41207 matches found
google.com
Pentest notes for: google.com Exploit Pack Nmap 7.80 scan initiated Tue Dec 3 09:27:33 2019 as: /usr/bin/nmap -sV -A -oA log/exploitpack.com exploitpack.com Nmap scan report for exploitpack.com 132.148.22.104 Host is up 0.18s latency. rDNS record for 132.148.22.104:...
eMerge50P 5000P 4.6.07 - Remote Code Execution
eMerge50P 5000P 4.6.07 - Remote Code Execution Exploit Title: eMerge50P 5000P 4.6.07 - Remote Code Execution Google Dork: NA Date: 2018-11-11 Exploit Author: LiquidWorm Vendor Homepage: http://linear-solutions.com/nscfamily/e3-series/ Software Link: http://linear-solutions.com/nscfamily/e3-series...
YouPHPTube 7.2 - userCreate.json.php SQL Injection
YouPHPTube 7.2 - userCreate.json.php SQL Injection Exploit Title: YouPHPTube 7.3 SQL Injection Google Dork: / Date: 19.08.2019 Exploit Author: Fabian Mosch, r-tec IT Security GmbH Vendor Homepage: https://www.youphptube.com/ Software Link: https://github.com/YouPHPTube/YouPHPTube Version: 7.3...
Ahsay Backup 7.x - 8.1.1.50 - Authenticated Arbitrary File Upload Remote Code Execution (Metasploit)
Ahsay Backup 7.x - 8.1.1.50 - Authenticated Arbitrary File Upload Remote Code Execution Metasploit Exploit Title: Authenticated insecure file upload and code execution flaw in Ahsay Backup v7.x - v8.1.1.50. Metasploit Date: 26-6-2019 Exploit Author: Wietse Boonstra Vendor Homepage:...
Sahi pro 8.x - Cross-Site Scripting
Sahi pro 8.x - Cross-Site Scripting Exploit Title: Sahi pro alertdocument.cookie”.start; log“testing stored XSS injection”; $tc1.end; Step 2 : Execute the created script poc.sah using sahi GUI controller . Step 3 : navigate to the web logs console http://:/logs using the browser for the executed...
Zoho ManageEngine ServiceDesk Plus 9.3 - PurchaseRequest.do Cross-Site Scripting
Zoho ManageEngine ServiceDesk Plus 9.3 - PurchaseRequest.do Cross-Site Scripting Exploit Title: Zoho ManageEngine ServiceDesk Plus 9.3 Cross-Site Scripting via PurchaseRequest.do Date: 2019-06-04 Exploit Author: Tarantula Team - VinCSS a member of Vingroup Vendor Homepage:...
Gila CMS 1.9.1 - Cross-Site Scripting
Gila CMS 1.9.1 - Cross-Site Scripting Exploit Title: Gila CMS search Cross Site Scripting Google Dork: intext:"Powered By Gila CMS" Date: 11.03.2019 Exploit Author: Ahmet Ümit BAYRAM Vendor Homepage: https://gilacms.com Software Link: https://gilacms.com/packages/downloadRelease/1.9.1.zip Demo...
MaxxAudio Drivers WavesSysSvc64.exe 1.6.2.0 - Local Privilege Escalation
MaxxAudio Drivers WavesSysSvc64.exe 1.6.2.0 - Local Privilege Escalation Exploit Title: MaxxAudio Drivers WavesSysSvc64.exe File Permissions SYSTEM Privilege Escalation Google Dork: Date: 2/18/2019 Exploit Author: Mike Siegel @mlsiegel Vendor Homepage: https://maxx.com Software Link: Version:...
Microsoft Office SharePoint Server 2016 - Denial of Service (Metasploit)
Microsoft Office SharePoint Server 2016 - Denial of Service Metasploit This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'sharepoint-ruby' class MetasploitModule 'DOS Vulnerability in SharePoint 2016 Server',...
