41207 matches found
AjaXplorer 1.0 - Multiple Vulnerabilities
AjaXplorer 1.0 - Multiple Vulnerabilities Trustwave SpiderLabs Security Advisory TWSL2013-027: Multiple Vulnerabilities in AjaXplorer Published: 09/05/13 Version: 1.0 Vendor: AjaXplorer http://ajaxplorer.info Product: AjaXplorer Version affected: 5.0.2 and prior Product description: AjaXplorer is...
OpenConf 4.11 - authoredit.php Blind SQL Injection
OpenConf 4.11 - authoredit.php Blind SQL Injection ?php / --------------------------------------------------------------------- OpenConf = 4.11 author/edit.php Remote Blind SQL Injection Exploit --------------------------------------------------------------------- author...............: Egidio...
Google Chrome 14.0.835.163 - .pdf File Handling Memory Corruption
Google Chrome 14.0.835.163 - .pdf File Handling Memory Corruption ----------------Security Adisory---------------- Title: Google Chrome = 14.0.835.163 Discovered by: Mario Gomes ----------------Summary---------------- Google Chrome is a web browser developed by Google that uses the WebKit layout...
OpenLDAP 2.3.39 - MODRDN Remote Denial of Service
OpenLDAP 2.3.39 - MODRDN Remote Denial of Service Attackers use readily available LDAP commands to exploit this issue. source: https://www.securityfocus.com/bid/27778/info OpenLDAP is prone to a remote denial-of-service vulnerability. Attackers can exploit this issue to deny service to legitimate...
vsp stats processor 0.45 - gamestat.php?gameID SQL Injection
vsp stats processor 0.45 - gamestat.php?gameID SQL Injection Product : vsp stats processor Version : all Dork : "powered by vsp stats processor" Site: http://www.scivox.net/vsp/ Found by: Dimi4 Date : 31.03.09 Greetz: antichat SQL-injection + URL:...
phpBB Static Topics 1.0 - phpbb_root_path File Inclusion
phpBB Static Topics 1.0 - phpbbrootpath File Inclusion --------------------------------------------------------------------------- phpBB Static Topics = 1.0 phpbbrootpath Remote File Include Vulnerability --------------------------------------------------------------------------- Discovered By...
BinGo News 3.01 - bnrep Remote File Inclusion
BinGo News 3.01 - bnrep Remote File Inclusion ============================================================================================== BinGo News = v3.01 bnrep Remote File Inclusion Exploit ===============================================================================================...
Cisco Data Center Network Manager 11.2 - Remote Code Execution
Cisco Data Center Network Manager 11.2 - Remote Code Execution !/usr/bin/python """ Cisco Data Center Network Manager SanWS importTS Command Injection Remote Code Execution Vulnerability Tested on: Cisco DCNM 11.2.1 Installer for Windows 64-bit - Release: 11.21 - Release Date: 18-Jun-2019 -...
phpMyAdmin 4.9.0.1 - Cross-Site Request Forgery
phpMyAdmin 4.9.0.1 - Cross-Site Request Forgery ============================================= MGC ALERT 2019-003 - Original release date: June 13, 2019 - Last revised: September 13, 2019 - Discovered by: Manuel Garcia Cardenas - Severity: 4,3/10 CVSS Base Score - CVE-ID: CVE-2019-12922...
Microsoft Windows MSHTML Engine - Edit Remote Code Execution
Microsoft Windows MSHTML Engine - Edit Remote Code Execution Exploit Title: Microsoft Windows CVE-2019-0541 MSHTML Engine "Edit" Remote Code Execution Vulnerability Google Dork: N/A Date: March, 13 2019 Exploit Author: Eduardo Braun Prado Vendor Homepage: http://www.microsoft.com/ Software Link:...
Fiberhome AN5506-04-F RP2669 - Persistent Cross-Site Scripting
Fiberhome AN5506-04-F RP2669 - Persistent Cross-Site Scripting Exploit Title: Fiberhome AN5506-04-F - Stored Cross Site Scripting Date: 04.03.2019 Exploit Author: Tauco Vendor Homepage: http://www.fiberhomegroup.com/en/ Version: RP2669 Tested on: Windows 10 CVE : CVE-2019-9556 Description:...
