47884 matches found
APKF Product Key Finder 2.5.8.0 - 'Name' Denial of Service (PoC)
Exploit Title: APKF Product Key Finder 2.5.8.0 - 'Name' Denial of Service PoC Exploit Author: Ismail Tasdelen Exploit Date: 2020-01-16 Vendor Homepage : http://www.nsauditor.com/ Link Software : http://www.nsauditor.com/downloads/apkfsetup.exe Tested on OS: Windows 10 CVE : N/A ''' Proof of Conce...
Trend Micro Maximum Security 2019 - Privilege Escalation
Exploit Title: Trend Micro Maximum Security 2019 - Privilege Escalation Date: 2020-1-16 Exploit Author: hyp3rlinx Vendor Homepage: www.trendmicro.com Version: Platform Microsoft Windows, Premium Security 2019 v15, Maximum Security 2019 v15 Internet Security 2019 v15, Antivirus + Security 2019 v15...
Plantronics Hub 3.13.2 - SpokesUpdateService Privilege Escalation (Metasploit)
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Plantronics Hub SpokesUpdateService Privilege Escalation', 'Description' = %q The Plantronics Hub client application for Windows makes use of an...
WordPress Plugin Time Capsule 1.21.16 - Authentication Bypass
Exploit Title: Wordpress Time Capsule Plugin 1.21.16 - Authentication Bypass Date: 2020-01-16 Exploit Author: B. Canavate Vendor Homepage: https://wptimecapsule.com/ Software Link: https://wptimecapsule.com/ Version: Wordpress Time Capsule Plugin 1.21.16 Tested on: LAMP stack with most recent...
GTalk Password Finder 2.2.1 - 'Key' Denial of Service (PoC)
Exploit Title: GTalk Password Finder 2.2.1 - 'Key' Denial of Service PoC Exploit Author: Ismail Tasdelen Exploit Date: 2020-01-16 Vendor Homepage : http://www.nsauditor.com/ Link Software : http://www.nsauditor.com/downloads/gpwdfindersetup.exe Tested on OS: Windows 10 CVE : N/A ''' Proof of...
WordPress Plugin InfiniteWP Client 1.9.4.5 - Authentication Bypass
Exploit Title: Wordpress Plugin InfiniteWP Client 1.9.4.5 - Authentication Bypass Date: 2020-1-16 Exploit Author: Raphael Karger Vendor Homepage: https://infinitewp.com/ Version: InfiniteWP Client 1.9.4.5 !/usr/bin/python3 import requests import json import argparse import base64 import json impo...
Torrent FLV Converter 1.51 Build 117 - Stack Oveflow (SEH partial overwrite)
Exploit Title: Torrent FLV Converter 1.51 Build 117 - Stack Oveflow SEH partial overwrite Date: 2020-01-16 Exploit Author: antonio Vendor Homepage: http://www.torrentrockyou.com/ Software Link: http://www.torrentrockyou.com/download/trflvconverter.exe Version: 1.51 Build 117 Tested on: Windows 7...
Trend Micro Maximum Security 2019 - Arbitrary Code Execution
Exploit Title: Trend Micro Maximum Security 2019 - Arbitrary Code Execution Date: 2020-1-16 Exploit Author: hyp3rlinx Vendor Homepage: www.trendmicro.com Version: Platform Microsoft Windows, Premium Security 2019 v15, Maximum Security 2019 v15 Internet Security 2019 v15, Antivirus + Security 2019...
Citrix Application Delivery Controller (ADC) and Gateway 13.0 - Path Traversal
Exploit Title: Citrix Application Delivery Controller ADC and Gateway 13.0 - Path Traversal Date: 2019-12-17 CVE: CVE-2019-19781 Vulenrability: Path Traversal Vulnerablity Discovery: Mikhail Klyuchnikov Exploit Author: Dhiraj Mishra Vulnerable Version: 10.5, 11.1, 12.0, 12.1, and 13.0 Vendor...
SunOS 5.10 Generic_147148-26 - Local Privilege Escalation
Exploit: SunOS 5.10 Generic147148-26 - Local Privilege Escalation Date: 2020-01-15 Author: Marco Ivaldi Vendor: www.oracle.com Software Link: https://www.oracle.com/technetwork/server-storage/solaris10/downloads/latest-release/index.html CVE: CVE-2020-2696 / raptordtsessionipa.c - CDE dtsession L...
