47904 matches found
Infinite Automation Mango Automation - Command Injection (Metasploit)
require 'msf/core' class MetasploitModule 'Infinite Automation Mango Automation Command Injection', 'Description' = %q This module exploits a command injection vulnerability found in Infinite Automation Systems Mango Automation v2.5.0 - 2.6.0 beta builds prior to 430. , 'Author' = 'james fitts' ,...
Indusoft Web Studio - Directory Traversal Information Disclosure (Metasploit)
require 'msf/core' class MetasploitModule 'Indusoft Web Studio Directory Traversal', 'Description' = %q This module exploits a flaw found in Indusoft Web Studio 'James Fitts' , 'License' = MSFLICENSE, 'Version' = '$Revision: $', 'References' = 'CVE', '2014-0780' , 'ZDI', '14-118/' , 'URL',...
Carel PlantVisor 2.4.4 - Directory Traversal Information Disclosure (Metasploit)
require 'msf/core' class MetasploitModule 'Carel Pl@ntVisor Directory Traversal', 'Description' = %q This module exploits a directory traversal vulnerability found in Carel Pl@ntVisor 'james fitts' , 'License' = MSFLICENSE, 'References' = 'CVE', '2011-3487' , 'BID', '49601' , , 'DisclosureDate' =...
Motorola Netopia Netoctopus SDCS - Remote Stack Buffer Overflow (Metasploit)
require 'msf/core' class MetasploitModule 'Motorola Netopia Netoctopus SDCS Stack Buffer Overflow', 'Description' = %q This module exploits a vulnerability within the code responsible for parsing client requests. When reading in a request from the network, a 32-bit integer is read in that specifi...
Carlo Gavazzi Powersoft 2.1.1.1 - Directory Traversal File Disclosure (Metasploit)
require 'msf/core' class MetasploitModule 'Carlo Gavazzi Powersoft Directory Traversal', 'Description' = %q This module exploits a directory traversal vulnerability found in Carlo Gavazzi Powersoft 'james fitts' , 'License' = MSFLICENSE, 'References' = 'URL', 'http://gleg.net/agorascadaupd.shtml'...
Fatek Automation PLC WinProladder 3.11 Build 14701 - Stack Buffer Overflow (Metasploit)
require 'msf/core' class MetasploitModule 'Fatek Automation PLC WinProladder Stack-based Buffer Overflow', 'Description' = %q This module exploits a stack based buffer overflow found in Fatek Automation PLC WinProladder v3.11 Build 14701. The vulnerability is triggered when a client connects to a...
Viap Automation WinPLC7 5.0.45.5921 - Recv Buffer Overflow (Metasploit)
require 'msf/core' class MetasploitModule 'VIPA Authomation WinPLC7 recv Stack Buffer Overflow', 'Description' = %q This module exploits a stack based buffer overflow found in VIPA Automation WinPLC7 'james fitts' , 'License' = MSFLICENSE, 'References' = 'ZDI', '17-112' , 'CVE', '2017-5177' ,...
Sielco Sistemi Winlog 2.07.16 - Remote Buffer Overflow (Metasploit)
require 'msf/core' class MetasploitModule 'Sielco Sistemi Winlog %q This module exploits a stack based buffer overflow found in Sielco Sistemi Winlog 'James Fitts' , 'License' = MSFLICENSE, 'Version' = '$Revision: $', 'References' = , 'Privileged' = true, 'DefaultOptions' = 'EXITFUNC' = 'thread',...
Astaro Security Gateway 7 - Remote Code Execution
!/usr/bin/python Astaro Security Gateway v7 - Unauthenticated Remote Code Execution Exploit Authors: Jakub Palaczynski and Maciej Grabiec Tested on versions: 7.500 and 7.506 Date: 13.12.2016 Vendor Homepage: https://www.sophos.com/ CVE: CVE-2017-6315 import socket import sys import os import...
