Showing 1 - 25 of 151

Files

Packet Storm New Exploits For March, 2020: Posted Apr 1, 2020; Authored by Todd J. | Site packetstormsecurity.com; This archive contains all of the 150 exploits added to Packet Storm in March, 2020.; tags | exploit; SHA-256 | b7358408d257fef08ad26edb42b282e510fde0b9ca1393f3bdd84eb54157c0bc; Download | Favorite | View

KandNconcepts Club CMS 1.1 / 1.2 Cross Site Scripting / SQL Injection: Posted Mar 31, 2020; Authored by thelastvvv; KandNconcepts Club CMS versions 1.1 and 1.2 suffer from cross site scripting and remote SQL injection vulnerabilities.; tags | exploit, remote, vulnerability, xss, sql injection; SHA-256 | 9070d2fd9497a64134d2ff0cc7de35672d08bf049d42764ee9daf8631da56815; Download | Favorite | View

Microsoft Windows 10 SMB 3.1.1 Local Privilege Escalation: Posted Mar 31, 2020; Authored by Manual Blanco Parajon, Daniel Garcia Gutierrez; Microsoft Windows 10 SMB version 3.1.1 SMBGhost local privilege escalation exploit.; tags | exploit, local; systems | windows; advisories | CVE-2020-0796; SHA-256 | 6264aca1e467841faf26e69f8666d2ab3b3b4382fd866c93ace48782ed2ba071; Download | Favorite | View

DrayTek Vigor2960 / Vigor3900 / Vigor300B Remote Command Execution: Posted Mar 31, 2020; Authored by 0xsha; DrayTek Vigor2960 version 1.3.1_Beta, Vigor3900 version 1.4.4_Beta, and Vigor300B versions 1.3.3_Beta, 1.4.2.1_Beta, and 1.4.4_Beta suffer from a remote command execution vulnerability.; tags | exploit, remote; advisories | CVE-2020-8515; SHA-256 | da216e7a3bcdc0e7690df8ecec6a4e14c871f9c105b3e89a4e2c3f6a11e45588; Download | Favorite | View

FlashFXP 4.2.0 Build 1730 Denial Of Service: Posted Mar 31, 2020; Authored by Paras Bhatia; FlashFXP version 4.2.0 build 1730 denial of service proof of concept exploit.; tags | exploit, denial of service, proof of concept; SHA-256 | 7c9be5ce1549e120d252b736596933bacef1869af90adfbb4b4be0fa1a2a3dc1; Download | Favorite | View

Grandstream UCM6200 Series CTI Interface SQL Injection: Posted Mar 31, 2020; Authored by Jacob Baines; Grandstream UCM6200 Series CTI Interface versions 1.0.20.20 and below suffer from a remote SQL injection vulnerability.; tags | exploit, remote, sql injection; advisories | CVE-2020-5726; SHA-256 | fcf24eefeddb201c346536166ab265e01a1416b56845436fbce588e35ef4d37b; Download | Favorite | View

Grandstream UCM6200 Series WebSocket 1.0.20.20 SQL Injection: Posted Mar 31, 2020; Authored by Jacob Baines; Grandstream UCM6200 Series WebSocket versions 1.0.20.20 and below suffer from a remote SQL injection vulnerability.; tags | exploit, remote, sql injection; advisories | CVE-2020-5725; SHA-256 | dbde0cbce4402b656e10575e77f62e63150d1c5371532197da758fe2d6e3a6a0; Download | Favorite | View

10-Strike Network Inventory Explorer 9.03 Buffer Overflow: Posted Mar 30, 2020; Authored by Hodorsec; 10-Strike Network Inventory Explorer version 9.03 Read-from-file buffer overflow exploit that uses SEH and ROP.; tags | exploit, overflow; SHA-256 | d9902b1b7f52b90b881ecd03566b14bdebeafb458532ad05ad92d0692856be5f; Download | Favorite | View

