RemShutdown 2.9.0.0 - (Name) Denial of Service Exploit

Exploit Title: RemShutdown 2.9.0.0 - 'Name' Denial of Service PoC Exploit Author : Ismail Tasdelen Vendor Homepage : http://www.nsauditor.com/ Link Software : http://www.nsauditor.com/downloads/remshutdownsetup.exe Tested on OS: Windows 10 CVE : N/A ''' Proof of Concept PoC: =====================...

XMedia Recode 3.4.8.6 - '.m3u' Denial Of Service

Exploit Title: XMedia Recode 3.4.8.6 - '.m3u' Denial Of Service Exploit Author : ZwX Exploit Date: 2019-11-18 Vendor Homepage : https://www.xmedia-recode.de/ Link Software : https://www.xmedia-recode.de/download.php Tested on OS: Windows 7 Social: twitter.com/ZwX2a contact: [email protected] ''' Proof...

Schneider Electric Modicon M580 UMAS set breakpoint denial-of-service vulnerability

Summary An exploitable denial-of-service vulnerability exists in the UMAS set breakpoint functionality of the Schneider Electric Modicon M580 Programmable Automation Controller, firmware version SV2.70. A specially crafted UMAS command can cause the device to enter a non-recoverable fault state,...

Schneider Electric Modicon M580 UMAS memory block write denial-of-service vulnerability

Summary An exploitable denial-of-service vulnerability exists in the UMAS memory block write functionality of the Schneider Electric Modicon M580 Programmable Automation Controller, firmware version SV2.70. A specially crafted UMAS command can cause the device to enter a non-recoverable fault...

Schneider Electric Modicon M580 UMAS read system blocks and bits information disclosure vulnerability

Summary An exploitable information disclosure vulnerability exists in the UMAS Read System Blocks and Bits functionality of the Schneider Electric Modicon M580 Programmable Automation Controller, firmware version SV2.70. A specially crafted UMAS command can cause the device to return blocks of...

Lyric Video Creator 2.1 - (.mp3) Denial of Service Exploit

-- coding: utf-8 -- Exploit Title: Lyric Video Creator 2.1 - '.mp3' Denial of Service PoC Author: Alejandra Sánchez Vendor Homepage: https://lyricvideocreator.com/ Software Link: https://lyricvideocreator.com/dwl/LyricVideoCreator.exe Version: 2.1 Tested on: Windows 10 Proof of Concept: 1.- Run t...

gif2apng 1.9 - .gif Stack Buffer Overflow

gif2apng 1.9 - .gif Stack Buffer Overflow Exploit Title: gif2apng 1.9 '.gif' Stack-Buffer Overflow Date: 20 April 2018 Exploit Author: Hamm3r.py Vendor Homepage: http://gif2apng.sourceforge.net/ Version: 1.9 Tested on: Ubuntu 16.04 CVE : gif2apng is vulnerable to a stack based buffer overflow whe...

Moxa EDR-810 Web Server URI Denial of Service Vulnerability(CVE-2017-12124)

Summary An exploitable denial of service vulnerability exists in the web server functionality of Moxa EDR-810 V4.1 build 17030317. A specially crafted HTTP URI can cause a null pointer dereference resulting in the web server crashing. An attacker can send a crafted URI to trigger this...

Frog CMS 0.9.5 Cross Site Request Forgery

Exploit Title:aa Cross Site Request Forgery- Frog CMS Date: 31-03-2018 Exploit Author: Samrat Das Contact: http://twitter.com/SamratDas93 Website: https://securitywarrior9.blogspot.in/ Vendor Homepage: https://github.com/philippe/FrogCMS Version: 0.9.5 CVE : CVE-2018-8908 Category: Webapp CMS 1...

Advanced Real Estate Script 4.0.7 - SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: Advanced Real Estate Script 4.0.7 - SQL Injection Dork: N/A Date: 10.12.2017 Vendor Homepage: https://www.phpscriptsmall.com/ Software Link: https://www.phpscriptsmall.com/product/advanced-real-estate-script/ Demo:...

