Showing 51 - 75 of 230

Files

PHPback Cross Site Scripting / SQL Injection: Posted Jan 27, 2017; Authored by Manish Tanwar; PHPback versions prior to 1.3.1 suffer from cross site scripting and remote SQL injection vulnerabilities.; tags | exploit, remote, vulnerability, xss, sql injection; SHA-256 | 9c34fbd117127a3840b2442b7d3bfb24a58fe4b805b2f7a9213ddb4100a8aff6; Download | Favorite | View

Web Based TimeSheet Script SQL Injection: Posted Jan 27, 2017; Authored by Ihsan Sencan; Web Based TimeSheet Script suffers from a remote SQL injection vulnerability that allows for authentication bypass.; tags | exploit, remote, web, sql injection; SHA-256 | e37550708fb2dcb26c3bc4846556e732023853390e00ccc4bf77bd69ec22797c; Download | Favorite | View

Android pm_qos KASLR Bypass: Posted Jan 26, 2017; Authored by Google Security Research, laginimaineb; Android suffers from a KASLR bypass in pm_qos.; tags | exploit; SHA-256 | e57d39b01d246ceb8c13456e2e06c50b7a9d4704cb145b0737118ed637b996fd; Download | Favorite | View

Mac OS / iOS host_self_trap Use-After-Free: Posted Jan 26, 2017; Authored by Google Security Research, Ian Beer; Mac OS / iOS kernels suffers from a use-after-free due to a lack of locking in host_self_trap.; tags | exploit, kernel; systems | ios; advisories | CVE-2017-2360; SHA-256 | 71fb8aae34cb7c0d37a7f49a309f5a2dae66cfa5cdb219509169904461df04bc; Download | Favorite | View

Cisco WebEx 1.0.5 Command Execution: Posted Jan 26, 2017; Authored by Tavis Ormandy, Google Security Research; Cisco WebEx version 1.0.5 suffers from a new arbitrary command execution vulnerability via a module whitelist bypass.; tags | exploit, arbitrary; systems | cisco; SHA-256 | cca3ecf12e0dac1eb99404188e20bcca27a53567815273560c040946b9001609; Download | Favorite | View

HTTP_Upload 1.0.0.b3 Arbitrary File Upload: Posted Jan 26, 2017; Authored by hyp3rlinx | Site hyp3rlinx.altervista.org; HTTP_Upload version 1.0.0b3 fails to appropriately take into consideration more than file extensions when mitigating malicious file uploads, allowing for remote code execution.; tags | exploit, remote, code execution, file upload; SHA-256 | e323fe2a36bdc1ea0a49a45f10d4a5a86e92e82480c26d9d199a73052395b5c5; Download | Favorite | View

Mac OS / iOS Kernel Memory Corruption: Posted Jan 26, 2017; Authored by Google Security Research, Ian Beer; Mac OS and iOS kernels suffer from a memory corruption vulnerability due to a userspace pointer being used as a length.; tags | exploit, kernel; systems | ios; advisories | CVE-2017-2370; SHA-256 | 0e21ab8bef04b55df21495e7a540f3e13300a9331dbcf4776f45dad00c8a3317; Download | Favorite | View

Mac OS / iOS IOService::matchPassive Use-After-Free: Posted Jan 26, 2017; Authored by Google Security Research, Ian Beer; Mac OS / iOS kernels suffer from a use-after-free due to a failure to take reference in IOService::matchPassive.; tags | exploit, kernel; systems | ios; advisories | CVE-2017-2353; SHA-256 | 57adee4dbe381b4218e166f2027051025367d86e1a973643acee3ccb7042ec38; Download | Favorite | View

WD My Cloud Mirror 2.11.153 Remote Command Execution / Authentication Bypass: Posted Jan 25, 2017; Authored by Kacper Szurek; WD My Cloud Mirror version 2.11.153 suffers from remote command execution and authentication bypass vulnerabilities.; tags | exploit, remote, vulnerability, bypass; SHA-256 | b6e6e9435d35488c27f70634c1ba1c1a4fb0d74f1203dc7d4d19ef05043a7baf; Download | Favorite | View

