APNGDis 2.8 - 'image width / height chunk' Heap Buffer Overflow

Exploit Title: APNGDis image width / height Buffer Overflow Date: 14-03-2017 Exploit Author: Alwin Peppels Vendor Homepage: http://apngdis.sourceforge.net/ Software Link: https://sourceforge.net/projects/apngdis/files/2.8/ Version: 2.8 Tested on: Linux Debian / Windows 7 CVE : CVE-2017-6193...

APNGDis 2.8 - 'filename' Stack Buffer Overflow (PoC)

Exploit Title: APNGDis filename Buffer Overflow Date: 14-03-2017 Exploit Author: Alwin Peppels Vendor Homepage: http://apngdis.sourceforge.net/ Software Link: https://sourceforge.net/projects/apngdis/files/2.8/ Version: 2.8 Tested on: Linux Debian / Windows 7 CVE : CVE-2017-6191 Additional...

Car Workshop System - SQL Injection

Exploit Title: Car Workshop System - SQL Injection Google Dork: N/A Date: 13.03.2017 Vendor Homepage: http://prosoft-apps.com/ Software: https://codecanyon.net/item/car-workshop-system/19562074 Demo: http://workshop.prosoft-apps.com/ Version: N/A Tested on: Win7 x64, Kali Linux x64 Exploit Author...

Cerberus FTP Server 8.0.10.1 - Denial of Service

Exploit Title: Cerberus FTP server – Denial of Service Date: 2017-03-13 Exploit Author: Peter Baris Vendor Homepage: https://www.cerberusftp.com/ Software Link: download link if available Version: 8.0.10.1 Tested on: Windows Server 2008 R2 Standard x64, Windows 7 Pro SP1 x64 CVE : CVE-2017-6367...

Oracle VM VirtualBox - Cooperating VMs can Escape from Shared Folder

Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1037 There is a security issue in the shared folder implementation that permits cooperating guests with write access to the same shared folder to gain access to the whole filesystem of the host, at least on Linux hosts. The issue i...

Netgear R7000 / R6400 - 'cgi-bin' Command Injection (Metasploit)

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class MetasploitModule "Netgear R7000 and R6400 cgi-bin Command Injection", 'Description' = %q This module exploits an arbitrary command injection...

Steam Profile Integration 2.0.11 - SQL injection

Exploit Title: IPS Community Suite - Steam Profile Integration 2.0.11 and below SQL injection Google Dork: inurl:tab=nodesteamsteamprofile Date: 13/03/2017 Exploit Author: DrWhat Vendor Homepage: https://invisionpower.com/files/file/8170-steam-profile-integration/ Software Link:...

Easy MOV Converter 1.4.24 - Local Buffer Overflow (SEH)

!/usr/bin/python Exploit Title : Easy MOV Converter - 'Enter User Name' Field SEH Overwrite POC Date : 12/03/2017 Exploit Author : Muhann4d Vendor Homepage : http://www.divxtodvd.net/ Software Link : http://www.divxtodvd.net/easymovconverter.exe Tested Version : 1.4.24 Category : Denial of Servic...

Nintendo Switch - WebKit Code Execution (PoC)

CVE-2016-4657 Switch PoC body font-size: 2em; a text-decoration: none; color: 000; a:hover color: f00; font-weight: bold; CVE-2016-4657 Nintendo Switch PoC go! reload waiting... click go. // display JS errors as alerts. Helps debugging. window.onerror = functionerror, url, line alerterror+'...

Windows x86 - Hide Console Window Shellcode (182 bytes)

Windows x86 - Hide Console Window Shellcode 182 bytes. Shellcode exploit for Winx86 platform / MIT License Copyright c 2017 Ege Balcı Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files the "Software", to deal in the...

Domain Marketplace Script - SQL Injection

Exploit Title: Domain Marketplace Script - SQL Injection Google Dork: N/A Date: 11.03.2017 Vendor Homepage: http://scripteen.com/ Software: http://scripteen.com/item/scripts/scripteen-domain-marketplace-script.html Demo: http://dwm.domainauctionsscript.com/ Version: N/A Tested on: Win7 x64, Kali...

