41207 matches found
QuickDate 1.3.2 - SQL Injection
QuickDate 1.3.2 - SQL Injection Exploit Title: QuickDate 1.3.2 - SQL Injection Dork: N/A Date: 2020-02-07 Exploit Author: Ihsan Sencan Vendor Homepage: https://quickdatescript.com/ Version: 1.3.2 Tested on: Linux CVE: N/A POC: 1 POST /findmatches HTTP/1.1 Host: localhost User-Agent: Mozilla/5.0...
Cisco UCS Director_ Cisco Integrated Management Controller Supervisor and Cisco UCS Director Express for Big Data - Multiple Vulnerabilities
Cisco UCS Director Cisco Integrated Management Controller Supervisor and Cisco UCS Director Express for Big Data - Multiple Vulnerabilities Multiple critical vulnerabilities in Cisco UCS Director, Cisco Integrated Management Controller Supervisor and Cisco UCS Director Express for Big Data...
Micro Focus Filr 3.4.0.217 - Path Traversal Local Privilege Escalation
Micro Focus Filr 3.4.0.217 - Path Traversal Local Privilege Escalation SecureAuth - SecureAuth Labs Advisory http://www.secureauth.com/ Micro Focus Filr Multiple Vulnerabilities 1. Advisory Information Title: Micro Focus Filr Multiple Vulnerabilities Advisory ID: SAUTH-2019-0001 Advisory URL:...
Sharetronix CMS 3.6.2 - Cross-Site Request Forgery Cross-Site Scripting
Sharetronix CMS 3.6.2 - Cross-Site Request Forgery Cross-Site Scripting Exploit Title: Sharetronix CMS XSRF Vulnerability Version : 3.6.2 Exploit Author: Hesam Bazvand Software Link: http://sharetronix.ir/wp-content/uploads/2014/10/gold.zip Tested on: Windows 10 / Kali Linux Category: WebApps Dor...
Trend Micro Email Encryption Gateway 5.5 (Build 1111.00) - Multiple Vulnerabilities
Trend Micro Email Encryption Gateway 5.5 Build 1111.00 - Multiple Vulnerabilities Core Security - Corelabs Advisory http://corelabs.coresecurity.com/ Trend Micro Email Encryption Gateway Multiple Vulnerabilities 1. Advisory Information Title: Trend Micro Email Encryption Gateway Multiple...
WordPress Multiple Plugins - Arbitrary File Upload
WordPress Multiple Plugins - Arbitrary File Upload import requests import random import string print "---------------------------------------------------------------------" print "Multiple Wordpress Plugin - Remote File Upload Exploit\nDiscovery: Larry W. Cashdollar\nExploit Author: Munir...
Liferay CE 6.2 CE GA6 - Persistent Cross-Site Scripting
Liferay CE 6.2 CE GA6 - Persistent Cross-Site Scripting CVE-2016-3670 Stored Cross Site Scripting in Liferay CE 1. Vulnerability Properties Title: Stored Cross-Site Scripting Liferay CE CVE ID: CVE-2016-3670 CVSSv3 Base Score: 4.6 AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N Vendor: Liferay Inc Products:...
Linux Kernel (x86) - Disable ASLR by Setting the RLIMIT_STACK Resource to Unlimited
Linux Kernel x86 - Disable ASLR by Setting the RLIMITSTACK Resource to Unlimited Source: http://hmarco.org/bugs/CVE-2016-3672-Unlimiting-the-stack-not-longer-disables-ASLR.html CVE-2016-3672 - Unlimiting the stack not longer disables ASLR Authors: Hector Marco & Ismael Ripoll CVE: CVE-2016-3672...
Bitrix bitrix.xscan Module 1.0.3 - Directory Traversal
Bitrix bitrix.xscan Module 1.0.3 - Directory Traversal Advisory ID: HTB23278 Product: bitrix.xscan Bitrix module Vendor: Bitrix Vulnerable Versions: 1.0.3 and probably prior Tested Version: 1.0.3 Advisory Publication: November 18, 2015 without technical details Vendor Notification: November 18,...
