71 matches found
Online Discussion Forum Site 1.0 - Remote Code Execution
Online Discussion Forum Site version 1.0 suffers from a remote code execution vulnerability. Exploit Title: Online Discussion Forum Site 1.0 - Remote Code Execution Google Dork: N/A Date: 2020-05-24 Exploit Author: Selim Enes 'Enesdex' Karaduman Vendor Homepage:...
PanaceaSoft - Shell Upload
Various PanaceaSoft products appear to suffer from a shell upload vulnerability. Exploit Title: PanaceaSoft products Arbitrary File Upload/RCE Google Dork: NA Date: 25/5/2020 Exploit Author: syfi Vendor Homepage: http://www.panacea-soft.com/ Software Link: http://www.panacea-soft.com/ Version:...
vCloud Director 9.7.0.15498291 CVE-2020-3956 - Remote Code Execution
CVE-2020-3956 vCloud Director version 9.7.0.15498291 suffers from a remote code execution vulnerability. !/usr/bin/python Exploit Title: vCloud Director - Remote Code Execution Exploit Author: Tomas Melicher Technical Details:...
Synology DiskStation Manager smart.cgi - Remote Command Execution
This Metasploit module exploits a vulnerability found in Synology DiskStation Manager DSM versions prior to 5.2-5967-5... This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule \d+&minor=?\d+&build=?\d...
QuickBox Pro 2.1.8 CVE-2020-13448 - Remote Code Execution
CVE-2020-13448 QuickBox Pro versions 2.1.8 and below suffer from an authenticated remote code execution vulnerability. Exploit Title: QuickBox Pro 2.1.8 - Authenticated Remote Code Execution Date: 2020-05-26 Exploit Author: s1gh Vendor Homepage: https://quickbox.io/ Vulnerability Details:...
WordPress BBPress 2.5 CVE-2020-13693 - Privilege Escalation
WordPress BBPress plugin version 2.5 suffers from an unauthenticated privilege escalation vulnerability. Exploit Title: WordPress Plugin BBPress 2.5 - Unauthenticated Privilege Escalation Date: 2020-05-29 Exploit Author: Raphael Karger Software Link: https://codex.bbpress.org/releases/ Version:...
VMWare vCloud Director 9.7.0.15498291 - Remote Code Execution
VMWare vCloud Director version 9.7.0.15498291 suffers from a remote code execution vulnerability. Exploit Title: VMWAre vCloud Director 9.7.0.15498291 - Remote Code Execution Exploit Author: Tomas Melicher Technical Details:...
Quick Player 1.3 - Buffer Overflow
Quick Player version 1.3 suffers from a buffer overflow vulnerability. Exploit Title: Quick Player 1.3 - '.m3l' Buffer Overflow Unicode & SEH Date: 2020-06-05 Author: Felipe Winsnes Software Link: http://download.cnet.com/Quick-Player/3640-21684-10871418.html Version: 1.3 Tested on: Windows 7 Pro...
Pi-hole 4.4.0 CVE-2020-11108 - Remote Code Execution
Pi-hole version 4.4.0 suffers from a remote code execution vulnerability. Exploit Title: Pi-hole 4.4.0 - Remote Code Execution Authenticated Date: 2020-05-22 Exploit Author: Photubias Vendor Advisory: 1 https://github.com/pi-hole/AdminLTE Version: Pi-hole . Based and improved on:...
Frigate 3.36.0.9 - Local Buffer Overflow
Frigate version 3.36.0.9 local buffer overflow proof of concept exploit. Exploit Title: Frigate 3.36.0.9 - 'Command Line' Local Buffer Overflow SEH PoC Vendor Homepage: http://www.frigate3.com/ Software Link Download: http://www.frigate3.com/download/frigate3pro.exe Exploit Author: Paras Bhatia...
