47904 matches found
PHP Dashboards 4.5 - 'email' SQL Injection
Exploit Title: PHP Dashboards v4.5 - Registration Page SQL Injection Dork: N/A Date: 23.05.2018 Exploit Author: Özkan Mustafa Akkuş AkkuS Vendor Homepage: https://codecanyon.net/item/php-dashboards-v40-collaborative-social-dashboards/19314871 Version: v4.5 Category: Webapps Tested on: Kali linux...
FTPShell Server 6.80 - Denial of Service
Exploit Title: FTPShell Server 6.80 - Local Denial of Service Exploit Author: Hashim Jawad Date: 2018-05-23 Vendor Homepage: http://www.ftpshell.com/ Vulnerable Software: http://www.ftpshell.com/downloadserver.htm Tested on: Windows 7 Enterprise - SP1 x86 Steps to reproduce: under FTP user accoun...
SKT LTE Wi-Fi SDT-CW3B1 - Unauthorized Admin Credential Change
Exploit Title: SKT LTE Wi-Fi SDT-CW3B1 - Unauthorized Admin Credential Change Shodan Dork: SDT-CW3B1 Date: 2018-05-23 Exploit Author: Safak Aslan Vendor Homepage: http://telesquare.co.kr/ Version: SKT CW3B1 sw version 1.2.0 Tested on: Windows CVE: - Class: Unauthorized Admin Credential Change...
Mcard Mobile Card Selling Platform 1 - SQL Injection
Exploit Title: Exploit Title: Mcard Mobile Card Selling Platform 1 - SQL Injection Date: 2018-05-23 Exploit Author: L0RD Vendor Homepage: https://codecanyon.net/item/mcard-mobile-card-selling-platform/19307193?srank=15 Version: 1 Tested on: Kali linux POC 1 : Attacker can bypass admin panel...
WordPress Plugin Peugeot Music - Arbitrary File Upload
Exploit Title: Wordpress Plugin Peugeot Music - Arbitrary File Upload Google Dork: inurl:/wp-content/plugins/peugeot-music-plugin/ Date: 2018-05-23 Exploit Author: Mr.7z Vendor Homepage: - Software Link: - Version: 1.0 Tested on: Windows 10 64bit Home Edition Exploit:...
Honeywell Scada System - Information Disclosure
Exploit Title: Honeywell Scada System - Information Disclosure Date: 2018-05-23 Exploit Author: t4rkd3vilz Vendor Homepage: https://www.honeywell.com Version: WebVersion : 3.2.1.294365 - DeviceType : IPC-HFW2320R-ZS Tested on: Linux To be written after the destination IP address...
PHP Dashboards 4.5 - SQL Injection
Exploit Title: PHP Dashboards 4.5 - SQL Injection Dork: N/A Date: 2018-05-23 Exploit Author: Özkan Mustafa Akkuş AkkuS Vendor Homepage: https://codecanyon.net/item/php-dashboards-v50-brand-new-enterprise-edition/21540104 Version: v4.5 Category: Webapps Tested on: Kali linux Description: PHP...
Mobile Card Selling Platform 1 - Cross-Site Request Forgery
Exploit Title: Mcard - Mobile Card Selling Platform 1 - Cross-Site Request Forgery Date: 2018-05-23 Exploit Author: L0RD Vendor Homepage: https://codecanyon.net/item/mcard-mobile-card-selling-platform/19307193?srank=15 Version: 1 Tested on: Kali linux POC : CSRF POC document.forms0.submit;...
MySQL Blob Uploader 1.7 - 'home-file-edit.php' SQL Injection / Cross-Site Scripting
Exploit Title: MySQL Blob Uploader 1.7 - 'home-file-edit.php' SQL Injection / Cross-Site Scripting Dork: N/A Date: 22.05.2018 Exploit Author: Özkan Mustafa Akkuş AkkuS Vendor Homepage: https://codecanyon.net/item/mysql-file-and-image-uploader-and-sharing-blob-file-server/17748300 Version: 1.7 -...
