WordpressExploiter

made with love no...

HTTP Client Automatic Exploiter 2 (Browser Autopwn)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "HTTP Client Automatic Exploiter 2 Browser Autopwn", 'Description' = %q This module will automatically serve browser exploits. Here are the option...

Exploit for Exposure of Sensitive Information to an Unauthorized Actor in Provision-Isr Sh-4050A5-5L\(Mm\)_Firmware

CVE-2024-7339: Information Leak Vulnerability in DVR devices...

PT-2024-19461 · Undefined · Undefined

Name of the Vulnerable Software and Affected Versions: No information is available about the vulnerable software and its affected versions. Description: A bounty was awarded to an individual for exploiting a specific issue using an Exploiter tool. Recommendations: At the moment, there is no...

Exploit for OS Command Injection in Eparks Fiberlink_210_Firmware

CVE-2023-33617 Authenticated OS command injection vulnerabili...

Committed Unsuccessful Migration can be settled later on

Lines of code Vulnerability details Impact When committing a migration proposal, it's status is changed to isCommited = true and the buyout starts. After 4 days, the buyout ends. Considering the case it was rejected, its status goes to INACTIVE. Nothing happens to the proposal in the Migration...

All withdrawal functionality is paused when contract is paused

Lines of code Vulnerability details Impact When the strategy contract is paused, all withdrawal functionality will be paused. Based on the comments in MyStrategy.sol and baseStrategy.sol, withdrawToVault should not be affected by the pause functionality. This is not the case due to the...

Reentrancy in ConcurRewardPool::claimRewards

Lines of code Vulnerability details Impact Any address that has nonzero reward for a token tokensi is able to drain all contact token funds if the transfer function is reentrant for example, ERC777 token. As tokensi is an arbitrarily implemented, a reentrant transfer function can be assumed to be...

PLANEX CS-QP50F-ING2 Remote Configuration Disclosure Vulnerability

PLANEX CS-QP50F-ING2 security surveillance smart camera remote configuration disclosure exploit. !/usr/bin/perl PLANEX CS-QP50F-ING2 Security Surveillance Smart Camera Remote Configuration Disclosure - Mass Exploiter Copyright 2021 c Todor Donev https://donev.eu/ Disclaimer: This or previous...

Exploit for Path Traversal in F5 Big-Ip_Access_Policy_Manager

F5-Big-IP-CVE-2020-5902-mass...

NekoBot - Auto Exploiter With 500+ Exploit 2000+ Shell

NekoBotV1 | Auto Exploiter With 500+ Exploit 2000+ Shell Features : + Wordpress : 1- Cherry-Plugin 2- download-manager Plugin 3- wysija-newsletters 4- Slider Revolution Revslider 5- gravity-forms 6- userpro 7- wp-gdpr-compliance 8- wp-graphql 9- formcraft 10- Headway 11- Pagelines Plugin 12-...

AutoSploit v4.0 - Automated Mass Exploiter

As the name might suggest AutoSploit attempts to automate the exploitation of remote hosts. Targets can be collected automatically through Shodan, Censys or Zoomeye. But options to add your custom targets and host lists have been included as well. The available Metasploit modules have been select...

CVE-2019-13209

Rancher 2 through 2.2.4 is vulnerable to a Cross-Site Websocket Hijacking attack that allows an exploiter to gain access to clusters managed by Rancher. The attack requires a victim to be logged into a Rancher server, and then to access a third-party site hosted by the exploiter. Once that is...

Joomla Codextrous B2jcontact 2.1.17 Shell Upload

Exploit Title : Joomla Codextrous ComB2jcontact Components 2.1.17 Shell Upload Author Discovered By : KingSkrupellos from Cyberizm Digital Security Army Date : 04/01/2019 Vendor Homepage : codextrous.com/joomla-components/b2j-contact.html + extensions.joomla.org/extension/b2j-contact/ Software...

DVR-Exploiter - Bash Script Program Exploit The DVR's Based On CVE-2018-9995

DVR-Exploiter Exploit Title: DVR Credentials Exposed Date: 09/04/2018 Exploit Author: Fernandez Ezequiel DVR-Exploiter By: Belahsan Ouerghi Contact: www.facebook.com/ouerghi.belahsan Youtube Tutorial: https://www.youtube.com/watch?v=vdnATjE4II Dorks: intitle:"DVR Login" html:"/login.rsp" "Server:...

UPDATED VERSION: AutoSploit 2.2

PenTestIT RSS Feed It has been some days since there was a lot of hue and cry about AutoSploit and eventually everything subsided. I wrote about it in a post titled AutoSploit = Shodan/Censys/Zoomeye + Metasploit too. Recently, an updated an improved updated version - AutoSploit 2.2 was released...

BadMod v2.0 - Detect Website CMS, Website Scanner & Auto Exploiter

Auto exploiter & get all server sites & bing dorker. Version 2.0 Fixed colors bug Fixed permissions bug Added new option to scan single target Added new option to scan joomla & wordpress plugins Installation Install tool git clone https://github.com/MrSqar-Ye/BadMod.git Install php sudo apt-get...

BadMod - Detect Website CMS, Website Scanner & Auto Exploiter

Auto exploiter & get all server sites & bing dorker Installation git clone https://github.com/MrSqar-Ye/BadMod.git BadMod tool Detect website cms & website scanner =& Auto exploiter Exploit : ! Wordpress +joomla !drupal + Cms made simple Video Download BadMod...

AutoSploit v2.0 - Automated Mass Exploiter

As the name might suggest AutoSploit attempts to automate the exploitation of remote hosts. Targets can be collected automatically through Shodan, Censys or Zoomeye. But options to add your custom targets and host lists have been included as well. The available Metasploit modules have been select...

AutoSploit - Automated Mass Exploiter

As the name might suggest AutoSploit attempts to automate the exploitation of remote hosts. Targets are collected automatically as well by employing the Shodan.io API. The program allows the user to enter their platform specific search query such as; Apache, IIS, etc, upon which a list of...