exploit the possibilities
Showing 1 - 25 of 44,868 RSS Feed

Exploit Files

vBulletin 5.5.4 Remote Command Execution
Posted Dec 10, 2019
Authored by mekhalleh | Site metasploit.com

This Metasploit module exploits vBulletin versions 5.x through 5.5.4 leveraging a remote command execution vulnerability via the widgetConfig[code] parameter in an ajax/render/widget_php routestring POST request.

tags | exploit, remote
advisories | CVE-2019-16759
MD5 | 12d01f78d7c81ffd50f6373629755cb8
DAViCal CalDAV Server 1.1.8 Reflective Cross Site Scripting
Posted Dec 10, 2019
Authored by Rick Verdoes

DAViCal CalDAV Server versions 1.1.8 and below suffer from a reflective cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2019-18345
MD5 | 106d6376bfe42cd1d4a6aa71f7885eaa
DAViCal CalDAV Server 1.1.8 Cross Site Request Forgery
Posted Dec 10, 2019
Authored by Rick Verdoes

DAViCal CalDAV Server versions 1.1.8 and below suffer from a cross site request forgery vulnerability.

tags | exploit, csrf
advisories | CVE-2019-18346
MD5 | 71241e8b0dd14c1b51e8708854a79e80
DAViCal CalDAV Server 1.1.8 Persistent Cross Site Scripting
Posted Dec 10, 2019
Authored by Rick Verdoes

DAViCal CalDAV Server versions 1.1.8 and below suffer from a persistent cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2019-18347
MD5 | 168863215252aa9df18b7fb2768cce78
Apache Olingo OData 4.6.x XML Injection
Posted Dec 10, 2019
Authored by Archibald Haddock

Apache Olingo OData versions 4.x.x through 4.6.x suffer from an XML external entity injection vulnerability.

tags | exploit
advisories | CVE-2019-17554
MD5 | 051e029f16764feddeb7a0590f43de8e
Inim Electronics Smartliving SmartLAN/G/SI 6.x Hard-Coded Credentials
Posted Dec 10, 2019
Authored by LiquidWorm | Site zeroscience.mk

Inim Electronics Smartliving SmartLAN/G/SI versions 6.x and below suffer from a hard-coded credential vulnerability.

tags | exploit
MD5 | 04f17bebbbf0986a1f927de3cebd3ef5
Inim Electronics Smartliving SmartLAN/G/SI 6.x SSRF
Posted Dec 10, 2019
Authored by LiquidWorm | Site zeroscience.mk

Inim Electronics Smartliving SmartLAN/G/SI versions 6.x and below suffer from an unauthenticated server-side request forgery vulnerability.

tags | exploit
MD5 | f21751ca54479762c2e2bdb3358bab9d
Inim Electronics SmartLiving SmartLAN/G/SI 6.x Remote Root
Posted Dec 10, 2019
Authored by LiquidWorm | Site zeroscience.mk

Inim Electronics SmartLiving SmartLAN/G/SI versions 6.x and below suffer from a remote root command execution vulnerability.

tags | exploit, remote, root
MD5 | fa5b04b87f4f1fdd3b909cfc78a8b51d
WordPress Scoutnet Kalender 1.1.0 Cross Site Scripting
Posted Dec 10, 2019
Authored by Simon Moser

WordPress Scoutnet Kalender plugin version 1.1.0 suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2019-19198
MD5 | e04e112fcfa436f18ef05c4933998c2c
Oracle Siebel Sales 8.1 Cross Site Scripting
Posted Dec 9, 2019
Authored by omurugur

Oracle Siebel Sales version 8.1 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
MD5 | e51ac3fef4c785e1fff5e0fc2bd40700
Alcatel-Lucent Omnivista 8770 Remote Code Execution
Posted Dec 9, 2019
Authored by 0x1911

Alcatel-Lucent Omnivista 8770 suffers from a remote code execution vulnerability.

tags | exploit, remote, code execution
MD5 | 0f7cc26132500939004bd71ceacd597f
Snipe-IT Open Source Asset Management 4.7.5 Cross Site Scripting
Posted Dec 9, 2019
Authored by Metin Yunus Kandemir

Snipe-IT Open Source Asset Management version 4.7.5 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
MD5 | ab654a127618deb61eec45dcac220261
PRO-7070 Hazir Profesyonel Web Sitesi 1.0 SQL Injection
Posted Dec 9, 2019
Authored by Ahmet Umit Bayram

PRO-7070 Hazir Profesyonel Web Sitesi version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

tags | exploit, remote, web, sql injection
MD5 | 791eab6baad5a9a9903848ffb987623d
SpotAuditor 5.3.2 Local Buffer Overflow
Posted Dec 9, 2019
Authored by Kirill Nikolaev

SpotAuditor version 5.3.2 Base64 local buffer overflow SEH exploit.

