47904 matches found
Apache Shiro 1.2.4 - Cookie RememberME Deserial RCE (Metasploit)
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Apache Shiro v1.2.4 Cookie RememberME Deserial RCE', 'Description' = %q This vulnerability allows remote attackers to execute arbitrary code on...
VirtualTablet Server 3.0.2 - Denial of Service (PoC)
Title: VirtualTablet Server 3.0.2 - Denial of Service PoC Author: Dolev Farhi Date: 2020-04-29 Vulnerable version: 3.0.2 14 Link: http://www.sunnysidesoft.com/ CVE: N/A from thrift import Thrift from thrift.transport import TSocket from thrift.transport import TTransport from thrift.protocol impo...
Online Scheduling System 1.0 - Persistent Cross-Site Scripting
Exploit Title: Online Scheduling System 1.0 - Persistent Cross-Site Scripting Exploit Author: Bobby Cooke Date: 2020-04-30 Vendor Homepage: https://www.sourcecodester.com/php/14168/online-scheduling-system.html Software Link:...
HardDrive 2.1 for iOS - Arbitrary File Upload
Title: HardDrive 2.1 for iOS - Arbitrary File Upload Author: Vulnerability Laboratory Date: 2020-04-30 Software: https://apps.apple.com/ch/app/harddrive/id383226784 CVE: N/A Document Title: =============== HardDrive v2.1 iOS - Arbitrary File Upload Vulnerability References Source:...
Druva inSync Windows Client 6.5.2 - Local Privilege Escalation
Exploit Title: Druva inSync Windows Client 6.5.2 - Local Privilege Escalation Date: 2020-04-28 Exploit Author: Chris Lyne Vendor Homepage: druva.com Software Link: https://downloads.druva.com/downloads/inSync/Windows/6.5.2/inSync6.5.2r99097.msi Version: 6.5.2 Tested on: Windows 10 CVE :...
Easy Transfer 1.7 for iOS - Directory Traversal
Title: Easy Transfer 1.7 for iOS - Directory Traversal Author: Vulnerability Laboratory Date: 2020-04-27 Software: https://apps.apple.com/us/app/easy-transfer-wifi-transfer/id1484667078 CVE: N/A Document Title: =============== Easy Transfer v1.7 iOS - Multiple Web Vulnerabilities References Sourc...
School ERP Pro 1.0 - Arbitrary File Read
Exploit Title: School ERP Pro 1.0 - Arbitrary File Read Date: 2020-04-28 Author: Besim ALTINOK Vendor Homepage: http://arox.in Software Link: https://sourceforge.net/projects/school-erp-ultimate/ Version: latest version Tested on: Xampp Credit: İsmail BOZKURT CVE: N/A Vulnerable code:...
hits script 1.0 - 'item_name' SQL Injection
Exploit Title: hits script 1.0 - 'itemname' SQL Injection Date: 2020-04-27 Exploit Author: SajjadBnd Vendor Homepage: https://hits.ir Software Link: http://dl.persianscript.ir/script/hitsir-script-persian%28PersianScript.ir%29.zip Software Linkmirror:...
EmEditor 19.8 - Insecure File Permissions
Exploit Title: EmEditor 19.8 - Insecure File Permissions Date: 2020-04-27 Exploit Author: SajjadBnd Vendor Homepage: https://www.emeditor.com/ Software Link: https://support.emeditor.com/en/downloads/suggested Version: 19.8 Tested on: Win10 Professional x64 Description EmEditor is a fast,...
Andrea ST Filters Service 1.0.64.7 - 'Andrea ST Filters Service ' Unquoted Service Path
Exploit Title: Andrea ST Filters Service 1.0.64.7 - 'Andrea ST Filters Service ' Unquoted Service Path Discovery by: Roberto Piña Discovery Date: 2020-04-28 Vendor Homepage: https://andreaelectronics.com/ Software Link : https://andreaelectronics.com/ Tested Version: 1.0.64.7 Vulnerability Type:...
Internet Download Manager 6.37.11.1 - Stack Buffer Overflow (PoC)
Title: Internet Download Manager 6.37.11.1 - Stack Buffer Overflow PoC Author: Vulnerability Laboratory Date: 2020-04-28 Vendor: https://www.internetdownloadmanager.com Software: https://www.internetdownloadmanager.com/download.html CVE: N/A Document Title: =============== Internet Download Manag...
