71 matches found
PHP-Fusion 9.03.60 - PHP Object Injection
PHP-Fusion version 9.03.60 suffers from a PHP object injection vulnerability. Exploit Title: PHP-Fusion 9.03.60 - PHP Object Injection Date: 2020-05-26 Exploit Author: coiffeur Vendor Homepage: https://www.php-fusion.co.uk/home.php Software Link: https://www.php-fusion.co.uk/phpfusion9downloads.p...
Joomla J2 JOBS 1.3.0 - SQL Injection
Joomla J2 JOBS version 1.3.0 suffers from a remote SQL injection vulnerability. Exploit Title: Joomla J2 JOBS - Authenticated SQL Injection Date: 17.06.2020 Exploit Author: Mehmet Kelepçe / Gais Cyber Security Vendor Homepage: https://joomsky.com/ Software Link:...
FTPShell Server 6.90 - Buffer Overflow
FTPShell Server version 6.90 buffer overflow proof of concept exploit. Exploit Title: FTPShell Server 6.90 ftpshelldmgr.exe- Buffer Overflow SEHPoC Exploit Author: Saeed reza Zamanian Date: 2020-07-01 Vendor: Code Origin Vendor Homepage: https://www.ftpshell.com/ Software Link:...
ATutor 2.2.4 CVE-2019-12169 - Remote Code Execution
This Metasploit module exploits an arbitrary file upload vulnerability together with a directory traversal flaw in ATutor This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'ATutor 2.2.4 - Director...
Inductive Automation Ignition - Remote Code Execution
This Metasploit module exploits a Java deserialization vulnerability in the Inductive Automation Ignition SCADA... This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Inductive Automation Ignition...
Online Student Enrollment System 1.0 - Shell Upload
This Metasploit module exploits a cross site request forgery vulnerability in Online Student Enrollment System This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' require "net/http" require "uri" requir...
FHEM 6.0 - Local File Inclusion
FHEM version 6.0 suffers from a local file inclusion vulnerability. Exploit Title: FHEM 6.0 - Local File Inclusion Date: 2020-02-10 Exploit Author: Emre ÖVÜNÇ Vendor Homepage: https://fhem.de/ Software Link: https://fhem.de/Download Version: v6.0 Tested on: Windows Link:...
ASUS Aura Sync 1.07.71 CVE-2019-17603 - Privilege Escalation
ASUS Aura Sync version 1.07.71 ene.sys privilege escalation kernel exploit. // CVE-2019-17603: ASUS Aura Sync 1.07.71 'ene.sys' EoP Kernel Exploit // Discovered by @dhn // Author of PoC: Connor McGarr @33y0re - https://connormcgarr.github.io // Windows 10 RS1 Version 10.0.14393 Build 14393 //...
Cisco AnyConnect CVE-2020-3153 - Privilege Escalation
The installer component of Cisco AnyConnect Secure Mobility Client for Windows prior to version 4.8.02042 This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Cisco AnyConnect Priv Esc through Path...
LanSpy 2.0.1.159 - Stack Buffer Overflow
LanSpy version 2.0.1.159 stack buffer overflow exploit that adds a user. """ Exploit title: LanSpy v.2.0.1.159 - Stack Buffer Overflow Exploit Author: Paolo Stagno aka VoidSec - email protected - https://voidsec.com Vendor Homepage: https://lizardsystems.com/ Download:...
Student Enrollment 1.0 - Remote Code Execution
Student Enrollment version 1.0 suffers from an unauthenticated remote code execution vulnerability. Exploit Title: Student Enrollment 1.0 - Unauthenticated Remote Code Execution Date: 2020-06-22 Exploit Author: Selim Enes 'Enesdex' Karaduman Vendor Homepage:...
Odoo 12.0 - Local File Inclusion
Odoo version 12.0 suffers from a local file inclusion vulnerability. Exploit Title: Odoo 12.0 - Local File Inclusion Date: 2019-06-14 Exploit Author: Emre ÖVÜNÇ Vendor Homepage: https://www.odoo.com/ Software Link: https://www.odoo.com/trTR/page/download Version: v12.0 Tested on: Windows/Linux...
