Flash Poker 2.0 - 'game' SQL Injection

Exploit Title: Flash Multiplayer Poker PHP Script 2.0 - SQL Injection Dork: N/A Date: 28.08.2017 Vendor Homepage: http://www.flashpoker.it/ Software Link: https://www.codester.com/items/559/flash-poker-v2-multiplayer-poker-php-script Demo: http://www.flashpoker.it/index/ Version: 2.0 Category:...

Easy WMV/ASF/ASX to DVD Burner 2.3.11 - Local Buffer Overflow (SEH)

!/usr/bin/python ======================================================================================================================== Exploit Author: Touhid M.Shaikh Exploit Title: Easy WMV/ASF/ASX to DVD Burner 2.3.11 - 'Enter User Name' Field Buffer Overflow SEH Date: 28-08-2017 Website:...

Matrimonial Script 2.7 - Authentication Bypass

======================================================== admin panel Authentication bypass Description : An Attackers are able to completely compromise the web application built upon Matrimonial Script as they can gain access to the admin panel and manage the website as an admin without prior...

Easy DVD Creator 2.5.11 - Local Buffer Overflow (SEH)

!/usr/bin/python Exploit Title: Easy DVD Creator 2.5.11 - Buffer Overflow Windows 10 64bit, SEH Date: 26-08-2017 Exploit Author: tr0ubl3m4k3r Vulnerable Software: Easy DVD Creator Vendor Homepage: http://www.divxtodvd.net/ Version: 2.5.11 Software Link: http://www.divxtodvd.net/easydvdcreator.exe...

Apple iOS < 10.3.1 - Kernel

Sources: https://github.com/doadam/ziVA https://blog.zimperium.com/ziva-video-audio-ios-kernel-exploit/ ziVA An iOS kernel exploit designated to work on all 64-bit iOS devices = 10.3.1 More general information https://blog.zimperium.com/zimperium-zlabs-ios-security-advisories/...

Joomla! Component Photo Contest 1.0.2 - SQL Injection

Exploit Title: Joomla! Component Photo Contest 1.0.2- SQL Injection Dork: N/A Date: 25.08.2017 Vendor Homepage: http://keenitsolution.com/ Software Link: https://codecanyon.net/item/photo-contest-joomla-extension/13268866 Demo: http://photo.keenitsolution.com/ Version: 1.0.2 Category: Webapps...

Joomla! Component OSDownloads 1.7.4 - SQL Injection

Exploit Title: Joomla! Component OSDownloads 1.7.4 - SQL Injection Dork: N/A Date: 25.08.2017 Vendor Homepage: https://joomlashack.com/ Software Link: https://extensions.joomla.org/extensions/extension/directory-a-documentation/downloads/osdownloads/ Demo:...

Dup Scout Enterprise 9.9.14 - Remote Buffer Overflow (SEH)

!/usr/bin/env python Exploit Title: Dup Scout Enterprise v 9.9.14 Date: 2017-08-25 Exploit Author: Nipun Jaswal & Anurag Srivastava Author Homepage: www.pyramidcyber.com Vendor Homepage: http://www.dupscout.com Software Link: http://www.dupscout.com/setups/dupscoutentsetupv9.9.14.exe Version:...

Joomla! Component Responsive Portfolio 1.6.1 - SQL Injection

Exploit Title: Joomla! Component RPC - Responsive Portfolio 1.6.1 - SQL Injection Dork: N/A Date: 25.08.2017 Vendor Homepage: https://extro.media/ Software Link: https://extensions.joomla.org/extension/rpc-responsive-portfolio/ Demo: https://demo.extro.media/responsive-joomla-extensions-en/video-...

Sync Breeze Enterprise 9.9.16 - Remote Buffer Overflow (SEH)

!/usr/bin/env python Exploit Title: Sync Breeze Enterprise v9.9.16 Remote SEH Buffer Overflow Date: 2017-08-25 Exploit Author: Nipun Jaswal & Anurag Srivastava Author Homepage: www.pyramidcyber.com Vendor Homepage: http://www.syncbreeze.com Software Link:...

