Showing 1 - 7 of 7

Files Date: 2020-07-10

HelloWeb 2.0 Arbitrary File Download: Posted Jul 10, 2020; Authored by bRpsd; HelloWeb version 2.0 suffers from an arbitrary file download vulnerability.; tags | exploit, arbitrary; SHA-256 | 5307eab883b761e805c5b96239f37b28914168d41b47c38bdad6aca0949cae0a; Download | Favorite | View

Barangay Management System 1.0 SQL Injection: Posted Jul 10, 2020; Authored by BKpatron; Barangay Management System version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.; tags | exploit, remote, sql injection, bypass; SHA-256 | 2bdc19cc04d218baa9479a52622f122cae4b8b0729e3f80946cf603b7083b078; Download | Favorite | View

Sifter 8: Posted Jul 10, 2020; Authored by s1l3nt78 | Site github.com; Sifter is a osint, recon, and vulnerability scanner. It combines a plethora of tools within different module sets in order to quickly perform recon tasks, check network firewalling, enumerate remote and local hosts, and scan for the blue vulnerabilities within Microsoft systems and if unpatched, exploits them.; Changes: Additions include Espionage, KatanaFramework, PowerHub, MetaSploit, Spiderfoot, and Email2PhoneNumber. Various fixes.; tags | tool, remote, local, scanner, vulnerability; systems | unix; SHA-256 | 21a5e29ae0c0d86e71b3d9002de4af97e44c40cc93d63fe030aff9fea499eb76; Download | Favorite | View

Rittal Products Bypass / Command Injection / Privilege Escalation: Posted Jul 10, 2020; Authored by Johannes Kruchem, C. Svoboda | Site sec-consult.com; Multiple Rittal Products based on the same software suffer from CLI menu bypass, insecure configuration, hard-coded backdoor account, outdated component, command injection, and privilege escalation vulnerabilities. Products include but are not limited to CMC III PU Compact, CMC III PU 7030.000 PDU (whole portfolio), LCP-CW, and IoT Interface 3124.300.; tags | exploit, vulnerability; advisories | CVE-2020-11951, CVE-2020-11952, CVE-2020-11953, CVE-2020-11955, CVE-2020-11956; SHA-256 | 9d5e13a39f03bb1911253ad043b021ed88fe002de985be551eb7fc9a7aafa105; Download | Favorite | View

Colin Percival's bsdiff 4.3 Memory Corruption: Posted Jul 10, 2020; Authored by Luis Merino; A memory corruption vulnerability is present in bspatch as shipped in Colin Percival's bsdiff tools version 4.3. Insufficient checks when handling external inputs allows an attacker to bypass the sanity checks in place and write out of a dynamically allocated buffer boundaries. Proof of concept included.; tags | exploit, proof of concept; advisories | CVE-2020-14315; SHA-256 | 643f39b2a94fbeb126dfc6e857751a1e90b11ec7a3a02e0368174a11f3c10689; Download | Favorite | View

Impress CMS 1.4.0 Code Execution / SQL Injection: Posted Jul 10, 2020; Authored by AppleBois; Impress CMS version 1.4.0 has an issue where an authenticated user can make use of the AutoTask feature to execute php code, allowing for remote SQL injection and remote code execution.; tags | exploit, remote, php, code execution, sql injection; SHA-256 | 9af1e147863cdc8908cda32853a430105e60b827ab0835a71f164db2e27b4b8d; Download | Favorite | View

Microsoft OneDrive 19.232.1124.0010 DLL Hijacking: Posted Jul 10, 2020; Authored by Yorick Koster, Securify B.V.; A file hijacking vulnerability was found in the Microsoft OneDrive client. This vulnerability allows a local attacker to plant a DLL file on the local machine. This DLL will then be loaded whenever (another) user launches OneDrive, running with the privileges of the victim. This issue was successfully verified on Microsoft OneDrive version 19.232.1124.0010.; tags | exploit, local; SHA-256 | cdf89cfe735b764a683421b596c19e1fa3faa2afa4b22a2a0becf3b682b9ff97; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days