47884 matches found
Wordpress Plugin Maintenance Mode by SeedProd 5.1.1 - Persistent Cross-Site Scripting
Exploit Title: Wordpress Plugin Maintenance Mode by SeedProd 5.1.1 - Persistent Cross-Site Scripting Date: 2020-06-22 Vendor Homepage: https://www.seedprod.com/ Vendor Changelog: https://wordpress.org/plugins/coming-soon/developers Exploit Author: Jinson Varghese Behanan @JinsonCyberSec Author...
Cisco Adaptive Security Appliance Software 9.7 - Unauthenticated Arbitrary File Deletion
Exploit Title: Cisco Adaptive Security Appliance Software 9.7 - Unauthenticated Arbitrary File Deletion Google Dork: inurl:/+CSCOE+/ Date: 2020-08-27 Exploit Author: 0xmmnbassel Vendor Homepage: https://www.cisco.com/c/en/us/products/security/asa-firepower-services/index.htmlmodels Version: Cisco...
Cisco Adaptive Security Appliance Software 9.11 - Local File Inclusion
Exploit Title: Cisco Adaptive Security Appliance Software 9.11 - Local File Inclusion Google Dork: inurl:/+CSCOE+/ Date: 2020-08-27 Exploit Author: 0xmmnbassel Vendor Homepage: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-ro-path-KJuQhB86 Version: Cisco AS...
eGroupWare 1.14 - 'spellchecker.php' Remote Command Execution
Exploit Title: eGroupWare 1.14 - 'spellchecker.php' Remote Command Execution Date: 2020-07-27 Exploit Author: Berk KIRAS Vendor Homepage: https://www.egroupware.org/en/ Version: 1.14 Tested on: Apache Berk KIRAS PwC - Cyber Security Specialist !/usr/bin/python3 import requests import sys import...
F5 Big-IP 13.1.3 Build 0.0.6 - Local File Inclusion
Exploit Title: F5 Big-IP 13.1.3 Build 0.0.6 - Local File Inclusion Date: 2019-08-17 Exploit Author: Carlos E. Vieira Vendor Homepage: https://www.f5.com/products/big-ip-services Version: 0: return True else: return False else: return False def leakPasswd: print"+ Leaking /etc/passwd from server"...
INNEO Startup TOOLS 2018 M040 13.0.70.3804 - Remote Code Execution
Exploit Title: INNEO Startup TOOLS 2018 M040 13.0.70.3804 - Remote Code Execution Date: 2020-07-23 Exploit Author: Patrick Hener, SySS GmbH Many credits go to Dr. Benjamin Heß, SySS GmbH for helping with php oddities and the powershell payload Advisory: SYSS-2020-028...
Port Forwarding Wizard 4.8.0 - Buffer Overflow (SEH)
Exploit Title: Port Forwarding Wizard 4.8.0 - Buffer Overflow SEH Exploit Author: Sarang Tumne Date: 2020-07-18 CVE ID: N/A Confirmed on release 4.8.0 and 4.5.0 Vendor: http://www.port-forwarding.net/ Tested on OS- Windows Vista Buffer overflow in upRedSun Port Forwarding Wizard 4.8.0 and earlier...
ManageEngine Applications Manager 13 - 'MenuHandlerServlet' SQL Injection
Exploit Title: ManageEngine Applications Manager 13 - 'MenuHandlerServlet' SQL Injection Google Dork: intitle:"Applications Manager Login Screen" Date: 2020-07-23 Exploit Author: aldorm Vendor Homepage: https://www.manageengine.com/ Software Link: Version: 12 and 13 before Build 13200 Tested on:...
Socusoft Photo to Video Converter Professional 8.07 - 'Output Folder' Buffer Overflow (SEH Egghunter)
Exploit Title: Socusoft Photo to Video Converter Professional 8.07 - 'Output Folder' Buffer Overflow SEH Egghunter Date: 2020-07-23 Exploit Author: MasterVlad Vendor Homepage: http://www.dvd-photo-slideshow.com/photo-to-video-converter.html Software Link:...
Webtareas 2.1p - Arbitrary File Upload (Authenticated)
Exploit Title: Webtareas 2.1p - Arbitrary File Upload Authenticated Author: AppleBois Date: 2020-07-10 Exploit author : AppleBois Vendor Hompage:https://sourceforge.net/projects/webtareas/ Version: 2.1 && 2.1p Tested on: Window 10 64 bit environment || XAMPP Authenticated User allowed to upload...
