41207 matches found
AVM KEN! 1.3.101.4.30 - Remote Denial of Service
AVM KEN! 1.3.101.4.30 - Remote Denial of Service source: https://www.securityfocus.com/bid/1103/info A remote user on the local network is capable of retrieving any known file from a machine running AVM KEN!. This is accomplished by appending ../ to a URL utilizing port 3128 to escape the regular...
SGI IRIX 6.5.4 Solaris 2.5.1 - ps(1) Buffer Overflow
SGI IRIX 6.5.4 Solaris 2.5.1 - ps1 Buffer Overflow source: https://www.securityfocus.com/bid/220/info The ps command prints information about active processes on a system. Due to insufficient bounds checking on arguments supplied to ps, it is possible to overwrite the internal data space of the p...
AMSS++ v 4.31 - id SQL Injection
AMSS++ v 4.31 - id SQL Injection Title : AMSS++ v 4.31 - 'id' SQL Injection Author : indoushka Tested on: windows 10 Français V.Pro / browser : Mozilla firefox 65.032-bit Vendor: http://amssplus.ubn4.go.th/amssplusdownload/amssplus431install.rar Dork: แนะนำให้ใช้บราวเซอร์ Google Chrome "AMSS++"...
AbsoluteTelnet 11.12 - _license name_ Denial of Service (PoC)
AbsoluteTelnet 11.12 - license name Denial of Service PoC Exploit Title: AbsoluteTelnet 11.12 - "license name" Denial of Service PoC Discovery by: chuyreds Discovery Date: 2020-02-05 Vendor Homepage: https://www.celestialsoftware.net/ Software Link :...
HomeAutomation 3.3.2 - Authentication Bypass
HomeAutomation 3.3.2 - Authentication Bypass Exploit: HomeAutomation 3.3.2 - Authentication Bypass Date: 2019-12-30 Author: LiquidWorm Vendor: Tom Rosenback and Daniel Malmgren Product web page: http://karpero.mine.nu/ha/ Affected version: 3.3.2 Tested on: Apache/2.4.41 centos OpenSSL/1.0.2k-fips...
Microsoft Windows Media Center 2002 - XML External Entity MotW Bypass
Microsoft Windows Media Center 2002 - XML External Entity MotW Bypass Exploit Title: Microsoft Windows Media Center 2002 - XML External Entity MotW Bypass Discovery by: hyp3rlinx Date: 2019-12-03 Vendor Homepage: www.microsoft.com CVE: N/A + Credits: John Page aka hyp3rlinx + Website:...
Nsauditor 3.1.8.0 - Name Denial of Service (PoC)
Nsauditor 3.1.8.0 - Name Denial of Service PoC Exploit Title: Nsauditor 3.1.8.0 - 'Name' Denial of Service PoC Discovery by: SajjadBnd Date: 2019-11-30 Vendor Homepage: http://www.nsauditor.com Software Link: http://www.nsauditor.com/downloads/nsauditorsetup.exe Tested Version: 3.1.8.0...
Zabbix 4.4 - Authentication Bypass
Zabbix 4.4 - Authentication Bypass Exploit Title: Zabbix 4.4 - Authentication Bypass Date: 2019-10-06 Exploit Author: Todor Donev Software Link: https://www.zabbix.com/download Version: Zabbix 4.4 Tested on: Linux Apache/2 PHP/7.2 Zabbix Initializing the browser Referer = User-Agent = Opera/9.61...
Joomla 3.4.6 - configuration.php Remote Code Execution
Joomla 3.4.6 - configuration.php Remote Code Execution Exploit Title: Joomla 3.4.6 - 'configuration.php' Remote Code Execution Google Dork: N/A Date: 2019-10-02 Exploit Author: Alessandro Groppo @Hacktive Security Vendor Homepage: https//www.joomla.it/ Software Link:...
WordPress Plugin WooCommerce Product Feed 2.2.18 - Cross-Site Scripting
WordPress Plugin WooCommerce Product Feed 2.2.18 - Cross-Site Scripting Exploit Title: WordPress Plugin WooCommerce Product Feed = 2.2.18 - Cross-Site Scripting Date: 30 August 2019 Exploit Author: Damian Ebelties https://zerodays.lol/ Vendor Homepage:...
