18 matches found
sar2html 3.2.1 Remote Code Execution
Exploit Title: sar2html 3.2.1 - 'plot' Remote Code Execution Date: 27-12-2020 Exploit Author: Musyoka Ian Vendor Homepage:https://github.com/cemtan/sar2html Software Link: https://sourceforge.net/projects/sar2html/ Version: 3.2.1 Tested on: Ubuntu 18.04.1 !/usr/bin/env python3 import requests...
sar2html 3.2.1 - 'plot' Remote Code Execution
Exploit Title: sar2html 3.2.1 - 'plot' Remote Code Execution Date: 27-12-2020 Exploit Author: Musyoka Ian Vendor Homepage:https://github.com/cemtan/sar2html Software Link: https://sourceforge.net/projects/sar2html/ Version: 3.2.1 Tested on: Ubuntu 18.04.1 !/usr/bin/env python3 import requests...
PMB 5.6 - 'chemin' Local File Disclosure
Exploit Title: PMB 5.6 - 'chemin' Local File Disclosure Date: 2020-10-13 Google Dork: inurl:opaccss Exploit Author: 41-trk Tarik Bakir Vendor Homepage: http://www.sigb.net Software Link: http://forge.sigb.net/redmine/projects/pmb/files Affected versions : = 5.6 Tested on: Ubuntu 18.04.1 The PMB G...
DomainMod 4.13 - Cross-Site Scripting
DomainMod 4.13 - Cross-Site Scripting Exploit Title: DomainMod = 4.13 - Cross-Site Scripting Date: 30 August 2019 Exploit Author: Damian Ebelties https://zerodays.lol/ Vendor Homepage: https://domainmod.org/ Version: = 4.13 Tested on: Ubuntu 18.04.1 CVE: CVE-2019-15811 The software 'DomainMOD' is...
WordPress Plugin WooCommerce Product Feed 2.2.18 - Cross-Site Scripting
WordPress Plugin WooCommerce Product Feed 2.2.18 - Cross-Site Scripting Exploit Title: WordPress Plugin WooCommerce Product Feed = 2.2.18 - Cross-Site Scripting Date: 30 August 2019 Exploit Author: Damian Ebelties https://zerodays.lol/ Vendor Homepage:...
Jobberbase 2.0 subscribe SQL Injection
!/bin/bash Exploit Title: Jobberbase 2.0 - 'subscribe' SQL injection Date: 29 August 2019 Exploit Author: Damian Ebelties https://zerodays.lol/ Vendor Homepage: http://www.jobberbase.com/ Version: 2.0 Tested on: Ubuntu 18.04.1 : ' The page "/subscribe/" is vulnerable for SQL injection. Simply mak...
PilusCart 1.4.1 - Local File Disclosure
Exploit Title: PilusCart = 1.4.1 - Local File Disclosure Date: 29 August 2019 Exploit Author: Damian Ebelties https://zerodays.lol/ Vendor Homepage: https://sourceforge.net/projects/pilus/ Version: = 1.4.1 Tested on: Ubuntu 18.04.1 The e-commerce software 'PilusCart' is not validating the...
Jobberbase 2.0 - 'subscribe' SQL Injection
!/bin/bash Exploit Title: Jobberbase 2.0 - 'subscribe' SQL injection Date: 29 August 2019 Exploit Author: Damian Ebelties https://zerodays.lol/ Vendor Homepage: http://www.jobberbase.com/ Version: 2.0 Tested on: Ubuntu 18.04.1 : ' The page "/subscribe/" is vulnerable for SQL injection. Simply mak...
PilusCart 1.4.1 - Local File Disclosure
PilusCart 1.4.1 - Local File Disclosure Exploit Title: PilusCart = 1.4.1 - Local File Disclosure Date: 29 August 2019 Exploit Author: Damian Ebelties https://zerodays.lol/ Vendor Homepage: https://sourceforge.net/projects/pilus/ Version: = 1.4.1 Tested on: Ubuntu 18.04.1 The e-commerce software...
