CI User Login and Management 1.0 - Arbitrary File Upload

Exploit Title: CI User Login and Management 1.0 - Arbitrary File Upload Dork: N/A Date: 2018-10-30 Exploit Author: Ihsan Sencan Vendor Homepage 1: http://www.webprojectbuilder.com/item/user-login-and-management Vendor Homepage 2: https://sourceforge.net/projects/user-management-system/ Software...

University Application System 1.0 - SQL Injection / Cross-Site Request Forgery (Add Admin)

Exploit Title: University Application System 1.0 - SQL Injection / Cross-Site Request Forgery Add Admin Dork: N/A Date: 2018-10-30 Exploit Author: Ihsan Sencan Vendor Homepage: https://www.sourcecodester.com/users/pamzey Software Link:...

Instagram Clone 1.0 - Arbitrary File Upload

Exploit Title: Instagram Clone 1.0 - Arbitrary File Upload Dork: N/A Date: 2018-10-30 Exploit Author: Ihsan Sencan Vendor Homepage: https://www.sourcecodester.com/users/justinwilliam Software Link: https://www.sourcecodester.com/sites/default/files/download/justinwilliam/instagram3.zip Version: 1...

Nutanix AOS & Prism < 5.5.5 (LTS) / < 5.8.1 (STS) - SFTP Authentication Bypass

Exploit Title: Nutanix AOS & Prism - SFTP Authentication Bypass Date: 2018-10-27 Exploit Author: Adam Brown Vendor Homepage: https://www.nutanix.org Software Link: https://www.nutanix.com/products/software-options/ Version: 5.5.5 LTS, 5.8.1 STS Tested on: Acropolis Operating System CVE : Related ...

Asaancart Simple PHP Shopping Cart 0.9 - Arbitrary File Upload / SQL Injection

Exploit Title: Simple PHP Shopping Cart 0.9 - Arbitrary File Upload Dork: N/A Date: 2018-10-30 Exploit Author: Ihsan Sencan Vendor Homepage: https://asaancart.wordpress.com/ Software Link: https://vorboss.dl.sourceforge.net/project/asaancart/asaancart%20v-0.9/asaancart%20v-0.9.zip Version: 0.9...

Microstrategy Web 7 - Cross-Site Scripting / Directory Traversal

!-- Exploit Title: Cross Site Scripting in Microstrategy Web version 7 Date: 29-10-2018 Exploit Author: Rafael Pedrero Vendor Homepage: https://www.microstrategy.com Software Link: https://www.microstrategy.com Version: Microstrategy Web version 7 Tested on: Unix CVE : CVE-2018-18775 Category:...

Netgear WiFi Router R6120 - Credential Disclosure

Exploit Title: NETGEAR WiFi Router R6120 - Credential Disclosure Date: 2018-10-28 Exploit Author: Wadeek Hardware Version: R6120 Firmware Version: 1.0.0.30 Vendor Homepage: https://www.netgear.com/support/product/R6120.aspx Firmware Link:...

Notes Manager 1.0 - Arbitrary File Upload

Exploit Title: Notes Manager 1.0 - Arbitrary File Upload Dork: N/A Date: 2018-10-30 Exploit Author: Ihsan Sencan Vendor Homepage: https://www.webprojectbuilder.com/item/notes-management Software Link: https://astuteinternet.dl.sourceforge.net/project/notes-manager/notesmanagement.zip Version: 1.0...

phptpoint Pharmacy Management System 1.0 - 'username' SQL Injection

Exploit Title: phptpoint Pharmacy Management System 1.0 - 'username' SQL injection Date: 2018-10-24 Exploit Author: Boumediene KADDOUR Unit: Algerie Telecom R&D Unit Vendor Homepage: https://www.phptpoint.com/ Software Link: https://www.phptpoint.com/pharmacy-management-system/ Version: 1 Tested...

Electricks eCommerce 1.0 - 'prodid' SQL Injection

Exploit Title: Electricks eCommerce 1.0 - 'prodid' SQL Injection Dork: N/A Date: 2018-10-29 Exploit Author: Ihsan Sencan Vendor Homepage: https://www.sourcecodester.com/users/billyblue Software Link: https://www.sourcecodester.com/sites/default/files/download/billyblue/electricks.zip Version: 1.0...

