Exploit for Improper Restriction of Operations within the Bounds of a Memory Buffer in Iolo System_Shield

VulnDrivers-n-LOLDrivers-POCs List of POCs I have done for som...

CVE-2018-5701

In Iolo System Shield AntiVirus and AntiSpyware 5.0.0.136, the amp.sys driver file contains an Arbitrary Write vulnerability due to not validating input values from IOCtl 0x00226003...

CVE-2018-5701

In Iolo System Shield AntiVirus and AntiSpyware 5.0.0.136, the amp.sys driver file contains an Arbitrary Write vulnerability due to not validating input values from IOCtl 0x00226003...

Design/Logic Flaw

In Iolo System Shield AntiVirus and AntiSpyware 5.0.0.136, the amp.sys driver file contains an Arbitrary Write vulnerability due to not validating input values from IOCtl 0x00226003...

CVE-2018-5701

CVE-2018-5701 affects Iolo System Shield/ System Mechanic amp.sys driver (v5.0.0.136 era). The vulnerability arises from improper validation of input values sent to IOCTL 0x00226003, enabling arbitrary write and local privilege escalation. Public exploit materials and PoCs (e.g., Exploit-DB and r...

System Shield 5.0.0.136 - Privilege Escalation

System Shield 5.0.0.136 - Privilege Escalation / Exploit Title - System Shield AntiVirus & AntiSpyware Arbitrary Write Privilege Escalation Date - 29th January 2018 Discovered by - Parvez Anwar @parvezghh Vendor Homepage - http://www.iolo.com/ Tested Version - 5.0.0.136 Driver Version - 5.4.11.1 ...

System Shield 5.0.0.136 - Privilege Escalation Exploit

Exploit for windows platform in category local exploits / Exploit Title - System Shield AntiVirus & AntiSpyware Arbitrary Write Privilege Escalation Date - 29th January 2018 Discovered by - Parvez Anwar @parvezghh Vendor Homepage - http://www.iolo.com/ Tested Version - 5.0.0.136 Driver Version -...

Media In Spot CMS - SQL Injection Vulnerability

No description provided by source. Exploit Title: Media In Spot SQL Injection Google Dork: intext:Powered By Media In Spot Date: 16/05/2011 Author: Iolo Morganwg Category: Web App Version: PHP Tested on: Windows XP Vendor: http://www.mediainspot.com/ Note: domain parameter is vulnerable to sql...

Free Opener - Local Denial of Service

!/usr/bin/perl Exploit Title: Free Opener Local Denial of Service Date: 09-12-11 Author: Iolo Morganwg Download: http://dl.installiq.com/download/downloadpop.aspx?shortname=freeopener&a=13193&f=FO-Main Tested on: Windows XP SP3 To trigger: Run script open with Free opener, program dies!. my $file...

Free Opener Local Denial of Service

Exploit for windows platform in category dos / poc !/usr/bin/perl Exploit Title: Free Opener Local Denial of Service Date: 09-12-11 Author: Iolo Morganwg Download: http://dl.installiq.com/download/downloadpop.aspx?shortname=freeopener&a=13193&f=FO-Main Tested on: Windows XP SP3 To trigger: Run...

BlueZone - .zft File Local Denial of Service

BlueZone - .zft File Local Denial of Service !/usr/bin/perl -w Exploit Title: BlueZone Desktop Malformed .zft ffeil Local Denial of Service Date: 24-10-11 Author: Iolo Morganwg Version: BlueZone Secure FTP v5.2C1 Build 1469 Download:...

Unfixed XSS vulnerability at www.s4c.co.uk

Security researcher Iolo Morganwg, has submitted on 15/06/2011 a cross-site-scripting XSS vulnerability affecting www.s4c.co.uk, which at the time of submission ranked 468892 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 25/12/2011. It is...

Unfixed XSS vulnerability at www.diabetes.co.uk

Security researcher Iolo Morganwg, has submitted on 15/06/2011 a cross-site-scripting XSS vulnerability affecting www.diabetes.co.uk, which at the time of submission ranked 93724 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 25/12/2011. It is...

Unfixed XSS vulnerability at www.clicknow.org.uk

Security researcher Iolo Morganwg, has submitted on 15/06/2011 a cross-site-scripting XSS vulnerability affecting www.clicknow.org.uk, which at the time of submission ranked 1747470 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 25/12/2011. It...

Unfixed XSS vulnerability at www.thisissouthwales.co.uk

Security researcher Iolo Morganwg, has submitted on 15/06/2011 a cross-site-scripting XSS vulnerability affecting www.thisissouthwales.co.uk, which at the time of submission ranked 6406 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 25/12/2011...

Unfixed XSS vulnerability at www.adsscymru.org.uk

Security researcher Iolo Morganwg, has submitted on 15/06/2011 a cross-site-scripting XSS vulnerability affecting www.adsscymru.org.uk, which at the time of submission ranked 25027064 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 25/12/2011. ...