47904 matches found
Tibco ObfuscationEngine 5.11 - Fixed Key Password Decryption
Exploit Title: Tibco ObfuscationEngine 5.11 - Fixed Key Password Decryption Date: December 8th 2020 Exploit Author: Tess Sluijter Vendor Homepage: https://www.tibco.com Version: 5.11x and before Tested on: MacOS, Linux, Windows Tibco password decryption exploit Background Tibco's documentation...
WeBid 0.7.3 RC9 - 'upldgallery.php' Arbitrary File Upload
----------------------------------------------------------------------------------------- Author : Ahmad Pay Date : March, 25 2009 Location : Bojonegoro, Indonesia Critical : High Impact : System Access Where : From Remote --------------------------------------------------------------------------...
Linux Kernel 2.6.x - Ptrace Privilege Escalation
/ source: https://www.securityfocus.com/bid/25774/info The Linux kernel is prone to a local privilege-escalation vulnerability. Exploiting this issue may allow local attackers to gain elevated privileges, facilitating the complete compromise of affected computers. Versions of Linux kernel prior t...
Microsoft Outlook Microsoft 365 MSO (Version 2306 Build 16.0.16529.20100) 32-bit - Remote Code Execution
Title: Microsoft Outlook Microsoft 365 MSO Version 2306 Build 16.0.16529.20100 32-bit - Remote Code Execution Author: nu11secur1ty Date: 07.07.2023 Vendor: https://www.microsoft.com/ Software: https://outlook.live.com/owa/ Reference:...
Docsify.js 4.11.4 - Reflective Cross-Site Scripting
Exploit Title: Docsify.js 4.11.4 - Reflective Cross-Site Scripting Date: 2020-06-22 Exploit Author: Amin Sharifi Vendor Homepage: https://docsify.js.org Software Link: https://github.com/docsifyjs/docsify Version: 4.11.4 Tested on: Windows 10 CVE : CVE-2020-7680 docsify.js uses fragment identifie...
Pulse Secure VPN - Arbitrary Command Execution (Metasploit)
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Pulse Secure VPN Arbitrary Command Execution', 'Description' = %q This module exploits a post-auth command injection in the Pulse Secure VPN serv...
Druva inSync Windows Client 6.6.3 - Local Privilege Escalation (PowerShell)
Exploit Title: Druva inSync Windows Client 6.6.3 - Local Privilege Escalation PowerShell Date: 2020-12-03 Exploit Author: 1F98D Original Author: Matteo Malvica Vendor Homepage: druva.com Software Link: https://downloads.druva.com/downloads/inSync/Windows/6.6.3/inSync6.6.3r102156.msi Version: 6.6....
Savsoft Quiz Enterprise Version 5.5 - Persistent Cross-Site Scripting
Exploit Title: Savsoft Quiz Enterprise Version 5.5 - Persistent Cross-Site Scripting Date: 2020-09-01 Exploit Author: Hemant Patidar HemantSolo Vendor Homepage: https://savsoftquiz.com/ Software Link: https://savsoftquiz.com/web/demo.php Version: 5.0 Tested on: Windows 10/Kali Linux Contact:...
Request-Baskets v1.2.1 - Server-side request forgery (SSRF)
Exploit Title: Request-Baskets v1.2.1 - Server-side request forgery SSRF Exploit Author: Iyaad Luqman K init6 Application: Request-Baskets v1.2.1 Tested on: Ubuntu 22.04 CVE: CVE-2023-27163 PoC !/bin/bash if "$" -lt 2 || "$1" = "-h" || "$1" = "--help" ; then help="Usage: exploit.sh \n\n";...
Solaris SunSSH 11.0 x86 - libpam Remote Root (2)
Exploit Title: Solaris SunSSH 11.0 x86 - libpam Remote Root 2 Original Exploit Author: Hacker Fantastic Metasploit Module Author: wvu Vendor Homepage: https://www.oracle.com/solaris/technologies/solaris10-overview.html Version: 10 Tested on: SunOS solaris 10 CVE: CVE-2020-14871 Ported By: legend...