Outlook Password Recovery 2.10 - Denial of Service
Outlook Password Recovery 2.10 - Denial of Service Exploit Title: Outlook Password Recovery v2.10 Denial of Service Exploit Date: 16.08.2019 Vendor Homepage:https://www.top-password.com/ Software Link: https://www.top-password.com/outlook-password-recovery.html Exploit Author: Velayutham Selvaraj...
Tableau - XML External Entity
Tableau - XML External Entity Exploit Title: Tableau XXE Google Dork: N/A Date: Reported to vendor July 2019, fix released August 2019. Exploit Author: Jarad Kopf Vendor Homepage: https://www.tableau.com/ Software Link: Tableau Desktop downloads: https://www.tableau.com/products/desktop/download...
Microsoft Font Subsetting - DLL Heap Corruption in MakeFormat12MergedGlyphList
Microsoft Font Subsetting - DLL Heap Corruption in MakeFormat12MergedGlyphList -----===== Background =====----- The Microsoft Font Subsetting DLL fontsub.dll is a default Windows helper library for subsetting TTF fonts; i.e. converting fonts to their more compact versions based on the specific...
Open-School 3.0 Community Edition 2.3 - Cross-Site Scripting
Open-School 3.0 Community Edition 2.3 - Cross-Site Scripting Exploit Title: title Date: 2019 08 06 Exploit Author: Greg.Priest Vendor Homepage: https://open-school.org/ Software Link: Version: Open-School 3.0/Community Edition 2.3 Tested on: Windows/Linux CVE : CVE-2019-14696 Open-School 3.0, and...
WordPress Plugin JoomSport 3.3 - SQL Injection
WordPress Plugin JoomSport 3.3 - SQL Injection Exploit Title: JoomSport 3.3 – for Sports - SQL injection Google Dork: intext:powered by JoomSport - sport WordPress plugin Date:29/07/2019. Exploit Author: Pablo Santiago Vendor Homepage: https://beardev.com/ Software Link:...
CISCO Small Business 200 300 500 Switches - Multiple Vulnerabilities
CISCO Small Business 200 300 500 Switches - Multiple Vulnerabilities Exploit Title: CISCO Small Business 200, 300, 500 Switches Multiple Vulnerabilities. Shodan query: /config/logoffpage.html Discovered Date: 07/03/2014 Reported Date: 08/04/2019 Exploit Author: Ramikan Website:...
Microsoft DirectWrite AFDKO - Heap-Based Out-of-Bounds ReadWrite in OpenType Font Handling Due to Unbounded iFD
Microsoft DirectWrite AFDKO - Heap-Based Out-of-Bounds ReadWrite in OpenType Font Handling Due to Unbounded iFD -----===== Background =====----- AFDKO Adobe Font Development Kit for OpenType is a set of tools for examining, modifying and building fonts. The core part of this toolset is a font...
SuperDoctor5 - NRPE Remote Code Execution
SuperDoctor5 - NRPE Remote Code Execution SuperMicro implemented a Remote Command Execution plugin in their implementation of NRPE in SuperDocter 5, which is their monitoring utility for SuperMicro chassis'. This is an intended feature but leaves the system open by default to unauthenticated remo...
Sahi pro 8.x - SQL Injection
Sahi pro 8.x - SQL Injection Exploit Title: Sahi pro :/s/dyn/pro/DBReports?sql=SELECT DISTINCT memoryused AS ROWSTATUS, SCRIPTREPORTS.SCRIPTREPORTID,SCRIPTREPORTS.SCRIPTNAME,SUITEREPORTS. FROM SUITEREPORTS,SCRIPTREPORTS...
UliCMS 2019.1 Spitting Lama - Persistent Cross-Site Scripting
UliCMS 2019.1 Spitting Lama - Persistent Cross-Site Scripting Exploit Title: UliCMS 2019.1 "Spitting Lama" - Stored Cross-Site Scripting Google Dork: intext:"by UliCMS" Date: 2019-05-12 Exploit Author: Unk9vvN Vendor Homepage: https://en.ulicms.de Software Link:...
Cyberoam General Authentication Client 2.1.2.7 - Server Address Denial of Service (PoC)
Cyberoam General Authentication Client 2.1.2.7 - Server Address Denial of Service PoC Exploit Title: Cyberoam General Authentication Client 2.1.2.7 - Denial of Service PoC Discovery by: Victor Mondragón Discovery Date: 2019-05-23 Vendor Homepage: https://www.cyberoam.com Software Link:...
