47904 matches found
User Login and Management - Multiple Vulnerabilities
----------------------------------------------------------------------------------- | |---------------------------------------------------------------------------------- 1 admin dashboard authentication bypass Description : An Attackers are able to completely compromise the web application built...
QNAP Transcode Server - Command Execution (Metasploit)
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'QNAP Transcode Server Command Execution', 'Description' = %q This module exploits an unauthenticated remote command injection vulnerability in QN...
D-Link DIR-600 - Authentication Bypass
Exploit Title: D-Link DIR-600 - Authentication Bypass Absolute Path Traversal Attack CVE - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12943 Date: 29-08-2017 Exploit Author: Jithin D Kurup Contact : https://in.linkedin.com/in/jithin-d-kurup-77b616142 Vendor : www.dlink.com Version:...
FineCMS 1.0 - Multiple Vulnerabilities
Exploit Title: FineCMS 1.0 Multiple Vulnerabilities Dork: N/A Date: 29.08.2017 Vendor Homepage : http://mvc.net.pl/ Software Link: https://github.com/andrzuk/FineCMS Version: 1.0 Category: Webapps Tested on: WiN7x64/KaLiLinuXx64 CVE: N/A Exploit Author: sohaip-hackerDZ Author Web:...
Abusing Token Privileges For LPE
Abusing Token Privileges For LPE. Papers exploit for Windows platform |=-----------------------------------------------------------------------=| |=----------------= Abusing Token Privileges For LPE=------------------=| |=-----------------------------------------------------------------------=|...
Easy Vedio to PSP Converter 1.6.20 - Local Buffer Overflow (SEH)
!/usr/bin/python Exploit Title: Easy Vedio to PSP Converter 1.6.20 - Local Buffer Overflow SEH Date: 28-08-2017 Exploit Author: Kishan Sharma Email : [email protected] Vulnerable Software: Easy Vedio to PSP Converter Vendor Homepage: http://www.divxtodvd.net/ Version: 1.6.20 Software Link...
PHP Appointment Booking Script - Authentication Bypass
======================================================== Description : an attacker is able to inject malicious sql query to bypass the login page and login as admin Proof of Concept : - http://localhost/appointment/adminlogin.php set username and password to admin' or 1=1 -- -...
Car or Cab Booking Script - Authentication Bypass
======================================================== Car or Cab Booking Script - SQL injection login bypass Description : an attacker is able to inject malicious sql query to bypass the login page and login as admin of the particular school Proof of Concept : -...
NethServer 7.3.1611 - Cross-Site Request Forgery (Create User / Enable SSH Access)
HTML Decoded PoC: history.pushState'', '', '/'...
Schools Alert Management Script - Authentication Bypass
======================================================== Schools Alert Management - SQL injection login bypass Description : an attacker is able to inject malicious sql query to bypass the login page and login as admin of the particular school Proof of Concept : -...
PHP Video Battle Script 1.0 - SQL Injection
Exploit Title: PHP Video Battle Script 1.0 - SQL Injection Dork: N/A Date: 28.08.2017 Vendor Homepage: http://www.rocky.nu/ Software Link: http://www.rocky.nu/product/php-video-battle/ Demo: http://videobattle.rocky.nu/ Version: 1.0 Category: Webapps Tested on: WiN7x64/KaLiLinuXx64 CVE: N/A Explo...
Login-Reg Members Management PHP 1.0 - Arbitrary File Upload
Exploit Title: Login-Reg Members Management PHP 1.0 - Arbitrary File Upload Dork: N/A Date: 28.08.2017 Vendor Homepage : https://www.codester.com/user/mostalo Software Link: https://www.codester.com/items/627/login-reg-members-management-php Demo: http://0log.890m.com/log/signup.php Version: 1.0...
PHP Search Engine 1.0 - SQL Injection
Exploit Title: PHP Search Engine 1.0 - SQL Injection Dork: N/A Date: 28.08.2017 Vendor Homepage: http://nelliwinne.net/ Software Link: https://www.codester.com/items/2975/php-search-engine-mysql-based-simple-site-search Demo: http://codester.nelliwinne.net/PHPSearchEngine/ Version: 1.0 Category:...
Easy Web Search 4.0 - SQL Injection
Exploit Title: Easy Web Search 4.0 - SQL Injection Dork: N/A Date: 28.08.2017 Vendor Homepage: http://nelliwinne.net/ Software Link: https://codecanyon.net/item/easy-web-search-php-search-engine-with-image-search-and-crawling-system/17574164 Demo: http://codecanyon.nelliwinne.net/EasyWebSearch/...
Flash Poker 2.0 - 'game' SQL Injection
Exploit Title: Flash Multiplayer Poker PHP Script 2.0 - SQL Injection Dork: N/A Date: 28.08.2017 Vendor Homepage: http://www.flashpoker.it/ Software Link: https://www.codester.com/items/559/flash-poker-v2-multiplayer-poker-php-script Demo: http://www.flashpoker.it/index/ Version: 2.0 Category:...
