47904 matches found
Zimbra 8.6.0_GA_1153 - Cross-Site Scripting
Exploit Title: Xss Zimbra Mail server Google Dork: Date: 2018/08/10 Exploit Author: Dinbar78 Vendor Homepage: https://www.zimbra.com/ Version: 8.6.0GA1153 build 20141215151110 bug 103609 or CVE-2016-3411 Payload: es. https:// zimbrasite/h/changepass?skin="alert'hacked';...
TP-Link C50 Wireless Router 3 - Cross-Site Request Forgery (Information Disclosure)
Exploit Title: TP-Link C50 Wireless Router 3 - Cross-Site Request Forgery Information Disclosure Date: 2018-08-09 Exploit Author: Wadeek Vendor Homepage: https://www.tp-link.com/ Hardware Version: Archer C50 v3 00000001 Firmware Link: https://www.tp-link.com/download/Archer-C50V3.htmlFirmware...
Soroush IM Desktop App 0.17.0 - Authentication Bypass
Exploit Title: Soroush IM Desktop App 0.17.0 - Authentication Bypass Date: 2018-08-08 Exploit Author: VortexNeoX64 Vendor Homepage: https://soroush-app.ir Software Link: http://54.36.43.176/SoroushSetup0.17.0.exe Version: 0.17.0 BETA Tested on: Windows 10 1803 and windows server 2016 14393 Securi...
TP-Link C50 Wireless Router 3 - Cross-Site Request Forgery (Remote Reboot)
Exploit Title: TP-Link C50 Wireless Router 3 - Cross-Site Request Forgery Remote Reboot Date: 2018-08-09 Exploit Author: Wadeek Vendor Homepage: https://www.tp-link.com/ Hardware Version: Archer C50 v3 00000001 Firmware Link: https://www.tp-link.com/download/Archer-C50V3.htmlFirmware Firmware...
Mikrotik WinBox 6.42 - Credential Disclosure (Metasploit)
Exploit Title: Mikrotik WinBox 6.42 - Credential Disclosure Metasploit Date: 2018-05-21 Exploit Authors: Omid Shojaei @Dmitriyarea51, Dark VoidSeeker, Alireza Mosajjal Vendor Page: https://www.mikrotik.com/ Sotware Link: https://mikrotik.com/download Version: 6.29 - 6.42 Tested on: Metasploit...
Linux Kernel 4.14.7 (Ubuntu 16.04 / CentOS 7) - (KASLR & SMEP Bypass) Arbitrary File Read
// A proof-of-concept exploit for CVE-2017-18344. // Includes KASLR and SMEP bypasses. No SMAP bypass. // No support for 1 GB pages or 5 level page tables. // Tested on Ubuntu xenial 4.4.0-116-generic and 4.13.0-38-generic // and on CentOS 7 3.10.0-862.9.1.el7.x8664. // // gcc pwn.c -o pwn // // ...
reSIProcate 1.10.2 - Heap Overflow
''' CVE ID: CVE-2018-12584 TIMELINE Bug report with test code sent to main reSIProcate developers: 2018-06-15 Patch created by Scott Godin: 2018-06-18 CVE ID assigned: 2018-06-19 Patch committed to reSIProcate repository: 2018-06-21 Advisory first published on website: 2018-06-22 Advisory sent to...
osTicket 1.10.1 - Arbitrary File Upload
Exploit Title: osTicket 1.10.1 - Arbitrary File Upload Exploit Author: r3j10r Rajwinder Singh Date: 2018-08-08 Vendor Homepage: http://osticket.com/ Software Link: http://osticket.com/download Version: osTicket v1.10.1 CVE-2017-15580 Vulnerability Details: osTicket application provides a...
TP-Link Wireless N Router WR840N - Denial of Service (PoC)
Exploit Title:- TP-Link Wireless N Router WR840N - Denial of Service PoC Date: 2018-08-05 Vendor Homepage: https://www.tp-link.com/ Hardware Link: https://www.amazon.in/TP-LINK-TL-WR840N-300Mbps-Wireless-External/dp/B01A0G1J7Q Version: TP-Link Wireless N Router WR840N Category: Hardware Exploit...
iSmartViewPro 1.5 - 'Account' Buffer Overflow
Exploit Title: iSmartViewPro 1.5 - 'Account' Buffer Overflow Discovery by: Alan Joaquín Baeza Meza Discovery Date: 2018-08-07 Vendor Homepage: http://www.securimport.com/n/en/ Software Link: https://securimport.com/university/index.php/videovigilancia-ip/software/493-software-ismartviewpro-v1-5...