Linux Kernel 4.4.0 4.8.0 (Ubuntu 14.0416.04 Linux Mint 1718 Zorin) - Local Privilege Escalation (KASLR SMEP)
Linux Kernel 4.4.0 4.8.0 Ubuntu 14.0416.04 Linux Mint 1718 Zorin - Local Privilege Escalation KASLR SMEP // A proof-of-concept local root exploit for CVE-2017-1000112. // Includes KASLR and SMEP bypasses. No SMAP bypass. // Tested on: // - Ubuntu trusty 4.4.0 kernels // - Ubuntu xenial 4.4.0 and...
Phoenix Contact WebVisit 2985725 - Authentication Bypass
Phoenix Contact WebVisit 2985725 - Authentication Bypass Exploit Title: Phoenix Contact WebVisit 2985725 - Authentication Bypass Date: 2018-09-30 Exploit Author: Deneut Tijl Vendor Homepage: www.phoenixcontact.com Software Link:...
MachForm 4.2.3 - SQL Injection Path Traversal Upload Bypass
MachForm 4.2.3 - SQL Injection Path Traversal Upload Bypass Vendor: Appnitro Product webpage: https://www.machform.com/ Full-Disclose: https://metalamin.github.io/MachForm-not-0-day-EN/ Fix: https://www.machform.com/blog-machform-423-security-release/ Author: Amine Taouirsa Twitter: @metalamin...
D-Link DSL-3782 - Authentication Bypass
D-Link DSL-3782 - Authentication Bypass Exploit Title: D-Link DSL 3782 - Authentication Bypass Vendor Homepage: https://eu.dlink.com Version: A1WI20170303 || SWVer="V100R001B012" FWVer="3.10.0.24" FirmVer="TT77616E6771696F6E67" Category: Webapps Exploit Author: Giulio Comi CVE : CVE-2018-8898 Dat...
Linux kernel 4.10.15 - Race Condition Privilege Escalation
Linux kernel 4.10.15 - Race Condition Privilege Escalation / PoC for CVE-2017-10661, triggers UAF with KASan enabled in kernel 4.10 / include include include include include include include include include include include include include include include include include define RACETIME 1000000 int...
Professional Service Booking Script - SQL Injection
Professional Service Booking Script - SQL Injection Vulnerability: Admin Login Bypass & SQLi Date: 13.01.2017 Vendor Homepage: http://scriptfirm.com/ Script Name: Professional Service Booking Script Script Buy Now: http://scriptfirm.com/professional-service-booking-engine Author: İhsan Şencan...
HelpDeskZ 1.0.2 - Arbitrary File Upload
HelpDeskZ 1.0.2 - Arbitrary File Upload ''' Updated Exploit Provided by Drew Griess Exploit Title HelpDeskZ = v1.0.2 - Unauthenticated Shell Upload Google Dork intextHelp Desk Software by HelpDeskZ Date 2016-08-26 Exploit Author Lars Morgenroth - @krankoPwnz Vendor Homepage httpwww.helpdeskz.com...
Android Zygote - Socket and Fork Bomb (Denial of Service)
Android Zygote - Socket and Fork Bomb Denial of Service BootReceiver.java / Android Application that performs the fork bomb attack http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3918 Further informations can be found at http://www.ai-lab.it/bugAndroid/bugAndroid.html @author Luca...
PHP 5.3.3 - NumberFormatter::getSymbol Integer Overflow
PHP 5.3.3 - NumberFormatter::getSymbol Integer Overflow From: Maksymilian Arciemowicz Date: Fri, 10 Dec 2010 14:43:32 +0100 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 PHP 5.3.3 NumberFormatter::getSymbol Integer Overflow Author: Maksymilian Arciemowicz http://securityreason.com/ http://cxib.ne...
PHP 5.3.35.2.14 - ZipArchive::getArchiveComment Null Pointer Dereference
PHP 5.3.35.2.14 - ZipArchive::getArchiveComment Null Pointer Dereference PHP 5.3.3/5.2.14 ZipArchive::getArchiveComment NULL Pointer Deference Author: Maksymilian Arciemowicz http://securityreason.com/ http://cxib.net/ Date: - Dis.: 14.09.2010 - Pub.: 05.11.2010 CVE: CVE-2010-3709 CWE: CWE-476...
