14 matches found
VirtualBox 7.0.16 - Privilege Escalation
Exploit Title: VirtualBox 7.0.16 - Privilege Escalation Date: 2025-05-06 Exploit Author: Milad Karimi Ex3ptionaL Contact: [email protected] Zone-H: www.zone-h.org/archive/notifier=Ex3ptionaL Tested on: Win x64 CVE : CVE-2024-21111 include include include include include include include inclu...
Firefox ESR 115.11 - PDF.js Arbitrary JavaScript execution
Exploit Title: Firefox ESR 115.11 - Arbitrary JavaScript execution in PDF.js Date: 2025-04-16 Exploit Author: Milad Karimi Ex3ptionaL Contact: [email protected] Zone-H: www.zone-h.org/archive/notifier=Ex3ptionaL MiRROR-H: https://mirror-h.org/search/hacker/49626/ Vendor Homepage:...
Microsoft Windows 11 - Kernel Privilege Escalation
Exploit Title: Microsoft Windows 11 - Kernel Privilege Escalation Date: 2025-04-16 Exploit Author: Milad Karimi Ex3ptionaL Contact: [email protected] Zone-H: www.zone-h.org/archive/notifier=Ex3ptionaL Tested on: Win, Ubuntu CVE : CVE-2024-21338 include "pch.hpp" include "poc.hpp" // This...
WonderCMS 3.4.2 - Remote Code Execution (RCE)
Exploit Title: WonderCMS 3.4.2 - Remote Code Execution RCE Date: 2025-04-16 Exploit Author: Milad Karimi Ex3ptionaL Contact: [email protected] Zone-H: www.zone-h.org/archive/notifier=Ex3ptionaL MiRROR-H: https://mirror-h.org/search/hacker/49626/ CVE: CVE-2023-41425 import requests import...
Tatsu 3.3.11 - Unauthenticated RCE
Exploit Title:Tatsu 3.3.11 - Unauthenticated RCE Date: 2025-04-16 Exploit Author: Milad Karimi Ex3ptionaL Contact: [email protected] Zone-H: www.zone-h.org/archive/notifier=Ex3ptionaL MiRROR-H: https://mirror-h.org/search/hacker/49626/ Product: Tatsu wordpress plugin = 3.3.11 CVE:...
Outline V1.6.0 - Unquoted Service Path Vulnerability
Exploit Title: Outline V1.6.0 - Unquoted Service Path Exploit Author: Milad Karimi Ex3ptionaL Vendor Homepage: https://getoutline.org/ Software Link: https://getoutline.org/ Tested Version: V1.6.0 Vulnerability Type: Unquoted Service Path Tested on OS: Microsoft Windows 11 Enterprise Step to...
WordPress Dosimple Theme 2.0 Cross Site Scripting
Document Title: =============== Wordpress Theme Dosimple v2.0 - XSS Web Vulnerability References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2251 Release Date: ============= 2020-05-07 Vulnerability Laboratory ID VL-ID: ==================================== 225...
cpCommerce v1.2.8 - (id_document) Blind SQL Injection
Document Title: =============== cpCommerce v1.2.8 - iddocument Blind SQL Injection References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2254 Release Date: ============= 2020-05-08 Vulnerability Laboratory ID VL-ID: ==================================== 2254...
FlashGet 1.9.6 - Denial of Service (PoC)
Exploit Title: FlashGet 1.9.6 - Denial of Service PoC Date: 2020-05-02 Author: Milad Karimi Testen on: Kali Linux Software Link: http://www.flashget.com/en/download.htm?uid=undefined Version: 1.9.6 CVE : N/A !/usr/bin/python from time import sleep from socket import res = '220 WELCOME!! :x\r\n',...
FlashGet 1.9.6 Buffer Overflow PoC Exploit
!/usr/bin/python Exploit Title: FlashGet 1.9.6 0day Remote Buffer Overflow Author: Milad Karimi Testen on: Kali Linux Software Link: http://www.flashget.com/en/download.htm?uid=undefined Version: 1.9.6 CVE : N/A from time import sleep from socket import res = '220 WELCOME!! :x\r\n', '331 Password...
FlashGet 1.9.6 Buffer Overflow Proof Of Concept
!/usr/bin/python Exploit Title: FlashGet 1.9.6 0day Remote Buffer Overflow Date: 2020.05.02 Author: Milad Karimi Testen on: Kali Linux Software Link: http://www.flashget.com/en/download.htm?uid=undefined Version: 1.9.6 CVE : N/A from time import sleep from socket import res = '220 WELCOME!!...
Pinger 1.0 - Remote Code Execution Exploit
Exploit for php platform in category web applications Title: Pinger 1.0 - Remote Code Execution Author: Milad Karimi Vendor Homepage: https://github.com/wcchandler/pinger Software Link: https://github.com/wcchandler/pinger Tested on: windows 10 , firefox Version: 1.0 CVE : N/A...
Pinger 1.0 Remote Code Execution
================================================================================ Pinger 1.0 - Simple Pinging Webapp Remote Code Execution ================================================================================ Vendor Homepage: https://github.com/wcchandler/pinger Software Link:...
IRISgraphic 1.0 SQL Injection
Exploit Title: IRISgraphic sql injection Google Dork: "Powered by www.IRISgraphic.com" Date: 2020.03.07 Exploit Author: Milad Karimi Vendor Homepage: http://www.irisgraphic.com/ Software Link: http://www.irisgraphic.com/ Category : webapps Version: 1.0 Tested on: windows 10 , firefox CVE : CWE-89...