phpMyChat Plus 1.98 SQL Injection

Title: phpMyChat Plus 1.98 - 'pmcusername' SQL Injection Date: 2020-02-13 Exploit Author: J3rryBl4nks Vendor Homepage: http://ciprianmp.com/latest/ Software Link: https://sourceforge.net/projects/phpmychat/files/phpMyChatPlus/ Version MyChat Plus 1.98 Tested on Windows 10/Kali Rolling The phpMyCh...

QuickDate 1.3.2 SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: QuickDate 1.3.2 - SQL Injection Exploit Author: Ihsan Sencan Vendor Homepage: https://quickdatescript.com/ Version: 1.3.2 Tested on: Linux CVE: N/A POC: 1 POST /findmatches HTTP/1.1 Host: localhost User-Agent: Mozilla/5.0 X11;...

OpenSMTPD 6.6.1 Local Privilege Escalation

Exploit Title: OpenSMTPD 6.6.1 - Local Privilege Escalation Date: 2020-02-02 Exploit Author: Marco Ivaldi Vendor Homepage: https://www.opensmtpd.org/ Version: OpenSMTPD 6.4.0 - 6.6.1 Tested on: OpenBSD 6.6, Debian GNU/Linux bullseye/sid with opensmtpd 6.6.1p1-1 CVE: CVE-2020-7247 !/usr/bin/perl...

Wedding Slideshow Studio 1.36 - (Name) Buffer Overflow Exploit

Exploit Title: Wedding Slideshow Studio 1.36 - 'Name' Buffer Overflow Exploit Author : ZwX Vendor Homepage : http://www.wedding-slideshow-studio.com/ Tested on OS: Windows 10 v1803 Social: twitter.com/ZwX2a Steps to Reproduce: 1. Run the python exploit script, it will create a new file with the...

Adive Framework 2.0.8 - Cross-Site Request Forgery (Change Admin Password)

Adive Framework 2.0.8 - Cross-Site Request Forgery Change Admin Password Exploit Title: Adive Framework 2.0.8 - Cross-Site Request Forgery Change Admin Password Exploit Author: Sarthak Saini Date: 2020-01-18 Vendor Link : https://www.adive.es/ Software Link:...

Pachev FTP Server 1.0 Path Traversal

Exploit Title: Pachev FTP Server 1.0 - Path Traversal Date: 2020-01-23 Vulnerability: Path Traversal Exploit Author: 1F98D Vendor Homepage: https://github.com/pachev/pachevftp from ftplib import FTP ip = rawinput"Target IP: " port = intrawinput"Target Port: " ftp = FTP ftp.connecthost=ip, port=po...

Citrix Application Delivery Controller (ADC) and Gateway 13.0 - Path Traversal

Exploit Title: Citrix Application Delivery Controller ADC and Gateway 13.0 - Path Traversal Date: 2019-12-17 CVE: CVE-2019-19781 Vulenrability: Path Traversal Vulnerablity Discovery: Mikhail Klyuchnikov Exploit Author: Dhiraj Mishra Vulnerable Version: 10.5, 11.1, 12.0, 12.1, and 13.0 Vendor...

Online Book Store 1.0 - Arbitrary File Upload

Exploit Title: Online Book Store 1.0 - Arbitrary File Upload Google Dork: N/A Date: 2020-01-16 Exploit Author: Or4nG.M4n aka S4udiExploit Vendor Homepage: https://projectworlds.in/free-projects/php-projects/online-book-store-project-in-php/ Software Link:...

TaskCanvas 1.4.0 - Registration Denial Of Service

TaskCanvas 1.4.0 - Registration Denial Of Service Exploit Title: TaskCanvas 1.4.0 - 'Registration' Denial Of Service Exploit Author : Ismail Tasdelen Exploit Date: 2020-01-06 Vendor Homepage : https://www.digitalvolcano.co.uk/ Link Software : https://www.digitalvolcano.co.uk/taskcanvasdownload.ht...

Oracle Weblogic 10.3.6.0.0 Remote Command Execution

Exploit Title: Oracle Weblogic 10.3.6.0.0 - Remote Command Execution Date: 2020-01-08 Exploit Author: Waffles & Paveway3 Vendor Homepage: https://www.oracle.com/middleware/technologies/weblogic.html Version: 10.3.6.0.0, 12.1.3.0.0, 12.2.1.3.0 Tested on: Windows CVE : CVE-2019-2729 SerialLogic.py...