Adobe Reader 9.3.2 - CoolType.dll Remote Memory Corruption Denial of Service
Adobe Reader 9.3.2 - CoolType.dll Remote Memory Corruption Denial of Service / Title: Adobe Reader 9.3.2 CoolType.dll Remote Memory Corruption / DoS Vulnerability Summary: Adobe Reader software is the global standard for electronic document sharing. It is the only PDF file viewer that can open an...
WordPress Plugin WP-Forum 2.3 - SQL Injection Blind SQL Injection
WordPress Plugin WP-Forum 2.3 - SQL Injection Blind SQL Injection ============================================= INTERNET SECURITY AUDITORS ALERT 2009-010 - Original release date: September 28th, 2009 - Last revised: December 15th, 2009 - Discovered by: Juan Galiana Lara - CVE ID: CVE-2009-3703 -...
Linux Kernel 2.x (Android) - sock_sendpage() Local Privilege Escalation
Linux Kernel 2.x Android - socksendpage Local Privilege Escalation Source for exploiting CVE-2009-2692 on Android; Hole is closed in Android kernels released August 2009 or later. http://zenthought.org/content/file/android-root-2009-08-16-source Exploit-DB Mirror:...
WordPress Core MU Plugins - admin.php Privileges Unchecked Multiple Information Disclosures
WordPress Core MU Plugins - admin.php Privileges Unchecked Multiple Information Disclosures -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Core Security Technologies - CoreLabs Advisory http://www.coresecurity.com/corelabs/ WordPress Privileges Unchecked in admin.php and Multiple Information...
phpMyAdmin - scriptssetup.php PHP Code Injection
phpMyAdmin - scriptssetup.php PHP Code Injection !/bin/bash CVE-2009-1151: phpMyAdmin '/scripts/setup.php' PHP Code Injection RCE PoC v0.11 by pagvac gnucitizen.org, 4th June 2009. special thanks to Greg Ose labs.neohapsis.com for discovering such a cool vuln, and to str0ke milw0rm.com for testin...
CuteNews 1.4.5 - Admin Password md5 Hash Fetching
CuteNews 1.4.5 - Admin Password md5 Hash Fetching ?php errorreportingEALL; /////////////////////////////////////////////////////////////////////// /////////////////////////////////////////////////////////////////////// // Cutenews = 1.4.5 admin password md5 hash fetching exploit // Version 1.0 //...
VAMP Webmail 2.0beta1 - yesno.phtml Remote File Inclusion
VAMP Webmail 2.0beta1 - yesno.phtml Remote File Inclusion ToXiC VAMP Webmail Remote File Inclusion by ToXiC CreW BuG FounD by Drago84 Application Affect:VAMP Webmail Page: yesno.phtml Dir : /setup/ Problem: ExPloit :...
CaLogic Calendars 1.2.2 - CLPath Remote File Inclusion
CaLogic Calendars 1.2.2 - CLPath Remote File Inclusion DEVIL TEAM THE BEST POLISH TEAM CaLogic Calendars V1.2.2 - Remote File Include Find by Kacper Rahim. Greetings For ALL DEVIL TEAM members, Special DragonHeart : Contact: [email protected] or http://www.devilteam.yum.pl dork: CaLogic Calenda...
JPortal Web Portal 2.2.12.3.1 - comment.php SQL Injection
JPortal Web Portal 2.2.12.3.1 - comment.php SQL Injection source: https://www.securityfocus.com/bid/15324/info JPortal is prone to multiple SQL injection vulnerabilities. These are due to a lack of proper sanitization of user-supplied input before being used in an SQL query. Successful exploitati...
TikiWiki 1.8.1 - Multiple Vulnerabilities
TikiWiki 1.8.1 - Multiple Vulnerabilities TikiWiki Multiple Vulnerabilities Vendor: TikiWiki Project Product: TikiWiki Version: = 1.8.1 Website: http://www.tikiwiki.org/ BID: 10100 CVE: CVE-2004-1923 CVE-2004-1924 CVE-2004-1925 CVE-2004-1926 CVE-2004-1927 CVE-2004-1928 OSVDB: 5181 5182 5183 5184...