Global In - SQL Injection

Exploit Title: Global In – A LinkedIn Clone - SQL Injection Google Dork: N/A Date: 11.03.2017 Vendor Homepage: https://www.techbizstudio.com/ Software: https://www.techbizstudio.com/product/linkedin-clone/ Demo: https://www.techbizstudio.com/demo/globalin/ Version: N/A Tested on: Win7 x64, Kali...

Global In - Arbitrary File Upload

Exploit Title: Global In - Arbitrary File Upload Google Dork: N/A Date: 11.03.2017 Vendor Homepage: https://www.techbizstudio.com/ Software: https://www.techbizstudio.com/product/linkedin-clone/ Demo: https://www.techbizstudio.com/demo/globalin/ Version: N/A Tested on: Win7 x64, Kali Linux x64...

Vanelo - SQL Injection

Exploit Title: Vanelo – Wanelo Clone - SQL Injection Google Dork: N/A Date: 11.03.2017 Vendor Homepage: https://www.zoplay.com/ Software: https://www.zoplay.com/web/trending-marketplace-website/ Demo: http://wanelo.zoplay.com/ Version: N/A Tested on: Win7 x64, Kali Linux x64 Exploit Author: Ihsan...

Pet Listing Script 3.0 - SQL Injection

Exploit Title: Pet Listing Script v3.0 - SQL Injection Google Dork: N/A Date: 11.03.2017 Vendor Homepage: https://www.phpjabbers.com/ Software: https://www.phpjabbers.com/pet-listing-script/ Demo: http://demo.phpjabbers.com/index.php?demo=petls&front=1&lid=1 Version: 3.0 Tested on: Win7 x64, Kali...

Property Listing Script 3.1 - SQL Injection

Exploit Title: Property Listing Script v3.1 - SQL Injection Google Dork: N/A Date: 11.03.2017 Vendor Homepage: https://www.phpjabbers.com/ Software: https://www.phpjabbers.com/property-listing-script/ Demo: http://demo.phpjabbers.com/index.php?demo=pls&front=1&lid=1 Version: 3.1 Tested on: Win7...

Travel Tours Script 2.0 - SQL Injection

Exploit Title: Travel Tours Script v2.0 - SQL Injection Google Dork: N/A Date: 11.03.2017 Vendor Homepage: https://www.phpjabbers.com/ Software: https://www.phpjabbers.com/travel-tours-script/ Demo: http://demo.phpjabbers.com/index.php?demo=vpl&front=1&lid=1 Version: 2.0 Tested on: Win7 x64, Kali...

Yacht Listing Script 2.0 - SQL Injection

Exploit Title: Yacht Listing Script v2.0 - SQL Injection Google Dork: N/A Date: 11.03.2017 Vendor Homepage: https://www.phpjabbers.com/ Software: https://www.phpjabbers.com/yacht-listing-script/ Demo: http://demo.phpjabbers.com/index.php?demo=yls&front=1&lid=1 Version: 2.0 Tested on: Win7 x64, Ka...

Yellow Pages Script 3.2 - 'category_id' SQL Injection

Exploit Title: Yellow Pages Script v3.2 - SQL Injection Google Dork: N/A Date: 11.03.2017 Vendor Homepage: https://www.phpjabbers.com/ Software: https://www.phpjabbers.com/yellow-pages-script/ Demo: http://demo.phpjabbers.com/index.php?demo=yps&front=1&lid=1 Version: 3.2 Tested on: Win7 x64, Kali...

PHP Forum Script 3.0 - SQL Injection

Exploit Title: PHP Forum Script v3.0 - SQL Injection Google Dork: N/A Date: 11.03.2017 Vendor Homepage: https://www.phpjabbers.com/ Software: https://www.phpjabbers.com/php-forum-script/ Demo: http://demo.phpjabbers.com/index.php?demo=pfs&front=1&lid=1 Version: 3.0 Tested on: Win7 x64, Kali Linux...

MobaXterm Personal Edition 9.4 - Directory Traversal

Credits: John Page AKA hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/MOBAXTERM-TFTP-PATH-TRAVERSAL-REMOTE-FILE-ACCESS.txt + ISR: ApparitionSec Vendor: ===================== mobaxterm.mobatek.net Product: ===============================...