ZyXEL VMG3312-B10B < 1.00(AAPP.7) - Credential Disclosure

Exploit Title: ZyXEL VMG3312-B10B - Leak Credentials "; else continue; else echo "pfff"; ftpclose$ftpconn; ?...

xorg-x11-server 1.20.3 - Privilege Escalation

Exploit Title: xorg-x11-server 1.20.3 - Privilege Escalation Date: 2018-10-27 Exploit Author: Marco Ivaldi Vendor Homepage: https://www.x.org/ Version: xorg-x11-server 1.19.0 - 1.20.2 Tested on: OpenBSD 6.3 and 6.4 CVE : CVE-2018-14665 raptorxorgasm !/bin/sh raptorxorgasm - xorg-x11-server LPE vi...

Any Sound Recorder 2.93 - Buffer Overflow Local (SEH) (Metasploit)

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 'Any Sound Recorder 2.93 Buffer Overflow SEH', 'Description' = %q This module exploits a stack based buffer overflow in Any Sound...

QNAP NetBak Replicator 4.5.6.0607 - Denial of Service (PoC)

Exploit Title: QNAP NetBak Replicator 4.5.6.0607 Denial of Service PoC Date: 2018-10-29 Exploit Author: Yair Rodríguez Aparicio Vendor Homepage: https://www.qnap.com/en/ Software Link: https://www.qnap.com/en/download Version: 4.5.6.0607 Tested on: Windows XP Profesional Español SP3 x86 Steps to...

MyBB Downloads 2.0.3 - SQL Injection

Exploit Title: MyBB Downloads 2.0.3 - SQL Injection Date: 28-10-2018 Exploit Author: Lucian Ioan Nitescu Contact: https://twitter.com/LucianNitescu Webiste: https://nitesculucian.github.io Vendor Homepage: https://github.com/vintagedaddyo/MyBBPlugin-Downloads Software Link:...

Expense Management 1.0 - Arbitrary File Upload

Exploit Title: Expense Management 1.0 - Arbitrary File Upload Dork: N/A Date: 2018-10-30 Exploit Author: Ihsan Sencan Vendor Homepage: https://www.webprojectbuilder.com/item/expense-management Software Link:...

SIPp 3.3.990 - Local Buffer Overflow (PoC)

Exploit Title: SIPp 3.3.990 - Local Buffer Overflow PoC Date: 2018-10-29 Exploit Author: Nawaf Alkeraithe Vendor Homepage: http://sipp.sourceforge.net/ Software Link: https://sourceforge.net/projects/sipp/files/sipp/3.4/sipp-3.3.990.tar.gz/download Version: SIPp v3.4-beta1 aka v3.3.990-SCTP-PCAP...

Webiness Inventory 2.9 - Arbitrary File Upload

Exploit Title: Webiness Inventory 2.9 - Arbitrary File Upload Date: 2018-10-27 Exploit Author: Boumediene KADDOUR Unit: Algerie Telecom R&D Unit Software Link: https://github.com/webiness/webinessinventory Version: 2.9 3145728 61 continue; 62 63 64 // remove old file with same name 65 if...

R 3.4.4 (Windows 10 x64) - Buffer Overflow (DEP/ASLR Bypass)

!/usr/bin/python R 3.4.4 Win10 x86 Buffer Overflow discovered by: bzyo author: Charles Truscott I love you Alison Thompson OAM tested on: Windows 10 x86 rebooted for practice defeating ASLR/DEP -------------------------------------------- GUI Preferences - paste boom.txt into 'Language for menus...

Aplaya Beach Resort Online Reservation System 1.0 - SQL Injection / Cross-Site Request Forgery

Exploit Title: Aplaya Beach Resort Online Reservation System 1.0 - Multiple Vulnerabilities Dork: N/A Date: 2018-10-29 Exploit Author: Ihsan Sencan Vendor Homepage: https://www.sourcecodester.com/users/janobe Software Link:...