SAntivirus IC 10.0.21.61 - 'SAntivirusIC' Unquoted Service Path
Exploit Title: SAntivirus IC 10.0.21.61 - 'SAntivirusIC' Unquoted Service Path Discovery by: Mara Ramirez Discovery Date: 10-11-2020 Vendor Homepage: https://www.segurazo.com/download.html Software Links : https://www.segurazo.com/download.html Tested Version: 10.0.21.61 Vulnerability Type:...
MedDream PACS Server 6.8.3.751 - Remote Code Execution (Authenticated)
!/usr/bin/python Exploit Title: MedDream PACS Server 6.8.3.751 - Remote Code Execution Authenticated Exploit Author: bzyo Twitter: @bzyo Exploit Title: MedDream PACS Server 6.8.3.751 - Remote Code Execution Authenticated Date: 2020-10-01 Vulnerable Software:...
Mida eFramework 2.9.0 - Remote Code Execution
Exploit Title: Mida eFramework 2.9.0 - Remote Code Execution Google Dork: Server: Mida eFramework Date: 2020-08-27 Exploit Author: elbae Vendor Homepage: https://www.midasolutions.com/ Software Link: http://ova-efw.midasolutions.com/ Reference:...
FileRun 2019.05.21 - Reflected Cross-Site Scripting
Exploit Title: FileRun 2019.05.21 - Reflected Cross-Site Scripting Date: 2019-07-01 Exploit Author: Emre ÖVÜNÇ Vendor Homepage: https://www.filerun.com/ Software Link: https://filerun.com/download Version: v2019.05.21 Tested on: Windows/Linux CVE: CVE-2019-12905 CVE-2019-12905...
WiFi Mouse 1.8.3.2 - Remote Code Execution (RCE)
Exploit Title: WiFi Mouse 1.8.3.2 - Remote Code Execution RCE Date: 13-10-2022 Author: Payal Vendor Homepage: http://necta.us/ Software Link: http://wifimouse.necta.us/download Version: 1.8.3.2 Tested on: Windows 10 Pro Build 21H2 Desktop Server software used by mobile app has PIN option which do...
Online Course Registration 1.0 - Blind Boolean-Based SQL Injection (Authenticated)
Exploit Title: Online Course Registration 1.0 - Blind Boolean-Based SQL Injection Authenticated Exploit Author: Sam Ferguson @AffineSecurity and Drew Jones @qhum7sec Date: 2021-10-21 Vendor Homepage: https://www.sourcecodester.com/php/14251/online-course-registration.html Software Link:...
Apache - Remote Memory Exhaustion (Denial of Service)
Apache httpd Remote Denial of Service memory exhaustion By Kingcope Year 2011 Will result in swapping memory to filesystem on the remote side plus killing of processes when running out of swap space. Remote System becomes unstable. use IO::Socket; use Parallel::ForkManager; sub usage print "Apach...
Microsoft Windows Remote Desktop - 'BlueKeep' Denial of Service
import socket, sys, struct from OpenSSL import SSL from impacket.structure import Structure I'm not responsible for what you use this to accomplish and should only be used for education purposes Could clean these up since I don't even use them class TPKTStructure: commonHdr = 'Version','B=3',...
Mikrotik WinBox 6.42 - Credential Disclosure (golang)
/ Title: Mikrotik WinBox 6.42 - Credential Disclosure golang edition Author: Maxim Yefimenko @slider Date: 2018-08-06 Sotware Link: https://mikrotik.com/download Vendor Page: https://www.mikrotik.com/ Version: 6.29 - 6.42 Tested on: Fedora 28 \ Debian 9 \ Windows 10 \ Android wherever it was...
YourFreeWorld Downline Builder - 'tr.php' SQL Injection
Downline Builder id Remote SQL Injection Vulnerability Author: Hussin X Home : www.IQ-TY.com & www.TrYaG.cc script : http://www.yourfreeworld.com/script/downlinebuilder.php DorK : inurl:tr.php?id= Downline Exploit :...
ASUS TM-AC1900 - Arbitrary Command Execution (Metasploit)
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'ASUS TM-AC1900 - Arbitrary Command Execution', 'Description' = %q This module exploits a code execution vulnerability within the ASUS TM-AC1900...