MySQL Blob Uploader 1.7 - 'download.php' SQL Injection / Cross-Site Scripting
Exploit Title: MySQL Blob Uploader 1.7 - 'download.php' SQL Injection / Cross-Site Scripting Dork: N/A Date: 22.05.2018 Exploit Author: Özkan Mustafa Akkuş AkkuS Vendor Homepage: https://codecanyon.net/item/mysql-file-and-image-uploader-and-sharing-blob-file-server/17748300 Version: 1.7 - seventh...
MySQL Blob Uploader 1.7 - 'home-filet-edit.php' SQL Injection / Cross-Site Scripting
Exploit Title: MySQL Blob Uploader 1.7 - 'home-filet-edit.php' SQL Injection / Cross-Site Scripting Dork: N/A Date: 22.05.2018 Exploit Author: Özkan Mustafa Akkuş AkkuS Vendor Homepage: https://codecanyon.net/item/mysql-file-and-image-uploader-and-sharing-blob-file-server/17748300 Version: 1.7 -...
MySQL Blob Uploader 1.7 - 'home-filet-edit.php' SQL Injection
Exploit Title: MySQL Blob Uploader 1.7 - 'home-filet-edit.php' SQL Injection Dork: N/A Date: 2018-05-22 Exploit Author: Özkan Mustafa Akkuş AkkuS Vendor Homepage: https://codecanyon.net/item/mysql-file-and-image-uploader-and-sharing-blob-file-server/17748300 Version: 1.7 - seventh update Category...
EasyService Billing 1.0 - 'p1' SQL Injection
Exploit Title: EasyService Billing 1.0 - 'customer-new-s.php' SQL Injection / Cross-Site Scripting Dork: N/A Date: 22.05.2018 Exploit Author: Özkan Mustafa Akkuş AkkuS Vendor Homepage: https://codecanyon.net/item/easyservice-billing-php-scripts-for-quotation-invoice-payments-etc/16687594 Version:...
EasyService Billing 1.0 - SQL Injection / Cross-Site Scripting
Exploit Title: EasyService Billing 1.0 - 'template.php' SQL Injection / Cross-Site Scripting Dork: N/A Date: 22.05.2018 Exploit Author: Özkan Mustafa Akkuş AkkuS Vendor Homepage: https://codecanyon.net/item/easyservice-billing-php-scripts-for-quotation-invoice-payments-etc/16687594 Version: 1.0...
MySQL Smart Reports 1.0 - 'id' SQL Injection / Cross-Site Scripting
Exploit Title: MySQL Smart Reports 1.0 - SQL Injection / Cross-Site Scripting Dork: N/A Date: 22.05.2018 Exploit Author: Özkan Mustafa Akkuş AkkuS Vendor Homepage: https://codecanyon.net/item/mysql-smart-reports-online-report-generator-with-existing-data/16836503 Version: 1.0 Category: Webapps...
Siemens SIMATIC S7-1200 CPU - Cross-Site Scripting
Exploit Title: Siemens SIMATIC S7-1200 CPU - Cross-Site Scripting Google Dork: inurl:/Portal/Portal.mwsl Date: 2018-05-22 Exploit Author: t4rkd3vilz, Jameel Nabbo Vendor Homepage: https://www.siemens.com/ Version: SIMATIC S7-1200 CPU family Versions: V2.X and V3.X. Tested on: Kali Linux CVE:...
Nordex N149/4.0-4.5 - SQL Injection
Exploit Title: Nordex N149/4.0-4.5 Wind Turbine Web Server - SQL Injection Date: 21-05-2018 Exploit Author: t4rkd3vilz Vendor Homepage: http://www.nordex-online.com Tested on: Windows Version: N149/4.0-4.5 Wind Turbine Category: webapps --- Proof Of Concept -------- Request POST /php/login.php...
PaulPrinting CMS Printing 1.0 - SQL Injection
Exploit Title: PaulPrinting CMS Printing 1.0 - SQL Injection Exploit Date: 2018-05-19 Software Link: https://codecanyon.net/item/paulprinting-cms-printing-solutions/19546365 Author: Mehmet Onder Key Version: 1.0 Tested On: Linux 1. Description Any visitor can run code to exploit css and sql...
