HTDark | Underground Hacking Forum and Cybersecurity Community
  • Earn real money by being active: Hello Guest, earn real money by simply being active on the forum — post quality content, get reactions, and help the community. Once you reach the minimum credit amount, you’ll be able to withdraw your balance directly. Learn how it works.

exploits

  1. 1

    Exploits Moxa EDR-810 Command Injection / Information Disclosure

    Moxa EDR-810 suffers from command injection and information disclosure vulnerabilities. View the full article
  2. 1

    Exploits Xorg X11 Server SUID modulepath Privilege Escalation

    This Metasploit module attempts to gain root privileges with SUID Xorg X11 server versions 1.19.0 up to 1.20.3. A permission check flaw exists for -modulepath and -logfile options when starting Xorg. This allows unprivileged users that can start the server the ability to elevate privileges and...
  3. 1

    Exploits Total.js CMS 12 Widget JavaScript Code Injection

    This Metasploit module exploits a vulnerability in Total.js CMS. The issue is that a user with admin permission can embed a malicious JavaScript payload in a widget, which is evaluated server side, and gain remote code execution. View the full article
  4. 1

    Exploits Trend Micro Anti-Threat Toolkit (ATTK) 1.62.0.1218 Remote Code Execution

    Trend Micro Anti-Threat Toolkit (ATTK) versions 1.62.0.1218 and below suffer from a remote code execution vulnerability. View the full article
  5. 1

    Exploits WinRAR 5.80 XML Injection

    WinRAR version 5.80 suffers from an XML external entity injection vulnerability. View the full article
  6. 1

    Exploits WinRAR 5.80 Memory Corruption

    WinRAR version 5.80 suffers from a memory corruption vulnerability that allows for denial of service. View the full article
  7. 1

    Exploits NASA NODIS Cross Site Scripting

    The NASA Online Directives Information System suffers from a cross site scripting vulnerability that can be leveraged via the User-Agent header. The researcher has notified NASA and has not received a response. View the full article
  8. 1

    Exploits Sangoma SBC 2.3.23-119-GA Authentication Bypass

    A remotely exploitable vulnerability exists in the 2.3.23-119-GA version of Sangoma SBC that would allow an unauthenticated user to bypass authentication and login as a non-existent user but with complete access to the dashboard including additional privileged user creation capabilities. View...
  9. 1

    Exploits Sangoma SBC 2.3.23-119-GA Unauthenticated User Creation

    A remotely exploitable vulnerability exists in the 2.3.23-119-GA version of Sangoma SBC that would allow an unauthenticated user to create a privileged user on the system using the web application login interface. View the full article
  10. 1

    Exploits WiKID Systems 2FA Enterprise Server 4.2.0-b2032 SQL Injection / XSS / CSRF

    WiKID Systems 2FA Enterprise Server version 4.2.0-b2032 suffers from cross site request forgery, cross site scripting, and remote SQL injection vulnerabilities. View the full article
  11. 1

    Exploits Android Binder Use-After-Free

    These are notes on further exploitation of the Android Binder use-after-free vulnerability as noted in CVE-2019-2215 and leveraged against Kernel 3.4.x and 3.18.x on Samsung Devices using Samsung Android and LineageOS. View the full article
  12. 1

    Exploits Restaurant Management System 1.0 Shell Upload

    Restaurant Management System version 1.0 suffers from a remote shell upload vulnerability. View the full article
  13. 1

    Exploits VIM 8.1.2135 Use-After-Free

    VIM version 8.1.2135 suffers from a heap use-after-free vulnerability using freed memory with autocmd. View the full article
  14. 1

    Exploits ThinVNC 1.0b1 Authentication Bypass

    ThinVNC version 1.0b1 suffers from an authentication bypass vulnerability. View the full article
  15. 1

    Exploits WordPress Popup Builder 3.49 Cross Site Scripting

    WordPress Popup Builder plugin version 3.49 suffers from a persistent cross site scripting vulnerability. View the full article
  16. 1

    Exploits VMware VeloCloud 3.3.0 / 3.2.2 Authorization Bypass

    VMware VeloCloud versions 3.3.0 and 3.2.2 suffer from an authorization bypass vulnerability. View the full article
  17. 1

    Exploits WordPress Soliloquy Lite 2.5.6 Cross Site Scripting

    WordPress Soliloquy Lite plugin version 2.5.6 suffers from a persistent cross site scripting vulnerability. View the full article
  18. 1

    Exploits WordPress FooGallery 1.8.12 Cross Site Scripting

    WordPress FooGallery plugin version 1.8.12 suffers from a persistent cross site scripting vulnerability. View the full article
  19. 1

    Exploits WorkgroupMail 7.5.1 WorkgroupMail Unquoted Service Path

    WorkgroupMail version 7.5.1 suffers from a WorkgroupMail unquoted service path vulnerability. View the full article
  20. 1

    Exploits Web Companion 5.1.1035.1047 WCAssistantService Unquoted Service Path

    Web Companion version 5.1.1035.1047 suffers from a WCAssistantService unquoted service path vulnerability. View the full article

exploits

exploits

Share this tag

Back
Top