Exploit for CVE-2017-0143

MS17-010 🖥️ -h3x0v3rl0rd- ️⃣ CVE-2017-0143 Docker Usin...

Exploit for CVE-2017-0143

MS17-010 🖥️ -h3x0v3rl0rd- ️⃣ CVE-2017-0143 Docker Usin...

Notex the best notes 6.4 - Denial of Service Exploit

Exploit Title: Notex the best notes 6.4 - Denial of Service PoC Author: Geovanni Ruiz Download Link: https://apps.apple.com/us/app/notex-the-best-notes/id847994217 Version: 6.4 Category: DoS iOS Vulnerability Notex – the best notes is vulnerable to a DoS condition when a long list of characters i...

TP-Link WDR4300 Remote Code Execution

!/usr/bin/python3 import sys import hashlib import base64 import requests import binascii import socket """ RCE via stack-based overflow on TP-Link WDR4300 N750 devices, using CVE-2017-13772. Tested on Firmware versions 3.13.33, Build 130618 and 3.14.3 Build 150518, hardware WDR4300 v1 Usage: 1...

DeviceViewer 3.12.0.1 - 'creating user' Denial of Service

!/usr/bin/python Exploit Title: DeviceViewer 3.12.0.1 - 'creating user' DOS buffer overflow Date: 9/23/2019 Exploit Author: x00pwn Vendor Homepage: http://www.sricam.com/ Software Link: http://download.sricam.com/Manual/DeviceViewer.exe Version: v3.12.0.1 Tested on: Windows 7 Steps to reproduce: ...

XooDigital - 'p' SQL Injection

Exploit Title: XooDigital - 'p' SQL Injection Date: 26.03.2019 Exploit Author: Ahmet Ümit BAYRAM Vendor Homepage: https://xooscripts.com/product/digital-download-protection-script.html Demo Site: http://xooscripts.com/demos/xoodigital/ Version: Lastest Tested on: Kali Linux CVE: N/A ----- PoC :...

Joomla Acajoom 5.1.5 SQL Injection

Exploit Title : Joomla Acajoom Components 5.1.5 SQL Injection Author Discovered By : KingSkrupellos Team : Cyberizm Digital Security Army Date : 05/02/2019 Vendor Homepage : joobi.org Software Information Link : joobi.org/acajoom.html Software Version : 5.1.5 Tested On : Windows and Linux Categor...

Rapidly Growing Router Botnet Takes Advantage of 5-Year-Old Flaw

A fresh botnet is spreading across the landscape, targeting router equipment. So far, hundreds of thousands of bot endpoints have already been identified, and they’re apparently being marshaled to send out massive amounts of spam. The botnet first emerged in September, according to 360Netlab...

Ruby on Rails: Untrusted strings that are cache fetched with raw option are automatically marshal loaded

This vulnerability effects application code that caches a string from an untrusted source using the raw: true option. For example, vulnerable application code might looks something like the following ruby body = Rails.cache.fetchkey, raw: true, expiresin: ttl do res = Net::HTTP.getresponseremoteu...

Auto Dealership & Vehicle Showroom WebSys 1.0 - XSS / CSRF / Authentication Bypass Vulnerabiliti

Exploit for php platform in category web applications Exploit Title: Auto Dealership & Vehicle Showroom WebSys 1.0 - Persistent Cross-Site Scripting / Cross-Site Request Forgery / Admin panel Authentication bypass Exploit Author: Borna nematzadeh L0RD or email protected Vendor Homepage:...

Hashicorp vagrant-vmware-fusion 4.0.23 - Local Privilege Escalation

A couple of weeks ago I disclosed a local root privesc in Hashicorp's vagrant-vmware-fusion plugin: https://m4.rkw.io/blog/cve20177642-local-root-privesc-in-hashicorp-vagrantvmw... The initial patch they released was 4.0.21 which unfortunately contained a bug that prevented it from working at all...

Hashicorp vagrant-vmware-fusion 4.0.23 Local Root Privilege Escalation

CVE-2017-11741 Local root privesc in Hashicorp vagrant-vmware-fusion = 4.0.23 2 Aug 2017 06:49 A couple of weeks ago I disclosed a local root privesc in Hashicorp's vagrant-vmware-fusion plugin: https://m4.rkw.io/blog/cve20177642-local-root-privesc-in-hashicorp-vagrantvmwarefusion--4020.html The...

Samba Vulnerability: Dancing Its Way to a Network Near You

OverviewToday, a new vulnerability affecting the widely used Samba software was released. Samba is the SMB/CIFS protocol commonly used in NIX operating systems. CVE-2017-7494 has the potential to impact many systems around the world. This vulnerability could allow a user to upload a shared librar...

The use of Python code implementing the Web application of the injection-vulnerability warning-the black bar safety net

Vulnerability overview If your Web application exists in the Python code injection vulnerability, the attacker can use your Web applications to your back-end server of the Python parser to send malicious Python code. This also means that if you can on the target server execute Python code, you ca...

3dCart 7.3.0 Cross Site Scripting

Affected software: 3d cart Type of vulnerability: xss URL: http://3dcart.com/ Discovered by: g33t Website: http://www.securitybulls.com/ Description: Hosted Shopping Cart Software to Build an Online Store Proof of concept /admin/demomoderestrictions.asp?back=Xss Payload Payload: "...

Disk Sorter Enterprise 9.0.24 - Login Remote Buffer Overflow

Disk Sorter Enterprise 9.0.24 - Login Remote Buffer Overflow !/usr/bin/python print "Disk Sorter Enterprise 9.0.24 Buffer Overflow Exploit" print "Author: Tulpa / tulpaattulpa-securitydotcom" Author website: www.tulpa-security.com Author twitter: @tulpasecurity Exploit will land you NT...

Path Traversal via CSRF in bitrix.xscan Bitrix Module

High-Tech Bridge Security Research Lab discovered vulnerability in bitrix.xscan Bitrix module, intended to discover and neutralize malware on the website. The vulnerability can be exploited to change extension of arbitrary PHP files on the target system and gain access to potentially sensitive...

TeamSpeak Client 3.0.18.1 RFI / Traversal / Code Execution

Exploit Title: "PwnSpeak" a 0day Exploit for TeamSpeak Client / 0x6FB30B11 my pgp keyid Vendor Homepage: https://www.teamspeak.com/ Application: TeamSpeak 3 Version: TeamSpeak3 Client 3.0.0 - 3.0.18.1 Platforms: Windows, Mac OS X and Linux Exploitation: Remote Risk : Very High ========= The Bug...

TeamSpeak Client <= 3.0.18.1 - RFI to RCE Exploit

Exploit for windows platform in category remote exploits Exploit Title: "PwnSpeak" a 0day Exploit for TeamSpeak Client / 0x6FB30B11 my pgp keyid Vendor Homepage: https://www.teamspeak.com/ Application: TeamSpeak 3 Version: TeamSpeak3 Client 3.0.0 - 3.0.18.1 Platforms: Windows, Mac OS X and Linux...

Adobe Flash Player Shader Buffer Overflow

No description provided by source. This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 Msf::Exploit::Remote Rank = NormalRanking include Msf::Exploit::Remote::BrowserExploitServer def...