Open-AudIT Professional 3.3.1 - Remote Code Execution
Exploit Title: Open-AudIT Professional 3.3.1 - Remote Code Execution Date: 2020-04-22 Exploit Author: Askar CVE: CVE-2020-8813 Vendor Homepage: https://opmantek.com/ Version: v3.3.1 Tested on: Ubuntu 18.04 / PHP 7.2.24 !/usr/bin/python3 import requests import sys import warnings import random...
Docker-Credential-Wincred.exe - Privilege Escalation (Metasploit)
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Docker-Credential-Wincred.exe Privilege Escalation', 'Description' = %q This exploit leverages a vulnerability in docker desktop community editio...
CloudMe 1.11.2 - Buffer Overflow (PoC)
Exploit Title: CloudMe 1.11.2 - Buffer Overflow PoC Date: 2020-04-27 Exploit Author: Andy Bowden Vendor Homepage: https://www.cloudme.com/en Software Link: https://www.cloudme.com/downloads/CloudMe1112.exe Version: CloudMe 1.11.2 Tested on: Windows 10 x86 Instructions: Start the CloudMe service a...
NVIDIA Update Service Daemon 1.0.21 - 'nvUpdatusService' Unquoted Service Path
Exploit Title: NVIDIA Update Service Daemon 1.0.21 - 'nvUpdatusService' Unquoted Service Path Discovery by: Roberto Piña Discovery Date: 2020-04-27 Vendor Homepage: https://www.nvidia.com/es-la/ Software Link : https://www.nvidia.com/es-la/ Tested Version: 1.0.21 Vulnerability Type: Unquoted...
School ERP Pro 1.0 - 'es_messagesid' SQL Injection
Exploit Title: School ERP Pro 1.0 - 'esmessagesid' SQL Injection Date: 2020-04-28 Author: Besim ALTINOK Vendor Homepage: http://arox.in Software Link: https://sourceforge.net/projects/school-erp-ultimate/ Version: latest version Tested on: Xampp Credit: İsmail BOZKURT SQL Injection Detail...
School ERP Pro 1.0 - Remote Code Execution
Exploit Title: School ERP Pro 1.0 - Remote Code Execution Date: 2020-04-28 Author: Besim ALTINOK Vendor Homepage: http://arox.in Software Link: https://sourceforge.net/projects/school-erp-ultimate/ Version: latest version Tested on: Xampp Credit: İsmail BOZKURT Description...
Online shopping system advanced 1.0 - 'p' SQL Injection
Exploit Title: Online shopping system advanced 1.0 - 'p' SQL Injection Exploit Author : Majid kalantari Date: 2020-04-26 Vendor Homepage : https://github.com/PuneethReddyHC/online-shopping-system-advanced Software link:...
Source Engine CS:GO BuildID: 4937372 - Arbitrary Code Execution
Exploit Title: Source Engine CS:GO BuildID: 4937372 - Arbitrary Code Execution Date: 2020-04-27 Exploit Author: 0xEmma/BugByte/SebastianPC Vendor Homepage: https://www.valvesoftware.com/en/ Version: Source Engine, Tested on CS:GO BuildID: 4937372 TF2 BuildID: 4871679 Garry's Mod BuildID: 4803834...
Netis E1+ 1.2.32533 - Backdoor Account (root)
Exploit Title: Netis E1+ 1.2.32533 - Backdoor Account root Date: 2020-04-25 Author: Besim ALTINOK Vendor Homepage: http://www.netis-systems.com Software Link: http://www.netis-systems.com/Suppory/downloads/dd/1/img/204 Version: V1.2.32533 Tested on: Netis E1+ V1.2.32533 Credit: İsmail BOZKURT...
Maian Support Helpdesk 4.3 - Cross-Site Request Forgery (Add Admin)
Exploit Title: Maian Support Helpdesk 4.3 - Cross-Site Request Forgery Add Admin Date: 2020-04-26 Author: Besim ALTINOK Vendor Homepage: https://www.maiansupport.com Software Link: https://www.maiansupport.com/zip.html Version: v4.3 Tested on: Xampp Credit: İsmail BOZKURT...