UliCMS 2019.2 2019.1 - Multiple Cross-Site Scripting
UliCMS 2019.2 2019.1 - Multiple Cross-Site Scripting Exploit Title: UliCMS - 2019.2 , 2019.1 - Multiple Cross-Site Scripting Google Dork: intext:"by UliCMS" Exploit Author: Kağan EĞLENCE Vendor Homepage: https://en.ulicms.de/ Version: 2019.2 , 2019.1 CVE : CVE-2019-11398 Vulnerability 1 Url :...
ASUS HG100 - Denial of Service
ASUS HG100 - Denial of Service Exploit Title:ASUS HG100 devices denial of serviceDOS via IPv4 packets/SlowHTTPDOS Date: 2019-04-14 Exploit Author: YinT Wang; Vendor Homepage: www.asus.com Version: Hardware version: HG100 、Firmware version: 1.05.12 Tested on: Currnet 1.05.12 CVE : CVE-2018-11492 1...
Microsoft Windows 10 1809 - LUAFV PostLuafvPostReadWrite SECTION_OBJECT_POINTERS Race Condition Privilege Escalation
Microsoft Windows 10 1809 - LUAFV PostLuafvPostReadWrite SECTIONOBJECTPOINTERS Race Condition Privilege Escalation Windows: LUAFV PostLuafvPostReadWrite SECTIONOBJECTPOINTERS Race Condition EoP Platform: Windows 10 1809 not tested earlier Class: Elevation of Privilege Security Boundary per Window...
D-Link DI-524 V2.06RU - Multiple Cross-Site Scripting
D-Link DI-524 V2.06RU - Multiple Cross-Site Scripting Exploit Title: Multiple Stored and Reflected XSS vulnerabilities in D-Link DI-524 Date: April 6, 2019 Exploit Author: Semen Alexandrovich Lyhin https://www.linkedin.com/in/semenlyhin/ Vendor Homepage: https://www.dlink.com Version: D-Link DI-5...
AIDA64 Extreme 5.99.4900 - Logging SEH Buffer Overflow
AIDA64 Extreme 5.99.4900 - Logging SEH Buffer Overflow !/usr/bin/python Exploit Title: AIDA64 Extreme 5.99.4900 - Logging SEH Buffer Overflow Date: 2019-04-02 Vendor Homepage: https://www.aida64.com Software Link: http://download.aida64.com/aida64extreme599.exe Mirror Link :...
FreeSMS 2.1.2 - SQL Injection (Authentication Bypass)
FreeSMS 2.1.2 - SQL Injection Authentication Bypass Exploit Title: FreeSMS 2.1.2 - Authentication Bypass Date: 2019-04-03 Exploit Author: Yilmaz Degirmenci Vendor Homepage: https://freesms.sourceforge.io/ Software Link: https://sourceforge.net/projects/freesms/ Version: v2.1.2 Category: Webapps...
TheCarProject 2 - Multiple SQL Injection
TheCarProject 2 - Multiple SQL Injection =========================================================================================== Exploit Title: TheCarProject v2 - 'manid' SQL Inj. Dork: N/A Date: 17-03-2019 Exploit Author: Mehmet EMIROGLU Vendor Homepage: https://thecarproject.org/ Software...
WordPress Plugin GraceMedia Media Player 1.0 - Local File Inclusion
WordPress Plugin GraceMedia Media Player 1.0 - Local File Inclusion ============================================= MGC ALERT 2019-001 - Original release date: February 06, 2019 - Last revised: March 13, 2019 - Discovered by: Manuel García Cárdenas - Severity: 7/10 CVSS Base Score - CVE-ID:...
Core FTP Server FTP SFTP Server v2 Build 674 - MDTM Directory Traversal
Core FTP Server FTP SFTP Server v2 Build 674 - MDTM Directory Traversal Exploit Title: CoreFTP Server FTP / SFTP Server v2 - Build 674 MDTM Directory Traversal Google Dork: N/A Date: 3/13/2019 Exploit Author: Kevin Randall Vendor Homepage: https://www.coreftp.com Software Link:...