Dell EMC RecoverPoint boxmgmt CLI < 5.1.2 - Arbitrary File Read
Exploit Title: Dell EMC RecoverPoint boxmgmt CLI /etc/passwd: terminating, 34 bad configuration options Command "ssh -F /etc/passwd 127.0.0.1" exited...
Zechat 1.5 - SQL Injection / Cross-Site Request Forgery
Exploit Title: Zechat 1.5 - 'hashtag' / 'v' SQL Injection / Cross site request forgery Date: 2018-05-22 Exploit Author: Borna nematzadeh L0RD or [email protected] Vendor Homepage: https://bylancer.com Version: 1.5 Tested on: Kali linux...
AMD / ARM / Intel - Speculative Execution Variant 4 Speculative Store Bypass
/ ======== Intro / Overview ======== After Michael Schwarz made some interesting observations, we started looking into variants other than the three already-known ones. I noticed that Intel's Optimization Manual says in section 2.4.4.5 "Memory Disambiguation": A load instruction micro-op may depe...
ERPnext 11 - Cross-Site Scripting
Exploit Title: ERPnext 11.x.x - Cross-Site Scripting Date: 2018-05-10 Exploit Author: Veerababu Penugonda Vendor Homepage: https://erpnext.com/ Software Link: https://demo.erpnext.com/ Version: Frappe ERPNext v11.x.x-develop Tested on: Mozilla Firefox quantum 60.1 , Ubuntu OS CVE : CVE-2018-11339...
Microsoft Edge Chakra JIT - Magic Value Type Confusion
/ BOOL JavascriptNativeFloatArray::SetItemuint32 index, double dValue if uint64&dValue == uint64&JavascriptNativeFloatArray::MissingItem JavascriptArray varArr = JavascriptNativeFloatArray::ToVarArraythis; varArr-DirectSetItemAtindex, JavascriptNumber::ToVarNoCheckdValue, GetScriptContext; return...
MakeMyTrip 7.2.4 - Information Disclosure
Exploit Title: Android Application MakeMyTrip 7.2.4 - Unencrypted Database Files Date: 2018-05-21 Software Link: MakeMyTrip v7.2.4 Android Application Exploit Author: Divya Jain Version: 7.2.4 Android App CVE: CVE-2018-11242 Category: Mobileapps Tested on: Android v5.1 1. Description Android...
WebSocket Live Chat - Cross-Site Scripting
Exploit Title: WebSocket Live Chat - Cross-Site Scripting Date: 2018-05-22 Exploit Author: Alireza Norkazemi Vendor Homepage: https://codecanyon.net/item/websocket-live-chat-instant-messaging-php/16545798?srank=1 POC : 1 Create your account and click setting icon and go to profile 2 Put this...
NewsBee CMS 1.4 - 'home-text-edit.php' SQL Injection
Exploit Title: NewsBee CMS 1.4 - 'home-text-edit.php' SQL Injection Dork: N/A Date: 2018-05-22 Exploit Author: Özkan Mustafa Akkuş AkkuS Vendor Homepage: https://codecanyon.net/item/newsbee-fully-featured-news-cms-with-bootstrasp-php-mysql/19404937 Version: 1.4 / fourth update Category: Webapps...
Feedy RSS News Ticker 2.0 - 'cat' SQL Injection
Exploit Title: Feedy RSS News Ticker 2.0 - 'cat' SQL Injection Dork: N/A Date: 2018-05-22 Exploit Author: Özkan Mustafa Akkuş AkkuS Vendor Homepage: https://codecanyon.net/item/feedy-rss-news-ticker/5818277 Version: 2.0 Category: Webapps Tested on: Kali linux PoC: SQLi: Parameter: cat Type:...
Easy File Uploader 1.7 - SQL Injection / Cross-Site Scripting
Exploit Title: Easy File Uploader 1.7 - SQL Injection / Cross-Site Scripting Dork: N/A Date: 22.05.2018 Exploit Author: Özkan Mustafa Akkuş AkkuS Vendor Homepage: https://codecanyon.net/item/easy-file-uploader-php-multiple-uploader-with-file-manager/17222287 Version: 1.4 / fourth update Category:...
