47904 matches found
Cisco 7937G - DoS/Privilege Escalation
Exploit Title: Cisco 7937G 1-4-5-7 - DoS/Privilege Escalation Date: 2020-08-10 Exploit Author: Cody Martin Vendor Homepage: https://cisco.com Version: =SIP-1-4-5-7 Tested On: SIP-1-4-5-5, SIP-1-4-5-7 !/usr/bin/python import sys import getopt import requests import paramiko import socket import os...
User Registration & Login and User Management System 2.1 - Login Bypass SQL Injection
Exploit Title: User Registration & Login and User Management System 2.1 - Login Bypass SQL Injection Date: 2020–11–14 Exploit Author: Mayur Parmarth3cyb3rc0p Vendor Homepage: https://phpgurukul.com Software Link:...
Atheros Coex Service Application 8.0.0.255 - 'ZAtheros Bt&Wlan Coex Agent' Unquoted Service Path
Exploit Title: Atheros Coex Service Application 8.0.0.255 -'ZAtheros Bt&Wlan Coex Agent' Unquoted Service Path Exploit Author : Isabel Lopez Exploit Date: 2020-11-13 Vendor Homepage : https://www.file.net/process/athcoexagent.exe.html Link Software :...
Pandora FMS 7.0 NG 749 - 'CG Items' SQL Injection (Authenticated)
Exploit Title: Pandora FMS 7.0 NG 749 - 'CG Items' SQL Injection Authenticated Date: 11-14-2020 Exploit Author: Matthew Aberegg, Alex Prieto Vendor Homepage: https://pandorafms.com/ Patch Link: https://github.com/pandorafms/pandorafms/commit/1258a1a63535f60924fb69b1f7812c678570cc8e Software Link:...
Car Rental Management System 1.0 - 'car_id' Sql Injection
Exploit Title: Car Rental Management System 1.0 - 'carid' Sql Injection Date: 2020-11.13 Exploit Author: Mehmet Kelepçe / Gais Cyber Security Author ID: 8763 Vendor Homepage: https://www.sourcecodester.com/php/14544/car-rental-management-system-using-phpmysqli-source-code.html Software Link:...
Logitech Solar Keyboard Service - 'L4301_Solar' Unquoted Service Path
Title: Logitech Solar Keyboard Service - 'L4301Solar' Unquoted Service Path Author: Jair Amezcua Date: 2020-11-10 Vendor Homepage: https://www.logitech.com/es-mx Software Link: https://support.logi.com/hc/en-us/articles/360024692874--Downloads-Wireless-Solar-Keyboard-K750 Version : 1.10.3.0 Teste...
Water Billing System 1.0 - 'id' SQL Injection (Authenticated)
Exploit Title: Water Billing System 1.0 - 'id' SQL Injection Authenticated Date: 2020-11-14 Exploit Author: Mehmet Kelepçe / Gais Cyber Security Author ID: 8763 Vendor: https://www.sourcecodester.com/php/14560/water-billing-system-phpmysqli-full-source-code.html Version: 1.0 Tested on: Apache2 an...
Car Rental Management System 1.0 - 'id' SQL Injection (Authenticated)
Exploit Title: Car Rental Management System 1.0 - 'id' SQL Injection Authenticated Date: 2020-11-14 Exploit Author: Mehmet Kelepçe / Gais Cyber Security Author ID: 8763 Vendor Homepage: https://www.sourcecodester.com/php/14544/car-rental-management-system-using-phpmysqli-source-code.html Software...
Advanced System Care Service 13 - 'AdvancedSystemCareService13' Unquoted Service Path
Title: Advanced System Care Service 13 - 'AdvancedSystemCareService13' Unquoted Service Path Author: Jair Amezcua Date: 2020-11-10 Vendor Homepage: https://www.iobit.com Software Link: https://www.iobit.com/es/advancedsystemcarepro.php Version : 13.0.0.157 Tested on: Windows 10 64bitEN CVE : N/A ...
IDT PC Audio 1.0.6425.0 - 'STacSV' Unquoted Service Path
Exploit Title: IDT PC Audio 1.0.6425.0 - 'STacSV' Unquoted Service Path Discovery by: Isabel Lopez Software link: https://www.pconlife.com/download/otherfile/20566/098185e9b7c417cf7480bb9f839db652/ Discovery Date: 2020-11-07 Tested Version: 1.0.6425.0 Vulnerability Type: Unquoted Service Path...