WYSIWYG HTML Editor PRO 1.0 - Arbitrary File Download
Exploit Title: WYSIWYG HTML Editor PRO 1.0 - Arbitrary File Download Dork: N/A Date: 28.08.2017 Vendor Homepage: http://nelliwinne.net/ Software Link: https://codecanyon.net/item/wysiwyg-html-editor-pro-php-based-editor-with-image-uploader-and-more/19012022 Demo:...
Smart Chat 1.0.0 - SQL Injection
Exploit Title: Smart Chat - PHP Script 1.0.0 - Authentication Bypass Dork: N/A Date: 28.08.2017 Vendor Homepage: http://codesgit.com/ Software Link: https://www.codester.com/items/997/smart-chat-php-script Demo: http://demos.codesgit.com/smartchat/ Version: 1.0.0 Category: Webapps Tested on:...
Easy WMV/ASF/ASX to DVD Burner 2.3.11 - Local Buffer Overflow (SEH)
!/usr/bin/python ======================================================================================================================== Exploit Author: Touhid M.Shaikh Exploit Title: Easy WMV/ASF/ASX to DVD Burner 2.3.11 - 'Enter User Name' Field Buffer Overflow SEH Date: 28-08-2017 Website:...
Easy RM RMVB to DVD Burner 1.8.11 - Local Buffer Overflow (SEH)
!/usr/bin/python ======================================================================================================================== Exploit Author : Touhid M.Shaikh Exploit Title : Easy RM RMVB to DVD Burner 1.8.11 - 'Enter User Name' Field Buffer Overflow SEH Date : 28-08-2017 Website :...
NethServer 7.3.1611 - Cross-Site Request Forgery / Cross-Site Scripting
NethServer 7.3.1611 Upload.json CSRF Script Insertion Vulnerability Vendor: NethServer.org Product web page: https://www.nethserver.org Affected version: 7.3.1611-u1-x8664 Summary: NethServer is an operating system for the Linux enthusiast, designed for small offices and medium enterprises. It's...
FTP Made Easy PRO 1.2 - SQL Injection
Exploit Title: FTP Made Easy PRO 1.2 - SQL Injection Dork: N/A Date: 28.08.2017 Vendor Homepage: http://nelliwinne.net/ Software Link: https://codecanyon.net/item/ftp-made-easy-pro-php-multiple-ftp-manager-client-with-code-editor/17460747 Demo: http://codecanyon.nelliwinne.net/FTPMadeEasyPRO/...
Matrimonial Script 2.7 - Authentication Bypass
======================================================== admin panel Authentication bypass Description : An Attackers are able to completely compromise the web application built upon Matrimonial Script as they can gain access to the admin panel and manage the website as an admin without prior...
Easy DVD Creator 2.5.11 - Local Buffer Overflow (SEH)
!/usr/bin/python Exploit Title: Easy DVD Creator 2.5.11 - Buffer Overflow Windows 10 64bit, SEH Date: 26-08-2017 Exploit Author: tr0ubl3m4k3r Vulnerable Software: Easy DVD Creator Vendor Homepage: http://www.divxtodvd.net/ Version: 2.5.11 Software Link: http://www.divxtodvd.net/easydvdcreator.exe...
Apple iOS < 10.3.1 - Kernel
Sources: https://github.com/doadam/ziVA https://blog.zimperium.com/ziva-video-audio-ios-kernel-exploit/ ziVA An iOS kernel exploit designated to work on all 64-bit iOS devices = 10.3.1 More general information https://blog.zimperium.com/zimperium-zlabs-ios-security-advisories/...
Joomla! Component Responsive Portfolio 1.6.1 - SQL Injection
Exploit Title: Joomla! Component RPC - Responsive Portfolio 1.6.1 - SQL Injection Dork: N/A Date: 25.08.2017 Vendor Homepage: https://extro.media/ Software Link: https://extensions.joomla.org/extension/rpc-responsive-portfolio/ Demo: https://demo.extro.media/responsive-joomla-extensions-en/video-...
Joomla! Component Photo Contest 1.0.2 - SQL Injection
Exploit Title: Joomla! Component Photo Contest 1.0.2- SQL Injection Dork: N/A Date: 25.08.2017 Vendor Homepage: http://keenitsolution.com/ Software Link: https://codecanyon.net/item/photo-contest-joomla-extension/13268866 Demo: http://photo.keenitsolution.com/ Version: 1.0.2 Category: Webapps...