Photo Share Website 1.0 - Persistent Cross-Site Scripting
Exploit Title: Photo Share Website 1.0 - Persistent Cross-Site Scripting Date: 2020-09-30 Exploit Author: Augkim Vendor Homepage: https://www.sourcecodester.com/php/14478/photo-share-website-using-phpmysql-source-code.html Software Link:...
Microsoft Windows - OLE Remote Code Execution 'Sandworm' (MS14-060)
!/usr/bin/python Windows OLE RCE Exploit MS14-060 CVE-2014-4114 Sandworm Author: Mike Czumak Tv3rn1x - @SecuritySift Written: 10/21/2014 Tested Platforms: Windows 7 SP1 w/ exploit script run on Kali Linux You are free to reuse this code in part or in whole with the exception of commercial...
Microsoft IIS 6.0/7.5 (+ PHP) - Multiple Vulnerabilities
THIS IS A GENUINE ISOWAREZ RELEASE ------------------------------------------------------------------------------------------------------------------------------------------------------------ Title: Microsoft IIS 6.0 with PHP installed Authentication Bypass Affected software: Microsoft IIS 6.0 wi...
Nagios Log Server 2.1.6 - Persistent Cross-Site Scripting
Exploit Title: Nagios Log Server 2.1.6 - Persistent Cross-Site Scripting Date: 2020-08-07 Vendor Homepage: https://www.nagios.com/products/nagios-log-server/ Vendor Changelog: https://www.nagios.com/downloads/nagios-log-server/change-log/ Exploit Author: Jinson Varghese Behanan @JinsonCyberSec...
LogonTracer 1.2.0 - Remote Code Execution (Unauthenticated)
Exploit Title: LogonTracer 1.2.0 - Remote Code Execution Unauthenticated Date: 29/05/2021 Exploit Author: g0ldm45k Vendor Homepage: https://www.jpcert.or.jp/ Software Link: https://github.com/JPCERTCC/LogonTracer/releases/tag/v1.2.0 Version: 1.2.0 and earlier Tested on: Version 1.2.0 on Debian...
IObit Uninstaller 10 Pro - Unquoted Service Path
Exploit Title: IObit Uninstaller 10 Pro - Unquoted Service Path Date: 2020–12–24 Exploit Author: Mayur Parmarth3cyb3rc0p Vendor Homepage: https://www.iobit.com Software Link: https://www.iobit.com/en/advanceduninstaller.php Version: 10 Tested on Windows 10 Unquoted Service Path: When a service is...
Free School Management Software 1.0 - Remote Code Execution (RCE)
Exploit Title: Free School Management Software 1.0 - Remote Code Execution RCE Exploit Author: fuuzap1 Date: 7-12-2021 Category: Web application Vendor Homepage: https://www.sourcecodester.com/php/15073/free-school-management-software.html Software Link:...
Moodle 3.6.1 - Persistent Cross-Site Scripting (XSS)
Exploit Title: Moodle 3.6.1 - Persistent Cross-Site Scripting XSS Date: 04/2021 Exploit Author: farisv Vendor Homepage: https://moodle.org/ Software Link: https://download.moodle.org https://github.com/moodle/moodle/archive/refs/tags/v3.6.1.zip Version: Moodle 3.6.2, 3.5.4, 3.4.7, 3.1.16 CVE:...
Customer Support System 1.0 - 'description' Stored XSS in The Admin Panel
Exploit Title: Customer Support System 1.0 - 'description' Stored XSS in The Admin Panel Date: 2020-11-11 Exploit Author: Ahmed Abbas Vendor Homepage: https://www.sourcecodester.com/php/14587/customer-support-system-using-phpmysqli-source-code.html Software Link:...
Alfresco 5.2.4 - Persistent Cross-Site Scripting
Exploit Title: Alfresco 5.2.4 - Persistent Cross-Site Scripting Date: 2020-03-02 Exploit Author: Romain LOISEL & Alexandre ZANNI https://pwn.by/noraj - Pentesters from Orange Cyberdefense France Vendor Homepage: https://www.alfresco.com/ Software Link: https://www.alfresco.com/ecm-software Versio...