Auto Car 1.2 - 'car_title' SQL Injection / Cross-Site Scripting
Exploit Title: Auto car 1.2 - 'cartitle' SQL Injection / Cross-Site Scripting Date: 2018-05-22 Exploit Author: Borna nematzadeh L0RD Vendor Homepage: https://codecanyon.net/item/auto-car-car-listing-script/19221368?srank=1159 Version: 1.2 Tested on: Win 10 POC 1: SQLi: Parameter: cartitle Type:...
Microsoft Windows - 'POP/MOV SS' Privilege Escalation
Demo exploitation of the POP SS vulnerability CVE-2018-8897, leading to unsigned code execution with kernel privilages. - KVA Shadowing should be disabled and the relevant security update should be uninstalled. - This may not work with certain hypervisors like VMWare, which discard the pending DB...
Linux 4.4.0 < 4.4.0-53 - 'AF_PACKET chocobo_root' Local Privilege Escalation (Metasploit)
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'AFPACKET chocoboroot Privilege Escalation', 'Description' = %q This module exploits a race condition and use-after-free in the packetsetring...
iSocial 1.2.0 - Cross-Site Scripting / Cross-Site Request Forgery
Exploit Title: iSocial 1.2.0 - Cross-Site Scripting / Cross-Site Request Forgery Date: 2018-05-22 Exploit Author: Borna nematzadeh L0RD Vendor Homepage: https://codecanyon.net/item/isocial-social-network-platform/21164041?srank=2 Version: 1.2.0 Tested on: Kali linux POC 1 : Cross-Site scripting: ...
NewsBee CMS 1.4 - 'download.php' SQL Injection
Exploit Title: NewsBee CMS 1.4 - 'download.php' SQL Injection Dork: N/A Date: 2018-05-22 Exploit Author: Özkan Mustafa Akkuş AkkuS Vendor Homepage: https://codecanyon.net/item/newsbee-fully-featured-news-cms-with-bootstrasp-php-mysql/19404937 Version: 1.4 / fourth update Category: Webapps Tested...
NewsBee CMS 1.4 - 'home-text-edit.php' SQL Injection
Exploit Title: NewsBee CMS 1.4 - 'home-text-edit.php' SQL Injection Dork: N/A Date: 2018-05-22 Exploit Author: Özkan Mustafa Akkuş AkkuS Vendor Homepage: https://codecanyon.net/item/newsbee-fully-featured-news-cms-with-bootstrasp-php-mysql/19404937 Version: 1.4 / fourth update Category: Webapps...
Siemens SIMATIC S7-1500 CPU - Remote Denial of Service
Exploit Title: Siemens SIMATIC S7-1500 CPU - Remote Denial of Service Google Dork: inurl:/Portal/Portal.mwsl Date: 2018-05-22 Exploit Author: t4rkd3vilz, Jameel Nabbo Vendor Homepage: https://www.siemens.com/ Version: SIMATIC S7-1500 CPU all versions before V1.6 Tested on: Kali Linux CVE:...
Linux 2.6.30 < 2.6.36-rc8 - Reliable Datagram Sockets (RDS) Privilege Escalation (Metasploit)
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Reliable Datagram Sockets RDS Privilege Escalation', 'Description' = %q This module exploits a vulnerability in the rdspagecopyuser function in...
Siemens SIMATIC S7-1200 CPU - Cross-Site Request Forgery
Exploit Title: Siemens SIMATIC S7-1200 CPU - Cross-Site Request Forgery Google Dork: inurl:/Portal/Portal.mwsl Date: 2018-05-21 Exploit Author: t4rkd3vilz, Jameel Nabbo Vendor Homepage: https://www.siemens.com/ Version: SIMATIC S7-1200 CPU family: All versions prior to V4.1.3 Tested on: Kali Linu...
Wchat PHP AJAX Chat Script 1.5 - Cross-Site Scripting
Exploit Title: Wchat - Fully Responsive PHP AJAX Chat Script 1.5 - Persistent cross site scripting Date: 2018-05-21 Exploit Author: Borna nematzadeh L0RD Vendor Homepage: https://codecanyon.net/item/wchat-fully-responsive-phpajax-chat/18047319?srank=1327 Version: 1.5 Tested on: Windows POC : 1...