LG-Ericsson iPECS NMS 30M - Directory Traversal
Exploit Title: LG-Ericsson iPECS NMS 30M - Directory Traversal Shodon Dork: iPECS CM Exploit Author: Safak Aslan Software Link: www.ipecs.com Version: 30M-B.2Ia and 30M-2.3Gn Authentication Required: No Tested on: Linux CVE: N/A Description The directory traversal was detected on LG-Ericsson's...
iSmartViewPro 1.5 - 'Device Alias' Buffer Overflow
Exploit Title: iSmartViewPro 1.5 - 'Device Alias' Buffer Overflow Author: Rodrigo Eduardo Rodriguez Discovery Date: 2018-08-07 Vendor Homepage: https://securimport.com/ Software Link: https://securimport.com/university/videovigilancia-ip/software/493-software-ismartviewpro-v1-5 Tested Version: 1....
Monstra-Dev 3.0.4 - Cross-Site Request Forgery (Account Hijacking)
Exploit Title: Monstra-Dev 3.0.4 - Cross-Site Request ForgeryAccount Hijacking Date: 2018-08-04 Exploit Author: Nainsi Gupta Vendor Homepage: http://monstra.org/ Product Name: Monstra-dev Version: 3.0.4 Tested on: Windows 10 Firefox/Chrome CVE : N/A 1. Description CSRF vulnerability in...
Foxit Reader 9.0.1.1049 - Buffer Overflow (ASLR & DEP Bypass)
%PDF 1 0 obj 2 0 obj /S /JavaScript /JS / Exploit Title: Foxit Reader 9.0.1.1049 - Buffer Overflow ASLRDEP Date: 2018-08-04 Exploit Author: Manoj Ahuje Tested on: Windows 7 Pro x32 Software Link:...
OpenEMR 5.0.1.3 - Remote Code Execution (Authenticated)
Title: OpenEMR 5.0.1.3 - Remote Code Execution Authenticated Author: Cody Zacharias Date: 2018-08-07 Vendor Homepage: https://www.open-emr.org/ Software Link: https://github.com/openemr/openemr/archive/v5013.tar.gz Dockerfile: https://github.com/haccer/exploits/blob/master/OpenEMR-RCE/Dockerfile...
QNap QVR Client 5.0.3.23100 - Denial of Service (PoC)
Exploit Title : QNap QVR Client 5.0.3.23100 - Denial of Service PoC Discovery by : Rodrigo Eduardo Rodriguez Discovery Date : 2018-08-06 Vendor Homepage: http://www.qnapsecurity.com/n/en/ Software Link : http://download.qnap.com/Surveillance/Utility/QNewMon5.zip Tested Version : 5.0.3.23100...
Monstra 3.0.4 - Cross-Site Scripting
Monstra 3.0.4 - Cross-Site Scripting. CVE-2018-14922. Webapps exploit for PHP platform Exploit Title:Monstra-Dev 3.0.4 Stored Cross Site Scripting Date: 04-08-2018 Exploit Author: Nainsi Gupta Vendor Homepage: http://monstra.org/ Software Link: https://github.com/monstra-cms/monstra Published In-...
Open-AudIT Community 2.2.6 - Cross-Site Scripting
Exploit Title: Open-AudIT Community 2.2.6 - Cross-Site Scripting Google Dork:NA Exploit Date: 2018-08-01 Exploit Author: Ranjeet Jaiswal Vendor Homepage: https://opmantek.com/ Software Link:https://opmantek.com/network-tools-download/open-audit/ Affected Version: 2.2.6 Category: WebApps Tested on...
CloudMe Sync 1.10.9 - Buffer Overflow (SEH)(DEP Bypass)
Exploit Title: CloudMe Sync 1.10.9 - Buffer Overflow SEHDEP Bypass Date: 2018-08-05 Exploit Author: Manoj Ahuje Linkedin: https://www.linkedin.com/in/manojahuje/ Vendor Homepage: https://www.cloudme.com/ Software Link: https://www.cloudme.com/downloads/CloudMe1109.exe Tested on: Windows 10 Home x...
