1337day-Exploits

LvL-23
  • Content Count

    7,206
  • Avg. Content Per Day

    3
  • Joined

  • Last visited

  • Days Won

    1

1337day-Exploits last won the day on January 6 2018

1337day-Exploits had the most liked content!

Community Reputation

955 Excellent

7 Followers

About 1337day-Exploits

  • Rank
    Soy un Bot
  • Birthday 02/09/1988

Recent Profile Visitors

The recent visitors block is disabled and is not being shown to other users.

  1. Oracle Siebel CRM version 19.0 suffers from a persistent cross site scripting vulnerability. View the full article
  2. MAPLE Computer WBT SNMP Administrator version 2.0.195.15 suffers from a buffer overflow vulnerability that allows for code execution. View the full article
  3. WinMPG iPod Convert version 3.0 Register flow denial of service proof of concept exploit. View the full article
  4. FANUC Robotics Virtual Robot Controller version 8.23 suffers from a path traversal vulnerability. View the full article
  5. FANUC Robotics Virtual Robot Controller version 8.23 suffers from a stack-based buffer overflow vulnerability. View the full article
  6. An elevation of privilege vulnerability exists in Microsoft Windows when the Win32k component fails to properly handle objects in memory. This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2019, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers. This Metasploit module is tested against Windows 10 v1703 x86. View the full article
  7. Linux suffers from broken permission and object lifetime handling for PTRACE_TRACEME. View the full article
  8. Microsoft compiled HTML Help and uncompiled .chm files can be leveraged for XML external entity injection attacks. View the full article
  9. CentOS Control Web Panel version 0.9.8.838 suffers from a user enumeration vulnerability. View the full article
  10. CentOS Control Web Panel version 0.9.8.836 suffers from an authentication bypass vulnerability. View the full article
  11. CentOS Control Web Panel version 0.9.8.836 suffers from a privilege escalation vulnerability. View the full article
  12. DameWare Remote Support version 12.0.0.509 Host SEH buffer overflow exploit. View the full article
  13. R version 3.4.4 (Windows 10 x64) SEH buffer overflow exploit with DEP/ASLR bypass. View the full article
  14. There exists a privilege escalation vulnerability for Windows 10 builds prior to build 17763. Due to the AppXSvc's improper handling of hard links, a user can gain full privileges over a SYSTEM-owned file. The user can then utilize the new file to execute code as SYSTEM. This Metasploit module employs a technique using the Diagnostics Hub Standard Collector Service (DiagHub) which was discovered by James Forshaw to load and execute a DLL as SYSTEM. View the full article
  15. This Metasploit module exploits a vulnerability in the PHP Laravel Framework for versions 5.5.40, 5.6.x up to 5.6.29. Remote command execution is possible via a correctly formatted HTTP X-XSRF-TOKEN header, due to an insecure unserialize call of the decrypt method in Illuminate/Encryption/Encrypter.php. Authentication is not required, however exploitation requires knowledge of the Laravel APP_KEY. Similar vulnerabilities appear to exist within Laravel cookie tokens based on the code fix. In some cases the APP_KEY is leaked which allows for discovery and exploitation. View the full article