Mirage - SQL Injection

Exploit Title: Mirage – Fancy Clone - SQL Injection Google Dork: N/A Date: 11.03.2017 Vendor Homepage: https://www.zoplay.com/ Software: https://www.zoplay.com/web/multi-vendor-clone-website/ Demo: http://fancyclone.zoplay.com/ Version: N/A Tested on: Win7 x64, Kali Linux x64 Exploit Author: Ihsa...

Fiyo CMS 2.0.6.1 - Privilege Escalation

Exploit Title: Fiyo CMS 2.0.6.1 allows remote authenticated users to gain privileges via a modified level parameter Google Dork: no Date: 11-03-2017 Exploit Author: @runggareksya, @dvnrcy Vendor Homepage: http://www.fiyo.org Software Link: https://sourceforge.net/projects/fiyo-cms Version: 2.0.6....

Fortinet FortiClient 5.2.3 (Windows 10 x86) - Local Privilege Escalation

/ Check these out: - https://www.coresecurity.com/system/files/publications/2016/05/Windows%20SMEP%20bypass%20U%3DS.pdf - https://labs.mwrinfosecurity.com/blog/a-tale-of-bitmaps/ Tested on: - Windows 10 Pro x86 1703/1709 - ntoskrnl.exe: 10.0.16299.309 - FortiShield.sys: 5.2.3.633 Compile: -...

FTP Voyager Scheduler 16.2.0 - Cross-Site Request Forgery

!-- + Credits: John Page AKA hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/FTP-VOYAGER-SCHEDULER-CSRF-REMOTE-CMD-EXECUTION.txt + ISR: ApparitionSec Vendor: ============== solarwinds.com www.serv-u.com Product: ==================== FTP Voyager...

Price Comparison Script 2017.1.8 - SQL Injection

Price Comparison Script 2017.1.8 - SQL Injection. Webapps exploit for PHP platform Exploit Title: Price Comparison Script v2017.1.8 - SQL Injection Google Dork: N/A Date: 10.03.2017 Vendor Homepage: https://www.axisitp.com/ Software: https://www.axisitp.com/price-comparison-script.php Demo:...

Clickbank Affiliate Marketplace Script 2017 - SQL Injection

Clickbank Affiliate Marketplace Script 2017 - SQL Injection. Webapps exploit for PHP platform Exploit Title: Clickbank Affiliate Marketplace Script v2017 - SQL Injection Google Dork: N/A Date: 10.03.2017 Vendor Homepage: https://www.axisitp.com/ Software:...

Kinsey Infor/Lawson / ESBUS - SQL Injection

Exploit Title: Kinsey Infor / Lawson ESBUS - Multiple SQL Injections Date: 3/10/2017 Exploit Author: Michael Benich Vendor homepage: http://www.kinsey.com/infor-lawson.html Version: ALL Tested on: Windows Server 2008 R2; MySQL ver 5.5 CVE: CVE-2017-6550 Kinsey's Infor-Lawson application formerly...

dnaLIMS DNA Sequencing - Directory Traversal / Session Hijacking / Cross-Site Scripting

Title: Multiple vulnerabilities discovered in dnaLIMS DNA sequencing web-application Advisory URL: https://www.shorebreaksecurity.com/blog/product-security-advisory-psa0002-dnalims/ Date published: Mar 08, 2017 Vendor: dnaTools, Inc. CVE IDs: 2017-6526, 2017-6527, 2017-6528, 2017-6529 USCERT VU:...

WatchGuard XTMv 11.12 Build 516911 - User Management Cross-Site Request Forgery

!-- KL-001-2017-004 : WatchGuard XTMv User Management Cross-Site Request Forgery Title: WatchGuard XTMv User Management Cross-Site Request Forgery Advisory ID: KL-001-2017-004 Publication Date: 2017.03.10 Publication URL: https://www.korelogic.com/Resources/Advisories/KL-001-2017-004.txt 1...

Country on Sale Script - SQL Injection

Exploit Title: Country on Sale Script - SQL Injection Google Dork: N/A Date: 09.03.2017 Vendor Homepage: http://www.websitescripts.org/ Software: http://www.websitescripts.org/website-scripts/country-on-sale-script/prod53.html Demo: http://www.websitescripts.org/demo/countryonsalescript/ Version:...