Firefox nsSMILTimeContainer::NotifyTimeChange() Remote Code Execution: Posted Jan 24, 2017; Authored by Anonymous Gaijin | Site metasploit.com; This Metasploit module exploits an out-of-bounds indexing/use-after-free condition present in nsSMILTimeContainer::NotifyTimeChange() across numerous versions of Mozilla Firefox on Microsoft Windows.; tags | exploit; systems | windows; advisories | CVE-2016-9079; SHA-256 | af960164b10f4978888d3c2dcdca0041f4f8d2e33bf4bb4404e345fe8ea3e6b9; Download | Favorite | View

Cisco Magic WebEx URL Remote Command Execution: Posted Jan 24, 2017; Authored by Tavis Ormandy, Google Security Research; Cisco's WebEx extension has a URL that allows for arbitrary remote command execution.; tags | exploit, remote, arbitrary; systems | cisco; SHA-256 | 38e70d300153f0f056a7136a948b0b4e1125d12a487e0e736084b746311e4b8a; Download | Favorite | View

CUPS DNS Rebinding Via Incorrect Whitelist: Posted Jan 24, 2017; Authored by Jann Horn, Google Security Research; CUPS suffers from an incorrect whitelist that permits DNS rebinding attacks.; tags | exploit; SHA-256 | bf146f908f889c7ff1e3eef0f659c398d3ad560a003e02a97389dec2077a075a; Download | Favorite | View

Oracle OpenJDK Runtime Environment Build 1.8.0_112-b15 Denial Of Service: Posted Jan 23, 2017; Authored by Roman Shalymov; Oracle OpenJDK Runtime Environment build 1.8.0_112-b15 suffers from a java serialization denial of service vulnerability.; tags | exploit, java, denial of service; advisories | CVE-2017-3241; SHA-256 | 52868d5d4e4171ca13abb254c37c2df30559800d7ea5a50b2e3f2bd19a714287; Download | Favorite | View

Oracle PeopleSoft HCM 9.2 Cross Site Scripting: Posted Jan 23, 2017; Authored by Vahagn Vardanyan, Dmitry Yudin; Oracle PeopleSoft HCM version 9.2 suffers from a cross site scripting vulnerability.; tags | exploit, xss; advisories | CVE-2017-3300; SHA-256 | 7bb5d0122cf38d54f586c668b0e097fe56bac8440c897f157f8cd1a73f9d27f7; Download | Favorite | View

Microsoft Remote Desktop Client For Mac 8.0.36 Remote Code Execution: Posted Jan 23, 2017; Authored by Filippo Cavallarin; Microsoft Remote Desktop Client for Mac version 8.0.36 suffers from a remote code execution vulnerability.; tags | exploit, remote, code execution; SHA-256 | 30fa33e5e481a63662a6fceba59229cee595229bc593a817856790f2cd97de46; Download | Favorite | View

Python 2.x Buffer Overflow: Posted Jan 23, 2017; Authored by sultan albalawi, Chaitanya Haritash; Python version 2.x suffers from a buffer overflow in the DecodeAdpcmImaQT function in the ctypes module.; tags | exploit, overflow, python; SHA-256 | 95cd9741764bd11e16c16945a7122ba1f570f9a6913dad64ad19a68830a3cdc8; Download | Favorite | View

Oracle E-Business Suite 12.x Unconstrainted File Download: Posted Jan 22, 2017; Authored by Owais Mehtab, Tayeeb Rana; Oracle E-Business Suite versions 12.1.3, 12.2.3, 12.2.4, 12.2.5, and 12.2.6 suffer from an unconstrained file download vulnerability.; tags | exploit; advisories | CVE-2017-3277; SHA-256 | 9aae3dbd6f7dc3149e3d98324e0cd339aa6a4a5b85500b4164c9b406d0301082; Download | Favorite | View

