308 matches found
HomeMatic Zentrale CCU2 Unauthenticated Remote Code Execution
Exploit Title: HomeMatic Zentrale CCU2 Unauthenticated RCE Date: 16-07-2018 Software Link: https://www.homematic.com/ Exploit Author: Kacper Szurek - ESET Contact: https://twitter.com/KacperSzurek Website: https://security.szurek.pl/ YouTube: https://www.youtube.com/c/KacperSzurek Category: remot...
ManageEngine Exchange Reporter Plus < Build 5311 - Remote Code Execution Exploit
ManageEngine Exchange Reporter Plus versions 5310 and below suffer from a remote code execution vulnerability. Exploit Title: ManageEngine Exchange Reporter Plus = 5310 Unauthenticated RCE Date: 28-06-2018 Software Link: https://www.manageengine.com/products/exchange-reports/ Exploit Author: Kacp...
Gitea 1.4.0 - Remote Code Execution
pip install PyJWT requests pip install dulwich==0.19.0 from requests import Request, Session, get, post import jwt import time import base64 import os import re import time import threading import random import string import urlparse import urllib from dulwich import porcelain print "Gitea 1.4.0"...
ManageEngine Exchange Reporter Plus Unauthenticated RCE
This module exploits a remote code execution vulnerability that exists in Exchange Reporter Plus 'ManageEngine Exchange Reporter Plus Unauthenticated RCE', 'Description' = %q This module exploits a remote code execution vulnerability that exists in Exchange Reporter Plus MSFLICENSE, 'Author' =...
Authentication bypass vulnerability in Western Digital My Cloud
Abstract It was discovered that Western Digital My Cloud is affected by an authentication bypass vulnerability. By exploiting this vulnerability, an unauthenticated attacker can bypass the login functionality and gain full control of the device. Tested versions This vulnerability was successfully...
GitList 0.6 - Remote Code Execution
GitList 0.6 - Remote Code Execution ''' Exploit Title: GitList 0.6 Unauthenticated RCE Date: 25-04-2018 Software Link: https://github.com/klaussilveira/gitlist Exploit Author: Kacper Szurek Contact: https://twitter.com/KacperSzurek Website: https://security.szurek.pl/ Category: remote 1...
GitList 0.6 - Unauthenticated Remote Code Execution Exploit
Exploit for php platform in category web applications ''' Exploit Title: GitList 0.6 Unauthenticated RCE Software Link: https://github.com/klaussilveira/gitlist Exploit Author: Kacper Szurek Contact: https://twitter.com/KacperSzurek Website: https://security.szurek.pl/ Category: remote 1...
GitStack 2.3.10 - Remote Code Execution
GitStack 2.3.10 - Remote Code Execution Exploit: GitStack 2.3.10 Unauthenticated Remote Code Execution Date: 18.01.2018 Software Link: https://gitstack.com/ Exploit Author: Kacper Szurek Contact: https://twitter.com/KacperSzurek Website: https://security.szurek.pl/ Category: remote 1. Description...
Netgear ReadyNAS Surveillance Unauthenticated Remote Command Execution
Vulnerability summary The following advisory describes an Unauthenticated Remote Command Execution vulnerability found in Netgear ReadyNAS Surveillance. Netgear ReadyNAS Surveillance – Small businesses and corporate branch offices require a secure way to protect physical assets, but often lack th...
CyberGhost 6.0.4.2205 - Local Privilege Escalation
CyberGhost 6.0.4.2205 - Local Privilege Escalation Exploit CyberGhost 6.0.4.2205 Privilege Escalation Date: 06.03.2017 Software Link: http://www.cyberghostvpn.com/ Exploit Author: Kacper Szurek Contact: https://twitter.com/KacperSzurek Website: https://security.szurek.pl/ Category: local 1...
CyberGhost 6.0.4.2205 Privilege Escalation Vulnerability
Exploit for windows platform in category local exploits Exploit CyberGhost 6.0.4.2205 Privilege Escalation Date: 06.03.2017 Software Link: http://www.cyberghostvpn.com/ Exploit Author: Kacper Szurek Contact: https://twitter.com/KacperSzurek Website: https://security.szurek.pl/ Category: local 1...