Modbus Slave PLC 7 - '.msw' Buffer Overflow (PoC)

Exploit Title: Modbus Slave PLC 7 - '.msw' Buffer Overflow PoC Author: Kağan Çapar Discovery Date: 2018-10-27 Software Link: https://www.modbustools.com/download/ModbusSlaveSetup32Bit.exe Vendor Homepage : https://www.modbustools.com Tested Version: 7 Tested on OS: Windows XP SP3 ENG other versio...

Modbus Slave 7.0.0 - Denial of Service (PoC)

Exploit Title: Modbus Slave 7.0.0 - Denial of Service PoC Dork: N/A Date: 2018-10-29 Exploit Author: Ihsan Sencan Vendor Homepage: https://www.modbustools.com/ Software Link: https://www.modbustools.com/download/ModbusSlaveSetup32Bit.exe Software Link:...

SaltOS Erp Crm 3.1 r8126 - SQL Injection (2)

Exploit Title: SaltOS Erp, Crm 3.1 r8126 - SQL Injection Dork: N/A Date: 2018-10-29 Exploit Author: Ihsan Sencan Vendor Homepage: http://www.saltos.org/ Software Link: https://excellmedia.dl.sourceforge.net/project/saltos/stable/SaltOS-3.1-8126.linux-i686.tgz Version: 3.1 r0 / 3.x Category: Webap...

PayPal-Credit Card-Debit Card Payment 1.0 - SQL Injection

Exploit Title: PayPal/Credit Card/Debit Card Payment 1.0 - SQL Injection Dork: N/A Date: 2018-10-29 Exploit Author: Ihsan Sencan Vendor Homepage: https://www.sourcecodester.com/users/janobe Software Link: https://www.sourcecodester.com/sites/default/files/download/janobe/tubigangarden.zip Version...

RhinOS CMS 3.x - Arbitrary File Download

Exploit Title: RhinOS CMS 3.x - Arbitrary File Download Dork: N/A Date: 2018-10-29 Exploit Author: Ihsan Sencan Vendor Homepage: http://www.saltos.org/ Software Link: https://netix.dl.sourceforge.net/project/rhinos/archived/r1190/RhinOS-en-3.0-1190.win32.exe Version: 3.1 r0 / 3.x Category: Webapp...

School Event Management System 1.0 - Cross-Site Request Forgery (Update Admin)

Exploit Title: School Event Management System 1.0 - Cross-Site Request Forgery Update Admin Dork: N/A Date: 2018-10-29 Exploit Author: Ihsan Sencan Vendor Homepage: https://www.sourcecodester.com/users/janobe Software Link:...

School Event Management System 1.0 - SQL Injection

Exploit Title: School Event Management System 1.0 - SQL Injection Dork: N/A Date: 2018-10-29 Exploit Author: Ihsan Sencan Vendor Homepage: https://www.sourcecodester.com/users/janobe Software Link: https://www.sourcecodester.com/sites/default/files/download/janobe/sems1.zip Version: 1.0 Category:...

MTGAS MOGG Web Simulator Script - SQL Injection

Exploit Title: MOGG web simulator Script - SQL Injection Date: 2018-10-29 Exploit Author: Meisam Monsef - [email protected] - @meisamrce - @dorsateam Vendor Homepage: https://github.com/spider312/mtgas Version: All Version Exploit : http://server/play.php?id=99999'+SQL Command+...

E-Negosyo System 1.0 - SQL Injection

Exploit Title: E-Negosyo System 1.0 - SQL Injection Dork: N/A Date: 2018-10-29 Exploit Author: Ihsan Sencan Vendor Homepage: https://www.sourcecodester.com/users/janobe Software Link: https://www.sourcecodester.com/sites/default/files/download/janobe/bsenordering9-23-18.zip Version: 1.0 Category:...

systemd - 'chown_one()' Dereference Symlinks

I am sending this bug report to Ubuntu, even though it's an upstream bug, as requested at https://github.com/systemd/systemd/blob/master/docs/CONTRIBUTING.mdsecurity-vulnerability-reports . When chownone in the recursive chown logic decides that it has to change ownership of a directory entry, it...

