Social Microblogging PRO 1.5 - Persistent Cross-Site Scripting

Social Microblogging PRO 1.5 - Persistent Cross-Site Scripting Exploit Title: Social Microblogging PRO 1.5 Stored XSS Vulnerability Date: 29-12-2014 Exploit Author: Halil Dalabasmaz Version: v1.5 Vendor Homepage: http://codecanyon.net/item/social-microblogging-pro/9217005 Tested on: Chrome &...

jetAudio 8.1.3.2200 Crash Proof Of Concept

Exploit Title : jetAudio 8.1.3.2200 Basic m3u Crash POC Product : jetAudio Basic Date : 27.12.2014 Exploit Author : Hadji Samir [email protected] Software Link : http://www.jetaudio.com/download/ Vulnerable version : 8.1.3.2200 Basic Vendor Homepage : http://www.jetaudio.com/ Tested on : Windows 7...

Ettercap 0.8.0 / 0.8.1 Denial Of Service Exploit

Ettercap versions 0.8.0 and 0.8.1 suffers from multiple denial of service vulnerabilities. Exploit Title: 6 Remote ettercap Dos exploits to 1 Date: 19/12/2014 Exploit Author: Nick Sampanis Vendor Homepage: http://ettercap.github.io Software Link:...

BulletProof FTP Client 2010 - Buffer Overflow (SEH) Exploit

Exploit for windows platform in category local exploits !/usr/bin/env ruby Exploit Title: BulletProof FTP Client 2010 - Buffer Overflow SEH Exploit Date: Dec 03 2014 Vulnerability Discovery: Gabor Seljan Exploit Author: Muhamad Fadzil Ramli Software Link: http://www.bpftp.com/ Version: 2010.75.0....

Free Article Submissions 1.0 - SQL Injection

Exploit Title: Free Article Submissions SQL Injection Vulnerability Google Dork: inurl:/category.php?id=22 "Affiliate Programs Portal" inurl:/category.php?id=2 "Arts & Entertainment" Date: 07/12/2014 Exploit Author: BarrabravaZ Vendor Homepage: http://www.articlesetup.com/ Software Link: download...

WordPress Plugin DB Backup - Arbitrary File Download

|||||||||||||||||||||||||||||||||||||||||||||||||| |-------------------------------------------------------------------------| | Exploit Title: Wordpress db-backup plugin File Download Vulnerability | | Google Dork: inurl:wp-content/plugins/db-backup/ | | Date : Date: 2014-11-26 | | Exploit Autho...

Wordpress Theme Strange File Upload / File Deletion

Exploit for php platform in category web applications Exploit Title : Wordpress Theme Strange File Upload / File Deletion Exploit Author : NULLPointer Contact : https://www.facebook.com/xenith.gianni Date : 21/09/2014 Github Mirror :...

Seafile-server 3.1.5 - Remote Denial of Service

Exploit Title: ccnet-server remote DoS assert seafile-server = 3.1.5 Date: Sep 4, 2014 Exploit Author: retset Vendor Homepage: seafile.com Software Link: https://bitbucket.org/haiwen/seafile/downloads/seafile-server3.1.4win32.tar.gz Version: seafile-server 3.1.4 Tested on: Windows 7/seafile-serve...

WordPress MichaelCanthony theme Arbitrary File Download Vulnerability

Exploit for php platform in category web applications Date: 2014-09-11 Google Dork : inurl:/wp-content/themes/MichaelCanthony/ Exploit Author: Mr.Doel Vendor Homepage: http://michaelcanthony.com Tested on: Windows 7 & Linux POC :...

WordPress Like Dislike Counter 1.2.3 SQL Injection

Title : Wordpress Like Dislike Counter Plugin SQL Injection Vulnerability Risk : High+/Critical Exploit Author : XroGuE Google Dork : inurl:plugins/like-dislike-counter-for-posts-pages-and-comments/ajaxcounter.php AND plugins/pro-like-dislike-counter/ldc-ajax-counter.php Plugin Version : 1.2.3...

