41207 matches found
symantec Web gateway 5.0.2.8 - Multiple Vulnerabilities
symantec Web gateway 5.0.2.8 - Multiple Vulnerabilities Software: Symantec Web Gateway Current Software Version: 5.0.2.8 Product homepage: www.symantec.com Author: S2 Crew Hungary CVE: CVE-2012-0297, CVE-2012-0298, ??? File include:...
IBM System Storage DS Storage Manager Profiler - Multiple Vulnerabilities
IBM System Storage DS Storage Manager Profiler - Multiple Vulnerabilities IBM System Storage DS Storage Manager Profiler Multiple Vulnerabilities Vendor: IBM Corporation Product web page: http://www.ibm.com Affected version: 4.8.6 Summary: Through its extraordinary flexibility, reliability, and...
RuggedCom Devices - Backdoor Access
RuggedCom Devices - Backdoor Access Title: Undocumented Backdoor Access to RuggedCom Devices Author: jc Organization: JC CREW Date: April 23, 2012 CVE: CVE-2012-1803 Background: RuggedCom is one of a handful of networking vendors who capitalize on the market for "Industrial Strength" and "Hardene...
Microsoft Windows - .fon Kernel-Mode Buffer Overrun (PoC) (MS11-077)
Microsoft Windows - .fon Kernel-Mode Buffer Overrun PoC MS11-077 Exploit Title: MS11-077 .fon buffer overrun kernel-mode drivers exploit Google Dork: if relevant �we will automatically add these to the GHDB Date: 10/12/2011 Author: Byoungyoung Lee, http://www.cc.gatech.edu/blee303/ Software Link:...
SWAT Samba Web Administration Tool - Cross-Site Request Forgery
SWAT Samba Web Administration Tool - Cross-Site Request Forgery Thanks & Regards, Narendra. Confidentiality: This e-mail and any attachments may be confidential and may also be privileged. If you are not an intended named recipient, please notify the sender immediately and do not disclose the...
Native Instruments Massive 1.1.4 - KSD File Handling Use-After-Free
Native Instruments Massive 1.1.4 - KSD File Handling Use-After-Free !/usr/bin/perl Title: Native Instruments Massive 1.1.4 KSD File Handling Use-After-Free Vulnerability Vendor: Native Instruments GmbH Product web page: http://www.native-instruments.com Affected version: 1.1.4 R1901 Summary:...
Landesk - OS command Injection
Landesk - OS command Injection 1. Advisory Information Title: Landesk OS command injection Advisory Id: CORE-2010-1018 Advisory URL: http://www.coresecurity.com/content/landesk-os-command-injection-vulnerability Date published: 2010-11-10 Date of last update: 2010-11-10 Vendors contacted: LANDesk...
WordPress Plugin NextGEN Gallery 1.5.1 - Cross-Site Scripting
WordPress Plugin NextGEN Gallery 1.5.1 - Cross-Site Scripting XSS Vulnerability in NextGEN Gallery Wordpress Plugin 1. Advisory Information Title: XSS Vulnerability in NextGEN Gallery Wordpress Plugin Advisory Id: CORE-2010-0323 Advisory URL:...
Smart Vision Script News - newsdetail.php SQL Injection (1)
Smart Vision Script News - newsdetail.php SQL Injection 1 Exploit Title: Smart Vsion Script News newsdetail SQL Injection Vulnerability Software Link: www.esmart-vision.com ============================================ | Smart Vision Script News newsdetail SQL Injection Vulnerability...
SitioOnline - SQL Injection
SitioOnline - SQL Injection - cvs -vrew ! SitioOnline SQL Injection Vulnerability ! Author : 4lG3r14n0-t3r0 ! MAIL : [email protected] / Software Information + Vendor : http://www.SitioOnline.cl + script : SitioOnline + Download : + Vulnerability : php SQL injection + Dork...