Online Course Registration 2.0 - Authentication Bypass
Exploit Title: Online Course Registration 2.0 - Authentication Bypass Google Dork: N/A Date: 2020-04-25 Exploit Author: Daniel Monzón stark0de Vendor Homepage: https://phpgurukul.com Software Link: https://phpgurukul.com/online-course-registration-free-download/ Version: 2.0 Tested on: Kali Linux...
PHP-Fusion 9.03.50 - 'Edit Profile' Arbitrary File Upload
Exploit Title: PHP-Fusion 9.03.50 - 'Edit Profile' Arbitrary File Upload Date: 2020-04-24 Author: Besim ALTINOK Vendor Homepage: https://www.php-fusion.co.uk/home.php Software Link: https://sourceforge.net/projects/php-fusion/files/PHP-Fusion%20Archives/9.x/PHP-Fusion%209.03.50.zip/download...
Netis E1+ V1.2.32533 - Unauthenticated WiFi Password Leak
Exploit Title: Netis E1+ 1.2.32533 - Unauthenticated WiFi Password Leak Date: 2020-04-25 Author: Besim ALTINOK Vendor Homepage: http://www.netis-systems.com Software Link: http://www.netis-systems.com/Suppory/downloads/dd/1/img/204 Version: V1.2.32533 Tested on: Netis E1+ V1.2.32533 Credit: İsmai...
Furukawa Electric ConsciusMAP 2.8.1 - Remote Code Execution
Exploit Title: Furukawa Electric ConsciusMAP 2.8.1 - Remote Code Execution Date: 2020-04-24 Vendor Homepage: https://www.tecnoredsa.com.ar Exploit Authors: LiquidWorm Software Link: https://dl.getpopcorntime.is/PopcornTime-latest.exe Version: 2.8.1 CVE : N/A !/usr/bin/env python3 -- coding: utf-8...
EspoCRM 5.8.5 - Privilege Escalation
Exploit Title: EspoCRM 5.8.5 - Privilege Escalation Author: Besim ALTINOK Vendor Homepage: https://www.espocrm.com Software Link: https://www.espocrm.com/downloads/EspoCRM-5.8.5.zip Version: v5.8.5 Tested on: Xampp Credit: İsmail BOZKURT ------------- Details:...
Edimax EW-7438RPn 1.13 - Remote Code Execution
Exploit Title: Edimax EW-7438RPn 1.13 - Remote Code Execution Date: 2020-04-23 Exploit Author: Besim ALTINOK Vendor Homepage: https://www.edimax.com/edimax/merchandise/merchandisedetail/data/edimax/global/wi-firangeextendersn300/ew-7438rpnmini/ Version:1.13 Tested on: Edimax EW-7438RPn 1.13 Versi...
Popcorn Time 6.2 - 'Update service' Unquoted Service Path
Exploit Title: Popcorn Time 6.2 - 'Update service' Unquoted Service Path Date: 2020-04-24 Vendor Homepage: https://getpopcorntime.is Exploit Authors: Uriel Yochpaz & Jonatan Schor Software Link: https://dl.getpopcorntime.is/PopcornTime-latest.exe Version: 6.2.1.14 and probably prior versions Test...
Complaint Management System 4.2 - Authentication Bypass
Exploit Title: Complaint Management System 4.2 - Authentication Bypass Author: Besim ALTINOK Vendor Homepage: https://phpgurukul.com/ Software Link: https://phpgurukul.com/complaint-management-sytem/ Version: v4.2 Tested on: Xampp Credit: İsmail BOZKURT ------ Details: 1- Vulnerable code is here:...
Complaint Management System 4.2 - Cross-Site Request Forgery (Delete User)
Exploit Title: Complaint Management System 4.2 - Cross-Site Request Forgery Delete User Author: Besim ALTINOK Vendor Homepage: https://phpgurukul.com/ Software Link: https://phpgurukul.com/complaint-management-sytem/ Version: v4.2 Tested on: Xampp Credit: İsmail BOZKURT Detail: You can perform CS...
Library CMS Powerful Book Management System 2.2.0 - Session Fixation
Exploit Title: Library CMS Powerful Book Management System 2.2.0 - Session Fixation Date: 2020-04-22 Exploit Author: Ismail Tasdelen Vendor Homepage: https://kaasoft.pro/ Software : https://codecanyon.net/item/library-cms-powerful-book-management-system/21105281 Product Version: v2.2.0 Product :...