Joomla Fabrik 3.9.11 Directory Traversal: Posted Mar 30, 2020; Authored by qw3rTyTy; Joomla Fabrik component version 3.9.11 suffers from a directory traversal vulnerability.; tags | exploit, file inclusion; SHA-256 | 6bad29182a6bd3575ab9ca57bc52555b04aabb4cfdc488f7b87d996ef4ae786b; Download | Favorite | View

Zen Load Balancer 3.10.1 Remote Code Execution: Posted Mar 30, 2020; Authored by Cody Sixteen; Zen Load Balancer version 3.10.1 suffers from a remote code execution vulnerability.; tags | exploit, remote, code execution; SHA-256 | 29c20561040a95db93c50db27ac160b719fa168e3166212b7e43c1092858f647; Download | Favorite | View

WordPress Event-Registration 5.43 Arbitrary File Upload: Posted Mar 30, 2020; Authored by KingSkrupellos; WordPress Event-Registration plugin version 5.43 suffers from an arbitrary file upload vulnerability.; tags | exploit, arbitrary, file upload; SHA-256 | 2029bbf836e7de4bb57eb88c7f5f10198718d2552a017080a1b57d33050ff81d; Download | Favorite | View

DesignMasterEvents CMS 1.0 SQL Injection / Cross Site Scripting: Posted Mar 30, 2020; Authored by thelastvvv; DesignMasterEvents CMS version 1.0 suffers from cross site scripting and remote SQL injection vulnerabilities.; tags | exploit, remote, vulnerability, xss, sql injection; SHA-256 | 68ddabd38ad26973fa944fdad5a667cbba331245d7a590161e74580d356dcbb6; Download | Favorite | View

Odin Secure FTP Expert 7.6.3 Site Info Denial Of Service: Posted Mar 30, 2020; Authored by Ivan Marmolejo; Odin Secure FTP Expert version 7.6.3 Site Info denial of service proof of concept exploit.; tags | exploit, denial of service, proof of concept; SHA-256 | 9237bd29aa749c0ee8fcd4e1c5a083c2943a4774708d940945375839849a0cb5; Download | Favorite | View

Redis Replication Code Execution: Posted Mar 29, 2020; Authored by Green-m | Site metasploit.com; This Metasploit module can be used to leverage the extension functionality added since Redis 4.0.0 to execute arbitrary code. To transmit the given extension it makes use of the feature of Redis which called replication between master and slave.; tags | exploit, arbitrary; SHA-256 | 2714070c8deee280f0dce194081f510869dec8b4d01b5127d461fe882cd026f7; Download | Favorite | View

Micro Focus Vibe 4.0.6 Cross Site Scripting: Posted Mar 28, 2020; Authored by Dr. Vladimir Bostanov | Site syss.de; Micro Focus Vibe version 4.0.6 suffers from a cross site scripting vulnerability.; tags | exploit, xss; advisories | CVE-2020-9250; SHA-256 | b704ace34d0c7e6b2d7922015fd9228515f6cebf2302a5f752c27dee84dfa06d; Download | Favorite | View

Micro Focus Vibe 4.0.6 HTML Injection: Posted Mar 28, 2020; Authored by Dr. Vladimir Bostanov | Site syss.de; Micro Focus Vibe version 4.0.6 suffers from an html injection vulnerability.; tags | exploit; SHA-256 | 5f9ffbfad0ad714375f7ca82a8f6f5eb5dd45f8670aa28158fa82ea9bff0d765; Download | Favorite | View

IBM Cognos TM1 / IBM Planning Analytics Server Configuration Overwrite / Code Execution: Posted Mar 28, 2020; Authored by Pedro Ribeiro, Gareth Batchelor; IBM Cognos TM1 Server / Planning Analytics Server (TM1) suffers from a configuration overwrite vulnerability that can be leveraged to achieve code execution as SYSTEM via TM1 scripting. Extensive research is included in this advisory as well as the Metasploit module.; tags | exploit, code execution; advisories | CVE-2019-4716; SHA-256 | 7adaef0a254ef114813a1fd3002f76240f5426ebf3ada7a99fac67252f614370; Download | Favorite | View