WordPress Plugin HS Brand Logo Slider 2.1 - 'logoupload' File Upload
Exploit Title: WordPress Plugin HS Brand Logo Slider 2.1 - 'logoupload' File Upload Date: 2020-10-20 Exploit Author: Net-Hunter Google Dork: N/A Software Link: https://ms.wordpress.org/plugins/hs-brand-logo-slider/ Vendor Homepage: https://www.heliossolutions.co/ Tested on: Linux Apache / Wordpre...
WordPress Core 5.2.4 - Cross-Origin Resource Sharing
Exploit Title: Wordpress 5.2.4 - Cross-Origin Resource Sharing Date: 2019-10-28 Exploit Author: Milad Khoshdel Software Link: https://wordpress.org/download/ Version: Wordpress 5.2.4 Tested on: Linux Apache/2 PHP/7.2 Vulnerable Page: https://Your-Domain/wp-json POC: The web application fails to...
myfactory FMS 7.1-911 - 'Multiple' Reflected Cross-Site Scripting (XSS)
Exploit Title: myfactory FMS 7.1-911 - 'Multiple' Reflected Cross-Site Scripting XSS Exploit Author: RedTeam Pentesting GmbH Vendor Homepage: https://www.myfactory.com/ Version: Enfold input NAME="txtUID" VALU...
Seeddms 5.1.10 - Remote Command Execution (RCE) (Authenticated)
Exploit Title: Seeddms 5.1.10 - Remote Command Execution RCE Authenticated Date: 25/06/2021 Exploit Author: Bryan Leong Vendor Homepage: https://www.seeddms.org/index.php?id=2 Software Link: https://sourceforge.net/projects/seeddms/files/seeddms-5.0.11/ Version: Seeddms 5.1.10 Tested on: Windows ...
Eibiz i-Media Server Digital Signage 3.8.0 - Authentication Bypass
Exploit Title: Eibiz i-Media Server Digital Signage 3.8.0 - Authentication Bypass Date: 2020-08-21 Exploit Author: LiquidWorm Vendor Homepage: http://www.eibiz.co.th Version: =3.8.0 CVE: N/A !/usr/bin/env python3 -- coding: utf-8 -- Eibiz i-Media Server Digital Signage 3.8.0 createUser...
Bludit 3.9.2 - Directory Traversal
Title: Bludit 3.9.2 - Directory Traversal Author: James Green Date: 2020-07-20 Vendor Homepage: https://www.bludit.com Software Link: https://github.com/bludit/bludit Version: 3.9.2 Tested on: Linux Ubuntu 19.10 Eoan CVE: CVE-2019-16113 Special Thanks to Ali Faraj @InfoSecAli and authors of MSF...
Sysax MultiServer 6.90 - Reflected Cross Site Scripting
Exploit Title: Sysax MultiServer 6.90 - Reflected Cross Site Scripting Google Dork: n.d. Date: 2020-06-02 Exploit Author: Luca Epifanio wrongsid3 Vendor Homepage: https://www.sysax.com/ Software Link: https://www.sysax.com/download.htm Version: MultiServer 6.90 Tested on: Windows 10 x64 CVE :...
Exim 4.87 - 4.91 - Local Privilege Escalation
!/bin/bash raptoreximwiz - "The Return of the WIZard" LPE exploit Copyright c 2019 Marco Ivaldi A flaw was found in Exim versions 4.87 to 4.91 inclusive. Improper validation of recipient address in delivermessage function in /src/deliver.c may lead to remote command execution. CVE-2019-10149 This...
Linux Kernel 2.6.22 < 3.9 - 'Dirty COW' 'PTRACE_POKEDATA' Race Condition Privilege Escalation (/etc/passwd Method)
// // This exploit uses the pokemon exploit of the dirtycow vulnerability // as a base and automatically generates a new passwd line. // The user will be prompted for the new password when the binary is run. // The original /etc/passwd file is then backed up to /tmp/passwd.bak // and overwrites t...
osCommerce 2.3.4.1 - Remote Code Execution (2)
Exploit Title: osCommerce 2.3.4.1 - Remote Code Execution 2 Vulnerability: Remote Command Execution when /install directory wasn't removed by the admin Exploit: Exploiting the install.php finish process by injecting php payload into the dbdatabase parameter & read the system command output from...
