47904 matches found
Microsoft NET USE win10 - Insufficient Authentication Logic
Title: Microsoft NET USE win10 - Insufficient Authentication Logic Date: 2020-04-04 Author: hyp3rlinx Vendor: www.microsoft.com CVE: N/A + Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source:...
Triologic Media Player 8 - '.m3l' Buffer Overflow (Unicode) (SEH)
Exploit Title: Triologic Media Player 8 - '.m3l' Buffer Overflow Unicode SEH Date: 2020-04-04 Author: Felipe Winsnes Software Link: http://download.cnet.com/Triologic-Media-Player/3000-21394-10691520.html Version: 8 Tested on: Windows 7 x86 Proof of Concept: 1.- Run the python script, it will...
ZOC Terminal v7.25.5 - 'Private key file' Denial of Service (PoC)
Exploit Title: ZOC Terminal v7.25.5 - 'Private key file' Denial of Service PoC Discovery by: chuyreds Discovery Date: 2020-04-05 Vendor Homepage: https://www.emtec.com Software Link : http://www.emtec.com/downloads/zoc/zoc7255x64.exe Tested Version: 7.25.5 Vulnerability Type: Local Tested on OS:...
pfSense 2.4.4-P3 - 'User Manager' Persistent Cross-Site Scripting
Exploit Title: pfSense 2.4.4-P3 - 'User Manager' Persistent Cross-Site Scripting Date: 2020-04-02 Exploit Author: Matthew Aberegg Vendor Homepage: https://www.pfsense.org Version: PfSense 2.4.4-P3 Tested on: FreeBSD 11.2-RELEASE-p10 CVE : CVE-2020-11457 Vulnerability Details Description : A...
SpotAuditor 5.3.4 - 'Name' Denial of Service (PoC)
Exploit Title: SpotAuditor 5.3.4 - 'Name' Denial of Service PoC Exploit Author: 0xMoHassan Date: 2020-04-04 Vendor Homepage: https://www.spotauditor.com/ Software Link: http://www.nsauditor.com/downloads/spotauditorsetup.exe Tested Version: 5.3.4 Vulnerability Type: Denial of Service DoS Local...
Frigate 3.36 - Denial of Service (PoC)
Exploit Title: Frigate 3.36 - Denial of Service PoC Date: 2020-04-05 Exploit Author: inter Vendor Homepage: http://www.Frigate3.com/ Software Link Download: http://www.Frigate3.com/download/Frigate3Stdv36.exe Vulnerable Software: Firgate Version: 3.36 Vulnerability Type: Denial of Service DoS Loc...
Nsauditor 3.2.0.0 - 'Name' Denial of Service (PoC)
Exploit Title: Nsauditor 3.2.0.0 - 'Name' Denial of Service PoC Discovery by: 0xMoHassan Date: 2020-04-04 Vendor Homepage: http://www.nsauditor.com Software Link: http://www.nsauditor.com/downloads/nsauditorsetup.exe Tested Version: 3.2.0.0 Vulnerability Type: Denial of Service DoS Local Tested o...
WhatsApp Desktop 0.3.9308 - Persistent Cross-Site Scripting
Title: WhatsApp Desktop 0.3.9308 - Persistent Cross-Site Scripting Date: 2020-01-21 Exploit Author: Gal Weizman Vendor Homepage: https://www.whatsapp.com Software Link: https://web.whatsapp.com/desktop/windows/release/x64/WhatsAppSetup.exe Software Link:...
Memu Play 7.1.3 - Insecure Folder Permissions
Exploit Title: Memu Play 7.1.3 - Insecure Folder Permissions Discovery by: chuyreds Discovery Date: 2020-03-08 Vendor Homepage: https://www.memuplay.com/ Software Link : https://www.memuplay.com/download-en.php?filename=Memu-Setup&from=officialrelease Tested Version: 7.1.3 Vulnerability Type: Loc...
Bolt CMS 3.7.0 - Authenticated Remote Code Execution
Exploit Title: Bolt CMS 3.7.0 - Authenticated Remote Code Execution Date: 2020-04-05 Exploit Author: r3m0t3nu11 Vendor Homepage: https://bolt.cm/ Software Link: https://bolt.cm/ Version: up to date and 6.x Tested on: Linux CVE : not-yet-0day !/usr/bin/python import requests import sys import...