Wordpress Huge-IT Image Gallery 1.0.1 Authenticated SQL Injection

No description provided by source. Exploit Title : Wordpress Huge-IT Image Gallery 1.0.1 Authenticated SQL Injection Exploit Author : Claudio Viviani Vendor Homepage : http://huge-it.com/ Software Link : http://downloads.wordpress.org/plugin/gallery-images.zip Mirror Link :...

LeapFTP 3.1.0 - URL Handling Buffer Overflow (SEH)

LeapFTP 3.1.0 - URL Handling Buffer Overflow SEH Exploit Title: LeapFTP 3.1.0 URL Handling SEH Exploit Google Dork: "k3170makan is totally awesome" hehehe Date: 2014-08-28 Exploit Author: k3170makan Vendor Homepage: http://www.leapware.com/ Software Link: http://www.leapware.com/download.html...

Pro Chat Rooms v8.2.0 - Multiple Vulnerabilities

Exploit Title: Pro Chat Rooms v8.2.0 - Multiple Vulnerabilities Google Dork: intitle:"Powered by Pro Chat Rooms" Date: 5 August 2014 Exploit Author: Mike Manzotti @ Dionach Ltd Vendor Homepage: http://prochatrooms.com Software Link: http://prochatrooms.com/software.php Version: v8.2.0 Tested on:...

SHARP MX Series - Denial of Service

SHARP MX Series - Denial of Service Exploit Title: SHARP MX Series - Denial Of Service Date: 08/08/2014 Exploit Author: pws Vendor Homepage: Sharp Printers Firmware Link: Not found Tested on: Latest version Shodan d0rk: "SHARP Telnet server" 4000 devices CVE : None yet $ python -c 'print "A"200 +...

DirPHP 1.0 - Local File Include Vulnerability

Exploit for php platform in category web applications Exploit Title: DirPHP - version 1.0 Local File Inclusion Google Dork: intext:DirPHP - version 1.0 - Created & Maintained by Stuart Montgomery Date: 7/26/14 Exploit Author: -Chosen- Version: DirPHP - Version 1.0 Tested on: nix PoC:...

Joomla! Component Youtube Gallery 4.1.7 - SQL Injection

Exploit Title: Joomla component comyoutubegallery - SQL Injection vulnerability Google Dork: inurl:index.php?option=comyoutubegallery Date: 15-07-2014 Exploit Author: Pham Van Khanh [email protected] Vendor Homepage: http://www.joomlaboat.com/youtube-gallery Software Link:...

Joomla! Component Youtube Gallery 4.1.7 - SQL Injection

Joomla! Component Youtube Gallery 4.1.7 - SQL Injection Exploit Title: Joomla component comyoutubegallery - SQL Injection vulnerability Google Dork: inurl:index.php?option=comyoutubegallery Date: 15-07-2014 Exploit Author: Pham Van Khanh [email protected] Vendor Homepage:...

HP Data Protector Manager 8.10 - Remote Command Execution

Exploit for windows platform in category remote exploits !/usr/bin/python Exploit Title: HP-Data-Protector-8.10 Remote command execution. Date: July 11 2014 Exploit Author: Christian Polunchis Ramirez https://intrusionlabs.org Exploit Author: Henoch Chanoc Barrera https://intrusionlabs.org...

Microsoft Internet Explorer 910 - CFormElement Use-After-Free Memory Corruption (PoC) (MS14-035)

Microsoft Internet Explorer 910 - CFormElement Use-After-Free Memory Corruption PoC MS14-035 loaded = false ; function func if loaded document.body.innerHTML = "" ; // free CFormElement input1 = document.getElementById"input1" ; input1.onclick = func ; loaded = true ; input1.click; // Call DoClic...

Sielco Sistemi Winlog <= 2.07.16 Buffer Overflow

No description provided by source. !/usr/bin/ruby Exploit Title: Sielco Sistemi Winlog Buffer Overflow = v2.07.16 Date: 05.06.2012 Exploit Author: m1k3 Vendor Homepage: http://www.sielcosistemi.com/en/download/public/winloglite.html Software Link:...