Media Search Engine Script - 'search' SQL Injection

Exploit Title: Media Search Engine Script - SQL Injection Google Dork: N/A Date: 09.03.2017 Vendor Homepage: http://www.websitescripts.org/ Software: http://www.websitescripts.org/website-scripts/media-search-engine-script/prod51.html Demo: http://www.websitescripts.org/demo/mediasearchengine/...

Soundify 1.1 - 'tid' SQL Injection

Exploit Title: Soundify - Audio Sharing Software v1.1 - SQL Injection Google Dork: N/A Date: 09.03.2017 Vendor Homepage: https://www.ncrypted.net/ Software: https://www.ncrypted.net/soundify Demo: http://demo.ncryptedprojects.com/soundify/ Version: N/A Tested on: Win7 x64, Kali Linux x64 Exploit...

BistroStays 3.0 - 'guests' SQL Injection

Exploit Title: BistroStays - Vacation Rental Software v3.0 - SQL Injection Google Dork: N/A Date: 09.03.2017 Vendor Homepage: https://www.ncrypted.net/ Software: https://www.ncrypted.net/bistrostays Demo: http://demo.ncryptedprojects.com/bistrostaysv3/ Version: 3.0 Tested on: Win7 x64, Kali Linux...

Nlance 2.2 - SQL Injection

Exploit Title: Nlance - Freelance Marketplace Software v2.2 - SQL Injection Google Dork: N/A Date: 09.03.2017 Vendor Homepage: https://www.ncrypted.net/ Software: https://www.ncrypted.net/nlance Demo: http://demo.ncryptedprojects.com/nlance-ent/ Version: 2.2 Tested on: Win7 x64, Kali Linux x64...

Busewe 1.2 - SQL Injection

Exploit Title: Busewe - Website Marketplace Software v1.2 - SQL Injection Google Dork: N/A Date: 09.03.2017 Vendor Homepage: https://www.ncrypted.net/ Software: https://www.ncrypted.net/busewe Demo: http://demo.ncryptedprojects.com/busewe/ Version: 1.2 Tested on: Win7 x64, Kali Linux x64 Exploit...

Fashmark 1.2 - 'category' SQL Injection

Exploit Title: Fashmark - eCommerce Script v1.2 - SQL Injection Google Dork: N/A Date: 09.03.2017 Vendor Homepage: https://www.ncrypted.net/ Software: https://www.ncrypted.net/fashmark Demo: http://demo.ncryptedprojects.com/fashmark-ent/ Version: 1.2 Tested on: Win7 x64, Kali Linux x64 Exploit...

TradeMart 1.1 - SQL Injection

Exploit Title: TradeMart - B2B Trading Software v1.1 - SQL Injection Google Dork: N/A Date: 09.03.2017 Vendor Homepage: https://www.ncrypted.net/ Software: https://www.ncrypted.net/trademart Demo: http://demo.ncryptedprojects.com/trademart/ Version: 1.1 Tested on: Win7 x64, Kali Linux x64 Exploit...

Drupal 7.x Module Services - Remote Code Execution

Exploit Title: Drupal 7.x Services Module Remote Code Execution Vendor Homepage: https://www.drupal.org/project/services Exploit Author: Charles FOL Contact: https://twitter.com/ambionics Website: https://www.ambionics.io/blog/drupal-services-module-rce !/usr/bin/php 'dixuSOspsOUU.php', 'data' = ...

Livebox 3 Sagemcom SG30_sip-fr-5.15.8.1 - Denial of Service

!/usr/bin/python Exploit Title: CVE-2017-6552 - Local DoS Buffer Overflow Livebox 3 Date: 09/03/2017 Exploit Author: Quentin Olagne Vendor Homepage: http://www.orange.fr/ Version: SG30sip-fr-5.15.8.1 Tested on: Livebox 3 - Sagemcom CVE : CVE-2017-6552 ''' Livebox router has its default IPv6 routi...