SAntivirus IC 10.0.21.61 - 'SAntivirusIC' Unquoted Service Path
Exploit Title: SAntivirus IC 10.0.21.61 - 'SAntivirusIC' Unquoted Service Path Discovery by: Mara Ramirez Discovery Date: 10-11-2020 Vendor Homepage: https://www.segurazo.com/download.html Software Links : https://www.segurazo.com/download.html Tested Version: 10.0.21.61 Vulnerability Type:...
DigitalPersona 5.1.0.656 'DpHostW' - Unquoted Service Path
Exploit Title: DigitalPersona 5.1.0.656 'DpHostW' - Unquoted Service Path Discovery by: Teresa Q Discovery Date: 2020-11-11 Vendor:DigitalPersona U. are U. One Touch Version: 5.1.0.656 Vulnerability Type: Unquoted Service Path Vendor Homepage : https://www.hidglobal.com/crossmatch Tested on OS:...
OpenCart Theme Journal 3.1.0 - Sensitive Data Exposure
Exploit Title: OpenCart Theme Journal 3.1.0 - Sensitive Data Exposure Date: 11-06-2020 Vendor Homepage: https://www.journal-theme.com/ Vendor Changelog: https://docs.journal-theme.com/changelog Exploit Author: Jinson Varghese Behanan @JinsonCyberSec Author Advisory:...
Touchbase.io 1.10 - Stored Cross Site Scripting
Exploit Title: Touchbase.io 1.10 - Stored Cross Site Scripting Date: 2020-11-11 Exploit Author: Simran Sankhala Vendor Homepage: https://touchbase.ai/ Software Link: https://touchbase.ai/ Version: 1.1.0 Tested on: Windows 10 Proof Of Concept: touchbase.ai application allows stored XSS, via the 'A...
Apache Tomcat - AJP 'Ghostcat' File Read/Inclusion (Metasploit)
require "msf/core" class MetasploitModule "Ghostcat", "Description" = %q When using the Apache JServ Protocol AJP, care must be taken when trusting incoming connections to Apache Tomcat. Tomcat treats AJP connections as having higher trust than, for example, a similar HTTP connection. If such...
Bludit 3.9.2 - Authentication Bruteforce Bypass (Metasploit)
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Bludit Panel Brute force', 'Description' = %q This Module performs brute force attack on Bludit Panel. , 'Author' = 'Eren Simsek ', 'License' =...
October CMS Build 465 - Arbitrary File Read Exploit (Authenticated)
Exploit Title: October CMS Build 465 - Arbitrary File Read Exploit Authenticated Date: 2020-03-31 Exploit Author: Sivanesh Ashok Vendor Homepage: https://octobercms.com/ Version: Build 465 and below Tested on: Windows 10 / XAMPP / October CMS Build 465 CVE: CVE-2020-5295 echo ''' Authenticated...
Citrix ADC NetScaler - Local File Inclusion (Metasploit)
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Citrix ADC NetScaler - Local File Inclusion Metasploit', 'Description' = % The remote device is affected by multiple vulnerabilities. An...
ASUS TM-AC1900 - Arbitrary Command Execution (Metasploit)
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'ASUS TM-AC1900 - Arbitrary Command Execution', 'Description' = %q This module exploits a code execution vulnerability within the ASUS TM-AC1900...
Sony Playstation 4 (PS4) < 6.72 - 'ValidationMessage::buildBubbleTree()' Use-After-Free WebKit Code Execution (PoC)
const OFFSETELEMENTREFCOUNT = 0x10; const OFFSETJSABVIEWVECTOR = 0x10; const OFFSETJSABVIEWLENGTH = 0x18; const OFFSETLENGTHSTRINGIMPL = 0x04; const OFFSETHTMLELEMENTREFCOUNT = 0x14; const LENGTHARRAYBUFFER = 0x8; const LENGTHSTRINGIMPL = 0x14; const LENGTHJSVIEW = 0x20; const...
Wordpress Plugin Good LMS 2.1.4 - 'id' Unauthenticated SQL Injection
Exploit Title: Wordpress Plugin Good LMS 2.1.4 - 'id' Unauthenticated SQL Injection Software Link: https://codecanyon.net/item/good-lms-learning-management-system-wp-plugin/9033850 Version: prefix . 'gdlrpayment '; 688- $sql .= 'WHERE id=' . $POST'id' . ' AND '; 689- $sql .=...
