The Exploit Database – Exploits, Shellcode, 0days, Remote Exploits, Local Exploits, Web Apps, Vulnerability Reports, Security Articles, Tutorials and more.
[webapps] TemaTres 3.0 – 'value' Persistent Cross-site Scripting
18 November 2019, 12:00 amTemaTres 3.0 – ‘value’ Persistent Cross-site Scripting
[local] ASUS HM Com Service 1.00.31 – 'asHMComSvc' Unquoted Service Path
18 November 2019, 12:00 amASUS HM Com Service 1.00.31 – ‘asHMComSvc’ Unquoted Service Path
[webapps] Lexmark Services Monitor 2.27.4.0.39 – Directory Traversal
18 November 2019, 12:00 amLexmark Services Monitor 2.27.4.0.39 – Directory Traversal
[webapps] Crystal Live HTTP Server 6.01 – Directory Traversal
18 November 2019, 12:00 amCrystal Live HTTP Server 6.01 – Directory Traversal
[dos] Open Proficy HMI-SCADA 5.0.0.25920 – 'Password' Denial of Service (PoC)
18 November 2019, 12:00 amOpen Proficy HMI-SCADA 5.0.0.25920 – ‘Password’ Denial of Service (PoC)
[local] NCP_Secure_Entry_Client 9.2 – Unquoted Service Paths
18 November 2019, 12:00 amNCP_Secure_Entry_Client 9.2 – Unquoted Service Paths
[local] MobileGo 8.5.0 – Insecure File Permissions
18 November 2019, 12:00 amMobileGo 8.5.0 – Insecure File Permissions
[webapps] Centova Cast 3.2.11 – Arbitrary File Download
18 November 2019, 12:00 amCentova Cast 3.2.11 – Arbitrary File Download
[webapps] TemaTres 3.0 – Cross-Site Request Forgery (Add Admin)
18 November 2019, 12:00 amTemaTres 3.0 – Cross-Site Request Forgery (Add Admin)
[dos] Foscam Video Management System 1.1.4.9 – 'Username' Denial of Service (PoC)
18 November 2019, 12:00 amFoscam Video Management System 1.1.4.9 – ‘Username’ Denial of Service (PoC)
[local] Emerson PAC Machine Edition 9.70 Build 8595 – 'FxControlRuntime' Unquoted Service Path
18 November 2019, 12:00 amEmerson PAC Machine Edition 9.70 Build 8595 – ‘FxControlRuntime’ Unquoted Service Path
[dos] iSmartViewPro 1.3.34 – Denial of Service (PoC)
18 November 2019, 12:00 amiSmartViewPro 1.3.34 – Denial of Service (PoC)
[remote] nipper-ng 0.11.10 – Remote Buffer Overflow (PoC)
18 November 2019, 12:00 amnipper-ng 0.11.10 – Remote Buffer Overflow (PoC)
[local] Shrew Soft VPN Client 2.2.2 – 'iked' Unquoted Service Path
15 November 2019, 12:00 amShrew Soft VPN Client 2.2.2 – ‘iked’ Unquoted Service Path
[dos] Siemens Desigo PX 6.00 – Denial of Service (PoC)
14 November 2019, 12:00 amSiemens Desigo PX 6.00 – Denial of Service (PoC)
[local] oXygen XML Editor 21.1.1 – XML External Entity Injection
14 November 2019, 12:00 amoXygen XML Editor 21.1.1 – XML External Entity Injection
[webapps] Xfilesharing 2.5.1 – Arbitrary File Upload
14 November 2019, 12:00 amXfilesharing 2.5.1 – Arbitrary File Upload
[webapps] FUDForum 3.0.9 – Remote Code Execution
13 November 2019, 12:00 amFUDForum 3.0.9 – Remote Code Execution
[webapps] Technicolor TD5130.2 – Remote Command Execution
13 November 2019, 12:00 amTechnicolor TD5130.2 – Remote Command Execution
[webapps] Technicolor TC7300.B0 – 'hostname' Persistent Cross-Site Scripting
13 November 2019, 12:00 amTechnicolor TC7300.B0 – ‘hostname’ Persistent Cross-Site Scripting
[webapps] gSOAP 2.8 – Directory Traversal
13 November 2019, 12:00 amgSOAP 2.8 – Directory Traversal
[webapps] Fastweb Fastgate 0.00.81 – Remote Code Execution
13 November 2019, 12:00 amFastweb Fastgate 0.00.81 – Remote Code Execution
[local] ScanGuard Antivirus 2020 – Insecure Folder Permissions
13 November 2019, 12:00 amScanGuard Antivirus 2020 – Insecure Folder Permissions
[webapps] Linear eMerge E3 1.00-06 – Remote Code Execution
13 November 2019, 12:00 amLinear eMerge E3 1.00-06 – Remote Code Execution
[webapps] Joomla 3.9.13 – 'Host' Header Injection
12 November 2019, 12:00 amJoomla 3.9.13 – ‘Host’ Header Injection
