安全文章 / 文章资料 / Exploits

首页 | 安全文章 | 安全工具 | Exploits | 本站原创 | 关于我们 | 网站地图 | 安全论坛

热门关键字：　shell 　88888 　art 　vitter 　linux

		当前位置：主页>安全文章>文章资料>Exploits>列表


	Microsoft Edge Chakra JIT - 'InlineArrayPush' Type Confusion
	日期：2018-08-27 14:07:35 点击：20 评论：0
/* This is similar to issue 1531 . The patch seems to prevent type confusion triggered from StElemI_A instructions. But the SetItem method can also be invoked through the Array.prototype.push method which can be inlineed. We can achieve type confusio


	Microsoft Edge Chakra JIT - 'DictionaryPropertyDescriptor::CopyFrom' Type Conf
	日期：2018-08-27 14:06:53 点击：13 评论：0
/* Here's the method. template typename TPropertyIndex template typename TPropertyIndexFrom void DictionaryPropertyDescriptorTPropertyIndex::CopyFrom(DictionaryPropertyDescriptorTPropertyIndexFrom descriptor) { this-Attributes = descriptor.Attribute


	Microsoft Edge Chakra JIT - Parameter Scope Parsing Type Confusion
	日期：2018-08-27 14:06:10 点击：12 评论：0
// PoC: async function trigger(a = class b { [await 1]() { } }) { } let spray = []; for (let i = 0; i 100000; i++) { spray.push(parseFloat.bind(1, 0x1234, 0x1234, 0x1234, 0x1234)); } trigger(); /* The PoC is invalid JavaScript, but Chakra does parse


	Microsoft Edge Chakra JIT - ImplicitCallFlags Check Bypass with Intl
	日期：2018-08-27 14:05:22 点击：15 评论：0
/* If the Intl object hasn't been initialized, access to any property of it will trigger the initialization process which will run Intl.js. The problem is that it runs Intl.js without caring about the ImplicitCallFlags flag. In the PoC, it redefines


	ADM 3.1.2RHG1 - Remote Code Execution
	日期：2018-08-27 14:03:44 点击：87 评论：0
# Title: Asustor ADM 3.1.2RHG1 - Remote Code Execution # Author: Matthew Fulton Kyle Lovett # Date: 2018-07-01 # Vendor Homepage: https://www.asustor.com/ # Software Link: http://download.asustor.com/download/adm/X64_G3_3.1.2.RHG1.img # Version: = AD


	CEWE Photoshow 6.3.4 - Denial of Service (PoC)
	日期：2018-08-27 14:02:45 点击：21 评论：0
# Exploit Title: CEWE Photoshow 6.3.4 - Denial of Service (PoC) # Author: Gionathan John Reale # Discovey Date: 2018-08-17 # Homepage: https://cewe-photoworld.com/ # Software Link: https://cewe-photoworld.com/creator-software/windows-download # Teste


	OpenSSH 2.3 < 7.7 - Username Enumeration (PoC)
	日期：2018-08-27 14:01:24 点击：222 评论：0
#!/usr/bin/env python # Copyright (c) 2018 Matthew Daley # # Permission is hereby granted, free of charge, to any person obtaining a copy # of this software and associated documentation files (the Software), to # deal in the Software without restrict


	Mikrotik WinBox 6.42 - Credential Disclosure (golang)
	日期：2018-08-27 14:00:18 点击：99 评论：0
# Title: Mikrotik WinBox 6.42 - Credential Disclosure ( golang edition ) # Author: Maxim Yefimenko ( @slider ) # Date: 2018-08-06 # Sotware Link: https://mikrotik.com/download # Vendor Page: https://www.mikrotik.com/ # Version: 6.29 - 6.42 # Tested


	Central Management Software 1.4.13 - Denial of Service (PoC)
	日期：2018-08-27 13:59:33 点击：52 评论：0
# Exploit Title: Central Management Software v1.4.13 - Denial of Service (PoC) # Author: Gionathan John Reale # Discovey Date: 2018-08-16 # Homepage: https://www.ambientweather.com # Software Link: https://p10.secure.hostingprod.com/@site.ambientweat


	ObserverIP Scan Tool 1.4.0.1 - Denial of Service (PoC)
	日期：2018-08-27 13:58:29 点击：55 评论：0
# Exploit Title: ObserverIP Scan Tool 1.4.0.1 - Denial of Service (PoC) # Author: Gionathan John Reale # Discovey Date: 2018-08-16 # Homepage: https://www.ambientweather.com # Software Link: https://p10.secure.hostingprod.com/@site.ambientweatherstor


