47904 matches found
CMS Made Simple < 2.2.10 - SQL Injection
!/usr/bin/env python Exploit Title: Unauthenticated SQL Injection on CMS Made Simple = 2.2.9 Date: 30-03-2019 Exploit Author: Daniele Scanu @ Certimeter Group Vendor Homepage: https://www.cmsmadesimple.org/ Software Link: https://www.cmsmadesimple.org/downloads/cmsms/ Version: = 2.2.9 Tested on:...
AIDA64 Extreme / Engineer / Network Audit 5.99.4900 - SEH Buffer Overflow (EggHunter)
!/usr/bin/python Exploit Title: AIDA64 Extreme 5.99.4900 - SEH Buffer Overflow EggHunter Date: 2019-04-01 Vendor Homepage: https://www.aida64.com Software Link: http://download.aida64.com/aida64extreme599.exe Mirror Link : https://www.nikktech.com/main/downloads/finalwire/aida64extreme599.exe...
Inout RealEstate - 'city' SQL Injection
Exploit Title: Inout RealEstate - SQL Injection Date: 29.03.2019 Exploit Author: Ahmet Ümit BAYRAM Vendor Homepage: https://www.inoutscripts.com/products/inout-realestate/ Demo Site: http://inout-realestate.demo.inoutscripts.net/ Version: Lastest Tested on: Kali Linux CVE: N/A ----- PoC: SQLi ---...
Inout EasyRooms - SQL Injection
Exploit Title: Inout EasyRooms Ultimate Edition - SQL Injection Date: 29.03.2019 Exploit Author: Ahmet Ümit BAYRAM Vendor Homepage: https://www.inoutscripts.com/products/inout-easyrooms/ Demo Site: http://inout-easyrooms.demo.inoutscripts.net/ Version: v1.0 Tested on: Kali Linux CVE: N/A ----- Po...
LimeSurvey < 3.16 - Remote Code Execution
!/usr/bin/python Description: LimeSurvey shell.php" -p phar -o /tmp/exploit.jpg PHAR = "\x3c\x3f\x70\x68\x70\x20\x5f\x5f\x48\x41\x4c\x54\x5f\x43\x4f\x4d\x50\x49\x4c\x45\x52\x28\x29\x3b\x20\x3f\x3e\x0d\x0a\x38"...
JioFi 4G M2S 1.0.2 - Cross-Site Request Forgery
Exploit Title: JioFi 4G M2S 1.0.2 devices have CSRF via the SSID name and Security Key field under Edit Wi-Fi Settings aka a SetWiFiSetting request to cgi-bin/qcmapwebcgi Exploit Author: Vikas Chaudhary Date: 21-01-2019 Vendor Homepage: https://www.jio.com/ Hardware Link:...
phpFileManager 1.7.8 - Local File Inclusion
Exploit Title: phpFileManager 1.7.8 - Local File Inclusion Date: 01.04.2019 Exploit Author: Murat Kalafatoglu Vendor Homepage: https://sourceforge.net/projects/phpfm/ Software Demo: https://phpfm-demo.000webhostapp.com/ Version: v1.7.8 Category: Webapps Tested on: XAMPP for Linux Description: Any...
WordPress Plugin PayPal Checkout Payment Gateway 1.6.8 - Parameter Tampering
Exploit Title: cgi-bin/webscr?cmd=cart in the WooCommerce PayPal Checkout Payment Gateway plugin 1.6.8 for WordPress allows Parameter Tampering in an amount parameter such as amount1, as demonstrated by purchasing an item for lower than the intended price Date: 27.01.2019 Product Title :Woocommer...
CentOS Web Panel 0.9.8.789 - NameServer Field Persistent Cross-Site Scripting
Exploit Title: CentOS Web Panel 0.9.8.789 - NameServer Field Stored Cross-Site Scripting Vulnerability Google Dork: N/A Date: 28 - March - 2019 Exploit Author: DKM Vendor Homepage: http://centos-webpanel.com Software Link: http://centos-webpanel.com Version: 0.9.8.789 Tested on: CentOS 7 CVE :...
Job Portal 3.1 - 'job_submit' SQL Injection
=========================================================================================== Exploit Title: NewJobPortal v3.1 - 'jobsubmit' SQL Inj. Dork: N/A Date: 25-03-2019 Exploit Author: Mehmet EMIROGLU Vendor Homepage: https://codecanyon.net/item/job-portal/15330095 Version: v3.1 Category:...