AutoCar 1.1 - 'category' SQL Injection

Exploit Title: Auto Car - Car listing Script 1.1 - SQL Injection Dork: N/A Date: 25.08.2017 Vendor: http://kamleshyadav.com/ Software Link: https://codecanyon.net/item/auto-car-car-listing-script/19221368 Demo: http://kamleshyadav.com/scripts/autocarpreview/ Version: 1.1 Tested on: WiN10X64 Explo...

Disk Pulse Enterprise 9.9.16 - Remote Buffer Overflow (SEH)

!/usr/bin/env python Exploit Title: Disk Pulse Enterprise 9.9.16 Remote SEH Buffer Overflow Date: 2017-08-25 Exploit Author: Nipun Jaswal & Anurag Srivastava Author Homepage: www.pyramidcyber.com Vendor Homepage: http://www.diskpulse.com Software Link:...

Disk Savvy Enterprise 9.9.14 - Remote Buffer Overflow (SEH)

!/usr/bin/env python Exploit Title: Disk Savvy Enterprise 9.9.14 Remote SEH Buffer Overflow Date: 2017-08-25 Exploit Author: Nipun Jaswal & Anurag Srivastava Author Homepage: www.pyramidcyber.com Vendor Homepage: http://www.disksavvy.com Software Link:...

Joomla! Component Bargain Product VM3 1.0 - 'product_id' SQL Injection

Exploit Title: Joomla! Component Bargain Product VM3 1.0 - SQL Injection Dork: N/A Date: 25.08.2017 Vendor Homepage: https://www.weborange.eu/ Software Link: https://www.weborange.eu/extensions/index.php/extensions-vm3/bargain-product-vm3-detail Demo:...

MP3 WAV to CD Burner 1.4.24 - Local Buffer Overflow (SEH)

!/usr/bin/python Exploit Title: MP3 WAV to CD Burner 1.4.24 - 'Enter User Name' Field Buffer Overflow SEH Date: 24-08-2017 Exploit Author: Anurag Srivastava Website: www.pyramidcyber.com Vulnerable Software: MP3 WAV to CD Burner Vendor Homepage: http://www.divxtodvd.net/ Version: 1.4.24 Software...

Easy Video to iPod/MP4/PSP/3GP Converter 1.5.20 - Local Buffer Overflow (SEH)

!/usr/bin/python Exploit Title: Easy Video to iPod/MP4/PSP/3GP Converter 1.5.20 - 'Enter User Name' Field Buffer Overflow SEH Date: 24-08-2017 Exploit Author: Anurag Srivastava Website: www.pyramidcyber.com Vulnerable Software: Easy Video to iPod/MP4/PSP/3GP Converter Vendor Homepage:...

Easy AVI DivX Converter 1.2.24 - Local Buffer Overflow (SEH)

!/usr/bin/python Exploit Title: Easy AVI DivX Converter 1.2.24 - 'Enter User Name' Field Buffer Overflow SEH Date: 24-08-2017 Exploit Author: Anurag Srivastava Website: www.pyramidcyber.com Vulnerable Software: Easy AVI DivX Converter Vendor Homepage: http://www.divxtodvd.net/ Version: 1.2.24...

Joomla! Component MasterForms 1.0.3 - SQL Injection

Joomla! Component MasterForms 1.0.3 - SQL Injection. Webapps exploit for PHP platform...

My Video Converter 1.5.24 - Local Buffer Overflow (SEH)

!/usr/bin/python Exploit Title: My Video Converter 1.5.24 - 'Enter User Name' Field Buffer Overflow SEH Date: 24-08-2017 Exploit Author: Anurag Srivastava Website: www.pyramidcyber.com Vulnerable Software: My Video Converter 1.5.24 Vendor Homepage: http://www.divxtodvd.net/ Version: 1.5.24 Softwa...

Joomla! Component Price Alert 3.0.2 - 'product_id' SQL Injection

Exploit Title: Joomla! Component Price Alert 3.0.2 - SQL Injection Dork: N/A Date: 25.08.2017 Vendor Homepage: https://www.weborange.eu/ Software Link: https://extensions.joomla.org/extensions/extension/extension-specific/virtuemart-extensions/price-alert/ Demo:...