Bludit 3.9.2 - Directory Traversal
Title: Bludit 3.9.2 - Directory Traversal Author: James Green Date: 2020-07-20 Vendor Homepage: https://www.bludit.com Software Link: https://github.com/bludit/bludit Version: 3.9.2 Tested on: Linux Ubuntu 19.10 Eoan CVE: CVE-2019-16113 Special Thanks to Ali Faraj @InfoSecAli and authors of MSF...
WordPress Plugin Email Subscribers & Newsletters 4.2.2 - Unauthenticated File Download
Exploit Title: WordPress Plugin Email Subscribers & Newsletters 4.2.2 - Unauthenticated File Download Google Dork: "Stable tag" inurl:wp-content/plugins/email-subscribers/readme.txt Date: 2020-07-20 Exploit Author: KBA@SOGETIESEC Vendor Homepage: https://www.icegram.com/email-subscribers/ Softwar...
Calavera UpLoader 3.5 - 'FTP Logi' Denial of Service (PoC + SEH Overwrite)
Exploit Title: Calavera UpLoader 3.5 - 'FTP Logi' Denial of Service PoC + SEH Overwrite Date: 2020-07-20 Author: Felipe Winsnes Software Link: https://www.exploit-db.com/apps/463c9e7fe9a39888d3c01bc9ad756bba-UpSetup.exe Version: 3.5 Tested on: Windows 7 x86 Blog: https://whitecr0wz.github.io/ Sad...
Rails 5.0.1 - Remote Code Execution
Exploit Title: Rails 5.0.1 - Remote Code Execution Date: 2020-07-19 Exploit Author: Lucas Amorim Vendor Homepage: www.rubyonrails.org Software Link: www.rubyonrails.org Version: Rails " end if ARGV.length 3 header exit-1 end url = ARGV0 ip = ARGV1 port = ARGV2 puts " Sending payload to url" uri =...
LibreHealth 2.0.0 - Authenticated Remote Code Execution
Exploit Title: LibreHealth 2.0.0 - Authenticated Remote Code Execution Exploit Author: Bobby Cooke Date: 2020-07-17 Vendor Homepage: https://librehealth.io/ Software Link: https://github.com/LibreHealthIO/lh-ehr Version: 2.0.0 Tested On: Windows 10 Pro 1909 x6486 + XAMPP 7.4.4 Exploit Tested Usin...
PandoraFMS NG747 7.0 - 'filename' Persistent Cross-Site Scripting
Exploit Title: PandoraFMS NG747 7.0 - 'filename' Persistent Cross-Site Scripting Date: 2020-08-20 Exploit Author: Emre ÖVÜNÇ Vendor Homepage: https://pandorafms.org/ Software Link: https://pandorafms.org/features/free-download-monitoring-software/ Version: 7.0NG747 Tested on: Windows/Linux/ISO Li...
Free MP3 CD Ripper 2.8 - Stack Buffer Overflow (SEH + Egghunter)
Exploit Title: Free MP3 CD Ripper 2.8 - Stack Buffer Overflow SEH + Egghunter Date: 2020-07-22 Exploit Author: Eduard Palisek Vendor Homepage: https://www.cleanersoft.com Software Link: https://www.cleanersoft.com/download/FMCRSetup.exe Version: 2.8 Build 20140611 Tested on: Windows XP,...
UBICOD Medivision Digital Signage 1.5.1 - Cross-Site Request Forgery (Add Admin)
Title: UBICOD Medivision Digital Signage 1.5.1 - Cross-Site Request Forgery Add Admin Date: 2020-07-23 Author: LiquidWorm Product web page: http://www.medivision.co.kr CVE: N/A input type="hidden" name="aai...
Nidesoft DVD Ripper 5.2.18 - Local Buffer Overflow (SEH)
Exploit Title: Nidesoft DVD Ripper 5.2.18 - Local Buffer Overflow SEH Date: 2020-07-26 Author: Felipe Winsnes Software Link: https://nidesoft-dvd-ripper.softonic.com/ Version: 5.2.18 Tested on: Windows 7 x86 Blog: https://whitecr0wz.github.io/ Proof of Concept: 1.- Run the python script, it will...
docPrint Pro 8.0 - 'Add URL' Buffer Overflow (SEH Egghunter)
Exploit Title: docPrint Pro 8.0 - 'Add URL' Buffer Overflow SEH Egghunter Date: 2020-07-26 Exploit Author: MasterVlad Vendor Homepage: http://www.verypdf.com Software Link: http://dl.verypdf.net/docprintprosetup.exe Version: 8.0 Vulnerability Type: Local Buffer Overflow Tested on: Windows 7 32-bi...
