PilusCart 1.4.1 - Local File Disclosure

Exploit Title: PilusCart = 1.4.1 - Local File Disclosure Date: 29 August 2019 Exploit Author: Damian Ebelties https://zerodays.lol/ Vendor Homepage: https://sourceforge.net/projects/pilus/ Version: = 1.4.1 Tested on: Ubuntu 18.04.1 The e-commerce software 'PilusCart' is not validating the...

Webmin 1.920 password_change.cgi Backdoor Exploit

This Metasploit module exploits a backdoor in Webmin versions 1.890 through 1.920. Only the SourceForge downloads were backdoored, but they are listed as official downloads on the project's site. Unknown attackers inserted Perl qx statements into the build server's source code on two separate...

Webmin 1.920 password_change.cgi Backdoor

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Webmin passwordchange.cgi Backdoor', 'Description' = %q This module exploits a backdoor in Webmin versions 1.890 through 1.920. Only the...

Webmin password_change.cgi Backdoor

This module exploits a backdoor in Webmin versions 1.890 through 1.920. Only the SourceForge downloads were backdoored, but they are listed as official downloads on the project's site. Unknown attackers inserted Perl qx statements into the build server's source code on two separate occasions: onc...

Hackers Planted Backdoor in Webmin, Popular Utility for Linux/Unix Servers

Following the public disclosure of a critical zero-day vulnerability in Webmin last week, the project's maintainers today revealed that the flaw was not actually the result of a coding mistake made by the programmers. Instead, it was secretly planted by an unknown hacker who successfully managed ...

CVE-2019-15142

In DjVuLibre 3.5.27, DjVmDir.cpp in the DJVU reader component allows attackers to cause a denial-of-service application crash in GStringRep::strdup in libdjvu/GString.cpp caused by a heap-based buffer over-read by crafting a DJVU file...

Integria IMS 5.0.86 - Arbitrary File Upload Vulnerability

Exploit for php platform in category web applications Exploit Title: Integria IMS 5.0.86 - Arbitrary File Upload Exploit Author: Greg.Priest Vendor Homepage: https://integriaims.com/ Software Link: https://sourceforge.net/projects/integria/files/5.0.86/ Version: Integria IMS 5.0.86 Tested on:...

Webmin 1.920 - Unauthenticated Remote Code Execution (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Webmin 1.920 Unauthenticated RCE', 'Description' = %q This module exploits a backdoor in Webmin versions 1.890 through 1.920. Only the SourceForg...

Daily Expense Manager 1.0 - Cross-Site Request Forgery (Delete Income)

Exploit Title: Daily Expense Manager - CSRF Delete Income Exploit Author: Mr Winst0n Author E-mail: [email protected] Discovery Date: August 8, 2019 Vendor Homepage: https://sourceforge.net/projects/daily-expense-manager/ Tested Version: 1.0 Tested on: Parrot OS PoC:...

Daily Expense Manager 1.0 Cross Site Request Forgery

Exploit Title: Daily Expense Manager - CSRF Delete Income Exploit Author: Mr Winst0n Author E-mail: [email protected] Discovery Date: August 8, 2019 Vendor Homepage: https://sourceforge.net/projects/daily-expense-manager/ Tested Version: 1.0 Tested on: Parrot OS PoC:...

BACnet Stack 0.8.6 Denial Of Service

Exploit Title: BACnet Stack 0.8.6 - Denial of Service Google Dork: if applicable Date: 2019-07-19 Exploit Author: mmorillo Vendor Homepage: https://sourceforge.net/p/bacnet/ Software Link: https://sourceforge.net/projects/bacnet/files/bacnet-stack/bacnet-stack-0.8.6/ Version: bacnet-stack-0.8.6...

Streamripper 2.6 Buffer Overflow

!/usr/bin/python Exploit Title: StreamRipper32 Buffer Overflow Date: 07/2019 Exploit Author: Andrey Stoykov OSCP Tested On: Win7 SP1 x64 Software Link: http://streamripper.sourceforge.net/sr32/StreamRipper3226.exe Version: 2.6 Steps To Reproduce: Double click on "Add" in the "Station/Song Section...

SeedDMS Remote Command Execution

Exploit Title: Remote Command Execution through Unvalidated File Upload in SeedDMS versions "; $cmd = $REQUEST'cmd'; system$cmd; echo ""; die; ? Step 3: Now after uploading the file check the document id corresponding to the document. Step 4: Now go to...

AROX School-ERP Pro - Unauthenticated Remote Command Execution Exploit

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "AROX School-ERP Pro Unauthenticated Remote Code Execution", 'Description' = %q This module exploits a command execution vulnerability in AROX...

AROX School-ERP Pro Unauthenticated Remote Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "AROX School-ERP Pro Unauthenticated Remote Code Execution", 'Description' = %q This module exploits a command execution vulnerability in AROX...

CVE-2019-11505

In GraphicsMagick from version 1.3.8 to 1.4 snapshot-20190403 Q8, there is a heap-based buffer overflow in the function WritePDBImage of coders/pdb.c, which allows an attacker to cause a denial of service or possibly have unspecified other impact via a crafted image file. This is related to...

Ashop Shopping Cart Software - SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: Ashop Shopping Cart Software - SQL Injection Exploit Author: Doğukan Karaciğer Vendor Homepage: http://www.ashopsoftware.com Software Link: https://sourceforge.net/projects/ashop/ Demo Site: http://demo.ashopsoftware.com/ Versio...

FreeSMS 2.1.2 SQL Injection

Exploit Title: FreeSMS 2.1.2 - Authentication Bypass Date: 2019-04-03 Exploit Author: Yilmaz Degirmenci Vendor Homepage: https://freesms.sourceforge.io/ Software Link: https://sourceforge.net/projects/freesms/ Version: v2.1.2 Category: Webapps Tested on: LAMPP for Linux Software Description :...

FreeSMS 2.1.2 - SQL Injection (Authentication Bypass) Vulnerability

Exploit for php platform in category web applications Exploit Title: FreeSMS 2.1.2 - Authentication Bypass Exploit Author: Yilmaz Degirmenci Vendor Homepage: https://freesms.sourceforge.io/ Software Link: https://sourceforge.net/projects/freesms/ Version: v2.1.2 Category: Webapps Tested on: LAMPP...

Ashop Shopping Cart Software - SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: Ashop Shopping Cart Software - SQL Injection Exploit Author: Ahmet Ümit BAYRAM Vendor Homepage: http://www.ashopsoftware.com Software Link: https://sourceforge.net/projects/ashop/ Demo Site: http://demo.ashopsoftware.com/ Versio...