Water Billing System 1.0 - 'username' and 'password' parameters SQL Injection
Exploit Title: Water Billing System 1.0 - 'username' and 'password' parameters SQL Injection SQL Injection in 'username' and 'password' parameters allows attacker to run the SQL commands on the victim to extract entire DB. In advanced exploitation, an attacker can run the arbitrary code on the...
Nidesoft 3GP Video Converter 2.6.18 - Local Stack Buffer Overflow
Exploit Title: Nidesoft 3GP Video Converter 2.6.18 - Local Stack Buffer Overflow Date: 2020-07-30 Author: Felipe Winsnes Software Link: http://www.nidesoft.com/downloads/3gp-video-converter.exe Version: 2.6.18 Tested on: Windows 7 x86 Blog: https://whitecr0wz.github.io/ Proof of Concept: 1.- Run...
Customer Support System 1.0 - Cross-Site Request Forgery
Exploit Title: Customer Support System 1.0 - Cross-Site Request Forgery Admin Account Takeover Date: 2020-11-11 Exploit Author: Ahmed Abbas Vendor Homepage: https://www.sourcecodester.com/php/14587/customer-support-system-using-phpmysqli-source-code.html Software Link:...
Customer Support System 1.0 - 'username' Authentication Bypass
Title: Customer Support System 1.0 - 'username' Authentication Bypass Date: 2020-11-11 Exploit Author: Ahmed Abbas Vendor Homepage: https://www.sourcecodester.com/php/14587/customer-support-system-using-phpmysqli-source-code.html Software Link:...
CMSUno 1.6.2 - 'user' Remote Code Execution (Authenticated)
Exploit Title: CMSUno 1.6.2 - 'user' Remote Code Execution Authenticated Google Dork: N/A Date: 2020.09.30 Exploit Author: Fatih Çelik Vendor Homepage: https://github.com/boiteasite/cmsuno/ Software Link: https://github.com/boiteasite/cmsuno/ Blog:...
Customer Support System 1.0 - 'description' Stored XSS in The Admin Panel
Exploit Title: Customer Support System 1.0 - 'description' Stored XSS in The Admin Panel Date: 2020-11-11 Exploit Author: Ahmed Abbas Vendor Homepage: https://www.sourcecodester.com/php/14587/customer-support-system-using-phpmysqli-source-code.html Software Link:...
Anuko Time Tracker 1.19.23.5325 - CSV/Formula Injection
Exploit Title: Anuko Time Tracker 1.19.23.5325 - CSV/Formula Injection Date: 2020-10-17 Exploit Author: Mufaddal Masalawala Vendor Homepage: https://www.anuko.com/ Software Link: https://www.anuko.com/time-tracker/index.htm Version: 1.19.23.5325 Tested on: Kali Linux 2020.3 CVE: CVE-2020-15255...
Car Rental Management System 1.0 - SQL injection + Arbitrary File Upload
Exploit Title: Car Rental Management System 1.0 - SQL injection + Arbitrary File Upload Date: 09-11-2020 Exploit Author: Fortunato Lodari fox at thebrain dot net Vendor Homepage: https://www.sourcecodester.com/php/14544/car-rental-management-system-using-phpmysqli-source-code.html Software Link:...
ShoreTel Conferencing 19.46.1802.0 - Reflected Cross-Site Scripting
Exploit Title: ShoreTel Conferencing 19.46.1802.0 - Reflected Cross-Site Scripting Date: 11/8/2020 Exploit Author: Joe Helle Vendor Homepage: https://www.mitel.com/articles/what-happened-shoretel-products Version: 19.46.1802.0 Tested on: Linux CVE: 2020-28351 PoC: The conferencing component on...
KMSpico 17.1.0.0 - 'Service KMSELDI' Unquoted Service Path
Exploit Title: KMSpico 17.1.0.0 - 'Service KMSELDI' Unquoted Service Path Exploit Author : SamAlucard Exploit Date: 2020-11-08 Vendor : KMSpico Version : ServiceKMS 17.1.0.0 Vendor Homepage : https://official-kmspico.com/ Tested on OS: Windows 7 Pro Analyze PoC : ============== C:\sc qc "Service...
