Online Shopping System Advanced 1.0 SQL Injection

Exploit Title: Online shopping system advanced 1.0 - 'p' SQL Injection Exploit Author : Majid kalantari Date: 2020-04-26 Vendor Homepage : https://github.com/PuneethReddyHC/online-shopping-system-advanced Software link:...

User Management System 2.0 - Persistent Cross-Site Scripting

Exploit Title: User Management System 2.0 - Persistent Cross-Site Scripting Author: Besim ALTINOK Vendor Homepage: https://phpgurukul.com/ Software Link: https://phpgurukul.com/user-registration-login-and-user-management-system-with-admin-panel/ Version: v2.0 Tested on: Xampp Credit: İsmail BOZKU...

Edimax EW-7438RPn - Cross-Site Request Forgery (MAC Filtering) Vulnerability

Exploit for hardware platform in category web applications Exploit Title: Edimax EW-7438RPn - Cross-Site Request Forgery MAC Filtering Exploit Author: Besim ALTINOK Vendor Homepage:...

Atomic Alarm Clock 6.3 - Stack Overflow (Unicode+SEH)

Exploit Title: Atomic Alarm Clock 6.3 - Stack Overflow Unicode+SEH Exploit Author: Bobby Cooke Date: 2020-04-17 Vendor: Drive Software Company Vendor Site: http://www.drive-software.com Software Download: http://www.drive-software.com/download/ataclock.exe Tested On: Windows 10 - Pro 1909 x86...

Easy MPEG to DVD Burner 1.7.11 - Buffer Overflow (SEH + DEP) Exploit

Exploit Title: Easy MPEG to DVD Burner 1.7.11 - Buffer Overflow SEH + DEP Exploit Author: Bailey Belisario Tested On: Windows 7 Ultimate x64 Software Link: https://www.exploit-db.com/apps/32dc10d6e60ceb4d6e57052b6de3a0ba-easympegtodvd.exe Version: 1.7.11 Exploit Length: 1015 Bytes Steps : Open...

BlazeDVD 7.0.2 Buffer Overflow

Exploit Title: BlazeDVD 7.0.2 - Buffer Overflow SEH Date: 2020-04-15 Exploit Author: areyou1or0 Software Link: http://www.blazevideo.com/dvd-player/free-dvd-player.html Version: 7.0.2 Tested on: Windows 7 Pro x86 !/usr/bin/python file = "exploit.plf" offset ="A"612-4 nseh = "\xeb\x1e\x90\x90" seh...

Zen Load Balancer 3.10.1 - Remote Code Execution Exploit

Exploit for cgi platform in category web applications Exploit Title: Zen Load Balancer 3.10.1 - Remote Code Execution Google Dork: no Exploit Author: Cody Sixteen Vendor Homepage: https://code610.blogspot.com Software Link:...

Zen Load Balancer 3.10.1 - Remote Code Execution

Zen Load Balancer 3.10.1 - Remote Code Execution Exploit Title: Zen Load Balancer 3.10.1 - Remote Code Execution Google Dork: no Date: 2020-03-28 Exploit Author: Cody Sixteen Vendor Homepage: https://code610.blogspot.com Software Link:...

Easy RM to MP3 Converter 2.7.3.700 - 'Input' Local Buffer Overflow (SEH)

Exploit Title: Easy RM to MP3 Converter 2.7.3.700 - 'Input' Local Buffer Overflow SEH Date: 2020-03-26 Author: Felipe Winsnes Software Link: https://www.exploit-db.com/apps/707414955696c57b71c7f160c720bed5-EasyRMtoMP3Converter.exe Version: 2.7.3.700 Tested on: Windows 7 x86 Proof of Concept: 1.-...

PHPKB Multi-Language 9 - image-upload.php Authenticated Remote Code Execution

PHPKB Multi-Language 9 - image-upload.php Authenticated Remote Code Execution Exploit Title: PHPKB Multi-Language 9 - 'image-upload.php' Authenticated Remote Code Execution Google Dork: N/A Date: 2020-03-15 Exploit Author: Antonio Cannito Vendor Homepage: https://www.knowledgebase-script.com/...