	Foxit Reader 9.0.1.1049 Buffer Overflow
	日期：2018-08-16 14:38:24 点击：59 评论：0
%PDF 1 0 obj/Pages 1 0 R /OpenAction 2 0 R 2 0 obj/S /JavaScript /JS (/*#---------------------------------------------------------------------------------------------------## Exploit Title : Foxit Reader RCE with DEP bypass on Heap with shellcode ##


	cPanel 76 Cross Site Scripting
	日期：2018-08-16 14:37:23 点击：74 评论：0
[+] Title: cPanel Filename Based Stored XSS = v76[+] Author: Numan OZDEMIR[+] Vendor Homepage: cpanel.com[+] Version: Up to v76.[+] Discovered by Numan OZDEMIR in InfinitumIT Labs[+] root@numanozdemir.com - info@infinitumit.com.tr[~] Description:Att


	Cloudme 1.9 - Buffer Overflow (DEP) (Metasploit)
	日期：2018-08-15 16:04:35 点击：49 评论：0
# Exploit Title: Cloudme 1.9 - Buffer Overflow (DEP) (Metasploit) # Date: 2018-08-13 # Exploit Author: Raymond Wellnitz # Vendor Homepage: https://www.cloudme.com # Version: 1.8.x/1.9.x # Tested on: Windows 7 x64 # CVE : 2018-6892 ## # This module re


	cgit 1.2.1 - Directory Traversal (Metasploit)
	日期：2018-08-15 16:03:27 点击：45 评论：0
# Title: cgit 1.2.1 - Directory Traversal (Metasploit) # Author: Dhiraj Mishra # Software: cgit # Link: https://git.zx2c4.com/cgit/ # Date: 2018-08-14 # CVE: CVE-2018-14912 # This module exploits a directory traversal vulnerability which exists # in


	Wansview 1.0.2 - Denial of Service (PoC)
	日期：2018-08-15 16:01:49 点击：33 评论：0
# Exploit Title: Wansview 1.0.2 - Denial of Service (PoC) # Author: Gionathan John Reale # Discovey Date: 2018-08-14 # Software Link: http://www.wansview.com/uploads/soft/Wansview_v1.0.2.exe # Tested Version: 1.0.2 # Tested on OS: Windows 10 # Steps


	Oracle GlassFish Server 4.1 Directory Traversal
	日期：2018-08-14 15:24:22 点击：39 评论：0
### This module requires Metasploit: https://metasploit.com/download# Current source: https://github.com/rapid7/metasploit-framework##class MetasploitModule Msf::Auxiliary include Msf::Auxiliary::Report include Msf::Auxiliary::Scanner include Msf::E


	iSmartViewPro 1.5 Buffer Overflow
	日期：2018-08-14 15:21:17 点击：57 评论：0
# Exploit Title: iSmartViewPro 1.5 - 'SavePath for ScreenShots' Local Buffer Overflow # Author: Shubham Singh# Known As: Spirited Wolf [Twitter: @Pwsecspirit]# Discovey Date: 2018-08-12# Software Link: https://securimport.com/university/videovigilan


	Microsoft DirectX SDK (June 2010) Xact3.exe DLL Hijacking
	日期：2018-08-14 15:20:29 点击：44 评论：0
[+] Credits: John Page (aka hyp3rlinx)[+] Website: hyp3rlinx.altervista.org[+] Source: http://hyp3rlinx.altervista.org/advisories/MICROSOFT-DIRECTX-SDK-XACT.EXE-TROJAN-FILE-CODE-EXECUTION.txt[+] ISR: Apparition Security ***Greetz: indoushka \| Eduard


	Switch Port Mapping Tool 2.81.2 - 'Name Field' Denial of Service (PoC)
	日期：2018-08-14 15:16:08 点击：25 评论：0
# Exploit Title: Switch Port Mapping Tool 2.81.2 - 'Name Field' Denial of Service (PoC) # Discovery by: Shubham Singh # Known As: Spirited Wolf [Twitter: @Pwsecspirit] # Discovey Date: 2018-08-13 # Vendor Homepage: https://switchportmapper.com/ # So


	PLC Wireless Router GPN2.4P21-C-CN - Denial of Service
	日期：2018-08-14 15:15:19 点击：63 评论：0
# Exploit Title: PLC Wireless Router GPN2.4P21-C-CN Unauthenticated Remote Reboot # Date: 8/12/2018 # Exploit Author: Chris Rose # Affected Model : GPN2.4P21-C-CN(Firmware: W2001EN-00) # Vendor: ChinaMobile # Tested on: Debian Linux # Shodan dork- t

共637页/12733条记录首页上一页 [19] [20] [21] 22 [23] [24] [25] 下一页末页

本月热点文章

本月推荐文章

相关分类

Exploits

CopyRight © 2002-2022 VFocuS.Net All Rights Reserved