exploit the possibilities
Showing 1 - 25 of 47,773 RSS Feed

Exploit Files

Chrome Array Transfer Bypass
Posted May 14, 2021
Authored by Google Security Research, Glazvunov

The fix for CVE-2021-21148 has added a check in |ValueSerializer::WriteJSArrayBuffer| to make sure non-detachable array buffers cannot be transferred. The check can be bypassed with the help of asm.js and property getters.

tags | exploit
advisories | CVE-2021-21148, CVE-2021-21156
MD5 | 2c54899cf0b5cf9ab027a5329061b62e
Student Management System 1.0 Cross Site Scripting
Posted May 14, 2021
Authored by Mohsen Khashei

Student Management System version 1.0 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
MD5 | 5461c3ba471eba425783842dcc1f9e29
Podcast Generator 3.1 Cross Site Scripting
Posted May 14, 2021
Authored by Aysenur Karaaslan

Podcast Generator version 3.1 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
MD5 | ae8038f9be106fca0d51f9c7a9b18969
Chamilo LMS 1.11.14 Remote Code Execution
Posted May 14, 2021
Authored by M. Cory Billington

Chamilo LMS version 1.11.14 authenticated remote code execution exploit.

tags | exploit, remote, code execution
advisories | CVE-2021-31933
MD5 | 5a8f8f1545cefe375862b9f2c4609083
Internet Explorer jscript9.dll Memory Corruption
Posted May 13, 2021
Authored by Ivan Fratric, Google Security Research

There is a vulnerability in jscript9 that could be potentially used by an attacker to execute arbitrary code when viewing an attacker-controlled website in Internet Explorer. The vulnerability has been confirmed on Windows 10 64-bit with the latest security patches applied.

tags | exploit, arbitrary
systems | windows
advisories | CVE-2021-26419
MD5 | 50dcfd05a094914cf819e98d3f2de507
Firefox 72 IonMonkey JIT Type Confusion
Posted May 13, 2021
Authored by deadlock

Firefox 72 IonMonkey JIT type confusion exploit.

tags | exploit
advisories | CVE-2019-17026
MD5 | 7a96469356a9cfa5498f5fb7edfb4a08
ScadaBR 1.0 / 1.1CE Windows Shell Upload
Posted May 13, 2021
Authored by Fellipe Oliveira

ScadaBR versions 1.0 and 1.1CE authenticated shell upload exploit written for Windows targets.

tags | exploit, shell
systems | windows
advisories | CVE-2021-26828
MD5 | 04c215bbe62a07fd802ce382554daf46
Microsoft Internet Explorer 8/11 Use-After-Free
Posted May 13, 2021
Authored by deadlock

Microsoft Internet Explorer 8/11 and WPAD service Jscript.dll use-after-free exploit.

tags | exploit
advisories | CVE-2020-0674
MD5 | f762d7cc3b848be95e980dbf64f8fd46
ScadaBR 1.0 / 1.1CE Linux Shell Upload
Posted May 13, 2021
Authored by Fellipe Oliveira

ScadaBR versions 1.0 and 1.1CE authenticated shell upload exploit written for Linux targets.

tags | exploit, shell
systems | linux
advisories | CVE-2021-26828
MD5 | 3ad6c1b0c4cf0a0d3c8de295a42f4340
OpenPLC WebServer 3 Remote Code Execution
Posted May 13, 2021
Authored by Fellipe Oliveira

OpenPLC WebServer version 3 authentication remote code execution exploit.

tags | exploit, remote, code execution
MD5 | b43b406cdd773e40446d95720bd60c23
Dental Clinic Appointment Reservation System 1.0 SQL Injection
Posted May 13, 2021
Authored by Mesut Cetin

Dental Clinic Appointment Reservation System version 1.0 suffers from multiple remote SQL injection vulnerabilities with one of them allowing for authentication bypass.

tags | exploit, remote, vulnerability, sql injection
MD5 | 590039c72fd98d00add5038df52eb7a0
ZeroShell 3.9.0 Remote Command Execution
Posted May 13, 2021
Authored by Fellipe Oliveira

ZeroShell version 3.9.0 remote command execution exploit.

tags | exploit, remote
advisories | CVE-2019-12725
MD5 | 6136d89b624e83529112cda72e8b9e5e
Windows Container Manager Service CmsRpcSrv_MapNamedPipeToContainer Privilege Escalation
Posted May 12, 2021
Authored by James Forshaw, Google Security Research

The Container Manager Service does not configure STORVSP correctly when opening mapped named pipes leading to privilege escalation.

tags | exploit
advisories | CVE-2021-31167
MD5 | 970b0826e9c53e62fb981f362a8095f7
ExifTool DjVu ANT Perl Injection
Posted May 12, 2021
Authored by Justin Steven, William Bowling | Site metasploit.com

This Metasploit module exploits a Perl injection vulnerability in the DjVu ANT parsing code of ExifTool versions 7.44 through 12.23 inclusive. The injection is used to execute a shell command using Perl backticks. The DjVu image can be embedded in a wrapper image using the HasselbladExif EXIF field.

