exploit the possibilities

Register | Login

FilesNewsUsersAuthors

Home Files News &[SERVICES_TAB]About Contact Add New

Showing 1 - 22 of 22

Files Date: 2022-04-19

BlueZ Key Theft / bluetoothd Double-Free

Posted Apr 19, 2022

Authored by Jann Horn, Google Security Research

BlueZ suffers from a vulnerability where a malicious USB device can steal Bluetooth link keys over HCI using a fake BD_ADDR. It was also discovered that bluetoothd suffers from a double-free memory corruption flaw.

tags | exploit

SHA-256 | 8a1aa43e53f3253ec88afc78d193bedf1f90ff6d4fdbe4fc1be57e91906b1055

Download | Favorite | View

Backdoor.Win32.GateHell.21 MVID-2022-0559 Authentication Bypass

Posted Apr 19, 2022

Authored by malvuln | Site malvuln.com

Backdoor.Win32.GateHell.21 malware suffers from an authentication bypass vulnerability.

tags | exploit, bypass

systems | windows

SHA-256 | 3190bfb5d5a0c4124a88bc50873589e7242c550aaf54cc63e175b599737268ef

Download | Favorite | View

Backdoor.Win32.Delf.zn MVID-2022-0556 Insecure Credential Storage

Posted Apr 19, 2022

Authored by malvuln | Site malvuln.com

Backdoor.Win32.Delf.zn malware suffers from an insecure credential storage vulnerability.

tags | exploit

systems | windows

SHA-256 | 7e8128a40977898958af81861cbe4f43dc3648a1dd0f157508fad6059ee5906f

Download | Favorite | View

Linux FUSE Use-After-Free

Posted Apr 19, 2022

Authored by Jann Horn, Google Security Research

Linux suffers from a vulnerability where FUSE allows use-after-free reads of write() buffers, allowing theft of (partial) /etc/shadow hashes.

tags | exploit

systems | linux

advisories | CVE-2022-1011

SHA-256 | 2013a523f6140f5f94778f15578c0f1d52f0a0bddd81e46cc48963fbe8fd4efb

Download | Favorite | View

WordPress Motopress Hotel Booking Lite 4.2.4 SQL Injection

Posted Apr 19, 2022

Authored by Mohsen Dehghani

WordPress Motopress Hotel Booking Lite plugin version 4.2.4 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection

SHA-256 | 914ad3c3fd71f7628fda4b48fd16fa46069330a724a0ec167ec4e4d0515a5dec

Download | Favorite | View

Linux watch_queue Filter Out-Of-Bounds Write

Posted Apr 19, 2022

Authored by Jann Horn, Google Security Research

The Linux watch_queue filter suffers from an out of bounds write vulnerability.

tags | exploit

systems | linux

advisories | CVE-2022-0995

SHA-256 | 48bdbb27c736f9c5dd12453993d4bc23ee38e3c25b3e23faef205b92dcf36f51

Download | Favorite | View

Backdoor.Win32.GateHell.21 MVID-2022-0560 Man-In-The-Middle

Posted Apr 19, 2022

Authored by malvuln | Site malvuln.com

Backdoor.Win32.GateHell.21 malware suffers from a man-in-the-middle vulnerability.

tags | exploit

systems | windows

SHA-256 | fb04e507bae988cc286d25bb522e3c1f71064fcbc387cf8ca15db623d35efe32

Download | Favorite | View

WordPress Popup Maker 1.16.5 Cross Site Scripting

Posted Apr 19, 2022

Authored by Roel van Beurden

WordPress Popup Maker plugin version 1.16.5 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss

SHA-256 | dee276834c2f22c859c03de891f52e084ba8a1b053932c41a024857eb60f17be

Download | Favorite | View

Responsive Online Blog 1.0 SQL Injection

Posted Apr 19, 2022

Authored by Gideon Kamioka

Responsive Online Blog version 1.0 remote blind boolean-based SQL injection exploit that retrieves usernames and md5 hashes for all site users. Original discovery of the vulnerability is attributed to Eren Simsek.

tags | exploit, remote, sql injection

SHA-256 | c634f31939174a321d757a740478f2bfd92ba7af07de46c1cfb674802dc56f95

Download | Favorite | View

Backdoor.Win32.Psychward.03.a MVID-2022-0558 Weak Hardcoded Password

Posted Apr 19, 2022

Authored by malvuln | Site malvuln.com

Backdoor.Win32.Psychward.03.a malware suffers from a weak hardcoded password vulnerability.

tags | exploit

systems | windows

SHA-256 | e60183fc12ff9f8fc0aeee49534382cfc78957b4f1688188c4ce9ccee1ca11a4

Download | Favorite | View

ManageEngine ADSelfService Plus 6.1 User Enumeration

Posted Apr 19, 2022

Authored by Metin Yunus Kandemir

ManageEngine ADSelfService Plus version 6.1 suffers from a user enumeration vulnerability.