Base64 Decoder 1.1.2 - Local Buffer Overflow (SEH Egghunter)
!/usr/bin/env python Exploit Title: Base64 Decoder 1.1.2 Local Buffer Overflow SEH + Egghunter Date: 28.03.2019 Exploit Author: Paolo Perego - [email protected] Vendor Homepage: http://4mhz.de/b64dec.html Software Link: http://4mhz.de/download.php?file=b64dec-1-1-2.zip Version: Base64 Decoder...
Microsoft Visio 2016 16.0.4738.1000 - 'Log in accounts' Denial of Service
-⋆- coding: utf-8 -⋆- Created on Thu Feb 21 01:32:50 2019 @author: César """ Exploit Title: Microsoft Visio 2016 16.0.4738.1000 "Log in accounts" allows go on whit email formed by one thousand A in every of its parts [email protected] Descovered by: César Adrián Coronado Llanos Descovered...
Airbnb Clone Script - Multiple SQL Injection
Exploit Title: Homey BNB Airbnb Clone Script - Multiple SQL Injection Date: 27.03.2019 Exploit Author: Ahmet Ümit BAYRAM Vendor Homepage: https://www.doditsolutions.com/airbnb-clone-script/ Demo Site: http://sitedemos.in/homeybnb/ Version: V4 Tested on: Kali Linux CVE: N/A ----- PoC 1: SQLi -----...
WordPress Plugin Loco Translate 2.2.1 - Local File Inclusion
Exploit Title: Wordpress Loco Translate Version 2.2.1 Plugin LFI Google Dork: N/A Date: 03 / 26 / 2019 Exploit Author: Ali S. Ahmad S4R1N Vendor Homepage: https://localise.biz/ Software Link: https://wordpress.org/plugins/loco-translate/ Version: Version 2.2.1 Tested on: Debian GNU/Linux 9 Docker...
CMS Made Simple (CMSMS) Showtime2 - File Upload Remote Code Execution (Metasploit)
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "CMS Made Simple CMSMS Showtime2 File Upload RCE", 'Description' = %q This module exploits a File Upload vulnerability that lead in a RCE in...
WordPress Plugin Anti-Malware Security and Brute-Force Firewall 4.18.63 - Local File Inclusion (PoC)
Exploit Title: Wordpress Anti-Malware Security and Bruteforce Firewall - Local File Inclusion Google Dork: N/A Date: 03 / 26 / 2019 Exploit Author: Ali S. Ahmad S4R1N Vendor Homepage: N/A Software Link: https://wordpress.org/plugins/gotmls/ Version: Version 4.18.63 Tested on: Debian GNU/Linux 9...
gnutls 3.6.6 - 'verify_crt()' Use-After-Free
Description of problem: This is a critical memory corruption vulnerability in any API backed by verifycrt, including gnutlsx509trustlistverifycrt and related routines. I suspect any client or server that verifies X.509 certificates with GnuTLS is likely affected and can be compromised by a...
BigTree 4.3.4 CMS - Multiple SQL Injection
=========================================================================================== Exploit Title: BigTree CMS - 'parent' SQL Inj. Dork: N/A Date: 24-03-2019 Exploit Author: Mehmet EMIROGLU Vendor Homepage: https://www.bigtreecms.org/ Software Link: https://www.bigtreecms.org/download/cor...
Thomson Reuters Concourse & Firm Central < 2.13.0097 - Directory Traversal / Local File Inclusion
''' Exploit Title: Thomson Reuters Concourse & Firm Central 2.13.0097 - Directory Traversal & Local File Inclusion Date: 02/13/2019 Exploit Author: 0v3rride Vendor Homepage: https://www.thomsonreuters.com/en.html Software Link: Firm Central...
i-doit 1.12 - 'qr.php' Cross-Site Scripting
Exploit Title: i-doit 1.12 Cross Site Scripting on qr.php file Date: 28-03-2019 Software Link: https://www.i-doit.org/ Version: 1.12 Exploit Author: BlackFog Team Contact: [email protected] Website: https://securelayer7.net Category: webapps Tested on: Firefox in Kali Linux. CVE: CVE-2019-696...
