vBulletin 5.6.1 - 'nodeId' SQL Injection

Exploit Title: vBulletin 5.6.1 - 'nodeId' SQL Injection Date: 2020-05-15 Exploit Author: Photubias Vendor Advisory: 1 https://forum.vbulletin.com/forum/vbulletin-announcements/vbulletin-announcementsaa/4440032-vbulletin-5-6-1-security-patch-level-1 Version: vBulletin v5.6.x prior to Patch Level 1...

Exploit for Out-of-bounds Write in Php

PoC CVE-2019-11043 A Python implementation of the CVE-2019-110...

FlashGet 1.9.6 Buffer Overflow PoC Exploit

!/usr/bin/python Exploit Title: FlashGet 1.9.6 0day Remote Buffer Overflow Author: Milad Karimi Testen on: Kali Linux Software Link: http://www.flashget.com/en/download.htm?uid=undefined Version: 1.9.6 CVE : N/A from time import sleep from socket import res = '220 WELCOME!! :x\r\n', '331 Password...

Exploit for Improper Authentication in Microsoft

CVE-2020-0688 Working Exploit PoC CVE-202...

Exploit for Improper Restriction of Operations within the Bounds of a Memory Buffer in Microsoft

CVE-2020-0796 Remote overflow PO...

Exploit for Improper Restriction of Operations within the Bounds of a Memory Buffer in Microsoft

CVE-2020-0796 Local Privilege Escalation POC c 2020 ZecOps,...

Exploit for Use After Free in Microsoft

This is a PoC Proof of Concept exploit for CVE-2019-0708, a remote code execution vulnerability in Microsoft Windows Remote Desktop Services. The exploit is written in Python and uses the SMBLoris library to send packets to the target host. The exploit is designed to check if a host is vulnerable...

Exploit for Use After Free in Microsoft

CVE-2019-0708 is a remote code execution vulnerability in Microsoft Windows Remote Desktop Services. This repository contains a proof-of-concept PoC exploit for this vulnerability, as well as a scanner for detecting vulnerable hosts. The PoC exploit is written in Python and uses the SMBLoris...

Exploit for Classic Buffer Overflow in Microsoft

This is a Python script that exploits the CVE-2017-7269 vulnerability in IIS servers. The script sends a specially crafted HTTP request to the target server, which triggers a remote code execution vulnerability. The script then receives the response from the server and prints it to the console...

SpotFTP-FTP Password Recover 2.4.8 - Denial of Service Exploit

Exploit Title: SpotFTP-FTP Password Recover 2.4.8 - Denial of Service PoC Exploit Author: Ismael Nava Vendor Homepage: http://www.nsauditor.com/ Software Link: http://www.nsauditor.com/spotftp.html Version: 2.4.8 Tested on: Windows 10 Home x64 CVE : n/a STEPS Open the program SpotFTP-FTP Password...

Quick N Easy Web Server 3.3.8 Denial Of Service

Title: Quick N Easy Web Server 3.3.8 - Denial of Service PoC Date: 2019-12-25 Author: Cody Winkler Vendor Homepage: https://www.pablosoftwaresolutions.com/ Software Link: https://www.pablosoftwaresolutions.com/html/quickneasywebserver.html Version: $ python exploit.py 127.0.0.1 80 """ from future...

DVD Photo Slideshow Professional 8.07 - Key Buffer Overflow

DVD Photo Slideshow Professional 8.07 - Key Buffer Overflow Exploit Title: DVD Photo Slideshow Professional 8.07 - 'Key' Buffer Overflow Exploit Author : ZwX Exploit Date: 2020-02-10 Vendor Homepage : http://www.picture-on-tv.com/ Tested on OS: Windows 10 v1803 Social: twitter.com/ZwX2a Steps to...

P2PWIFICAM2 For iOS 10.4.1 Denial Of Service

Exploit Title: P2PWIFICAM2 for iOS 10.4.1 - 'Camera ID' Denial of Service PoC Discovery by: Ivan Marmolejo Discovery Date: 2020-02-02 Vendor Homepage: https://apps.apple.com/mx/app/p2pwificam2/id663665207 Software Link: App Store for iOS devices Tested Version: 10.4.1 Vulnerability Type: Denial o...

Exploit for Improper Handling of Exceptional Conditions in Openbsd Opensmtpd

cve-2020-7247-exploit Python...

Shiro-721

This is a vulnerability analysis of a Shiro RCE Remote Code Execution exploit via Padding Oracle Attack. Here's a summary of the key points: Vulnerability Overview The Shiro framework is a popular open-source security framework that provides identity, authentication, authorization, encryption, an...

[Unpatched] Critical 0-Day RCE Exploit for vBulletin Forum Disclosed Publicly

An anonymous hacker today publicly revealed details and proof-of-concept exploit code for an unpatched, critical zero-day remote code execution vulnerability in vBulletin—one of the widely used internet forum software, The Hacker News has learned. One of the reasons why the vulnerability should b...

HPE Intelligent Management Center < 7.3 E0506P09 - Information Disclosure Exploit

!/opt/local/bin/python2.7 Exploit Title: HPE Intelligent Management Center dbman Command 10001 Information Disclosure Date: 22-09-2019 Exploit Author: Rishabh Sharma Linkedin: rishabh2241991 Vendor Homepage: www.hpe.com Software Link:...

HPE Intelligent Management Center Information Disclosure

!/opt/local/bin/python2.7 Exploit Title: HPE Intelligent Management Center dbman Command 10001 Information Disclosure Date: 22-09-2019 Exploit Author: Rishabh Sharma Linkedin: rishabh2241991 Vendor Homepage: www.hpe.com Software Link:...

HPE Intelligent Management Center 7.3 E0506P09 - Information Disclosure

HPE Intelligent Management Center 7.3 E0506P09 - Information Disclosure !/opt/local/bin/python2.7 Exploit Title: HPE Intelligent Management Center dbman Command 10001 Information Disclosure Date: 22-09-2019 Exploit Author: Rishabh Sharma Linkedin: rishabh2241991 Vendor Homepage: www.hpe.com...

HPE Intelligent Management Center &lt; 7.3 E0506P09 - Information Disclosure

!/opt/local/bin/python2.7 Exploit Title: HPE Intelligent Management Center dbman Command 10001 Information Disclosure Date: 22-09-2019 Exploit Author: Rishabh Sharma Linkedin: rishabh2241991 Vendor Homepage: www.hpe.com Software Link:...