Wireless Repeater BE126 - Local File Inclusion

Exploit Title: WIFI Repeater BE126 – Local File Inclusion Date Publish: 23/08/2017 Exploit Authors: Hay Mizrachi, Omer Kaspi Contact: [email protected], [email protected] Vendor Homepage: http://www.twsz.com Category: Webapps Version: 1.0 Tested on: Windows/Ubuntu 16.04 CVE: CVE-2017-8770 1 -...

libgig 4.0.0 (LinuxSampler) - Multiple Vulnerabilities

================ Author : qflb.wu =============== Introduction: ============= https://www.linuxsampler.org/libgig/ libgig is a C++ library for loading, modifying existing and creating new Gigasampler .gig files and DLS Downloadable Sounds Level 1/2 files, KORG sample based instruments .KSF and .K...

Automated Logic WebCTRL 6.5 - Unrestricted File Upload / Remote Code Execution

!/usr/bin/env python -- coding: utf8 -- Automated Logic WebCTRL 6.5 Unrestricted File Upload Remote Code Execution Vendor: Automated Logic Corporation Product web page: http://www.automatedlogic.com Affected version: ALC WebCTRL, i-Vu, SiteScan Web 6.5 and prior ALC WebCTRL, SiteScan Web 6.1 and...

VX Search Enterprise 9.9.12 - 'Import Command' Local Buffer Overflow

!/usr/bin/python Exploit Title : VX Search Enterprise v9.9.12 - 'Import Command' Buffer Overflow Discovery by : Anurag Srivastava Email : [email protected] Website : www.pyramidcyber.com Discovery Date : 22/08/2017 Software Link :...

Matrimonial Script - SQL Injection

Exploit Title: Matrimonial Script - SQL Injection Dork: N/A Date: 22.08.2017 Vendor Homepage: http://www.scubez.net/ Software Link: http://www.mscript.in/ Demo: http://www.mscript.in/matrimonial-demo.html Version: N/A Category: Webapps Tested on: WiN7x64/KaLiLinuXx64 CVE: N/A Exploit Author: Ihsa...

Automated Logic WebCTRL 6.1 - Path Traversal / Arbitrary File Write

Automated Logic WebCTRL 6.1 Path Traversal Arbitrary File Write Vendor: Automated Logic Corporation Product web page: http://www.automatedlogic.com Affected version: ALC WebCTRL, SiteScan Web 6.1 and prior ALC WebCTRL, i-Vu 6.0 and prior ALC WebCTRL, i-Vu, SiteScan Web 5.5 and prior ALC WebCTRL,...

Automated Logic WebCTRL 6.5 - Local Privilege Escalation

Automated Logic WebCTRL 6.5 Insecure File Permissions Privilege Escalation Vendor: Automated Logic Corporation Product web page: http://www.automatedlogic.com Affected version: ALC WebCTRL, i-Vu, SiteScan Web 6.5 and prior ALC WebCTRL, SiteScan Web 6.1 and prior ALC WebCTRL, i-Vu 6.0 and prior AL...

Disk Pulse Enterprise 9.9.16 - 'Import Command' Local Buffer Overflow

!/usr/bin/python Exploit Title : Disk Pulse Enterprise 9.9.16 - 'Import Command' Buffer Overflow Discovery by : Anurag Srivastava Email : [email protected] Website : www.pyramidcyber.com Discovery Date : 21/08/2017 Software Link :...

IBM OpenAdmin Tool - SOAP welcomeServer PHP Code Execution (Metasploit)

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'IBM OpenAdmin Tool SOAP welcomeServer PHP Code Execution', 'Description' = %q This module exploits an unauthenticated remote PHP code execution...

Microsoft Windows - Escalate UAC Protection Bypass (Via COM Handler Hijack) (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core/exploit/exe' class MetasploitModule 'Windows Escalate UAC Protection Bypass Via COM Handler Hijack', 'Description' = %q This module will bypass Windows...

Disk Savvy Enterprise 9.9.14 - 'Import Command' Local Buffer Overflow

!/usr/bin/python Exploit Title : Disk Savvy Enterprise v9.9.14 - 'Import Command' Buffer Overflow Discovery by : Anurag Srivastava Email : [email protected] Website : www.pyramidcyber.com Discovery Date : 22/08/2017 Software Link :...