Subrion CMS 4.2.1 - Cross-Site Scripting
Exploit Title: Subrion CMS- 4.2.1 XSS Using component with known Vulnerability Date: 02-08-2018 Exploit Author: Zeel Chavda Vendor Homepage: https://subrion.org/ Software Link: https://subrion.org/download/ Version: 4.2.1 REQUIRED Tested on: Windows,FireFox CVE : CVE-2018-14840 Steps: - 1. Create...
Sitecore.Net 8.1 - Directory Traversal
Exploit Title: Sitecore.Net 8.1 - Directory Traversal Date: 2018-04-23 CVE: CVE-2018-7669 Researcher: Chris Moberly at The Missing Link Security Vendor: Sitecore Version: CMS - 8.1 and up earlier versions untested Authentication required: Yes An issue was discovered in Sitecore CMS that affects a...
LAMS < 3.1 - Cross-Site Scripting
Exploit Title: LAMS 3.1 - Cross-Site Scripting Date: 2018-08-05 Exploit Author: Nikola Kojic Website: https://ras-it.rs/ Vendor Homepage: https://www.lamsfoundation.org/ Software Link: https://www.lamsfoundation.org/downloadshome.htm Category: Web Application Platform: Java Version: = 3.1 CVE:...
onArcade 2.4.2 - Cross-Site Request Forgery (Add Admin)
Exploit Title: Cross-Site Request Forgery Add Admin Google Dork: Powered by onArcade v2.4.2 Date: 2018/August/4 Author: r3m0t3nu11Zero-way Software Link: "http://www.onarcade.com" Version: "Uptodate" the appilication is vulnerable to CSRF attack No CSRF token in place meaning that if an admin use...
AgataSoft Auto PingMaster 1.5 - Buffer Overflow (SEH)
Exploit Title: AgataSoft Auto PingMaster 1.5 - Buffer Overflow SEH Date: 2018-08-03 Exploit Author: bzyo Twitter: @bzyo Vulnerable Software: AgataSoft Auto PingMaster 1.5 Vendor Homepage: http://agatasoft.com/ Version: 1.5 Software Link : http://agatasoft.com/PingMaster.exe Tested Windows 7 SP1 x...
Wavemaker Studio 6.6 - Server-Side Request Forgery
Exploit Title: Wavemaker Studio 6.6 - Server-Side Request Forgery SSRF. Exploit Author: Gionathan "John" Reale Google Dork: N/A Date: 2018-08-01 Vendor Homepage: http://www.wavemaker.com/ Software Link: https://github.com/cloudjee/wavemaker/blob/master/wavemaker/wavemaker-studio/ Affected Version...
CMS ISWEB 3.5.3 - Directory Traversal
Exploit Title: CMS ISWEB 3.5.3 - Directory Traversal Date: 2018-08-01 Exploit Author: Thiago "thxsena" Sena Vendor Homepage: http://www.isweb.it Version: 3.5.3 Tested on: Linux CVE : N/A PoC: CMS ISWEB 3.5.3 is vulnerable to directory traversal and local file download, as demonstrated by...
Fortinet FortiClient 5.2.3 (Windows 10 x64 Creators) - Local Privilege Escalation
include "stdafx.h" include include include include pragma comment lib,"psapi" PULONGLONG leakbuffer = PULONGLONGVirtualAllocLPVOID0x000000001a000000, 0x2000, MEMRESERVE | MEMCOMMIT, PAGEREADWRITE; ULONGLONG leakQWORDULONGLONG addr, HANDLE driver memsetLPVOID0x000000001a000000, 0x11, 0x1000;...
Entrepreneur Job Portal Script 3.0.1 - Cross-Site Scripting
Entrepreneur Job Portal Script 3.0.1 - Cross-Site Scripting. CVE-2018-14082. Webapps exploit for PHP platform Exploit Title: Entrepreneur Job Portal Script 3.0.1- has Stored XSS via Search bar and Location Date: 14.07.2018 Site Titel : JOB SITE Job Portal Vendor Homepage:...
Linux/x86 - Reverse TCP (::FFFF:192.168.1.5:4444/TCP) Shell (/bin/sh) + Null-Free + IPv6 Shellcode (86 bytes)
Linux/x86 - Reverse TCP ::FFFF:192.168.1.5:4444/TCP Shell /bin/sh + Null-Free + IPv6 Shellcode 86 bytes. Shellcode exploit for Linuxx86 platform Title: Linux/x86 - Reverse TCP shell IPv6 + Null Free Shellcode Author: Kartik Durg Shellcode Length: 86 BYTES Student-ID: SLAE-1233 Note...
