IP.Board 4.X - Stored XSS Vulnerability

Exploit for php platform in category web applications Exploit Title: IP.Board 4.X Stored XSS Date: 27-08-2015 Software Link: https://www.invisionpower.com/ Exploit Author: snop. Contact: http://twitter.com/rabbitzorg Website: http://rabbitz.org Category: webapps 1. Description A registered or...

Keeper IP Camera 3.2.2.10 - Authentication Bypass Vulnerability

Exploit for hardware platform in category web applications Exploit Title: Keeper IP Camera - Authentication Bypass Date: 25/08/2015 Exploit Author: RAT - ThiefKing Vendor Homepage: http://www.keeper.cn/en/Camera-ip.asp Version: 3.2.2.10 WEB Version: 6.1.17.192 Tested on: QB200W, QB130W, QA130W,...

Konica Minolta FTP Utility 1.0 - Remote Denial of Service (PoC)

Konica Minolta FTP Utility 1.0 - Remote Denial of Service PoC !/usr/bin/python Exploit Title: Konica Minolta FTP Utility 1.0 Remote DoS PoC Date: 21-08-2015 Exploit Author: Shankar Damodaran Vendor Homepage: http://www.konicaminolta.com/ Software Link:...

MASM321 11 Quick Editor '.qeditor' 4.0g - '.qse' File Buffer Overflow (SEH) (ASLR + SafeSEH Bypass)

!/usr/bin/env python Exploit Title: MASM32 quick editor .QSE SEH Based Buffer Overflow ASLR & SAFESEH bypass Date: 2015-08-15 Exploit Author: St0rn Twitter: st0rnpentest Vendor Homepage: http://www.masm32.com/ Software Link: http://www.masm32.com/masmdl.htm Version: MASM32 11 qeditor 4.0g Tested...

Microsoft HTML Help Compiler 4.74.8702.0 - SEH Based Overflow Exploit

Exploit for windows platform in category local exploits !/usr/bin/env python Exploit Title: Microsoft HTML Help Compiler SEH Based Overflow Date: 2015-08-13 Exploit Author: St0rn Twitter: st0rnpentest Vendor Homepage: www.microsoft.com Software Link:...

Havij Pro - Crash (PoC)

Havij Pro - Crash PoC !/usr/bin/env python Exploit Title:Havij Pro Crash POC Tested:windows7 Sofrware Link:http://www.itsecteam.com/ Version:1.17 Email:[email protected] Author:M1x7e1@Safeye Team run python poc.py copy content to target click Analyze EDB-Note: tested and verified using version 1.6...

WebStorm Web Design SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title : WebStorm Web Design SQL Injection Vulnerability Exploit Author : Ashiyane Digital Security Team Vendor Homepage : http://www.webstorm.ca Google Dork 1 : "Web Design and Hosting by WebStorm" inurl:listingdetail.php?id= Google Do...

Medical Website Design SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title : Medical Website Design SQL Injection Vulnerability Exploit Author : Ashiyane Digital Security Team Vendor Homepage : http://www.medicalpracticewebsitedesign.com/ Google Dork : "Medical Practice Website Design" inurl:.php?newsid...

Wordpress S3Bubble Cloud Video With Adverts & Analytics 0.7 - Arbitrary File Download Vulnerabil

Exploit for php platform in category web applications Exploit Title: Wordpress S3Bubble Cloud Video With Adverts & Analytics - Arbitrary File Download Google Dork: inurl:/plugins/s3bubble-amazon-s3-html-5-video-with-adverts/ Date: 04/07/2015 Exploit Author: CrashBandicot @DosPerl Vendor Homepage:...

WordPress S3Bubble Cloud Video With Adverts / Analytics Arbitrary File Download

Exploit Title: Wordpress S3Bubble Cloud Video With Adverts & Analytics - Arbitrary File Download Google Dork: inurl:/plugins/s3bubble-amazon-s3-html-5-video-with-adverts/ Date: 04/07/2015 Exploit Author: CrashBandicot @DosPerl Vendor Homepage: https://s3bubble.com Software Link:...

