Lastest MorXploit:

Title Author Date
New! Exploit Google Voice private number disclosure Simo Ben youssef 2014-04-04
New! Exploit Adobe Multiple Web Vulnerabilities exploit Simo Ben youssef 2014-27-03
New! Exploit Kloxo remote root exploit Simo Ben youssef 2014-26-02
New! Paper Smashing Bitcoin BrainWallets for fun and profit! paper Simo Ben youssef 2014-30-01
 Exploit Zimbra file inclusion/Shell upload exploit Simo Ben youssef 2014-24-01
 Exploit Zimbra file inclusion/Admin account creation exploit Simo Ben youssef 2014-21-01
Tool MorXAntiRE v1.5 Anti reverse code engineering and dynamic analysis tool Ayoub Faouzi 2013-28-12
Updated! Exploit Cisco Linksys CSRF password change exploit Simo Ben youssef 2013-12-12
 Tool MorXCrack v1.2: Multi-Algorithm/CMS password cracking tool Simo Ben youssef 2013-15-11
Tool MorXBrute v1.01 Beta: HTTP password cracking tool Simo Ben youssef 2013-08-11
 Exploit PHP + Apache remote code execution exploit Simo Ben youssef 2013-03-11
Exploit vBulletin remote admin injection exploit Simo Ben youssef 2013-18-09
Tool MorxBook: Facebook dictionary-attack based tool Simo Ben youssef 2013-17-04

Latest CVE Feed:

  • CVE-2014-4980 - The /server/properties resource in Tenable Web UI before 2.3.5 for Nessus 5.2.3 through 5.2.7 allows remote attackers to obtain sensitive information via the token parameter.
  • CVE-2014-4503 (cgminer, sgminer) - The parse_notify function in util.c in sgminer before 4.2.2 and cgminer 3.3.0 through 4.0.1 allows man-in-the-middle attackers to cause a denial of service (application exit) via a crafted (1) bbversion, (2) prev_hash, (3) nbit, or (4) ntime parameter in a mining.notify action stratum message.
  • CVE-2014-3939 (sketchbook_pro) - Heap-based buffer overflow in Autodesk SketchBook Pro before 6.2.6 allows remote attackers to execute arbitrary code via crafted layer bitmap data in a PXD file.
  • CVE-2014-4501 (bfgminer, cgminer, sgminer) - Multiple stack-based buffer overflows in sgminer before 4.2.2, cgminer before 4.3.5, and BFGMiner before 3.3.0 allow remote pool servers to have unspecified impact via a long URL in a client.reconnect stratum message to the (1) extract_sockaddr or (2) parse_reconnect functions in util.c.
  • CVE-2014-4502 (bfgminer, sgminer) - Multiple heap-based buffer overflows in the parse_notify function in sgminer before 4.2.2, cgminer before 4.3.5, and BFGMiner before 4.1.0 allow remote pool servers to have unspecified impact via a (1) large or (2) negative value in the Extranonc2_size parameter in a mining.subscribe response and a crafted mining.notify request.
  • CVE-2014-3537 (cups, fedora, ubuntu_linux) - The web interface in CUPS before 1.7.4 allows local users in the lp group to read arbitrary files via a symlink attack on a file in /var/cache/cups/rss/.