WebPort 1.19.1 - Cross Site Scripting
WebPort version 1.19.1 suffers from multiple reflective cross site scripting vulnerabilities. Exploit Title: WebPort 1.19.1 - Reflected Cross-Site Scripting Date: 2019-05-30 Exploit Author: Emre ÖVÜNÇ Vendor Homepage: https://webport.se/ Software Link: https://webport.se/nedladdningar/ Version:...
FileRun CVE-2019-12905 - Cross Site Scripting
FileRun version 2019.05.21 suffers from a reflective cross site scripting vulnerability. Exploit Title: FileRun 2019.05.21 - Reflected Cross-Site Scripting Date: 2019-07-01 Exploit Author: Emre ÖVÜNÇ Vendor Homepage: https://www.filerun.com/ Software Link: https://filerun.com/download Version:...
Online Student Enrollment System 1.0 - Arbitrary File Upload
Online Student Enrollment System version 1.0 suffers from an unauthenticated arbitrary file vulnerability. Exploit Title: Online Student Enrollment System 1.0 - Unauthenticated Arbitrary File Upload Google Dork: N/A Date: 2020-06-20 Exploit Author: BKpatron Vendor Homepage:...
Trend Micro Web Security - Remote Code Execution
This Metasploit module exploits multiple vulnerabilities together in order to achieve a remote code execution. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Trend Micro Web Security Virtual...
Cayin CMS NTP Server 11.0 CVE-2020-7357 - Remote Code Execution
This Metasploit module exploits an authenticated remote code execution vulnerability in Cayin CMS versions 11.0 This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Cayin CMS NTP Server RCE',...
Code Blocks 17.12 - Local Buffer Overflow
Code Blocks version 17.12 File Name SEH unicode local buffer overflow exploit. Exploit Title: Code Blocks 17.12 - 'File Name' Local Buffer Overflow Unicode SEH PoC Vendor Homepage: http://www.codeblocks.org/ Software Link Download:...
College-Management-System-Php 1.0 - SQL Injection
College-Management-System-Php version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass. Exploit Title: College-Management-System-Php 1.0 - Authentication Bypass / SQL Injection Exploit Author: BLAY ABU SAFIAN Inveteck Global Website:...
Zivif Camera 2.3.4.2103 iptest.cgi Blind Remote Command Execution
This Metasploit module exploits a remote command execution vulnerability in Zivif webcams. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Zivif Camera iptest.cgi Blind Remote Command Execution...
Arista Restricted Shell Escape - Privilege Escalation
This Metasploit module takes advantage of a poorly configured TACACS+ config, This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'net/ssh' require 'net/ssh/commandstream' class MetasploitModule 'Arista restricted...
TP-LINK Cloud Cameras NCXXX CVE-2020-13224 - Stack Overflow
CVE-2020-13224 TP-LINK Cloud Cameras NCXXX suffer from a DelMultiUser stack overflow vulnerability. Vulnerability title: TP-LINK Cloud Cameras NCXXX DelMultiUser Stack Overflow Author: Pietro Oliva CVE: CVE-2020-13224 Vendor: TP-LINK Product: NC200, NC210, NC220, NC230, NC250, NC260, NC450 Affect...
Gila CMS 1.11.8 CVE-2020-5515 - SQL Injection
CVE-2020-5515 Gila CMS version 1.11.8 suffers from a remote SQL injection vulnerability. Exploit Title: Gila CMS 1.11.8 - 'query' SQL Injection Date: 2020-06-15 Exploit Author: Carlos RamÃrez L. BillyV4 Vendor Homepage: https://gilacms.com/ Software Link:...
SOS JobScheduler 1.13.3 CVE-2020-12712 Stored Password Decryption
SOS JobScheduler version 1.13.3 encrypts a secret by simply using the name of a profile as the key, making it trivial to decrypt. Exploit Title: SOS JobScheduler 1.13.3 - Stored Password Decryption Google Dork: N/A Date: 2020-04-20 Exploit Author: Sander Ubink Vendor Homepage: www.sos-berlin.com...
Linux/ARM 0.0.0.0:1337/TCP Bindshell Shellcode
100 bytes small null-free Linux/ARM shellcode that binds /bin/sh to 0.0.0.0:1337/TCP. Title: Linux/ARM Raspberry Pi - Bind 0.0.0.0:1337/TCP Shell /bin/sh + Null-Free Shellcode 100 bytes Date: 2020-06-09 Architecture: armv6l GNU/Linux Website: http://www.theanuragsrivastava.com Author: Anurag...
