Showing 1 - 9 of 9

Files Date: 2017-12-22

Oracle MySQL UDF Payload Execution: Posted Dec 22, 2017; Authored by Tod Beardsley, Bernardo Damele, h00die | Site metasploit.com; This Metasploit module creates and enables a custom UDF (user defined function) on the target host via the SELECT ... into DUMPFILE method of binary injection. On default Microsoft Windows installations of MySQL versions 5.5.9 and below, directory write permissions not enforced, and the MySQL service runs as LocalSystem. NOTE: This Metasploit module will leave a payload executable on the target system when the attack is finished, as well as the UDF DLL, and will define or redefine sys_eval() and sys_exec() functions.; tags | exploit; systems | windows; SHA-256 | e271ecc64a4930d48b45420b13646e62bddc742c830913aff948fcd6de464829; Download | Favorite | View

eBPF Arbitrary Read/Write Via Incorrect Range Tracking: Posted Dec 22, 2017; Authored by Jann Horn, Google Security Research; eBPF suffers from an arbitrary read and write vulnerability via incorrect range tracking.; tags | exploit, arbitrary; SHA-256 | ff8c1e91a1ba546ed71727e97edcf01bc70d5b011af70fe28674fc85795208d5; Download | Favorite | View

Joomla JB Tour Booking 2.2.2 SQL Injection: Posted Dec 22, 2017; Authored by Bilal Kardadou; Joomla JB Tour Booking extension 2.2.2 suffers from a remote SQL injection vulnerability.; tags | exploit, remote, sql injection; SHA-256 | 2c6df2e9d3caed91473f5582e98da1114b6fa8ecdcc63ca7c25c3ac623b73993; Download | Favorite | View

Joomla JB Bus 2.3.0 SQL Injection: Posted Dec 22, 2017; Authored by Bilal Kardadou; Joomla JB Bus extension version 2.3.0 suffers from a remote SQL injection vulnerability.; tags | exploit, remote, sql injection; SHA-256 | 1311f447e6f594b94946b7b9e17f148e339d14d1370da9e1bb2554a6586e01b1; Download | Favorite | View

Roommate And Real Estate Listing Classified Response 1.0 XSS: Posted Dec 22, 2017; Authored by ShanoWeb; Roommate and Real Estate Listing Classified Response version 1.0 suffers from a cross site scripting vulnerability.; tags | exploit, xss; SHA-256 | d54780016e5b539d90fcd5e721cc4385e43883abf2fb9de472fb98d7df5ede2c; Download | Favorite | View

phpMars 1.0.9 Cross Site Scripting: Posted Dec 22, 2017; Authored by ShanoWeb; phpMars version 1.0.9 suffers from a cross site scripting vulnerability.; tags | exploit, xss; SHA-256 | 5eacbc92b83278eb20e4bae6ea00941e8ce5d9cc78dd784e776f1e79de4e840b; Download | Favorite | View

Online Hotel Booking System Pro 1.3 Cross Site Scripting: Posted Dec 22, 2017; Authored by ShanoWeb; Online Hotel Booking System Pro version 1.3 suffers from a cross site scripting vulnerability.; tags | exploit, xss; SHA-256 | 1ce0ef65b26d908451fe4e2ea0d1dce719e99f1f02ae723c6bb4fc49a81d9924; Download | Favorite | View

Trend Micro Smart Protection Server 3.2 XSS / Access Control / Disclosure: Posted Dec 22, 2017; Authored by Core Security Technologies, Maximiliano Vidal, Leandro Barragan | Site coresecurity.com; Trend Micro Smart Protection Server version 3.2 suffers from access control bypass, cross site scripting, information disclosure, and various other vulnerabilities.; tags | exploit, vulnerability, xss, info disclosure; advisories | CVE-2017-11398, CVE-2017-14094, CVE-2017-14095, CVE-2017-14096, CVE-2017-14097; SHA-256 | 149823a62c0b55b825b4c969054429d6a9537f6a010bb018f45e836ab0ce649f; Download | Favorite | View

ServersCheck Monitoring Software Cross Site Scripting: Posted Dec 22, 2017; Authored by Aloyce J. Makalanga; ServersCheck Monitoring Software versions prior to 14.2.3 suffers from a cross site scripting vulnerability.; tags | advisory, xss; advisories | CVE-2017-17832; SHA-256 | 049e6c97e6148e6901b69dff7cce9f1a2c50b27b741b2ba8c7a09abd0fa80032; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days