Showing 1 - 25 of 214

Files

Packet Storm New Exploits For September, 2018: Posted Oct 1, 2018; Authored by Todd J. | Site packetstormsecurity.com; This archive contains all of the 213 exploits added to Packet Storm in September, 2018.; tags | exploit; SHA-256 | 73c43d07576417ec5029b5ea5e41d61746c6b6b46ea3292b68f0012f15a5a28b; Download | Favorite | View

WordPress PDF And Print 2.0.2 Cross Site Scripting: Posted Sep 30, 2018; Authored by Robin Trost | Site syss.de; WordPress PDF and Print plugin version 2.0.2 suffers from a cross site scripting vulnerability.; tags | exploit, xss; SHA-256 | fcae867a09c590198715653a584ec1ce21b7b4834e7ee4461aa6b1f6848f7b8c; Download | Favorite | View

Airties AIR5750 1.0.0.18 Cross Site Scripting: Posted Sep 29, 2018; Authored by Ismail Tasdelen; A cross site scripting vulnerability has been discovered in the AIR5750 modem of the AirTies manufacturer. AirTies Air 5750 devices have XSS via the top.html productboardtype parameter.; tags | exploit, xss; advisories | CVE-2018-17587; SHA-256 | aa072c06e33a6a98cbf6061b5cc299755e773a597416a05a3180fd2a6747fe2a; Download | Favorite | View

Airties AIR5650 1.0.0.18 Cross Site Scripting: Posted Sep 29, 2018; Authored by Ismail Tasdelen; A cross site scripting vulnerability has been discovered in the AIR5650 modem of the AirTies manufacturer. AirTies Air 5650 devices have XSS via the top.html productboardtype parameter.; tags | exploit, xss; advisories | CVE-2018-17589; SHA-256 | ae7a47a646c5b766f6a8ea0193d0c6960a0a6d602b13fa5c6e2f3c29fc855026; Download | Favorite | View

Airties AIR5021 1.0.0.18 Cross Site Scripting: Posted Sep 29, 2018; Authored by Ismail Tasdelen; A cross site scripting vulnerability has been discovered in the AIR5342 modem of the AirTies manufacturer. AirTies Air 5750 devices have XSS via the top.html productboardtype parameter.; tags | exploit, xss; advisories | CVE-2018-17588; SHA-256 | d928a068921536f6de4773d37161559e0b6365e4f407d217256e220e7918e9e2; Download | Favorite | View

ManageEngine AssetExplorer 6.2.0 Cross Site Scripting: Posted Sep 29, 2018; Authored by Ismail Tasdelen; In Zoho ManageEngine AssetExplorer, a Stored XSS vulnerability was discovered in the 6.2.0 version via the /AssetDef.do ciName or assetName parameter.; tags | exploit; advisories | CVE-2018-17596; SHA-256 | 8485fed583c4e65ccc4d672399a912ef264a318b1f96d650351ed0e1f33ec332; Download | Favorite | View

Fork CMS 5.4.0 Cross Site Scripting / HTML Injection: Posted Sep 29, 2018; Authored by Ismail Tasdelen; In the 5.4.0 version of the Fork CMS software, HTML Injection and Stored XSS vulnerabilities were discovered via the /backend/ajax URI.; tags | exploit, vulnerability; SHA-256 | 29da562924cd8cfdda35434de4b485eb1e9a4f10d6c156a8931e187fac6ed7c5; Download | Favorite | View

Airties AIR5453 1.0.0.18 Cross Site Scripting: Posted Sep 29, 2018; Authored by Ismail Tasdelen; A cross site scripting vulnerability has been discovered in the AIR5453 modem of the AirTies manufacturer. AirTies Air 5453 devices have XSS via the top.html productboardtype parameter.; tags | exploit, xss; advisories | CVE-2018-17593; SHA-256 | 393b737fd7a25508f9edc5e3efe749fa0960e81881445fc0f13a1bea40a28b3a; Download | Favorite | View

