安全文章 / 文章资料 / Exploits

首页 | 安全文章 | 安全工具 | Exploits | 本站原创 | 关于我们 | 网站地图 | 安全论坛

热门关键字：　shell 　88888 　art 　vitter 　linux

		当前位置：主页>安全文章>文章资料>Exploits>列表


	LibreOffice/Open Office - '.odt' Information Disclosure
	日期：2018-05-03 17:24:49 点击：20 评论：0
#! /usr/bin/python # Exploit Title: Malicious ODF File Creator # Date: 1st May 2018 # Exploit Author: Richard Davy # Vendor Homepage: https://www.libreoffice.org/ # Software Link: https://www.libreoffice.org/ # Version: LibreOffice 6.0.3, OpenOffice


	Apple macOS/iOS - ReportCrash mach port Replacement due to Failure to Respect MI
	日期：2018-05-03 17:24:08 点击：18 评论：0
/* ReportCrash is the daemon responsible for making crash dumps of crashing userspace processes. Most processes can talk to ReportCrash via their exception ports (either task or host level.) You would normally never send a message yourself to ReportC


	Nagios XI 5.2.6 < 5.2.9 / 5.3 / 5.4 - Chained Remote Root
	日期：2018-05-03 17:22:18 点击：39 评论：0
# Exploit Title: Nagios XI 5.2.[6-9], 5.3, 5.4 Chained Remote Root # Date: 4/17/2018 # Exploit Authors: Benny Husted, Jared Arave, Cale Smith # Contact: https://twitter.com/iotennui \|\| https://twitter.com/BennyHusted \|\| https://twitter.com/0xC413 # V


	Navicat < 12.0.27 - Oracle Connection Overflow
	日期：2018-05-03 17:21:33 点击：23 评论：0
#!/usr/bin/python # Title: Navicat 12.0.27 Oracle Connection Overflow # Author: Kevin McGuigan # Twitter: @_h3xagram # Author Website: https://www.7elements.co.uk # Vendor Website: https://www.navicat.com # Date: 27/04/2018 # Version: 12.0.26 # Teste


	Drupal < 7.58 - 'Drupalgeddon3' Authenticated Remote Code
	日期：2018-05-03 17:20:39 点击：29 评论：0
## # This module requires Metasploit: https://metasploit.com/download # Current source: https://github.com/rapid7/metasploit-framework ## class MetasploitModule Msf::Exploit::Remote Rank = ExcellentRanking include Msf::Exploit::Remote::HttpClient def


	Oracle Weblogic Server 10.3.6.0 / 12.1.3.0 / 12.2.1.2 / 12.2.1.3 - Deserializati
	日期：2018-05-03 17:19:06 点击：519 评论：0
# -- coding: utf-8 -- # Oracle Weblogic Server (10.3.6.0, 12.1.3.0, 12.2.1.2, 12.2.1.3) Deserialization Remote Command Execution Vulnerability (CVE-2018-2628) # # IMPORTANT: Is provided only for educational or information purposes. # # Credit: Than


	osCommerce Installer Unauthenticated Code Execution
	日期：2018-05-03 17:13:27 点击：24 评论：0
### This module requires Metasploit: https://metasploit.com/download# Current source: https://github.com/rapid7/metasploit-framework##class MetasploitModule Msf::Exploit::Remote Rank = ExcellentRanking include Msf::Exploit::Remote::HttpClient def in


	Drupal Drupalgeddon 2 Forms API Property Injection
	日期：2018-04-27 15:45:05 点击：37 评论：0
### This module requires Metasploit: https://metasploit.com/download# Current source: https://github.com/rapid7/metasploit-framework##class MetasploitModule Msf::Exploit::Remote Rank = ExcellentRanking include Msf::Exploit::Remote::HttpClient # XXX:


	Allok AVI to DVD SVCD VCD Converter 4.0.1217 - Buffer Overflow (SEH)
	日期：2018-04-27 15:43:19 点击：22 评论：0
####################################################### # Exploit Title: Allok AVI to DVD SVCD VCD Converter 4.0.1217 - Buffer Overflow (SEH) # Date: 25.04.2018 # Exploit Author:T3jv1l # Vendor Homepage:http://www.alloksoft.com/ # Software: www.allok


	GitList 0.6 - Unauthenticated Remote Code Execution
	日期：2018-04-27 15:42:33 点击：27 评论：0
''' # Exploit Title: GitList 0.6 Unauthenticated RCE # Date: 25-04-2018 # Software Link: https://github.com/klaussilveira/gitlist # Exploit Author: Kacper Szurek # Contact: https://twitter.com/KacperSzurek # Website: https://security.szurek.pl/ # Cat


	SickRage < v2018.03.09 - Clear-Text Credentials HTTP Response
	日期：2018-04-27 15:39:31 点击：96 评论：0
# Exploit Title: SickRage v2018.03.09 - Clear-Text Credentials HTTP Response # Date: 2018-04-01 # Exploit Author: Sven Fassbender # Vendor Homepage: https://sickrage.github.io # Software Link: https://github.com/SickRage/SickRage # Version: v2018.03.


