Latest articles

Core FTP 2.0 – ‘XRMD’ Denial of Service (PoC)
# Exploit Title: Core FTP 2.0 - 'XRMD' Denial of Service (PoC) # Date: 2018-07-24 # Exploit Author: Erik David Martin # Vendor Homepage: [...]
Splinterware System Scheduler Pro 5.12 Buffer Overflow (SEH)
Splinterware Software Solutions, the home of the automation tool System Scheduler and journal notes manager iDailyDiary.
Malicious Cyber Activity Targeting ERP Applications
Digital Shadows Ltd. and Onapsis Inc. have released a report describing an increase in the exploitation of vulnerabilities in Enterprise Resource Planning [...]
SocioQuiz v2.0.5 unauthorized administrative access Vulnerability
==================================================================================================================================== | # Title : SocioQuiz [...]
File Upload Restrictions Bypass
  Whitepaper called File Upload Restrictions Bypass. Redirect Cross Site Scripting
A URL redirect at suffers from a cross site scripting vulnerability.
Ukrainian Sites Url Poisoning
2018.07.07 Mr-0mba404 (RS) Risk: Low Local: No Remote: Yes CVE: N/A CWE: N/A Dork: site:ua “cfg contactform” Exploit Title : UA SITES URL [...]
Sourcetree Remote Code Execution
2018.07.25 Credit: Etienne Stalmans Risk: High Local: No Remote: Yes CVE: CVE-2018-11235 | CVE-2018-13385 | CVE-2018-13386 CWE: N/A   This email [...]
Direct2Web Admin Panel Bypass
Exploit Title : Developed By: Direct2Web Admin Panel Bypass Dork : Developed By: Direct2Web Author : HUNT3R L!ON Team: D-Squad Hacking Group Tested on : [...]
Oracle WebLogic Server Takeover Server Exploit
2018.07.24 RedFree(CN) Risk: High Local: No Remote: Yes CVE: CVE-2018-2893 CWE: CWE-284 #!env python # -*- coding: utf-8 -*- import socket import time [...]