exploit-db-skill

Exploit-DB Skill Cross-Platform Small cross-platform helper...

Exploit for Path Traversal in Cybelsoft Thinvnc

CVE-2019-17662 Python implementation of CVE-2019-17662 Tiny...

DVD X Player 5.5.3 - .plf Buffer Overflow Exploit

Exploit for windows platform in category local exploits !/usr/bin/env python Exploit Title: DVD X Player 5.5.3 Buffer Overflow Date: 20.03.2019 Exploit Author: Paolo Perego - email protected Vendor Homepage: http://www.dvd-x-player.com Software Link:...

Splinterware System Scheduler Pro 5.12 Buffer Overflow

!/usr/bin/python Exploit Author: bzyo Twitter: @bzyo Exploit Title: Splinterware System Scheduler Pro 5.12 - Local Buffer Overflow SEH Date: 07-21-18 Vulnerable Software: System Scheduler Pro 5.12 Vendor Homepage: https://www.splinterware.com Version: 5.12 Software Link:...

FreeBSD 7.3 to 9.0-RC1 privilege escalation/denial of service

Buffer overflow in the 'Linux emulation' support in FreeBSD kernel allows local users to cause a denial of service panic and possibly execute arbitrary code by calling the bind system call with a long path for a UNIX-domain socket, which is not properly handled when the address is used by other...

Juniper Junos libgd Compressed GD2 Data RCE (JSA10798)

According to its self-reported version number, the remote Juniper Junos device is affected by an integer signedness error in the included GD Graphics Library libgd when handling compressed GD2 data due to improper validation of user-supplied input. An unauthenticated, remote attacker can exploit...

PHP Utility Belt remote code execution vulnerability verification and analysis-vulnerability warning-the black bar safety net

! PHP Utility Belt is a tool for PHP application developers use a set of tools that can be used to test regular expressions and observed with pregmatch and pregmatchall function to match the observed pregreplate the result of the function; contains two words, two numbers with a capital letter and...

Cacti Superlinks 1.4-2 Code Execution / LFI / SQL Injection Vulnerabilities

Cacti Superlinks version 1.4-2 suffers from code execution via local file inclusion, and remote SQL injection vulnerabilities. !/bin/sh Exploit Title: Cacti - Superlinks Plugin 1.4-2 RCELFI via SQL Injection Date: 19/12/2014 Exploit Author: Wireghoul Software Link:...

Cacti Superlinks 1.4-2 Code Execution / LFI / SQL Injection

!/bin/sh Exploit Title: Cacti - Superlinks Plugin 1.4-2 RCELFI via SQL Injection Date: 19/12/2014 Exploit Author: Wireghoul Software Link: http://docs.cacti.net/plugin:superlinks Identifiers: CVE-2014-4644, EDB-ID-33809 Exploit explanation through inline comments Patch provided at the end This is...

Cacti Superlinks Plugin 1.4-2 - SQL Injection Local File Inclusion

Cacti Superlinks Plugin 1.4-2 - SQL Injection Local File Inclusion !/bin/sh Exploit Title: Cacti - Superlinks Plugin 1.4-2 RCELFI via SQL Injection Date: 19/12/2014 Exploit Author: Wireghoul Software Link: http://docs.cacti.net/plugin:superlinks Identifiers: CVE-2014-4644, EDB-ID-33809 Exploit...

Cacti Superlinks Plugin 1.4-2 - SQL Injection / Local File Inclusion

!/bin/sh Exploit Title: Cacti - Superlinks Plugin 1.4-2 RCELFI via SQL Injection Date: 19/12/2014 Exploit Author: Wireghoul Software Link: http://docs.cacti.net/plugin:superlinks Identifiers: CVE-2014-4644, EDB-ID-33809 Exploit explanation through inline comments Patch provided at the end This is...

F5 Networks BIG-IP : Directory Traversal and File Deletion (ID 363027)

The 'properties.jsp' and 'tmui/Control/form' contain a flaw in how user-supplied parameters are validated, specifically the 'name' parameter. An authenticated user with the role of 'Resource Administrator' or 'Administrator' can exploit this flaw to arbitrarily enumerate and subsequently delete...

VMware vCenter Operations Management Bash Vulnerabilities (VMSA-2014-0010) (Shellshock)

The version of VMware vCenter Operations Manager installed on the remote host is prior to 5.7.3 / 5.8.3. It is, therefore, affected by the environmental variable command injection vulnerability known as 'Shellshock'. C Tenable Network Security, Inc. include'compat.inc'; if description...

Solaris 9 (x86) : 149080-02

SunOS 5.9x86: bash patch. Date this patch was last updated by Sun : Sep/30/14 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text in this plugin was extracted from the Oracle SunOS Patch Updates. include'deprecatednasllevel.inc'; include'compat.inc'; if description...

Solaris 10 (sparc) : 126546-06

SunOS 5.10: bash patch. Date this patch was last updated by Oracle : Sep/26/14 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text in this plugin was extracted from the Oracle SunOS Patch Updates. include'deprecatednasllevel.inc'; include'compat.inc'; if description...

Open & Compact FTPd 1.2 Pre-Authentication Buffer Overflow (meta)

No description provided by source. Exploit Title: Open & Compact FTPd 1.2 Pre-Authentication Buffer Overflow MSF Date: March 14, 2010 Author: Blake Version: 1.2 Tested on: XP SP3 Exploit causes the ftp server to crash so adduser, etc. payloads are most effective. require 'msf/core' class...

ScriptFTP 3.3 - Remote Buffer Overflow (MSF)

No description provided by source. Exploit Title: ScriptFTP 3.3 Remote Buffer Overflow MSF Date: Sept 20 2011 Author: otoy Version: 3.3 Tested on: Windows XP SP3 CVE : - EDB-ID: 17876 Thanks: cyb3r.anbu, spentera-team, dE-team, offsec, exploit-db, corelanc0d3r class Metasploit3 Msf::Exploit::Remo...

ApPHP MicroBlog 1.0.1 - Remote Command Execution Exploit

No description provided by source. !/usr/bin/python import random import hashlib import urllib from base64 import b64encode as b64 import sys import re Exploit Title: Python exploit for ApPHP MicroBlog 1.0.1 Free Version - RCE Exploit Author: LOTFREE Version: ApPHP MicroBlog 1.0.1 Free Version...

McAfee VirusScan Enterprise for Linux OpenSSL Information Disclosure (SB10071) (Heartbleed)

The remote host has a version of McAfee VirusScan Enterprise for Linux VSEL that is affected by an information disclosure due to a flaw in the OpenSSL library, commonly known as the Heartbleed bug. An attacker could potentially exploit this vulnerability repeatedly to read up to 64KB of memory fr...

HP Systems Insight Manager < 7.2 Multiple Vulnerabilities

The version of HP Systems Insight Manager installed on the remote Windows host is affected by vulnerabilities in the included Flash components. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if description scriptid72963;...