ShadeYouVPN.com Client For Windows 2.0.1.11 Privilege Escalation
Exploit ShadeYouVPN.com Client v2.0.1.11 for Windows Privilege Escalation Date: 14.02.2017 Software Link: https://shadeyouvpn.com/ Exploit Author: Kacper Szurek Contact: https://twitter.com/KacperSzurek Website: https://security.szurek.pl/ Category: local 1. Description ShadeYou service executes...
FreiChat 9.6 - SQL Injection
FreiChat 9.6 - SQL Injection / Exploit Title: FreiChat 9.6 SQL Injection Date: 27-11-2014 Software Link: http://codologic.com/page/freichat-free-php-chat-script-software Exploit Author: Kacper Szurek Contact: http://twitter.com/KacperSzurek Website: http://security.szurek.pl/ Category: webapps 1...
Shareaholic 7.6.0.3 Persistent XSS Vulnerability
Exploit for php platform in category web applications Exploit Title: Shareaholic 7.6.0.3 XSS Date: 10-11-2014 Software Link: https://wordpress.org/plugins/shareaholic/ Exploit Author: Kacper Szurek Contact: http://twitter.com/KacperSzurek Website: http://security.szurek.pl/ CVE: CVE-2014-9311...
WordPress Plugin Marketplace 2.4.0 - Remote Code Execution (Add Admin)
WordPress Plugin Marketplace 2.4.0 - Remote Code Execution Add Admin !/usr/bin/python Exploit Name: WP Marketplace 2.4.0 Remote Command Execution Vulnerability discovered by Kacper Szurek http://security.szurek.pl Exploit written by Claudio Viviani...
free QBoard <= 1.1 (qb_path) Remote File Include Vulnerability
No description provided by source. $$$$$$$$$$$$$$$ DEVIL TEAM THE BEST POLISH TEAM $$$$$$$$$$$$$$$ $$ $$ free QBoard qbpath = v.1.1 Remote File Include Vulnerability $$ script site: http://sourceforge.net/projects/freeqboard/ $$ $$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$ $$ $...
IdeaBox <= 1.1 (gorumDir) Remote File Include Vulnerability
No description provided by source. $$$$$$$$$$$$$$$ DEVIL TEAM THE BEST POLISH TEAM $$$$$$$$$$$$$$$ $$ $$ IdeaBox = 1.1 gorumDir Remote File Include Vulnerability $$ script site: http://ideabox.phpoutsourcing.com/ $$ $$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$ $$ $$ Find by:...
LMS <= 1.8.9 Vala Remote File Inclusion Vulnerabilities
No description provided by source. DEVIL TEAM - HACKING POLISH TEAM Author: Kacper Contact: [email protected] Homepage: http://www.rahim.webd.pl/ Irc: irc.milw0rm.com:6667 devilteam -------------------------------------------- Pozdro dla wszystkich z kanalu IRC oraz forum DEVIL TEAM. LMS = 1.8....
N/X WCMS <= 4.1 (nxheader.inc.php) Remote File Include Exploit
No description provided by source. !/usr/bin/php -q -d shortopentag=on ? print ' | \\ | \\ | \ . . |\ \ \ /\ \ / /| || | | | | \ | \ Y / | || | | \ | \ \ / | || | |/ // / / ||| \ | / / \ / \ |\ /\ / / \ / \ | | | | / /\ \ / \ / \ | | | | / | / Y \ || / /| /| /...
The Bible Portal Project <= 2.12 (destination) File Include Vulnerability
No description provided by source. $$$$$$$$$$$$$$$ DEVIL TEAM THE BEST POLISH TEAM $$$$$$$$$$$$$$$ $$ $$ The Bible Portal Project destination = 2.12 Remote File Include Vulnerability $$ script site: http://www.bibleportalproject.com/ $$...