Fat Free CRM 0.19.0 - HTML Injection
Exploit Title: Fat Free CRM v0.19.0 - HTML Injection Date: 2019-03-20 Exploit Author: Ismail Tasdelen Vendor Homepage: http://www.fatfreecrm.com/ Source Code : https://github.com/fatfreecrm Software : Fat Free CRM Product Version: v0.19.0 Vulnerability Type : Code Injection Vulnerability : HTML...
Oracle Weblogic Server Deserialization RCE - Raw Object (Metasploit)
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core/exploit/powershell' class MetasploitModule 'Oracle Weblogic Server Deserialization RCE - Raw Object', 'Description' = %q An unauthenticated attacker wi...
Jettweb PHP Hazır Rent A Car Sitesi Scripti V2 - 'arac_kategori_id' SQL Injection
Exploit Title: Jettweb PHP Hazır Rent A Car Sitesi Scripti V2 - 'arackategoriid' SQL Injection Date: 28.03.2019 Exploit Author: Ahmet Ümit BAYRAM Vendor Homepage: https://jettweb.net/u-4-php-hazir-rent-a-car-sitesi-scripti-v2.html Demo Site: http://rentv2.proemlaksitesi.net/ Version: V2 Tested on...
Jettweb Hazır Rent A Car Scripti V4 - SQL Injection
Exploit Title: Jettweb Hazır Rent A Car Scripti V4 - SQL Injection Date: 26.03.2019 Exploit Author: Ahmet Ümit BAYRAM Vendor Homepage: https://jettweb.net/u-46-php-hazir-rent-a-car-scripti-v4.html Demo Site: http://rentv4.proemlaksitesi.net/ Version: V4 Tested on: Kali Linux CVE: N/A ----- PoC 1:...
Spidermonkey - IonMonkey Type Inference is Incorrect for Constructors Entered via OSR
/ A bug in IonMonkeys type inference system when JIT compiling and entering a constructor function via on-stack replacement OSR allows the compilation of JITed functions that cause type confusions between arbitrary objects. Prerequisites: 1. Spidermonkey can represent "plain" objects either as...
Jettweb Php Hazır İlan Sitesi Scripti V2 - SQL Injection
Exploit Title: Jettweb Php Hazır İlan Sitesi Scripti V2 - SQL Injection Date: 25.03.2019 Exploit Author: Ahmet Ümit BAYRAM Vendor Homepage: https://jettweb.net/c-23-ilan-Siteleri.html Demo Site: http://ilanv2.proemlaksitesi.net Version: V2 Tested on: Kali Linux CVE: N/A ----- PoC : SQLi -----...
SJS Simple Job Script - SQL Injection / Cross-Site Scripting
Exploit Title: Simple Job Script - Multiple Vulnerabilities Date: 26.03.2019 Exploit Author: Ahmet Ümit BAYRAM Vendor Homepage: https://simplejobscript.com/ Download Link: https://github.com/niteosoft/simplejobscript/archive/master.zip Demo Site: https://demo.simplejobscript.com Version: Lastest...
Rukovoditel ERP & CRM 2.4.1 - 'path' Cross-Site Scripting
Exploit Title: Rukovoditel ERP & CRM 2.4.1 - 'path' Cross-Site Scripting Exploit Author: Javier Olmedo Website: https://hackpuntes.com Date: 2019-03-24 Google Dork: N/A Vendor: Rukovoditel Software Link: https://sourceforge.net/projects/rukovoditel/ Affected Version: 2.4.1 and possibly before...
XooDigital - 'p' SQL Injection
Exploit Title: XooDigital - 'p' SQL Injection Date: 26.03.2019 Exploit Author: Ahmet Ümit BAYRAM Vendor Homepage: https://xooscripts.com/product/digital-download-protection-script.html Demo Site: http://xooscripts.com/demos/xoodigital/ Version: Lastest Tested on: Kali Linux CVE: N/A ----- PoC :...
Firefox < 66.0.1 - 'Array.prototype.slice' Buffer Overflow
let size = 64; garr = ; j = 0; function gc var tmp = ; forlet i = 0;i...
Microsoft Windows 7/2008 - 'Win32k' Denial of Service (PoC)
Exploit Title: Microsoft Windows Win32k CVE-2019-0808 Local Privilege Escalation Vulnerability Date: 24/03/2019 Exploit Author: ze0r Vendor Homepage: www.microsoft.com Version: Microsoft Windows 7/ Server 2008 CVE : CVE-2019-0808...