AutoCar 1.1 - 'category' SQL Injection
Exploit Title: Auto Car - Car listing Script 1.1 - SQL Injection Dork: N/A Date: 25.08.2017 Vendor: http://kamleshyadav.com/ Software Link: https://codecanyon.net/item/auto-car-car-listing-script/19221368 Demo: http://kamleshyadav.com/scripts/autocarpreview/ Version: 1.1 Tested on: WiN10X64 Explo...
Joomla! Component OSDownloads 1.7.4 - SQL Injection
Exploit Title: Joomla! Component OSDownloads 1.7.4 - SQL Injection Dork: N/A Date: 25.08.2017 Vendor Homepage: https://joomlashack.com/ Software Link: https://extensions.joomla.org/extensions/extension/directory-a-documentation/downloads/osdownloads/ Demo:...
Disk Savvy Enterprise 9.9.14 - Remote Buffer Overflow (SEH)
!/usr/bin/env python Exploit Title: Disk Savvy Enterprise 9.9.14 Remote SEH Buffer Overflow Date: 2017-08-25 Exploit Author: Nipun Jaswal & Anurag Srivastava Author Homepage: www.pyramidcyber.com Vendor Homepage: http://www.disksavvy.com Software Link:...
Disk Pulse Enterprise 9.9.16 - Remote Buffer Overflow (SEH)
!/usr/bin/env python Exploit Title: Disk Pulse Enterprise 9.9.16 Remote SEH Buffer Overflow Date: 2017-08-25 Exploit Author: Nipun Jaswal & Anurag Srivastava Author Homepage: www.pyramidcyber.com Vendor Homepage: http://www.diskpulse.com Software Link:...
Sync Breeze Enterprise 9.9.16 - Remote Buffer Overflow (SEH)
!/usr/bin/env python Exploit Title: Sync Breeze Enterprise v9.9.16 Remote SEH Buffer Overflow Date: 2017-08-25 Exploit Author: Nipun Jaswal & Anurag Srivastava Author Homepage: www.pyramidcyber.com Vendor Homepage: http://www.syncbreeze.com Software Link:...
Dup Scout Enterprise 9.9.14 - Remote Buffer Overflow (SEH)
!/usr/bin/env python Exploit Title: Dup Scout Enterprise v 9.9.14 Date: 2017-08-25 Exploit Author: Nipun Jaswal & Anurag Srivastava Author Homepage: www.pyramidcyber.com Vendor Homepage: http://www.dupscout.com Software Link: http://www.dupscout.com/setups/dupscoutentsetupv9.9.14.exe Version:...
Joomla! Component MasterForms 1.0.3 - SQL Injection
Joomla! Component MasterForms 1.0.3 - SQL Injection. Webapps exploit for PHP platform...
Easy AVI DivX Converter 1.2.24 - Local Buffer Overflow (SEH)
!/usr/bin/python Exploit Title: Easy AVI DivX Converter 1.2.24 - 'Enter User Name' Field Buffer Overflow SEH Date: 24-08-2017 Exploit Author: Anurag Srivastava Website: www.pyramidcyber.com Vulnerable Software: Easy AVI DivX Converter Vendor Homepage: http://www.divxtodvd.net/ Version: 1.2.24...
Easy Video to iPod/MP4/PSP/3GP Converter 1.5.20 - Local Buffer Overflow (SEH)
!/usr/bin/python Exploit Title: Easy Video to iPod/MP4/PSP/3GP Converter 1.5.20 - 'Enter User Name' Field Buffer Overflow SEH Date: 24-08-2017 Exploit Author: Anurag Srivastava Website: www.pyramidcyber.com Vulnerable Software: Easy Video to iPod/MP4/PSP/3GP Converter Vendor Homepage:...
Joomla! Component Bargain Product VM3 1.0 - 'product_id' SQL Injection
Exploit Title: Joomla! Component Bargain Product VM3 1.0 - SQL Injection Dork: N/A Date: 25.08.2017 Vendor Homepage: https://www.weborange.eu/ Software Link: https://www.weborange.eu/extensions/index.php/extensions-vm3/bargain-product-vm3-detail Demo:...
MP3 WAV to CD Burner 1.4.24 - Local Buffer Overflow (SEH)
!/usr/bin/python Exploit Title: MP3 WAV to CD Burner 1.4.24 - 'Enter User Name' Field Buffer Overflow SEH Date: 24-08-2017 Exploit Author: Anurag Srivastava Website: www.pyramidcyber.com Vulnerable Software: MP3 WAV to CD Burner Vendor Homepage: http://www.divxtodvd.net/ Version: 1.4.24 Software...
Joomla! Component Price Alert 3.0.2 - 'product_id' SQL Injection
Exploit Title: Joomla! Component Price Alert 3.0.2 - SQL Injection Dork: N/A Date: 25.08.2017 Vendor Homepage: https://www.weborange.eu/ Software Link: https://extensions.joomla.org/extensions/extension/extension-specific/virtuemart-extensions/price-alert/ Demo:...