15 TOTOLINK Router Models - Multiple Remote Code Execution Vulnerabilities
15 TOTOLINK Router Models - Multiple Remote Code Execution Vulnerabilities Advisory Information Title: 15 TOTOLINK router models vulnerable to multiple RCEs Advisory URL: https://pierrekim.github.io/advisories/2015-totolink-0x00.txt Blog URL:...
ZeroCMS 1.0 - zero_transact_article.php SQL Injection
ZeroCMS 1.0 - zerotransactarticle.php SQL Injection ZeroCMS v1.0 SQL Injection Vulnerability zerotransactarticle.php articleid POST parameter Vendor: Another Awesome Stuff Product web page: http://www.aas9.in/zerocms Affected version: 1.0 Severity: High CWE: 89 -...
CosCMS 1.721 - OS Command Injection
CosCMS 1.721 - OS Command Injection Advisory ID: HTB23145 Product: CosCms Vendor: http://www.coscms.org Vulnerable Versions: 1.721 and probably prior Tested Version: 1.721 Vendor Notification: February 13, 2013 Vendor Patch: February 13, 2013 Public Disclosure: March 6, 2013 Vulnerability Type: O...
VUPlayer 2.49 - .m3u File Universal Buffer Overflow (DEP Bypass) (1)
VUPlayer 2.49 - .m3u File Universal Buffer Overflow DEP Bypass 1 !/usr/bin/env python VUPlayer =2.49 .M3u Universal buffer overflow exploit w/ DEP bypass Author: mrme Download: http://vuplayer.com/ Tested on Wind0ws XP SP3 /noexecute=alwayson Greetz: Corelan Security Team...
Factux - Local File Inclusion
Factux - Local File Inclusion InformatioN Title : Factux LFI Vulnerability Author: altbta l9athotmail.com download : http://www.toocharger.com/telecharger/scripts/factux/3468.htm ExploiT dork: "Factux le facturier libre V 1.1.5" includeonce"include/language/$lang.php"; Vulnerable File :...
Firebird SQL - op_connect_request main listener shutdown
Firebird SQL - opconnectrequest main listener shutdown -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Core Security Technologies - CoreLabs Advisory http://www.coresecurity.com/corelabs/ Firebird SQL opconnectrequest main listener shutdown vulnerability 1. Advisory Information Title: Firebird SQL...
Apple Mac OSX - Java applet Remote Deserialization Remote (2)
Apple Mac OSX - Java applet Remote Deserialization Remote 2 Critical Mac OS X Java Vulnerabilities Introduction Five months ago, CVE-2008-5353 and other vulnerabilities were publicly disclosed, and fixed by Sun. CVE-2008-5353 allows malicious code to escape the Java sandbox and run arbitrary...
BBS E-Market Professional - Full Path Disclosure File Inclusion
BBS E-Market Professional - Full Path Disclosure File Inclusion \ /\ \ / | \ \ | / \ // / | \ | \ \ Y / | \ / / \ /| /\ / / / / / .OR.ID ECHOADV06$2004 --------------------------------------------------------------------------- Multiple vulnerabilities 1n BBS E-Market Professional...
BrudaNews 1.1 - adminindex.php Remote File Inclusion
BrudaNews 1.1 - adminindex.php Remote File Inclusion ============================================================================================== BrudaNews ================================================================================================ Exploit : --------------------------------...
PHPFreeNews 1.x - Multiple Cross-Site Scripting Vulnerabilities
PHPFreeNews 1.x - Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/14439/info PHPFreeNews is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker ma...
HTMLToNuke - Cross-Site Scripting
HTMLToNuke - Cross-Site Scripting source: https://www.securityfocus.com/bid/8174/info A vulnerability has been reported in htmltonuke that may result in web code execution in the browser of visiting users. This code would be executed in the security context of the site hosting the vulnerable...