tags | exploit, shell, perl
advisories | CVE-2021-22204
MD5 | 1fba1ff491cb6bf069766f65d4437c6e
Windows Container Manager Service Arbitrary Object Directory Creation Privilege Escalation
Posted May 12, 2021
Authored by James Forshaw, Google Security Research

The Container Manager Service creates an AppContainer process without impersonating the access token leading to privilege escalation.

tags | exploit
advisories | CVE-2021-31169
MD5 | ad4654c8ed7054c3225224811ba94b15
Windows Container Manager Service CmsRpcSrv_MapVirtualDiskToContainer Privilege Escalation
Posted May 12, 2021
Authored by James Forshaw, Google Security Research

The Container Manager Service does not impersonate the caller when granting access to virtual disk images leading to privilege escalation.

tags | exploit
advisories | CVE-2021-31168
MD5 | ae8247dda745d9d8d6c85bfb03878028
Windows Container Manager Service CmsRpcSrv_CreateContainer Privilege Escalation
Posted May 12, 2021
Authored by James Forshaw, Google Security Research

The Container Manager Service accepts an access token provided by the user without verification allowing an arbitrary process to be created with another user identity leading to privilege escalation.

tags | exploit, arbitrary
advisories | CVE-2021-31165
MD5 | 12c1abb8e71fc62e306c9bc1dea254d3
Backdoor.Win32.Delf.zho Authentication Bypass / Code Execution
Posted May 12, 2021
Authored by malvuln | Site malvuln.com

Backdoor.Win32.Delf.zho malware suffers from bypass and code execution vulnerabilities.

tags | exploit, vulnerability, code execution
systems | windows
MD5 | 487f9e14ba262dfab66e64b94678938b
Chevereto 3.17.1 Cross Site Scripting
Posted May 12, 2021
Authored by Akiner Kisa

Chevereto version 3.17.1 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
MD5 | d2fa311cc91e61a5447460593e31993d
Android NFC nfa_rw_sys_disable Type Confusion
Posted May 12, 2021
Authored by Google Security Research, nedwill

Android NFC suffers from a type confusion vulnerability in nfa_rw_sys_disable.

tags | exploit
MD5 | c8afe4ec5b084a950377d0e1557801f8
Splinterware System Scheduler Professional 5.30 Privilege Escalation
Posted May 12, 2021
Authored by Andrea Intilangelo

Splinterware System Scheduler Professional version 5.30 suffers an unquoted service path vulnerability that allows for privilege escalation.

tags | exploit
MD5 | 8f6dbe88705c0cb72b7fc1c5e9131baf
Odoo 12.0.20190101 Unquoted Service Path
Posted May 12, 2021
Authored by 1F98D

Odoo version 12.0.20190101 suffers from an unquoted service path vulnerability.

tags | exploit
MD5 | 2818299cf76dd1bf13481c862d845df4
Customer Relationship Management (CRM) System 1.0 Shell Upload
Posted May 11, 2021
Authored by Richard Jones

Customer Relationship Management (CRM) System version 1.0 suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell
MD5 | fd0485926223aa2206f5546dccf46c64
Customer Relationship Management (CRM) System 1.0 Cross Site Scripting
Posted May 11, 2021
Authored by Richard Jones

Customer Relationship Management (CRM) System version 1.0 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
MD5 | cf0d47675e4753962da5db34f3ef7c4d
Customer Relationship Management (CRM) System 1.0 SQL Injection
Posted May 11, 2021
Authored by Richard Jones

Customer Relationship Management (CRM) System version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

tags | exploit, remote, sql injection
MD5 | df2f1ca3c4905b571716bcf98058482c
Page 1 of 1,911
Back12345Next

File Archive:

May 2021

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    1 Files
  • 2
    May 2nd
    4 Files
  • 3
    May 3rd
    26 Files
  • 4
    May 4th
    17 Files
  • 5
    May 5th
    3 Files
  • 6
    May 6th
    32 Files
  • 7
    May 7th
    11 Files
  • 8
    May 8th
    2 Files
  • 9
    May 9th
    2 Files
  • 10
    May 10th
    13 Files
  • 11
    May 11th
    17 Files
  • 12
    May 12th
    22 Files
  • 13
    May 13th
    11 Files
  • 14
    May 14th
    9 Files
  • 15
    May 15th
    0 Files
  • 16
    May 16th
    0 Files
  • 17
    May 17th
    0 Files
  • 18
    May 18th
    0 Files
  • 19
    May 19th
    0 Files
  • 20
    May 20th
    0 Files
  • 21
    May 21st
    0 Files
  • 22
    May 22nd
    0 Files
  • 23
    May 23rd
    0 Files
  • 24
    May 24th
    0 Files
  • 25
    May 25th
    0 Files
  • 26
    May 26th
    0 Files
  • 27
    May 27th
    0 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close