Lastest MorXploit:

Title Author Date
New! Exploit Yahoo! Mail Captcha bypass/Brute force exploit Simo Ben youssef 2014-15-09
New! Exploit Google Voice private number disclosure Simo Ben youssef 2014-04-04
New! Exploit Adobe Multiple Web Vulnerabilities exploit Simo Ben youssef 2014-27-03
New! Exploit Kloxo remote root exploit Simo Ben youssef 2014-26-02
New! Paper Smashing Bitcoin BrainWallets for fun and profit! paper Simo Ben youssef 2014-30-01
 Exploit Zimbra file inclusion/Shell upload exploit Simo Ben youssef 2014-24-01
 Exploit Zimbra file inclusion/Admin account creation exploit Simo Ben youssef 2014-21-01
Tool MorXAntiRE v1.5 Anti reverse code engineering and dynamic analysis tool Ayoub Faouzi 2013-28-12
Updated! Exploit Cisco Linksys CSRF password change exploit Simo Ben youssef 2013-12-12
 Tool MorXCrack v1.2: Multi-Algorithm/CMS password cracking tool Simo Ben youssef 2013-15-11
Tool MorXBrute v1.01 Beta: HTTP password cracking tool Simo Ben youssef 2013-08-11
 Exploit PHP + Apache remote code execution exploit Simo Ben youssef 2013-03-11
Exploit vBulletin remote admin injection exploit Simo Ben youssef 2013-18-09

p5rn7vb

Latest CVE Feed:

  • CVE-2012-6658 - Multiple cross-site scripting (XSS) vulnerabilities in SpiceWorks 5.3.75941 allow remote attackers to inject arbitrary web script or HTML via the (1) syslocation, (2) syscontact, or (3) sysName configuration in snmpd.conf. NOTE: this entry was SPLIT from CVE-2012-2956 per ADT2 due to different vulnerability types.
  • CVE-2012-2956 - SQL injection vulnerability in SpiceWorks 5.3.75941 allows remote authenticated users to execute arbitrary SQL commands via the id parameter to api_v2.json. NOTE: this entry was SPLIT per ADT2 due to different vulnerability types. CVE-2012-6658 is for the XSS.
  • CVE-2012-1507 - Multiple cross-site scripting (XSS) vulnerabilities in OrangeHRM before 2.7 allow remote attackers to inject arbitrary web script or HTML via the (1) newHspStatus parameter to plugins/ajaxCalls/haltResumeHsp.php, (2) sortOrder1 parameter to templates/hrfunct/emppop.php, or (3) uri parameter to index.php.
  • CVE-2012-1506 - SQL injection vulnerability in the updateStatus function in lib/models/benefits/Hsp.php in OrangeHRM before 2.7 allows remote authenticated users to execute arbitrary SQL commands via the hspSummaryId parameter to plugins/ajaxCalls/haltResumeHsp.php. NOTE: some of these details are obtained from third party information.
  • CVE-2014-5234 - Cross-site scripting (XSS) vulnerability in the backend in Open-Xchange (OX) AppSuite before 7.4.2-rev33 and 7.6.x before 7.6.0-rev16 allows remote attackers to inject arbitrary web script or HTML via a folder publication name.
  • CVE-2012-2583 - Cross-site scripting (XSS) vulnerability in Mini Mail Dashboard Widget plugin 1.42 for WordPress allows remote attackers to inject arbitrary web script or HTML via the body of an email.