Multiple Browsers - Denial of Service
Multiple Browsers - Denial of Service One bug to rule them all IE5,IE6,IE7,IE8,Netscape,Firefox,Safari,Opera,Konqueror, Seamonkey,Wii,PS3,iPhone,iPod,Nokia,Siemens.... and more. Don't wet your pants - it's DoS only Release mode: Tried hard to coordinate - gave up Reference : GSEC-TZO-26-2009 - On...
4Images 1.7.7 - Filter Bypass HTML Injection Cross-Site Scripting
4Images 1.7.7 - Filter Bypass HTML Injection Cross-Site Scripting || || | || o,7 || . o7 || q||| o\, : / / . =By: Qabandi =Email: iqaahotmail.fr From Kuwait, PEACE... =Vuln: 4images = 1.7.7 - filter bypass HTML injection/XSS =INFO: =BUY: =DORK: -=/:Conditions:=-...
hosting controller 6.1 hot fix 3.3 - Multiple Vulnerabilities
hosting controller 6.1 hot fix 3.3 - Multiple Vulnerabilities Title: Multiple Security Bugs In Hosting Controller Critical: Extremely critical Impact: Full system administrator access Vendor: Hosting Controller Version: 6.1 Hot fix = 3.3 Vendor URL: www.hostingcontroller.com Solution: N/A From...
CodeBB 1.0 Beta 2 - phpbb_root_path Remote File Inclusion
CodeBB 1.0 Beta 2 - phpbbrootpath Remote File Inclusion codebb 1.1b3 phpbbrootpath Remote File Include Vulnerability D.Script: http://rd.cycnus.de/download/codebb-1.1b3.tar.bz2 Discovered by: Alkomandoz Hacker Homepage: http://www.asb-may.net V.Code includeonce$phpbbrootpath...
pSlash 0.7 - lvc_include_dir Remote File Inclusion
pSlash 0.7 - lvcincludedir Remote File Inclusion pSlash v0.7 lvcincludedir Remote Include Vulnerability Author: XORON Class: Remote cont@ct: x0r0nathotmaildotcom Code: require$lvcincludedir.'db/dbmysql.inc.php'; Exploit:...
Simple Machines Forum (SMF) 1.1 rc2 - Lock Topics
Simple Machines Forum SMF 1.1 rc2 - Lock Topics !/usr/bin/php -q -d shortopentag=on 126 $result.=" ."; else $result.=" ".$string$i; if strlendechexord$string$i==2 $exa.=" ".dechexord$string$i;...
Mambo Component com_forum 1.2.4RC3 - Remote File Inclusion
Mambo Component comforum 1.2.4RC3 - Remote File Inclusion Bug Found by h4ntu http://h4ntu.com batamhacker crew Another Mambo component remote inclusion vulneribility download : http://mamboxchange.com/frs/download.php/6873/phpbbcomponent1.2.4RC3.zip bug found in file : download.php define'INPHPBB...
Mambo Component Pearl 1.6 - Multiple Remote File Inclusions
Mambo Component Pearl 1.6 - Multiple Remote File Inclusions --------------------------------------------------------------------------- Pearl For Mambo = 1.6 GlobalSettingstemplatesDirectory Remote File Include Vulnerabilities...
Early Impact ProductCart 2.62.7 - viewPrd.asp?idcategory SQL Injection
Early Impact ProductCart 2.62.7 - viewPrd.asp?idcategory SQL Injection source: https://www.securityfocus.com/bid/13881/info ProductCart is prone to multiple SQL injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it...
PHP-Nuke 7.x - Multiple Remote File Inclusions
PHP-Nuke 7.x - Multiple Remote File Inclusions source: https://www.securityfocus.com/bid/18186/info PHP-Nuke is prone to multiple remote file-include vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit these issue...
Multiple Vendor ICMP Implementation - Malformed Path MTU Denial of Service
Multiple Vendor ICMP Implementation - Malformed Path MTU Denial of Service source: https://www.securityfocus.com/bid/13124/info Multiple vendor implementations of TCP/IP Internet Control Message Protocol ICMP are reported prone to several denial-of-service attacks. ICMP is employed by network nod...