tags | exploit, overflow, local
MD5 | 67c769fde0bc2d49be93a7f6690b9476
Microsoft Windows Windows 10 UAC Bypass
Posted Dec 8, 2019
Authored by Valen

Proof of concept exploit that demonstrates a Microsoft Windows 10 UAC bypass for all executable files which are autoelevate true.

tags | exploit, proof of concept
systems | windows
MD5 | be518251e625f0ce8b117adc6513daf5
Mozilla Firefox Windows 64-Bit Chain Exploit
Posted Dec 7, 2019
Authored by Axel Souchet

This is a full browser compromise exploit chain targeting Mozilla Firefox on Windows 64-bit. It uses CVE-2019-9810 for getting code execution in both the content process as well as the parent process and CVE-2019-11708 to trick the parent process into browsing to an arbitrary URL.

tags | exploit, arbitrary, code execution
systems | windows
advisories | CVE-2019-11708, CVE-2019-9810
MD5 | 32076a29fcf91fd367322669891704a7
OkayCMS 2.3.4 Remote Code Execution
Posted Dec 6, 2019
Authored by Wolfgang Hotwagner

OkayCMS versions 2.3.4 and below suffer from remote code execution vulnerability.

tags | exploit, remote, code execution
advisories | CVE-2019-16885
MD5 | ac48925812fe6df9cf4011ec5409f36d
SiteVision 4.x / 5.x Remote Code Execution
Posted Dec 6, 2019
Authored by Oscar Hjelm

SiteVision suffers from an issue where attackers may execute arbitrary code as root on the target server after gaining access to a low-privilege account. All versions of SiteVision 4 until 4.5.6 and all versions of SiteVision 5 until 5.1.1 are vulnerable.

tags | exploit, arbitrary, root
advisories | CVE-2019-12733
MD5 | d41da44b8c24a9290a4500079e64ac00
SiteVision 4.x / 5.x Insufficient Module Access Control
Posted Dec 6, 2019
Authored by Oscar Hjelm

SiteVision suffers from an issue where attacker may inject non-authorized module when editing pages using a lower privileged account, which can lead to cross site scripting and remote code execution. All versions of SiteVision 4 until 4.5.6 and all versions of SiteVision 5 until 5.1.1 are vulnerable.

tags | exploit, remote, code execution, xss
advisories | CVE-2019-12734
MD5 | e1039e826a6e95e90bc983b83ebc51fe
Yachtcontrol 2019-10-06 Remote Code Execution
Posted Dec 6, 2019
Authored by Hodorsec

Yachtcontrol versions dated 2019-10-06 suffer from an unauthenticated remote code execution vulnerability.

tags | exploit, remote, code execution
advisories | CVE-2019-17270
MD5 | ca74a5272a744f07e91607ab0200e00a
Trend Micro Deep Security Agent 11 Arbitrary File Overwrite
Posted Dec 6, 2019
Authored by Peter Lapp

Trend Micro Deep Security Agent 11 suffers from an arbitrary file overwrite vulnerability.

tags | exploit, arbitrary
advisories | CVE-2019-15627
MD5 | 679cae457bfcd23467151f2a07ff694f
Integard Pro NoJs 2.2.0.9026 Remote Buffer Overflow
Posted Dec 6, 2019
Authored by purpl3f0xsecur1ty

Integard Pro NoJs version 2.2.0.9026 suffers from a remote buffer overflow vulnerability.

tags | exploit, remote, overflow
advisories | CVE-2019-16702
MD5 | a2fb460aecb7da8b7638b7121d90da78
Verot 2.0.3 Remote Code Execution
Posted Dec 6, 2019
Authored by Jinny Ramsmark

Verot version 2.0.3 suffers from a remote code execution vulnerability.

tags | exploit, remote, code execution
advisories | CVE-2019-19576
MD5 | 6739d5e2efeb9ae98d493066bae7aa08
Microsoft Skype For Business DNS Query
Posted Dec 6, 2019
Authored by Alphan Yavas

Microsoft Skype for Business latest versions affected from external service interaction (DNS) vulnerability. A remote attacker could force the vulnerable server to send DNS request to any remote server attacker wants.

tags | exploit, remote
MD5 | 695c9907241fa97e0fd828f91598f381
Omron PLC 1.0.0 Denial Of Service
Posted Dec 6, 2019
Authored by n0b0dy

Omron PLC version 1.0.0 suffers from a denial of service vulnerability.

tags | exploit, denial of service
MD5 | caee586bf9984f567775c95b30789db6
Page 1 of 1,795
Back12345Next

File Archive:

December 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    1 Files
  • 2
    Dec 2nd
    16 Files
  • 3
    Dec 3rd
    17 Files
  • 4
    Dec 4th
    23 Files
  • 5
    Dec 5th
    11 Files
  • 6
    Dec 6th
    10 Files
  • 7
    Dec 7th
    1 Files
  • 8
    Dec 8th
    1 Files
  • 9
    Dec 9th
    15 Files
  • 10
    Dec 10th
    30 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close