47904 matches found
Linux - Broken uid/gid Mapping for Nested User Namespaces
commit 6397fac4915a "userns: bump idmap limits to 340" increases the number of possible uid/gid mappings that a namespace can have from 5 to 340. This is implemented by switching to a different data structure if the number of mappings exceeds 5: Instead of linear search over an unsorted array of...
Easy Outlook Express Recovery 2.0 - Denial of Service (PoC)
Exploit Title: Easy Outlook Express Recovery 2.0 - Denial of Service PoC Dork: N/A Date: 2018-11-15 Exploit Author: Ihsan Sencan Vendor Homepage: https://www.munsoft.com/EasyOutlookExpressRecovery/ Software Link:...
Mumsoft Easy Software 2.0 - Denial of Service (PoC)
Exploit Title: Mumsoft Easy Software 2.0 - Denial of Service PoC Dork: N/A Date: 2018-11-15 Exploit Author: Ihsan Sencan Vendor Homepage: https://www.munsoft.com/EasyRARRecovery/ Software Link:...
PHP-Proxy 5.1.0 - Local File Inclusion
Exploit Title: PHP-Proxy 5.1.0 - Local File Inclusion Date: 2018-11-13 Exploit Author: Ameer Pornillos Contact: https://ethicalhackers.club Vendor Homepage: https://www.php-proxy.com/ Software Link: https://www.php-proxy.com/download/php-proxy.zip Version: 5.1.0 Category: Webapps Tested on: XAMPP...
PHP Mass Mail 1.0 - Arbitrary File Upload
Exploit Title: PHP Mass Mail 1.0 - Arbitrary File Upload Dork: N/A Date: 2018-11-14 Exploit Author: Ihsan Sencan Vendor Homepage: https://phpmassmail.sourceforge.io/ Software Link: https://netix.dl.sourceforge.net/project/phpmassmail/phpmassmail/1.0.0/phpmassmail.zip Version: 1.0 Category: Webapp...
Simple E-Document 1.31 - 'username' SQL Injection
Exploit Title: Simple E-Document 1.31 - 'username' SQL Injection Dork: N/A Date: 2018-11-14 Exploit Author: Ihsan Sencan Vendor Homepage: http://www.tecorange.com/index.php/download-free-open-source-software/79-simple-e-document-free-open-source-document-and-paper-m Software Link:...
2-Plan Team 1.0.4 - Arbitrary File Upload
Exploit Title: 2-Plan Team 1.0.4 - Arbitrary File Upload Dork: N/A Date: 2018-11-15 Exploit Author: Ihsan Sencan Vendor Homepage: http://2-plan.com/ Software Link: https://datapacket.dl.sourceforge.net/project/to-plan-team/1.1.0/2-plan-team.tgz Version: 1.0.4 Category: Webapps Tested on:...
WordPress Plugin Ninja Forms 3.3.17 - Cross-Site Scripting
Exploit Title: Wordpress Plugin Ninja Forms 3.3.17 - Cross-Site Scripting Date: 2018-11-15 Exploit Author: MTK Vendor Homepage: https://ninjaforms.com Softwae Link: https://wordpress.org/plugins/ninja-forms/ Version: Up to V3.3.17 Tested on: Debian 9 - Apache2 - Wordpress 4.9.8 - Firefox CVE :...
Kordil EDMS 2.2.60rc3 - Arbitrary File Upload
Exploit Title: Kordil EDMS 2.2.60rc3 - Arbitrary File Upload Dork: N/A Date: 2018-11-13 Exploit Author: Ihsan Sencan Vendor Homepage: http://www.kordil.net/ Software Link: https://vorboss.dl.sourceforge.net/project/kordiledms/Kordil%20EDMS%20v2.2.60rc3/kordiledmsinstaller.exe Version: 2.2.60rc3...
EverSync 0.5 - Arbitrary File Download
Exploit Title: EverSync 0.5 - Arbitrary File Download Dork: N/A Date: 2018-11-14 Exploit Author: Ihsan Sencan Vendor Homepage: https://phpmassmail.sourceforge.io/ Software Link: https://datapacket.dl.sourceforge.net/project/eversync/Downloads/alpha/EverSync-Pre-alpha05.zip Version: 0.5 Category:...
Galaxy Forces MMORPG 0.5.8 - 'type' SQL Injection
Exploit Title: Galaxy Forces MMORPG 0.5.8 - 'type' SQL Injection Dork: N/A Date: 2018-11-14 Exploit Author: Ihsan Sencan Vendor Homepage: http://galaxy.alyx.pl/ Software Link: https://excellmedia.dl.sourceforge.net/project/galaxyforces/galaxy/0.5.8/galaxy-0.5.8.7z Version: 0.5.8 Category: Webapps...
Net-Billetterie 2.9 - 'login' SQL Injection
Exploit Title: Net-Billetterie 2.9 - 'login' SQL Injection Dork: N/A Date: 2018-11-13 Exploit Author: Ihsan Sencan Vendor Homepage: http://net-billetterie.tuxfamily.org/ Software Link: https://netix.dl.sourceforge.net/project/netbilletterie/Netbilletterie2.9.zip Version: 2.9 Category: Webapps...
BitZoom 1.0 - 'rollno' SQL Injection
Exploit Title: BitZoom 1.0 - 'rollno' SQL Injection Dork: N/A Date: 2018-11-14 Exploit Author: Ihsan Sencan Vendor Homepage: https://bitzoom.sourceforge.io/ Software Link: https://excellmedia.dl.sourceforge.net/project/bitzoom/bitzoom-master.zip Version: 1.0 Category: Webapps Tested on:...
Notepad3 1.0.2.350 - Denial of Service (PoC)
Exploit Title: Notepad3 1.0.2.350 - Denial of Service PoC Dork: N/A Date: 2018-11-14 Exploit Author: Ihsan Sencan Vendor Homepage: http://www.rizonesoft.com/ Software Link: https://netix.dl.sourceforge.net/project/notepad3/Notepad3%20Build%20350/Notepad3-1.0.2.350.exe Software Link:...
Meneame English Pligg 5.8 - 'search' SQL Injection
Exploit Title: Meneame English Pligg 5.8 - 'search' SQL Injection Dork: N/A Date: 2018-11-13 Exploit Author: Ihsan Sencan Vendor Homepage: https://sourceforge.net/projects/meneame-english/ Software Link: https://master.dl.sourceforge.net/project/meneame/meneame/Beta%205.8/PliggBeta5.8.rar Version...
Precurio Intranet Portal 2.0 - Cross-Site Request Forgery (Add Admin)
Exploit Title: Precurio Intranet Portal 2.0 - Cross-Site Request Forgery Add Admin Dork: N/A Date: 2018-11-12 Exploit Author: Ihsan Sencan Vendor Homepage: http://www.precurio.org Software Link: https://netcologne.dl.sourceforge.net/project/precurio/version%202.1/precurio.zip Version: 2.0 Categor...
AMPPS 2.7 - Denial of Service (PoC)
Exploit Title: AMPPS 2.7 - Denial of Service PoC Dork: N/A Date: 2018-11-12 Exploit Author: Ihsan Sencan Vendor Homepage: http://www.ampps.com/ Software Link: https://kent.dl.sourceforge.net/project/ampps/2.7/Ampps-2.7-setup.exe Version: 2.7 Category: Dos Tested on: WiN7x64/KaLiLinuXx64 CVE: N/A...
SwitchVPN for macOS 2.1012.03 - Privilege Escalation
======================================================================= Title: Privilege Escalation Vulnerability Product: SwitchVPN for MacOS Vulnerable version: 2.1012.03 CVE ID: CVE-2018-18860 Impact: Critical Homepage: https://switchvpn.net/ Identified: 2018-09-29 By: Bernd Leitner...
Electricks eCommerce 1.0 - Cross-Site Request Forgery (Change Admin Password)
Exploit Title: Electricks eCommerce 1.0 - Cross-Site Request Forgery Change Admin Password Date: 2018-11-12 Exploit Author: Nawaf Alkeraithe Software Link: https://www.sourcecodester.com/sites/default/files/download/billyblue/electricks.zip Version: 1.0 PoC: userid firstname lastname email...
Helpdezk 1.1.1 - 'query' SQL Injection
Exploit Title: Helpdezk 1.1.1 - 'query' SQL Injection Dork: N/A Date: 2018-11-13 Exploit Author: Ihsan Sencan Vendor Homepage: http://www.helpdezk.org/ Software Link: https://netcologne.dl.sourceforge.net/project/helpdezk/helpdezk-1.1.1.zip Version: 1.1.1 Category: Webapps Tested on:...
