首页 | 安全文章 | 安全工具 | Exploits | 本站原创 | 关于我们 | 网站地图 | 安全论坛
热门关键字: shell  88888  art  vitter  vsserver
  当前位置:主页>安全文章>文章资料>Exploits>列表
Google Chrome 70.0.3538.77 Cross Site Scripting / Man-In-The-Middle
  日期:2018-12-12 14:17:26 点击:10 评论:0
Chrome: malicious WPAD server can proxy localhost (leading to XSS in http://localhost:*/*) VERSIONChrome Version: 70.0.3538.77 stableOperating System: Windows 10 (version 1803)When Chrome is installed on Windows and the user joins a malicious networ
XNU POSIX Shared Memory Mapping Issue
  日期:2018-12-12 14:15:09 点击:2 评论:0
XNU: POSIX shared memory mappings have incorrect maximum protection CVE-2018-4435When the mmap() syscall is invoked on a POSIX shared memory segment(DTYPE_PSXSHM), pshm_mmap() maps the shared memory segment's pages into theaddress space of the calli
MiniShare 1.4.1 HEAD / POST Buffer Overflow
  日期:2018-12-10 13:32:31 点击:10 评论:0
Hi!!! playing in 2006.... I have adapted the exploit to pythonNot only the GET method is vulnerable to BOF (CVE-2004-2271). HEAD and POSTmethods are also vulnerable. The difference is minimal, both are exploitedin the same way. Only 1 byte differenc
FutureNet NXR-G240 Series ShellShock Command Injection
  日期:2018-12-10 13:31:08 点击:22 评论:0
# -*- coding: utf-8 -*-# Title: FutureNet NXR-G240 Series - ShellShock Remote Command Injection# Date: 2018-06-12# Author: Nassim Asrir# You have a Q ? Contact me at: https://www.linkedin.com/in/nassim-asrir-b73a57122/# Vendor: http://www.centurysys
i-doit CMDB 1.11.2 - Remote Code Execution
  日期:2018-12-10 13:29:41 点击:10 评论:0
# Exploit Title: i-doit CMDB 1.11.2 - Remote Code Execution# Date: 2018-12-05# Exploit Author: zkan Mustafa Akku (AkkuS)# Contact: https://pentest.com.tr# Vendor Homepage: https://www.i-doit.org/# Software Link: https://www.i-doit.org/i-doit-open-1-
Textpad 8.1.2 - Denial Of Service (PoC)
  日期:2018-12-10 13:27:41 点击:4 评论:0
# Exploit Title: Textpad 8.1.2 - Denial Of Service (PoC) # Author: Gionathan John Reale # Discovey Date: 2018-12-06 # Homepage: https://textpad.com # Software Link: https://www.textpad.com/download/v81/win32/txpeng812-32.zip # Tested Version: 8.1.2
HasanMWB 1.0 SQL Injection
  日期:2018-12-06 15:16:45 点击:5 评论:0
# Exploit Title: HasanMWB 1.0 - SQL Injection# Dork: N/A# Date: 2018-12-05# Exploit Author: Ihsan Sencan# Vendor Homepage: https://sourceforge.net/projects/hasanmwb/# Software Link: https://netcologne.dl.sourceforge.net/project/hasanmwb/HasanMWB-v1.
NUUO NVRMini2 3.9.1 - Authenticated Command Injection
  日期:2018-12-05 14:23:13 点击:11 评论:0
# Exploit Title: NUUO NVRMini2 Authenticated Command Injection # Date: December 3, 2018 # Exploit Author: Artem Metla # Vendor Homepage: https://www.nuuo.com/ProductNode.php?node=2 # # Version: 3.9.1 # Tested on: NUUO NVRMini2 with firmware 3.9.1 # C
OpenSSH < 7.7 - User Enumeration
  日期:2018-12-05 14:21:26 点击:4 评论:0
#!/usr/bin/env python2 # CVE-2018-15473 SSH User Enumeration by Leap Security (@LeapSecurity) https://leapsecurity.io # Credits: Matthew Daley, Justin Gardner, Lee David Painter import argparse, logging, paramiko, socket, sys, os class InvalidUsernam
Xorg X11 Server (AIX) - Local Privilege Escalation
  日期:2018-12-05 14:18:42 点击:17 评论:0
# Exploit Title: AIX Xorg X11 Server - Local Privilege Escalation # Date: 29/11/2018 # Exploit Author: @0xdono # Original Discovery and Exploit: Narendra Shinde # Vendor Homepage: https://www.x.org/ # Platform: AIX # Version: X Window System Version
Microsoft Lync for Mac 2011 - Injection Forced Browsing/Download
  日期:2018-12-05 14:17:52 点击:11 评论:0
# Exploit Title: Microsoft Lync for Mac 2011 Injection Forced Browsing/Download # Author: @nyxgeek - TrustedSec # Date: 2018-03-20 # Vendor Homepage: microsoft.com # Software Link: https://www.microsoft.com/en-us/download/details.aspx?id=36517 # CVE:
HP Intelligent Management Java Deserialization Remote Code Execution