F5 BIG-IP 16.0.x - iControl REST Remote Code Execution (Unauthenticated)
Exploit Title: F5 BIG-IP 16.0.x - iControl REST Remote Code Execution Unauthenticated Exploit Author: Al1ex Vendor Homepage: https://www.f5.com/products/big-ip-services Version: 16.0.x before 16.0.1.1, 15.1.x before 15.1.2.1, 14.1.x before 14.1.4, 13.1.x before 13.1.3.6, and 12.1.x before 12.1.5....
Citadel WebCit < 926 - Session Hijacking Exploit
Exploit Title: Citadel WebCit 926 - Session Hijacking Exploit Exploit Author: Simone Quatrini Version: 926 !/usr/bin/env python3 import argparse import requests import time import sys from requests.packages.urllib3.exceptions import InsecureRequestWarning...
Windows TCPIP Finger Command - C2 Channel and Bypassing Security Software
Title: Windows TCPIP Finger Command - C2 Channel and Bypassing Security Software Author: John Page aka hyp3rlinx Date: 2020-09-16 Website: hyp3rlinx.altervista.org Source: http://hyp3rlinx.altervista.org/advisories/WindowsTCPIPFingerCommandC2ChannelandBypassingSecuritySoftware.txt...
Windows x64 - Reverse Shell TCP Shellcode (694 bytes)
Windows x64 - Reverse Shell TCP Shellcode 694 bytes. Shellcode exploit for Winx86-64 platform / Title : Windows x64 Reverse Shell TCP shellcode size : 694 bytes Author: Roziul Hasan Khan Shifat Date : 10-11-2016 Tested on : Windows 7 x64 Professional Email : [email protected] / / Disassembly of...
Joomla! 1.5.x - 'Token' Remote Admin Change Password
Joomla 1.5.x Remote Admin Password Change Author: d3m0n [email protected] Greets: GregStar, gorion, d3d!k Polish "hackers" used this bug to deface turkish sites BUAHAHHA nice 0-day pff File : /components/comuser/controller.php Line : 379-399 function confirmreset // Check for request forgeries...
orangescrum 1.8.0 - 'Multiple' SQL Injection (Authenticated)
Exploit Title: orangescrum 1.8.0 - 'Multiple' SQL Injection Authenticated Date: 28/11/2021 Exploit Author: Hubert Wojciechowski Contact Author: [email protected] Company: https://redteam.pl Vendor Homepage: https://www.orangescrum.org/ Software Link: https://www.orangescrum.org/ Version: 1.8.0...
WebPort 1.19.1 - 'setup' Reflected Cross-Site Scripting
Exploit Title: WebPort 1.19.1 - 'setup' Reflected Cross-Site Scripting Date: 2019-05-30 Exploit Author: Emre ÖVÜNÇ Vendor Homepage: https://webport.se/ Software Link: https://webport.se/nedladdningar/ Version: v1.19.1 Tested on: Windows/Linux CVE-2019-12460...
Integard Pro NoJs 2.2.0.9026 - Remote Buffer Overflow
Exploit Title: Integard Pro NoJs 2.2.0.9026 - Remote Buffer Overflow Date: 2019-09-22 Exploit Author: purpl3f0xsecur1ty Vendor Homepage: https://www.tucows.com/ Software Link: http://www.tucows.com/preview/519612/Integard-Home Version: Pro 2.2.0.9026 / Home 2.0.0.9021 Tested on: Windows XP / Win7...
Drupal < 7.58 / < 8.3.9 / < 8.4.6 / < 8.5.1 - 'Drupalgeddon2' Remote Code Execution
!/usr/bin/env ruby CVE-2018-7600 Drupal &1' ; " bashcmd = "echo " + Base64.strictencode64bashcmd + " | base64 -d" - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Function httprequest type data def httprequesturl, type="get", payload="", cookie="" puts verbose"HTTP -...