1337day-Exploits

LvL-23
  • Content Count

    9,581
  • Avg. Content Per Day

    3
  • Joined

  • Last visited

  • Days Won

    1

Everything posted by 1337day-Exploits

  1. FreeType suffers from a heap buffer overflow vulnerability due to integer truncation in Load_SBit_Png. View the full article
  2. Oracle Business Intelligence Enterprise Edition versions 5.5.0.0.0, 12.2.1.3.0, and 12.2.1.4.0 suffer from local file inclusion and directory traversal vulnerabilities. View the full article
  3. God Kings version 0.60.1 suffers from an improper authorization issue allowing for in-game notification spoofing. View the full article
  4. CSE Bookstore version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass. View the full article
  5. Nagios XI version 5.7.3 mibs.php remote command injection exploit. View the full article
  6. Blueman versions prior to 2.1.4 suffer from a local privilege escalation vulnerability that achieves root. View the full article
  7. aptdaemon versions prior to 1.1.1 suffer from a file existence disclosure vulnerability. View the full article
  8. PackageKit versions prior to 1.1.13 suffer from a file existence disclosure vulnerability. View the full article
  9. Online Library Management System version 1.0 suffers from a remote shell upload vulnerability. View the full article
  10. Point of Sales version 1.0 suffers from a remote SQL injection vulnerability. View the full article
  11. Gym Management System version 1.0 suffers from multiple remote SQL injection vulnerabilities. View the full article
  12. Gym Management System version 1.0 suffers from a persistent cross site scripting vulnerability. View the full article
  13. EPSON version 1.124 suffers from an unquoted service path vulnerability. View the full article
  14. Program Access Controller version 1.2.0.0 suffers from an unquoted service path vulnerability. View the full article
  15. Prey version 1.9.6 suffers from an unquoted service path vulnerability. View the full article
  16. IP Watcher version 3.0.0.30 suffers from an unquoted service path vulnerability. View the full article
  17. TDM Digital Signage Windows Player version 4.1 suffers from an elevation of privileges vulnerability which can be used by a simple authenticated user that can change the executable file with a binary of choice. View the full article
  18. Sentrifugo version 3.2 suffers from a restriction bypass vulnerability that allows for a remote shell upload. View the full article
  19. Adtec Digital is a leading manufacturer of Broadcast, Cable and IPTV products and solutions. Many of their devices utilize hard-coded and default credentials within its Linux distribution image for Web/Telnet/SSH access. A remote attacker could exploit this vulnerability by logging in using the default credentials for accessing the web interface or gain shell access as root. View the full article
  20. Sphider Search Engine version 1.3.6 remote code execution exploit. View the full article
  21. The Genexis Platinum-4410 router suffers from a persistent cross site scripting vulnerability. View the full article
  22. Online Health Care System version 1.0 suffers from multiple persistent cross site scripting vulnerabilities. View the full article
  23. InoERP version 0.7.2 suffers from an unauthenticated remote code execution vulnerability. View the full article
  24. PDW File Browser versions 1.3 and below suffer from a cross site scripting vulnerability. View the full article
  25. CMS Made Simple version 2.1.6 suffers from a server-side template injection vulnerability. View the full article