User Management System 2.0 - Authentication Bypass
Exploit Title: User Management System 2.0 - Authentication Bypass Author: Besim ALTINOK Vendor Homepage: https://phpgurukul.com/ Software Link: https://phpgurukul.com/user-registration-login-and-user-management-system-with-admin-panel/ Version: v2.0 Tested on: Xampp Credit: İsmail BOZKURT ------...
User Management System 2.0 - Persistent Cross-Site Scripting
Exploit Title: User Management System 2.0 - Persistent Cross-Site Scripting Author: Besim ALTINOK Vendor Homepage: https://phpgurukul.com/ Software Link: https://phpgurukul.com/user-registration-login-and-user-management-system-with-admin-panel/ Version: v2.0 Tested on: Xampp Credit: İsmail BOZKU...
Zen Load Balancer 3.10.1 - Directory Traversal (Metasploit)
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "Zen Load Balancer Directory Traversal", 'Description' = %q This module exploits a authenticated directory traversal vulnerability in Zen Load...
Sky File 2.1.0 iOS - Directory Traversal
Title: Sky File 2.1.0 iOS - Directory Traversal Author: Vulnerability Laboratory Date: 2020-04-21 Software Link: https://apps.apple.com/us/app/sky-file-wireless-transfer/id1236452210 CVE: N/A Document Title: =============== Sky File v2.1.0 iOS - Multiple Web Vulnerabilities References Source:...
Complaint Management System 4.2 - Persistent Cross-Site Scripting
Exploit Title: Complaint Management System 4.2 - Persistent Cross-Site Scripting Author: Besim ALTINOK Vendor Homepage: https://phpgurukul.com/ Software Link: https://phpgurukul.com/complaint-management-sytem/ Version: v4.2 Tested on: Xampp Credit: İsmail BOZKURT ------ Details: 1- Vulnerable cod...
RM Downloader 3.1.3.2.2010.06.13 - 'Load' Buffer Overflow (SEH)
Exploit Title: RM Downloader 3.1.3.2.2010.06.13 - 'Load' Buffer Overflow SEH Date: 2020-04-20 Author: Felipe Winsnes Software Link: https://www.exploit-db.com/apps/9af366e59468eac0b92212912b5c3bcb-RMDownloader.exe Version: 3.1.3.2.2010.06.13 Tested on: Windows 7 x86 Proof of Concept: 1.- Run the...
Mahara 19.10.2 CMS - Persistent Cross-Site Scripting
Title: Mahara 19.10.2 CMS - Persistent Cross-Site Scripting Author: Vulnerability Laboratory Date: 2020-04-21 Vendor: https://mahara.org Software Link: https://launchpad.net/mahara CVE: N/A Document Title: =============== Mahara v19.10.2 CMS - Persistent Cross Site Vulnerability References Source...
Edimax EW-7438RPn - Information Disclosure (WiFi Password)
Exploit Title: Edimax EW-7438RPn 1.13 - Information Disclosure WiFi Password Date: 2020-04-21 Exploit Author: Besim ALTINOK Vendor Homepage: https://www.edimax.com/edimax/merchandise/merchandisedetail/data/edimax/global/wi-firangeextendersn300/ew-7438rpnmini/ Version:1.13 Tested on: Edimax...
Edimax EW-7438RPn - Cross-Site Request Forgery (MAC Filtering)
Exploit Title: Edimax EW-7438RPn - Cross-Site Request Forgery MAC Filtering Date: 2020-04-21 Exploit Author: Besim ALTINOK Vendor Homepage: https://www.edimax.com/edimax/merchandise/merchandisedetail/data/edimax/global/wi-firangeextendersn300/ew-7438rpnmini/ Version:1.13 Tested on: Edimax...
CSZ CMS 1.2.7 - Persistent Cross-Site Scripting
Exploit Title: CSZ CMS 1.2.7 - Persistent Cross-Site Scripting Exploit Author: Metin Yunus Kandemir Vendor Homepage: https://www.cszcms.com/ Software Link: https://sourceforge.net/projects/cszcms/ Version: v1.2.7 Description: Unauthorized user that has access private message can embed Javascript...