tags | exploit

SHA-256 | eb9a81d41b9726f90f1a950f6c1fd4f1b49ee04e2d812c1fb2175672b960b945

Download | Favorite | View

PKP Open Journals System 3.3 Cross Site Scripting

Posted Apr 19, 2022

Authored by Hemant Kashyap

PKP Open Journals System version 3.3 suffers from a cross site scripting vulnerability.

tags | exploit, xss

SHA-256 | 67aadba8bd4248f3de42afe272ee9a9c41f0a0f57451d6b22f43dee9b3f12ce9

Download | Favorite | View

Backdoor.Win32.Hupigon.haqj MVID-2022-0557 Unquoted Service Path

Posted Apr 19, 2022

Authored by malvuln | Site malvuln.com

Backdoor.Win32.Hupigon.haqj malware suffers from an unquoted service path vulnerability.

tags | exploit

systems | windows

SHA-256 | c5de4479a199997b108b0670600e75d12afe5d686f320faa79aae87a51d998b1

Download | Favorite | View

XDNR Shellcode Cryptor / Encoder

Posted Apr 19, 2022

Authored by Xenofon Vassilakopoulos

X0R Cryptor with DEC/N0T/R0R encoder plus random byte insertion.

tags | tool, shellcode

SHA-256 | 79b9b9a6dd757b66b2e94d3630b76899ed2e53218846c0933182d8877820babb

Download | Favorite | View

Trojan.Win32.TScash.c MVID-2022-0555 Insecure Permissions

Posted Apr 19, 2022

Authored by malvuln | Site malvuln.com

Trojan.Win32.TScash.c malware suffers from an insecure permissions vulnerability.

tags | exploit, trojan

systems | windows

SHA-256 | 69487eb38af16801edd3360296f7b2ff32a4375bd9ccb641d55d125bb96bd6f7

Download | Favorite | View

WordPress Videos Sync PDF 1.7.4 Cross Site Scripting

Posted Apr 19, 2022

Authored by UnD3sc0n0c1d0

WordPress Videos Sync PDF plugin version 1.7.4 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss

SHA-256 | 41f970308e1cead2aaa7c61ea82528c4ebdaf84a4d1a66a685ac2618520f2e85

Download | Favorite | View

Backdoor.Win32.Loselove MVID-2022-0554 Denial Of Service

Posted Apr 19, 2022

Authored by malvuln | Site malvuln.com

Backdoor.Win32.Loselove malware suffers from a denial of service vulnerability.

tags | exploit, denial of service

systems | windows

SHA-256 | e20819d053017f84c58f89fc817e9f52fb84cd84890060424048c4fae5cc9d0c

Download | Favorite | View

WordPress Elementor 3.6.2 Shell Upload

Posted Apr 19, 2022

Authored by AkuCyberSec

WordPress Elementor versions 3.6.0, 3.6.1, and 3.6.2 suffer from a remote shell upload vulnerability.

tags | exploit, remote, shell

SHA-256 | 603237e279a2f8ffe3ece2867c143ddd6adc454ce1a658fa415b646b8ddb139f

Download | Favorite | View

HackTool.Win32.Delf.vs MVID-2022-0553 Insecure Credential Storage

Posted Apr 19, 2022

Authored by malvuln | Site malvuln.com

HackTool.Win32.Delf.vs malware suffers from an insecure credential storage vulnerability.

tags | exploit

systems | windows

SHA-256 | 07d58d34c46fa2097af32053d721a24a98bb224a63501613ae269e51db9e5542

Download | Favorite | View

EaseUS Data Recovery 15.1.0.0 Unquoted Service Path

Posted Apr 19, 2022

Authored by bios

EaseUS Data Recovery version 15.1.0.0 suffers from an unquoted service path vulnerability.

tags | exploit

SHA-256 | fdf5b96bdb4d9a05cd08730e27d0c0388bae86187469eaa1482a05446ec2da40

Download | Favorite | View

PTPublisher 2.3.4 Unquoted Service Path

Posted Apr 19, 2022

Authored by bios

PTPublisher version 2.3.4 suffers from an unquoted service path vulnerability.

tags | exploit

SHA-256 | 61ec8f86f89c1027ba570c9976e2f3492a26caf8bc7fec1a9dd4c9767d6ae4da

Download | Favorite | View

Goodbye Tracking? Impact Of iOS App Tracking Transparency And Privacy Labels

Posted Apr 19, 2022

Authored by Max Van Kleek,, Nigel Shadbolt, Anastasia Shuba, Reuben Binns, Konrad Kollnig | Site arxiv.org

This is a research paper titled Goodbye Tracking? Impact Of iOS App Tracking Transparency And Privacy Labels. It analyzes 1,759 iOS apps before and after the changes in iOS 14.

tags | paper

systems | ios

SHA-256 | f2c94b3fe30d62f6090a9abdcdc56152591090977c196e48ef151cadea9e410a

Download | Favorite | View