Cisco Immunet 6.2.0 Cisco AMP For Endpoints 6.2.0 - Denial of Service
Cisco Immunet 6.2.0 Cisco AMP For Endpoints 6.2.0 - Denial of Service / + Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/CISCO-IMMUNET-AND-CISCO-AMP-FOR-ENDPOINTS-SYSTEM-SCAN-DENIAL-OF-SERVICE.txt + ISR: ApparitionSec...
libiec61850 1.3 - Stack Based Buffer Overflow
libiec61850 1.3 - Stack Based Buffer Overflow Exploit Title: libiec61850 1.3 - Stack Based Buffer Overflow Date: 2018-11-06 Exploit Author: Dhiraj Mishra Vendor Homepage: http://libiec61850.com/libiec61850/ Software Link: https://github.com/mz-automation/libiec61850 Version: 1.3 Tested on: Linux...
Faleemi Desktop Software 1.8.2 - Device alias Local Buffer Overflow (SEH)
Faleemi Desktop Software 1.8.2 - Device alias Local Buffer Overflow SEH Exploit Title: Faleemi Desktop Software 1.8.2 - 'Device alias' Local Buffer Overflow SEH Author: Gionathan "John" Reale Discovey Date: 2018-09-25 Software Link: http://support.faleemi.com/fsc776/Faleemiv1.8.exe Tested Version...
CirCarLife SCADA 4.3.0 - Credential Disclosure
CirCarLife SCADA 4.3.0 - Credential Disclosure Exploit Title: CirCarLife SCADA 4.3.0 - Credential Disclosure Date: 2018-09-10 Exploit Author: David Castro Vendor Homepage: https://circontrol.com/ Shodan Dork: Server: CirCarLife Server: PsiOcppApp Version: CirCarLife Scada all versions under 4.3.0...
Episerver 7 patch 4 - XML External Entity Injection
Episerver 7 patch 4 - XML External Entity Injection Exploit Title: Episerver 7 patch 4 - XML External Entity Injection Google Dork: N/A Date: 2018-08-28 Exploit Author: Jonas Lejon Vendor Homepage: https://www.episerver.se/ Version: Episerver 7 patch 4 and below CVE : N/A episploit.py - Blind XXE...
Microhard Systems 3G4G Cellular Ethernet and Serial Gateway - Cross-Site Request Forgery
Microhard Systems 3G4G Cellular Ethernet and Serial Gateway - Cross-Site Request Forgery Microhard Systems 3G/4G Cellular Ethernet and Serial Gateway CSRF Vulnerabilities Vendor: Microhard Systems Inc. Product web page: http://www.microhardcorp.com Affected version: IPn4G 1.1.0 build 1098 IPn3Gb...
EPIC MyChart - X-Path Injection
EPIC MyChart - X-Path Injection Exploit Title: Epic Systems Corporation MyChart X-Path Injection Google Dork: MyChart® licensed from Epic Systems Corporation Date: 8/19/16 Exploit Author: Shayan Sadigh http://threat.tevora.com/author/shayan/ Vendor Homepage: https://www.epic.com/software Software...
JBoss Remoting 6.14.18 - Denial of Service
JBoss Remoting 6.14.18 - Denial of Service Exploit Title: Exploit Denial of Service JBoss Remoting 4447/9999 Date: 14-02-2018 Exploit Author: Frank Spierings Vendor Homepage: https://www.redhat.com/en/technologies/jboss-middleware/application-platform/get-started Software Link:...
Geovision Inc. IP Camera Video - Remote Command Execution
Geovision Inc. IP Camera Video - Remote Command Execution !/usr/bin/env python2.7 SOF Geovision Inc. IP Camera & Video Server Remote Command Execution PoC Researcher: bashis November 2017 1. Pop stunnel TLSv1 reverse root shell Local listener: 'ncat -vlp --ssl'; Verified w/ v7.60 2. Dump all...
OTRS 5.0.x6.0.x - Remote Command Execution
OTRS 5.0.x6.0.x - Remote Command Execution Exploit Title: OTRS Shell Access Date: 21-01-2018 Exploit Author: Bæln0rn Vendor Homepage: https://www.otrs.com/ Software Link: http://ftp.otrs.org/pub/otrs/ Version: 4.0.1 - 4.0.26, 5.0.0 - 5.0.24, 6.0.0 - 6.0.1 Tested on: OTRS 5.0.2/CentOS 7.2.1511 CVE...