Titan FTP Server Version 2019 Build 3505 - Directory Traversal / Local File Inclusion
Exploit Title: Titan FTP Server Version 2019 Build 3505 Directory Traversal/Local File Inclusion Google Dork: N/A Date: 3/26/2019 Exploit Author: Kevin Randall Vendor Homepage: https://titanftp.com/ Software Link: https://titanftp.com/download Version: Firmware: Titan FTP Server Version 2019 Buil...
XooGallery - Multiple SQL Injection
Exploit Title: XooGallery - Multiple SQL Injections Date: 26.03.2019 Exploit Author: Ahmet Ümit BAYRAM Vendor Homepage: https://xooscripts.com/product/html5-php-photo-gallery.html Demo Site: http://xooscripts.com/demos/xoogallery/ Version: Lastest Tested on: Kali Linux CVE: N/A ----- PoC 1: SQLi...
Apache CouchDB 2.3.1 - Cross-Site Request Forgery / Cross-Site Scripting
Exploit Title: Apache CouchDB 2.3.1 | Cross-Site Request Forgery / Cross-Site Scripting Date: 22.03.2019 Exploit Author: Ozer Goker Vendor Homepage: http://couchdb.apache.org Software Link: http://couchdb.apache.org/download Version: 2.3.1 Introduction A CouchDB server hosts named databases, whic...
Zeeways Jobsite CMS - 'id' SQL Injection
Exploit Title: Zeeways Jobsite CMS - 'id' SQL Injection Date: 25.03.2019 Exploit Author: Ahmet Ümit BAYRAM Vendor Homepage: http://www.zeeways.com/jobsite-cms/1/productdetail Demo Site: http://www.zeewayscms.com/jobsite/ Version: Lastest Tested on: Kali Linux CVE: N/A ----- PoC 1: SQLi -----...
VMware Workstation 14.1.5 / VMware Player 15.0.2 - Host VMX Process Impersonation Hijack Privilege Escalation
VMware: Host VMX Process Impersonation Hijack EoP Platform: VMware Workstation Windows v14.1.5 on Windows 10. Also tested VMware Player 15.0.2. Class: Elevation of Privilege Summary: The creation of the VMX process on a Windows host can be hijacked leading to elevation of privilege. Description:...
Jettweb PHP Hazır Haber Sitesi Scripti V3 - SQL Injection
Exploit Title: Jettweb PHP Hazır Haber Sitesi Scripti V3 - Multiple Vulnerabilities Date: 25.03.2019 Exploit Author: Ahmet Ümit BAYRAM Vendor Homepage: https://jettweb.net/u-16-php-hazir-haber-sitesi-scripti-v3.html Demo Site: http://haberv3.proemlaksitesi.net Version: V3 Tested on: Kali Linux CV...
Jettweb PHP Hazır Haber Sitesi Scripti V1 - SQL Injection
Exploit Title: Jettweb PHP Hazır Haber Sitesi Scripti V1 - Multiple Vulnerabilities Date: 23.03.2019 Exploit Author: Ahmet Ümit BAYRAM Vendor Homepage: https://jettweb.net/u-5-php-hazir-haber-sitesi-scripti-v1.html Demo Site: http://haberv1.proemlaksitesi.net Version: V1 Tested on: Kali Linux CVE...
VMware Workstation 14.1.5 / VMware Player 15 - Host VMX Process COM Class Hijack Privilege Escalation
VMware: Host VMX Process COM Class Hijack EoP Platform: VMware Workstation Windows v14.1.5 on Windows 10. Also tested VMware Player 15. Class: Elevation of Privilege Summary: COM classes used by the VMX process on a Windows host can be hijacked leading to elevation of privilege. Description: The...
Jettweb PHP Hazır Haber Sitesi Scripti V2 - SQL Injection (Authentication Bypass)
Exploit Title: Jettweb PHP Hazır Haber Sitesi Scripti V2 - Authentication Bypass Date: 25.03.2019 Exploit Author: Ahmet Ümit BAYRAM Vendor Homepage: https://jettweb.net/u-6-php-hazir-haber-sitesi-scripti-v2.html Demo Site: http://haberv2.proemlaksitesi.net Version: V2 Tested on: Kali Linux CVE: N...
