3100 matches found
CVE-2019-15949
Nagios XI
VX Search Enterprise 10.4.16 Denial Of Service
Exploit Title: VX Search Enterprise v10.4.16 DoS Google Dork: N/A Date: 17.01.2018 Exploit Author: James Chamberlain chumb0 Vendor Homepage: http://www.vxsearch.com/downloads.html Software Link: http://www.vxsearch.com/setups/vxsearchentsetupv10.4.16.exe Version: v10.4.16 Tested on: Windows 7 Hom...
openITCOCKPIT 3.6.1-2 - Cross-Site Request Forgery Exploit
Exploit for php platform in category web applications Exploit Title: openITCOCKPIT 3.6.1-2 - CSRF 2 RCE Google Dork: N/A Exploit Author: Julian Rittweger Vendor Homepage: https://openitcockpit.io/ Software Link: https://github.com/it-novum/openITCOCKPIT/releases/tag/openITCOCKPIT-3.6.1-2 Fixed in...
Webmin password_change.cgi backdoor
Added: 08/26/2019 Background Webmin is a web-based interface for system administration of Unix systems. The Webmin web server listens by default on port 10000/tcp. Problem A backdoor in Webmin allows a remote attacker to execute arbitrary commands by sending a POST request for passwordchange.cgi...
LSoft ListServ Cross Site Scripting
Exploit Title: LSoft ListServ 2. http://127.0.0.1/scripts/wa.exe?OK= References: 1. http://www.lsoft.com/manuals/16.5/LISTSERV16.5-2018aWhatsNew.pdf 2. https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15501...
Exploit for Use After Free in Microsoft
sectoolset -- Github安全相关工具集合 主要内容: 0x00 漏洞利用实战练习&CTF安全竞赛 0x01 安全扫描器 0x02 安全防守 0x03 渗透测试 0x04 漏洞库及利用工具(POC,EXP 0x05 二进制及代码分析工具 0x06 威胁情报&蜜罐 0x07 安全文档资料 0x11 所有内容 乌云镜像 乌云镜像 乌云镜像,河蟹 近期安全热点 CVE-2019-10173 Xstream 远程代码执行漏洞 Linux 内核报TCP SACK漏洞 CVE-2019-11477/78/79,请尽快处理 漏洞预警Weblogic最新反序列化远程命令执行漏洞绕过...
Web Wiz Forums 12.01 SQL Injection
Exploit Title: Web Wiz Forums 12.01 - 'PF' SQL Injection Date: 2019-09-16 Exploit Author: n1x MS-WEB Vendor Homepage: https://www.webwiz.net/web-wiz-forums/forum-downloads.htm Version: 12.01 Tested on Windows Vulnerable parameter: PF memberprofile.asp GET Request GET /memberprofile.asp?PF=10'...
Woody Ad Snippets < 2.2.6 - Arbitrary Post Deletion
The adminInit function of the admin/includes/class.actions.snippets.php file, registered as an admininit hook did not have any CSRF or capability checks for its close action, allowing unauthenticated users to delete arbitrary posts from the blog...
Ultimate Loan Manager 2.0 - Cross-Site Scripting Vulnerability
Exploit for multiple platform in category web applications Exploit Title:Web Studio Ultimate Loan Manager V2.0 - Persistent Cross Site Scripting Exploit Author: Metin Yunus Kandemir kandemir Vendor Homepage: http://www.webstudio.co.zw/ Software Link:...
SDL_image XCF Image Code Execution Vulnerability
Summary An exploitable code execution vulnerability exists in the XCF image rendering functionality of SDL2image 2.0.4. A specially crafted XCF image can cause a heap overflow, resulting in code execution. An attacker can display a specially crafted image to trigger this vulnerability. Tested...
Exploit for Integer Overflow or Wraparound in Linux Linux_Kernel
cve-2019-11477-poc Simple Test 1. Start two VMs - one for...
Comtrend AR-5310 Restricted Shell Escape
Exploit Title: Comtrend-AR-5310 - Restricted Shell Escape Date: 2019-07-20 Exploit Author: AMRI Amine Vendor Homepage: https://www.comtrend.com/ Version: GE31-412SSG-C01R10.A2pG039u.d24k Tested on: Linux busybox TL;DR: A local user can bypass the restricted shell using the command substitution...
Comtrend-AR-5310 - Restricted Shell Escape
Comtrend-AR-5310 - Restricted Shell Escape Exploit Title: Comtrend-AR-5310 - Restricted Shell Escape Date: 2019-07-20 Exploit Author: AMRI Amine Vendor Homepage: https://www.comtrend.com/ Version: GE31-412SSG-C01R10.A2pG039u.d24k Tested on: Linux busybox TL;DR: A local user can bypass the...
MyT Project Management 1.5.1 - User[username] Persistent Cross-Site Scripting
Exploit Title: MyT Project Management - Userusername Stored Cross Site Scripting Exploit Author: Metin Yunus Kandemir kandemir Vendor Homepage: https://manageyourteam.net/index.html Software Link: https://sourceforge.net/projects/myt/files/latest/download Version: 1.5.1 Category: Webapps Tested o...
Appointment Hour Booking <= 1.1.45 - Stored Cross-Site Scripting (XSS)
It is possible for an unauthenticated user to inject malicious JavaScript into a booking form, which will then be executed when an authenticated user views the booking in the WordPress admin interface. POST /booking-form/ HTTP/1.1 Host: test.local User-Agent: Mozilla/5.0 Macintosh; Intel Mac OS X...
WP Slimstat <= 4.8.3 - CSRF to Stored XSS and Setting Updates
Lack of CSRF check and sanitisation in the updatesettings function can lead to settings update, as well as Stored XSS issues /wp-admin/admin.php?page=slimconfig&tab=1" method="POST" ' /...
Apache mod_ssl 2.8.7 OpenSSL - OpenFuckV2.c Remote Buffer Overflow (2)
Apache modssl 2.8.7 OpenSSL - OpenFuckV2.c Remote Buffer Overflow 2 / OF version r00t VERY PRIV8 spabam Version: v3.0.4 Requirements: libssl-dev apt-get install libssl-dev Compile with: gcc -o OpenFuck OpenFuck.c -lcrypto objdump -R /usr/sbin/httpd|grep free to get more targets hackarena...
Newsletter Lite < 4.6.19 - Multiple Issues
- Lack of CSRF, Authorisation and sanitisation checks in the ajaxloadneweditor function, registered as an AJAX method, can lead to an authenticated reflected XSS issue. - Authenticated Directory Traversal leading to RCE XSS: As an authenticated user with a role as low as a Subscriber, open...
SAPIDO RB-1732 Remote Command Execution
Exploit Title: SAPIDO RB-1732 command line execution Date: 2019-6-24 Exploit Author: k1nm3n.aotoi Vendor Homepage: http://www.sapido.com.tw/ Software Link: http://www.sapido.com.tw/CH/data/Download/firmware/rb1732/tc/RB-1732TCv2.0.43.bin Version: RB-1732 V2.0.43 Tested on: linux import requests...
CVE-2017-10720
CVE-2017-10720 concerns the Shekar Endoscope desktop software. The issue is a stack overflow in the desktop application when more than 26 characters are provided for the Wi‑Fi name. The vulnerable code path involves the DLL avilib.dll and a function flow culminating in a memmove call that uses a ...