eWON Flexy 13.0 Authentication Bypass

! /usr/bin/env python ''' Exploit Title: eWON v13.0 Authentication Bypass Date: 2018-10-12 Exploit Author: Photubias – tijldotDeneutatHowestdotbe for www.ic4.be Vendor Advisory: 1 https://websupport.ewon.biz/support/news/support/ewon-security-enhancement-131s0-0 2...

PhreeBooks ERP 5.2.3 - Remote Command Execution Exploit

Exploit for php platform in category web applications Exploit Title: PhreeBooks ERP 5.2.3 - Remote Command Execution Exploit Author: Metin Yunus Kandemir kandemir Vendor Homepage: https://www.phreesoft.com/ Software Link: https://sourceforge.net/projects/phreebooks/ Version: v5.2.3 Category:...

Ability Mail Server 4.2.6 Cross Site Scripting

Exploit Title: Persistent Cross Site Scripting Ability Mail Server 4.2.6 CVE: CVE-2019-9557 Exploit Author: Aloyce J. Makalanga Contact: https://twitter.com/aloycemjr Vendor Homepage: https://www.codecrafters.com/AbilityMailServer Category: webapps Attack Type: Remote Impact: Data/Cookie hijackin...

LibSSH 0.7.6 / 0.8.4 Unauthorized Access

!/usr/bin/env python3 import sys import paramiko import socket import logging pip3 install paramiko==2.0.8 logging.basicConfigstream=sys.stdout, level=logging.DEBUG logging.basicConfigstream=sys.stdout bufsize = 2048 def executehostname, port, command: sock = socket.socket try:...

CF Image Hosting Script 1.6.5 Privilege Escalation

!/usr/bin/env python """ Exploit Title: CF Image Hosting Script 1.6.5: Delete database Google Dork: "Powered By CF Image Hosting script" Date: 01/08/2019 Exploit Author: David Tavarez Vendor Homepage: https://davidtavarez.github.io/ Software Link:...

Angry IP Scanner 3.5.3 - Denial of Service (PoC)

!/usr/bin/python -- coding: cp1252 -- Exploit Title: Angry IP Scanner 3.5.3 Denial of Service PoC Author: Fernando Cruz Date: 13/12/2018 Vendor Homepage: https://angryip.org Tested Version: 3.11 Tested on Windows 10 Pro, 64-bit Steps to Produce the Crash: 1.- Run python code : python angryip.py 2...

LanSpy 2.0.1.159 Buffer Overflow

Exploit Title: LanSpy 2.0.1.159 - Local BoF PoC Author: Gionathan "John" Reale Discovey Date: 2018-12-07 Homepage: https://lizardsystems.com Software Link: https://lizardsystems.com/download/lanspysetup.exe Tested Version: 2.0.1.159 Tested on OS: Windows 7 32-bit Steps to Reproduce: Run the pytho...

CyberArk 9.7 - Memory Disclosure

Exploit Title: CyberArk 9.7 - Memory Disclosure Date: 2018-06-04 Exploit Author: Thomas Zuk @Freakazoidile Vendor Homepage: https://www.cyberark.com/products/privileged-account-security-solution/enterprise-password-vault/ Version: 9.7 and 10 Tested on: Windows 2008, Windows 2012, Windows 7, Windo...

Navicat 12.0.29 - SSH Denial of Service (PoC)

Navicat 12.0.29 - SSH Denial of Service PoC Exploit Title: Navicat 12.0.29 - 'SSH' Denial of Service PoC Author: Rafael Alfaro Discovery Date: 2018-10-27 Vendor Homepage: https://www.navicat.com/es/ Software Link : https://www.navicat.com/es/download/navicat-premium Vulnerability Type: Denial of...

Modbus Poll 7.2.2 - Denial of Service (PoC)

Exploit Title: Modbus Poll 7.2.2 - Denial of Service PoC Discovery by: Cemal Cihad ÇİFTÇİ Discovery Date: 2018-10-19 Tested Version: 7.2.2 Vulnerability Type: DOS Tested on OS: Windows XP Professional Service Pack 3 Vendor Homepage: https://www.modbustools.com Download Link:...

