Baidu Spark Browser 43.23.1000.476 - Address Bar URL Spoofing

Baidu Spark Browser 43.23.1000.476 - Address Bar URL Spoofing Software Link:http://en.browser.baidu.com/query/fullpackage.exe?lang=en Version:43.23.1000.476 Tested on:Win7/WinXP details: The baidu spark browser is vulnerable to Address Bar Spoofing in the latest version of the...

DotCMS 3.3 SQL Injection

1¡¢Description Exploit Title: SQL Injection Vulnerability in DotCms v3.3 Date: 3-28-2016 Vendor Homepage: http://dotcms.com/ Vendor: dotcms Software: Content Management System Version: v3.3 CVE:CVE-2016-3688 2¡¢Product Summary ================ dotcms is a fully featured open source enterprise gra...

WordPress Plugin Import CSV 1.0 - Directory Traversal

WordPress Plugin Import CSV 1.0 - Directory Traversal Exploit Title: Wordpress Import CSV | Directory Traversal Exploit Author: Wadeek Website Author: https://github.com/Wad-Deek Software Link: https://downloads.wordpress.org/plugin/xml-and-csv-import-in-article-content.zip Stable Tag: 1.1 Tested...

AKIPS Network Monitor 15.37 through 16.5 - OS Command Injection

Exploit Title: AKIPS Network Monitor 15.37-16.6 OS Command Injection Date: 03-14-2016 Exploit Author: BrianWGray Contact: https://twitter.com/BrianWGray WebPage: http://somethingbroken.com/ Vendor Homepage: https://www.akips.com/ Software Link: https://www.akips.com/showdoc/download Version: 15.3...

Cerberus Helpdesk (Cerb5) 5 < 6.7 - Password Hash Disclosure

Exploit for php platform in category web applications !/bin/bash Exploit Title: Cerberus Helpdesk Cerb5 Password Hash Grabbing Date: 04.02.2016 Exploit Author: asdizzle Vendor Homepage: http://www.cerberusweb.com/ Software Link: http://www.cerberusweb.com/downloads/cerb5/archive/cerb5-544.zip...

Core FTP Server 1.2 - Local Buffer Overflow

Core FTP Server 1.2 - Local Buffer Overflow -- coding: utf-8 -- Exploit Title : Core FTP Server v1.2 - BufferOverflow POC Date: 2016-02-22 Author: INSECT.B Facebook : https://www.facebook.com/B.INSECT00 GitHub : binsect00 Blog : http://binsect00.tistory.com Vendor Homepage : http://www.coreftp.co...

STIMS Cutter 1.1.3.20 - Buffer Overflow (Denial of Service) (PoC)

Exploit Title: STIMS CUTTER OVERFLOW SEH OVERWRITE Date: 19 Feb 2016 Exploit Author: Shantanu Khandelwal Vendor Homepage: http://www.stimslabs.com/ Software Link: http://www.stimslabs.com/en/cutter/STIMSCutterEnSetup.exe Version: 1.1.3.20 Tested on: Windows XP SP3 CVE : UNKNOWN ==============HOW ...

ManageEngine EventLog Analyzer 4.0 &lt; 10 - Privilege Escalation

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Exploit Title: ManageEngine Eventlog Analyzer Privilege Escalation Exploit Author: @GraphX Vendor Homepage:http://www.manageengine.com Version: 4.0 - 10 1. Description: The manageengine eventlog analyzer fails to properly verify user privileges when...

Online Airline Booking System - Multiple Vulnerabilities

Exploit for php platform in category web applications Exploit Title : Online Airline Booking System multiple vulnerabilities Author : WICS Date : 05/1/2016 Software Link : http://sourceforge.net/projects/oabs/ Affected Version: All Overview: The Online Airline Booking System is designed to be an...

Simple PHP Polling System - Multiple Vulnerabilities

Exploit Title : Multiple Vulnerabilities in Simple PHP Polling System. Author : WICS Date : 05-Jan-2016 Software Link : http://sourceforge.net/projects/pollingsystem/ Overview : Simple PHP Polling System helps organizations to make polls of different types of positions with a number of candidates...