Codoforum 4.8.3 - input_txt Persistent Cross-Site Scripting
Codoforum 4.8.3 - inputtxt Persistent Cross-Site Scripting Exploit Title: Codoforum 4.8.3 - Persistent Cross-Site Scripting Google Dork: intext:"Powered by Codoforum" Date: 2020-01-07 Exploit Author: Vyshnav Vizz Vendor Homepage: https://codoforum.com/index.php Software Link:...
Wavemaker Studio 6.6 - Server-Side Request Forgery
Wavemaker Studio 6.6 - Server-Side Request Forgery Exploit Title: Wavemaker Studio 6.6 - Server-Side Request Forgery SSRF. Exploit Author: Gionathan "John" Reale Google Dork: N/A Date: 2018-08-01 Vendor Homepage: http://www.wavemaker.com/ Software Link:...
IceWarp Mail Server 11.1.1 - Directory Traversal
IceWarp Mail Server 11.1.1 - Directory Traversal Vendor: IceWarp http://www.icewarp.com Product: IceWarp Mail Server Version affected: 11.1.1 and below Product description: IceWarp WebMail provides web-based access to email, calendars, contacts, files and shared data from any computer with a...
Hanbanggaoke IP Camera - Arbitrary Password Change
Hanbanggaoke IP Camera - Arbitrary Password Change Vulnerability summary The following advisory describes an arbitrary password change vulnerability found in Hanbanggaoke webcams. Beijing Hanbang Technology, “one of the first enterprises entering into digital video surveillance industry, has been...
AXIS Communications - Cross-Site Scripting Content Injection
AXIS Communications - Cross-Site Scripting Content Injection 0RWELLL4BS security advisory olsa-2015-8258 PGP: 79A6CCC0 @orwelllabs Advisory Information ==================== - Title: ImagePath Resource Injection/Open script editor - Vendor: AXIS Communications - Research and Advisory: Orwelllabs -...
Microsoft Windows Media Center - .MCL File Processing Remote Code Execution (MS16-059)
Microsoft Windows Media Center - .MCL File Processing Remote Code Execution MS16-059 Exploit Title: Microsoft Windows Media Center .MCL File Processing Remote Code Execution Vulnerability MS16-059 Date: May 11th, 2016 Exploit Author: Eduardo Braun Prado Vendor Homepage : http://www.microsoft.com...
Flash ActiveX 28.0.0.137 - Code Execution (2)
Flash ActiveX 28.0.0.137 - Code Execution 2 CVE-2018-4878 Pop up a calculator - Requires Flash ActiveX 28.0.0.137 Download: https://github.com/offensive-security/exploitdb-bin-sploits/raw/master/bin-sploits/44745.swf...
Comodo Backup 4.4.0.0 - Null Pointer Dereference Privilege Escalation
Comodo Backup 4.4.0.0 - Null Pointer Dereference Privilege Escalation / Exploit Title - Comodo Backup Null Pointer Dereference Privilege Escalation Date - 23rd January 2015 Discovered by - Parvez Anwar @parvezghh Vendor Homepage - https://www.comodo.com Tested Version - 4.4.0.0 Driver Version -...
Microsoft Internet Explorer 11 - OLE Automation Array Remote Code Execution (1)
Microsoft Internet Explorer 11 - OLE Automation Array Remote Code Execution 1 // alliewin95+ie3-win10+ie11 dve copy by yuange in 2009. cve-2014-6332 exploit https://twitter.com/yuange75 http://hi.baidu.com/yuange1975 // function runmumaa On Error Resume Next set...
Microsoft Windows - OLE Remote Code Execution Sandworm (MS14-060)
Microsoft Windows - OLE Remote Code Execution Sandworm MS14-060 !/usr/bin/python Windows OLE RCE Exploit MS14-060 CVE-2014-4114 Sandworm Author: Mike Czumak Tv3rn1x - @SecuritySift Written: 10/21/2014 Tested Platforms: Windows 7 SP1 w/ exploit script run on Kali Linux You are free to reuse this...