Craft CMS 3.1.12 Pro - Cross-Site Scripting
Craft CMS 3.1.12 Pro - Cross-Site Scripting Exploit Title: Craft CMS 3.1.12 Pro - Cross-Site Scripting Date: 2019-03-04 Exploit Author: Ismail Tasdelen Vendor Homepage: https://craftcms.com/ Software Link : https://github.com/craftcms/cms Software : Craft CMS 3.1.12 Pro Version : 3.1.12 Pro...
Google Chrome M72 - RenderFrameHostImpl::CreateMediaStreamDispatcherHost Use-After-Free
Google Chrome M72 - RenderFrameHostImpl::CreateMediaStreamDispatcherHost Use-After-Free There's a race-condition / object-lifetime issue in the browser process when the browser process shutdown races against the IO thread handling mojo messages from the renderer. It's at least possible to trigger...
Linux 4.14.103 4.19.25 - Out-of-Bounds Read and Write in SNMP NAT Module
Linux 4.14.103 4.19.25 - Out-of-Bounds Read and Write in SNMP NAT Module commit cc2d58634e0f "netfilter: nfnatsnmpbasic: use asn1 decoder library", first in 4.16 changed the nfnatsnmpbasic module which, when enabled, parses and modifies the ASN.1-encoded payloads of SNMP messages so that the...
FaceTime - Texture Processing Memory Corruption
FaceTime - Texture Processing Memory Corruption There is a memory corruption issue that occurs when processing a malformed RTP video stream in FaceTime. It appears to be related to processing textures. thread 7, stop reason = EXCBADACCESS code=EXCI386GPFLT frame 0: 0x00007fff56baaa92...
qdPM 9.1 - search_by_extrafields[] SQL Injection
qdPM 9.1 - searchbyextrafields SQL Injection =========================================================================================== Exploit Title: qdPM 9.1 - 'searchbyextrafields' SQL Injection Date: 14-02-2019 Exploit Author: Mehmet EMIROGLU Vendor Homepage: http://qdpm.net Software Link:...
DomainMOD 4.11.01 - category.php CatagoryName_ StakeHolder Cross-Site Scripting
DomainMOD 4.11.01 - category.php CatagoryName StakeHolder Cross-Site Scripting Exploit Title: DomainMOD 4.11.01 - Cross-Site Scripting Date: 2018-11-22 Exploit Author: Mohammed Abdul Raheem Vendor Homepage: domainmod https://domainmod.org/ Software Link: domainmod...
IP-Tools 2.5 - Log to file Local Buffer Overflow (SEH) (Egghunter)
IP-Tools 2.5 - Log to file Local Buffer Overflow SEH Egghunter !/usr/bin/env python ------------------------------------------------------------------------------------------------------------------------------------ Exploit: IP-Tools 2.5 - Local Buffer OverflowEggHunter Date: 2019-02-06 Author:...
Faleemi Desktop Software 1.8 - Local Buffer Overflow (SEH) (DEP Bypass)
Faleemi Desktop Software 1.8 - Local Buffer Overflow SEH DEP Bypass !/usr/bin/python Exploit Author: bzyo Twitter: @bzyo Exploit Title: Faleemi Desktop Software 1.8 - Local Buffer Overflow SEHDEP Bypass Date: 01-26-19 Vulnerable Software: Faleemi Desktop Software 1.8 Vendor Homepage:...
Ticketly 1.0 - Cross-Site Request Forgery (Add Admin)
Ticketly 1.0 - Cross-Site Request Forgery Add Admin Exploit Title: Ticketly 1.0 - Cross-Site Request Forgery Add Admin Exploit Author: Javier Olmedo Website: https://hackpuntes.com Date: 2018-11-19 Google Dork: N/A Vendor: Abisoft https://abisoftgt.net Software Link:...
SiAdmin 1.1 - id SQL Injection
SiAdmin 1.1 - id SQL Injection Exploit Title: SiAdmin 1.1 - 'id' SQL Injection Dork: N/A Date: 2018-11-04 Exploit Author: Ihsan Sencan Vendor Homepage: http://www.bubul.net/ Software Link: https://kent.dl.sourceforge.net/project/siadmin/SiAdmin%201.1/SiAdmin%201.1.zip Version: 1.1 Category: Webap...
