首頁 | 安全文章 | 安全工具 | Exploits | 本站原創 | 關于我們 | 網站地圖 | 安全論壇
熱門關鍵字: shell  88888  art  vitter  linux
  當前位置:主頁>安全文章>文章資料>Exploits>列表
WordPress Snap Creek Duplicator Code Injection
  日期:2018-12-12 14:27:23 點擊:30 評論:0
### This module requires Metasploit: https://metasploit.com/download# Current source: https://github.com/rapid7/metasploit-framework##class MetasploitModule Msf::Exploit::Remote Rank = ManualRanking # this module overwrites the configuration file, b
PrestaShop 1.6.x / 1.7.x Remote Code Execution
  日期:2018-12-12 14:26:14 點擊:41 評論:0
?php/** * * PrestaShop 1.6.x = 1.6.1.23 1.7.x = 1.7.4.4 - Back Office Remote Code Execution * See https://github.com/farisv/PrestaShop-CVE-2018-19126 for explanation. * * Chaining multiple vulnerabilities to trigger deserialization via phar. * * Dat
SmartFTP Client 9.0.2623.0 Denial Of Service
  日期:2018-12-12 14:25:28 點擊:27 評論:0
# -*- coding: utf-8 -*-# Exploit Title: SmartFTP 9.0 Build 2623 - Denial of Service (PoC)# Date: 06/12/2018# Exploit Author: Alejandra SA!nchez# Vendor Homepage: https://www.smartftp.com/en-us/# Software Link: https://www.smartftp.com/get/SFTPMSI64.
LanSpy 2.0.1.159 Buffer Overflow
  日期:2018-12-12 14:24:15 點擊:16 評論:0
# Exploit Title: LanSpy 2.0.1.159 - Local BoF (PoC)# Author: Gionathan John Reale# Discovey Date: 2018-12-07# Homepage: https://lizardsystems.com# Software Link: https://lizardsystems.com/download/lanspy_setup.exe# Tested Version: 2.0.1.159# Tested
Linux userfaultfd tmpfs File Permission Bypass
  日期:2018-12-12 14:23:23 點擊:21 評論:0
Linux: userfaultfd bypasses tmpfs file permissions CVE-2018-18397Using the userfaultfd API, it is possible to first register auserfaultfd region for any VMA that fulfills vma_can_userfault():It must be an anonymous VMA (-vm_ops==NULL), a hugetlb VMA
WebKit JIT Proxy Object Issue
  日期:2018-12-12 14:21:18 點擊:18 評論:0
WebKit: JIT: Int32/Double arrays can have Proxy objects in the prototype chains CVE-2018-4438Bug:void JSObject::setPrototypeDirect(VM vm, JSValue prototype){ ASSERT(prototype); if (prototype.isObject()) prototype.asCell()-didBecomePrototype(); if (s
CyberLink LabelPrint 2.5 Stack Buffer Overflow
  日期:2018-12-12 14:18:04 點擊:25 評論:0
### This module requires Metasploit: https://metasploit.com/download# Current source: https://github.com/rapid7/metasploit-framework##class MetasploitModule Msf::Exploit Rank = NormalRanking include Msf::Exploit::FILEFORMAT def initialize(info={}) s
Google Chrome 70.0.3538.77 Cross Site Scripting / Man-In-The-Middle
  日期:2018-12-12 14:17:26 點擊:98 評論:0
Chrome: malicious WPAD server can proxy localhost (leading to XSS in http://localhost:*/*) VERSIONChrome Version: 70.0.3538.77 stableOperating System: Windows 10 (version 1803)When Chrome is installed on Windows and the user joins a malicious networ
XNU POSIX Shared Memory Mapping Issue
  日期:2018-12-12 14:15:09 點擊:24 評論:0
XNU: POSIX shared memory mappings have incorrect maximum protection CVE-2018-4435When the mmap() syscall is invoked on a POSIX shared memory segment(DTYPE_PSXSHM), pshm_mmap() maps the shared memory segment's pages into theaddress space of the calli
MiniShare 1.4.1 HEAD / POST Buffer Overflow
  日期:2018-12-10 13:32:31 點擊:36 評論:0
Hi!!! playing in 2006.... I have adapted the exploit to pythonNot only the GET method is vulnerable to BOF (CVE-2004-2271). HEAD and POSTmethods are also vulnerable. The difference is minimal, both are exploitedin the same way. Only 1 byte differenc
FutureNet NXR-G240 Series ShellShock Command Injection
  日期:2018-12-10 13:31:08 點擊:63 評論:0