Linux/ARM execve /bin/dash Shellcode
32 bytes small Linux/ARM execve /bin/dash shellcode. Title: Linux/ARM - execve /bin/dash Shellcode 32 bytes Date: 2020-06-08 Category: Shellcode Tested: armv7l 32-bitRaspberry Pi 2 Model B OS: Raspbian Buster Lite Author: Anurag Srivastava Description: execve shellcode / Objdump...
Neon LMS Shell Upload
This Metasploit module exploits a shell upload vulnerability in Neon LMS versions prior to 4.9.1. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' require "net/http" require "uri" require 'nokogiri'...
Documalis Free PDF Scanner - Buffer Overflow
This Metasploit module exploits a buffer overflow vulnerability in Documalis Free PDF Scanner. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Documalis Free PDF Scanner', 'Description' =...
Documalis Free PDF Editor - Buffer Overflow
This Metasploit module exploits a buffer overflow vulnerability in Documalis Free PDF Editor. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Documalis Free PDF Editor', 'Description' =...
10-Strike Bandwidth Monitor 3.9 Unquoted Service Path
10-Strike Bandwidth Monitor version 3.9 services Svc10StrikeBandMontitor Exploit Title: Bandwidth Monitor 3.9 - Unquoted Services Paths Exploit Author: Bobby Cooke Date: 2020-07-15 Vendor Site: https://www.10-strike.com/ Software Download:...
PHP-Fusion 9.03.60 PHP Object Injection / SQL Injection
PHP-Fusion version 9.03.60 PHP object injection to SQL injection pre-authentication exploit. Exploit Title: PHP-Fusion v9.03.60, PHP Object Injection to SQL injection pre-auth Date: 2020-05-26 Exploit Author: coiffeur Vendor Homepage: https://www.php-fusion.co.uk/home.php Software Link:...
Linux/x86 /etc/hosts Mapping Add Polymorphic Shellcode
102 bytes small Linux/x86 add map in /etc/hosts file polymorphic shellcode. Title: Linux/x86 - Add map in /etc/hosts file polymorphic shellcode 102 bytes Author: Xenofon Vassilakopoulos Date: 2020-06-15 Tested on: Linux kali 5.3.0-kali2-686-pae 1 SMP Debian 5.3.9-3kali1 2019-11-20 i686 GNU/Linux...
Background Intelligent Transfer Service CVE-2020-0787 - Privilege Escalation
This Metasploit module exploits CVE-2020-0787, an arbitrary file move vulnerability This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Background Intelligent Transfer Service Arbitrary File Move...
Linux/x86 ASLR Deactivation Polymorphic - Shellcode
124 bytes small ASLR deactivation polymorphic shellcode. Title: Linux/x86 - ASLR deactivation polymorphic shellcode 124 bytes Author: Xenofon Vassilakopoulos Date: 2020-06-11 Tested on: Linux 3.13.0-32-generic 57precise1-Ubuntu i686 i386 GNU/Linux Architecture: i686 GNU/Linux Shellcode Length: 12...
LinuxKI Toolset 6.01 CVE-2020-7209 - Remote Command Execution
This Metasploit module exploits a vulnerability in LinuxKI Toolset versions 6.01 and below which allows remote code execution. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'LinuxKI Toolset 6....
Frigate 3.36.0.9 - Local Buffer Overflow
Frigate version 3.36.0.9 local buffer overflow proof of concept exploit. Exploit Title: Frigate 3.36.0.9 - 'Command Line' Local Buffer Overflow SEH PoC Vendor Homepage: http://www.frigate3.com/ Software Link Download: http://www.frigate3.com/download/frigate3pro.exe Exploit Author: Paras Bhatia...
Quick Player 1.3 - Buffer Overflow
Quick Player version 1.3 suffers from a buffer overflow vulnerability. Exploit Title: Quick Player 1.3 - '.m3l' Buffer Overflow Unicode & SEH Date: 2020-06-05 Author: Felipe Winsnes Software Link: http://download.cnet.com/Quick-Player/3640-21684-10871418.html Version: 1.3 Tested on: Windows 7 Pro...