[webapps] Prima Access Control 2.3.35 – Arbitrary File Upload
12 November 2019, 12:00 amPrima Access Control 2.3.35 – Arbitrary File Upload
[webapps] Prima Access Control 2.3.35 – 'HwName' Persistent Cross-Site Scripting
12 November 2019, 12:00 amPrima Access Control 2.3.35 – ‘HwName’ Persistent Cross-Site Scripting
[remote] eMerge E3 Access Controller 4.6.07 – Remote Code Execution
12 November 2019, 12:00 ameMerge E3 Access Controller 4.6.07 – Remote Code Execution
[webapps] Atlassian Confluence 6.15.1 – Directory Traversal (Metasploit)
12 November 2019, 12:00 amAtlassian Confluence 6.15.1 – Directory Traversal (Metasploit)
[remote] CBAS-Web 19.0.0 – Information Disclosure
12 November 2019, 12:00 amCBAS-Web 19.0.0 – Information Disclosure
[webapps] CBAS-Web 19.0.0 – Remote Code Execution
12 November 2019, 12:00 amCBAS-Web 19.0.0 – Remote Code Execution
[webapps] Optergy 2.3.0a – Username Disclosure
12 November 2019, 12:00 amOptergy 2.3.0a – Username Disclosure
[webapps] Optergy 2.3.0a – Cross-Site Request Forgery (Add Admin)
12 November 2019, 12:00 amOptergy 2.3.0a – Cross-Site Request Forgery (Add Admin)
[local] RTK IIS Codec Service 6.4.10041.133 – 'RtkI2SCodec' Unquote Service Path
12 November 2019, 12:00 amRTK IIS Codec Service 6.4.10041.133 – ‘RtkI2SCodec’ Unquote Service Path
[webapps] Optergy 2.3.0a – Remote Code Execution (Backdoor)
12 November 2019, 12:00 amOptergy 2.3.0a – Remote Code Execution (Backdoor)
[webapps] Adrenalin Core HCM 5.4.0 – 'ReportID' Reflected Cross-Site Scripting
12 November 2019, 12:00 amAdrenalin Core HCM 5.4.0 – ‘ReportID’ Reflected Cross-Site Scripting
[webapps] FlexAir Access Control 2.3.35 – Authentication Bypass
12 November 2019, 12:00 amFlexAir Access Control 2.3.35 – Authentication Bypass
[local] Control Center PRO 6.2.9 – Local Stack Based Buffer Overflow (SEH)
12 November 2019, 12:00 amControl Center PRO 6.2.9 – Local Stack Based Buffer Overflow (SEH)
[webapps] CBAS-Web 19.0.0 – 'id' Boolean-based Blind SQL Injection
12 November 2019, 12:00 amCBAS-Web 19.0.0 – ‘id’ Boolean-based Blind SQL Injection
[webapps] FlexAir Access Control 2.4.9api3 – Remote Code Execution
12 November 2019, 12:00 amFlexAir Access Control 2.4.9api3 – Remote Code Execution
[webapps] CBAS-Web 19.0.0 – Username Enumeration
12 November 2019, 12:00 amCBAS-Web 19.0.0 – Username Enumeration
[local] Alps Pointing-device Controller 8.1202.1711.04 – 'ApHidMonitorService' Unquoted Service Path
12 November 2019, 12:00 amAlps Pointing-device Controller 8.1202.1711.04 – ‘ApHidMonitorService’ Unquoted Service Path
[webapps] CBAS-Web 19.0.0 – Cross-Site Request Forgery (Add Super Admin)
12 November 2019, 12:00 amCBAS-Web 19.0.0 – Cross-Site Request Forgery (Add Super Admin)
[webapps] Optergy 2.3.0a – Remote Code Execution
12 November 2019, 12:00 amOptergy 2.3.0a – Remote Code Execution
[remote] eMerge E3 Access Controller 4.6.07 – Remote Code Execution (Metasploit)
12 November 2019, 12:00 ameMerge E3 Access Controller 4.6.07 – Remote Code Execution (Metasploit)
[webapps] eMerge E3 1.00-06 – 'layout' Reflected Cross-Site Scripting
12 November 2019, 12:00 ameMerge E3 1.00-06 – ‘layout’ Reflected Cross-Site Scripting
[webapps] eMerge50P 5000P 4.6.07 – Remote Code Execution
12 November 2019, 12:00 ameMerge50P 5000P 4.6.07 – Remote Code Execution
[webapps] Bematech Printer MP-4200 – Denial of Service
12 November 2019, 12:00 amBematech Printer MP-4200 – Denial of Service
[webapps] eMerge E3 1.00-06 – Arbitrary File Upload
12 November 2019, 12:00 ameMerge E3 1.00-06 – Arbitrary File Upload
[local] Wondershare Application Framework Service – "WsAppService" Unquote Service Path
12 November 2019, 12:00 amWondershare Application Framework Service – “WsAppService” Unquote Service Path