安全文章 / 文章资料 / Exploits

首页 | 安全文章 | 安全工具 | Exploits | 本站原创 | 关于我们 | 网站地图 | 安全论坛

热门关键字：　shell 　88888 　art 　vitter 　linux

		当前位置：主页>安全文章>文章资料>Exploits>列表


	Microsoft Windows - Multiple Use-After-Free Issues in jscript Array Methods
	日期：2018-04-08 14:55:52 点击：22 评论：0
!-- There are multiple use-after-free issues in Array methods in jscript. When jscript executes an Array method (such as Array.join), it first retrieves the length of an array. If the input is not an array but an object, then the length property of t


	ProcessMaker Plugin Code Execution
	日期：2018-04-04 13:57:08 点击：30 评论：0
### This module requires Metasploit: http://metasploit.com/download# Current source: https://github.com/rapid7/metasploit-framework##class MetasploitModule Msf::Exploit::Remote Rank = ExcellentRanking include Msf::Exploit::Remote::HttpClient include


	DuckDuckGo 4.2.0 WebRTC Private IP Leakage
	日期：2018-04-04 13:56:15 点击：50 评论：0
### This module requires Metasploit: https://metasploit.com/download# Current source: https://github.com/rapid7/metasploit-framework##class MetasploitModule Msf::Auxiliary include Msf::Exploit::Remote::HttpServer def initialize(info = {}) super( upd


	Moxa AWK-3131A 1.4 < 1.7 - 'Username' OS Command Injection
	日期：2018-04-04 13:55:26 点击：33 评论：0
#!/usr/bin/env python2 import telnetlib import re import random import string # Split string into chunks, of which each is = length def chunkstring(s, length): return (s[0+i:length+i] for i in range(0, len(s), length)) # Split strings based on MAX_LE


	Microsoft Edge Chakra JIT - Stack-to-Heap Copy (Incomplete Fix 2)
	日期：2018-04-04 13:53:36 点击：42 评论：0
/Here's a snippet of JavascriptArray::BoxStackInstance. template typename T T JavascriptArray::BoxStackInstance(T * instance, bool deepCopy) { Assert(ThreadContext::IsOnStack(instance)); // On the stack, the we reserved a pointer before the objec


	Microsoft Edge Chakra JIT - Stack-to-Heap Copy (Incomplete Fix)
	日期：2018-04-04 13:52:49 点击：36 评论：0
/* Here's a snippet of JavascriptArray::BoxStackInstance. To fix issue 1420 , deepCopy was introduced. But it only deep-copies the array when instance-head is on the stack. So simply by adding a single line of code that allocates head to the heap, we


	Google Chrome V8 - 'Genesis::InitializeGlobal' Out-of-Bounds Read/Write
	日期：2018-04-04 13:52:03 点击：26 评论：0
/* Bug: The Genesis::InitializeGlobal method initializes the constructor of RegExp as follows: // Builtin functions for RegExp.prototype. HandleJSFunction regexp_fun = InstallFunction( global, RegExp, JS_REGEXP_TYPE, JSRegExp::kSize + JSRegExp::kInOb


	Google Chrome V8 - 'ElementsAccessorBase::CollectValuesOrEntriesImpl' Type Confu
	日期：2018-04-04 13:51:24 点击：31 评论：0
/* Here's a snippet of the method. https://cs.chromium.org/chromium/src/v8/src/elements.cc?rcl=3cbf26e8a21aa76703d2c3c51adb9c96119500dal=1051 static Maybebool CollectValuesOrEntriesImpl( Isolate* isolate, HandleJSObject object, HandleFixedArray value


	Nginx 1.13.10 Accept-Encoding Line Feed Injection
	日期：2018-04-03 17:41:19 点击：115 评论：0
// Underground_Agency (UA) - (koa, bacL, g3kko, Dostoyevsky) // trigger nginx 1.13.10 (latest) logic flaw / bug // ~2018 // Tested on Ubuntu 17.10 x86 4.13.0-21-generic #include stdio.h #include stdlib.h #include string.h #include sys/socket.h #inclu


	glibc LD_AUDIT libmemusage.so RHEL-Based Arbitrary DSO Load Privilege Escalation
	日期：2018-04-02 14:53:45 点击：36 评论：0
require 'msf/core/exploit/local/linux'require 'msf/core/exploit/exe'class MetasploitModule Msf::Exploit::Local Rank = ExcellentRanking include Msf::Post::File include Msf::Exploit::EXE include Msf::Exploit::FileDropper include Msf::Exploit::Local::L