School Event Management System 1.0 - Arbitrary File Upload

Exploit Title: School Event Management System 1.0 - Arbitrary File Upload Dork: N/A Date: 2018-10-29 Exploit Author: Ihsan Sencan Vendor Homepage: https://www.sourcecodester.com/users/janobe Software Link: https://www.sourcecodester.com/sites/default/files/download/janobe/sems1.zip Version: 1.0...

Open Faculty Evaluation System 7 - 'batch_name' SQL Injection

Exploit Title: Open Faculty Evaluation System 7 - 'batchname' SQL Injection Dork: N/A Date: 2018-10-29 Exploit Author: Ihsan Sencan Vendor Homepage: https://openfacultyeval.sourceforge.io/ Software Link: https://sourceforge.net/projects/openfacultyeval/files/feedbackphp7.zip/download Version: Php...

School Attendance Monitoring System 1.0 - Cross-Site Request Forgery (Update Admin)

Exploit Title: School Attendance Monitoring System 1.0 - Cross-Site Request Forgery Update Admin Dork: N/A Date: 2018-10-29 Exploit Author: Ihsan Sencan Vendor Homepage: https://www.sourcecodester.com/users/janobe Software Link:...

SaltOS Erp Crm 3.1 r8126 - SQL Injection

Exploit Title: SaltOS Erp, Crm 3.1 r8126 - SQL Injection Dork: N/A Date: 2018-10-29 Exploit Author: Ihsan Sencan Vendor Homepage: http://www.saltos.org/ Software Link: http://download.saltos.org/?app=saltos&format=xul&arch=win32 Version: 3.1 r0 / 3.x Category: Webapps Tested on:...

Curriculum Evaluation System 1.0 - SQL Injection

Exploit Title: Curriculum Evaluation System 1.0 - SQL Injection Dork: N/A Date: 2018-10-29 Exploit Author: Ihsan Sencan Vendor Homepage: https://www.sourcecodester.com/users/janobe Software Link: https://www.sourcecodester.com/sites/default/files/download/janobe/curriculumevaluationsystem0.zip...

systemd - 'reexec' State Injection

/ I am sending this bug report to Ubuntu, even though it's an upstream bug, as requested at https://github.com/systemd/systemd/blob/master/docs/CONTRIBUTING.mdsecurity-vulnerability-reports . When systemd re-executes e.g. during a package upgrade, state is serialized into a memfd before the execv...

Card Payment 1.0 - Cross-Site Request Forgery (Update Admin)

Exploit Title: Card Payment 1.0 - Cross-Site Request Forgery Update Admin Dork: N/A Date: 2018-10-29 Exploit Author: Ihsan Sencan Vendor Homepage: https://www.sourcecodester.com/users/janobe Software Link: https://www.sourcecodester.com/sites/default/files/download/janobe/tubigangarden.zip Versio...

Point of Sales (POS) in VB.Net MySQL Database 1.0 - SQL Injection

Exploit Title: Point of Sales POS in VB.Net MySQL Database 1.0 - SQL Injection Dork: N/A Date: 2018-10-29 Exploit Author: Ihsan Sencan Vendor Homepage: https://www.sourcecodester.com/users/janobe Software Link: https://www.sourcecodester.com/sites/default/files/download/janobe/poinofsales0.zip...

Open Faculty Evaluation System 5.6 - 'batch_name' SQL Injection

Exploit Title: Open Faculty Evaluation System 5.6 - 'batchname' SQL Injection Dork: N/A Date: 2018-10-29 Exploit Author: Ihsan Sencan Vendor Homepage: https://openfacultyeval.sourceforge.io/ Software Link: https://sourceforge.net/projects/openfacultyeval/files/feedbackphp56.zip/download Version:...

School Attendance Monitoring System 1.0 - SQL Injection

Exploit Title: School Attendance Monitoring System 1.0 - SQL Injection Dork: N/A Date: 2018-10-29 Exploit Author: Ihsan Sencan Vendor Homepage: https://www.sourcecodester.com/users/janobe Software Link: https://www.sourcecodester.com/sites/default/files/download/janobe/attendancemonitoring.zip...