SuiteCRM 7.11.15 - 'last_name' Remote Code Execution (Authenticated)
Exploit Title: SuiteCRM 7.11.15 - 'lastname' Remote Code Execution Authenticated Date: 08 NOV 2020 Exploit Author: M. Cory Billington @th3y Vendor Homepage: https://suitecrm.com/ Software Link: https://github.com/salesagility/SuiteCRM Version: 7.11.15 and below Tested on: Ubuntu 20.04 LTS CVE:...
Genexis Platinum-4410 P4410-V2-1.28 - Broken Access Control and CSRF
Exploit Title: Genexis Platinum-4410 P4410-V2-1.28 - Broken Access Control and CSRF Date: 28-08-2020 Vendor Homepage: https://www.gxgroup.eu/ont-products/ Exploit Author: Jinson Varghese Behanan @JinsonCyberSec Author Advisory:...
Motorola Device Manager 2.5.4 - 'MotoHelperService.exe' Unquoted Service Path
Exploit Title: Motorola Device Manager 2.5.4 - 'MotoHelperService.exe' Unquoted Service Path Discovery by: Angel Canseco Discovery Date: 2020-11-07 Vendor Homepage: https://motorola-device-manager.programas-gratis.net/descarga-completada Tested Version: 2.5.4 Vulnerability Type: Unquoted Service...
Syncplify.me Server! 5.0.37 - 'SMWebRestServicev5' Unquoted Service Path
Exploit Title: Syncplify.me Server! 5.0.37 - 'SMWebRestServicev5' Unquoted Service Path Date: 2020-11-08 Exploit Author: Julio Aviña Vendor Homepage: https://www.syncplify.me/ Software Link: https://download.syncplify.me/SMServerSetup.exe Version: 5.0.37 Tested on: Windows 10 Pro x64 es...
OKI sPSV Port Manager 1.0.41 - 'sPSVOpLclSrv' Unquoted Service Path
Exploit Title: OKI sPSV Port Manager 1.0.41 - 'sPSVOpLclSrv' Unquoted Service Path Date: 2020-11-08 Exploit Author: Julio Aviña Vendor Homepage: https://www.oki.com/ Software Link: https://www.oki.com/mx/printing/download/sPSV0100412270910.exe Software Version: 1.0.41 File Version: 1.4.2.0 Tested...
IPTInstaller 4.0.9 - 'PassThru Service' Unquoted Service Path
Exploit Title: IPTInstaller 4.0.9 - 'PassThru Service' Unquoted Service Path Exploit Author : SamAlucard Exploit Date: 2020-11-08 Vendor : HTC Version : IPTInstaller 4.0.9 Vendor Homepage : https://www.htc.com/latam/ Tested on OS: Windows 7 Pro Analyze PoC : ============== C:\Users\DSAZ230sc qc...
Genexus Protection Server 9.6.4.2 - 'protsrvservice' Unquoted Service Path
Exploit Title: Genexus Protection Server 9.6.4.2 - 'protsrvservice' Unquoted Service Path Service Path Exploit Author : SamAlucard Exploit Date: 2020-11-08 Vendor : Genexus Version : Genexus Protection Server 9.6.4.2 Software Link: https://www.genexus.com/en/developers/downloadcenter?data=;; Vend...
Winstep 18.06.0096 - 'Xtreme Service' Unquoted Service Path
Exploit Title: Winstep 18.06.0096 - 'Xtreme Service' Unquoted Service Path Exploit Author : SamAlucard Exploit Date: 2020-11-08 Vendor : Winstep Version : WsxService 18.06.0096 Vendor Homepage : https://www.winstep.net/xtreme.asp Tested on OS: Windows 7 Pro Analyze PoC : ============== C:\sc qc...
HP Display Assistant x64 Edition 3.20 - 'DTSRVC' Unquoted Service Path
Exploit Title: HP Display Assistant x64 Edition 3.20 - 'DTSRVC' Unquoted Service Path Date: 2020-11-08 Exploit Author: Julio Aviña Vendor Homepage: https://www.portrait.com/ Software Link: https://www.portrait.com/dtune/hwp/enu/ Software Version: 3.20 File Version: 1.0.0.1 Tested on: Windows 10 P...
DigitalPersona 4.5.0.2213 - 'DpHostW' Unquoted Service Path
Exploit Title: DigitalPersona 4.5.0.2213 - 'DpHostW' Unquoted Service Path Exploit Author : SamAlucard Exploit Date: 2020-11-08 Vendor : DigitalPersona U. are U. One Touch Version : DigitalPersona Pro 4.5.0.2213 Vendor Homepage : https://www.hidglobal.com/crossmatch Tested on OS: Windows 10 Home...