	Faleemi Windows Desktop Software - (DDNS/IP) Local Buffer Overflow
	日期：2018-04-02 14:51:30 点击：85 评论：0
''' Faleemi Desktop Software for Windows- (DDNS/IP) Local Buffer Overflow Vuln Description: Faleemi Desktop Software for Windows and its Beta version (Faleemi Plus Desktop Software for Windows(Beta)) are vulnerable to Buffer Overflow exploit. When o


	Vtiger CRM 6.3.0 - Authenticated Arbitrary File Upload (Metasploit)
	日期：2018-04-02 14:48:52 点击：63 评论：0
## # This module requires Metasploit: https://metasploit.com/download # Current source: https://github.com/rapid7/metasploit-framework ## class MetasploitModule Msf::Exploit::Remote Rank = ExcellentRanking include Msf::Exploit::Remote::HttpClient in


	Advantech WebAccess < 8.1 - webvrpcs DrawSrv.dll Path BwBuildPath Stack-Based Bu
	日期：2018-04-02 14:47:47 点击：38 评论：0
#!/usr/bin/python2.7 # Exploit Title: Advantech WebAccess 8.1 webvrpcs DrawSrv.dll Path BwBuildPath Stack-Based Buffer Overflow RCE # Date: 03-29-2018 # Exploit Author: Chris Lyne (@lynerc) # Vendor Homepage: www.advantech.com # Software Link: http:


	Systematic SitAware - NVG Denial of Service
	日期：2018-04-02 14:46:24 点击：34 评论：0
# Exploit Title: SitAware NVG Denial of Service # Date: 03/31/2018 # Exploit Author: 2u53 # Vendor Homepage: https://systematic.com/defence/products/c2/sitaware/ # Version: 6.4 SP2 # Tested on: Windows Server 2012 R2 # CVE: CVE-2018-9115 # Remarks:


	osCommerce 2.3.4.1 - Remote Code Execution
	日期：2018-04-02 14:45:37 点击：113 评论：0
# Exploit Title: osCommerce 2.3.4.1 Remote Code Execution # Date: 29.0.3.2018 # Exploit Author: Simon Scannell - https://scannell-infosec.net contact@scannell-infosec.net # Version: 2.3.4.1, 2.3.4 - Other versions have not been tested but are likely


	Homematic CCU2 2.29.23 - Remote Command Execution
	日期：2018-04-02 14:44:46 点击：25 评论：0
#!/usr/bin/ruby # Exploit Title: Homematic CCU2 Remote Command Execution # Date: 28-03-18 # Exploit Author: Patrick Muench, Gregor Kopf # Vendor Homepage: http://www.eq-3.de # Software Link: http://www.eq-3.de/service/downloads.html?id=268 # Version


	Allok Video Joiner 4.6.1217 - Stack-Based Buffer Overflow
	日期：2018-04-02 14:43:30 点击：33 评论：0
# SWAMI KARUPASAMI THUNAI ############################################################################### # Exploit Title: Alloksoft Video joiner (4.6.1217) - Buffer Overflow Vulnerability (Windows XP SP3) # Date: 06-03-2018 # Exploit Author: Mohan


	Homematic CCU2 2.29.23 - Arbitrary File Write
	日期：2018-04-02 14:41:48 点击：28 评论：0
#!/usr/bin/ruby # Exploit Title: Homematic CCU2 Arbitrary File Write # Date: 28-03-18 # Exploit Author: Patrick Muench, Gregor Kopf # Vendor Homepage: http://www.eq-3.de # Software Link: http://www.eq-3.de/service/downloads.html?id=268 # Version: 2.


	ManageEngine Application Manager Remote Code Execution
	日期：2018-03-30 15:12:46 点击：24 评论：0
### This module requires Metasploit: http://metasploit.com/download# Current source: https://github.com/rapid7/metasploit-framework##class MetasploitModule Msf::Exploit::Remote Rank = ExcellentRanking include Msf::Exploit::Remote::HttpClient include


	Tenda W308R V2 Wireless Router 5.07.48 DNS Changer
	日期：2018-03-30 15:11:25 点击：56 评论：0
### Tenda W308R v2 Wireless Router V5.07.48# Cookie Session Weakness Remote DNS Change PoC### Copyright 2018 (c) Todor Donev todor.donev at gmail.com# https://ethical-hacker.org/# https://facebook.com/ethicalhackerorg### Once modified, systems use f

共637页/12733条记录首页上一页 [34] [35] [36] 37 [38] [39] [40] 下一页末页

本月热点文章

本月推荐文章

相关分类

Exploits

CopyRight © 2002-2022 VFocuS.Net All Rights Reserved