649

8 exploits Active since Jun 2017
CVE-2018-11776 NOMISEC HIGH WORKING POC
Apache Struts 2 Namespace Redirect OGNL Injection
Apache Struts versions 2.3 to 2.3.34 and 2.5 to 2.5.16 suffer from possible Remote Code Execution when alwaysSelectFullNamespace is true (either by user or a plugin like Convention Plugin) and then: results are used with no namespace and in same time, its upper package have no or wildcard namespace and similar to results, same possibility when using url tag which doesn't have value and action set and in same time, its upper package have no or wildcard namespace.
55 stars
CVSS 8.1
CVE-2018-10562 NOMISEC CRITICAL WORKING POC
Dasan GPON - Command Injection
An issue was discovered on Dasan GPON home routers. Command Injection can occur via the dest_host parameter in a diag_action=ping request to a GponForm/diag_Form URI. Because the router saves ping results in /tmp and transmits them to the user when the user revisits /diag.html, it's quite simple to execute commands and retrieve their output.
24 stars
CVSS 9.8
CVE-2017-5415 NOMISEC MEDIUM NO CODE
Firefox < 52 - SSRF
An attack can use a blob URL and script to spoof an arbitrary addressbar URL prefaced by "blob:" as the protocol, leading to user confusion and further spoofing attacks. This vulnerability affects Firefox < 52.
7 stars
CVSS 5.3
EIP-2026-118013 EXPLOITDB SUSPICIOUS
Tor (Firefox 41 < 50) - Code Execution
EIP-2026-116958 EXPLOITDB text SUSPICIOUS
Chrome 35.0.1916.153 - Sandbox Escape / Command Execution
CVE-2017-5415 EXPLOITDB MEDIUM html WORKING POC
Firefox < 52 - SSRF
An attack can use a blob URL and script to spoof an arbitrary addressbar URL prefaced by "blob:" as the protocol, leading to user confusion and further spoofing attacks. This vulnerability affects Firefox < 52.
CVSS 5.3
CVE-2018-1000115 EXPLOITDB HIGH python WORKING POC
Memcached <1.5.6 - DoS
Memcached version 1.5.5 contains an Insufficient Control of Network Message Volume (Network Amplification, CWE-406) vulnerability in the UDP support of the memcached server that can result in denial of service via network flood (traffic amplification of 1:50,000 has been reported by reliable sources). This attack appear to be exploitable via network connectivity to port 11211 UDP. This vulnerability appears to have been fixed in 1.5.6 due to the disabling of the UDP protocol by default.
CVSS 7.5
CVE-2017-9417 EXPLOITDB CRITICAL text WORKING POC
BCM43xx - RCE
Broadcom BCM43xx Wi-Fi chips allow remote attackers to execute arbitrary code via unspecified vectors, aka the "Broadpwn" issue.
CVSS 9.8