Iris ID IrisAccess iCAM4000/iCAM7000 - Hardcoded Credentials Remote Shell Access

Exploit for linux platform in category remote exploits Iris ID IrisAccess iCAM4000/iCAM7000 Hardcoded Credentials Remote Shell Access Vendor: Iris ID, Inc. Product web page: http://www.irisid.com http://www.irisid.com/productssolutions/irisaccesssystem/irisaccess4000/...

Iris ID IrisAccess iCAM4000/iCAM7000 - Hard-Coded Credentials Remote Shell Access

Iris ID IrisAccess iCAM4000/iCAM7000 Hardcoded Credentials Remote Shell Access Vendor: Iris ID, Inc. Product web page: http://www.irisid.com http://www.irisid.com/productssolutions/irisaccesssystem/irisaccess4000/ http://www.irisid.com/productssolutions/hardwareproducts/icam4000series/...

Vulnerabilities of the Debian GNU/Linux operating system that allow a remote attacker to compromise the accessibility of protected information

The multiple vulnerabilities in the krb5-rsh-server package of the Debian GNU/Linux operating system may lead to a violation of the accessibility of protected information. These vulnerabilities can be exploited remotely...

PCMan FTP Server 2.0.7 - 'ls' Remote Buffer Overflow (Metasploit)

=begin Exploit Title: WordPress Shopping Cart 3.0.4 Unrestricted File Upload Date: 22-06-2016 Software Link: https://www.exploit-db.com/apps/9fceb6fefd0f3ca1a8c36e97b6cc925d-PCMan.7z Exploit Author: quanyechavshuo Contact: [email protected] Website: http://xinghuacai.github.io Category: ft...

Pornhub: [phpobject in cookie] Remote shell/command execution

The researcher was able to exploit a vulnerable deserialization function in PHP leading to remote shell on a production server...

Gemtek CPE7000 - WLTCS-106 sysconf.cgi Unauthenticated Remote Command Execution (Metasploit)

Exploit for hardware platform in category web applications This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 'Gemtek CPE7000 - WLTCS-106 sysconf.cgi Unauthenticated Remote Command...

phpshe backend arbitrary file deletion vulnerability

PHPSHE is the online shopping mall building program. An arbitrary file deletion vulnerability exists in the backend of phpshe. Attackers can utilize the vulnerability to obtain unlimited shell...

Wordpress-Exploit-Framework - A Ruby framework for developing and using modules which aid in the penetration testing of WordPress powered websites and systems

A Ruby framework for developing and using modules which aid in the penetration testing of WordPress powered websites and systems. What do I need to run it? Ensure that you have Ruby 2.2.x installed on your system and then install all required dependencies by opening a command prompt / terminal in...

Wordpress VideoWhisper Video Conference Remote Shell Upload Exploit

Exploit for php platform in category web applications Exploit Title: Wordpress VideoWhisper Video Conference Remote Shell Upload Exploit Software Link: http://www.videowhisper.com/ Version:all Version Google dork1: inurl:/wp-content/plugins/VideoWhisper Video Conference/ Google dork2:...

WordPress S3 Video Remote Shell Upload

Exploit Title : Wordpress S3 Video Plugin file upload Author : Manish Kishan Tanwar AKA error1046 Vendor Link : http://plugins.svn.wordpress.org/s3-video/tags/0.91/ Affected Version: below version 0.91 Date : 9/12/2015 Love to : zero cool,Team indishell,Mannu,Viki,Hardeep Singh,Jagriti,Kishan Sin...

Seagate GoFlex Remote Shell

I have been scanning some ranges in my free time and came across a Seagate GoFlex Home Network Storage System which my scanner flagged as being vulnerable to shellshock but getting a remote shell was no easy task "for me anyway". I ended up having to build a payload with msfvenom and doing the...

Apple OS X RSH Code Execution Vulnerability

Apple OS X is an operating system developed by Apple Inc. Apple OS X RSH has a security vulnerability in the use of environment variables, which can be exploited by a local attacker to execute arbitrary code with ROOT privileges...

PCMan FTP Server 2.0.7 - GET Command Buffer Overflow

No description provided by source. !/usr/bin/python Exploit Title: PCMan's FTP Server v2.0 - GET command buffer overflow remote shell Date: 28 Aug 2015 Exploit Author: Koby Vendor Homepage: http://pcman.openfoundry.org/ Software Link:...

PCMan FTP Server 2.0.7 - GET Command Buffer Overflow Exploit

Exploit for windows platform in category remote exploits !/usr/bin/python Exploit Title: PCMan's FTP Server v2.0 - GET command buffer overflow remote shell Date: 28 Aug 2015 Exploit Author: Koby Vendor Homepage: http://pcman.openfoundry.org/ Version: 2.0.7 Tested on: Windows XP SP3 CVE : N/A impo...

PCMan FTP Server 2.0.7 - GET Remote Buffer Overflow

PCMan FTP Server 2.0.7 - GET Remote Buffer Overflow !/usr/bin/python Exploit Title: PCMan's FTP Server v2.0 - GET command buffer overflow remote shell Date: 28 Aug 2015 Exploit Author: Koby Vendor Homepage: http://pcman.openfoundry.org/ Software Link:...

PCMan FTP Server 2.0.7 - 'GET' Remote Buffer Overflow

!/usr/bin/python Exploit Title: PCMan's FTP Server v2.0 - GET command buffer overflow remote shell Date: 28 Aug 2015 Exploit Author: Koby Vendor Homepage: http://pcman.openfoundry.org/ Software Link: https://www.exploit-db.com/apps/9fceb6fefd0f3ca1a8c36e97b6cc925d-PCMan.7z Version: 2.0.7 Tested o...

Symantec Endpoint Protection Manager - Authentication Bypass / Code Execution (Metasploit)

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit4 'Symantec Endpoint Protection Manager Authentication Bypass and Code Execution', 'Description' = %q This module exploits three separa...

Symantec Endpoint Protection Manager Authentication Bypass / Code Execution

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit4 'Symantec Endpoint Protection Manager Authentication Bypass and Code Execution', 'Description' = %q This module exploits three separa...

Symantec Endpoint Protection Manager Authentication Bypass / Code Execution Exploit

This Metasploit module exploits three separate vulnerabilities in Symantec Endpoint Protection Manager in order to achieve a remote shell on the box as NT AUTHORITY\SYSTEM. The vulnerabilities include an authentication bypass, a directory traversal and a privilege escalation to get privileged cod...

Microsoft Windows Server 2003 SP2 - TCP/IP IOCTL Privilege Escalation (MS14-070)

/ Exploit Title: Windows 2k3 SP2 TCP/IP IOCTL Privilege Escalation MS14-070 Date: 2015-08-10 Exploit Author: Tomislav Paskalev Vulnerable Software: Windows 2003 SP2 x86 Windows 2003 SP2 x86-64 Windows 2003 SP2 IA-64 Supported vulnerable software: Windows 2003 SP2 x86 Tested on: Windows 2003 SP2 x...