首页 | 安全文章 | 安全工具 | Exploits | 本站原创 | 关于我们 | 网站地图 | 安全论坛
热门关键字: shell  88888  art  vitter  vsserver
  当前位置:主页>安全文章>文章资料>Exploits>列表
Safari Proxy Object Type Confusion
  日期:2018-12-14 13:46:04 点击:0 评论:0
### This module requires Metasploit: https://metasploit.com/download# Current source: https://github.com/rapid7/metasploit-framework##class MetasploitModule Msf::Exploit::Remote Rank = ManualRanking include Msf::Exploit::EXE include Msf::Exploit::Re
Windows UAC Protection Bypass
  日期:2018-12-14 13:45:20 点击:0 评论:0
### This module requires Metasploit: https://metasploit.com/download# Current source: https://github.com/rapid7/metasploit-framework##require 'msf/core/exploit/exe'require 'msf/core/exploit/powershell'class MetasploitModule Msf::Exploit::Local Rank
WebDAV Server Serving DLL
  日期:2018-12-13 15:00:04 点击:5 评论:0
### This module requires Metasploit: http://metasploit.com/download# Current source: https://github.com/rapid7/metasploit-framework##class MetasploitModule Msf::Exploit::Remote Rank = ManualRanking include Msf::Exploit::Remote::HttpServer include Ms
WordPress Snap Creek Duplicator Code Injection
  日期:2018-12-12 14:27:23 点击:9 评论:0
### This module requires Metasploit: https://metasploit.com/download# Current source: https://github.com/rapid7/metasploit-framework##class MetasploitModule Msf::Exploit::Remote Rank = ManualRanking # this module overwrites the configuration file, b
PrestaShop 1.6.x / 1.7.x Remote Code Execution
  日期:2018-12-12 14:26:14 点击:4 评论:0
?php/** * * PrestaShop 1.6.x = 1.6.1.23 1.7.x = 1.7.4.4 - Back Office Remote Code Execution * See https://github.com/farisv/PrestaShop-CVE-2018-19126 for explanation. * * Chaining multiple vulnerabilities to trigger deserialization via phar. * * Dat
SmartFTP Client 9.0.2623.0 Denial Of Service
  日期:2018-12-12 14:25:28 点击:2 评论:0
# -*- coding: utf-8 -*-# Exploit Title: SmartFTP 9.0 Build 2623 - Denial of Service (PoC)# Date: 06/12/2018# Exploit Author: Alejandra SA!nchez# Vendor Homepage: https://www.smartftp.com/en-us/# Software Link: https://www.smartftp.com/get/SFTPMSI64.
LanSpy 2.0.1.159 Buffer Overflow
  日期:2018-12-12 14:24:15 点击:3 评论:0
# Exploit Title: LanSpy 2.0.1.159 - Local BoF (PoC)# Author: Gionathan John Reale# Discovey Date: 2018-12-07# Homepage: https://lizardsystems.com# Software Link: https://lizardsystems.com/download/lanspy_setup.exe# Tested Version: 2.0.1.159# Tested
Linux userfaultfd tmpfs File Permission Bypass
  日期:2018-12-12 14:23:23 点击:1 评论:0
Linux: userfaultfd bypasses tmpfs file permissions CVE-2018-18397Using the userfaultfd API, it is possible to first register auserfaultfd region for any VMA that fulfills vma_can_userfault():It must be an anonymous VMA (-vm_ops==NULL), a hugetlb VMA
WebKit JIT Proxy Object Issue
  日期:2018-12-12 14:21:18 点击:1 评论:0
WebKit: JIT: Int32/Double arrays can have Proxy objects in the prototype chains CVE-2018-4438Bug:void JSObject::setPrototypeDirect(VM vm, JSValue prototype){ ASSERT(prototype); if (prototype.isObject()) prototype.asCell()-didBecomePrototype(); if (s
CyberLink LabelPrint 2.5 Stack Buffer Overflow
  日期:2018-12-12 14:18:04 点击:4 评论:0
### This module requires Metasploit: https://metasploit.com/download# Current source: https://github.com/rapid7/metasploit-framework##class MetasploitModule Msf::Exploit Rank = NormalRanking include Msf::Exploit::FILEFORMAT def initialize(info={}) s
Google Chrome 70.0.3538.77 Cross Site Scripting / Man-In-The-Middle
  日期:2018-12-12 14:17:26 点击:10 评论:0
Chrome: malicious WPAD server can proxy localhost (leading to XSS in http://localhost:*/*) VERSIONChrome Version: 70.0.3538.77 stableOperating System: Windows 10 (version 1803)When Chrome is installed on Windows and the user joins a malicious networ
