Lastest MorXploit:

Title Author Date
New! Exploit Google Voice private number disclosure Simo Ben youssef 2014-04-04
New! Exploit Adobe Multiple Web Vulnerabilities exploit Simo Ben youssef 2014-27-03
New! Exploit Kloxo remote root exploit Simo Ben youssef 2014-26-02
New! Paper Smashing Bitcoin BrainWallets for fun and profit! paper Simo Ben youssef 2014-30-01
 Exploit Zimbra file inclusion/Shell upload exploit Simo Ben youssef 2014-24-01
 Exploit Zimbra file inclusion/Admin account creation exploit Simo Ben youssef 2014-21-01
Tool MorXAntiRE v1.5 Anti reverse code engineering and dynamic analysis tool Ayoub Faouzi 2013-28-12
Updated! Exploit Cisco Linksys CSRF password change exploit Simo Ben youssef 2013-12-12
 Tool MorXCrack v1.2: Multi-Algorithm/CMS password cracking tool Simo Ben youssef 2013-15-11
Tool MorXBrute v1.01 Beta: HTTP password cracking tool Simo Ben youssef 2013-08-11
 Exploit PHP + Apache remote code execution exploit Simo Ben youssef 2013-03-11
Exploit vBulletin remote admin injection exploit Simo Ben youssef 2013-18-09
Tool MorxBook: Facebook dictionary-attack based tool Simo Ben youssef 2013-17-04

Latest CVE Feed:

  • CVE-2014-3055 - SQL injection vulnerability in the Unified Task List (UTL) Portlet for IBM WebSphere Portal 7.x and 8.x through 8.0.0.1 CF12 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
  • CVE-2014-3054 - Multiple open redirect vulnerabilities in the Unified Task List (UTL) Portlet for IBM WebSphere Portal 7.x and 8.x through 8.0.0.1 CF12 allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.
  • CVE-2014-3896 - Multiple cross-site request forgery (CSRF) vulnerabilities in CGI programs in Seeds acmailer before 3.8.17 and 3.9.x before 3.9.10 Beta allow remote attackers to hijack the authentication of arbitrary users for requests that modify or delete data, as demonstrated by modifying data affecting authorization.
  • CVE-2014-3895 - The I-O DATA TS-WLCAM camera with firmware 1.06 and earlier, TS-WLCAM/V camera with firmware 1.06 and earlier, TS-WPTCAM camera with firmware 1.08 and earlier, TS-PTCAM camera with firmware 1.08 and earlier, TS-PTCAM/POE camera with firmware 1.08 and earlier, and TS-WLC2 camera with firmware 1.02 and earlier allow remote attackers to bypass authentication, and consequently obtain sensitive credential and configuration data, via unspecified vectors.
  • CVE-2014-3057 - Cross-site scripting (XSS) vulnerability in the Unified Task List (UTL) Portlet for IBM WebSphere Portal 7.x and 8.x through 8.0.0.1 CF12 allows remote attackers to inject arbitrary web script or HTML via a crafted URL.
  • CVE-2014-3026 - CRLF injection vulnerability in IBM Maximo Asset Management 7.5 through 7.5.0.6, and 7.5 through 7.5.0.3 and 7.5.1 through 7.5.1.2 for SmartCloud Control Desk, allows remote authenticated users to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors.