Bosch Video Management System 8.0 - Configuration Client Denial of Service (PoC)

Exploit Title: Bosch Video Management System 8.0-Configuration Client-Denial of Service Poc Discovery by: Daniel Discovery Date: 2018-11-12 Software Name: Bosch Video Management System Software Version: 8.0 Vendor Homepage: https://www.boschsecurity.com/xc/en/products/management-software/bvms/...

iServiceOnline 1.0 - 'r' SQL Injection

Exploit Title: iServiceOnline 1.0 - 'r' SQL Injection Dork: N/A Date: 2018-11-12 Exploit Author: Ihsan Sencan Vendor Homepage: https://sourceforge.net/projects/iserviceonline/ Software Link: https://netcologne.dl.sourceforge.net/project/iserviceonline/iServiceEng.zip Version: 1.0 Category: Webapp...

Advanced Comment System 1.0 - SQL Injection

Exploit Title: SQL injection in Advanced comment system v1.0 Date: 29-10-2018 Exploit Author: Rafael Pedrero Vendor Homepage: http://www.plohni.com Software Link: http://www.plohni.com/wb/content/php/download/Advancedcommentsystem1-0.zip,...

Electricks eCommerce 1.0 - Cross-Site Request Forgery (Change Admin Password)

Exploit Title: Electricks eCommerce 1.0 - Cross-Site Request Forgery Change Admin Password Date: 2018-11-12 Exploit Author: Nawaf Alkeraithe Software Link: https://www.sourcecodester.com/sites/default/files/download/billyblue/electricks.zip Version: 1.0 PoC: userid firstname lastname email...

Helpdezk 1.1.1 - 'query' SQL Injection

Exploit Title: Helpdezk 1.1.1 - 'query' SQL Injection Dork: N/A Date: 2018-11-13 Exploit Author: Ihsan Sencan Vendor Homepage: http://www.helpdezk.org/ Software Link: https://netcologne.dl.sourceforge.net/project/helpdezk/helpdezk-1.1.1.zip Version: 1.1.1 Category: Webapps Tested on:...

ntpd 4.2.8p10 - Out-of-Bounds Read (PoC)

Exploit Title: ntpd 4.2.8p10 - Out-of-Bounds Read PoC Bug Discovery: Yihan Lian, a security researcher of Qihoo 360 GearTeam Exploit Author: Magnus Klaaborg Stubman @magnusstubman Website: https://dumpco.re/blog/cve-2018-7182 Vendor Homepage: http://www.ntp.org/ Software Link:...

Pedidos 1.0 - SQL Injection

Exploit Title: Pedidos 1.0 - SQL Injection Dork: N/A Date: 2018-11-12 Exploit Author: Ihsan Sencan Vendor Homepage: http://obedalvarado.pw/ Software Link: https://netcologne.dl.sourceforge.net/project/sistema-web-de-pedidos-php/pedidos.zip Version: 1.0 Category: Webapps Tested on:...

PHP 5.2.3 imap (Debian Based) - 'imap_open' disable_functions Bypass

/tmp/test0001 $server = "x -oProxyCommand=echo\tZWNobyAnMTIzNDU2Nzg5MCc+L3RtcC90ZXN0MDAwMQo=|base64\t-d|sh"; imapopen''.$server.':143/imapINBOX', '', '' or die"\n\nError: ".imaplasterror;...

Electricks eCommerce 1.0 - Persistent Cross-Site Scripting

Exploit Title: Electricks eCommerce 1.0 - Cross-Site Scripting Date: 2018-11-12 Exploit Author: Nawaf Alkeraithe Software Link: https://www.sourcecodester.com/sites/default/files/download/billyblue/electricks.zip Version: 1.0 When a user signs up for an account on the following url:...

DoceboLMS 1.2 - SQL Injection / Arbitrary File Upload

Exploit Title: DoceboLMS 1.2 - SQL Injection Dork: N/A Date: 2018-11-12 Exploit Author: Ihsan Sencan Vendor Homepage: http://www.spaghettilearning.com/ Software Link:...

EdTv 2 - 'id' SQL Injection

Exploit Title: EdTv 2 - 'id' SQL Injection Dork: N/A Date: 2018-11-12 Exploit Author: Ihsan Sencan Vendor Homepage: http://edtv.edsup.org/ Software Link: https://ayera.dl.sourceforge.net/project/edtv/beta/edtv2go.zip Version: 2 Category: Webapps Tested on: WiN7x64/KaLiLinuXx64 CVE: N/A POC: 1...

SwitchVPN for macOS 2.1012.03 - Privilege Escalation

======================================================================= Title: Privilege Escalation Vulnerability Product: SwitchVPN for MacOS Vulnerable version: 2.1012.03 CVE ID: CVE-2018-18860 Impact: Critical Homepage: https://switchvpn.net/ Identified: 2018-09-29 By: Bernd Leitner...

Musicco 2.0.0 - Arbitrary Directory Download

Exploit Title: Musicco 2.0.0 - Arbitrary Directory Download Dork: N/A Date: 2018-11-09 Exploit Author: Ihsan Sencan Vendor Homepage: https://www.musicco.app/ Software Link: https://codeload.github.com/micser/musicco/zip/master Version: 2.0.0 Category: Webapps Tested on: WiN7x64/KaLiLinuXx64 CVE:...

CuteFTP Mac 3.1 - Denial of Service (PoC)

Exploit Title: CuteFTP Mac 3.1 Denial of Service PoC Date: 2018-11-06 Exploit Author: Yair Rodríguez Aparicio Vendor Homepage: https://www.globalscape.com/cuteftp Software Link: http://go.globalscape.com/download/cuteftp-macosx Version: 3.1 Tested on: macOS High Sierra 10.13 Steps to Produce the...

Alive Parish 2.0.4 - SQL Injection / Arbitrary File Upload

Exploit Title: Alive Parish 2.0.4 - SQL Injection / Arbitrary File Upload Dork: N/A Date: 2018-11-11 Exploit Author: Ihsan Sencan Vendor Homepage: https://demo.aliveparish.com Software Link: https://netcologne.dl.sourceforge.net/project/aliveparish/aliveparish-v2.0.zip Version: 2.0.4 Category:...

SIPve 0.0.2-R19 - SQL Injection

Exploit Title: SIPve 0.0.2-R19 - SQL Injection Dork: N/A Date: 2018-11-11 Exploit Author: Ihsan Sencan Vendor Homepage: https://sourceforge.net/projects/sipve/ Software Link: https://datapacket.dl.sourceforge.net/project/sipve/sipve-v0.0.2-R19.tar.gz Version: 0.0.2-R19 Category: Webapps Tested on...

Easyndexer 1.0 - Arbitrary File Download

Exploit Title: Easyndexer 1.0 - Arbitrary File Download Dork: N/A Date: 2018-11-10 Exploit Author: Ihsan Sencan Vendor Homepage: https://sourceforge.net/projects/easyndexer/ Software Link: https://ayera.dl.sourceforge.net/project/easyndexer/easyndexerwin32.exe Version: 1.0 Category: Webapps Teste...

Data Center Audit 2.6.2 - Cross-Site Request Forgery (Update Admin)

Exploit Title: Data Center Audit 2.6.2 - Cross-Site Request Forgery Update Admin Dork: N/A Date: 2018-11-09 Exploit Author: Ihsan Sencan Vendor Homepage: https://sourceforge.net/projects/datacenteraudit/ Software Link: https://netix.dl.sourceforge.net/project/datacenteraudit/datacenterauditv262.z...

Tina4 Stack 1.0.3 - SQL Injection / Database File Download

Exploit Title: Tina4 Stack 1.0.3 - SQL Injection / Database File Download Dork: N/A Date: 2018-11-09 Exploit Author: Ihsan Sencan Vendor Homepage: http://tina4.com/ Software Link: https://ayera.dl.sourceforge.net/project/tina4stack/v1.0.3/Release%20V1.0.3.zip Version: 1.0.3 Category: Webapps Test...

Surreal ToDo 0.6.1.2 - Local File Inclusion

Exploit Title: Surreal ToDo 0.6.1.2 - Local File Inclusion Dork: N/A Date: 2018-11-08 Exploit Author: Ihsan Sencan Vendor Homepage: http://getsurreal.com/surrealtodo Software Link: https://netcologne.dl.sourceforge.net/project/surrealtodo/Surreal%20ToDo/surrealtodov0.6.1.2.zip Version: 0.6.1.2...

ABC ERP 0.6.4 - Cross-Site Request Forgery (Update Admin)

Exploit Title: ABC ERP 0.6.4 - Cross-Site Request Forgery Update Admin Dork: N/A Date: 2018-11-11 Exploit Author: Ihsan Sencan Vendor Homepage: http://www.abc-erp.com/ Software Link: https://netcologne.dl.sourceforge.net/project/abc-erp/abcv064.zip Version: 0.6.4 Category: Webapps Tested on:...

Tina4 Stack 1.0.3 - Cross-Site Request Forgery (Update Admin)

Exploit Title: Tina4 Stack 1.0.3 - Cross-Site Request Forgery Update Admin Dork: N/A Date: 2018-11-09 Exploit Author: Ihsan Sencan Vendor Homepage: http://tina4.com/ Software Link: https://ayera.dl.sourceforge.net/project/tina4stack/v1.0.3/Release%20V1.0.3.zip Version: 1.0.3 Category: Webapps...

XAMPP Control Panel 3.2.2 - Buffer Overflow (SEH) (Unicode)

Exploit Title: XAMPP Control Panel 3.2.2 - Buffer Overflow SEH Unicode Exploit Author: Gionathan "John" Reale 0-day DoS exploit, Semen Alexandrovich Lyhin 1-day fully working exploit. Shellcode Author: Giuseppe D'Amore EDB:28996 Date: 2018-11-08. Software: XAMPP Version: 3.2.2 / 7.2.9 Newest...

Gumbo CMS 0.99 - SQL Injection

Exploit Title: Gumbo CMS 0.99 - SQL Injection Dork: N/A Date: 2018-11-11 Exploit Author: Ihsan Sencan Vendor Homepage: http://gumbo-cms.net/ Software Link: https://netix.dl.sourceforge.net/project/gumbo-cms/0.99%20beta/gumbo-0.99beta.zip Version: 0.99 Category: Webapps Tested on:...

Silurus Classifieds Script 2.0 - 'wcategory' SQL Injection

Exploit Title: Silurus Classifieds Script 2.0 - SQL Injection Dork: N/A Date: 2018-11-11 Exploit Author: Ihsan Sencan Vendor Homepage: http://snowhall.com/store/silurus/ Software Link: https://netcologne.dl.sourceforge.net/project/silurus/silurus2.0.zip Version: 2.0 Category: Webapps Tested on:...

Cisco Immunet < 6.2.0 / Cisco AMP For Endpoints 6.2.0 - Denial of Service

/ + Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/CISCO-IMMUNET-AND-CISCO-AMP-FOR-ENDPOINTS-SYSTEM-SCAN-DENIAL-OF-SERVICE.txt + ISR: ApparitionSec Greetz: indoushka | Eduardo B. Vendor www.cisco.com Multiple Products Cisc...

Evince 3.24.0 - Command Injection

Exploit Title: evince command line injection Date: 2017-09-05 Exploit Author: Matlink Vendor Homepage: https://wiki.gnome.org/Apps/Evince Software Link: https://wiki.gnome.org/Apps/Evince Version: 3.24.0 Tested on: Debian sid CVE : CVE-2017-1000083 Can be tested on docker with...

Surreal ToDo 0.6.1.2 - SQL Injection

Exploit Title: Surreal ToDo 0.6.1.2 - SQL Injection Dork: N/A Date: 2018-11-08 Exploit Author: Ihsan Sencan Vendor Homepage: http://getsurreal.com/surrealtodo Software Link: https://netcologne.dl.sourceforge.net/project/surrealtodo/Surreal%20ToDo/surrealtodov0.6.1.2.zip Version: 0.6.1.2 Category:...

Webiness Inventory 2.3 - 'order' SQL Injection

Exploit Title: Webiness Inventory 2.3 - SQL Injection Dork: N/A Date: 2018-11-11 Exploit Author: Ihsan Sencan Vendor Homepage: https://github.com/webiness/webinessinventory Software Link: https://kent.dl.sourceforge.net/project/webinessinventory/2.3/webinessinventory-2.3.zip Version: 2.3 Category...

Maitra Mail Tracking System 1.7.2 - SQL Injection / Database File Download

Exploit Title: Maitra - Mail Tracking System 1.7.2 - SQL Injection / Database File Download Dork: N/A Date: 2018-11-11 Exploit Author: Ihsan Sencan Vendor Homepage: http://salzertechnologies.com/ Software Link: https://netcologne.dl.sourceforge.net/project/maitra/maitra/maitra-desktop-v1.7.2.zip...

Webiness Inventory 2.3 - Arbitrary File Upload / Cross-Site Request Forgery (Add Admin)

Exploit Title: Webiness Inventory 2.3 - Arbitrary File Upload / Cross-Site Request Forgery Add Admin Dork: N/A Date: 2018-11-11 Exploit Author: Ihsan Sencan Vendor Homepage: https://github.com/webiness/webinessinventory Software Link:...

ClipperCMS 1.3.3 - Cross-Site Request Forgery (File Upload)

Exploit Title: ClipperCMS 1.3.3 File Upload CSRF Vulnerability Date: 2018-11-11 Exploit Author: Ameer Pornillos Website: http://ethicalhackers.club Vendor Homepage: http://www.clippercms.com/ Software Link: https://github.com/ClipperCMS/ClipperCMS/releases/tag/clipper1.3.3 Version: 1.3.3 Tested o...

CentOS Web Panel 0.9.8.740 - Cross-Site Request Forgery / Cross-Site Scripting

Title: CentOS Web Panel Root Account Takeover + Remote Command Execution var url = "http://targetserver:2030/admin/index.php?module=rootpwd"; var params = "ifpost=yes&password1=newpassword&password2=newpassword"; var vuln = new XMLHttpRequest; vuln.open"POST", url, true; vuln.withCredentials =...

Alienor Web Libre 2.0 - SQL Injection

Exploit Title: Alienor Web Libre 2.0 - SQL Injection Dork: N/A Date: 2018-11-08 Exploit Author: Ihsan Sencan Vendor Homepage: http://alienor.org/ Software Link: https://excellmedia.dl.sourceforge.net/project/alienorweblibre/alienorweblibre.zip Version: 2.0 Category: Webapps Tested on:...

xorg-x11-server < 1.20.1 - Local Privilege Escalation

Exploit Title: xorg-x11-server bolo console opened Building root shell wait 2 minutes crontab overwritten ... cut Xorg output ... Xorg killed II Server terminated successfully 0. Closing log file. Don't forget to cleanup /etc/crontab and /tmp dir sh-4.2 id && whoami uid=0root gid=0root...

Nominas 0.27 - 'username' SQL Injection

Exploit Title: Nominas 0.27 - 'username' SQL Injection Dork: N/A Date: 2018-11-09 Exploit Author: Ihsan Sencan Vendor Homepage: http://arixolab.com/proyecto.html Software Link: https://netix.dl.sourceforge.net/project/nominascrm/Nominas%20v0.27.tar.gz Version: 0.27 Category: Webapps Tested on:...

TufinOS 2.17 Build 1193 - XML External Entity Injection

Exploit Title: TufinOS 2.17 Build 1193 - XML External Entity Injection Exploit Author: konstantinos Alexiou Date: 2018-10-18 Vendor: https://www.tufin.com Software Link: https://www.tufin.com/tufin-orchestration-suite/securetrack CVE: N/A Category: webapps 1. Description The SecureTrack applicati...

D-LINK Central WifiManager CWM-100 - Server-Side Request Forgery

Exploit Title: D-LINK Central WifiManager CWM-100 - Server-Side Request Forgery Author: John Page aka hyp3rlinx Date: 2018-11-09 Vendor: http://us.dlink.com Product Link: http://us.dlink.com/products/business-solutions/central-wifimanager-software-controller/ Version: Version 1.03 r0098 CVE: N/A...

Facturation System 1.0 - 'modid' SQL Injection

Exploit Title: Facturation System 1.0 - 'modid' SQL Injection Dork: N/A Date: 2018-11-08 Exploit Author: Ihsan Sencan Vendor Homepage: http://obedalvarado.pw/simple-invoice/ Software Link: https://kent.dl.sourceforge.net/project/simple-invoice/simple-invoice-master.zip Version: 1.0 Category:...

The Don 1.0.1 - 'login' SQL Injection

Exploit Title: The Don 1.0.1 - 'login' SQL Injection Dork: N/A Date: 2018-11-11 Exploit Author: Ihsan Sencan Vendor Homepage: https://thedon.sourceforge.io/ Software Link: https://netix.dl.sourceforge.net/project/thedon/thedon-1.0b.rar Version: 1.0.1 Category: Webapps Tested on:...

Data Center Audit 2.6.2 - 'username' SQL Injection

Exploit Title: Data Center Audit 2.6.2 - 'username' SQL Injection Dork: N/A Date: 2018-11-09 Exploit Author: Ihsan Sencan Vendor Homepage: https://sourceforge.net/projects/datacenteraudit/ Software Link: https://netix.dl.sourceforge.net/project/datacenteraudit/datacenterauditv262.zip Version: 2.6...

CuteFTP 9.3.0.3 - Denial of Service (PoC)

Exploit Title: CuteFTP 9.3.0.3 - Denial of Service PoC Date: 2018-11-05 Exploit Author: Ismael Nava Vendor Homepage: https://www.globalscape.com/cuteftp Software Link: https://www.globalscape.com/cuteftp Version: 9.3.0.3 Tested on: Windows 10 Home x64 CVE : n/a STEPS Run the python exploit script...

HeidiSQL 9.5.0.5196 - Denial of Service (PoC)

Exploit Title: HeidiSQL 9.5.0.5196 - Denial of Service PoC Discovery by: Victor Mondragón Discovery Date: 2018-11-06 Vendor Homepage: https://www.heidisql.com/ Software Link: https://www.heidisql.com/download.php Tested Version: 9.5.0.5196 Tested on: Windows 10 Single Language x64 / Windows 7 x64...

Paroiciel 11.20 - 'tRecIdListe' SQL Injection

Exploit Title: Paroiciel 11.20 - 'tRecIdListe' SQL Injection Dork: N/A Date: 2018-11-09 Exploit Author: Ihsan Sencan Vendor Homepage: https://www.paroiciel.com/ Software Link: https://datapacket.dl.sourceforge.net/project/paroiciel/version%2011/par6lus1120160225.exe Version: 11.20 Category: Webap...

Easyndexer 1.0 - Cross-Site Request Forgery (Add Admin)

Exploit Title: Easyndexer 1.0 - Cross-Site Request Forgery Add Admin Dork: N/A Date: 2018-11-10 Exploit Author: Ihsan Sencan Vendor Homepage: https://sourceforge.net/projects/easyndexer/ Software Link: https://ayera.dl.sourceforge.net/project/easyndexer/easyndexerwin32.exe Version: 1.0 Category:...

Mongoose Web Server 6.9 - Denial of Service (PoC)

Exploit Title: Mongoose Web Server 6.9 - Denial of Service PoC Dork: N/A Date: 2018-11-11 Exploit Author: Ihsan Sencan Vendor Homepage: https://cesanta.com/binary.html Software Link: https://backend.cesanta.com/cgi-bin/api.cgi?act=dl&os=win Version: 6.9 Category: Dos Tested on: WiN7x64/KaLiLinuXx...

GPS Tracking System 2.12 - 'username' SQL Injection

Exploit Title: GPS Tracking System 2.12 - 'username' SQL Injection Dork: N/A Date: 2018-11-10 Exploit Author: Ihsan Sencan Vendor Homepage: https://sourceforge.net/projects/gpstracking/ Software Link: https://kent.dl.sourceforge.net/project/gpstracking/gps.zip Version: 2.12 Category: Webapps Test...

ServerZilla 1.0 - 'email' SQL Injection

Exploit Title: ServerZilla 1.0 - 'email' SQL Injection Dork: N/A Date: 2018-11-08 Exploit Author: Ihsan Sencan Vendor Homepage: https://serverzilla.sourceforge.io/ Software Link: https://ayera.dl.sourceforge.net/project/serverzilla/ServerZillasrc.zip Version: 1.0 Category: Webapps Tested on:...

WordPress Plugin Media File Manager 1.4.2 - Directory Traversal / Cross-Site Scripting

Exploit Title: Wordpress Plugin Media File Manager 1.4.2 - Directory Traversal Date: 2018-05-11 Exploit Author: Pasquale Turi aka boombyte Vendor Homepage: https://wordpress.org/plugins/media-file-manager/ Software Link: https://wordpress.org/plugins/media-file-manager/ Version: 1.4.2 CVE: N/A...

TP-Link Archer C50 Wireless Router 171227 - Cross-Site Request Forgery (Configuration File Disclosure)

Exploit Title: TP-Link Archer C50 Wireless Router 171227 - Cross-Site Request Forgery Configuration File Disclosure Date: 2018-11-07 Exploit Author: Wadeek Vendor Homepage: https://www.tp-link.com/ Hardware Version: Archer C50 v3 00000001 Firmware Link:...