  日期:2018-12-04 14:46:57 点击:6 评论:0
### This module requires Metasploit: https://metasploit.com/download# Current source: https://github.com/rapid7/metasploit-framework##class MetasploitModule Msf::Exploit::Remote Rank = ExcellentRanking include Msf::Exploit::Remote::HttpClient includ
Emacs movemail Privilege Escalation
  日期:2018-12-04 14:46:13 点击:7 评论:0
### This module requires Metasploit: https://metasploit.com/download# Current source: https://github.com/rapid7/metasploit-framework##class MetasploitModule Msf::Exploit::Local Rank = ExcellentRanking include Msf::Post::File def initialize(info = {}
NEC Univerge Sv9100 WebPro 6.00.00 Predictable Session ID / Cleartext Passwords
  日期:2018-12-04 14:45:16 点击:17 评论:0
[+] Credits: hyp3rlinx[+] Website: hyp3rlinx.altervista.org[+] Source: http://hyp3rlinx.altervista.org/advisories/NEC-UNIVERGE-WEBPRO-v6.00-PREDICTABLE-SESSIONID-CLEARTEXT-PASSWORDS.txt[+] ISR: ApparitionSec ***Greetz: indoushka | Eduardo B. 0day***
Apache Superset 0.23 - Remote Code Execution
  日期:2018-12-04 14:44:32 点击:18 评论:0
# Exploit Title: Apache Superset 0.23 - Remote Code Execution # Date: 2018-05-17 # Exploit Author: David May ( david.may@semanticbits.com ) # Vendor Homepage: https://superset.apache.org/ # Software Link: https://github.com/apache/incubator-superset
Mozilla Firefox 63.0.1 - Denial of Service (PoC)
  日期:2018-12-04 14:43:29 点击:21 评论:0
# Exploit Title: Mozilla Firefox 63.0.1 - Denial of Service (PoC) # Date: 2018-11-29 # Exploit Author: SAIKUMAR CHEBROLU # Vendor Homepage: https://www.mozilla.org/en-US/firefox/new/ # Bugzilla report: https://bugzilla.mozilla.org/show_bug.cgi?id=150
Joomla! Component JE Photo Gallery 1.1 - 'categoryid' SQL Injection
  日期:2018-12-04 14:42:42 点击:11 评论:0
# Exploit Title: Joomla! Component JE Photo Gallery 1.1 - SQL Injection # Dork: N/A # Date: 2018-11-26 # Exploit Author: Ihsan Sencan # Vendor Homepage: https://joomlaextensions.co.in # Software Link: http://joomlaextensions.co.in/download/1387375463
PaloAlto Networks Expedition Migration Tool 1.0.106 - Information Disclosure
  日期:2018-12-04 14:42:08 点击:20 评论:0
# Exploit Title: PaloAlto Networks Expedition Migration Tool 1.0.106 - Information Disclosure # Date: 2018-11-28 # Exploit Author: paragonsec @ Critical Start # Vendor Homepage: https://live.paloaltonetworks.com/t5/Expedition-Migration-Tool/ct-p/migr
Fleetco Fleet Maintenance Management 1.2 - Remote Code Execution
  日期:2018-12-04 14:41:01 点击:14 评论:0
# Exploit Title: Fleetco Fleet Maintenance Management 1.2 - Remote Code Execution # Date: 2018-11-23 # Exploit Author: zkan Mustafa Akku (AkkuS) # Contact: https://pentest.com.tr # Vendor Homepage: https://www.fleetco.space # Software Link: http://ww
CyberArk 9.7 - Memory Disclosure
  日期:2018-12-04 14:40:06 点击:2 评论:0
# Exploit Title: CyberArk 9.7 - Memory Disclosure # Date: 2018-06-04 # Exploit Author: Thomas Zuk (@Freakazoidile) # Vendor Homepage: https://www.cyberark.com/products/privileged-account-security-solution/enterprise-password-vault/ # Version: 9.7 and
共635页/12694条记录 首页 上一页 [1] [2] [3] 4 [5] [6] [7] 下一页 末页
  本月热点文章
·FutureNet NXR-G240 Series Sh
·Xorg X11 Server (AIX) - Loca
·PrestaShop 1.6.x / 1.7.x Rem
·PDF Explorer 1.5.66.2 SEH Bu
·WordPress Snap Creek Duplica
·NUUO NVRMini2 3.9.1 - Authen
·Microsoft Lync for Mac 2011
·Google Chrome 70.0.3538.77 C
·i-doit CMDB 1.11.2 - Remote
·ATool 1.0.0.22 Buffer Overfl
·MiniShare 1.4.1 HEAD / POST
·WebDAV Server Serving DLL
  本月推荐文章
 
  相关分类
  漏洞检测
  漏洞资料
  入侵实例
  系统安全
  网络安全
  网络基础
  病毒分析
Exploits
CopyRight © 2002-2019 VFocuS.Net All Rights Reserved