Hassan Consulting Shopping Cart 1.23 - Arbitrary Command Execution
Hassan Consulting Shopping Cart 1.23 - Arbitrary Command Execution source: https://www.securityfocus.com/bid/3308/info Hassan Consulting's Shopping Cart is commercial web store software. Shopping Cart does not filter certain types of user-supplied input from web requests. This makes it possible f...
AMSS++ 4.7 - Backdoor Admin Account
AMSS++ 4.7 - Backdoor Admin Account Title: AMSS++ 4.7 - Backdoor Admin Account Author: indoushka Date: 2020-02-23 Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 65.032-bit Vendor : http://amssplus.ubn4.go.th/amssplusdownload/amssplus431install.rar Dork : แนะนำให้ใช้บราวเซอร์...
LayerBB 1.1.4 - Cross-Site Request Forgery
LayerBB 1.1.4 - Cross-Site Request Forgery Exploit Title: LayerBB 1.1.3 - Multiple CSRF Date: 4/7/2019 Author: 0xB9 Twitter: @0xB9Sec Contact: 0xB9atpm.me Software Link: https://forum.layerbb.com/downloads.php?view=file&id=30 Version: 1.1.3 Tested on: Ubuntu 18.04 CVE: CVE-2019-16531 1...
fuelCMS 1.4.1 - Remote Code Execution
fuelCMS 1.4.1 - Remote Code Execution Exploit Title: fuelCMS 1.4.1 - Remote Code Execution Date: 2019-07-19 Exploit Author: 0xd0ff9 Vendor Homepage: https://www.getfuelcms.com/ Software Link: https://github.com/daylightstudio/FUEL-CMS/releases/tag/1.4.1 Version: = 0 and n 1: start =...
CMS Made Simple 2.2.10 - SQL Injection
CMS Made Simple 2.2.10 - SQL Injection !/usr/bin/env python Exploit Title: Unauthenticated SQL Injection on CMS Made Simple = 2.2.9 Date: 30-03-2019 Exploit Author: Daniele Scanu @ Certimeter Group Vendor Homepage: https://www.cmsmadesimple.org/ Software Link:...
MatrixSSL 4.0.2 - Stack Buffer Overflow Verifying x.509 Certificates
MatrixSSL 4.0.2 - Stack Buffer Overflow Verifying x.509 Certificates I happened to notice that a public X.509 certificate testcase for CVE-2014-1569 caused a stack buffer overflow in MatrixSSL. I cleaned up the testcase a bit, to make a better demonstration. You can test it with the certValidate...
Web Viewer 1.0.0.193 (Samsung SRN-1670D) - Unrestricted File Upload
Web Viewer 1.0.0.193 Samsung SRN-1670D - Unrestricted File Upload Exploit Title: Unrestricted file upload vulnerability - Web Viewer 1.0.0.193 on Samsung SRN-1670D Date: 2017-06-19 Exploit Author: Omar MEZRAG - 0xFFFFFF / www.realistic-security.com Vendor Homepage: https://www.hanwhasecurity.com...
ZyXEL PK5001Z Modem - Backdoor Account
ZyXEL PK5001Z Modem - Backdoor Account Exploit Title: ZyXEL PK5001Z Modem - CenturyLink Hardcoded admin and root Telnet Password. Google Dork: n/a Date: 2017-10-31 Exploit Author: Matthew Sheimo Vendor Homepage: https://www.zyxel.com/ Software Link: n/a Version: PK5001Z 2.6.20.19 Tested on: Linux...
Symantec Messaging Gateway 10.6.3-2 - Root Remote Command Execution
Symantec Messaging Gateway 10.6.3-2 - Root Remote Command Execution This is an advisory for CVE-2017-6327 which is an unauthenticated remote code execution flaw in the web interface of Symantec Messaging Gateway prior to and including version 10.6.3-2, which can be used to execute commands as roo...