Vesta Control Panel 0.9.8-26 - Authenticated Remote Code Execution (Metasploit)
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "Vesta Control Panel Authenticated Remote Code Execution", 'Description' = %q This module exploits command injection vulnerability in...
UltraVNC Launcher 1.2.4.0 - 'Password' Denial of Service (PoC)
Exploit Title: UltraVNC Launcher 1.2.4.0 - 'Password' Denial of Service PoC Discovery by: chuyreds Discovery Date: 2020-04-05 Vendor Homepage: https://www.uvnc.com/ Software Link : https://www.uvnc.com/component/jdownloads/send/0-/394-ultravnc-1240-x86-setup.html?Itemid=0 Tested Version: 1.2.4.0...
UltraVNC Launcher 1.2.4.0 - 'RepeaterHost' Denial of Service (PoC)
Exploit Title: UltraVNC Launcher 1.2.4.0 - 'RepeaterHost' Denial of Service PoC Discovery by: chuyreds Discovery Date: 2020-04-05 Vendor Homepage: https://www.uvnc.com/ Software Link : https://www.uvnc.com/component/jdownloads/send/0-/394-ultravnc-1240-x86-setup.html?Itemid=0 Tested Version:...
Product Key Explorer 4.2.2.0 - 'Key' Denial of Service (PoC)
Exploit Title: Product Key Explorer 4.2.2.0 - 'Key' Denial of Service PoC Discovery by: 0xMoHassan Date: 2020-04-04 Vendor Homepage: http://www.nsauditor.com Software Link: http://www.nsauditor.com/downloads/productkeyexplorersetup.exe Tested Version: 4.2.2.0 Vulnerability Type: Denial of Service...
LimeSurvey 4.1.11 - 'File Manager' Path Traversal
Exploit Title: LimeSurvey 4.1.11 - 'File Manager' Path Traversal Date: 2020-04-02 Exploit Author: Matthew Aberegg, Michael Burkey Vendor Homepage: https://www.limesurvey.org Version: LimeSurvey 4.1.11+200316 Tested on: Ubuntu 18.04.4 CVE : CVE-2020-11455 Vulnerability Details Description : A path...
UltraVNC Viewer 1.2.4.0 - 'VNCServer' Denial of Service (PoC)
Exploit Title: UltraVNC Viewer 1.2.4.0 - 'VNCServer' Denial of Service PoC Discovery by: chuyreds Discovery Date: 2020-04-05 Vendor Homepage: https://www.uvnc.com/ Software Link : https://www.uvnc.com/component/jdownloads/send/0-/394-ultravnc-1240-x86-setup.html?Itemid=0 Tested Version: 1.2.4.0...
LimeSurvey 4.1.11 - 'Survey Groups' Persistent Cross-Site Scripting
Exploit Title: LimeSurvey 4.1.11 - 'Survey Groups' Persistent Cross-Site Scripting Date: 2020-04-02 Exploit Author: Matthew Aberegg, Michael Burkey Vendor Homepage: https://www.limesurvey.org Version: LimeSurvey 4.1.11+200316 Tested on: Ubuntu 18.04.4 CVE : CVE-2020-11456 Vulnerability Details...
Pandora FMS 7.0NG - 'net_tools.php' Remote Code Execution
Exploit Title: Pandora FMS 7.0NG - 'nettools.php' Remote Code Execution Build: PC170324 - MR 0 Date: 2020-03-30 Exploit Author: Basim Alabdullah Vendor homepage: http://pandorafms.org/ Version: 7.0 Software link: https://pandorafms.org/features/free-download-monitoring-software/ Tested on: CentOS...
AIDA64 Engineer 6.20.5300 - 'Report File' filename Buffer Overflow (SEH)
Exploit Title: AIDA64 Engineer 6.20.5300 - 'Report File' filename Buffer Overflow SEH Date: 2020-04-02 Exploit Author: Hodorsec Version: v6.20.5300 Software Link: http://download.aida64.com/aida64engineer620.exe Vendor Homepage: https://www.aida64.com/products/aida64-engineer Tested on: Win7 x86...