Microsoft Excel - OLE Arbitrary Code Execution Exploit

Exploit for windows platform in category dos / poc Title: MS Office Excel all versions Arbitrary Code Execution Vulnerability Date: September 30th, 2017. Author: Eduardo Braun Prado Vendor Homepage: http://www.microsoft.com/ Software Link: https://products.office.com/ Version: 2007,2010,2013,2016...

Affiliate Niche Script 3.4.0 - SQL Injection

Exploit Title: Affiliate Niche Script 3.4.0 SQL Injection Dork: N/A Date: 21.08.2017 Vendor Homepage: https://scriptoffice.com/ Software Link: https://soft.scriptoffice.com/projects/affiliatenichescript/wiki/MainMenu Demo: http://demodesigns.affiliatenichescript.com/ Version: 3.4.0 Category:...

GNU binutils - 'ieee_object_p' Stack Buffer Overflow

Source: https://sourceware.org/bugzilla/showbug.cgi?id=21582 I have been fuzzing objdump with American Fuzzy Lop and AddressSanitizer. Please find attached the minimized file causing the issue "Input" and the ASAN report log "Output". Below is the reduced stacktrace with links to the correspondin...

Entrepreneur Job Portal Script 2.06 - SQL Injection

x========================================================================================================================================x | Title : Entrepreneur Job Portal Script SQL Injection | Software : Entrepreneur Job Portal Script | Version : 2.06 | Vendor : http://www.i-netsolution.com/ |...

Samsung Galaxy S6 Samsung Gallery - Bitmap Decoding Crash

Source: https://code.google.com/p/google-security-research/issues/detail?id=497 Loading the bitmap bmpmemset.bmp can cause a crash due to a memset writing out of bounds. I/DEBUG 2961: pid: 12383, tid: 12549, name: thread-pool-1 com.sec.android.gallery3d I/DEBUG 2961: signal 11 SIGSEGV, code 2...

Exim ESMTP 4.80 - glibc gethostbyname Denial of Service

Exim ESMTP 4.80 - glibc gethostbyname Denial of Service Exploit Title: Exim ESMTP GHOST DoS PoC Exploit Date: 1/29/2015 Exploit Author: 1N3 Vendor Homepage: www.exim.org Version: 4.80 or less Tested on: debian-7-7-64b CVE : 2015-0235 !/usr/bin/python Exim ESMTP DoS Exploit by 1N3 v20150128...

TIPASK问答系统SQL注入二（有多个大型互联网企业案例）

简要描述： 审核真给力，刚提交就通过了 ，赞啊！！！！ 详细说明： 部分案例： 经分析下列文件存在注入 /control/message.php 代码如下 function onremovedialog if$this-post'messageauthor' $authors = $this-post'messageauthor'; $ENV'message'-removebyauthor$authors; $this-message"对话删除成功!", geturlsource; 跟进removebyauthor函数 function removebyauthor$authors...

Avaya IP Office Manager TFTP Server 8.1 - Directory Traversal Vulnerability

No description provided by source. Title : Avaya IP Office Manager TFTP Server Directory Traversal Vulnerability Author : Veerendra G.G from SecPod Technologies www.secpod.com Vendor : http://www.avaya.com/usa/product/ip-office Advisory : http://www.avaya.com/usa/product/ip-office...

Discuz UC_Server 本地文件包含漏洞（有条件限制）

简要描述： 怀着忐忑的心情提交了这个漏洞，依旧相信wooyun是一个良好的平台 赌上了作为一个白帽子的节操，不要在让他碎一地 详细说明： 条件一： 需要UC管理员权限。 条件二： 前台可上传带有PHP代码的可控文件。 漏洞函数onping在文件ucserver\control\admin\app.php function onping $ip = getgpc'ip'; $url = getgpc'url'; $appid = intvalgetgpc'appid'; $app = $ENV'app'-getappbyappid$appid; $status = '';...

Interalp Touristik SQL Injection

Exploit Title : Interalp Touristik Sql injection Vulnerabilites Exploit Author : Ashiyane Digital Security Team Software Link : http://interalp-touristik.com Tested on: Windows 7 , Linux Google Dork : intext:"powered by Interalp Touristik" Date: 2013/09/10...