PandoraFMS 7.0 NG 746 - Persistent Cross-Site Scripting
Exploit Title: PandoraFMS 7.0 NG 746 - Persistent Cross-Site Scripting Date: 2020-07-01 Author: AppleBois Version: 7xx ≤ 746 Homepage: https://pandorafms.org/ Software Link: https://sourceforge.net/projects/pandora/files/Pandora FMS 7.0NG/ CVE-2020-11749 By asking network administrator to scan SN...
Koken CMS 0.22.24 - Arbitrary File Upload (Authenticated)
Exploit Title: Koken CMS 0.22.24 - Arbitrary File Upload Authenticated Date: 2020-07-15 Exploit Author: v1n1v131r4 Vendor Homepage: http://koken.me/ Software Link: https://www.softaculous.com/apps/cms/Koken Version: 0.22.24 Tested on: Linux PoC:...
Sickbeard 0.1 - Cross-Site Request Forgery (Disable Authentication)
Exploit Title: Sickbeard 0.1 - Cross-Site Request Forgery Disable Authentication Google Dork: https://www.shodan.io/search?query=sickbeard Date: 2020-06-06 Exploit Author: bdrake Vendor Homepage: https://sickbeard.com/ Software Link: https://github.com/midgetspy/Sick-Beard Version: alpha master -...
Online Course Registration 1.0 - Unauthenticated Remote Code Execution
Exploit Title: Online Course Registration 1.0 - Unauthenticated Remote Code Execution Exploit Author: Bobby Cooke Credit to BKpatron for similar Auth Bypass on admin page - exploit-db.com/exploits/48559 Date: 2020-07-15 Vendor Homepage: Vendor Homepage:...
DiskBoss 7.7.14 - 'Reports and Data Directory' Buffer Overflow (SEH Egghunter)
Exploit Title: DiskBoss 7.7.14 - 'Reports and Data Directory' Buffer Overflow SEH Egghunter Date: 2020-07-26 Exploit Author: MasterVlad Vendor Homepage: https://www.diskboss.com/ Software Link: https://github.com/x00x00x00x00/diskboss7.7.14/raw/master/diskbosssetupv7.7.14.exe Version: 7.7.14...
GOautodial 4.0 - Persistent Cross-Site Scripting (Authenticated)
Exploit Title: GOautodial 4.0 - Persistent Cross-Site Scripting Authenticated Author: Balzabu Discovery Date: 2020-07-23 Vendor Homepage: https://goautodial.org/ Software Link: https://goautodial.org/GOautodial-4-x8664-Final-20191010-0150.iso.html Tested Version: 4.0 Last relase as of today Teste...
Frigate Professional 3.36.0.9 - 'Pack File' Buffer Overflow (SEH Egghunter)
Exploit Title: Frigate Professional 3.36.0.9 - 'Pack File' Buffer Overflow SEH Egghunter Date: 2020-07-24 Exploit Author: MasterVlad Vendor Homepage: http://www.frigate3.com/ Software Link: http://www.frigate3.com/download/frigate3pro.exe Version: 3.36.0.9 Vulnerability Type: Local Buffer Overflo...
pfSense 2.4.4-p3 - Cross-Site Request Forgery
Exploit Title: pfSense 2.4.4-p3 - Cross-Site Request Forgery Date: 2019-09-27 Exploit Author: ghostfh Vendor Homepage: https://www.pfsense.org/ Software Link: https://www.pfsense.org/download/index.html?section=downloads Version: Till 2.4.4-p3 Tested on: freebsd CVE : CVE-2019-16667 Vulnerability...
Socket.io-file 2.0.31 - Arbitrary File Upload
Exploit Title: Socket.io-file 2.0.31 - Arbitrary File Upload Date: 2020-07-02 Exploit Author: Cr0wTom Vendor Homepage: https://www.npmjs.com/package/socket.io-file Software Link: https://www.npmjs.com/package/socket.io-file/v/2.0.31 Version: = v2.0.31 Tested on: node v10.19.0, Socket.io-file...
Virtual Airlines Manager 2.6.2 - Persistent Cross-Site Scripting
Exploit Title: Virtual Airlines Manager 2.6.2 - Persistent Cross-Site Scripting Google Dork: inurl:"/vam/indexvamop.php" Date: 2020-06-29 Exploit Author: Peter Blue Vendor Homepage: https://virtualairlinesmanager.net Software Link: https://virtualairlinesmanager.net Version: 2.6.2 Tested on: Linu...