UCOPIA Wireless Appliance 5.1.8 - Local Privilege Escalation
UCOPIA Wireless Appliance 5.1.8 - Local Privilege Escalation CVE-2017-11322 UCOPIA Wireless Appliance 5.1.8 Privileges Escalation Asset description UCOPIA solutions bring together a combination of software, appliance and cloud services serving small to large customers. More than 12,000 UCOPIA...
Fatek Automation PLC WinProladder 3.11 Build 14701 - Stack Buffer Overflow (Metasploit)
Fatek Automation PLC WinProladder 3.11 Build 14701 - Stack Buffer Overflow Metasploit require 'msf/core' class MetasploitModule 'Fatek Automation PLC WinProladder Stack-based Buffer Overflow', 'Description' = %q This module exploits a stack based buffer overflow found in Fatek Automation PLC...
Microsoft Windows Kernel - ATMFD.DLL Out-of-Bounds Read due to Malformed Name INDEX in the CFF Table
Microsoft Windows Kernel - ATMFD.DLL Out-of-Bounds Read due to Malformed Name INDEX in the CFF Table Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1213 We have encountered a Windows kernel crash in the ATMFD.DLL OpenType driver while processing a corrupted OTF font file, see...
LG MRA58K - Out-of-Bounds Heap Read in CAVIFileParser::Destroy Resulting in Invalid Free
LG MRA58K - Out-of-Bounds Heap Read in CAVIFileParser::Destroy Resulting in Invalid Free Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1221 Similar to the previously reported issue 1206 , when parsing AVI files the CAVIFileParser object contains a fixed-size array of what...
Subsonic 6.1.1 - Cross-Site Request Forgery
Subsonic 6.1.1 - Cross-Site Request Forgery + Credits: John Page a.k.a hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/SUBSONIC-PASSWORD-RESET-CSRF.txt + ISR: ApparitionSec Vendor: ================ www.subsonic.org Product: =============== subson...
Intel Active Management Technology - System Privileges
Intel Active Management Technology - System Privileges !/usr/bin/python -- coding: utf-8 -- Author: Nixawk CVE-2017-5689 = dork="Server: IntelR Active Management Technology" port:"16992", ports= 623, 664, 16992, 16993, 16994, 16995 products= Active Management Technology AMT, Intel Standard...
Alerton Webtalk 2.53.3 - Multiple Vulnerabilities
Alerton Webtalk 2.53.3 - Multiple Vulnerabilities ''' Security Issues in Alerton Webtalk ================================== Introduction ------------ Vulnerabilities were identified in the Alerton Webtalk Software supplied by Alerton. This software is used for the management of building automatio...
Moxa MXview 2.8 - Denial of Service
Moxa MXview 2.8 - Denial of Service + Credits: John Page AKA hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/MOXA-MXVIEW-v2.8-DENIAL-OF-SERVICE.txt + ISR: ApparitionSec Vendor: ============ www.moxa.com Product: =========== MXView v2.8 Download:...
Faveo Helpdesk Community 1.9.3 - Cross-Site Request Forgery
Faveo Helpdesk Community 1.9.3 - Cross-Site Request Forgery Exploit Title: CSRF / Privilege Escalation Manipulation of Role Agent to Admin on Faveo version Community 1.9.3 Google Dork: no Date: 05-April-2017 Exploit Author: @runggareksya, @yokoacc, @AdyWikradinata, @dickysofficial, @dvnrcy Vendor...
NETGEAR WNR2000v5 - hidden_lang_avi Remote Stack Overflow (Metasploit)
NETGEAR WNR2000v5 - hiddenlangavi Remote Stack Overflow Metasploit This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' require 'time' class MetasploitModule 'NETGEAR WNR2000v5 Unauthenticated hiddenlanga...
WatchGuard XTMv 11.12 Build 516911 - User Management Cross-Site Request Forgery
WatchGuard XTMv 11.12 Build 516911 - User Management Cross-Site Request Forgery !-- KL-001-2017-004 : WatchGuard XTMv User Management Cross-Site Request Forgery Title: WatchGuard XTMv User Management Cross-Site Request Forgery Advisory ID: KL-001-2017-004 Publication Date: 2017.03.10 Publication...