Privacy Drive v3.17.0 - 'pdsvc.exe' Unquoted Service Path
Exploit Title: Privacy Drive v3.17.0 - 'pdsvc.exe' Unquoted Service Path Date: 2020-8-20 Exploit Author: Mohammed Alshehri Vendor Homepage: https://www.cybertronsoft.com/ Software Link: https://www.cybertronsoft.com/download/privacy-drive-setup.exe Version: Version 3.17.0 Build 1456 Tested on:...
DiskBoss v11.7.28 - Multiple Services Unquoted Service Path
Exploit Title: DiskBoss v11.7.28 - Multiple Services Unquoted Service Path Date: 2020-8-20 Exploit Author: Mohammed Alshehri Vendor Homepage: https://www.diskboss.com/ Software Link: https://www.diskboss.com/downloads.html Version: v11.7.28 Tested on: Microsoft Windows Server 2019 Standard...
Joplin 1.2.6 - 'link' Cross Site Scripting
Exploit Title: Joplin 1.2.6 - 'link' Cross Site Scripting Date: 2020-09-21 Exploit Author: Philip Holbrook @fhlipZero Vendor Homepage: https://joplinapp.org/ Software Link: https://github.com/laurent22/joplin/releases/tag/v1.2.6 Version: 1.2.6 Tested on: Windows / Mac CVE : CVE-2020-28249...
Magic Mouse 2 utilities 2.20 - 'magicmouse2service' Unquoted Service Path
Exploit Title: Magic Mouse 2 utilities 2.20 - 'magicmouse2service' Unquoted Service Path Exploit Author : SamAlucard Exploit Date: 2020-11-07 Vendor : Magic Utilities Pty Version : 64-bit 2.20 Vendor Homepage : https://magicutilities.net/magic-mouse/home Tested on OS: Windows 10 Home Analyze PoC ...
RealTimes Desktop Service 18.1.4 - 'rpdsvc.exe' Unquoted Service Path
Exploit Title: RealTimes Desktop Service 18.1.4 - 'rpdsvc.exe' Unquoted Service Path Discovery by: Erick Galindo Discovery Date: 2020-11-07 Vendor Homepage: https://www.real.com/ Tested Version: 18.1.4 Vulnerability Type: Unquoted Service Path Tested on OS: Windows 7 Enterprise SP1 x64 es Step to...
Canon Inkjet Extended Survey Program 5.1.0.8 - 'IJPLMSVC.EXE' - Unquoted Service Path
Exploit Title: Canon Inkjet Extended Survey Program 5.1.0.8 - 'IJPLMSVC.EXE' - Unquoted Service Path Discovery by: Carlos Roa Discovery Date: 2020-11-07 Vendor Homepage: https://www.usa.canon.com/internet/portal/us/home Tested Version: 5.1.0.8 Vulnerability Type: Unquoted Service Path Tested on O...
iDeskService 3.0.2.1 - 'iDeskService' Unquoted Service Path
Exploit Title: iDeskService 3.0.2.1 - 'iDeskService' Unquoted Service Path Discovery by: Leslie Lara Discovery Date: 7-09-2020 Vendor Homepage: https://www.huawei.com/en/corporate-information Software Links :...
Realtek Audio Service 1.0.0.55 - 'RtkAudioService64.exe' Unquoted Service Path
Exploit Title: Realtek Audio Service 1.0.0.55 - 'RtkAudioService64.exe' Unquoted Service Path Discovery by: Erika Figueroa Discovery Date: 2020-11-07 Vendor Homepage: https://www.realtek.com/en/ Tested Version: 1.0.0.55 Vulnerability Type: Unquoted Service Path Tested on OS: Windows 8.1 x64 es St...
Realtek Andrea RT Filters 1.0.64.10 - 'AERTSr64.EXE' Unquoted Service Path
Exploit Title: Realtek Andrea RT Filters 1.0.64.10 - 'AERTSr64.EXE' Unquoted Service Path Discovery by: Erika Figueroa Discovery Date: 2020-11-07 Vendor Homepage: https://www.realtek.com/en/ Tested Version: 1.0.64.10 Vulnerability Type: Unquoted Service Path Tested on OS: Windows 8.1 x64 es Step ...