School Equipment Monitoring System 1.0 - 'login' SQL Injection

Exploit Title: School Equipment Monitoring System 1.0 - 'login' SQL Injection Dork: N/A Date: 2018-10-29 Exploit Author: Ihsan Sencan Vendor Homepage: https://www.sourcecodester.com/users/janobe Software Link: https://www.sourcecodester.com/sites/default/files/download/janobe/sems0.zip Version: 1...

Navicat 12.0.29 - 'SSH' Denial of Service (PoC)

Exploit Title: Navicat 12.0.29 - 'SSH' Denial of Service PoC Author: Rafael Alfaro Discovery Date: 2018-10-27 Vendor Homepage: https://www.navicat.com/es/ Software Link : https://www.navicat.com/es/download/navicat-premium Vulnerability Type: Denial of Service DoS Local Tested on OS: Windows 7 x6...

K-iwi Framework 1775 - SQL Injection

Exploit Title: K-iwi Framework 1775 - SQL Injection Dork: N/A Date: 2018-10-29 Exploit Author: Ihsan Sencan Vendor Homepage: http://www.k-iwi.com/ Software Link: https://sourceforge.net/projects/k-iwi/files/latest/download Version: 1775 Category: Webapps Tested on: WiN7x64/KaLiLinuXx64 CVE:...

SaltOS Erp Crm 3.1 r8126 - Database File Download

Exploit Title: SaltOS Erp, Crm 3.1 r8126 - Database File Download Dork: N/A Date: 2018-10-29 Exploit Author: Ihsan Sencan Vendor Homepage: http://www.saltos.org/ Software Link: http://download.saltos.org/?app=saltos&format=xul&arch=win32 Version: 3.1 r0 / 3.x Category: Webapps Tested on:...

ASRock Drivers - Privilege Escalation

SecureAuth - SecureAuth Labs Advisory http://www.secureauth.com/ ASRock Drivers Elevation of Privilege Vulnerabilities 1. Advisory Information Title: ASRock Drivers Elevation of Privilege Vulnerabilities Advisory ID: CORE-2018-0005 Advisory URL:...

AlienIP 2.41 - Denial of Service (PoC)

Exploit Title: AlienIP 2.41 - Denial of Service PoC Author: Arturo de la Cruz Tellez Discovery Date: 2018-10-17 Vendor Homepage: http://www.armcode.com Tested Version: 2.41 Tested on OS: Microsoft Windows 10 Home Single Language x64 Versión 10.0.10240 compilación 10240 PoC Steps to produce the...

School Attendance Monitoring System 1.0 - Arbitrary File Upload

Exploit Title: School Attendance Monitoring System 1.0 - Arbitrary File Upload Dork: N/A Date: 2018-10-29 Exploit Author: Ihsan Sencan Vendor Homepage: https://www.sourcecodester.com/users/janobe Software Link:...

Bakeshop Inventory System in VB.Net and MS Access Database 1.0 - SQL Injection

Exploit Title: Bakeshop Inventory System in VB.Net and MS Access Database 1.0 - SQL Injection Dork: N/A Date: 2018-10-29 Exploit Author: Ihsan Sencan Vendor Homepage: https://www.sourcecodester.com/users/janobe Software Link:...

Local Server 1.0.9 - Denial of Service (PoC)

Exploit Title: Local Server 1.0.9 - Denial of Service PoC Dork: N/A Date: 2018-10-29 Exploit Author: Ihsan Sencan Vendor Homepage: http://www.ujang-rohidin.blogspot.com/ Software Link: https://sourceforge.net/projects/local-server/files/latest/download Version: 1.0.9 Category: Dos Tested on:...

Paramiko 2.4.1 - Authentication Bypass

Exploit Title: Paramiko 2.4.1 - Authentication Bypass Date: 2018-10-27 Exploit Author: Adam Brown Vendor Homepage: https://www.paramiko.org Software Link: https://github.com/paramiko/paramiko/tree/v1.15.2 Version: 1.17.6, 1.18.x 1.18.5, 2.0.x 2.0.8, 2.1.x 2.1.5, 2.2.x 2.2.3, 2.3.x 2.3.2, and 2.4....