14 matches found
PoCLab
kernel-poc Minimal Linux kernel + QEMU environment for reprod...
EUVD-2020-1508
Malware in sbrugna...
Game Server Status <= 1.0 - Admin+ SQL Injection
The plugin does not validate or escape the serverid parameter before using it in SQL statement, leading to an Authenticated SQL Injection in an admin page PoC sqlmap -u "https://example.com/wp-admin/admin.php?page=grohsfabian-add-game-serversid=1" -p serverid --dbms mysql --cookie your cookie...
Bullwark Momentum Series JAWS 1.0 - Directory Traversal
Bullwark Momentum Series JAWS 1.0 - Directory Traversal Title: Bullwark Momentum Series JAWS 1.0 - Directory Traversal Date: 2019-12-11 Author: Numan Türle Vendor Homepage: http://www.bullwark.net/ Version : Bullwark Momentum Series Web Server JAWS/1.0 Software Link :...
Cisco node-jos < 0.11.0 - Re-sign Tokens
!/usr/bin/env python3 import base64 from urllib.parse import quoteplus import rsa import sys zi0Black ''' EDB Note: This has been updated https://github.com/offensive-security/exploitdb/pull/139 POC of CVE-2018-0114 Cisco node-jose = 8 return b::-1 def generateheaderpayloadpayload,pubkey: create...
Dasan Networks GPON ONT WiFi Router H64X Series System Config Download
Dasan Networks GPON ONT WiFi Router H64X Series System Config Download Vendor: Dasan Networks Product web page: http://www.dasannetworks.com | http://www.dasannetworks.eu Affected version: Models: H640GR-02 H640GV-03 H640GW-02 H640RW-02 H645G Firmware: 3.02p2-1141 2.77p1-1125 2.77-1115 2.76-9999...
Windows 10 the next MS16-098 RGNOBJ integer overflow vulnerability analysis and exploit-vulnerability warning-the black bar safety net
This article with reference to , the text talked about the Windows Kernel Pool Feng Shui, SetBitmapBits/GetBitmapBits to any address read and write, etc. the use of Means, and very helpful in learning the Windows kernel exploits. Test environment: Windows 10 1511 x64 Professional Edition2016.04 2...
“Dishwasher”was traced to a directory traversal vulnerability, an IOT security is getting worse and worse-vulnerability warning-the black bar safety net
Although the IOT the number of devices increases exponentially, but these smart devices security level has not increased, the user still faces a high cyber-attack risk. Miele Miele was founded in Germany one hundred years of home appliance brand, recently one model for PG8528 networked medical...
Apache Struts2 remote code execution vulnerability S2-045 technical analysis and protection solution-vulnerability warning-the black bar safety net
Apache Struts2 Jakarta Multipart parser plug-ins the presence of a remote code execution vulnerability, the vulnerability number is CNNVD-201703-152。 The attacker can use the plugin to upload a file, modify the HTTP request header Content-Type value to trigger the vulnerability leads to remote co...
OWOX, Inc.: HTTP Response Splitting(CRLF injection) in bi.owox.com
Hello, I found a CRLF injection vulnerability in bi.owox.com More about HTTP response splitting https://www.owasp.org/index.php/TestingforHTTPSplitting/SmugglingOTG-INPVAL-016 POC Burp Adding a new header with %0d%0a F122461 Regards, Florin...
CVE-XX-XX:“an Atom of the truncated Hu”the Windows kernel to mention the right vulnerability analysis-vulnerability warning-the black bar safety net
! Author: PlayBoy23333 Royalties of: 500RMB(not taking you to the contributor!) Submission methods: send an email to linwei3 6 0. cn, or visit the web version of the online submission aintroduction A few days ago the Internet fooling around when found Rookitsmm on Github to share a mention the...
GoldMP4Player Buffer Overflow (SEH)
Exploit for windows platform in category local exploits !/usr/bin/python coding: utf-8 Exploit Title: GoldMP4Player Buffer Overflow SEH Software Link: http://download.cnet.com/GoldMP4Player/3000-21394-10967424.html Version: 3.3 Date: 27.02.2014 Tested on: Windows Win 7 En Howto / Notes: open the...
RealVNC 4.1.2 - vncviewer.exe RFB Protocol Remote Code Execution (PoC)
RealVNC 4.1.2 - vncviewer.exe RFB Protocol Remote Code Execution PoC !/usr/bin/env python POC: RealVNC 4.1.2 'vncviewer.exe' RFB Protocol Remote Code Execution Vulnerability, BID 30499 Author: Andres Lopez Luksenberg import socket serversocket = socket.socketsocket.AFINET, socket.SOCKSTREAM...
ScriptsEz Mini Hosting Panel (members.php) LFI Vulnerability
No description provided by source. ScriptsEz Mini Hosting Panel members.php Local File Inclusion Vulnerability url: http://www.scriptsez.net/ Author: JosS mail: sys-projectathotmaildotcom site: http://spanish-hackers.com team: Spanish Hackers Team - SHT This was written for educational purpose. U...