AnimaGallery 2.6 (theme and lang cookie parameter) Local File Include Vulnerability

Exploit Title: AnimaGallery 2.6 theme and lang cookie parameter Local File Include Vulnerability Date: 2015/06/07 Vendor Homepage: http://dg.no.sapo.pt/ Software Link:http://dg.no.sapo.pt/AnimaGallery2.6.zip Version: 2.6 Tested on: Centos 6.5,php 5.3.2,magicquotesgpc=off Category: webapps...

WiFi HD 8.1 - Directory Traversal / Denial of Service

Exploit Title: WiFi HD 8.1 - Directory Traversal and Denial of Service Date: 2015-05-27 Exploit Author: Wh1t3Rh1n0 Michael Allen Vendor Homepage: http://www.savysoda.com Software Link: http://www.savysoda.com/WiFiHD/ Version: 8.1 Apr 1, 2015 Tested on: iPhone Disclosure Timeline: 2015-05-30: Vend...

WordPress zM Ajax Login & Register Plugin 1.0.9 Local File Inclusion Vulnerability

Exploit for php platform in category web applications Exploit Title: CVE-2015-4153 - WordPress zM Ajax Login & Register Plugin Local File Inclusion Date: 2015/06/01 Exploit Author: Panagiotis Vagenas Contact: https://twitter.com/panVagenas Vendor Homepage: http://zanematthew.com/ Software Link:...

WordPress Plugin Free Counter 1.1 - Persistent Cross-Site Scripting

Exploit Title: WordPress Free Counter Plugin Stored XSS Date: 2015/05/25 Exploit Author: Panagiotis Vagenas Contact: https://twitter.com/panVagenas Vendor Homepage: http://www.free-counter.org Software Link: https://wordpress.org/plugins/free-counter/ Version: 1.1 Tested on: WordPress 4.2.2...

Newsletter 4.3 SQL Injection

------------------------ Exploit Title : Newsletter 4.3 SQL Injection Vulnerability Exploit Author : Ashiyane Digital Security Team Vendor Homepage: www.conpresso.de - www.conpresso4.de Google Dork ONE: intext:Module Newsletter 4.3 Google Dork TWO: Module Newsletter 4.3 by www.conpresso4.de Date ...

VideoCharge Vanilla 3.16.4.06 - Local Buffer Overflow

VideoCharge Vanilla 3.16.4.06 - Local Buffer Overflow !/usr/bin/python Exploit Title: VideoCharge v3.16.4.06 Date: 10/May/2015 Author: @evilcomrade IRC freenode: vulnhub or offsec or corelan email: kwiha2003 at yahoo dot com Version: 3.16.4.06 Tested on: Win XP3 Software link:...

UniPDF Version 1.2 - 'xml' Buffer Overflow Crash PoC

Exploit for windows platform in category dos / poc Exploit Title: UniPDF v1.2 BufferOverflow, SEH overwrite DoS PoC Author : Avinash Kumar Thapa "-Acid" Date of Testing : 25th April 2015 Tested On : Windows XP- Service Pack 3 && Windows 7 Home Basic Vendor Homepage: http://unipdf.com/ Software...

Wolf CMS 0.8.2 Shell Upload

,--^----------,--------,-----,-------^--, | ||||||||| --------' | O .. CWH Underground Hacking Team .. +---------------------------^----------| ,-------, | / XXXXXX /| / / XXXXXX / \ / / XXXXXX /\ / XXXXXX / / XXXXXX / ------' Exploit Title : Wolf CMS Arbitrary File Upload Exploit Date : 16 April...

NetCat CMS 3.12 HTML Injection

NetCat CMS 3.12 HTML Injection Security Vulnerabilities Exploit Title: NetCat CMS 3.12 /catalog/search.php? q Parameter HTML Injection Security Vulnerabilities Product: NetCat CMS Content Management System Vendor: NetCat Vulnerable Versions: 3.12 3.0 2.4 2.3 2.2 2.1 2.0 1.1 Tested Version: 3.12...

Opoint Media Intelligence Open Redirect

Opoint Media Intelligence Unvalidated Redirects and Forwards URL Redirection Security Vulnerabilities Exploit Title: Opoint Media Intelligence click.php? &noblink parameter URL Redirection Security Vulnerabilities Vendor: Opoint Product: Opoint Media Intelligence Vulnerable Versions: Tested...