# -*- coding: utf-8 -*-# Title: FutureNet NXR-G240 Series - ShellShock Remote Command Injection# Date: 2018-06-12# Author: Nassim Asrir# You have a Q ? Contact me at: https://www.linkedin.com/in/nassim-asrir-b73a57122/# Vendor: http://www.centurysys
i-doit CMDB 1.11.2 - Remote Code Execution
  日期:2018-12-10 13:29:41 點擊:52 評論:0
# Exploit Title: i-doit CMDB 1.11.2 - Remote Code Execution# Date: 2018-12-05# Exploit Author: zkan Mustafa Akku (AkkuS)# Contact: https://pentest.com.tr# Vendor Homepage: https://www.i-doit.org/# Software Link: https://www.i-doit.org/i-doit-open-1-
Textpad 8.1.2 - Denial Of Service (PoC)
  日期:2018-12-10 13:27:41 點擊:55 評論:0
# Exploit Title: Textpad 8.1.2 - Denial Of Service (PoC) # Author: Gionathan John Reale # Discovey Date: 2018-12-06 # Homepage: https://textpad.com # Software Link: https://www.textpad.com/download/v81/win32/txpeng812-32.zip # Tested Version: 8.1.2
HasanMWB 1.0 SQL Injection
  日期:2018-12-06 15:16:45 點擊:23 評論:0
# Exploit Title: HasanMWB 1.0 - SQL Injection# Dork: N/A# Date: 2018-12-05# Exploit Author: Ihsan Sencan# Vendor Homepage: https://sourceforge.net/projects/hasanmwb/# Software Link: https://netcologne.dl.sourceforge.net/project/hasanmwb/HasanMWB-v1.
NUUO NVRMini2 3.9.1 - Authenticated Command Injection
  日期:2018-12-05 14:23:13 點擊:41 評論:0
# Exploit Title: NUUO NVRMini2 Authenticated Command Injection # Date: December 3, 2018 # Exploit Author: Artem Metla # Vendor Homepage: https://www.nuuo.com/ProductNode.php?node=2 # # Version: 3.9.1 # Tested on: NUUO NVRMini2 with firmware 3.9.1 # C
OpenSSH < 7.7 - User Enumeration
  日期:2018-12-05 14:21:26 點擊:139 評論:0
#!/usr/bin/env python2 # CVE-2018-15473 SSH User Enumeration by Leap Security (@LeapSecurity) https://leapsecurity.io # Credits: Matthew Daley, Justin Gardner, Lee David Painter import argparse, logging, paramiko, socket, sys, os class InvalidUsernam
Xorg X11 Server (AIX) - Local Privilege Escalation
  日期:2018-12-05 14:18:42 點擊:50 評論:0
# Exploit Title: AIX Xorg X11 Server - Local Privilege Escalation # Date: 29/11/2018 # Exploit Author: @0xdono # Original Discovery and Exploit: Narendra Shinde # Vendor Homepage: https://www.x.org/ # Platform: AIX # Version: X Window System Version
Microsoft Lync for Mac 2011 - Injection Forced Browsing/Download
  日期:2018-12-05 14:17:52 點擊:47 評論:0
# Exploit Title: Microsoft Lync for Mac 2011 Injection Forced Browsing/Download # Author: @nyxgeek - TrustedSec # Date: 2018-03-20 # Vendor Homepage: microsoft.com # Software Link: https://www.microsoft.com/en-us/download/details.aspx?id=36517 # CVE:
HP Intelligent Management Java Deserialization Remote Code Execution
  日期:2018-12-04 14:46:57 點擊:22 評論:0
### This module requires Metasploit: https://metasploit.com/download# Current source: https://github.com/rapid7/metasploit-framework##class MetasploitModule Msf::Exploit::Remote Rank = ExcellentRanking include Msf::Exploit::Remote::HttpClient includ
Emacs movemail Privilege Escalation
  日期:2018-12-04 14:46:13 點擊:24 評論:0
### This module requires Metasploit: https://metasploit.com/download# Current source: https://github.com/rapid7/metasploit-framework##class MetasploitModule Msf::Exploit::Local Rank = ExcellentRanking include Msf::Post::File def initialize(info = {}
共636頁/12701條記錄 首頁 上一頁 [1] [2] [3] 4 [5] [6] [7] 下一頁 末頁
  本月熱點文章
·Microsoft Windows - 'SMBGhos
·vCloud Director 9.7.0.154982
·vCloud Director 9.7.0.154982
  本月推薦文章
 
  相關分類
  漏洞檢測
  漏洞資料
  入侵實例
  系統安全
  網絡安全
  網絡基礎
  病毒分析
Exploits
CopyRight © 2002-2020 VFocuS.Net All Rights Reserved
35选7杀号技巧