Bio Star 2.8.2 - Local File Inclusion
Exploit Title: Bio Star 2.8.2 - Local File Inclusion Authors: SITE Team Rian Saaty, Bashaer AlHarthy, Safeyah Alhazmi Google Dork: N/A Date of Exploit Release: 2020-07-13 Exploit Author: SITE Team Vendor Homepage: https://www.supremainc.com/en/main.asp Software Link:...
elaniin CMS - Authentication Bypass
Exploit Title: elaniin CMS 1.0 - Authentication Bypass Google Dork: N/A Date: 2020-07-14 Exploit Author: BKpatron Vendor Homepage:https://elaniin.com/ Software Link:https://github.com/elaniin/CMS/archive/master.zip Version: v1.0 Tested on: Win 10 CVE: N/A Vulnerability: Attacker can bypass login...
WordPress Plugin Email Subscribers & Newsletters 4.2.2 - 'hash' SQL Injection (Unauthenticated)
Exploit Title: WordPress Plugin Email Subscribers & Newsletters 4.2.2 - 'hash' SQL Injection Unauthenticated Google Dork: "Stable tag" inurl:wp-content/plugins/email-subscribers/readme.txt Date: 2020-07-20 Exploit Author: KBAZ@SOGETIESEC Vendor Homepage: https://www.icegram.com/email-subscribers/...
Snes9K 0.09z - 'Port Number' Buffer Overflow (SEH)
Exploit Title: Snes9K 0.09z - 'Port Number' Buffer Overflow SEH Date: 2020-07-20 Exploit Author: MasterVlad Vendor Homepage: https://sourceforge.net/projects/snes9k/ Software Link: https://www.exploit-db.com/apps/ef5249b64ce34575c12970b334a08c17-snes9k009z.zip Version: 0.09z Vulnerability Type:...
UBICOD Medivision Digital Signage 1.5.1 - Authorization Bypass
Title: UBICOD Medivision Digital Signage 1.5.1 - Authorization Bypass Date: 2020-07-23 Author: LiquidWorm Product web page: http://www.medivision.co.kr CVE: N/A Vendor: UBICOD Co., Ltd. | MEDIVISION INC. Product web page: http://www.medivision.co.kr Affected version: Firmware 1.5.1 2013.01.3...
TimeClock Software 1.01 0 - (Authenticated) Time-Based SQL Injection
!/usr/bin/python3 Exploit Title: TimeClock Software 1.01 Authenticated Time-Based SQL Injection Date: July 21, 2020 Exploit Author: François Bibeau Co Author: Tyler Butler, http://tbutler.org, https://twitter.com/tbutler0x90 Vendor Homepage: http://timeclock-software.net/ Software Link:...
FTPDummy 4.80 - Local Buffer Overflow (SEH)
Exploit Title: FTPDummy 4.80 - Local Buffer Overflow SEH Date: 2020-07-22 Author: Felipe Winsnes Software Link: http://www.dummysoftware.com/ftpdummy.html Version: 4.80 Tested on: Windows 7 x86 Blog: https://whitecr0wz.github.io/ Proof of Concept: 1.- Run the python script, it will create the fil...
WordPress Theme NexosReal Estate 1.7 - 'search_order' SQL Injection
Exploit Title: WordPress Theme NexosReal Estate 1.7 - 'searchorder' SQL Injection Google Dork: inurl:/wp-content/themes/nexos/ Date: 2020-06-17 Exploit Author: Vlad Vector Vendor: Sanljiljan https://themeforest.net/user/sanljiljan Software Version: 1.7 Software Link:...
Sophos VPN Web Panel 2020 - Denial of Service (Poc)
Exploit Title: Sophos VPN Web Panel 2020 - Denial of Service Poc Date: 2020-06-17 Exploit Author: Berk KIRAS Vendor Homepage: https://www.sophos.com/ Version:2020 Web Panel Tested on: Apache Berk KIRAS PwC - Cyber Security Specialist Sophos VPN Web Portal Denial of Service Vulnerability System...
NetPCLinker 1.0.0.0 - Buffer Overflow (SEH Egghunter)
Exploit Title: NetPCLinker 1.0.0.0 - Buffer Overflow SEH Egghunter Date: 2019-06-28 Exploit Author: Saeed reza Zamanian Vendor Homepage: https://sourceforge.net/projects/netpclinker/ Software Link: https://sourceforge.net/projects/netpclinker/files/ Version: 1.0.0.0 Tested on: Windows Vista SP1...