XNU POSIX Shared Memory Mapping Issue
  日期:2018-12-12 14:15:09 点击:2 评论:0
XNU: POSIX shared memory mappings have incorrect maximum protection CVE-2018-4435When the mmap() syscall is invoked on a POSIX shared memory segment(DTYPE_PSXSHM), pshm_mmap() maps the shared memory segment's pages into theaddress space of the calli
MiniShare 1.4.1 HEAD / POST Buffer Overflow
  日期:2018-12-10 13:32:31 点击:7 评论:0
Hi!!! playing in 2006.... I have adapted the exploit to pythonNot only the GET method is vulnerable to BOF (CVE-2004-2271). HEAD and POSTmethods are also vulnerable. The difference is minimal, both are exploitedin the same way. Only 1 byte differenc
FutureNet NXR-G240 Series ShellShock Command Injection
  日期:2018-12-10 13:31:08 点击:11 评论:0
# -*- coding: utf-8 -*-# Title: FutureNet NXR-G240 Series - ShellShock Remote Command Injection# Date: 2018-06-12# Author: Nassim Asrir# You have a Q ? Contact me at: https://www.linkedin.com/in/nassim-asrir-b73a57122/# Vendor: http://www.centurysys
i-doit CMDB 1.11.2 - Remote Code Execution
  日期:2018-12-10 13:29:41 点击:9 评论:0
# Exploit Title: i-doit CMDB 1.11.2 - Remote Code Execution# Date: 2018-12-05# Exploit Author: zkan Mustafa Akku (AkkuS)# Contact: https://pentest.com.tr# Vendor Homepage: https://www.i-doit.org/# Software Link: https://www.i-doit.org/i-doit-open-1-
Textpad 8.1.2 - Denial Of Service (PoC)
  日期:2018-12-10 13:27:41 点击:3 评论:0
# Exploit Title: Textpad 8.1.2 - Denial Of Service (PoC) # Author: Gionathan John Reale # Discovey Date: 2018-12-06 # Homepage: https://textpad.com # Software Link: https://www.textpad.com/download/v81/win32/txpeng812-32.zip # Tested Version: 8.1.2
HasanMWB 1.0 SQL Injection
  日期:2018-12-06 15:16:45 点击:5 评论:0
# Exploit Title: HasanMWB 1.0 - SQL Injection# Dork: N/A# Date: 2018-12-05# Exploit Author: Ihsan Sencan# Vendor Homepage: https://sourceforge.net/projects/hasanmwb/# Software Link: https://netcologne.dl.sourceforge.net/project/hasanmwb/HasanMWB-v1.
NUUO NVRMini2 3.9.1 - Authenticated Command Injection
  日期:2018-12-05 14:23:13 点击:11 评论:0
# Exploit Title: NUUO NVRMini2 Authenticated Command Injection # Date: December 3, 2018 # Exploit Author: Artem Metla # Vendor Homepage: https://www.nuuo.com/ProductNode.php?node=2 # # Version: 3.9.1 # Tested on: NUUO NVRMini2 with firmware 3.9.1 # C
OpenSSH < 7.7 - User Enumeration
  日期:2018-12-05 14:21:26 点击:3 评论:0
#!/usr/bin/env python2 # CVE-2018-15473 SSH User Enumeration by Leap Security (@LeapSecurity) https://leapsecurity.io # Credits: Matthew Daley, Justin Gardner, Lee David Painter import argparse, logging, paramiko, socket, sys, os class InvalidUsernam
Xorg X11 Server (AIX) - Local Privilege Escalation
  日期:2018-12-05 14:18:42 点击:15 评论:0
# Exploit Title: AIX Xorg X11 Server - Local Privilege Escalation # Date: 29/11/2018 # Exploit Author: @0xdono # Original Discovery and Exploit: Narendra Shinde # Vendor Homepage: https://www.x.org/ # Platform: AIX # Version: X Window System Version
共633页/12644条记录 首页 1 [2] [3] [4] [5] [6] [7] 下一页 末页
  本月热点文章
·PHP 5.2.3 imap (Debian Based
·Notepad3 1.0.2.350 - Denial
·SwitchVPN for macOS 2.1012.0
·NEC Univerge Sv9100 WebPro 6
·Apache Spark - Unauthenticat
·Xorg X11 Server (AIX) - Loca
·Apache Superset 0.23 - Remot
·Mozilla Firefox 63.0.1 - Den
·PaloAlto Networks Expedition
·ELBA5 5.8.0 - Remote Code Ex
·Fleetco Fleet Maintenance Ma
·XAMPP Control Panel 3.2.2 -
  本月推荐文章
 
  相关分类
  漏洞检测
  漏洞资料
  入侵实例
  系统安全
  网络安全
  网络基础
  病毒分析
Exploits
CopyRight © 2002-2018 VFocuS.Net All Rights Reserved