Rukovoditel Project Management CRM 2.5.2 - 'entities_id' SQL Injection
Exploit Title: Rukovoditel Project Management CRM 2.5.2 - 'entitiesid' SQL Injection Google Dork: N/A Date: 2020-01-15 Blog: https://fatihhcelik.blogspot.com/ Exploit Author: Fatih Çelik Vendor Homepage: https://www.rukovoditel.net/ Software Link: https://sourceforge.net/projects/rukovoditel/...
Tautulli 2.1.9 - Denial of Service (Metasploit)
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Tautulli v2.1.9 - Shutdown Denial of Service', 'Description' = 'Tautulli versions 2.1.9 and prior are vulnerable to denial of service via the...
Rukovoditel Project Management CRM 2.5.2 - 'reports_id' SQL Injection
Exploit Title: Rukovoditel Project Management CRM 2.5.2 - 'reportsid' SQL Injection Google Dork: N/A Date: 2020-01-15 Blog: https://fatihhcelik.blogspot.com/ Exploit Author: Fatih Çelik Vendor Homepage: https://www.rukovoditel.net/ Software Link: https://sourceforge.net/projects/rukovoditel/...
Rukovoditel Project Management CRM 2.5.2 - 'filters' SQL Injection
Exploit Title: Rukovoditel Project Management CRM 2.5.2 - 'filters' SQL Injection Google Dork: N/A Date: 2020-01-15 Blog: https://fatihhcelik.blogspot.com/ Exploit Author: Fatih Çelik Vendor Homepage: https://www.rukovoditel.net/ Software Link: https://sourceforge.net/projects/rukovoditel/ Versio...
Online Book Store 1.0 - Arbitrary File Upload
Exploit Title: Online Book Store 1.0 - Arbitrary File Upload Google Dork: N/A Date: 2020-01-16 Exploit Author: Or4nG.M4n aka S4udiExploit Vendor Homepage: https://projectworlds.in/free-projects/php-projects/online-book-store-project-in-php/ Software Link:...
Jenkins Gitlab Hook Plugin 1.4.2 - Reflected Cross-Site Scripting
Exploit Title: Jenkins Gitlab Hook Plugin 1.4.2 - Reflected Cross-Site Scripting Exploit Author: Ai Ho Vendor Homepage : https://jenkins.io/ Effective version : Gitlab Hook Plugin 1.4.2 and earlier References: https://jenkins.io/security/advisory/2020-01-15/ CVE: CVE-2020-2096 PoC:...
WordPress Plugin Postie 1.9.40 - Persistent Cross-Site Scripting
Exploit Title: WordPress Plugin Postie 1.9.40 - Persistent Cross-Site Scripting Google Dork: inurl:/wp-content/plugins/postie/readme.txt Date: 2020-01-15 Exploit Author: V1n1v131r4 Vendor Homepage: https://postieplugin.com/ Software Link: https://wordpress.org/plugins/postie/developers Version:...
Online Book Store 1.0 - 'bookisbn' SQL Injection
Exploit Title: Online Book Store 1.0 - 'bookisbn' SQL Injection Google Dork: N/A Date: 2020-01-15 Exploit Author: AmirHadi Yazdani Ertebat Gostar Co. Vendor Homepage: https://projectworlds.in/free-projects/php-projects/online-book-store-project-in-php/ Software Link:...
Sagemcom F@ST 3890 (50_10_19-T1) Cable Modem - 'Cable Haunt' Remote Code Execution
// EDB Note: Download https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/47936.zip function buf2hexbuffer // buffer is an ArrayBuffer return Array.prototype.map.callnew Uint8Arraybuffer, x = '00' + x.toString16.slice-2.join''; function insertAtarr, index, toInsert...
Huawei HG255 - Directory Traversal (Metasploit)
This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. class MetasploitModule 'Huawei HG255 Directory Traversal', ‘Description’ = ‘Server Directory...
Barco WePresent - file_transfer.cgi Command Injection (Metasploit)
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "Barco WePresent filetransfer.cgi Command Injection", 'Description' = %q This module exploits an unauthenticated remote command injection...