DLINK DWL-2600 Authenticated Remote Command Injection: Posted Mar 28, 2020; Authored by Raki Ben Hamouda, Nick Starke | Site metasploit.com; This Metasploit module exploits some DLINK Access Points that are vulnerable to an authenticated OS command injection. Default credentials for the web interface are admin/admin.; tags | exploit, web; advisories | CVE-2019-20499; SHA-256 | a2f0e8cf76051e688f4ad0f0c6c2006837b156b7ef27c777a6a73c0c8435e559; Download | Favorite | View

codeBeamer 9.5 Cross Site Scripting: Posted Mar 28, 2020; Authored by Georg Ph E Heise; codeBeamer versions 9.5 and below suffer from multiple persistent cross site scripting vulnerabilities.; tags | exploit, vulnerability, xss; advisories | CVE-2019-19912, CVE-2019-19913; SHA-256 | ad369fec0c3f1233771579bb12bfb9e9b346a7907407bfb4a1a7b305585f8c55; Download | Favorite | View

rConfig 3.9.4 searchField Remote Code Execution: Posted Mar 28, 2020; Authored by vikingfr; rConfig version 3.9.4 searchField unauthenticated remote root code execution exploit.; tags | exploit, remote, root, code execution; advisories | CVE-2019-19509, CVE-2019-19585, CVE-2020-10220; SHA-256 | 286d169b9325c701681f3ca01b90d56974a51fe70471f6d1ba94a2d175b1f7a8; Download | Favorite | View

FreeCommander XE 2020 Pathname Buffer Overflow: Posted Mar 28, 2020; Authored by Hodorsec; FreeCommander XE 2020 Build 810a 32-bit suffers from a pathname buffer overflow vulnerability.; tags | exploit, overflow; SHA-256 | 60d82e33f0c7f4253ddc265c3479423769c54f1a48cc6ae26922cfd73df607d2; Download | Favorite | View

Webexcels Ecommerce CMS 2.x SQL Injection / Cross Site Scripting: Posted Mar 28, 2020; Authored by thelastvvv; Webexcels Ecommerce CMS version 2.x suffers from cross site scripting and remote SQL injection vulnerabilities.; tags | exploit, remote, vulnerability, xss, sql injection; SHA-256 | f1a0150ad98e19ccd148216e1b64e6e01d5ff4f6ed52d98077cbc41e152cfd9e; Download | Favorite | View

ECK Hotel 1.0 Cross Site Request Forgery: Posted Mar 27, 2020; Authored by Mustafa Emre Gul; ECK Hotel version 1.0 suffers from a cross site request forgery vulnerability.; tags | exploit, csrf; SHA-256 | 73b0a2baf1aadb4634e5d536bc7971dd31bccd2af7ff063bb87cdec4581c95e4; Download | Favorite | View

Everest 5.50.2100 Denial Of Service: Posted Mar 27, 2020; Authored by Ivan Marmolejo; Everest version 5.50.2100 suffers from a denial of service vulnerability.; tags | exploit, denial of service; SHA-256 | 36a23f95e671ec254ef8be53b1fd8254508a51304b2e73a386a969ca04e36b72; Download | Favorite | View

Jinfornet Jreport 15.6 Directory Traversal: Posted Mar 27, 2020; Authored by hongphukt; Jinfornet Jreport version 15.6 suffers from an unauthenticated directory traversal vulnerability.; tags | exploit, file inclusion; SHA-256 | 7f1115d2ff0c58a48fbab34dd63f82c48ea7a10f0a6a907b670f9beb78aa1d49; Download | Favorite | View

Page 1 of 7 Back 1 2 3 4 5 Next

Top Authors In Last 30 Days

Red Hat 183 files
Ubuntu 59 files
Debian 20 files
Valentin Lobstein 11 files
nu11secur1ty 9 files
Apple 6 files
Google Security Research 6 files
E1.Coders 4 files
Ersin Erenler 4 files
tmrswrr 4 files

Files

Top Authors In Last 30 Days

Recent News