Atlassian Jira - (Authenticated) Upload Code Execution (Metasploit)
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Atlassian Jira Authenticated Upload Code Execution', 'Description' = %q This module can be used to execute a payload on Atlassian Jira via the...
ntpd 4.2.8p10 - Out-of-Bounds Read (PoC)
Exploit Title: ntpd 4.2.8p10 - Out-of-Bounds Read PoC Bug Discovery: Yihan Lian, a security researcher of Qihoo 360 GearTeam Exploit Author: Magnus Klaaborg Stubman @magnusstubman Website: https://dumpco.re/blog/cve-2018-7182 Vendor Homepage: http://www.ntp.org/ Software Link:...
EdTv 2 - 'id' SQL Injection
Exploit Title: EdTv 2 - 'id' SQL Injection Dork: N/A Date: 2018-11-12 Exploit Author: Ihsan Sencan Vendor Homepage: http://edtv.edsup.org/ Software Link: https://ayera.dl.sourceforge.net/project/edtv/beta/edtv2go.zip Version: 2 Category: Webapps Tested on: WiN7x64/KaLiLinuXx64 CVE: N/A POC: 1...
Advanced Comment System 1.0 - SQL Injection
Exploit Title: SQL injection in Advanced comment system v1.0 Date: 29-10-2018 Exploit Author: Rafael Pedrero Vendor Homepage: http://www.plohni.com Software Link: http://www.plohni.com/wb/content/php/download/Advancedcommentsystem1-0.zip,...
Pedidos 1.0 - SQL Injection
Exploit Title: Pedidos 1.0 - SQL Injection Dork: N/A Date: 2018-11-12 Exploit Author: Ihsan Sencan Vendor Homepage: http://obedalvarado.pw/ Software Link: https://netcologne.dl.sourceforge.net/project/sistema-web-de-pedidos-php/pedidos.zip Version: 1.0 Category: Webapps Tested on:...
Rmedia SMS 1.0 - SQL Injection
Exploit Title: Rmedia SMS 1.0 - SQL Injection Dork: N/A Date: 2018-11-11 Exploit Author: Ihsan Sencan Vendor Homepage: http://sms.rmediaindia.com/ Software Link: https://master.dl.sourceforge.net/project/rmediasms/rmediasms.rar Version: 1.0 Category: Webapps Tested on: WiN7x64/KaLiLinuXx64 CVE: N...
Dell OpenManage Network Manager 6.2.0.51 SP3 - Multiple Vulnerabilities
''' KL-001-2018-009 : Dell OpenManage Network Manager Multiple Vulnerabilities Title: Dell OpenManage Network Manager Multiple Vulnerabilities Advisory ID: KL-001-2018-009 Publication Date: 2018.11.05 Publication URL: https://www.korelogic.com/Resources/Advisories/KL-001-2018-009.txt 1...
Bosch Video Management System 8.0 - Configuration Client Denial of Service (PoC)
Exploit Title: Bosch Video Management System 8.0-Configuration Client-Denial of Service Poc Discovery by: Daniel Discovery Date: 2018-11-12 Software Name: Bosch Video Management System Software Version: 8.0 Vendor Homepage: https://www.boschsecurity.com/xc/en/products/management-software/bvms/...
Electricks eCommerce 1.0 - Persistent Cross-Site Scripting
Exploit Title: Electricks eCommerce 1.0 - Cross-Site Scripting Date: 2018-11-12 Exploit Author: Nawaf Alkeraithe Software Link: https://www.sourcecodester.com/sites/default/files/download/billyblue/electricks.zip Version: 1.0 When a user signs up for an account on the following url:...
PHP 5.2.3 imap (Debian Based) - 'imap_open' disable_functions Bypass
/tmp/test0001 $server = "x -oProxyCommand=echo\tZWNobyAnMTIzNDU2Nzg5MCc+L3RtcC90ZXN0MDAwMQo=|base64\t-d|sh"; imapopen''.$server.':143/imapINBOX', '', '' or die"\n\nError: ".imaplasterror;...
