vulnerability that allows for configuration download.
569faf01e457880f5ce0f17f33d1abec6b4ddf53121a98601078eb108549c8f7
The MESSOA NIC990 IP-Camera suffers from an authentication bypass vulnerability that allows for configuration download.
6175efe337e7dab435edcf61a9bcdaac2005dc4276481888317753c46b51c2bc
The TOSHIBA IK-WP41A IP-Camera suffers from an authentication bypass vulnerability that allows for configuration download.
fd80acc5f1b082bdf356d302c9d57f936f99040d777be1a941c3a23cc9f09764
ownCloud's desktop client versions up to 2.2.2 suffer from a local privilege escalation vulnerability.
b2623943c1aa93651044b4c1a58687459e6c32e5ec23cc3c6403bce318ee3b99
Multiple SIEMENS IP Cameras suffers from an authentication bypass vulnerability that allow for configuration download.
9ecd39104a21b7de939796b1096f82dd87b0d0b7e80942994a8a96a80ca2053c
QNAP QTS version 4.2.1 Build 20160601 suffers from an OS command injection vulnerability.
cb5c2ee3db6c55c22f86862e5b72bd113f7ae769e329bc847caa576516a573f1
QNAP QTS versions 4.2.0 Build 20160311 and Build 20160601 suffer from a persistent cross site scripting vulnerability.
27689d9fdae27206f86fb67c52b512a57abc9dffe9f0f4d19e8aa363d3efdb19