P5 FNIP-8x16A FNIP-4xSH 1.0.20 - Cross-Site Request Forgery (Add Admin)
Exploit Title: P5 FNIP-8x16A FNIP-4xSH 1.0.20 - Cross-Site Request Forgery Add Admin Google Dork:jizhicms Date: 2020-04-18 Exploit Author: iej1ctk1g Product web page: https://www.p5.hu Affected version: 1.0.20, 1.0.11 CVE : N/A !-- P5 FNIP-8x16A/FNIP-4xSH CSRF Stored Cross-Site Scripting Vendor: ...
PMB 5.6 - 'logid' SQL Injection
Exploit Title: PMB 5.6 - 'logid' SQL Injection Google Dork: inurl:opaccss Date: 2020-04-20 Exploit Author: 41-trk Tarik Bakir Vendor Homepage: http://www.sigb.net Software Link: http://forge.sigb.net/redmine/projects/pmb/files Affected versions : = 5.6 -==== Software Description ====- PMB is a...
CSZ CMS 1.2.7 - 'title' HTML Injection
Exploit Title: CSZ CMS 1.2.7 - 'title' HTML Injection Exploit Author: Metin Yunus Kandemir Vendor Homepage: https://www.cszcms.com/ Software Link: https://sourceforge.net/projects/cszcms/ Version: v1.2.7 Description: Authenticated user can inject hyperlink to Backend System Dashboard and Member...
NSClient++ 0.5.2.35 - Authenticated Remote Code Execution
Exploit Title: NSClient++ 0.5.2.35 - Authenticated Remote Code Execution Google Dork: N/A Date: 2020-04-20 Exploit Author: kindredsec Vendor Homepage: https://nsclient.org/ Software Link: https://nsclient.org/download/ Version: 0.5.2.35 Tested on: Microsoft Windows 10 Pro x64 CVE: N/A NSClient++ ...
Neowise CarbonFTP 1.4 - Insecure Proprietary Password Encryption
Title: Neowise CarbonFTP 1.4 - Insecure Proprietary Password Encryption Date: 2020-04-20 Author: hyp3rlinx Vendor: CVE: CVE-2020-6857 import time, string, sys, argparse, os, codecs Fixed: updated for Python 3, the hex decode function was not working in Python 3 version. This should be compatible...
jizhi CMS 1.6.7 - Arbitrary File Download
Exploit Title: jizhi CMS 1.6.7 - Arbitrary File Download Google Dork: jizhicms Date: 2020-04-18 Exploit Author: iej1ctk1g Vendor Homepage: https://www.jizhicms.cn/ Software Link: http://down.jizhicms.cn/jizhicmsBeta1.6.7.zip Version: 1.6.7 Tested on: Mac OS CVE : N/A Data 1. POST...
Oracle Solaris Common Desktop Environment 1.6 - Local Privilege Escalation
Title: Oracle Solaris Common Desktop Environment 1.6 - Local Privilege Escalation Date: 2020-04-21 Author: Marco Ivaldi Vendor: www.oracle.com CVE: CVE-2020-2944 / raptorsdtcmconv.c - CDE sdtcmconvert LPE for Solaris/Intel Copyright c 2019-2020 Marco Ivaldi A buffer overflow in the SanityCheck...
IQrouter 3.3.1 Firmware - Remote Code Execution
Exploit Title: IQrouter 3.3.1 Firmware - Remote Code Execution Date: 2020-04-21 Exploit Author: drakylar Vendor Homepage: https://evenroute.com/ Software Link: https://evenroute.com/iqrouter Version: IQrouter firmware up to 3.3.1 Tested on: IQrouter firmware 3.3.1 CVE : N/A !/usr/bin/env python3...
Atomic Alarm Clock x86 6.3 - 'AtomicAlarmClock' Unquoted Service Path
Exploit Title: Atomic Alarm Clock x86 6.3 - 'AtomicAlarmClock' Unquoted Service Path Exploit Author: boku Date: 2020-04-17 Vendor Homepage: http://www.drive-software.com Software Link: http://www.drive-software.com/download/ataclock.exe Version: 6.3 Tested On: Windows 10 Pro 1909 32-bit...