AOL Instant Messenger AIM - Away Message Remote (2)
AOL Instant Messenger AIM - Away Message Remote 2 / CAN-2004-0636 / / AIM Away Message Buffer Overflow Exploit Exploit by John Bissell A.K.A. HighT1mes Exploit: ======== drizzit.c Vulnerable Software: ==================== - AIM 5.5.3588 - AIM 5.5.3590 Beta - AIM 5.5.3591 - AIM 5.5.3595 and a coup...
AllMyLinks 0.x - footer.inc.php Arbitrary Code Execution
AllMyLinks 0.x - footer.inc.php Arbitrary Code Execution source: https://www.securityfocus.com/bid/9664/info Reportedly the AllMyPHP applications AllMyGuests, AllMyLinks and AllMyVisitors are prone to a remote file include vulnerability. The issue is due to insufficient filtering of URI passed...
Mah-Jong 1.4 - ClientServer Remote sscanf() Buffer Overflow
Mah-Jong 1.4 - ClientServer Remote sscanf Buffer Overflow // source: https://www.securityfocus.com/bid/8557/info A remote buffer overflow vulnerability when calling the sscanf function has been reported to affect the mah-jong game client and server programs. The issue occurs within seperate sourc...
Microsoft Windows NT 4.02000 - NetBIOS Name Conflict
Microsoft Windows NT 4.02000 - NetBIOS Name Conflict source: https://www.securityfocus.com/bid/1514/info An attacker can send the NetBIOS name service a NetBIOS Name Conflict message even when the receiving machine is not in the process of registering its NetBIOS name. The target will then not...
Inim Electronics Smartliving SmartLAN 6.x - Remote Command Execution
Inim Electronics Smartliving SmartLAN 6.x - Remote Command Execution Exploit Title: Inim Electronics Smartliving SmartLAN 6.x - Remote Command Execution Author: LiquidWorm Date: 2019-12-09 Product web page: https://www.inim.biz Link:...
google.com
Pentest notes for: google.com Exploit Pack Nmap 7.80 scan initiated Tue Dec 3 09:27:33 2019 as: /usr/bin/nmap -sV -A -oA log/exploitpack.com exploitpack.com Nmap scan report for exploitpack.com 132.148.22.104 Host is up 0.18s latency. rDNS record for 132.148.22.104:...
Siemens Desigo PX 6.00 - Denial of Service (PoC)
Siemens Desigo PX 6.00 - Denial of Service PoC Title: Siemens Desigo PX 6.00 - Denial of Service PoC Author: LiquidWorm Date: 2019-11-14 Vendor web page: https://www.siemens.com Product web page: https://new.siemens.com/global/en/products/buildings/automation/desigo.html Affected version:6.00...
CBAS-Web 19.0.0 - Information Disclosure
CBAS-Web 19.0.0 - Information Disclosure Exploit Title: CBAS-Web 19.0.0 - Information Disclosure Google Dork: NA Date: 2019-11-11 Exploit Author: LiquidWorm Vendor Homepage: https://www.computrols.com/capabilities-cbas-web/ Software Link: https://www.computrols.com/building-automation-software/...
Computrols CBAS-Web 19.0.0 - username Reflected Cross-Site Scripting
Computrols CBAS-Web 19.0.0 - username Reflected Cross-Site Scripting Exploit Title: Computrols CBAS-Web 19.0.0 - 'username' Reflected Cross-Site Scripting Google Dork: NA Date: 2018-09-06 Exploit Author: LiquidWorm Vendor Homepage: https://www.computrols.com/capabilities-cbas-web/ Software Link:...
Solaris 11.4 - xscreensaver Privilege Escalation
Solaris 11.4 - xscreensaver Privilege Escalation @Mediaservice.net Security Advisory 2019-02 last updated on 2019-10-16 Title: Local privilege escalation on Solaris 11.x via xscreensaver Application: Jamie Zawinski's xscreensaver 5.39 distributed with Solaris 11.4 Jamie Zawinski's xscreensaver 5....