Airties AIR5443v2 1.0.0.18 Cross Site Scripting: Posted Sep 29, 2018; Authored by Ismail Tasdelen; A cross site scripting vulnerability has been discovered in the AIR5442 modem of the AirTies manufacturer. AirTies Air 5442 devices have XSS via the top.html productboardtype parameter.; tags | exploit, xss; advisories | CVE-2018-17590; SHA-256 | 636d1cfd7ed475f37b99be771d004787619c4fc93c05caa778fd1dab5870df15; Download | Favorite | View

Airties AIR5442 1.0.0.18 Cross Site Scripting: Posted Sep 29, 2018; Authored by Ismail Tasdelen; A cross site scripting vulnerability has been discovered in the AIR5443v2 modem of the AirTies manufacturer. AirTies Air 5443v2 devices have XSS via the top.html productboardtype parameter.; tags | exploit, xss; advisories | CVE-2018-17594; SHA-256 | 043e1c94267d9f9f0d5c8f26d15ced6582ef4a03c102d5c8a5c6b31931a32fe8; Download | Favorite | View

Airties AIR5343v2 1.0.0.18 Cross Site Scripting: Posted Sep 29, 2018; Authored by Ismail Tasdelen; A cross site scripting vulnerability has been discovered in the AIR5343v2 modem of the AirTies manufacturer. AirTies Air 5343v2 devices have XSS via the top.html productboardtype parameter.; tags | exploit, xss; advisories | CVE-2018-17591; SHA-256 | 498099c1f82d3b9fbc9fe0f0eeabba2302ada762200700cd38d0154b342e5ed8; Download | Favorite | View

Seqrite End Point Security 7.4 Privilege Escalation: Posted Sep 28, 2018; Authored by Hashim Jawad; Seqrite End Point Security version 7.4 suffers from a weak file permission privilege escalation vulnerability.; tags | exploit; SHA-256 | 338307d4c9e3a2614f93b604c77e4eeaa79b3ac9c2b8190f3b9d896115f06e2f; Download | Favorite | View

Intel Extreme Tuning Utility 6.4.1.23 Code Execution / Privilege Escalation: Posted Sep 28, 2018; Authored by Stefan Kanthak; Intel Extreme Tuning Utility version 6.4.1.23 suffers from code execution, privilege escalation, and denial of service vulnerabilities.; tags | exploit, denial of service, vulnerability, code execution; SHA-256 | 8ee640f811b6221313c74122f57a246a37deeed23bca3a80d265d6c2180dfcda; Download | Favorite | View

AppArmor Filesystem Blacklisting Bypass: Posted Sep 27, 2018; Authored by Jann Horn, Google Security Research; AppArmor has an issue where filesystem blacklisting can be bypassed by moving parents.; tags | exploit; SHA-256 | b2024aa06da618d87af0a264562f40bcd8ebfa1535eb007f2251a6df21367000; Download | Favorite | View

PCProtect 4 8.35 Privilege Escalation: Posted Sep 27, 2018; Authored by Hashim Jawad; PCProtect 4 version 8.35 suffers from a weak file permission privilege escalation vulnerability.; tags | exploit; SHA-256 | 1a3f9f98779877970807ab97138ae5d81df5de87bf4360b2b951f311a288ac81; Download | Favorite | View

Rausoft ID.prove 2.95 SQL Injection: Posted Sep 27, 2018; Authored by Ilya Timchenko; Rausoft ID.prove version 2.95 suffers from a remote SQL injection vulnerability.; tags | exploit, remote, sql injection; SHA-256 | e2528102866a52d493d80ef903b6833bfc2afec275eb5ddc60bc42bc4450abf4; Download | Favorite | View

ManageEngine Desktop Central 10.0.271 Cross Site Scripting: Posted Sep 27, 2018; Authored by Ismail Tasdelen; ManageEngine Desktop Central version 10.0.271 suffers from a cross site scripting vulnerability.; tags | exploit, xss; SHA-256 | b98475c7c1086afe41c236113ea38e1a2b485100d865ef19d96b91e77c7aeec3; Download | Favorite | View

iWay Data Quality Suite Web Console 10.6.1.ga XML Injection: Posted Sep 27, 2018; Authored by Sureshbabu Narvaneni; iWay Data Quality Suite Web Console version 10.6.1.ga suffers from an XML external entity injection vulnerability.; tags | exploit, web; SHA-256 | cd2ba04d9848a473c28202f68204338199eb8e5285f94b0ea6d14d308671ad8b; Download | Favorite | View