Basic B2B Script 2.0.0 - Cross-Site Scripting
Basic B2B Script 2.0.0 - Cross-Site Scripting. CVE-2018-14541. Webapps exploit for PHP platform Exploit Title: PHP Scripts Mall Basic B2B Script 2.0.0 has Stored XSS via the First name, Last name, Address 1, City, State, and Company name fields. Date: 20.07.2018 Site Titel : B2B Script Vendor...
Linux/ARM - Bind (4444/TCP) Shell +IPv6 Shellcode (128 Bytes)
Linux/ARM - Bind 4444/TCP Shell +IPv6 Shellcode 128 Bytes. Shellcode exploit for ARM platform / Title: Linux/ARM - IPv6 4444/TCP Bind Shellcode 128 Bytes Date: 2018-07-25 Tested: armv7l Raspberry Pi 3 Model B+ Author: Ken Kitahara pi@raspberrypi: $ uname -a Linux raspberrypi 4.14.52-v7+ 1123 SMP...
cgit < 1.2.1 - 'cgit_clone_objects()' Directory Traversal
There is a directory traversal vulnerability in cgitcloneobjects, reachable when the configuration flag enable-http-clone is set to 1 default: void cgitcloneobjectsvoid if !ctx.qry.path cgitprinterrorpage400, "Bad request", "Bad request"; return; if !strcmpctx.qry.path, "info/packs" printpackinfo...
Plex Media Server 1.13.2.5154 - SSDP Processing XML External Entity Injection
Issue: Out-of-Band XXE in Plex Media Server's SSDP Processing Reserved CVE: CVE-2018-13415 Vulnerability Overview The XML parsing engine for Plex Media Server's SSDP/UPNP functionality is vulnerable to an XML External Entity Processing XXE attack. Unauthenticated attackers on the same LAN can use...
Linux Kernel - UDP Fragmentation Offset 'UFO' Privilege Escalation (Metasploit)
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Linux Kernel UDP Fragmentation Offset UFO Privilege Escalation', 'Description' = %q This module attempts to gain root privileges on Linux systems...
Vuze Bittorrent Client 5.7.6.0 - SSDP Processing XML External Entity Injection
Issue: Out-of-Band XXE in Vuze Bittorrent Client's SSDP Processing Reserved CVE: CVE-2018-13417 Vulnerability Overview The XML parsing engine for Vuze Bittorrent Client's SSDP/UPNP functionality is vulnerable to an XML External Entity Processing XXE attack. Unauthenticated attackers on the same L...
PHP Template Store Script 3.0.6 - Cross-Site Scripting
Exploit Title: PHP Template Store Script- 3.0.6 - Stored XSS via Addres ,Bank Name,and A/c Holder Name Date: 02.08.2018 Site Titel : Exclusive Scripts Vendor Homepage: https://www.phpscriptsmall.com/ Software Link: http://www.exclusivescript.com/ Category: Web Application Version: 3.0.6 Exploit...
Wedding Slideshow Studio 1.36 - Buffer Overflow
Exploit Title: Socumsoft Wedding Slideshow Studio 1.36 Date: 02.08.2018 Exploit Author: Achilles Vendor Homepage: http://www.socusoft.com Vulnerable Software: http://www.socusoft.com/down/wedding-slideshow-studio.exe Tested on OS: Windows 7 64-bit DE Steps to reproduce: Copy the contents of the...
TI Online Examination System v2 - Arbitrary File Download
Exploit Title: TI Online Examination System v2 - Arbitrary File Download Dork: N/A Date: 02.08.2018 Exploit Author: Özkan Mustafa Akkuş AkkuS Vendor Homepage: https://codecanyon.net/item/ti-online-examination-system-v2/11248904 Version: 2.0 Category: Webapps Tested on: Kali linux Description : Th...
Chartered Accountant : Auditor Website 2.0.1 - Cross-Site Scripting
Chartered Accountant : Auditor Website 2.0.1 - Cross-Site Scripting. CVE-2018-13256. Webapps exploit for PHP platform. Tags: Cross-Site Scripting XSS Exploit Title: Chartered Accountant : Auditor Website 2.0.1 - Reflected , Stored XSS Date: 26.06.2018 Site Titel : Find your needs on Domain Name...