(Bitcoin / Dogecoin) PHP Cloud Mining Script - Authentication Bypass

Exploit Title: Bitcoin,Dogecoin Mining 1.0 - Authentication Bypass Dork: N/A Date: 21.08.2017 Vendor Homepage: https://codecanyon.net/user/bousague Software Link: https://codecanyon.net/item/bitcoindogecoin-mining-php-script/20315581 Demo: http://test.z-files.site/ Version: 1.0 Category: Webapps...

Joomla! Component Ajax Quiz 1.8 - SQL Injection

Exploit Title: Joomla! Component Ajax Quiz 1.8 - SQL Injection Dork: N/A Date: 21.08.2017 Vendor Homepage: http://webkul.com/ Software Link: https://extensions.joomla.org/extensions/extension/living/education-a-culture/ajaxquiz/ Demo: http://joomla30.webkul.com/ajaxquiz/ Version: 1.8 Category:...

Affiliate Niche Script 3.4.0 - SQL Injection

Exploit Title: Affiliate Niche Script 3.4.0 SQL Injection Dork: N/A Date: 21.08.2017 Vendor Homepage: https://scriptoffice.com/ Software Link: https://soft.scriptoffice.com/projects/affiliatenichescript/wiki/MainMenu Demo: http://demodesigns.affiliatenichescript.com/ Version: 3.4.0 Category:...

PHP Jokesite 2.0 - 'joke_id' SQL Injection

Exploit Title: PHP Jokesite 2.0 - 'jokeid' Parameter SQL Injection Dork: N/A Date: 21.08.2017 Vendor Homepage: http://www.scriptdemo.com/ Software Link: http://www.scriptdemo.com/details/phpjokesite2/ Demo: http://www.scriptdemo.com/php-jokesite/ver2.0/ Version: 2.0 Category: Webapps Tested on:...

iTech Social Networking Script 3.08 - SQL Injection

Exploit Title: iTech Social Networking Script 3.08 - SQL Injection Dork: N/A Date: 21.08.2017 Vendor Homepage: http://itechscripts.com/ Software Link: http://itechscripts.com/social-networking-script/ Demo: http://social.itechscripts.com Version: 3.08 Category: Webapps Tested on:...

Joomla! Component FocalPoint 1.2.3 - SQL Injection

Exploit Title: Joomla! Component FocalPoint Pro / Free v1.2.3 - SQL Injection Dork: N/A Date: 21.08.2017 Vendor Homepage: http://focalpointx.com/ Software Link: http://focalpointx.com/demos/focalpoint-pro Demo: http://focalpointx.com/demos/focalpoint-free/ Demo:...

Joomla! Component Sponsor Wall 8.0 - SQL Injection

Exploit Title: Joomla! Component Sponsor Wall 8.0 - SQL Injection Dork: N/A Date: 21.08.2017 Vendor Homepage: http://pulseextensions.com/ Software Link: https://extensions.joomla.org/extensions/extension/ads-a-affiliates/sponsors/sponsor-wall/ Demo:...

Joomla! Component Flip Wall 8.0 - 'wallid' SQL Injection

Exploit Title: Joomla! Component Flip Wall 8.0 - SQL Injection Dork: N/A Date: 21.08.2017 Vendor Homepage: http://pulseextensions.com/ Software Link: https://extensions.joomla.org/extensions/extension/ads-a-affiliates/sponsors/flip-wall/ Demo:...

PDF-XChange Viewer 2.5 Build 314.0 - Code Execution

Exploit Title: PDF-XChange Viewer 2.5 Build 314.0 Javascript API Remote Code Execution Exploit Powershell PDF Exploit Creation Date: 21-08-2017 Software Link 32bit: http://pdf-xchange-viewer.it.uptodown.com/windows Exploit Author: Daniele Votta Contact: [email protected] Website:...