WordPress Plugin Photo Gallery 1.5.34 - SQL Injection
WordPress Plugin Photo Gallery 1.5.34 - SQL Injection Exploit Title: WordPress Plugin Photo Gallery by 10Web Add new and in add galleries / Gallery groups. GET request going with parameter albumid is vulnerable to Time Based Blind SQL injection. Following is the POC, 1...
Craft CMS 2.7.93.2.5 - Information Disclosure
Craft CMS 2.7.93.2.5 - Information Disclosure Exploit Title : CraftCms Users information disclosure From uploaded File Author Discovered By : Mohammed Abdul Raheem Author's Company Name : TrekShield IT Solution Author Exploit-db : https://www.exploit-db.com/?author=9783 Found Vulnerability On :...
Sentrifugo 3.2 - Persistent Cross-Site Scripting
Sentrifugo 3.2 - Persistent Cross-Site Scripting Exploit Title: Sentrifugo 3.2 - Persistent Cross-Site Scripting Google Dork: N/A Date: 8/29/2019 Exploit Author: creosote Vendor Homepage: http://www.sentrifugo.com/ Version: 3.2 Tested on: Ubuntu 18.04 CVE : CVE-2019-15814 Multiple Stored XSS...
Joomla! Component JS Jobs (com_jsjobs) 1.2.5 - customfields.php SQL Injection
Joomla! Component JS Jobs comjsjobs 1.2.5 - customfields.php SQL Injection Exploit Title: Joomla! component comjsjobs - 'customfields.php' SQL Injection Dork: inurl:"index.php?option=comjsjobs" Date: 13.08.19 Exploit Author: qw3rTyTy Vendor Homepage: https://www.joomsky.com/ Software Link:...
Moodle Filepicker 3.5.2 - Server Side Request Forgery
Moodle Filepicker 3.5.2 - Server Side Request Forgery Exploit Title: Server Side Request Forgery in Moodle Filepicker Google Dork: / Date: 2019-07-25 Exploit Author: Fabian Mosch & Nick Theisinger r-tec IT Security GmbH Vendor Homepage: https://moodle.org/ Software Link:...
Microsoft Internet Explorer Windows 10 1809 17763.316 - Scripting Engine Memory Corruption
Microsoft Internet Explorer Windows 10 1809 17763.316 - Scripting Engine Memory Corruption Content Dim ar1&h3000000 Dim ar21000 Dim gremlin addressOfGremlin = &h28281000 Class MyClass Private mValue Public Property Let Valuev mValue = v End Property Public Default Property Get P P = mValue ' Wher...
74CMS 5.0.1 - Cross-Site Request Forgery (Add New Admin User)
74CMS 5.0.1 - Cross-Site Request Forgery Add New Admin User Exploit Title: 74CMS v5.0.1 has a CSRF vulnerability to add a new admin user Date: 2019-04-14 Exploit Author: ax8 Vendor Homepage: https://github.com/Li-Siyuan Software Link: http://www.74cms.com/download/index.html Version: v5.0.1 CVE :...
Netwide Assembler (NASM) 2.14rc15 - NULL Pointer Dereference (PoC)
Netwide Assembler NASM 2.14rc15 - NULL Pointer Dereference PoC Exploit Title: Netwide Assembler NASM 2.14rc15 NULL Pointer Dereference PoC Date: 2018-09-05 Exploit Author: Fakhri Zulkifli Vendor Homepage: https://www.nasm.us/ Software Link: https://www.nasm.us/pub/nasm/releasebuilds/?C=M;O=D...
Microsoft Lync for Mac 2011 - Injection Forced BrowsingDownload
Microsoft Lync for Mac 2011 - Injection Forced BrowsingDownload Exploit Title: Microsoft Lync for Mac 2011 Injection Forced Browsing/Download Author: @nyxgeek - TrustedSec Date: 2018-03-20 Vendor Homepage: microsoft.com Software Link: https://www.microsoft.com/en-us/download/details.aspx?id=36517...