CoSoSys Endpoint Protector 4.5.0.1 - (Authenticated) Remote Root Command Injection
Title : CoSoSys Endpoint Protector - Authenticated Remote Root Command Injection Date : Vulnerability submitted in 01/12/2017 and published in 01/08/2018 Author : 0x09AL Tested on : Endpoint Protector 4.5.0.1 Software Link : https://www.endpointprotector.com/ Vulnerable Versions : Endpoint...
Imperva SecureSphere 11.5 / 12.0 / 13.0 - Privilege Escalation
Title: Imperva SecureSphere = v13 - Privilege Escalation Author: 0x09AL Date: 01/08/2018 Tested on: Imperva SecureSphere 11.5,12.0,13.0 Vendor: https://www.imperva.com/ Vulnerability Description There is a program named PCE.py which runs as root and starts a unix domain socket listener in...
PageResponse FB Inboxer Add-on 1.2 - 'search_field' SQL Injection
Exploit Title: FB Inboxer 1.2 - 'searchfield' SQL Injection Google Dork: N/A Date: 02.08.2018 Exploit Author: Özkan Mustafa Akkuş AkkuS Vendor Homepage: https://codecanyon.net/item/pageresponse-a-fb-inboxer-addon-facebook-auto-commentprivate-reply-likeshare-for-full-page/21486371 Version: 1.2...
SecureSphere 12.0.0.50 - SealMode Shell Escape (Metasploit)
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "SecureSphere v12.0.0.50 - SealMode Shell Escape root", 'Description' = %q This module exploits a vulnerability in SecureSphere cli to escape the...
Seq 4.2.476 - Authentication Bypass
Exploit Title: Seq 4.2.476 - Authentication Bypass Date: 2018-08-02 Exploit Author: Daniel Chactoura Vendor Homepage: https://getseq.net/ Software Link: https://getseq.net/Download/All Version: = 4.2.476 CVE : CVE-2018-8096 Post Reference:...
Universal Media Server 7.1.0 - SSDP Processing XML External Entity Injection
Issue: Out-of-Band XXE in Universal Media Server's SSDP Processing Reserved CVE: CVE-2018-13416 Vulnerability Overview The XML parsing engine for Universal Media Server's SSDP/UPNP functionality is vulnerable to an XML External Entity Processing XXE attack. Unauthenticated attackers on the same L...
AgataSoft Auto PingMaster 1.5 - 'Host name' Denial of Service (PoC)
Exploit Title: AgataSoft Auto PingMaster 1.5 - 'Host name' Denial of Service PoC Discovery by: Luis Martinez Discovery Date: 2018-08-02 Vendor Homepage: http://agatasoft.com/ Software Link : http://agatasoft.com/PingMaster.exe Tested Version: 1.5 Vulnerability Type: Denial of Service DoS Local...
ASUS DSL-N12E_C1 1.1.2.3_345 - Remote Command Execution
Exploit Title: ASUS DSL-N12EC1 1.1.2.3345 - Remote Command Execution Date: 2018-08-02 Exploit Author: Fakhri Zulkifli @d0lph1n98 Vendor Homepage: https://www.asus.com/ Software Link: https://www.asus.com/Networking/DSLN12EC1/HelpDeskBIOS/ Version: 1.1.2.3345 Tested on: 1.1.2.3345 GET...
WityCMS 0.6.2 - Cross-Site Request Forgery (Password Change)
input t...
Sun Solaris 11.3 AVS Kernel - Local Privilege Escalation
/ Exploit Title: Solaris/OpenSolaris AVS kernel code execution Google Dork: if applicable Date: 24/7/2018 Exploit Author: mu-b Vendor Homepage: oracle.com Software Link: Version: Solaris 10, Solaris Sun Opensolaris include include include include include include include include include include...
Linux/ARM - Reverse (::1:4444/TCP) Shell (/bin/sh) +IPv6 Shellcode (116 Bytes)
Linux/ARM - Reverse ::1:4444/TCP Shell /bin/sh +IPv6 Shellcode 116 Bytes. Shellcode exploit for ARM platform / Title: Linux/ARM - IPv6 ::1 4444/TCP Reverse Shellcode 116 Bytes Date: 2018-07-25 Tested: armv7l Raspberry Pi 3 Model B+ Author: Ken Kitahara pi@raspberrypi: $ uname -a Linux raspberrypi...