Microsoft Edge Sandbox Escape: Posted Sep 27, 2018; Authored by Google Security Research, lokihardt; Microsoft Edge suffers from a sandbox escape vulnerability.; tags | exploit; advisories | CVE-2018-8463, CVE-2018-8468, CVE-2018-8469; SHA-256 | 53dae687e4a4409c81987ce450a88ac52d2a2a51eac4971e2a0712be2ba423d2; Download | Favorite | View

WordPress WebARX Website Firewall 4.9.8 XSS / Bypass: Posted Sep 27, 2018; Authored by ed0x21son; WordPress WebARX Website Firewall plugin version 4.9.8 suffers from bypass and cross site scripting vulnerabilities.; tags | exploit, vulnerability, xss; SHA-256 | 032d4a54514c2a1ec76ac9061e0c5fa5965ebbe2cb481a055156866bc0a19f07; Download | Favorite | View

WordPress Breadcrumb NavXT 6.1.0 Username Disclosure: Posted Sep 27, 2018; Authored by Janek Vind aka waraxe | Site waraxe.us; WordPress Breadcrumb NavXT plugin version 6.1.0 suffers from a username disclosure vulnerability.; tags | exploit; SHA-256 | a7d331bc7a3c3c5f71c497eb152d46ea8fb5956444bfa1d2462d1d680b57b936; Download | Favorite | View

gVisor Pagetables Reuse: Posted Sep 27, 2018; Authored by Jann Horn, Google Security Research; gVisor reuses pagetables across levels without paging-structure invalidation.; tags | exploit; SHA-256 | 193fccefc5c977b91f16570534ba06f19e07ed6de291fdd9b2d2eeba79b56a70; Download | Favorite | View

CMS ISWEB 3.5.3 SQL Injection: Posted Sep 27, 2018; Authored by Thiago Sena, Rafael Fontes Souza; CMS ISWEB version 3.5.3 suffers from a remote SQL injection vulnerability.; tags | exploit, remote, sql injection; advisories | CVE-2018-14956; SHA-256 | 2909ddd6bab3f45cee745aae9cdef49e2d801722783ac5bb7a6a1cdd2055a743; Download | Favorite | View

Citrix StorageZones Controller Improper Access Restrictions / Traversal: Posted Sep 27, 2018; Authored by Wolfgang Ettlinger | Site sec-consult.com; Citrix StorageZones Controller versions prior to 5.4.2 suffer from padding oracle, improper access restriction, and path traversal vulnerabilities.; tags | exploit, vulnerability; advisories | CVE-2018-16968, CVE-2018-16969; SHA-256 | ae39dfe4bfaaa26cd2361836889bfa69e570b2f0a6679a9b71736478c8294df6; Download | Favorite | View

Progress Kendo UI Editor 2018.1.221 Cross Site Scripting: Posted Sep 27, 2018; Authored by M. Tomaselli | Site sec-consult.com; Progress Kendo UI Editor version 2018.1.221 suffers from a persistent cross site scripting vulnerability.; tags | exploit, xss; advisories | CVE-2018-14037; SHA-256 | 635dd00f814500a20fbba041a4fa05e33c59282c7a7c1cf98dcbb1c9b0c6e85a; Download | Favorite | View

Page 1 of 9 Back 1 2 3 4 5 Next

Top Authors In Last 30 Days

Red Hat 297 files
Ubuntu 69 files
Debian 20 files
Gentoo 8 files
Apple 6 files
Google Security Research 4 files
LiquidWorm 4 files
Spencer McIntyre 3 files
Alter Prime 3 files
Jann Horn 3 files

Files

Top Authors In Last 30 Days

Recent News