Model Agency Media House & Model Gallery 1.0 - Multiple Vulnerabilities
Exploit Title: Model Agency Media House & Model Gallery 1.0 - Persistent Cross-Site Scripting / Cross-Site Request Forgery / Authentication bypass Date: 2018-05-21 Exploit Author: Borna nematzadeh L0RD or [email protected] Vendor Homepage:...
Schneider Electric PLCs - Cross-Site Request Forgery
Exploit Title: Schneider Electric PLCs - Cross-Site Request Forgery Date: 2018-05-12 Exploit Author: t4rkd3vilz Vendor Homepage: http://www.schneider-electric.com/ Tested on: Windows CVE: CVE-2013-0663 Version: Schneider Electric Quantum PLC: 140NOE77111, 140NOE77101, 140NWM10000 Modicon M340 PLC...
Teradek Slice 7.3.15 - Cross-Site Request Forgery
...
R 3.4.4 - Local Buffer Overflow (DEP Bypass)
Exploit Title: R v3.4.4 - Local Buffer Overflow DEP Bypass Exploit Author: Hashim Jawad Exploit Date: 2018-05-21 Vendor Homepage: https://www.r-project.org/ Vulnerable Software: https://www.exploit-db.com/apps/a642a3de7b5c2602180e73f4c04b4fbd-R-3.4.4-win.exe Tested on OS: Microsoft Windows 7...
Teradek VidiU Pro 3.0.3 - Cross-Site Request Forgery
input type="hidden" name="pw2" value="P@ss...
Teradek Cube 7.3.6 - Cross-Site Request Forgery
input type="submit"...
Teradek VidiU Pro 3.0.3 - Server-Side Request Forgery
Teradek VidiU Pro 3.0.3 SSRF Vulnerability Vendor: Teradek, LLC Product web page: https://www.teradek.com Affected version: VidiU, VidiU Mini, VidiU Pro 3.0.3r32136 3.0.2r31225 2.4.10 Summary: The Teradek VidiU gives you the freedom to broadcast live high definition video directly to the Web...
Auto Dealership & Vehicle Showroom WebSys 1.0 - Multiple Vulnerabilities
Exploit Title: Auto Dealership & Vehicle Showroom WebSys 1.0 - Persistent Cross-Site Scripting / Cross-Site Request Forgery / Admin panel Authentication bypass Date: 2018-05-21 Exploit Author: Borna nematzadeh L0RD or [email protected] Vendor Homepage:...
Merge PACS 7.0 - Cross-Site Request Forgery
Exploit Title: Merge PACS 7.0 - Cross-Site Request Forgery Google Dork: - Date: 2018-05-21 Exploit Author: Safak Aslan Vendor Homepage: http://www.merge.com/ Version: Merge PACS 7.0 Tested on: Windows CVE: - 1. Proof of Concept history.pushState'', '', '/' Post Data: POST...
GitBucket 4.23.1 - Remote Code Execution
Exploit Title: GitBucket 4.23.1 Unauthenticated RCE Date: 21-05-2018 Software Link: https://github.com/gitbucket/gitbucket Exploit Author: Kacper Szurek Contact: https://twitter.com/KacperSzurek Website: https://security.szurek.pl/ Category: remote 1. Description Abusing weak secret token and...
ManageEngine Recovery Manager Plus 5.3 - Cross-Site Scripting
Exploit Title: ManageEngine Recovery Manager Plus 5.3 Build 5330 - Persistent Cross-Site Scripting Dated: 2018-03-31 Exploit Author: Ahmet GÜREL Software Link: https://www.manageengine.com/ad-recovery-manager/ Version: = 5.3 Build 5330 Platform: Java Tested on: Windows CVE: CVE-2018-9163 1. DETAI...
Flippy DamnFacts - Viral Fun Facts Sharing Script 1.1.0 - Cross-Site Scripting / Cross-Site Request Forgery
Exploit Title: Flippy DamnFacts - Viral Fun Facts Sharing Script 1.1.0 - Persistent cross site scripting / Cross site request forgery Date: 2018-05-20 Dork: N/A Exploit Author: borna nematzadeh L0RD Vendor Homepage: https://www.codegrape.com/item/flippy-damnfacts-viral-fun-facts-sharing-script/36...