Trend Micro Control Manager - ImportFile Directory Traversal Remote Code Execution (Metasploit)
require 'msf/core' require 'msf/core/exploit/phpexe' class MetasploitModule 'Trend Micro Control Manager importFile Directory Traversal RCE', 'Description' = %q This module exploits a directory traversal vulnerability found in Trend Micro Control Manager. The vulnerability is triggered when sendi...
ICGrocery 1.1 - 'key' SQL Injection
Exploit Title: Grocery Store Supermarket Script 1.1 - SQL Injection Dork: N/A Date: 13.09.2017 Vendor Homepage: http://www.icloudcenter.com/ Software Link: http://www.icloudcenter.com/grocery-store-supermarket-script.htm Demo: http://icloudcenter.net/demos/icgrocery/ Version: 1.1 Category: Webapp...
ICRestaurant software 1.4 - 'key' SQL Injection
Exploit Title: Restaurant Site Script 1.4 - SQL Injection Dork: N/A Date: 13.09.2017 Vendor Homepage: http://www.icloudcenter.com/ Software Link: http://www.icloudcenter.com/restaurant-site-script.htm Demo: http://icloudcenter.net/demos/icrestaurant/ Version: 1.4 Category: Webapps Tested on:...
ICEstate 1.1 - 'id' SQL Injection
Exploit Title: Real Estate Marketplace Site ASP.NET Script 1.1 - SQL Injection Dork: N/A Date: 13.09.2017 Vendor Homepage: http://www.icloudcenter.com/ Software Link: http://www.icloudcenter.com/real-estate-marketplace-site.htm Demo: http://www.icloudcenter.com/demos/icestatemarket/ Version: 1.1...
ICHotelReservation 3.3 - 'key' SQL Injection
Exploit Title: Hotel Reservation Site Script 3.3 - SQL Injection Dork: N/A Date: 13.09.2017 Vendor Homepage: http://www.icloudcenter.com/ Software Link: http://www.icloudcenter.com/hotel-reservation-site-script.htm Demo: http://icloudcenter.net/demos/ichotelreservation/ Version: 3.3 Category:...
ICJewelry 1.1 - 'key' SQL Injection
Exploit Title: Jewelry Store Site Script 1.1 - SQL Injection Dork: N/A Date: 13.09.2017 Vendor Homepage: http://www.icloudcenter.com/ Software Link: http://www.icloudcenter.com/jewelry-site-script.htm Demo: http://icloudcenter.net/demos/icjewelry/ Version: 1.1 Category: Webapps Tested on:...
FoodStar 1.0 - SQL Injection
Exploit Title: FoodStar Swiggy Clone Script 1.0 - SQL Injection Dork: N/A Date: 12.09.2017 Vendor Homepage: https://www.abservetech.com/ Software Link: https://www.abservetech.com/foodstar-swiggy-clone/ Demo: http://abservetechdemo.com/products/foodstar/ Version: 1.0 Category: Webapps Tested on:...
Jungo DriverWizard WinDriver < 12.4.0 - Kernel Pool Overflow / Local Privilege Escalation (2)
-- coding: utf-8 -- """ Jungo DriverWizard WinDriver Kernel Pool Overflow Vulnerability Download: http://www.jungo.com/st/products/windriver/ File: WD1240.EXE Sha1: 3527cc974ec885166f0d96f6aedc8e542bb66cba Driver: windrvr1240.sys Sha1: 0f212075d86ef7e859c1941f8e5b9e7a6f2558ad CVE: CVE-2017-14344...
osTicket 1.10 - SQL Injection (PoC)
ADVISORY INFORMATION ======================================== Title: osTicket v1.10 Unauthenticated SQL Injection Application: osTicket Bugs: SQL Injection Class: Sensitive Information disclosure Remotely Exploitable: Yes Authentication Required: NO Versions Affected: = v1.10 Technology: PHP...
inClick Cloud Server 5.0 - SQL Injection
Exploit Title: inClick Cloud Server 5.0 - SQL Injection Dork: N/A Date: 12.09.2017 Vendor Homepage: http://www.inclick.net/ Software Link: http://www.inclick.net/pageid/demo.html Demo: http://www.inclick.net/pageid/demo.html Version: 5.0 Category: Webapps Tested on: WiN7x64/KaLiLinuXx64 CVE: N/A...
