CVE-2024-50636

PyMOL 2.5.0 contains a vulnerability in its "Run Script" function, which allows the execution of arbitrary Python code embedded within .PYM files. Attackers can craft a malicious .PYM file containing a Python reverse shell payload and exploit the function to achieve Remote Command Execution RCE...

4images 1.9 Remote Command Execution Vulnerability

Exploit Title: 4images 1.9 - Remote Command Execution Exploit Author: Andrey Stoykov Software Link: https://www.4homepages.de/download-4images Version: 1.9 Tested on: Ubuntu 20.04 To reproduce do the following: 1. Login as administrator user 2. Browse to "General" - " Edit Templates" - "Select...

CVE-2022-28561

There is a stack overflow vulnerability in the /goform/setMacFilterCfg function in the httpd service of Tenda ax12 22.03.01.21cn router. An attacker can obtain a stable shell through a carefully constructed payload...

Exploit for OS Command Injection in Gerapy

CVE-2021-43857 Gerapy prior to version 0.9.8 is vulnerable to...

exprolog

This is a Python script that exploits a vulnerability in Microsoft Exchange Server. The script is designed to target a specific version of the server and exploit a vulnerability to gain access to the system. Here is a summary of the script's functionality: 1. The script starts by importing the...

Exploit for CVE-2017-0143

MS17-010 🖥️ -h3x0v3rl0rd- ️⃣ CVE-2017-0143 Docker Usin...

Exploit for Link Following in Docker Desktop

CVE-2020-10665 Docker Desktop Local Privilege Escalation POC...

ACL Analytics 11.X - 13.0.0.579 - Arbitrary Code Execution

Exploit Title: Arbitrary Code Execution Google Dork: N/A Date: 03-07-2018 Exploit Author: Clutchisback1 Vendor Homepage: https://www.acl.com Software Link: https://www.acl.com/products/acl-analytics/ Version: 11.x - 13.0.0.579 Tested on: Windows 7 pro SP1 x86 Clutchisback1 ///\ I'll get OSCP one...

HP Client 9.19.08.17.9 - Command Injection

HP Client 9.19.08.17.9 - Command Injection Exploit Title: HP Client - Automation Command Injection Date: 10/10/2016 Exploit Author: SlidingWindow , Twitter: @kapilkhot Vendor Homepage: Previosuly HP, now http://www.persistentsys.com/ Version: Tested on version 7.9 but should work on 8.1, 9.0, 9.1...

Static-HTTP-Server-1.0-SEH

Notes: Multiple HTTP commands and headers are vulnerable to overflows and trigger an exception, but I was unable to control the SEH handler with anyting but configuration options in the http.ini. import os def fileCreate: print "\n Your current file directory is %s. " % os.getcwd try: File =...

Apple Mac OSX (Mavericks) - 'IOBluetoothHCIUserClient' Privilege Escalation

/ pwn.c, by @rpaleari and @joystick This PoC exploits a missing sign check in IOBluetoothHCIUserClient::SimpleDispatchWL. Tested on Mac OS X Mavericks 10.9.4/10.9.5. Compile with: gcc -Wall -o pwn,.c -framework IOKit / include include include include include uint64t payload / Your payload goes...

Minishare 1.5.5 - BoF Vulnerability (users.txt) - EggHunter -

No description provided by source. Exploit Title: Minishare 1.5.5 Buffer Overflow Vulnerability users.txt - EggHunter Version Date: 11/19/2010 Author: 0v3r Bug Found By: Chris Gabriel Software Link: http://sourceforge.net/projects/minishare Version: 1.5.5 Tested on: Windows XP SP3 EN CVE: N/A...

SonicWALL GMS 6 Arbitrary File Upload

This module exploits a code execution flaw in SonicWALL GMS. It exploits two vulnerabilities in order to get its objective. An authentication bypass in the Web Administration interface allows to abuse the "appliance" application and upload an arbitrary payload embedded in a JSP. The module has be...

Websense (Triton 7.6) Remote Command Execution

======= Summary ======= Name: Websense Triton 7.6 Unauthenticated remote command execution as SYSTEM Release Date: 30 April 2012 Reference: NGS00140 Discoverer: Ben Williams Vendor: Websense Vendor Reference: Systems Affected: Risk: Critical Status: Published ======== TimeLine ======== Discovered...

NGS00140 Technical Advisory: Websense Triton 7.6 - unauthenticated remote command execution as SYSTEM

======= Summary ======= Name: Websense Triton 7.6 Unauthenticated remote command execution as SYSTEM Release Date: 30 April 2012 Reference: NGS00140 Discoverer: Ben Williams [email protected] Vendor: Websense Vendor Reference: Systems Affected: Risk: Critical Status: Published ========...

Minishare 1.5.5 BoF Vulnerability (users.txt) EggHunter

Exploit for windows platform in category local exploits ======================================================= Minishare 1.5.5 BoF Vulnerability users.txt EggHunter ======================================================= Exploit Title: Minishare 1.5.5 Buffer Overflow Vulnerability users.txt -...

MiniShare 1.5.5 - 'users.txt' Local Buffer Overflow (Egghunter)

Exploit Title: Minishare 1.5.5 Buffer Overflow Vulnerability users.txt - EggHunter Version Date: 11/19/2010 Author: 0v3r Bug Found By: Chris Gabriel Software Link: http://sourceforge.net/projects/minishare Version: 1.5.5 Tested on: Windows XP SP3 EN CVE: N/A !/usr/bin/python Just rewrote the...

communitycms-rfi.txt

Persian Boys Hacking Team -:- 2008 -:- IRAN + - + - discovered by N3TR00T3R at Y! dot com + - communitycms-0.1 Remote File Includion + - download :http://sourceforge.net/project/showf...roupid=223968 + - sp tnx : Sp3shial,Veroonic4,GodMasterhacker,areptil,Ciph 3r,shayancmd +...

dproxy-nexgen (Linux x86) - Remote Buffer Overflow

dproxy-nexgen Linux x86 - Remote Buffer Overflow / dproxy-v1.c Copyright c 2007 by dproxy-nexgen remote root exploit x86-lnx by mu-b - Mar 2007 - Tested on: dproxy-nexgen .tar.gz This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public...

YahooPOPs 1.6 - SMTP Remote Buffer Overflow

YahooPOPs 1.6 - SMTP Remote Buffer Overflow //Diabolic Crab's exploit for YahooPOPs include include include include include include char scode = //Bind shell on port 101, taken from the windows exploit by class101 "\xEB"...