School Attendance Monitoring System 1.0 - SQL Injection
School Attendance Monitoring System 1.0 - SQL Injection Exploit Title: School Attendance Monitoring System 1.0 - SQL Injection Dork: N/A Date: 2018-10-29 Exploit Author: Ihsan Sencan Vendor Homepage: https://www.sourcecodester.com/users/janobe Software Link:...
Kados R10 GreenBee - release_id SQL Injection
Kados R10 GreenBee - releaseid SQL Injection Exploit Title: Kados R10 GreenBee - 'releaseid' SQL Injection Dork: N/A Date: 2018-10-15 Exploit Author: Ihsan Sencan Vendor Homepage: https://www.kados.info/ Software Link: https://sourceforge.net/projects/kados/ Version: R10 GreenBee Category: Webapp...
InduSoft Web Studio 8.1 SP1 - Tag Name Buffer Overflow (SEH)
InduSoft Web Studio 8.1 SP1 - Tag Name Buffer Overflow SEH Exploit Title: InduSoft Web Studio 8.1 SP1 - 'Tag Name' Buffer Overflow SEH Discovery by: Luis Martinez Discovery Date: 2018-09-11 Vendor Homepage: http://www.indusoft.com/ Software Link: http://www.indusoft.com/Products-Downloads Tested...
MedDream PACS Server Premium 6.7.1.1 - email SQL Injection
MedDream PACS Server Premium 6.7.1.1 - email SQL Injection Exploit Title: MedDream PACS Server Premium 6.7.1.1 - 'email' SQL Injection Date: 2018-05-23 Software https://www.softneta.com/products/meddream-pacs-server/downloads.html Version: MedDreamPACS Premium 6.7.1.1 Exploit Author: Carlos Avila...
FUJI XEROX DocuCentre-V 3065 Printer - Remote Command Execution
FUJI XEROX DocuCentre-V 3065 Printer - Remote Command Execution Exploit Title: FUJI XEROX DocuCentre-V 3065 Printer - Remote Command Execution Date: 2018-09-05 Exploit Author: vrsystem Vendor Homepage: https://www.fujixerox.com.cn/ Software Link: https://www.fujixerox.com.cn/ Version:...
Eaton Xpert Meter 13.4.0.10 - SSH Private Key Disclosure
Eaton Xpert Meter 13.4.0.10 - SSH Private Key Disclosure Exploit Title: Eaton Xpert Meter 13.4.0.10 - SSH Private Key Disclosure Date: 2018-07-16 WebPage: https://CTRLu.net/ Vendor Homepage: http://www.eaton.com/ Vendor Advisory:...
ASUSTOR ADM 3.1.0.RFQ3 - Remote Command Execution SQL Injection
ASUSTOR ADM 3.1.0.RFQ3 - Remote Command Execution SQL Injection Product - ASUSTOR ADM - 3.1.0.RFQ3 and all previous builds Vendor - https://www.asustor.com/ Patch Notes - http://download.asustor.com/download/docs/releasenotes/RNADM3.1.3.RHU2.pdf Issue: The Asustor NAS appliance on ADM 3.1.0 and...
Cloudme 1.9 - Buffer Overflow (DEP) (Metasploit)
Cloudme 1.9 - Buffer Overflow DEP Metasploit Exploit Title: Cloudme 1.9 - Buffer Overflow DEP Metasploit Date: 2018-08-13 Exploit Author: Raymond Wellnitz Vendor Homepage: https://www.cloudme.com Version: 1.8.x/1.9.x Tested on: Windows 7 x64 CVE : 2018-6892 This module requires Metasploit:...
Craft CMS SEOmatic plugin 3.1.4 - Server-Side Template Injection
Craft CMS SEOmatic plugin 3.1.4 - Server-Side Template Injection Exploit Title: Craft CMS SEOmatic plugin 3.1.4 - Server-Side Template Injection Date: 2018-07-20 Software Link: https://github.com/nystudio107/craft-seomatic Exploit Author: Sebastian Kriesten 0xB455 Contact:...
VMware NSX SD-WAN Edge 3.1.2 - Command Injection
VMware NSX SD-WAN Edge 3.1.2 - Command Injection !/usr/bin/env python Exploit Title: Unauthenticated Command Injection vulnerability in VMware NSX SD-WAN by VeloCloud Date: 2018-06-29 Exploit Author: paragonsec @ Critical Start Credit: Brian Sullivan from Tevora and Section 8 @ Critical Start...