Linux Kernel 4.4.0-83 4.8.0-58 (Ubuntu 14.0416.04) - Local Privilege Escalation (KASLR SMEP)
Linux Kernel 4.4.0-83 4.8.0-58 Ubuntu 14.0416.04 - Local Privilege Escalation KASLR SMEP // A proof-of-concept local root exploit for CVE-2017-1000112. // Includes KASLR and SMEP bypasses. No SMAP bypass. // Tested on Ubuntu trusty 4.4.0- and Ubuntu xenial 4-8-0- kernels. // // EDB Note: Also...
Haraka 2.8.9 - Remote Command Execution
Haraka 2.8.9 - Remote Command Execution !/usr/bin/python Exploit Title: Harakiri ShortDescription: Haraka comes with a plugin for processing attachments. Versions before 2.8.9 can be vulnerable to command injection Exploit Author: xychix xychix at hotmail.com / mark at outflank.nl Date: 26 Januar...
Linux Kernel 3.10.0 (CentOS RHEL 7.1) - visor treo_attach Nullpointer Dereference
Linux Kernel 3.10.0 CentOS RHEL 7.1 - visor treoattach Nullpointer Dereference OS-S Security Advisory 2016-10 Linux visor treoattach Nullpointer Dereference Date: March 4th, 2016 Authors: Sergej Schumilo, Hendrik Schwartke, Ralf Spenneberg CVE: CVE-2016-2782 CVSS: 4.9 AV:L/AC:L/Au:N/C:N/I:N/A:C...
Moab 7.2.9 - Authentication Bypass
Moab 7.2.9 - Authentication Bypass Moab Authentication Bypass : CVE-2014-5300 Software: Moab Affected Versions: All versions prior to Moab 7.2.9 and Moab 8 CVE Reference: CVE-2014-5300 Author: John Fitzpatrick, MWR Labs http://labs.mwrinfosecurity.com/ Severity: High Risk Vendor: Adaptive Computi...
NTP ntpd monlist Query Reflection - Denial of Service
NTP ntpd monlist Query Reflection - Denial of Service / Exploit Title: CVE-2013-5211 PoC - NTP DDoS amplification Date: 28/04/2014 Code Author: Danilo PC - CVE : CVE-2013-5211 / / I coded this program to help other to understand how an DDoS attack amplified by NTP servers works CVE-2013-5211 I to...
airVisionNVR 1.1.13 - readfile() Disclosure SQL Injection
airVisionNVR 1.1.13 - readfile Disclosure SQL Injection Exploit Title: airVisionNVR readfile disclosure and sql injection Google Dork: Date: Oct 13, 2012 Exploit Author: pennyGrit Vendor Homepage: http://www.ubnt.com/ Software Link:...
WebCalendar 1.2.4 - Remote Code Execution
WebCalendar 1.2.4 - Remote Code Execution ?php / ----------------------------------------------------------------------- WebCalendar = 1.2.4 install/index.php Remote Code Executionn Exploit ----------------------------------------------------------------------- author..........: Egidio Romano aka...
UCenter Home 2.0 - SQL Injection
UCenter Home 2.0 - SQL Injection --==UCenter Home 2.0 -0day Remote SQL Injection Vulnerability==-- / Author : KnocKout / Greatz : DaiMon,BARCOD3,RiskY and iranian hackers / Contact: [email protected] / Cyber-Warrior.org/CWKnocKout --==--==--==--==--==--==--==--==--==--== Script : UCenter Home...
DZCP (deV!L_z Clanportal) 1.34 - id SQL Injection
DZCP deV!Lz Clanportal 1.34 - id SQL Injection ? errorreportingEERROR; function exploitinit if !extensionloaded'phpcurl' && !extensionloaded'curl' if !dl'curl.so' && !dl'phpcurl.dll' die "oo error - cannot load curl extension!"; function exploitheader echo...
RunCMS 1.2 - class.forumposts.php Remote File Inclusion
RunCMS 1.2 - class.forumposts.php Remote File Inclusion ?php ---runcms13axpl.php 17.30 09/02/2006 RunCMS = 1.2 arbitrary remote inclusion exploit " = 1.3a shell upload through FCKEditor coded by rgod site: http://retrogod.altervista.org usage: launch from Apache, fill in requested fields, then go...