Real Name | Larry W. Cashdollar |
---|---|
Email address | private |
Website | vapid.dhs.org |
First Active | 1999-11-14 |
Last Active | 2020-07-15 |
Oracle Solaris 11 Device Driver Utility version 1.3.1 suffers from an insecure use of /tmp that can allow for a race condition which leads to privilege escalation. Included exploit provides a root shell.
ab9f7d499e25ee29f512a1665d6b70ae126fc6bd0318afb737ac4598bbd67bee
Blueimp jQuery File Upload versions 9.22.0 and below suffer from a remote file upload vulnerability.
e9f157afd7f59180b86e0627f3b9de79d4da7a9d147657e0cbddcbeeed0173eb
This Metasploit module exploits an arbitrary file upload in the sample PHP upload handler for blueimp's jQuery File Upload widget in versions 9.22.0 and below. Due to a default configuration in Apache 2.3.9+, the widget's .htaccess file may be disabled, enabling exploitation of this vulnerability. This vulnerability has been exploited in the wild since at least 2015 and was publicly disclosed to the vendor in 2018. It has been present since the .htaccess change in Apache 2.3.9. This Metasploit module provides a generic exploit against the jQuery widget.
d34fb14aa9b4338617c18788b969d61c2e2bb73edfa259074f37f0336142d5c4
jQuery-File-Upload versions 9.22.0 and below suffer from an unauthenticated arbitrary file upload vulnerability that allows for remote command execution.
9b9e155688817d68e773b78e64aa874b246af6c757592c38ac8faeace00f863c
WordPress Arigato Autoresponder and Newsletter plugin version 2.5 suffers from cross site scripting and remote SQL injection vulnerabilities.
876e35305620fc31c8d2c65c203d9b3764e3c9d842428decfbf08fdaeaf1bd41
Drupal Avatar Uploader module version 7.x-1.0-beta8 suffers from an arbitrary file download vulnerability.
4cf85788db1bd1ddd89e069c2f58b01ca89ff2e43c554bce7aa6ad89915e6981
WordPress Membership Simplified plugin version 1.58 arbitrary file download exploit.
4c08533b53ceaa110bfa5f0e14cb895598bf93d3e447435710268285bdcdec4b
WordPress Membership Simplified plugin version 1.58 suffers from an arbitrary file download vulnerability.
49f3d2d3c61b472f332fbd1106c4ce7e59776bbb9ab0b8bb84d33daeedbd57c3
WordPress Mobile App Native plugin version 3.0 suffers from a remote shell upload vulnerability.
82c684ffec16cec057a097ac53b55c3e0975581fe9a3b9827068d8e17f8e043a
WordPress wp-json API content injection exploit proof of concept.
f2bd654825c2a33cf9a482dda51a1c94d3caf75c65e12399b5758aed301edbbf
This is a database download brute forcing script that is written for the WordPress WP Easy Full Backup plugin.
8009e8ab50cfe48e9e83d6221a42b01e2d9572a63fa30c4d3ef32db9c178dcd1
Teradata Studio Express version 15.12.00.00 suffers from a /tmp race condition.
583918d299382692f75adf180be7fce3356ec3b11412eae6360e55551f4db194
Teradata Virtual Machine Community Edition version 15.10 suffers from an insecure creation of files in /tmp that may lead to elevated code execution.
e691a1d0946b6dec697dabedfd9fbb69365159048c57b7f3860a30cc91f0e9aa
Teradata Virtual Machine Community Edition version 15.10 suffers from an insecure file permission vulnerability.
12ab3c47e222e2424905eb04541b8502f7178bbf5977133e83cb3a134c9d7aa0
Joomla Huge-IT Portfolio Gallery plugin version 1.0.6 suffers from a remote SQL injection vulnerability.
c736d80fc3abb2b181ac9b8ebf78e33ac2a58f366fa330b5853b34264816675e
Joomla Huge-IT Catalog component version 1.0.7 suffers from a remote SQL injection vulnerability.
ec7c54b92dde7ae79e9dedd8de808f51247be85b0c3eea5eefcd781c3c987514
Joomla Huge-IT Video Gallery component version 1.0.9 suffers from a remote unauthenticated SQL injection vulnerability.
23591d1c5baab1dd97cf541e0e9530809619db9d2680fd8d0aa19ddcb03cd816
Huge IT Joomla Slider extension version 1.0.9 suffers from cross site scripting and remote SQL injection vulnerabilities.
4de2f91b2188085d1b161495281b6932b70d1cec9be6d62cde8cfe1b2ce6aa59
Huge IT Joomla Catalog extension version 1.0.4 suffers from cross site scripting and remote SQL injection vulnerabilities.
9c25166a6b055251167cac9d73f262cb8fdfe462fc610b07ff5ffe47e4f85893
Joomla Huge IT Gallery component version 1.1.5 suffers from cross site scripting and remote SQL injection vulnerabilities.
120e40124b2650bf6bce6e60a521c443d54b15ebf39bb3e4eefcfa1bddb21b44
WordPress Contus Video Comments plugin version 1.0 suffers from a remote file upload vulnerability.
4f6ec1ff49f824524c93da0857f1b6f61521cb94809158b755faa6e7a4516efa
Installation of DeleGate version 9.9.13 sets some binaries setuid root and at least one of these binaries can be used to escalate the privileges of a local user. The binary dgcpnod creates a node allowing a local unprivileged user to create files anywhere on disk. By creating a file in /etc/cron.hourly a local user can execute commands as root.
7f7b948cf0c658577a60b54e041918a12f7d33a376ff4d93c8a8740f4fddad56
WordPress Cool Video Gallery plugin version 1.9 suffers from a remote command injection vulnerability.
5527218243efe625a95dd6c7587560dc325ce8d0f1365babde77ebbdb4973007
The install script for IBM Installation Manager version 1.8.1 suffers from a /tmp race condition.
61ddc1ecef489ff69c00edb7ed3182af444a773253d7beed708c57be0d98de12
WordPress MP3-jPlayer plugin version 2.3.2 suffers from a path disclosure vulnerability.
b8fbb759e7b1e1395decffc5aa185e679dc8ee3e5aea8bf2ca8664c00c24b580