My Video Converter 1.5.24 - Local Buffer Overflow (SEH)
!/usr/bin/python Exploit Title: My Video Converter 1.5.24 - 'Enter User Name' Field Buffer Overflow SEH Date: 24-08-2017 Exploit Author: Anurag Srivastava Website: www.pyramidcyber.com Vulnerable Software: My Video Converter 1.5.24 Vendor Homepage: http://www.divxtodvd.net/ Version: 1.5.24 Softwa...
Wireless Repeater BE126 - Local File Inclusion
Exploit Title: WIFI Repeater BE126 – Local File Inclusion Date Publish: 23/08/2017 Exploit Authors: Hay Mizrachi, Omer Kaspi Contact: [email protected], [email protected] Vendor Homepage: http://www.twsz.com Category: Webapps Version: 1.0 Tested on: Windows/Ubuntu 16.04 CVE: CVE-2017-8770 1 -...
libgig 4.0.0 (LinuxSampler) - Multiple Vulnerabilities
================ Author : qflb.wu =============== Introduction: ============= https://www.linuxsampler.org/libgig/ libgig is a C++ library for loading, modifying existing and creating new Gigasampler .gig files and DLS Downloadable Sounds Level 1/2 files, KORG sample based instruments .KSF and .K...
Microsoft Windows - Escalate UAC Protection Bypass (Via COM Handler Hijack) (Metasploit)
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core/exploit/exe' class MetasploitModule 'Windows Escalate UAC Protection Bypass Via COM Handler Hijack', 'Description' = %q This module will bypass Windows...
Disk Savvy Enterprise 9.9.14 - 'Import Command' Local Buffer Overflow
!/usr/bin/python Exploit Title : Disk Savvy Enterprise v9.9.14 - 'Import Command' Buffer Overflow Discovery by : Anurag Srivastava Email : [email protected] Website : www.pyramidcyber.com Discovery Date : 22/08/2017 Software Link :...
Disk Pulse Enterprise 9.9.16 - 'Import Command' Local Buffer Overflow
!/usr/bin/python Exploit Title : Disk Pulse Enterprise 9.9.16 - 'Import Command' Buffer Overflow Discovery by : Anurag Srivastava Email : [email protected] Website : www.pyramidcyber.com Discovery Date : 21/08/2017 Software Link :...
Automated Logic WebCTRL 6.1 - Path Traversal / Arbitrary File Write
Automated Logic WebCTRL 6.1 Path Traversal Arbitrary File Write Vendor: Automated Logic Corporation Product web page: http://www.automatedlogic.com Affected version: ALC WebCTRL, SiteScan Web 6.1 and prior ALC WebCTRL, i-Vu 6.0 and prior ALC WebCTRL, i-Vu, SiteScan Web 5.5 and prior ALC WebCTRL,...
Matrimonial Script - SQL Injection
Exploit Title: Matrimonial Script - SQL Injection Dork: N/A Date: 22.08.2017 Vendor Homepage: http://www.scubez.net/ Software Link: http://www.mscript.in/ Demo: http://www.mscript.in/matrimonial-demo.html Version: N/A Category: Webapps Tested on: WiN7x64/KaLiLinuXx64 CVE: N/A Exploit Author: Ihsa...
Automated Logic WebCTRL 6.5 - Local Privilege Escalation
Automated Logic WebCTRL 6.5 Insecure File Permissions Privilege Escalation Vendor: Automated Logic Corporation Product web page: http://www.automatedlogic.com Affected version: ALC WebCTRL, i-Vu, SiteScan Web 6.5 and prior ALC WebCTRL, SiteScan Web 6.1 and prior ALC WebCTRL, i-Vu 6.0 and prior AL...
IBM OpenAdmin Tool - SOAP welcomeServer PHP Code Execution (Metasploit)
This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'IBM OpenAdmin Tool SOAP welcomeServer PHP Code Execution', 'Description' = %q This module exploits an unauthenticated remote PHP code execution...
VX Search Enterprise 9.9.12 - 'Import Command' Local Buffer Overflow
!/usr/bin/python Exploit Title : VX Search Enterprise v9.9.12 - 'Import Command' Buffer Overflow Discovery by : Anurag Srivastava Email : [email protected] Website : www.pyramidcyber.com Discovery Date : 22/08/2017 Software Link :...
Automated Logic WebCTRL 6.5 - Unrestricted File Upload / Remote Code Execution
!/usr/bin/env python -- coding: utf8 -- Automated Logic WebCTRL 6.5 Unrestricted File Upload Remote Code Execution Vendor: Automated Logic Corporation Product web page: http://www.automatedlogic.com Affected version: ALC WebCTRL, i-Vu, SiteScan Web 6.5 and prior ALC WebCTRL, SiteScan Web 6.1 and...