Microsoft Windows - CryptoAPI (Crypt32.dll) Elliptic Curve Cryptography (ECC) Spoof Code-Signing Certificate
EDB Note Download: https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/47933.zip require 'openssl' raw = File.read "ca.crt" cacert = OpenSSL::X509::Certificate.newraw Parse public key from CA cakey = cacert.publickey if !cakey.instanceof? OpenSSL::PKey::EC then puts "...
Android - ashmem Readonly Bypasses via remap_file_pages() and ASHMEM_UNPIN
This bug report describes two ways in which an attacker can modify the contents of a read-only ashmem fd. I'm not sure at this point what the most interesting user of ashmem is in the current Android release, but there are various users, including Chrome and a bunch of utility classes. In AOSP...
WeChat - Memory Corruption in CAudioJBM::InputAudioFrameToJBM
There is a memory corruption vulnerability in audio processing during a voice call in WeChat. When an RTP packet is processed, there is a call to UnpacketRTP. This function decrements the length of the packet by 12 without checking that the packet has at least 12 bytes in it. This leads to a...
VPN unlimited 6.1 - Unquoted Service Path
Exploit Title: VPN unlimited 6.1 - Unquoted Service Path Date: 2020-1-13 Exploit Author: Amin Rawah Vendor Homepage: https://www.vpnunlimitedapp.com Version: 6.1 Tested on: Windows 10 64bit C:\Users\Aminsc qc VPNUnlimitedService SC QueryServiceConfig SUCCESS SERVICENAME: VPNUnlimitedService TYPE ...
IBM RICOH InfoPrint 6500 Printer - HTML Injection
Exploit Title: IBM RICOH InfoPrint 6500 Printer - HTML Injection Date: 2020-01-02 Exploit Author: Ismail Tasdelen Vendor Homepage: https://www.ibm.com/il-en Hardware Link: http://www-01.ibm.com/common/ssi/cgi-bin/ssialias?infotype=AN&subtype=CA&htmlfid=897/ENUS105-214 Firmware Version: 1.4.40.10...
Redir 3.3 - Denial of Service (PoC)
Exploit Title: Redir 3.3 - Denial of Service PoC Date: 2020-01-14 Exploit Author: hieubl from HPT Cyber Security Vendor Homepage: https://github.com/troglobit/redir Software Link: https://github.com/troglobit/redir Version: 3.3 Tested on: Kali GNU/Linux Rolling 2019.4 CVE : if applicable The sour...
IBM RICOH 6400 Printer - HTML Injection
Exploit Title: IBM RICOH 6400 Printer - HTML Injection Date: 2020-01-02 Exploit Author: Ismail Tasdelen Vendor Homepage: https://www.ibm.com/il-en Hardware Link: https://www-01.ibm.com/common/ssi/cgi-bin/ssialias?infotype=AN&subtype=CA&htmlfid=649/ENUSA02-1405&appname=USN Firmware Version: 1.1.26...
Allok RM RMVB to AVI MPEG DVD Converter 3.6.1217 - Stack Overflow (SEH)
Exploit Title: Allok RM RMVB to AVI MPEG DVD Converter 3.6.1217 - Stack Overflow SEH Date: 2020-01-12 Exploit Author: Antonio de la Piedra Vendor Homepage: https://www.alloksoft.com Software Link: https://www.alloksoft.com/allokrmconverter.exe Version: 3.6.1217 Tested on: Windows 7 SP1 32-bit Cop...
Advanced System Repair Pro 1.9.1.7 - Insecure File Permissions
Exploit Title: Advanced System Repair Pro 1.9.1.7 - Insecure File Permissions Exploit Author: ZwX Exploit Date: 2020-01-12 Vendor Homepage : https://advancedsystemrepair.com/ Software Link: http://advancedsystemrepair.com/ASRProInstaller.exe Tested on OS: Windows 10 Proof of Concept PoC:...
Top Password Software Dialup Password Recovery 1.30 - Denial of Service (PoC)
Exploit Title: Top Password Software Dialup Password Recovery 1.30 - Denial of Service PoC Date: 2020-01-12 Exploit Author: Antonio de la Piedra Vendor Homepage: https://www.top-password.com/ Software Link: https://www.top-password.com/download/DialupPRSetup.exe Version: 1.30 Tested on: Windows 7...