PHP-Lance 1.52 - 'subcat' SQL Injection

Exploit Title: PHP-Lance 1.52 - 'subcat' Parameter SQL Injection Dork: N/A Date: 21.08.2017 Vendor Homepage: http://www.scriptdemo.com/ Software Link: http://www.scriptdemo.com/details/phplance/ Demo: http://www.scriptdemo.com/php-lance/ Version: 1.52 Category: Webapps Tested on:...

PHP Classifieds Script 5.6.2 - SQL Injection

Exploit Title: PHP Classifieds Script 5.6.2 SQL Injection Dork: N/A Date: 21.08.2017 Vendor Homepage: https://scriptoffice.com/ Software Link: https://soft.scriptoffice.com/projects/classifiedscript/wiki/MainMenu Demo: http://www.classifieddemo.com/ Version: 5.6.2 Category: Webapps Tested on:...

PHPMyWind 5.3 - Cross-Site Scripting

Exploit Title：PHPMyWind 5.3 has XSS Exploit Author:小雨 Vendor Homepage:http://phpmywind.com Software Link:http://phpmywind.com/downloads/PHPMyWind5.3.zip Version:5.3 CVE:CVE-2017-12984 $r= $dosql-GetOne"SELECT Maxorderid AS orderid FROM @message"; $orderid= empty$r'orderid' ? 1 : $r'orderid' + 1;...

PHP Coupon Script 6.0 - 'cid' SQL Injection

Exploit Title: PHP Coupon Script 6.0 - 'cid' Parameter SQL Injection Dork: N/A Date: 21.08.2017 Vendor Homepage: http://www.couponscript.com/ Software Link: http://www.couponscript.com/ Demo: http://www.couponscript.com/demo/ Version: 6.0 Category: Webapps Tested on: WiN7x64/KaLiLinuXx64 CVE: N/A...

Apache2Triad 1.5.4 - Multiple Vulnerabilities

Credits: John Page AKA hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/APACHE2TRIAD-SERVER-STACK-v1.5.4-MULTIPLE-CVE.txt + ISR: ApparitionSec Vendor: =============== apache2triad.net https://sourceforge.net/projects/apache2triad/ Product:...

Easy DVD Creater 2.5.11 - Local Buffer Overflow (SEH)

!/usr/bin/python Exploit Title: Easy DVD Creater 2.5.11 - 'Enter User Name' Field Buffer Overflow SEH Date: 19-08-2017 Exploit Author: Anurag Srivastava Website: www.pyramidcyber.com Vulnerable Software: Easy DVD Creater Vendor Homepage: http://www.divxtodvd.net/ Version: 2.5.11 Software Link:...

WebKitGTK 2.1.2 (Ubuntu 14.04) - Heap based Buffer Overflow

CVE-2014-1303 PoC for Linux CVE-2014-1303 WebKit Heap based BOF proof of concept for Linux. This repository demonstrates the WebKit heap based buffer overflow vulnerability CVE-2014-1303 on Linux. NOTE: Original exploit is written for Mac OS X and PS4 PlayStation4. I've ported and tested work on...

Linux/x86_64 - Fork Bomb Shellcode (11 bytes)

Linux/x8664 - Fork Bomb Shellcode 11 bytes. Shellcode exploit for Linx86-64 platform / ;Title: Linux/x8664 - fork Bomb 11 bytes ;Author: Touhid M.Shaikh ;Contact: https://twitter.com/touhidshaikh ;Category: Shellcode ;Architecture: Linux x8664 ;Description: WARNING! this shellcode may crash your...

Apple macOS Sierra 10.12.1 - 'IOFireWireFamily' FireWire Port Denial of Service

/ IOFireWireFamily-overflow.c Brandon Azad Buffer overflow reachable from IOFireWireUserClient::localConfigDirectoryPublish. Download: https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/44235.zip / include include include int main int ret = 0; ioservicet service =...

iTech Multi Vendor Script 6.63 - SQL Injection

Exploit Title: iTech Multi Vendor Script 6.63 - SQL Injection Dork: N/A Date: 18.08.2017 Vendor Homepage : http://itechscripts.com/ Software Link: http://itechscripts.com/multi-vendor-shopping-script/ Demo: http://multi-vendor.itechscripts.com/ Version: 6.63 Category: Webapps Tested on:...