	Chrome V8 JIT - Arrow Function Scope Fixing Bug
	日期：2018-04-26 16:54:57 点击：23 评论：0
/* When the parser parses the parameter list of an arrow function contaning destructuring assignments, it can't distinguish whether the assignments will be actually in the parameter list or just assignments until it meets a = token. So it first assig


	Chrome V8 JIT - 'AwaitedPromise' Update Bug
	日期：2018-04-26 16:54:04 点击：53 评论：0
/* Here's a snippet of AsyncGeneratorReturn. ( https://cs.chromium.org/chromium/src/v8/src/builtins/builtins-async-generator-gen.cc?rcl=bcd1365cf7fac0d7897c43b377c143aae2d22f92l=650 ) Node* const context = Parameter(Descriptor::kContext); Node* const


	VMware Workstation 12.5.2 - Drag n Drop Use-After-Free (Pwn2Own 2017) (PoC)
	日期：2018-04-26 16:51:51 点击：87 评论：0
char initial_dnd = tools.capability.dnd_version 4; static const int cbObj = 0x100; char second_dnd = tools.capability.dnd_version 2; char chgver = vmx.capability.dnd_version; char call_transport = dnd.transport ; char *readstring = ToolsAutoInsta


	Easy File Sharing Web Server 7.2 - 'UserID' Remote Buffer Overflow (DEP Bypass)
	日期：2018-04-25 15:41:12 点击：46 评论：0
#!/usr/bin/env python #---------------------------------------------------------------------------------------------------# # Exploit Title : Easy File Sharing Web Server 7.2 - 'UserID' Remote Buffer Overflow (DEP Bypass) # # Date : 04/24/2018 # # Ex


	Allok Video to DVD Burner 2.6.1217 - Buffer Overflow (SEH)
	日期：2018-04-25 15:40:25 点击：21 评论：0
####################################################### # Exploit Title: Buffer Overflow(SEH) on Allok Video to DVD Burner2.6.1217 # Date: 23.04.2018 # Exploit Author:T3jv1l # Vendor Homepage:http://www.alloksoft.com/ # Software: www.alloksoft.com/al


	R 3.4.4 - Local Buffer Overflow
	日期：2018-04-25 15:39:14 点击：293 评论：0
#!/usr/bin/python # # Exploit Author: bzyo # CVE: CVE-2018-9060 # Twitter: @bzyo_ # Exploit Title: R 3.4.4 - Local Buffer Overflow # Date: 03-27-2018 # Vulnerable Software: R 3.4.4 # Vendor Homepage: https://www.r-project.org/ # Version: 3.4.4 # Soft


	Ericsson-LG iPECS NMS A.1Ac - Cleartext Credential Disclosure
	日期：2018-04-25 15:35:19 点击：82 评论：0
# -- coding: utf-8 -- # Exploit Title: Ericsson-LG iPECS NMS - Cleartext Cred. Dump # Vendor Notification: 03-03-2018 - No response # Initial CVE: 04-04-2018 # Disclosure: 21-04-2018 # Exploit Author: Berk Cem Gksel # Contact: twitter.com/berkcgoks


	VLC Media Player/Kodi/PopcornTime 'Red Chimera' < 2.2.5 - Memory Corruption (PoC
	日期：2018-04-25 15:32:58 点击：33 评论：0
VLC Media Player/Kodi/PopcornTime 'Red Chimera' 2.2.5 Memory Corruption (PoC) Author: SivertPL ( kroppoloe@protonmail.ch ) CVE: CVE-2017-8311 Infamous VLC/Kodi/PopcornTime subtitle attack in libsubtitle_plugin.dll. This is the Proof of Concept of th


	Interspire Email Marketer < 6.1.6 - Remote Admin Authentication Bypass
	日期：2018-04-25 15:26:36 点击：197 评论：0
''' # Exploit Title: Interspire Email Marketer - Remote Admin Authentication Bypass # Google Dork: intitle:Control Panel + emailmarketer # Date: 4-22-18 # Exploit Author: devcoinfet # Vendor Homepage: www.interspire.com/emailmarketer # Software Link:

共637页/12733条记录首页上一页 [31] [32] [33] 34 [35] [36] [37] 下一页末页

本月热点文章

本月推荐文章

相关分类

Exploits

CopyRight © 2002-2022 VFocuS.Net All Rights Reserved