NeonLMS 4.6 - Shell Upload
NeonLMS version 3.6 suffers from an authenticated remote shell upload vulnerability. Exploit Title: NeonLMS - Learning Management System PHP Laravel Script -Authenticated Arbitrary File Upload Exploit Author: th3d1gger Google Dork: N/A Type: Web App Date: 2020-05-29 Vendor Homepage:...
Online-Exam-System 2015 - SQL Injection
Online-Exam-System 2015 suffers from a remote SQL injection vulnerability. Exploit Title: Online-Exam-System 2015 - 'feedback' SQL Injection Date: 2020-06-04 Exploit Author: Gus Ralph Vendor Homepage: https://github.com/sunnygkp10/ Software Link:...
Cisco UCS Director Cloupia Script - Remote Code Execution
This Metasploit module exploits an authentication bypass and directory traversals in Cisco UCS Director This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Cisco UCS Director Cloupia Script RCE',...
Online Course Registration 1.0 - SQL Injection
Online Course Registration version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass. Exploit Title: Online Course Registration 1.0 - Authentication Bypass Google Dork: N/A Date: 2020-06-05 Exploit Author: BKpatron Vendor Homepage:...
Quick Player 1.3 - Denial Of Service
Quick Player version 1.3 suffers from a denial of service vulnerability. Exploit Title: Quick Player 1.3 - 'Browser.exe' Denial of Service Date: 06/05/2020 Author: Felipe Winsnes Software Link: http://download.cnet.com/Quick-Player/3640-21684-10871418.html Version: 1.3 Tested on: Windows 7 Proof ...
WordPress Drag And Drop Multi File Uploader Remote Code Execution
This Metasploit module exploits a file upload feature of Drag and Drop Multi File Upload - Contact Form 7 This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Wordpress Drag and Drop Multi File...
WebLogic Server Deserialization - Remote Code Execution
This Metasploit module exploits a Java object deserialization vulnerability in multiple versions of WebLogic. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'WebLogic Server Deserialization RCE...
VMWare vCloud Director 9.7.0.15498291 - Remote Code Execution
VMWare vCloud Director version 9.7.0.15498291 suffers from a remote code execution vulnerability. Exploit Title: VMWAre vCloud Director 9.7.0.15498291 - Remote Code Execution Exploit Author: Tomas Melicher Technical Details:...
vCloud Director 9.7.0.15498291 CVE-2020-3956 - Remote Code Execution
CVE-2020-3956 vCloud Director version 9.7.0.15498291 suffers from a remote code execution vulnerability. !/usr/bin/python Exploit Title: vCloud Director - Remote Code Execution Exploit Author: Tomas Melicher Technical Details:...
vBulletin 5.6.1 CVE-2020-12720 - SQL Injection
This Metasploit module exploits a SQL injection vulnerability found in vBulletin versions 5.6.1 This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'vBulletin...
QuickBox Pro 2.1.8 CVE-2020-13448 - Remote Code Execution
CVE-2020-13448 QuickBox Pro versions 2.1.8 and below suffer from an authenticated remote code execution vulnerability. Exploit Title: QuickBox Pro 2.1.8 - Authenticated Remote Code Execution Date: 2020-05-26 Exploit Author: s1gh Vendor Homepage: https://quickbox.io/ Vulnerability Details:...
VMware vCenter Server 6.7 CVE-2020-3952 - Authentication Bypass
CVE-2020-3952 VMware vCenter Server version 6.7 authentication bypass exploit. Exploit Title: VMware vCenter Server 6.7 - Authentication Bypass Date: 2020-06-01 Exploit Author: Photubias Vendor Advisory: 1 https://www.vmware.com/security/advisories/VMSA-2020-0006.html Version: vCenter Server 6.7...
macOS/x64 zsh RickRolling - Shellcode
198 bytes small macOS/x64 RickRolling shellcode. / Shellcode Title: macOS/x64 - zsh RickRolling Shellcode 198 Bytes Shellcode Author: Bobby Cooke Date: May 31st, 2020 Tested on: macOS Catalina v10.15.4 Shellcode Description: MacOS Catalina Dynamic, No-Null Shellcode that will Unmute the systems...