-
Content Count
11,390 -
Avg. Content Per Day
3 -
Joined
-
Last visited
-
Days Won
1
10 Followers
-
ExploitsBackdoor.Win32.WinShell.40 Code Execution
a topic posted 1337day-Exploits in Updated Exploits
Backdoor.Win32.WinShell.40 malware suffers from a code execution vulnerability. View the full article -
ExploitsEvent Registration System With QR Code 1.0 Shell Upload
a topic posted 1337day-Exploits in Updated Exploits
Event Registration System with QR Code version 1.0 suffers from authentication bypass and shell upload vulnerabilities. View the full article -
ExploitsDenver Smart Wifi Camera SHC-150 Remote Code Execution
a topic posted 1337day-Exploits in Updated Exploits
Denver Smart Wifi Camera SHC-150 has a hardcoded backdoor login vulnerability available via telnet that gives a shell. View the full article -
eGain Chat version 15.5.5 suffers from a cross site scripting vulnerability. View the full article
-
ExploitsTripSpark VEO Transportation SQL Injection
a topic posted 1337day-Exploits in Updated Exploits
TripSpark VEO Transportation suffers from a remote blind SQL injection vulnerability. View the full article -
ExploitsPHP 7.3.15-3 PHP_SESSION_UPLOAD_PROGRESS Session Data Injection
a topic posted 1337day-Exploits in Updated Exploits
PHP version 7.3.15-3 suffers from a PHP_SESSION_UPLOAD_PROGRESS session data injection vulnerability. View the full article -
ExploitsWordPress Social Warfare 3.5.2 Remote Code Execution
a topic posted 1337day-Exploits in Updated Exploits
WordPress Social Warfare plugin version 3.5.2 remote code execution exploit. This fully automated exploit is a variation of the original discovery made by Luka Sikic and hash3liZer in May of 2019. View the full article -
ExploitsWordPress SP Project And Document Remote Code Execution
a topic posted 1337day-Exploits in Updated Exploits
This Metasploit module allows an attacker with a privileged WordPress account to launch a reverse shell due to an arbitrary file upload vulnerability in WordPress SP Project and Document plugin versions prior to 4.22. The security check only searches for lowercase file extensions such as .php, making it possible to upload .pHP files for instance. Finally, the uploaded payload can be triggered by a call to /wp-content/uploads/sp-client-document-manager//.php. View the full article -
Backdoor.Win32.Nbdd.bgz malware suffers from a buffer overflow vulnerability. View the full article
-
ExploitsBackdoor.Win32.Bifrose.acci Buffer Overflow
a topic posted 1337day-Exploits in Updated Exploits
Backdoor.Win32.Bifrose.acci malware suffers from a buffer overflow vulnerability that can allow for code execution. View the full article -
ExploitsWordPress Modern Events Calendar Remote Code Execution
a topic posted 1337day-Exploits in Updated Exploits
This Metasploit module allows an attacker with a privileged WordPress account to launch a reverse shell due to an arbitrary file upload vulnerability in WordPress Modern Events Calendar plugin versions prior to 5.16.5. This is due to an incorrect check of the uploaded file extension. Indeed, by using text/csv content-type in a request, it is possible to upload a .php payload as is is not forbidden by the plugin. Finally, the uploaded payload can be triggered by a call to /wp-content/uploads/.php. View the full article -
Backdoor.Win32.PsyRat.b malware suffers from a code execution vulnerability. View the full article
-
NoteBurner version 2.35 suffers from a denial of service vulnerability. View the full article
-
ExploitsBackdoor.Win32.PsyRat.b Denial Of Service
a topic posted 1337day-Exploits in Updated Exploits
Backdoor.Win32.PsyRat.b malware suffers from a denial of service vulnerability. View the full article -
Backdoor.Win32.Agent.cu malware suffers from a code execution vulnerability. View the full article