DiskBoss 7.7.14 - 'Input Directory' Local Buffer Overflow (PoC)
Exploit Title: DiskBoss 7.7.14 - 'Input Directory' Local Buffer Overflow PoC Vendor Homepage: https://www.diskboss.com/ Software Link Download: https://github.com/x00x00x00x00/diskboss7.7.14/raw/master/diskbosssetupv7.7.14.exe Exploit Author: Paras Bhatia Discovery Date: 2020-04-01 Vulnerable...
PHP-Fusion 9.03.50 - 'panels.php' Remote Code Execution
Exploit Title: PHP-Fusion 9.03.50 - 'panels.php' Multiple vulnerability Google Dork: N/A=20 Date: 2020-04-01 Exploit Author: Unkn0wn Vendor Homepage: https://www.php-fusion.co.uk Software Link: https://www.php-fusion.co.uk/phpfusion9downloads.php Version: 9.03.50 Tested on: Ubuntu CVE : N/A...
DiskBoss 7.7.14 - Denial of Service (PoC)
Exploit Title: DiskBoss 7.7.14 - Denial of Service PoC Date: 2020-04-01 Exploit Author: Paras Bhatia Vendor Homepage: https://www.diskboss.com/ Software Link Download: https://github.com/x00x00x00x00/diskboss7.7.14/raw/master/diskbosssetupv7.7.14.exe Vulnerable Software: DiskBoss Version: 7.7.14...
10Strike LANState 9.32 - 'Force Check' Buffer Overflow (SEH)
Exploit Title: 10Strike LANState 9.32 - 'Force Check' Buffer Overflow SEH Date: 2020-04-01 Exploit Author: Hodorsec Version: v9.32 x86 Software Link: https://www.10-strike.com/lanstate/lanstate-setup.exe Vendor Homepage: https://www.freecommander.com Tested on: Win7 x86 SP1 - Build 7601...
Grandstream UCM6200 Series CTI Interface - 'user_password' SQL Injection
Exploit Title: Grandstream UCM6200 Series CTI Interface - 'userpassword' SQL Injection Date: 2020-03-30 Exploit Author: Jacob Baines Vendor Homepage: http://www.grandstream.com/ Software Link: http://www.grandstream.com/support/firmware/ucm62xx-official-firmware Version: 1.0.20.20 and below Teste...
IBM TM1 / Planning Analytics - Unauthenticated Remote Code Execution (Metasploit)
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'openssl' class MetasploitModule "IBM TM1 / Planning Analytics Unauthenticated Remote Code Execution", 'Description' = %q This module exploits a vulnerability in...
Redis - Replication Code Execution (Metasploit)
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Redis Replication Code Execution', 'Description' = %q This module can be used to leverage the extension functionality added since Redis 4.0.0 to...
Grandstream UCM6200 Series WebSocket 1.0.20.20 - 'user_password' SQL Injection
Exploit Title: Grandstream UCM6200 Series WebSocket 1.0.20.20 - 'userpassword' SQL Injection Date: 2020-03-30 Exploit Author: Jacob Baines Vendor Homepage: http://www.grandstream.com/ Software Link: http://www.grandstream.com/support/firmware/ucm62xx-official-firmware Version: 1.0.20.20 and below...
FlashFXP 4.2.0 Build 1730 - Denial of Service (PoC)
Exploit Title: FlashFXP 4.2.0 Build 1730 - Denial of Service PoC Vendor Homepage: https://www.flashfxp.com/ Software Link Download: https://www.filehorse.com/download-flashfxp/22451/download/ Exploit Author: Paras Bhatia Discovery Date: 2020-03-30 Vulnerable Software: FlashFXP Version: 4.2.0 Buil...
DLINK DWL-2600 - Authenticated Remote Command Injection (Metasploit)
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'DLINK DWL-2600 Authenticated Remote Command Injection', 'Description' = %q Some DLINK Access Points are vulnerable to an authenticated OS command...
SharePoint Workflows - XOML Injection (Metasploit)
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'SharePoint Workflows XOML Injection', 'Description' = %q This module exploits a vulnerability within SharePoint and its .NET backend that allows ...
Joomla! com_fabrik 3.9.11 - Directory Traversal
Exploit Title: Joomla! comfabrik 3.9.11 - Directory Traversal Google Dork: inurl:"index.php?option=comfabrik" Date: 2020-03-30 Exploit Author: qw3rTyTy Vendor Homepage: https://fabrikar.com/ Software Link: https://fabrikar.com/downloads Version: 3.9 Tested on: Debian/Nginx/Joomla! 3.9.11...
