276 matches found
Exploit for Improper Restriction of Operations within the Bounds of a Memory Buffer in Microsoft
CVE-2020-0796 Remote overflow PO...
Exploit for Improper Restriction of Operations within the Bounds of a Memory Buffer in Microsoft
CVE-2020-0796 Local Privilege Escalation POC c 2020 ZecOps,...
Exploit for Use After Free in Microsoft
This is a PoC Proof of Concept exploit for CVE-2019-0708, a remote code execution vulnerability in Microsoft Windows Remote Desktop Services. The exploit is written in Python and uses the SMBLoris library to send packets to the target host. The exploit is designed to check if a host is vulnerable...
Exploit for Use After Free in Microsoft
CVE-2019-0708 is a remote code execution vulnerability in Microsoft Windows Remote Desktop Services. This repository contains a proof-of-concept PoC exploit for this vulnerability, as well as a scanner for detecting vulnerable hosts. The PoC exploit is written in Python and uses the SMBLoris...
Exploit for Classic Buffer Overflow in Microsoft
This is a Python script that exploits the CVE-2017-7269 vulnerability in IIS servers. The script sends a specially crafted HTTP request to the target server, which triggers a remote code execution vulnerability. The script then receives the response from the server and prints it to the console...
SpotFTP-FTP Password Recover 2.4.8 - Denial of Service Exploit
Exploit Title: SpotFTP-FTP Password Recover 2.4.8 - Denial of Service PoC Exploit Author: Ismael Nava Vendor Homepage: http://www.nsauditor.com/ Software Link: http://www.nsauditor.com/spotftp.html Version: 2.4.8 Tested on: Windows 10 Home x64 CVE : n/a STEPS Open the program SpotFTP-FTP Password...
Quick N Easy Web Server 3.3.8 Denial Of Service
Title: Quick N Easy Web Server 3.3.8 - Denial of Service PoC Date: 2019-12-25 Author: Cody Winkler Vendor Homepage: https://www.pablosoftwaresolutions.com/ Software Link: https://www.pablosoftwaresolutions.com/html/quickneasywebserver.html Version: $ python exploit.py 127.0.0.1 80 """ from future...
DVD Photo Slideshow Professional 8.07 - Key Buffer Overflow
DVD Photo Slideshow Professional 8.07 - Key Buffer Overflow Exploit Title: DVD Photo Slideshow Professional 8.07 - 'Key' Buffer Overflow Exploit Author : ZwX Exploit Date: 2020-02-10 Vendor Homepage : http://www.picture-on-tv.com/ Tested on OS: Windows 10 v1803 Social: twitter.com/ZwX2a Steps to...
P2PWIFICAM2 For iOS 10.4.1 Denial Of Service
Exploit Title: P2PWIFICAM2 for iOS 10.4.1 - 'Camera ID' Denial of Service PoC Discovery by: Ivan Marmolejo Discovery Date: 2020-02-02 Vendor Homepage: https://apps.apple.com/mx/app/p2pwificam2/id663665207 Software Link: App Store for iOS devices Tested Version: 10.4.1 Vulnerability Type: Denial o...
Exploit for Improper Handling of Exceptional Conditions in Openbsd Opensmtpd
cve-2020-7247-exploit Python...
Shiro-721
This is a vulnerability analysis of a Shiro RCE Remote Code Execution exploit via Padding Oracle Attack. Here's a summary of the key points: Vulnerability Overview The Shiro framework is a popular open-source security framework that provides identity, authentication, authorization, encryption, an...
[Unpatched] Critical 0-Day RCE Exploit for vBulletin Forum Disclosed Publicly
An anonymous hacker today publicly revealed details and proof-of-concept exploit code for an unpatched, critical zero-day remote code execution vulnerability in vBulletin—one of the widely used internet forum software, The Hacker News has learned. One of the reasons why the vulnerability should b...
HPE Intelligent Management Center < 7.3 E0506P09 - Information Disclosure Exploit
!/opt/local/bin/python2.7 Exploit Title: HPE Intelligent Management Center dbman Command 10001 Information Disclosure Date: 22-09-2019 Exploit Author: Rishabh Sharma Linkedin: rishabh2241991 Vendor Homepage: www.hpe.com Software Link:...
HPE Intelligent Management Center Information Disclosure
!/opt/local/bin/python2.7 Exploit Title: HPE Intelligent Management Center dbman Command 10001 Information Disclosure Date: 22-09-2019 Exploit Author: Rishabh Sharma Linkedin: rishabh2241991 Vendor Homepage: www.hpe.com Software Link:...
HPE Intelligent Management Center 7.3 E0506P09 - Information Disclosure
HPE Intelligent Management Center 7.3 E0506P09 - Information Disclosure !/opt/local/bin/python2.7 Exploit Title: HPE Intelligent Management Center dbman Command 10001 Information Disclosure Date: 22-09-2019 Exploit Author: Rishabh Sharma Linkedin: rishabh2241991 Vendor Homepage: www.hpe.com...
HPE Intelligent Management Center < 7.3 E0506P09 - Information Disclosure
!/opt/local/bin/python2.7 Exploit Title: HPE Intelligent Management Center dbman Command 10001 Information Disclosure Date: 22-09-2019 Exploit Author: Rishabh Sharma Linkedin: rishabh2241991 Vendor Homepage: www.hpe.com Software Link:...
eWON Flexy 13.0 Authentication Bypass
! /usr/bin/env python ''' Exploit Title: eWON v13.0 Authentication Bypass Date: 2018-10-12 Exploit Author: Photubias – tijldotDeneutatHowestdotbe for www.ic4.be Vendor Advisory: 1 https://websupport.ewon.biz/support/news/support/ewon-security-enhancement-131s0-0 2...
PhreeBooks ERP 5.2.3 - Remote Command Execution Exploit
Exploit for php platform in category web applications Exploit Title: PhreeBooks ERP 5.2.3 - Remote Command Execution Exploit Author: Metin Yunus Kandemir kandemir Vendor Homepage: https://www.phreesoft.com/ Software Link: https://sourceforge.net/projects/phreebooks/ Version: v5.2.3 Category:...
Ability Mail Server 4.2.6 Cross Site Scripting
Exploit Title: Persistent Cross Site Scripting Ability Mail Server 4.2.6 CVE: CVE-2019-9557 Exploit Author: Aloyce J. Makalanga Contact: https://twitter.com/aloycemjr Vendor Homepage: https://www.codecrafters.com/AbilityMailServer Category: webapps Attack Type: Remote Impact: Data/Cookie hijackin...
LibSSH 0.7.6 / 0.8.4 Unauthorized Access
!/usr/bin/env python3 import sys import paramiko import socket import logging pip3 install paramiko==2.0.8 logging.basicConfigstream=sys.stdout, level=logging.DEBUG logging.basicConfigstream=sys.stdout bufsize = 2048 def executehostname, port, command: sock = socket.socket try:...