Gr8 Multiple Search Engine Script 1.0 - SQL Injection
Exploit Title: Gr8 Multiple Search Engine Script 1.0 - SQL Injection Dork: N/A Date: 12.09.2017 Vendor Homepage: http://www.gr8script.com/ Software Link: http://www.gr8script.com/multiplesearchscript.php Demo: http://www.gr8script.com/multiplesearch/ Version: 1.0 Category: Webapps Tested on:...
WebKit JSC - 'BytecodeGenerator::emitGetByVal' Incorrect Optimization (1)
Let's start with JS code. let o = ; for let i in xx: 0 oi; 0; i-- ForInContext& context = mforInContextStacki - 1.get; if context.local != property continue; if !context.isValid break; if context.type == ForInContext::IndexedForInContextType property = staticcastcontext.index; break;...
Consumer Review Script 1.0 - SQL Injection
Exploit Title: Consumer Review Script v1.0 - SQL Injection Date: 2017-09-12 Exploit Author: 8bitsec Vendor Homepage: http://www.phpscriptsmall.com/product/consumer-review-script/ Software Link: http://www.phpscriptsmall.com/product/consumer-review-script/ Version: 1.0 Tested on: Kali Linux 2.0 |...
D-Link DIR-8xx Routers - Local Firmware Upload
!/bin/bash If you have access to an ethernet port you can upload custom firmware to a device because system recovery service is started and available for a few seconds after restart. E-DB Note: https://embedi.com/blog/enlarge-your-botnet-top-d-link-routers-dir8xx-d-link-routers-cruisin-bruisin E-...
D-Link DIR-8xx Routers - Root Remote Code Execution
Due to error in hnap protocol implementation we can overflow stack and execute any sh commands under root priviliges. E-DB Note: https://embedi.com/blog/enlarge-your-botnet-top-d-link-routers-dir8xx-d-link-routers-cruisin-bruisin E-DB Note:...
D-Link DIR-8xx Routers - Leak Credentials
phpcgi is responsible for processing requests to .php, .asp and .txt pages. Also, it checks whether a user is authorized or not. Nevertheless, if a request is crafted in a proper way, an attacker can easily bypass authorization and execute a script that returns a login and password to a router...
XYZ Auto Classifieds 1.0 - SQL Injection
Exploit Title: XYZ Auto Classifieds v1.0 - SQL Injection Date: 2017-09-12 Exploit Author: 8bitsec Vendor Homepage: http://xyzscripts.com/ Software Link: https://xyzscripts.com/php-scripts/xyz-auto-classifieds/details Version: 1.0 Tested on: Kali Linux 2.0 | Mac OS 10.12.6 Email: [email protected]...
AirStar Airbnb Clone Script 1.0 - SQL Injection
Exploit Title: AirStar Airbnb Clone Script v1.0 - SQL Injection Date: 2017-09-11 Exploit Author: 8bitsec Vendor Homepage: https://www.abservetech.com/ Software Link: https://www.abservetech.com/airstar-airbnb-clone/ Version: 1.0 Tested on: Kali Linux 2.0 | Mac OS 10.12.6 Email: [email protected]...
EduStar Udemy Clone Script 1.0 - SQL Injection
Exploit Title: EduStar Udemy Clone Script v1.0 - SQL Injection Date: 2017-09-11 Exploit Author: 8bitsec Vendor Homepage: https://www.abservetech.com/ Software Link: https://www.abservetech.com/edustar-udemy-clone/ Version: 1.0 Tested on: Kali Linux 2.0 | Mac OS 10.12.6 Email: [email protected]...
iTech Book Store Script 2.02 - SQL Injection
Exploit Title: iTech Book Store Script v2.02 - SQL Injection / Reflected XSS Date: 2017-09-11 Exploit Author: 8bitsec Vendor Homepage: http://itechscripts.com/ Software Link: http://itechscripts.com/book-store-script Version: 2.02 Tested on: Kali Linux 2.0 | Mac OS 10.12.6 Email: contact@8bitsec....