Odin Secure FTP Expert 7.6.3 - 'Site Info' Denial of Service (PoC)
Exploit Title: Odin Secure FTP Expert 7.6.3 - 'Site Info' Denial of Service PoC Discovery by: Ivan Marmolejo Discovery Date: 2020-03-27 Vendor Homepage: https://odin-secure-ftp-expert.jaleco.com/ Software Link Download : http://tr.oldversion.com/windows/odin-secure-ftp-expert-7-6-3 Version : Odin...
Multiple DrayTek Products - Pre-authentication Remote Root Code Execution
package main / CVE-2020-8515: DrayTek pre-auth remote root RCE Mon Mar 30 2020 - 0xsha.io Affected: DrayTek Vigor2960 1.3.1Beta, Vigor3900 1.4.4Beta, and Vigor300B 1.3.3Beta, 1.4.2.1Beta, and 1.4.4Beta You should upgrade as soon as possible to 1.5.1 firmware or later This issue has been fixed in...
Microsoft Windows 10 (1903/1909) - 'SMBGhost' SMB3.1.1 'SMB2_COMPRESSION_CAPABILITIES' Local Privilege Escalation
CVE-2020-0796 Windows SMBv3 LPE Exploit Authors Daniel García Gutiérrez @danigargu Manuel Blanco Parajón @dialluvioso References https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0796 https://www.synacktiv.com/posts/exploit/im-smbghost-daba-dee-daba-da.html...
10-Strike Network Inventory Explorer 9.03 - 'Read from File' Buffer Overflow (SEH) (ROP)
Exploit Title: 10-Strike Network Inventory Explorer 9.03 - 'Read from File' Buffer Overflow SEHROP Date: 2020-03-30 Exploit Author: Hodorsec Version: 9.03 Software Link: https://www.10-strike.com/networkinventoryexplorer/network-inventory-setup.exe Vendor Homepage: https://www.10-strike.com Teste...
Zen Load Balancer 3.10.1 - Remote Code Execution
Exploit Title: Zen Load Balancer 3.10.1 - Remote Code Execution Google Dork: no Date: 2020-03-28 Exploit Author: Cody Sixteen Vendor Homepage: https://code610.blogspot.com Software Link: https://sourceforge.net/projects/zenloadbalancer/files/Distro/zenloadbalancer-distro3.10.1.iso/download Versio...
Easy RM to MP3 Converter 2.7.3.700 - 'Input' Local Buffer Overflow (SEH)
Exploit Title: Easy RM to MP3 Converter 2.7.3.700 - 'Input' Local Buffer Overflow SEH Date: 2020-03-26 Author: Felipe Winsnes Software Link: https://www.exploit-db.com/apps/707414955696c57b71c7f160c720bed5-EasyRMtoMP3Converter.exe Version: 2.7.3.700 Tested on: Windows 7 x86 Proof of Concept: 1.-...
ECK Hotel 1.0 - Cross-Site Request Forgery (Add Admin)
Exploit Title : ECK Hotel 1.0 - Cross-Site Request Forgery Add Admin Product : ECK Hotel Version : 1.0-beta Date: 2020-03-26 Software Download: https://sourceforge.net/projects/eckhotel/files/eck-hotel-v1.0-beta.zip/download Exploit Author: Mustafa Emre Gül Website: https://emregul.com.tr/ Tested...
Jinfornet Jreport 15.6 - Unauthenticated Directory Traversal
Exploit Title: Jinfornet Jreport 15.6 - Unauthenticated Directory Traversal Date: 2020-03-26 Exploit Author: hongphukt Vendor Homepage: https://www.jinfonet.com/ Software Link: https://www.jinfonet.com/product/download-jreport/ Version: JReport 15.6 Tested on: Linux, Windows Jreport Help function...
Everest 5.50.2100 - 'Open File' Denial of Service (PoC)
Exploit Title: Everest 5.50.2100 - 'Open File' Denial of Service PoC Discovery by: Ivan Marmolejo Discovery Date: 2020-03-24 Software Link : http://www.lavalys.com/ Tested Version: 5.50.2100 Vulnerability Type: Denial of Service DoS Local Tested on OS: Windows 10 Home Single Language Steps to...
rConfig 3.9.4 - 'searchField' Unauthenticated Root Remote Code Execution
Exploit Title: rConfig 3.9.4 - 'searchField' Unauthenticated Root Remote Code Execution Exploit Author: vikingfr Greetz : Orange Cyberdefense - team CSR-SO https://cyberdefense.orange.com Date: 2020-03-12 CVE-2019-19509 + CVE-2019-19585 + CVE-2020-10220 Exploit link :...