Adobe ColdFusion 9 - Administrative Authentication Bypass
Adobe ColdFusion 9 - Administrative Authentication Bypass -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 +------------------------------------------------------------------------------+ | Packet Storm Advisory 2013-0819-2 | | http://packetstormsecurity.com/ |...
McAfee SuperScan 4.0 - Cross-Site Scripting
McAfee SuperScan 4.0 - Cross-Site Scripting Trustwave SpiderLabs Security Advisory TWSL2013-024: Cross Site Scripting XSS vulnerability in McAfee Superscan 4.0 Published: 08/02/2013 Version: 1.0 Vendor: McAfee http://www.mcafee.com/ Product: SuperScan Version affected: v4.0 Product description:...
Smart Vision Script News - newsdetail.php SQL Injection (2)
Smart Vision Script News - newsdetail.php SQL Injection 2 !usr/bin/perl Exploit Title: Smart Vision Script News newsdetail SQL Injection Exploit Date: 01-04-2010 Author: darkmasking This was written for educational purpose only. Use it at your own risk. Author will be not responsible for any...
PHP Photo Album 0.8b - preview Local File Inclusion
PHP Photo Album 0.8b - preview Local File Inclusion START 0x01 Informations: Script : Php Photo Album 0.8 BETA Download : http://sourceforge.net/project/downloading.php?groupid=151573&usemirror=kent&filename=PHPPA.9BETA.zip&37834145 Vulnerability : Local File Inclusion Author : Osirys Contact :...
FREEsimplePHPGuestbook - Guestbook.php Remote Code Execution
FREEsimplePHPGuestbook - Guestbook.php Remote Code Execution | | | \ \ \ / / / \ / | / | / | | | | | | \ V / / \ | | | | | | | | | Name required: Write - Mahmood In - Web site without http://: Write - http://tryag.cc In - Message: Write - After All This Go...
Solaris 10 sysinfo(2) - Local Kernel Memory Disclosure (2)
Solaris 10 sysinfo2 - Local Kernel Memory Disclosure 2 / $Id: raptorsysinfo.c,v 1.2 2006/08/22 13:47:54 raptor Exp $ raptorsysinfo.c - Solaris sysinfo2 kernel memory leak Copyright c 2006 Marco Ivaldi systeminfo.c for Sun Solaris allows local users to read kernel memory via a 0 variable count...
e107 Website System 0.555 - db.php Information Disclosure
e107 Website System 0.555 - db.php Information Disclosure source: https://www.securityfocus.com/bid/8273/info e107 Website System 'db.php' has been reported prone to an information disclosure vulnerability. A remote attacker may exploit this vulnerability to invoke the dumpsql routine without pri...
Prishtina FTP Client 1.x - Remote Denial of Service
Prishtina FTP Client 1.x - Remote Denial of Service source: https://www.securityfocus.com/bid/7671/info Prishtina FTP client is allegedly prone to a denial of service vulnerability. The condition is reportedly triggered when processing FTP server banners of excessive length. As a result, a...
MSI Packages Symbolic Links Processing - Windows 10 Privilege Escalation
MSI Packages Symbolic Links Processing - Windows 10 Privilege Escalation Exploit Title: MSI Packages Symbolic Links Processing - Windows 10 Privilege Escalation Author: nu11secur1ty Date: 2020-02-14 Vendor: Microsoft Link:...
xglance-bin 11.00 - Privilege Escalation
xglance-bin 11.00 - Privilege Escalation Exploit Title: xglance-bin 11.00 - Privilege Escalation Exploit Author: Robert Jaroszuk and Marco Ortisi RedTimmy Security Date: 2020-02-01 Tested on: RHEL 5.x/6.x/7.x/8.x CVE: CVE-2014-2630 Disclamer: This exploit is for educational purpose only More...