Apple macOS Sierra 10.12.1 - physmem Local Privilege Escalation
Apple macOS Sierra 10.12.1 - physmem Local Privilege Escalation physmem physmem is a physical memory inspection tool and local privilege escalation targeting macOS up through 10.12.1. It exploits either CVE-2016-1825 or CVE-2016-7617 depending on the deployment target. These two vulnerabilities a...
Trend Micro InterScan Web Security Virtual Appliance (IWSVA) 6.5 - Multiple Vulnerabilities
Trend Micro InterScan Web Security Virtual Appliance IWSVA 6.5 - Multiple Vulnerabilities Exploit Title: Trend Micro Interscan Web Security Virtual Appliance IWSVA 6.5.x Multiple Vulnerabilities Date: 28/11/2016 Exploit Author: SlidingWindow , Twitter: @KapilKhot Vendor Homepage:...
Google Android - gpsOneXtra Data Files Denial of Service
Google Android - gpsOneXtra Data Files Denial of Service Original at: https://wwws.nightwatchcybersecurity.com/2016/10/04/advisory-cve-2016-5348-2/ Summary Android devices can be crashed remotely forcing a halt and then a soft reboot by a MITM attacker manipulating assisted GPS/GNSS data provided...
glibc - getaddrinfo Remote Stack Buffer Overflow
glibc - getaddrinfo Remote Stack Buffer Overflow / add by SpeeDr00t@Blackfalcon jang kyoung chip This is a published vulnerability by google in the past. Please refer to the link below. Reference: - https://googleonlinesecurity.blogspot.kr/2016/02/cve-2015-7547-glibc-getaddrinfo-stack.html -...
PHP gettext 1.0.12 - gettext.php Code Execution
PHP gettext 1.0.12 - gettext.php Code Execution CVE-2016-6175 gettext.php | @kmkzsecurity Project Homepage: https://launchpad.net/php-gettext/ Download: https://launchpad.net/php-gettext/trunk/1.0.12/+download/php-gettext-1.0.12.tar.gz Version: 1.0.12 latest release Tested on: Linux Debian, PHP...
Easy RM to MP3 Converter 2.7.3.700 - .m3u File (Universal ASLR + DEP Bypass)
Easy RM to MP3 Converter 2.7.3.700 - .m3u File Universal ASLR + DEP Bypass Exploit Title: Easy RM to MP3 Converter 2.7.3.700 .m3u File BoF Exploit with Universal DEP+ASLR bypass Date: 2016-06-12 Exploit Author: Csaba Fitzl Vendor Homepage: N/A Software Link:...
Panda Security URL Filtering 4.3.1.9 - Local Privilege Escalation
Panda Security URL Filtering 4.3.1.9 - Local Privilege Escalation CVE: CVE-2015-7378 Vendor: Panda Security Reported by: Kyriakos Economou Date of Release: 05/04/2016 Affected Products: Multiple Affected Version: Panda Security URL Filtering v4.3.1.9 Fixed Version: Panda Security URL Filtering...
OpenMRS Reporting Module 0.9.7 - Remote Code Execution
OpenMRS Reporting Module 0.9.7 - Remote Code Execution Title: Unauthenticated remote code execution in OpenMRS Product: OpenMRS Vendor: OpenMRS Inc. Tested versions: See summary Status: Fixed by vendor Reported by: Brian D. Hysell Product description: OpenMRS is "the world's leading open source...
Acrobat Reader DC 15.008.20082.15957 - .PDF Parsing Memory Corruption
Acrobat Reader DC 15.008.20082.15957 - .PDF Parsing Memory Corruption Application: Acrobat Reader DC Platforms: Windows Versions: 15.008.20082.15957 CVE: CVE-2015-7622 Author: Francis Provencher of COSIG Twitter: @COSIG 1 Introduction 2 Report Timeline 3 Technical details 4 POC =============== 1...
