The Windscribe VPN client application for Windows makes use of a Windows service WindscribeService.exe which exposes a named pipe \.pipeWindscribeService allowing execution of programs with elevated privileges. Windscribe versions prior to 1.82 do not validate user-supplied program names, allowing execution of arbitrary commands as SYSTEM. This Metasploit module has been tested successfully on Windscribe versions […]
AbsoluteTelnet 11.12 – ‘license name’ Denial of Service (PoC)
Tags:
0day,
remote exploit
Cisco Data Center Network Manager 11.2.1 – ‘LanFabricImpl’ Command Injection
Tags:
0day,
remote exploit
AbsoluteTelnet 11.12 – “license name” Denial of Service (PoC)
Tags:
0day,
remote exploit
Cisco Data Center Network Manager 11.2.1 – ‘getVmHostData’ SQL Injection
Tags:
0day,
remote exploit
Online Job Portal 1.0 – ‘user_email’ SQL Injection
Tags:
0day,
remote exploit
VIM 8.2 – Denial of Service (PoC)
Tags:
0day,
remote exploit
Cisco Data Center Network Manager 11.2 – Remote Code Execution
Tags:
0day,
remote exploit
Ecommerce Systempay 1.0 – Production KEY Brute Force
Tags:
0day,
remote exploit
Online Job Portal 1.0 – Cross Site Request Forgery (Add User)
Tags:
0day,
remote exploit