PageKit 1.0.10 Password Reset: Posted Jan 22, 2017; Authored by Saurabh Banawar; PageKit version 1.0.10 suffers from a password reset vulnerability.; tags | exploit; SHA-256 | f76bc6ce6d8a3efa2db521a6cd848b172880a8b563cf70947d2a9a9b465a6b58; Download | Favorite | View

Microsoft Power Point Java Payload Code Execution: Posted Jan 22, 2017; Authored by Fady Mohamed Osman; Microsoft power point allows users to insert objects of arbitrary file types. At presentation time these objects can be activated by mouse movement or clicking.; tags | exploit, arbitrary; SHA-256 | 2d838b7169aaadc022b8b58be4e89a994a898f95dd32856f8fa4e1c3b5cff755; Download | Favorite | View

PHP 5.6.x / MyBB 1.8.3 Remote Code Execution: Posted Jan 22, 2017; Authored by Taoguang Chen; MyBB versions 1.8.3 and below alongside PHP versions prior to 5.6.30 suffer from a GMP deserialization type confusion vulnerability.; tags | exploit, php; SHA-256 | 6f585bd28b4ea52da08b574068875a55d67f3ea3d0050fa7544f4931f043f728; Download | Favorite | View

DiskSavvy Enterprise 9.1.14 / 9.3.14 GET Buffer Overflow: Posted Jan 21, 2017; Authored by Gabor Seljan, Victor Portal Gonzalez | Site metasploit.com; This Metasploit module exploits a stack-based buffer overflow vulnerability in the web interface of DiskSavvy Enterprise versions 9.1.14 and 9.3.14, caused by improper bounds checking of the request path in HTTP GET requests sent to the built-in web server. This Metasploit module has been tested successfully on Windows XP SP3 and Windows 7 SP1.; tags | exploit, web, overflow; systems | windows; SHA-256 | 303410a6bc0af29da23911eadcd3224ee78a40329f84d26089b70fd706ce9674; Download | Favorite | View

SunOS 5.11 Remote ICMP Weakness Kernel Denial Of Service: Posted Jan 21, 2017; Authored by Todor Donev; SunOS version 5.11 remote ICMP weakness kernel denial of service exploit.; tags | exploit, remote, denial of service, kernel; systems | solaris; SHA-256 | 95a41460532c231bbc67d78bf29fb5e924fd2abb8eb4b796a6c40bf9539ba715; Download | Favorite | View

ntopng Web Interface 2.4.160627 Cross Site Request Forgery: Posted Jan 21, 2017; Authored by hyp3rlinx | Site hyp3rlinx.altervista.org; ntopng Web Interface version 2.4.160627 suffers from a cross site request forgery token bypass vulnerability.; tags | exploit, web, bypass, csrf; advisories | CVE-2017-5473; SHA-256 | 34960661f2b3cf38145c6e6f128d9428f6327fb5638ca2374f7ba050e6755cf1; Download | Favorite | View

Complain Management System SQL Injection: Posted Jan 21, 2017; Authored by Sibusiso Sishi; Complain Management System suffers from a remote SQL injection vulnerability.; tags | exploit, remote, sql injection; SHA-256 | 72392a73e4045bf1dddfcb69cffbe0aa13ca13ab4dfa6444791ffb665d4b1a8b; Download | Favorite | View

ICGames Games Site Script 1.2 SQL Injection: Posted Jan 21, 2017; Authored by Ihsan Sencan; ICGames Games Site Script version 1.2 suffers from a remote SQL injection vulnerability that allows for authentication bypass.; tags | exploit, remote, sql injection; SHA-256 | 1121c70d431b5895577088e01110edfbac4dcaa36b4f523c2cac4f5fe0606f99; Download | Favorite | View

Page 3 of 10 Back 1 2 3 4 5 Next

Top Authors In Last 30 Days

Red Hat 232 files
Ubuntu 59 files
Debian 27 files
Valentin Lobstein 11 files
LiquidWorm 11 files
nu11secur1ty 9 files
Apple 6 files
Milad Karimi 5 files
Google Security Research 5 files
Yevhenii Butenko 4 files

Files

Top Authors In Last 30 Days

Recent News