Chevereto 3.13.4 Core - Remote Code Execution
Exploit Title: Chevereto 3.13.4 Core - Remote Code Execution Date: 2020-01-11 Exploit Author: Jinny Ramsmark Vendor Homepage: https://chevereto.com/ Software Link: https://github.com/Chevereto/Chevereto-Free/releases Version: 1.0.0 Free - 1.1.4 Free, = 3.13.4 Core Tested on: Ubuntu 19.10, PHP 7.3...
Top Password Firefox Password Recovery 2.8 - Denial of Service (PoC)
Exploit Title: Top Password Firefox Password Recovery 2.8 - Denial of Service PoC Date: 2020-01-12 Exploit Author: Antonio de la Piedra Vendor Homepage: https://www.top-password.com/ Software Link: https://www.top-password.com/download/FirefoxPRSetup.exe Version: 2.8 Tested on: Windows 7 SP1 32-b...
Digi AnywhereUSB 14 - Reflective Cross-Site Scripting
Exploit Title: Digi AnywhereUSB 14 - Reflective Cross-Site Scripting Date: 2019-11-10 Exploit Author: Raspina Net Pars Group Vendor Homepage: https://www.digi.com/products/networking/usb-connectivity/usb-over-ip/awusb Version: 1.93.21.19 CVE : CVE-2019-18859 PoC GET...
TaskCanvas 1.4.0 - 'Registration' Denial Of Service
Exploit Title: TaskCanvas 1.4.0 - 'Registration' Denial Of Service Exploit Author : Ismail Tasdelen Exploit Date: 2020-01-06 Vendor Homepage : https://www.digitalvolcano.co.uk/ Link Software : https://www.digitalvolcano.co.uk/taskcanvasdownload.html Tested on OS: Windows 10 CVE : N/A ''' Proof of...
Allok Video Converter 4.6.1217 - Stack Overflow (SEH)
Exploit Title: Allok Video Converter 4.6.1217 - Stack Overflow SEH Date: 2020-01-12 Exploit Author: Antonio de la Piedra Vendor Homepage: https://www.alloksoft.com Software Link: https://www.alloksoft.com/allokvconverter.exe Version: 4.6.1217 Tested on: Windows 7 SP1 32-bit Copy paste the content...
Backup Key Recovery 2.2.5 - 'Name' Denial of Service (PoC)
Exploit Title: Backup Key Recovery 2.2.5 - 'Name' Denial of Service PoC Exploit Author : Ismail Tasdelen Exploit Date: 2020-01-06 Vendor Homepage : http://www.nsauditor.com/ Link Software : http://www.nsauditor.com/downloads/backeyrecoverysetup.exe Tested on OS: Windows 10 CVE : N/A ''' Proof of...
Citrix Application Delivery Controller and Gateway 10.5 - Remote Code Execution (Metasploit)
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Citrix ADC Remote Code Execution', 'Description' = %q An issue was discovered in Citrix Application Delivery Controller ADC and Gateway 10.5, 11....
Microsoft Windows 10 build 1809 - Local Privilege Escalation (UAC Bypass)
Exploit Title: Microsoft Windows 10 - Local Privilege Escalation UAC Bypass Author: Nassim Asrir Date: 2019-01-10 Exploit Author: Nassim Asrir CVE: N/A Tested On: Windows 10Pro 1809 Vendor : https://www.microsoft.com Technical Details I discovered a Local Privilege Escalation in Windows 10 UAC...
SpotOutlook 1.2.6 - 'Name' Denial of Service (PoC)
Exploit Title: SpotOutlook 1.2.6 - 'Name' Denial of Service PoC Exploit Author: Ismail Tasdelen Exploit Date: 2020-01-06 Vendor Homepage : http://www.nsauditor.com/ Link Software : http://www.nsauditor.com/downloads/spotoutlooksetup.exe Tested on OS: Windows 10 CVE : N/A ''' Proof of Concept PoC:...
SpotDialup 1.6.7 - 'Name' Denial of Service (PoC)
Exploit Title: SpotDialup 1.6.7 - 'Name' Denial of Service PoC Exploit Author : Ismail Tasdelen Exploit Date: 2020-01-06 Vendor Homepage : http://www.nsauditor.com/ Link Software : http://www.nsauditor.com/downloads/spotdialupsetup.exe Tested on OS: Windows 10 CVE : N/A ''' Proof of Concept PoC:...