PHP Dashboards NEW 4.4 - Arbitrary File Read
Exploit Title: PHP Dashboards NEW 4.4 - Arbitrary File Read Dork: N/A Date: 11.09.2017 Vendor Homepage: http://dataninja.biz/ Software Link: https://codecanyon.net/item/php-dashboards-v40-collaborative-social-dashboards/19314871 Demo: http://phpdashboardv4.dataninja.biz/ Version: 4.4 Category:...
WiseGiga NAS - Multiple Vulnerabilities
Source: https://blogs.securiteam.com/index.php/archives/3402 Vulnerabilities summary The following advisory describes five 5 vulnerabilities and default accounts / passwords found in WiseGiga NAS devices. WiseGiga is a Korean company selling NAS products. The vulnerabilities found in WiseGiga NAS...
Docker Daemon - Unprotected TCP Socket (Metasploit)
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Docker Daemon - Unprotected TCP Socket Exploit', 'Description' = %q Utilizing Docker via unprotected tcp socket 2375/tcp, maybe 2376/tcp with tls...
Nimble Professional 1.0 - Cross-Site Request Forgery (Update Admin)
Edit Profile: Admin Name: Admin Email: Admin Password: Save Profile...
tcprewrite - Heap Buffer Overflow
Title: tcprewrite Heap-Based Buffer Overflow CVE: CVE-2017-14266 CWE: CWE-122 Exploit Author: Hosein AskariFarazPajohan Vendor HomePage: http://tcpreplay.synfin.net/ Product Description: When you want to give a PCAP file to someone, it gives away certain sensitive information such as an...
PHP Dashboards NEW 4.4 - SQL Injection
Exploit Title: PHP Dashboards NEW 4.4 - SQL Injection Dork: N/A Date: 11.09.2017 Vendor Homepage: http://dataninja.biz/ Software Link: https://codecanyon.net/item/php-dashboards-v40-collaborative-social-dashboards/19314871 Demo: http://phpdashboardv4.dataninja.biz/ Version: 4.4 Category: Webapps...
iTech StockPhoto Script 2.02 - SQL Injection
Exploit Title: iTech StockPhoto Script v2.02 - SQL Injection Date: 2017-09-11 Exploit Author: 8bitsec Vendor Homepage: http://itechscripts.com/ Software Link: http://itechscripts.com/stockphoto-script Version: 2.02 Tested on: Kali Linux 2.0 | Mac OS 10.12.6 Email: [email protected] Contact:...
JobStar Monster Clone Script 1.0 - SQL Injection
Exploit Title: JobStar Monster Clone Script v1.0 - SQL Injection Date: 2017-09-11 Exploit Author: 8bitsec Vendor Homepage: https://www.abservetech.com/ Software Link: https://www.abservetech.com/jobstar-monster-clone/ Version: 1.0 Tested on: Kali Linux 2.0 | Mac OS 10.12.6 Email: contact@8bitsec....
Hanbanggaoke IP Camera - Arbitrary Password Change
Vulnerability summary The following advisory describes an arbitrary password change vulnerability found in Hanbanggaoke webcams. Beijing Hanbang Technology, “one of the first enterprises entering into digital video surveillance industry, has been focusing on R&D of products and technology of...
Linux/ARM (Raspberry Pi) - Bind TCP Shell (4444/TCP) Shellcode (192 bytes)
Linux/ARM Raspberry Pi - Bind TCP Shell 4444/TCP Shellcode 192 bytes. Shellcode exploit for ARM platform / Andrea Sindoni - @invictus1306 This schellcode is part of my episodes: - ARM exploitation for IoT - https://quequero.org/2017/07/arm-exploitation-iot-episode-2/ Enviroment: Raspberry pi 3...
Linux/ARM (Raspberry Pi) - Reverse TCP Shell (192.168.0.12:4444/TCP) Shellcode (160 bytes)
Linux/ARM Raspberry Pi - Reverse TCP Shell 192.168.0.12:4444/TCP Shellcode 160 bytes. Shellcode exploit for ARM platform / Andrea Sindoni - @invictus1306 This schellcode is part of my episodes: - ARM exploitation for IoT - https://quequero.org/2017/07/arm-exploitation-iot-episode-2/ Enviroment:...