DoceboLMS 1.2 - SQL Injection / Arbitrary File Upload
Exploit Title: DoceboLMS 1.2 - SQL Injection Dork: N/A Date: 2018-11-12 Exploit Author: Ihsan Sencan Vendor Homepage: http://www.spaghettilearning.com/ Software Link:...
iServiceOnline 1.0 - 'r' SQL Injection
Exploit Title: iServiceOnline 1.0 - 'r' SQL Injection Dork: N/A Date: 2018-11-12 Exploit Author: Ihsan Sencan Vendor Homepage: https://sourceforge.net/projects/iserviceonline/ Software Link: https://netcologne.dl.sourceforge.net/project/iserviceonline/iServiceEng.zip Version: 1.0 Category: Webapp...
SIPve 0.0.2-R19 - SQL Injection
Exploit Title: SIPve 0.0.2-R19 - SQL Injection Dork: N/A Date: 2018-11-11 Exploit Author: Ihsan Sencan Vendor Homepage: https://sourceforge.net/projects/sipve/ Software Link: https://datapacket.dl.sourceforge.net/project/sipve/sipve-v0.0.2-R19.tar.gz Version: 0.0.2-R19 Category: Webapps Tested on...
Webiness Inventory 2.3 - Arbitrary File Upload / Cross-Site Request Forgery (Add Admin)
Exploit Title: Webiness Inventory 2.3 - Arbitrary File Upload / Cross-Site Request Forgery Add Admin Dork: N/A Date: 2018-11-11 Exploit Author: Ihsan Sencan Vendor Homepage: https://github.com/webiness/webinessinventory Software Link:...
ABC ERP 0.6.4 - Cross-Site Request Forgery (Update Admin)
Exploit Title: ABC ERP 0.6.4 - Cross-Site Request Forgery Update Admin Dork: N/A Date: 2018-11-11 Exploit Author: Ihsan Sencan Vendor Homepage: http://www.abc-erp.com/ Software Link: https://netcologne.dl.sourceforge.net/project/abc-erp/abcv064.zip Version: 0.6.4 Category: Webapps Tested on:...
Musicco 2.0.0 - Arbitrary Directory Download
Exploit Title: Musicco 2.0.0 - Arbitrary Directory Download Dork: N/A Date: 2018-11-09 Exploit Author: Ihsan Sencan Vendor Homepage: https://www.musicco.app/ Software Link: https://codeload.github.com/micser/musicco/zip/master Version: 2.0.0 Category: Webapps Tested on: WiN7x64/KaLiLinuXx64 CVE:...
Cisco Immunet < 6.2.0 / Cisco AMP For Endpoints 6.2.0 - Denial of Service
/ + Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/CISCO-IMMUNET-AND-CISCO-AMP-FOR-ENDPOINTS-SYSTEM-SCAN-DENIAL-OF-SERVICE.txt + ISR: ApparitionSec Greetz: indoushka | Eduardo B. Vendor www.cisco.com Multiple Products Cisc...
CentOS Web Panel 0.9.8.740 - Cross-Site Request Forgery / Cross-Site Scripting
Title: CentOS Web Panel Root Account Takeover + Remote Command Execution var url = "http://targetserver:2030/admin/index.php?module=rootpwd"; var params = "ifpost=yes&password1=newpassword&password2=newpassword"; var vuln = new XMLHttpRequest; vuln.open"POST", url, true; vuln.withCredentials =...
XAMPP Control Panel 3.2.2 - Buffer Overflow (SEH) (Unicode)
Exploit Title: XAMPP Control Panel 3.2.2 - Buffer Overflow SEH Unicode Exploit Author: Gionathan "John" Reale 0-day DoS exploit, Semen Alexandrovich Lyhin 1-day fully working exploit. Shellcode Author: Giuseppe D'Amore EDB:28996 Date: 2018-11-08. Software: XAMPP Version: 3.2.2 / 7.2.9 Newest...
Tina4 Stack 1.0.3 - SQL Injection / Database File Download
Exploit Title: Tina4 Stack 1.0.3 - SQL Injection / Database File Download Dork: N/A Date: 2018-11-09 Exploit Author: Ihsan Sencan Vendor Homepage: http://tina4.com/ Software Link: https://ayera.dl.sourceforge.net/project/tina4stack/v1.0.3/Release%20V1.0.3.zip Version: 1.0.3 Category: Webapps Test...
xorg-x11-server < 1.20.1 - Local Privilege Escalation
Exploit Title: xorg-x11-server bolo console opened Building root shell wait 2 minutes crontab overwritten ... cut Xorg output ... Xorg killed II Server terminated successfully 0. Closing log file. Don't forget to cleanup /etc/crontab and /tmp dir sh-4.2 id && whoami uid=0root gid=0root...