WordPress Plugin UserPro 4.9.32 - Cross-Site Scripting
WordPress Plugin UserPro 4.9.32 - Cross-Site Scripting Exploit Title: UserPro https://github.com/cosenary/Instagram-PHP-API/blob/master/example/success.phpL36 Proof-of-Concept:...
OpenSSH SCP Client - Write Arbitrary Files Exploit
''' OpenSSH SCP Client - Write Arbitrary Files Exploit Title: SSHtranger Things Author: Mark E. Haase Homepage: https://www.hyperiongray.com CVE: CVE-2019-6111, CVE-2019-6110 Advisory: https://sintonen.fi/advisories/scp-client-multiple-vulnerabilities.txt Tested on: Ubuntu 18.04.1 LTS, OpenSSH...
OpenSSH 7.6p1 SCP Client - Multiple Vulnerabilities (SSHtranger Things) Exploit
Exploit Title: SSHtranger Things Exploit Author: Mark E. Haase Vendor Homepage: https://www.openssh.com/ Software Link: download link if available Version: OpenSSH 7.6p1 Tested on: Ubuntu 18.04.1 LTS CVE : CVE-2019-6111, CVE-2019-6110 ''' Title: SSHtranger Things Author: Mark E. Haase Homepage:...
SCP Client - Multiple Vulnerabilities (SSHtranger Things)
Exploit Title: SSHtranger Things Date: 2019-01-17 Exploit Author: Mark E. Haase Vendor Homepage: https://www.openssh.com/ Software Link: download link if available Version: OpenSSH 7.6p1 Tested on: Ubuntu 18.04.1 LTS CVE : CVE-2019-6111, CVE-2019-6110 ''' Title: SSHtranger Things Author: Mark E...
OpenSSH SCP Client - Write Arbitrary Files
''' Title: SSHtranger Things Author: Mark E. Haase Homepage: https://www.hyperiongray.com Date: 2019-01-17 CVE: CVE-2019-6111, CVE-2019-6110 Advisory: https://sintonen.fi/advisories/scp-client-multiple-vulnerabilities.txt Tested on: Ubuntu 18.04.1 LTS, OpenSSH client 7.6p1 We have nicknamed this...
OpenSSH SCP Client - Write Arbitrary Files
OpenSSH SCP Client - Write Arbitrary Files ''' Title: SSHtranger Things Author: Mark E. Haase Homepage: https://www.hyperiongray.com Date: 2019-01-17 CVE: CVE-2019-6111, CVE-2019-6110 Advisory: https://sintonen.fi/advisories/scp-client-multiple-vulnerabilities.txt Tested on: Ubuntu 18.04.1 LTS,...
Apache OFBiz 16.11.04 - XML External Entity Injection Exploit
Exploit for java platform in category web applications Exploit Title: Apache OFBiz 16.11.04 - XML External Entity Injection Exploit Author: Jamie Parfet Vendor Homepage: https://ofbiz.apache.org/ Software Link: https://archive.apache.org/dist/ofbiz/ Version: xXx xXx """ if lensys.argv = 1: print'...
Apache OFBiz 16.11.04 - XML External Entity Injection
Apache OFBiz 16.11.04 - XML External Entity Injection Exploit Title: Apache OFBiz 16.11.04 - XML External Entity Injection Date: 2018-10-15 Exploit Author: Jamie Parfet Vendor Homepage: https://ofbiz.apache.org/ Software Link: https://archive.apache.org/dist/ofbiz/ Version: xXx xXx """ if...
Apache OFBiz 16.11.04 XML Injection
Exploit Title: Apache OFBiz 16.11.04 - XML External Entity Injection Date: 2018-10-15 Exploit Author: Jamie Parfet Vendor Homepage: https://ofbiz.apache.org/ Software Link: https://archive.apache.org/dist/ofbiz/ Version: xXx xXx """ if lensys.argv = 1: print' Apache OFBiz 16.11.04 XXE' print' Use...