Job Board Software 1.0 - SQL Injection
Exploit Title: Job Board Software 1.0 - SQL Injection Dork: N/A Date: 09.09.2017 Vendor Homepage: http://scriptzee.com/ Software Link: http://scriptzee.com/best-softwares/job-board-software Demo: http://jobsite.scriptzee.com/ Version: 1.0 Category: Webapps Tested on: WiN7x64/KaLiLinuXx64 CVE: N/A...
My Builder Marketplace 1.0 - SQL Injection
Exploit Title: My Builder Marketplace Script 1.0 - SQL Injection Dork: N/A Date: 09.09.2017 Vendor Homepage: http://scriptzee.com/ Software Link: http://scriptzee.com/best-softwares/my-builder-marketplace Demo: http://mybuilderjobs.scriptzee.com/ Version: 1.0 Category: Webapps Tested on:...
Topsites Script 1.0 - Cross-Site Request Forgery / PHP Code Injection
Meta Tags File Footer File...
Escort Marketplace 1.0 - SQL Injection
Exploit Title: Escort Website Script 1.0 - SQL Injection Dork: N/A Date: 09.09.2017 Vendor Homepage: http://scriptzee.com/ Software Link: http://scriptzee.com/escort-website Demo: http://escortwebsite.scriptzee.com/ Version: 1.0 Category: Webapps Tested on: WiN7x64/KaLiLinuXx64 CVE: N/A Exploit...
Just Dial Marketplace 1.0 - SQL Injection
Exploit Title: Just Dial Marketplace Software 1.0 - SQL Injection Dork: N/A Date: 09.09.2017 Vendor Homepage: http://scriptzee.com/ Software Link: http://scriptzee.com/best-softwares/just-dial-marketplace Demo: http://classified.scriptzee.com/ Version: 1.0 Category: Webapps Tested on:...
Law Firm 1.0 - SQL Injection
Exploit Title: Law Firm Website Script 1.0 - SQL Injection Dork: N/A Date: 09.09.2017 Vendor Homepage: http://scriptzee.com/ Software Link: http://scriptzee.com/small-business/law-firm-website Demo: http://lawwebsite.scriptzee.com/ Version: 1.0 Category: Webapps Tested on: WiN7x64/KaLiLinuXx64 CV...
Professional Service Booking 1.0 - SQL Injection
Exploit Title: Professional Service Booking Software 1.0 - SQL Injection Dork: N/A Date: 09.09.2017 Vendor Homepage: http://scriptzee.com/ Software Link: http://scriptzee.com/best-softwares/professional-service-booking-engine Demo: http://professionalservice.scriptzee.com/ Version: 1.0 Category:...
Online Print Business 1.0 - SQL Injection
Exploit Title: Online Print Business Software 1.0 - SQL Injection Dork: N/A Date: 09.09.2017 Vendor Homepage: http://scriptzee.com/ Software Link: http://scriptzee.com/best-softwares/online-print-business Demo: http://onlineprintbssiness.scriptzee.com/ Version: 1.0 Category: Webapps Tested on:...
Babysitter Website Script 1.0 - SQL Injection
Exploit Title: Babysitter Website Script 1.0 - SQL Injection Dork: N/A Date: 09.09.2017 Vendor Homepage: http://scriptzee.com/ Software Link: http://scriptzee.com/best-softwares/babysitter-website Demo: http://babysitter.scriptzee.com/ Version: 1.0 Category: Webapps Tested on: WiN7x64/KaLiLinuXx6...
Restaurant Website Script 1.0 - SQL Injection
Exploit Title: Restaurant Website Script 1.0 - SQL Injection Dork: N/A Date: 09.09.2017 Vendor Homepage: http://scriptzee.com/ Software Link: http://scriptzee.com/small-business/restaurant-website-script Demo: http://restaurant.scriptzee.com/ Version: 1.0 Category: Webapps Tested on:...