23 matches found
Hasura GraphQL 2.2.0 - Information Disclosure Exploit
Exploit Title: Hasura GraphQL 2.2.0 - Information Disclosure Software: Hasura GraphQL Community Software Link: https://github.com/hasura/graphql-engine Version: 2.2.0 Exploit Author: Dolev Farhi Tested on: Ubuntu import requests SERVERADDR = 'x.x.x.x' url = 'http:///v1/metadata'.formatSERVERADDR...
Apache Superset 1.1.0 - Time-Based Account Enumeration Exploit
Exploit Title: Apache Superset 1.1.0 - Time-Based Account Enumeration Author: Dolev Farhi Vendor Homepage: https://superset.apache.org/ Version: 1.1.0 Tested on: Ubuntu import sys import requests import time scheme = 'http' host = '192.168.1.1' port = 8080 change with your wordlist usernames =...
WordPress Plugin WPGraphQL 1.3.5 - Denial of Service
Exploit Title: WordPress Plugin WPGraphQL 1.3.5 - Denial of Service Author: Dolev Farhi Date: 2021-04-12 Vendor Homepage: https://www.wpgraphql.com/ Version: 1.3.5 Tested on: Ubuntu """ This attack uses duplication of fields amplified by GraphQL batched queries, resulting in server OOM and MySQL...
Hasura GraphQL 1.3.3 - Remote Code Execution Exploit
Exploit Title: Hasura GraphQL 1.3.3 - Remote Code Execution Software: Hasura GraphQL Software Link: https://github.com/hasura/graphql-engine Version: 1.3.3 Exploit Author: Dolev Farhi Date: 4/23/2021 Tested on: Ubuntu import requests import sys HASURASCHEME = 'http' HASURAHOST = '192.34.57.144'...
Hasura GraphQL 1.3.3 Remote Code Execution
Exploit Title: Hasura GraphQL 1.3.3 - Remote Code Execution Software: Hasura GraphQL Software Link: https://github.com/hasura/graphql-engine Version: 1.3.3 Exploit Author: Dolev Farhi Date: 4/23/2021 Tested on: Ubuntu import requests import sys HASURASCHEME = 'http' HASURAHOST = '192.34.57.144'...
Hasura GraphQL 1.3.3 - Remote Code Execution
Exploit Title: Hasura GraphQL 1.3.3 - Remote Code Execution Software: Hasura GraphQL Software Link: https://github.com/hasura/graphql-engine Version: 1.3.3 Exploit Author: Dolev Farhi Date: 4/23/2021 Tested on: Ubuntu import requests import sys HASURASCHEME = 'http' HASURAHOST = '192.34.57.144'...
Hasura GraphQL 1.3.3 Arbitrary File Read
Exploit Title: Hasura GraphQL 1.3.3 - Local File Read Software: Hasura GraphQL Software Link: https://github.com/hasura/graphql-engine Version: 1.3.3 Exploit Author: Dolev Farhi Date: 4/19./2021 Tested on: Ubuntu import requests import sys HASURASCHEME = 'http' HASURAHOST = '192.168.1.1' HASURAPO...
Hasura GraphQL 1.3.3 - Service Side Request Forgery (SSRF)
Exploit Title: Hasura GraphQL 1.3.3 - Service Side Request Forgery SSRF Software: Hasura GraphQL Software Link: https://github.com/hasura/graphql-engine Version: 1.3.3 Exploit Author: Dolev Farhi Date: 4/19/2021 Tested on: Ubuntu import requests HASURASCHEME = 'http' HASURAHOST = '192.168.1.1'...
WordPress WPGraphQL plugin <= 1.3.5 - Denial of Service vulnerability
Denial of Service vulnerability discovered by Dolev Farhi in WordPress WPGraphQL plugin versions = 1.3.5. Solution Update the WordPress WPGraphQL plugin to the latest available version at least 1.3.6...