FTPShell Client 5.24 - Add to Favorites Buffer Overflow

Exploit for windows platform in category local exploits Exploit Title: FTPShell Client 5.24 - Add to Favorites Buffer Overflow Google Dork: N/A Date: 2015-01-04 Exploit Author: INSECT.B Twitter : @INSECT.B Facebook : https://www.facebook.com/B.INSECT00 Blog : http://binsect00.tistory.com Vendor...

Sam Spade 1.14 - (Scan Addresses) Buffer Overflow Exploit

Exploit for windows platform in category local exploits !/usr/bin/python -- coding: cp1252 -- EXPLOIT TITLE: Sam Spade 1.14 Scan from IP address Field Exploit AUTHOR: VIKRAMADITYA "-OPTIMUS" Date of Testing: 2nd November 2015 Download Link :...

Sam Spade 1.14 - Scan Addresses Buffer Overflow

!/usr/bin/python -- coding: cp1252 -- EXPLOIT TITLE: Sam Spade 1.14 Scan from IP address Field Exploit AUTHOR: VIKRAMADITYA "-OPTIMUS" Credits: Luis Mart�nez Date of Testing: 2nd November 2015 Download Link : https://www.exploit-db.com/apps/7ad7569341d685b4760ba4adecab6def-spade114.exe Tested On ...

Tomabo MP4 Player 3.11.6 - Local Stack Overflow (SEH)

Tomabo MP4 Player 3.11.6 - Local Stack Overflow SEH !/usr/bin/python Exploit Title: Tomabo MP4 Player 3.11.6 SEH Based Stack Overflow Exploit Author: @yokoacc, @nudragn, @runggareksya Vendor Homepage: http://www.tomabo.com/ Software Link: http://www.tomabo.com/mp4-player/download.html Vulnerable...

Joomla Spider Random Article Component - SQL Injection

Exploit Title : Joomla Spider Random Article Component SQL Injection vulnerability Author : Jagriti Sahu AKA Incredible Vendor Link : http://demo.web-dorado.com/spider-random-article.html Date : 22/03/2015 Discovered at : IndiShell Lab Love to : error1046 ^^ ,Team IndiShell,Codebreaker ICA...

Shadow Infosystem Arbitrary File Download Vulnerability

Exploit for php platform in category web applications |||||||||||||||||||||||||||||||||||||||||| |--------------------------------------------------------------| |+ Exploit Title: Shadow Infosystem Arbitrary File Download |+ |+ Exploit Author: Ashiyane Digital Security Team |+ |+ Vendor Homepage:...

WordPress ALO EasyMail Newsletter 2.6 CSRF / Cross Site Scripting

Exploit Title: Wordpress ALO EasyMail Newsletter CSRF/XSS Exploit Author: Ashiyane Digital Security Team Vendor Homepage: https://wordpress.org/plugins/alo-easymail/ Software Link: https://downloads.wordpress.org/plugin/alo-easymail.2.6.00.zip Version: 2.6 Date: 2015-09-15 Tested on: windows 7...

WordPress Car Rental System SQL Injection Vulnerability

Exploit Title : Car Rental System Native WordPress Plugin SQL Injection vulnerability version3.1 Author : Manish Kishan Tanwar AKA error1046 Vendor Link : http://codecanyon.net/item/car-rental-system-native-wordpress-plugin/11758680 Affected Version: below version 3.1 Date : 12/07/2015 Love to :...

SphereFTP Server 2.0 Crash

!/usr/bin/python Exploit Title: SphereFTP Server v2.0 Remote Crash PoC Date: 2015-09-02 Exploit Author: Meisam Monsef [email protected] or [email protected] Vendor Homepage: http://www.menasoft.com/blog/?p=32 Software Link: http://www.menasoft.com/sphereftp/sphereftpwin32v20.zip Version: 2.0...

YesWiki 0.2 - &#039;squelette&#039; Directory Traversal

Exploit Title: YESWIKI 0.2 - Path Traversal Date: 2015-09-02 Exploit Author: HaHwul Exploit Author Blog: http://www.codeblack.net Vendor Homepage: http://yeswiki.net Software Link: https://github.com/YesWiki/yeswiki Version: yeswiki 0.2 Tested on: Debian Wheezy CVE : none...