LinuxMIPS Kernel 2.6.36 - NetUSB Remote Code Execution
LinuxMIPS Kernel 2.6.36 - NetUSB Remote Code Execution !/usr/bin/env python Source: http://haxx.in/blasty-vs-netusb.py CVE-2015-3036 - NetUSB Remote Code Execution exploit Linux/MIPS =========================================================================== This is a weaponized exploit for the...
vTiger CRM 6.3.0 - (Authenticated) Remote Code Execution
vTiger CRM 6.3.0 - Authenticated Remote Code Execution -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Exploit Title: Vtiger CRM = 6.3.0 Authenticated Remote Code Execution Date: 2015-09-28 Exploit Author: Benjamin Daniel Mussler Vendor Homepage: https://www.vtiger.com Software Link:...
X2Engine 4.2 - Arbitrary File Upload
X2Engine 4.2 - Arbitrary File Upload Source: https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2015-5074/ Details: It was discovered that authenticated users were able to upload files of any type providing that the file did not have an extension that was...
Advantech Webaccess 8.0 3.4.3 - ActiveX Multiple Vulnerabilities
Advantech Webaccess 8.0 3.4.3 - ActiveX Multiple Vulnerabilities Introduction Using Advantech WebAccess SCADA Software we can remotely manage Industrial Control systems devices like RTU's, Generators, Motors etc. Attackers can execute code remotely by passing maliciously crafted string to...
Pligg CMS 2.0.2 - Cross-Site Request Forgery (Add Admin)
Pligg CMS 2.0.2 - Cross-Site Request Forgery Add Admin Admin input name="password" type="text" class="form-control" id="password" value="hacker123" onchange="checkPasswordthis.va...
WordPress Plugin Count Per Day 3.4 - SQL Injection
WordPress Plugin Count Per Day 3.4 - SQL Injection Advisory ID: HTB23267 Product: Count Per Day WordPress plugin Vendor: Tom Braider Vulnerable Versions: 3.4 and probably prior Tested Version: 3.4 Advisory Publication: July 1, 2015 without technical details Vendor Notification: July 1, 2015 Vendo...
MiniUPnPd 1.0 (MIPS) - Remote Stack Overflow Remote Code Execution for AirTies RT Series
MiniUPnPd 1.0 MIPS - Remote Stack Overflow Remote Code Execution for AirTies RT Series !/usr/bin/env python Exploit Title: MiniUPnPd 1.0 Stack Overflow RCE for AirTies RT Series Date: 26.04.2015 Exploit Author: Onur ALANBEL BGA Vendor Homepage: http://miniupnp.free.fr/ Version: 1.0 Architecture:...
ApportAbrt (Ubuntu Fedora) - Local Privilege Escalation
ApportAbrt Ubuntu Fedora - Local Privilege Escalation define GNUSOURCE include include include include include include include include include include include include include include warning this file must be compiled with -static // // Apport/Abrt Vulnerability Demo Exploit. // // Apport:...
Apple Mac OSX 10.7.510.8.210.9.510.10.2 - Rootpipe Local Privilege Escalation
Apple Mac OSX 10.7.510.8.210.9.510.10.2 - Rootpipe Local Privilege Escalation PoC exploit code for rootpipe CVE-2015-1130 Created by Emil Kvarnhammar, TrueSec Tested on OS X 10.7.5, 10.8.2, 10.9.5 and 10.10.2 import os import sys import platform import re import ctypes import objc import sys from...
Fiyo CMS 2.0.1.8 - Multiple Vulnerabilities
Fiyo CMS 2.0.1.8 - Multiple Vulnerabilities Exploit Title: FiyoCMS Multiple Vulnerabilities Date: 29 March 2015 Exploit Author: Mahendra Vendor Homepage: www.fiyo.org Software Link: http://sourceforge.net/projects/fiyo-cms/ Version: 2.0.1.8, other version might be vulnerable. Tested : Kali Linux...
Virtuosa-Phoenix-Edition-5.2-ASX
Exploit Title: Virtuosa Phoenix Edition 5.2 ASX BOF SEH Overwrite Date found: Aug 16th 2010 Author: Acidgen Software Link: http://download1.virtuosa.com/VirtuosaTrial.exe Version: 5.2 junkA = '\x41' 1021 junkB = '\x42' 8979 nSEH = '\xeb\x06\xff\xff' SEH = '\x7e\xaa\x01\x10' nop = '\x90' 10...