RICOH Aficio SP 5200S Printer - entryNameIn HTML Injection

RICOH Aficio SP 5200S Printer - entryNameIn HTML Injection Exploit Title: RICOH Aficio SP 5200S Printer - 'entryNameIn' HTML Injection Discovery by: Paulina Girón Discovery Date: 2020-03-02 Vendor Homepage: https://www.ricoh.com/ Hardware Link:...

Virtual Freer 1.58 - Remote Command Execution

Exploit title : Virtual Freer 1.58 - Remote Command Execution Exploit Author : SajjadBnd Date : 2020-02-17 Vendor Homepage : http://freer.ir/virtual/ Software Link : http://www.freer.ir/virtual/download.php?action=get Software Linkmirror : http://dl.nuller.ir/virtualfreerv1.58NuLLeR.iR.zip Tested...

WordPress Fruitful 3.8 Cross Site Scripting

Exploit Title: WordPress Theme Fruitful 3.8 - Persistent Cross-Site Scripting Dork: intext:"Fruitful theme by fruitfulcode Powered by: WordPress" intext:"Comment" intext:"Leave a Reply" Date: 2020-02-14 Category : Webapps Software Link: https://downloads.wordpress.org/theme/fruitful.3.8.zip Vendo...

Cuckoo Clock v5.0 - Buffer Overflow

Exploit Title: Cuckoo Clock 5.0 - Buffer Overflow Exploit Author: boku Date: 2020-02-14 Vendor Homepage: https://en.softonic.com/author/pxcompany Software Link: https://en.softonic.com/download/parallaxis-cuckoo-clock/windows/post-download Version: 5.0 Tested On: Windows 10 32-bit Recreate: 1...

LabVantage 8.3 - Information Disclosure

Exploit Title: LabVantage 8.3 - Information Disclosure Google Dork: N/A Date: 2020-02-16 Exploit Author: Joel Aviad Ossi Vendor Homepage: labvantage.com Software Link: N/A Version: LabVantage 8.3 Tested on: CVE : N/A import requests import operator def exploittarget: print"+ Fetching LabVantage...

Wedding Slideshow Studio 1.36 - Key Buffer Overflow

Wedding Slideshow Studio 1.36 - Key Buffer Overflow Exploit Title: Wedding Slideshow Studio 1.36 - 'Key' Buffer Overflow Exploit Author : ZwX Exploit Date: 2020-02-09 Vendor Homepage : http://www.wedding-slideshow-studio.com/ Tested on OS: Windows 10 v1803 Social: twitter.com/ZwX2a Steps to...

VIM 8.2 Denial Of Service

Exploit Title: Invalid memory access with search command Date: 17-12-2019 Vulnerability: DoS Vulnerability Discovery: Dhiraj Mishra Vulnerable Version: VIM - Vi IMproved 8.2 Included patches: 1-131 Vendor Homepage: https://www.vim.org/ References:...

BearFTP 0.1.0 Denial Of Service

Exploit Title: BearFTP 0.1.0 - 'PASV' Denial of Service Date: 2020-01-29 Exploit Author: kolya5544 Vendor Homepage: http://iktm.me/ Software Link: https://github.com/kolya5544/BearFTP/releases Version: v0.0.1 - v0.1.0 Tested on: Ubuntu 18.04 CVE : CVE-2020-8416 static void Mainstring args...

Adive Framework 2.0.8 - Cross-Site Request Forgery (Change Admin Password) Vulnerability

Exploit for php platform in category web applications Exploit Title: Adive Framework 2.0.8 - Cross-Site Request Forgery Change Admin Password Exploit Author: Sarthak Saini Vendor Link : https://www.adive.es/ Software Link: https://github.com/ferdinandmartin/adive-php7 Version: 2.0.8...

Pachev FTP Server 1.0 Path Traversal

Exploit Title: Pachev FTP Server 1.0 - Path Traversal Date: 2020-01-23 Vulnerability: Path Traversal Exploit Author: 1F98D Vendor Homepage: https://github.com/pachev/pachevftp from ftplib import FTP ip = rawinput"Target IP: " port = intrawinput"Target Port: " ftp = FTP ftp.connecthost=ip, port=po...