Cacti 1.2.8 - Unauthenticated Remote Code Execution
Cacti 1.2.8 - Unauthenticated Remote Code Execution !/usr/bin/python3 Exploit Title: Cacti v1.2.8 Unauthenticated Remote Code Execution Date: 03/02/2020 Exploit Author: Askar @mohammadaskar2 CVE: CVE-2020-8813 Vendor Homepage: https://cacti.net/ Version: v1.2.8 Tested on: CentOS 7.3 / PHP 7.1.33...
ActiveFax Server 6.92 Build 0316 - POP3 Server Denial of Service
ActiveFax Server 6.92 Build 0316 - POP3 Server Denial of Service Exploit Title: ActiveFax Server 6.92 Build 0316 - 'POP3 Server' Denial of Service Date: 2019-10-12 Vendor Homepage: https://www.actfax.com/ Software Link : https://www.actfax.com/download/actfaxsetupx64ge.exe Exploit Author: Achille...
Dolibarr ERP-CRM 10.0.1 - SQL Injection
Dolibarr ERP-CRM 10.0.1 - SQL Injection Exploit Title: Dolibarr ERP/CRM - Multiple Sql Injection Exploit Author: Metin Yunus Kandemir kandemir Vendor Homepage: https://www.dolibarr.org/ Software Link: https://www.dolibarr.org/downloads Version: 10.0.1 Category: Webapps Tested on: Xampp for Linux...
NEC Univerge Sv9100 WebPro - 6.00 - Predictable Session ID Clear Text Password Storage
NEC Univerge Sv9100 WebPro - 6.00 - Predictable Session ID Clear Text Password Storage ''' + Credits: hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/NEC-UNIVERGE-WEBPRO-v6.00-PREDICTABLE-SESSIONID-CLEARTEXT-PASSWORDS.txt + ISR: ApparitionSec...
Fortify Software Security Center (SSC) 17.x18.1 - XML External Entity Injection
Fortify Software Security Center SSC 17.x18.1 - XML External Entity Injection Details ================ Software: Fortify SSC Software Security Center Version: 17.10, 17.20 & 18.10 Homepage: https://www.microfocus.com Advisory report: https://github.com/alt3kx/CVE-2018-12463 CVE: CVE-2018-12463 at...
Drupal 7.58 - Drupalgeddon3 (Authenticated) Remote Code (Metasploit)
Drupal 7.58 - Drupalgeddon3 Authenticated Remote Code Metasploit This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Drupalgeddon3', 'Description' = %q CVE-2018-7602 / SA-CORE-2018-004 A remote cod...
Joomla! Component Kubik-Rubik Simple Image Gallery Extended (SIGE) 3.2.3 - Cross-Site Scripting
Joomla! Component Kubik-Rubik Simple Image Gallery Extended SIGE 3.2.3 - Cross-Site Scripting Exploit Title: Joomla! Component SIGE version 3. Solution: Update to version 3.3.0 https://downloads.kubik-rubik.de/joomla-extensions/plgsigev3.3.0.zip...
Tenda AC15 Router - Remote Code Execution
Tenda AC15 Router - Remote Code Execution !/usr/bin/env python EDB Note Source: https://www.fidusinfosec.com/remote-code-execution-cve-2018-5767/ import urllib2 import struct import time import socket from optparse import import SimpleHTTPServer import SocketServer import threading import sys...
Asterisk 13.17.2 - chan_skinny Remote Memory Corruption
Asterisk 13.17.2 - chanskinny Remote Memory Corruption Exploit Author: Juan Sacco - http://exploitpack.com Vulnerability found using Exploit Pack v10 - Fuzzer module CVE-2017-17090 - AST-2017-013 Tested on: Asterisk 13.17.2dfsg-2 Description: Asterisk is prone to a remote unauthenticated memory...
HPE iLO 4 2.53 - Add New Administrator User
HPE iLO 4 2.53 - Add New Administrator User !/usr/bin/env python """ Exploit trigger was presented @reconbrx 2018 Vulnerability found and documented by synacktiv: https://www.synacktiv.com/posts/exploit/rce-vulnerability-in-hp-ilo.html Original advisory from HP:...