M/Monit 3.7.4 Privilege Escalation
Title: M/Monit 3.7.4 - Privilege Escalation Author: Dolev Farhi Date: 2020-07-09 Vendor Homepage: https://mmonit.com/ Version : 3.7.4 import sys import requests url = 'http://youriphere:8080' username = 'test' password = 'test123' sess = requests.Session sess.gethost def login: print'Attempting t...
VirtualTablet Server 3.0.2 - Denial of Service Exploit
Title: VirtualTablet Server 3.0.2 - Denial of Service PoC Author: Dolev Farhi Vulnerable version: 3.0.2 14 Link: http://www.sunnysidesoft.com/ CVE: N/A from thrift import Thrift from thrift.transport import TSocket from thrift.transport import TTransport from thrift.protocol import TBinaryProtoco...
RabbitMQ Web Management < 3.7.6 - Cross-Site Request Forgery Vulnerability
Exploit for linux platform in category web applications Exploit Title: RabbitMQ Web Management Add RabbitMQ Admin window.onload = rabbit.submit 0day.today 2018-06-18...
RabbitMQ Web Management 3.7.6 - Cross-Site Request Forgery (Add Admin)
RabbitMQ Web Management 3.7.6 - Cross-Site Request Forgery Add Admin Exploit Title: RabbitMQ Web Management Add RabbitMQ Admin window.onload = rabbit.submit...
userSpice 4.3.24 - Username Enumeration
userSpice 4.3.24 - Username Enumeration Exploit Title: userSpice 4.3.24 - Username Enumeration Date: 2018-06-10 Author: Dolev Farhi Vendor or Software Link: www.userspice.com Version: 4.3.24 Tested on: Ubuntu import sys import os.path import requests print"+ UserSpice 4.3.24 Username Enumeration"...
userSpice 4.3.24 - Username Enumeration Exploit
Exploit for php platform in category web applications Exploit Title: userSpice 4.3.24 - Username Enumeration Author: Dolev Farhi Vendor or Software Link: www.userspice.com Version: 4.3.24 Tested on: Ubuntu import sys import os.path import requests print"+ UserSpice 4.3.24 Username Enumeration" if...
userSpice 4.3.24 Username Enumeration
Exploit Title: userSpice 4.3.24 - Username Enumeration Date: 2018-06-10 Author: Dolev Farhi Vendor or Software Link: www.userspice.com Version: 4.3.24 Tested on: Ubuntu import sys import os.path import requests print"+ UserSpice 4.3.24 Username Enumeration" if lensys.argv != 3: print 'Usage:',...
userSpice 4.3.24 - Username Enumeration
Exploit Title: userSpice 4.3.24 - Username Enumeration Date: 2018-06-10 Author: Dolev Farhi Vendor or Software Link: www.userspice.com Version: 4.3.24 Tested on: Ubuntu import sys import os.path import requests print"+ UserSpice 4.3.24 Username Enumeration" if lensys.argv != 3: print 'Usage:',...
Cobbler 2.8.0 - (Authenticated) Remote Code Execution
!/usr/bin/python """ Exploit title: Cobbler 2.8.x Authenticated RCE. Author: Dolev Farhi Contact: dolevf at protonmail.com @hack6tence Date: 03-16-2017 Vendor homepage: cobbler.github.io Software version: v.2.5.160805 Software Description ===================== Cobbler is a Linux installation serv...
ntop-ng 2.5.160805 Username Enumeration
Exploit title: ntopng user enumeration Author: Dolev Farhi Contact: dolevf at protonmail.com Date: 04-08-2016 Vendor homepage: ntop.org Software version: v.2.5.160805 !/usr/env/python import os import sys import urllib import urllib2 import cookielib server = 'ip.add.re.ss' username = 'ntopng-use...
M/Monit 3.2.2 Cross Site Request Forgery Vulnerability
M/Monit versions 3.2.2 and below suffer from multiple cross site request forgery vulnerabilities. Application: M/Monit 3.2.2 Author: Dolev Farhi @dolevff Date: 13.9.2014 Relevant CVEs: CVE-2014-6409, CVE-2014-6607 Vulnerable version: CSRF poc M/monit 3. Mitigation Software vendor confirmed the...