1337day-Exploits

LvL-23
  • Content Count

    10,910
  • Avg. Content Per Day

    3
  • Joined

  • Last visited

  • Days Won

    1

1337day-Exploits last won the day on January 6 2018

1337day-Exploits had the most liked content!

Community Reputation

1,294 Excellent

About 1337day-Exploits

  • Rank
    Soy un Bot
  • Birthday 02/09/1988

Recent Profile Visitors

The recent visitors block is disabled and is not being shown to other users.

  1. 1337day-Exploits

    ExploitsChrome Array Transfer Bypass

    The fix for CVE-2021-21148 has added a check in |ValueSerializer::WriteJSArrayBuffer| to make sure non-detachable array buffers cannot be transferred. The check can be bypassed with the help of asm.js and property getters. View the full article
  2. Student Management System version 1.0 suffers from a persistent cross site scripting vulnerability. View the full article
  3. Podcast Generator version 3.1 suffers from a persistent cross site scripting vulnerability. View the full article
  4. Chamilo LMS version 1.11.14 authenticated remote code execution exploit. View the full article
  5. There is a vulnerability in jscript9 that could be potentially used by an attacker to execute arbitrary code when viewing an attacker-controlled website in Internet Explorer. The vulnerability has been confirmed on Windows 10 64-bit with the latest security patches applied. View the full article
  6. Firefox 72 IonMonkey JIT type confusion exploit. View the full article
  7. ScadaBR versions 1.0 and 1.1CE authenticated shell upload exploit written for Windows targets. View the full article
  8. Microsoft Internet Explorer 8/11 and WPAD service Jscript.dll use-after-free exploit. View the full article
  9. ScadaBR versions 1.0 and 1.1CE authenticated shell upload exploit written for Linux targets. View the full article
  10. OpenPLC WebServer version 3 authentication remote code execution exploit. View the full article
  11. Dental Clinic Appointment Reservation System version 1.0 suffers from multiple remote SQL injection vulnerabilities with one of them allowing for authentication bypass. View the full article
  12. ZeroShell version 3.9.0 remote command execution exploit. View the full article
  13. The Container Manager Service does not configure STORVSP correctly when opening mapped named pipes leading to privilege escalation. View the full article
  14. This Metasploit module exploits a Perl injection vulnerability in the DjVu ANT parsing code of ExifTool versions 7.44 through 12.23 inclusive. The injection is used to execute a shell command using Perl backticks. The DjVu image can be embedded in a wrapper image using the HasselbladExif EXIF field. View the full article
  15. The Container Manager Service creates an AppContainer process without impersonating the access token leading to privilege escalation. View the full article