Citrix Application Delivery Controller and Citrix Gateway - Remote Code Execution (PoC)
!/bin/bash Remote Code Execution Exploit for Citrix Application Delivery Controller and Citrix Gateway - CVE-2019-19781 Usage : bash CVE-2019-19781.sh IPOFVULNURABLEHOST COMMANDTOEXECUTE e.g : bash CVE-2019-19781.sh XX.XX.XX.XX 'uname -a' Release Date : 11/01/2020 Follow Us :...
Citrix Application Delivery Controller and Citrix Gateway - Remote Code Execution
!/usr/bin/python3 Exploits the Citrix Directory Traversal Bug: CVE-2019-19781 You only need a listener like netcat to catch the shell. Shout out to the team: Rob Simon, Justin Elze, Logan Sampson, Geoff Walton, Christopher Paschen, Kevin Haubris, Scott White Tool Written by: Rob Simon and David...
ASTPP 4.0.1 VoIP Billing - Database Backup Download
Exploit Title: ASTPP 4.0.1 VoIP Billing - Database Backup Download Date: 2019-11-18 Exploit Author: Fabien AUNAY Vendor Homepage: https://www.astppbilling.org/ Software Link: https://github.com/iNextrix/ASTPP/tree/v4.0.1 Version: 4.0.1 vendor default setup script Tested on: Debian 9 - CentOS 7 CV...
PixelStor 5000 K:4.0.1580-20150629 - Remote Code Execution
Exploit Title: PixelStor 5000 - Remote Code Execution Product: PixelStor 5000 Vendor: Rasilient Date: 2020-01-08 Exploit Author: .:UND3R:. Vendor Homepage: http://rasilient.com Version: K:4.0.1580-20150629 KDI Version Tested on: K:4.0.1580-20150629 KDI Version CVE: CVE-2020-6756 URL Author:...
Pandora 7.0NG - Remote Code Execution
Exploit Title: Pandora 7.0NG - Remote Code Execution Date: 2019-11-14 Exploit Author: Askar @mohammadaskar2 CVE: CVE-2019-20224 Vendor Homepage: https://pandorafms.org/ Software link: https://pandorafms.org/features/free-download-monitoring-software/ Version: v7.0NG Tested on: CentOS 7.3 / PHP...
TotalAV 2020 4.14.31 - Privilege Escalation
Exploit Title: TotalAV 2020 4.14.31 - Privilege Escalation Date: 2020-01-09 Exploit Author: Kusol Watchara-Apanukorn Vendor Homepage: https://www.totalav.com/ Version: 4.14.31 Fixed on: 5.3.35 Tested on: Windows 10 x64 CVE : CVE-2019-18194 Vulnerability Description: TotalAV 2020 4.14.31 has...
MSN Password Recovery 1.30 - XML External Entity Injection
Exploit Title: MSN Password Recovery 1.30 - XML External Entity Injection Exploit Author: ZwX Exploit Date: 2020-01-08 Vendor Homepage : https://www.top-password.com/ Software Link: https://www.top-password.com/download/MSNPRSetup.exe Tested on OS: Windows 10 + Exploit : PoC =================== 1...
Oracle Weblogic 10.3.6.0.0 - Remote Command Execution
Exploit Title: Oracle Weblogic 10.3.6.0.0 - Remote Command Execution Date: 2020-01-08 Exploit Author: Waffles & Paveway3 Vendor Homepage: https://www.oracle.com/middleware/technologies/weblogic.html Version: 10.3.6.0.0, 12.1.3.0.0, 12.2.1.3.0 Tested on: Windows CVE : CVE-2019-2729 SerialLogic.py...
ZIP Password Recovery 2.30 - 'ZIP File' Denial of Service (PoC)
Exploit Title: ZIP Password Recovery 2.30 - 'ZIP File' Denial of Service PoC Exploit Author : ZwX Exploit Date: 2020-01-08 Vendor Homepage : https://www.top-password.com/purchase.html Link Software : https://www.top-password.com/download/ZIPPRSetup.exe Tested on OS: Windows 10 Proof of Concept Po...