Docsify.js 4.11.4 - Reflective Cross-Site Scripting
Exploit Title: Docsify.js 4.11.4 - Reflective Cross-Site Scripting Date: 2020-06-22 Exploit Author: Amin Sharifi Vendor Homepage: https://docsify.js.org Software Link: https://github.com/docsifyjs/docsify Version: 4.11.4 Tested on: Windows 10 CVE : CVE-2020-7680 docsify.js uses fragment identifie...
Simple Startup Manager 1.17 - 'File' Local Buffer Overflow (PoC)
Exploit Title: Simple Startup Manager 1.17 - 'File' Local Buffer Overflow PoC Exploit Author: PovlTekstTV Date: 2020-07-15 Vulnerable Software: Simple Startup Manager Software Link Download: http://www.ashkon.com/download/startup-manager.exe Version: 1.17 Vulnerability Type: Local Buffer Overflow...
Sonar Qube 8.3.1 - 'SonarQube Service' Unquoted Service Path
Title: Sonar Qube 8.3.1 - 'SonarQube Service' Unquoted Service Path Author: Velayutham Selvaraj Date: 2020-06-03 Vendor Homepage: https://www.sonarqube.org Software Link: https://www.sonarqube.org/downloads/ Version : 8.3.1 Tested on: Windows 10 64bitEN About Unquoted Service Path :...
CMSUno 1.6 - Cross-Site Request Forgery (Change Admin Password)
Exploit Title: CMSUno 1.6 - Cross-Site Request Forgery Change Admin Password Date: 2020-05-31 Exploit Author: Noth Vendor Homepage: https://github.com/boiteasite/cmsuno Software Link: https://github.com/boiteasite/cmsuno Version: v1.6 CVE : 2020-15600 An issue was discovered in CMSUno before 1.6....
RiteCMS 2.2.1 - Remote Code Execution
Exploit Title: RiteCMS 2.2.1 - Remote Code Execution Date: 2020-07-03 Exploit Author: Enes Özeser Vendor Homepage: http://ritecms.com/ Version: 2.2.1 Tested on: Linux 1- Go to following url. http://CHANGE-THIS/ritecms/cms/ 2- Default username and password is admin:admin. 3- Go "Filemanager" and...
Wing FTP Server 6.3.8 - Remote Code Execution (Authenticated)
Exploit Title: Wing FTP Server 6.3.8 - Remote Code Execution Authenticated Date: 2020-06-26 Exploit Author: v1n1v131r4 Vendor Homepage: https://www.wftpserver.com/ Software Link: https://www.wftpserver.com/download.htm Version: 6.3.8 Tested on: Windows 10 CVE : -- Wing FTP Server have a web conso...
Joomla! J2 JOBS 1.3.0 - 'sortby' Authenticated SQL Injection
Exploit Title: Joomla! J2 JOBS 1.3.0 - 'sortby' Authenticated SQL Injection Date: 2020-06-17 Exploit Author: Mehmet Kelepçe / Gais Cyber Security Vendor Homepage: https://joomsky.com/ Software Link: https://joomsky.com/products/js-jobs-pro.html Change Log Update :...
Infor Storefront B2B 1.0 - 'usr_name' SQL Injection
Exploit Title: Infor Storefront B2B 1.0 - 'usrname' SQL Injection Google Dork: inurl:storefrontb2bweb Date: 2020-06-27 Exploit Author: ratboy Vendor Homepage: https://www.insitesoft.com/infor-storefront/ Version: Infor Storefront Tested on: Windows All Versions POC Multiple Vulns python sqlmap.py...
SuperMicro IPMI WebInterface 03.40 - Cross-Site Request Forgery (Add Admin)
Exploit Title: SuperMicro IPMI WebInterface 03.40 - Cross-Site Request Forgery Add Admin Exploit Author: Metin Yunus Kandemir Date: 2020-07-15 Vendor Homepage: https://www.supermicro.com/ Version: X10DRH-iT motherboards with BIOS 2.0a and IPMI firmware 03.40 CVE: CVE-2020-15046 Source:...
Web Based Online Hotel Booking System 0.1.0 - Authentication Bypass
Exploit Title: Web Based Online Hotel Booking System 0.1.0 - Authentication Bypass Date: 2020-07-03 Exploit Author: KeopssGroup0day,Inc Vendor Homepage: https://github.com/mrzulkarnine/Web-based-hotel-booking-system Software Link: https://github.com/mrzulkarnine/Web-based-hotel- booking-system...