WordPress Plugin Mac Photo Gallery 3.0 - Arbitrary File Download

Exploit Title: WordPress Plugin Mac Photo Gallery v3.0 - Arbitrary File Download Google Dork: N/A Date: 09.03.2017 Vendor Homepage: https://www.apptha.com/ Software: https://www.apptha.com/category/extension/Wordpress/Mac-Photo-Gallery Demo: http://www.apptha.com/demo/mac-photo-gallery Version: 3...

WordPress Plugin Apptha Slider Gallery 1.0 - SQL Injection

Exploit Title: WordPress Plugin Apptha Slider Gallery v1.0 - SQL Injection Google Dork: N/A Date: 09.03.2017 Vendor Homepage: https://www.apptha.com/ Software: https://www.apptha.com/category/extension/Wordpress/apptha-slider-gallery Demo: http://www.apptha.com/demo/apptha-slider-gallery Version:...

WordPress Plugin Apptha Slider Gallery 1.0 - Arbitrary File Download

Exploit Title: WordPress Plugin Apptha Slider Gallery v1.0 - Arbitrary File Download Google Dork: N/A Date: 09.03.2017 Vendor Homepage: https://www.apptha.com/ Software: https://www.apptha.com/category/extension/Wordpress/apptha-slider-gallery Demo: http://www.apptha.com/demo/apptha-slider-galler...

WordPress Plugin PICA Photo Gallery 1.0 - SQL Injection

Exploit Title: WordPress Plugin PICA Photo Gallery v1.0 - SQL Injection Google Dork: N/A Date: 09.03.2017 Vendor Homepage: https://www.apptha.com/ Software: https://www.apptha.com/category/extension/Wordpress/PICA-Photo-Gallery Demo: http://www.apptha.com/demo/pica-photo-gallery Version: 1.0 Test...

e107 < 2.1.4 - 'keyword' Blind SQL Injection

!/usr/bin/perl e107 = 2.1.4 "keyword" Blind SQL Injection Exploit -------------------------------------------------------------------------- Discovered by staker - stakerathotmaildotit Discovered on 09/03/2017 Site Vendor: http://www.e107.org BUG: Blind SQL Injection...

Themeforest Clone Script - SQL Injection

Exploit Title: Themeforest Clone Script - SQL Injection Google Dork: N/A Date: 08.03.2017 Vendor Homepage: http://bsetec.com/ Software : http://themeforestclone.bsetec.com/ Demo: http://www.bsetecdemo.com/marketplus/ Version: N/A Tested on: Win7 x64, Kali Linux x64 Exploit Author: Ihsan Sencan...

Graphicriver Clone Script - SQL Injection

Exploit Title: Graphicriver Clone Script - SQL Injection Google Dork: N/A Date: 08.03.2017 Vendor Homepage: http://bsetec.com/ Software : http://graphicriverclone.bsetec.com/ Demo: http://www.bsetecdemo.com/graphicriverclone/ Version: N/A Tested on: Win7 x64, Kali Linux x64 Exploit Author: Ihsan...

Codecanyon Clone Script - SQL Injection

Exploit Title: Codecanyon Clone Script - SQL Injection Google Dork: N/A Date: 08.03.2017 Vendor Homepage: http://bsetec.com/ Software : http://codecanyonclone.bsetec.com/ Demo: http://www.bsetecdemo.com/codecanyonclone/ Version: N/A Tested on: Win7 x64, Kali Linux x64 Exploit Author: Ihsan Sencan...

Audiojungle Clone Script - SQL Injection

Exploit Title: Audiojungle Clone Script - SQL Injection Google Dork: N/A Date: 08.03.2017 Vendor Homepage: http://bsetec.com/ Software : http://audiojungleclone.bsetec.com/ Demo: http://www.bsetecdemo.com/audiojungleclone Version: N/A Tested on: Win7 x64, Kali Linux x64 Exploit Author: Ihsan Senc...

Videohive Clone Script - SQL Injection

Exploit Title: Videohive Clone Script - SQL Injection Google Dork: N/A Date: 08.03.2017 Vendor Homepage: http://bsetec.com/ Software : http://videohiveclone.bsetec.com/ Demo: http://www.bsetecdemo.com/videohiveclone/ Version: N/A Tested on: Win7 x64, Kali Linux x64 Exploit Author: Ihsan Sencan...