Crystal Shard http-protection 0.2.0 - IP Spoofing Bypass
Crystal Shard http-protection version 0.2.0 suffers from an IP spoofing bypass vulnerability. Exploit Title : Crystal Shard http-protection 0.2.0 - IP Spoofing Bypass Exploit Author : Halis Duraki @0xduraki Date : 2020-05-28 Product : http-protection Crystal Shard Product URI :...
WordPress Multi-Scheduler 1.0.0 - Cross Site Request Forgery
WordPress Multi-Scheduler plugin version 1.0.0 suffers from a cross site request forgery vulnerability. Exploit Title: WordPress Plugin Multi-Scheduler 1.0.0 - Cross-Site Request Forgery Delete User Google Dork: N/A Date: 2020-05-21 Exploit Author: UnD3sc0n0c1d0 Vendor Homepage:...
Online Course Registration 1.0 - SQL Injection
Online Course Registration version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass. Exploit Title: Online Course Registration 1.0 - Authentication Bypass Google Dork: N/A Date: 2020-06-05 Exploit Author: BKpatron Vendor Homepage:...
StreamRipper32 2.6 - Buffer Overflow
StreamRipper32 version 2.6 buffer overflow proof of concept exploit. Exploit Title: StreamRipper32 2.6 - Buffer Overflow PoC Date: 2020-05-14 Exploit Author: Andy Bowden Tested On: Win10 x64 Download Link: http://streamripper.sourceforge.net/sr32/StreamRipper3226.exe Vendor Page:...
Quick Player 1.3 - Denial Of Service
Quick Player version 1.3 suffers from a denial of service vulnerability. Exploit Title: Quick Player 1.3 - 'Browser.exe' Denial of Service Date: 06/05/2020 Author: Felipe Winsnes Software Link: http://download.cnet.com/Quick-Player/3640-21684-10871418.html Version: 1.3 Tested on: Windows 7 Proof ...
WordPress Form Maker 5.4.1 - SQL Injection
WordPress Form Maker plugin versions 5.4.1 and below suffer from a remote SQL injection vulnerability. Exploit Title: WordPress Plugin Form Maker 5.4.1 - 's' SQL Injection Authenticated Exploit Author: SunCSR Sun Cyber Security Research Date: 2020 - 5 - 22 Vender Homepage: https://help.10web.io/...
OpenEMR - Remote Code Execution
OpenEMR versions prior to 5.0.1 suffer from a remote code execution vulnerability. Title: OpenEMR 5.0.1 - Remote Code Execution Exploit Author: Musyoka Ian Date: 2020-05-25 Title: OpenEMR 5.0.1 - Remote Code Execution Vendor Homepage: https://www.open-emr.org/ Software Link:...
Cisco UCS Director Cloupia Script - Remote Code Execution
This Metasploit module exploits an authentication bypass and directory traversals in Cisco UCS Director This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Cisco UCS Director Cloupia Script RCE',...
GoldWave 5.70 - Buffer Overflow
GoldWave version 5.70 SEH unicode buffer overflow exploit. Exploit Title: GoldWave 5.70 – Buffer Overflow SEH Unicode Date: 2020-05-14 Exploit Author: Andy Bowden Vendor Homepage: https://www.goldwave.com/ Version: 5.70 Download Link: http://goldwave.com//downloads/gwave570.exe Tested on: Windows...
WordPress Drag And Drop File Upload Contact Form 1.3.3.2 Shell Upload
WordPress Drag and Drop File Upload Contact Form plugin version 1.3.3.2 suffers from a remote shell upload vulnerability. Exploit Title: WordPress Plugin Drag and Drop File Upload Contact Form 1.3.3.2 - Remote Code Execution Date: 2020-05-11 Exploit Author: Austin Martin Google Dork:...
Joomla XCloner Backup 3.5.3 - Local File Disclosure
Joomla XCloner Backup version 3.5.3 suffers from a local file disclosure vulnerability. Exploit Title: Joomla XCloner Backup - Authenticated Local File Disclosure Date: 10.05.2020 Exploit Author: Mehmet Kelepçe / Gais Cyber Security Exploit-Db Author ID: 8763 Reference:...