Office Product Key Finder 1.5.4 - Denial of Service (PoC)

Office Product Key Finder 1.5.4 - Denial of Service PoC Exploit Title: Office Product Key Finder 1.5.4 - Denial of Service PoC Date: 2020-01-06 Vendor Homepage: http://www.nsauditor.com/ Software Link: http://www.nsauditor.com/downloads/officeproductkeyfindersetup.exe Exploit Author: Gokkul Teste...

Microsoft Windows .Group File - Code Execution Exploit

Exploit Title: Microsoft Windows .Group File - Code Execution Exploit Author: hyp3rlinx Vendor Homepage: www.microsoft.com Version: 1.9.6 Tested on: Windows CVE : N/A + Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source:...

Microsoft Windows .Group File - Code Execution

Exploit Title: Microsoft Windows .Group File - Code Execution Date: 2020-01-01 Exploit Author: hyp3rlinx Vendor Homepage: www.microsoft.com Version: 1.9.6 Tested on: Windows CVE : N/A + Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source:...

Shopping Portal ProVersion 3.0 - Authentication Bypass

Exploit Title: Shopping Portal ProVersion 3.0 - Authentication Bypass Exploit Author: Metin Yunus Kandemir kandemir Vendor Homepage: https://phpgurukul.com/ Software Link: https://phpgurukul.com/shopping-portal-free-download/ Version: v4.0 Category: Webapps Tested on: Xampp for Windows Descriptio...

XEROX WorkCentre 6655 Printer Cross Site Request Forgery

Exploit Title: XEROX WorkCentre 6655 Printer - Cross-Site Request Forgery Add Admin Date: 2018-12-19 Exploit Author: Ismail Tasdelen Vendor Homepage: https://www.xerox.com/ Hardware Link : https://www.office.xerox.com/en-us/multifunction-printers/workcentre-6655 Software : Xerox Printer Product...

Prime95 29.8 Build 6 Buffer Overflow

Exploit Title: Prime95 Version 29.8 build 6 - Buffer Overflow SEH Date: 2019-12-22 Vendor Homepage: https://www.mersenne.org Software Link: http://www.mersenne.org/ftproot/gimps/p95v298b6.win32.zip Exploit Author: Achilles Tested Version: 29.8 build 6 Tested on: Windows 7 x64 1.- Run python...

FTP Commander Pro 8.03 - Local Stack Overflow Exploit

Exploit Title: FTP Commander Pro 8.03 - Local Stack Overflow Exploit Author: boku Discovered by: UNNON Original DoS: FTP Commander 8.02 - Overwrite SEH Original DoS Link: https://www.exploit-db.com/exploits/37810 Software Vendor: http://www.internet-soft.com/ Software Link:...

FTP Commander Pro 8.03 - Local Stack Overflow

FTP Commander Pro 8.03 - Local Stack Overflow Exploit Title: FTP Commander Pro 8.03 - Local Stack Overflow Date: 2019-12-12 Exploit Author: boku Discovered by: UNNON Original DoS: FTP Commander 8.02 - Overwrite SEH Original DoS Link: https://www.exploit-db.com/exploits/37810 Software Vendor:...

SpotAuditor 5.3.2 Local Buffer Overflow

Exploit Title: SpotAuditor 5.3.2 - 'Base64' Local Buffer Overflow SEH Exploit Author: Kirill Nikolaev Date: 2019-12-06 Vulnerable Software: SpotAuditor Vendor Homepage: http://www.nsauditor.com/ Version: 5.3.2 Software Link: http://spotauditor.nsauditor.com/downloads/spotauditorsetup.exe Tested...

Integard Pro NoJs 2.2.0.9026 - Remote Buffer Overflow Exploit

Exploit Title: Integard Pro NoJs 2.2.0.9026 - Remote Buffer Overflow Exploit Author: purpl3f0xsecur1ty Vendor Homepage: https://www.tucows.com/ Software Link: http://www.tucows.com/preview/519612/Integard-Home Version: Pro 2.2.0.9026 / Home 2.0.0.9021 Tested on: Windows XP / Win7 / Win10 CVE:...