Data Center Audit 2.6.2 - Cross-Site Request Forgery (Update Admin)
Exploit Title: Data Center Audit 2.6.2 - Cross-Site Request Forgery Update Admin Dork: N/A Date: 2018-11-09 Exploit Author: Ihsan Sencan Vendor Homepage: https://sourceforge.net/projects/datacenteraudit/ Software Link: https://netix.dl.sourceforge.net/project/datacenteraudit/datacenterauditv262.z...
CuteFTP Mac 3.1 - Denial of Service (PoC)
Exploit Title: CuteFTP Mac 3.1 Denial of Service PoC Date: 2018-11-06 Exploit Author: Yair Rodríguez Aparicio Vendor Homepage: https://www.globalscape.com/cuteftp Software Link: http://go.globalscape.com/download/cuteftp-macosx Version: 3.1 Tested on: macOS High Sierra 10.13 Steps to Produce the...
Evince 3.24.0 - Command Injection
Exploit Title: evince command line injection Date: 2017-09-05 Exploit Author: Matlink Vendor Homepage: https://wiki.gnome.org/Apps/Evince Software Link: https://wiki.gnome.org/Apps/Evince Version: 3.24.0 Tested on: Debian sid CVE : CVE-2017-1000083 Can be tested on docker with...
Surreal ToDo 0.6.1.2 - SQL Injection
Exploit Title: Surreal ToDo 0.6.1.2 - SQL Injection Dork: N/A Date: 2018-11-08 Exploit Author: Ihsan Sencan Vendor Homepage: http://getsurreal.com/surrealtodo Software Link: https://netcologne.dl.sourceforge.net/project/surrealtodo/Surreal%20ToDo/surrealtodov0.6.1.2.zip Version: 0.6.1.2 Category:...
Easyndexer 1.0 - Arbitrary File Download
Exploit Title: Easyndexer 1.0 - Arbitrary File Download Dork: N/A Date: 2018-11-10 Exploit Author: Ihsan Sencan Vendor Homepage: https://sourceforge.net/projects/easyndexer/ Software Link: https://ayera.dl.sourceforge.net/project/easyndexer/easyndexerwin32.exe Version: 1.0 Category: Webapps Teste...
Tina4 Stack 1.0.3 - Cross-Site Request Forgery (Update Admin)
Exploit Title: Tina4 Stack 1.0.3 - Cross-Site Request Forgery Update Admin Dork: N/A Date: 2018-11-09 Exploit Author: Ihsan Sencan Vendor Homepage: http://tina4.com/ Software Link: https://ayera.dl.sourceforge.net/project/tina4stack/v1.0.3/Release%20V1.0.3.zip Version: 1.0.3 Category: Webapps...
Alienor Web Libre 2.0 - SQL Injection
Exploit Title: Alienor Web Libre 2.0 - SQL Injection Dork: N/A Date: 2018-11-08 Exploit Author: Ihsan Sencan Vendor Homepage: http://alienor.org/ Software Link: https://excellmedia.dl.sourceforge.net/project/alienorweblibre/alienorweblibre.zip Version: 2.0 Category: Webapps Tested on:...
Surreal ToDo 0.6.1.2 - Local File Inclusion
Exploit Title: Surreal ToDo 0.6.1.2 - Local File Inclusion Dork: N/A Date: 2018-11-08 Exploit Author: Ihsan Sencan Vendor Homepage: http://getsurreal.com/surrealtodo Software Link: https://netcologne.dl.sourceforge.net/project/surrealtodo/Surreal%20ToDo/surrealtodov0.6.1.2.zip Version: 0.6.1.2...
Maitra Mail Tracking System 1.7.2 - SQL Injection / Database File Download
Exploit Title: Maitra - Mail Tracking System 1.7.2 - SQL Injection / Database File Download Dork: N/A Date: 2018-11-11 Exploit Author: Ihsan Sencan Vendor Homepage: http://salzertechnologies.com/ Software Link: https://netcologne.dl.sourceforge.net/project/maitra/maitra/maitra-desktop-v1.7.2.zip...