Search the Community

Showing results for tags 'Exploits'.



More search options

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • General doubts | News
    • General doubts
    • News
  • Hacking | Remote Administration | Bugs & Exploits
    • Hacking
    • Remote Administration
    • Bugs & Exploits
  • Programming | Web | SEO | Prefabricated applications
    • General Programming
    • Web Programming
    • Prefabricated Applications
    • SEO
  • Cracking Zone
    • Cracking Accounts
    • Reverse Engineering
  • Security & Anonymity
    • Security
    • Wireless Security
    • Web Security
    • Anonymity
  • Operating Systems | Hardware | Programs
    • Operating systems
    • Hardware
    • PC programs
    • iOS
    • Android
    • Windows Phone
  • Graphic Design
    • Graphic Design
  • vBCms Comments
  • live stream tv
    • live stream tv
  • Marketplace
    • Sell
    • Services
    • Request
  • Premium Accounts
    • Accounts
  • Modders Section
    • Source Codes
    • Manuals | Videos
    • Tools
    • Others
  • PRIV8-Section
    • Exploits
    • Accounts|Dumps
    • Crypter|Binder|Bots
    • Tutorials|Videos
    • Cracked Tools
    • Make Money
    • More Tools
    • Databeses
    • Ebooks
  • Cracking Zone PRIV8
    • Cracking Accounts
    • Reverse Engineering
    • Cracker Preview Area
  • Carding Zone PRIV8
    • Carding
    • Phishing
    • Defacing
    • Doxing
    • Special User Premium Preview Area

Blogs

There are no results to display.

There are no results to display.


Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


Location


Interests


Occupation


TeamViewer


Tox

Found 2,071 results

  1. Chrome suffers from an integer overflow vulnerability in NewFixedDoubleArray. View the full article
  2. In WinRAR versions prior to and including 5.61, there is path traversal vulnerability when crafting the filename field of the ACE format (in UNACEV2.dll). When the filename field is manipulated with specific patterns, the destination (extraction) folder is ignored, thus treating the filename as an absolute path. This module will attempt to extract a payload to the startup folder of the current user. It is limited such that we can only go back one folder. Therefore, for this exploit to work properly, the user must extract the supplied RAR file from one folder within the user profile folder (e.g. Desktop or Downloads). User restart is required to gain a shell. View the full article
  3. The hardened VirtualBox process on a Windows host does not secure its COM interface leading to arbitrary code injection and elevation of privilege. View the full article
  4. Sony Smart TVs suffer from information disclosure and arbitrary file read vulnerabilities. View the full article
  5. The Siemens R3964 line discipline code in drivers/tty/n_r3964.c has a few races around its ioctl handler; for example, the handler for R3964_ENABLE_SIGNALS just allocates and deletes elements in a linked list with zero locking. This code is reachable by an unprivileged user if the line discipline is enabled in the kernel config; Ubuntu 18.04, for example, ships this line discipline as a module. View the full article
  6. 74CMS version 5.0.1 suffers from a cross site request forgery vulnerability. View the full article
  7. 1337day-Exploits

    Exploits Linux Overflow Via FUSE

    Linux suffers from a page->_refcount overflow via FUSE with ~140GiB RAM usage. View the full article
  8. This Metasploit module exploits SQL injection and command injection vulnerability in the ManageEngine AM versions 14 and below. View the full article
  9. Ross Video DashBoard version 8.5.1 suffers from an elevation of privileges vulnerability which can be used by a simple authenticated user that can change the executable file with a binary of choice. The vulnerability exist due to the improper permissions, with the 'M' flag (Modify) or 'C' flag (Change) for 'Authenticated Users' group. View the full article
  10. UliCMS versions 2019.2 and 2019.1 suffers from multiple cross site scripting vulnerabilities. View the full article
  11. systemd suffers from a lack of seat verification in the PAM module and in turn permits the spoofing of an active session to polkit. View the full article
  12. Msvod version 10 suffers from a cross site request forgery vulnerability. View the full article
  13. WordPress Contact Form Builder plugin version 1.0.67 suffers from cross site request forgery and local file inclusion vulnerabilities. View the full article
  14. Google Chrome version 73.0.3683.103 V8 JavaScript Engine out-of-memory in invalid table size denial of service proof of concept exploit. View the full article
  15. Ease Audio Converter version 5.30 .mp4 denial of service proof of concept exploit. View the full article
  16. LabF nfsAxe version 3.7 ping client buffer overflow exploit. View the full article
  17. Zikula Core CMS version 2.0.13 suffers from a database disclosure vulnerability. View the full article
  18. RingsDB Software version 1.0.0 suffers from a database disclosure vulnerability. View the full article
  19. OpenDocMan Document Management System version 1.3.5 suffers from a database disclosure vulnerability. View the full article
  20. ChurchCRM Software version 3.3.2 suffers from a database disclosure vulnerability. View the full article
  21. Oracle Business Intelligence versions 11.1.1.9.0, 12.2.1.3.0, and 12.2.1.4.0 suffer from a directory traversal vulnerability. View the full article
  22. Oracle Business Intelligence and XML Publisher versions 11.1.1.9.0, 12.2.1.3.0, and 12.2.1.4.0 suffer from an XML external entity injection vulnerability. View the full article
  23. QNAP myQNAPcloud Connect version 1.3.4.0317 suffers from a username / password denial of service vulnerability. View the full article
  24. This Metasploit module attempts to gain root privileges by exploiting a vulnerability in the staprun executable included with SystemTap version 1.3. The staprun executable does not clear environment variables prior to executing modprobe, allowing an arbitrary configuration file to be specified in the MODPROBE_OPTIONS environment variable, resulting in arbitrary command execution with root privileges. This module has been tested successfully on: systemtap 1.2-1.fc13-i686 on Fedora 13 (i686); and systemtap 1.1-3.el5 on RHEL 5.5 (x64). View the full article
  25. Widget Connector Macro is part of Atlassian Confluence Server and Data Center that allows embed online videos, slideshows, photostreams and more directly into page. A _template parameter can be used to inject remote Java code into a Velocity template, and gain code execution. Authentication is not required to exploit this vulnerability. By default, Java payload will be used because it is cross-platform, but you can also specify which native payload you want (Linux or Windows). Confluence before version 6.6.12, from version 6.7.0 before 6.12.3, from version 6.13.0 before 6.13.3 and from version 6.14.0 before 6.14.2 are affected. View the full article