X-NetStat Pro 5.63 - Local Buffer Overflow
!/usr/bin/env python --------------------------------------------------------------------------------------------------------- Exploit: X-NetStat Pro 5.63 - Local Buffer Overflow EggHunter Date: 2019-03-23 Author: Peyman Forouzan Tested Against: Winxp SP2 32-64 bit - Win7 Enterprise SP1 32-64 bit...
Zeeways Matrimony CMS - SQL Injection
Exploit Title: Zeeways Matrimony CMS - SQL Injection Date: 25.03.2019 Exploit Author: Ahmet Ümit BAYRAM Vendor Homepage: http://www.zeeways.com/matrimony-cms/4/productdetail Demo Site: http://www.zeewayscms.com/matrimony/ Version: Lastest Tested on: Kali Linux CVE: N/A ----- PoC 1: SQLi -----...
Inout Article Base CMS - SQL Injection
Exploit Title: Inout Article Base CMS - SQL Injection Date: 21.03.2019 Exploit Author: Ahmet Ümit BAYRAM Vendor Homepage: https://www.inoutscripts.com/products/inout-article-base/ Demo Site: http://www.inoutwebportal.com Version: Lastest Tested on: Kali Linux CVE: N/A ----- PoC 1: SQLi -----...
Matri4Web Matrimony Website Script - Multiple SQL Injection
Exploit Title: Matrimony Website Script - Multiple SQL Injection Date: 22.03.2019 Exploit Author: Ahmet Ümit BAYRAM Vendor Homepage: https://www.matri4web.com Demo Site: https://www.matrimonydemo.com Version: M-Plus Tested on: Kali Linux CVE: N/A ----- PoC 1: SQLi ----- Request:...
Meeplace Business Review Script - 'id' SQL Injection
Exploit Title: Meeplace Business Review Script - 'id' SQL Injection Date: 22.03.2019 Dork: Exploit Author: Ahmet Ümit BAYRAM Vendor Homepage: http://www.meeplace.com Demo Site: http://demo.meeplace.com Version: Lastest Tested on: Kali Linux CVE: N/A ----- PoC: SQLi ----- Request:...
snap - seccomp BBlacklist for TIOCSTI can be Circumvented
/ snap uses a seccomp filter to prevent the use of the TIOCSTI ioctl; in the source code, this filter is expressed as follows: TIOCSTI allows for faking input man ttyioctl TODO: this should be scaled back even more ioctl - !TIOCSTI In the X86-64 version of the compiled seccomp filter, this result...
Canarytokens 2019-03-01 - Detection Bypass
Exploit Title: Canarytokens 2019-03-01 - Detection Bypass Date: 20.03.2019 Exploit Author: Benjamin Zink Loft, Gionathan "John" Reale Vendor Homepage: https://thinkst.com/ Version: up to 2019-03-01 Software Link: https://github.com/thinkst/canarytokens Google Dork: N/A CVE: 2019-9768...
Placeto CMS Alpha v4 - 'page' SQL Injection
Placeto CMS Alpha v4 - 'page' SQL Injection Title: Placeto CMS Date: 21.03.2019 Exploit Author: Abdullah Çelebi Vendor Homepage: https://sourceforge.net/projects/placeto/ Software Link: https://sourceforge.net/projects/placeto/files/alpha-rv.4/placeto.zip Version: Alpha rv.4 Category: Webapps...
The Company Business Website CMS - Multiple Vulnerabilities
Exploit Title: The Company Business Website CMS - 'username' SQL Injection Date: 20.03.2019 Exploit Author: Ahmet Ümit BAYRAM Vendor Homepage: https://www.codester.com/items/6806/the-company-business-website-cms Demo Site: http://thecompany.morkocbilisim.com Version: Lastest Tested on: Kali Linux...
Bootstrapy CMS - Multiple SQL Injection
Exploit Title: Bootstrapy CMS - Multiple SQL Injection Date: 21.03.2019 Exploit Author: Ahmet Ümit BAYRAM Vendor Homepage: http://bootstrapy.com Demo Site: http://bootstrapy.net/demo/ Version: Lastest Tested on: Kali Linux CVE: N/A ----- PoC 1: SQLi ----- Request:...