TP-Link Archer C50 3 - Denial of Service (PoC)
Exploit Title: TP-Link Archer C50 3 - Denial of Service PoC Date: 2020-01-25 Exploit Author: thewhiteh4t Vendor Homepage: https://www.tp-link.com/ Version: TP-Link Archer C50 v3 Build 171227 Tested on: Arch Linux x64 CVE: CVE-2020-9375 Description:...
Centreo 19.10.8 - 'DisplayServiceStatus' Remote Code Execution
Exploit Title: Centreo 19.10.8 - 'DisplayServiceStatus' Remote Code Execution Date: 2020-03-25 Exploit Author: Engin Demirbilek Vendor Homepage: https://www.centreon.com/ Version: 19.10.8 Tested on: CentOS Advisory link: https://engindemirbilek.github.io/centreon-19.10-rce Corresponding pull...
LeptonCMS 4.5.0 - Persistent Cross-Site Scripting
Exploit Title: LeptonCMS 4.5.0 - Persistent Cross-Site Scripting Google Dork: "lepton cms" Date: 2019-03-24 Exploit Author: SunCSR Sun Cyber Security Research Vendor Homepage: https://lepton-cms.org/english/home.php Software Link: https://lepton-cms.org/posts/new-release-lepton-4.5.0-139.php...
10-Strike Network Inventory Explorer 8.54 - 'Add' Local Buffer Overflow (SEH)
Exploit Title: 10-Strike Network Inventory Explorer 8.54 - 'Add' Local Buffer Overflow SEH Date: 2020-03-24 Author: Felipe Winsnes Vendor Homepage: https://www.10-strike.com/ Software Link: https://www.10-strike.com/networkinventoryexplorer/network-inventory-setup.exe Version: 8.54 Tested on:...
10-Strike Network Inventory Explorer - 'srvInventoryWebServer' Unquoted Service Path
Exploit Title: 10-Strike Network Inventory Explorer - 'srvInventoryWebServer' Unquoted Service Path Date: 2020-03-24 Author: Felipe Winsnes Vendor Homepage: https://www.10-strike.com/ Software Link: https://www.10-strike.com/networkinventoryexplorer/network-inventory-setup.exe Version: 8.54 Teste...
Joomla! Component GMapFP 3.30 - Arbitrary File Upload
Exploit Title: Joomla! Component GMapFP 3.30 - Arbitrary File Upload Google Dork: inurl:''comgmapfp'' Date: 2020-03-25 Exploit Author: ThelastVvV Vendor Homepage:https://gmapfp.org/ Version: Version J3.30pro Tested on: Ubuntu PoC:...
AVAST SecureLine 5.5.522.0 - 'SecureLine' Unquoted Service Path
Exploit Title: AVAST SecureLine 5.5.522.0 - 'SecureLine' Unquoted Service Path Discovery by: Roberto Piña Discovery Date: 2020-03-24 Vendor Homepage:https://www.avast.com/ Software Link :https://www.avast.com/es-mx/download-thank-you.php?product=SLN&locale=es-mx Tested Version: 5.5.522.0...
Veyon 4.3.4 - 'VeyonService' Unquoted Service Path
Exploit Title: Veyon 4.3.4 - 'VeyonService' Unquoted Service Path Discovery by: Víctor García Discovery Date: 2020-03-23 Vendor Homepage: https://veyon.io/ Software Link: https://github.com/veyon/veyon/releases/download/v4.3.4/veyon-4.3.4.0-win64-setup.exe Tested Version: 4.3.4 Vulnerability Type...
WordPress Plugin WPForms 1.5.8.2 - Persistent Cross-Site Scripting
Exploit Title: Wordpress Plugin WPForms 1.5.8.2 - Persistent Cross-Site Scripting Date: 2020-02-18 Vendor Homepage: https://wpforms.com Vendor Changelog: https://wordpress.org/plugins/wpforms-lite/developers Exploit Author: Jinson Varghese Behanan Author Advisory:...