IBM Security AppScan Standard 9.0.3 .udt Denial Of Service Exploit

Exploit for windows platform in category dos / poc Exploit Title: IBM Security AppScan Standard 9.0.3 .udt Denial Of Service Author: Kağan Çapar Software Link: http://www-01.ibm.com/support/docview.wss?uid=ibm10715965 Vendor Homepage : https://www.ibm.com/security/application-security/appscan...

H2 Database 1.4.196 - Remote Code Execution

H2 Database 1.4.196 - Remote Code Execution Exploit Title: H2 Database 1.4.196 - Remote Code Execution Google Dork: N/A Date: 2018-09-24 Exploit Author: h4ckNinja Vendor Homepage: https://www.h2database.com/ Software Link: http://www.h2database.com/h2-2018-03-18.zip Version: 1.4.196 and 1.4.197...

CrossFont 7.5 - Denial of Service (PoC)

CrossFont 7.5 - Denial of Service PoC Exploit Title: CrossFont 7.5 - Denial of Service PoC Author: Gionathan "John" Reale Discovey Date: 2018-09-26 Software Link: http://www.acutesystems.com/cfnt/cfsetup.exe Tested Version: 7.5 Tested on OS: Windows 7 32-bit Steps to Reproduce: Run the python...

CrossFont 7.5 - Denial of Service (PoC)

Exploit Title: CrossFont 7.5 - Denial of Service PoC Author: Gionathan "John" Reale Discovey Date: 2018-09-26 Software Link: http://www.acutesystems.com/cfnt/cfsetup.exe Tested Version: 7.5 Tested on OS: Windows 7 32-bit Steps to Reproduce: Run the python exploit script, it will create a new file...

Infiltrator Network Security Scanner 4.6 - Denial of Service (PoC)

Infiltrator Network Security Scanner 4.6 - Denial of Service PoC Exploit Title: Infiltrator Network Security Scanner 4.6 - Denial of Service PoC Author: Gionathan "John" Reale Discovey Date: 2018-09-12 Software Link: https://www.infiltration-systems.com/download.shtml Tested Version: 4.6 Tested o...

jiNa OCR Image To Text 1.0 Denial Of Service

Exploit Title: jiNa OCR Image to Text 1.0 - Denial of Service PoC Author: Gionathan "John" Reale Discovey Date: 2018-09-10 Software Link: http://www.convertimagetotext.net/downloadsoftware.php Tested Version: 1.0 Tested on OS: Windows 7 32-bit Steps to Reproduce: Run the python exploit script, it...

Socusoft 3GP Photo Slideshow 8.05 - Buffer Overflow (SEH) Exploit

Exploit for windows platform in category local exploits Exploit Title: Socusoft 3GP Photo Slideshow 8.05 - Buffer Overflow SEH Author: Shubham Singh Known As: Spirited Wolf Twitter: @Pwsecspirit Software Link:http://www.dvd-photo-slideshow.com/3gp-photo-slideshow.html Tested Version: 8.05 Tested ...

PEDA - Python Exploit Development Assistance For GDB

PEDA - Python Exploit Development Assistance for GDB Key Features: Enhance the display of gdb: colorize and display disassembly codes, registers, memory information during debugging. Add commands to support debugging and exploit development for a full list of commands use peda help: aslr --...

iSmartViewPro 1.5 Local Buffer Overflow

Exploit Title: iSmartViewPro 1.5 - 'SavePath for ScreenShots' Buffer Overflow SEH Author: Gionathan "John" Reale Discovey Date: 2018-09-07 Software Link: https://securimport.com/university/videovigilancia-ip/software/493-software-ismartviewpro-v1-5 Tested Version: 1.5 Tested on OS: Windows 7 32bi...

Fathom 2.4 Denial Of Service

Exploit Title: Fathom 2.4 - Denial Of Service PoC Author: Gionathan "John" Reale Discovey Date: 2018-08-28 Homepage: https://fathom.concord.org/ Software Link: https://fathom.concord.org/download/ Tested Version: v2.4 Tested on OS: Windows 7 32-bit Steps to Reproduce: Run the python exploit scrip...