SwitchVPN for macOS 2.1012.03 - Privilege Escalation
SwitchVPN for macOS 2.1012.03 - Privilege Escalation ======================================================================= Title: Privilege Escalation Vulnerability Product: SwitchVPN for MacOS Vulnerable version: 2.1012.03 CVE ID: CVE-2018-18860 Impact: Critical Homepage: https://switchvpn.net...
Bakeshop Inventory System in VB.Net and MS Access Database 1.0 - SQL Injection
Bakeshop Inventory System in VB.Net and MS Access Database 1.0 - SQL Injection Exploit Title: Bakeshop Inventory System in VB.Net and MS Access Database 1.0 - SQL Injection Dork: N/A Date: 2018-10-29 Exploit Author: Ihsan Sencan Vendor Homepage: https://www.sourcecodester.com/users/janobe Softwar...
ProjeQtOr Project Management Tool 7.2.5 - Remote Code Execution
ProjeQtOr Project Management Tool 7.2.5 - Remote Code Execution Exploit Title: ProjeQtOr Project Management Tool 7.2.5 - Remote Code Execution Date: 2018-10-22 Exploit Author: Özkan Mustafa Akkuş AkkuS Contact: https://pentest.com.tr Vendor Homepage: https://www.projeqtor.org Software Link:...
Responsive FileManager 9.13.4 - Directory Traversal
Responsive FileManager 9.13.4 - Directory Traversal The following vulnerabilities were fixed in the version 9.13.4. https://responsivefilemanager.com 1 Path Traversal Allows to Read Any File Reserved CVE: CVE-2018-15535 Discovered By: Simon Uvarov Vendor Status: Fixed Details: The following reque...
Ecessa WANWorx WVR-30 10.7.4 - Cross-Site Request Forgery (Add Superuser)
Ecessa WANWorx WVR-30 10.7.4 - Cross-Site Request Forgery Add Superuser Exploit title: Ecessa WANWorx WVR-30 input type="hidden" name="userusername...
Microsoft Windows 10 - Desktop Bridge Virtual Registry CVE-2018-0880 Incomplete Fix Privilege Escalation
Microsoft Windows 10 - Desktop Bridge Virtual Registry CVE-2018-0880 Incomplete Fix Privilege Escalation Windows: Windows: Desktop Bridge Virtual Registry CVE-2018-0880 Incomplete Fix EoP Platform: Windows 1709 not tested earlier version Class: Elevation of Privilege Summary: The handling of the...
TrendMicro OfficeScan XG 11.0 - Change Prevention Bypass
TrendMicro OfficeScan XG 11.0 - Change Prevention Bypass + Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/TRENDMICRO-OFFICESCAN-XG-v11.0-UNAUTHORIZED-CHANGE-PREVENTION-SERVICE-BYPASS.txt + ISR: Apparition Security Greetz:...
Norton Core Secure WiFi Router - BLE Command Injection (PoC)
Norton Core Secure WiFi Router - BLE Command Injection PoC PoC command injection in BLE service of Norton Core Secure WiFi Router CVE-2018-5234 For more information read paper. To demonstrate the exploitation, we will use: - OS GNU/Linux; - Bluetooth dongle adapter; - BlueZ utility for testing...
Cockpit CMS 0.4.4 0.5.5 - Server-Side Request Forgery
Cockpit CMS 0.4.4 0.5.5 - Server-Side Request Forgery SSRF(Server Side Request Forgery) in Cockpit 0.4.4-0.5.5 CVE-2018-9302 Cockpit CMS repairs CVE-2017-14611, but it can be bypassed, SSRF still exist, affecting the Cockpit CMS 0.4.4-0.5.5 versions.I've been tested success of "Cockpit CMS" laste...
Monstra CMS 3.0.4 - Arbitrary Folder Deletion
Monstra CMS 3.0.4 - Arbitrary Folder Deletion Exploit Title: Monstra CMS 3.0.4 allows remote attackers to delete folder via an get request Date: 2018-03-26 Exploit Author: Wenming Jiang Vendor Homepage: https://github.com/monstra-cms/monstra Software Link: https://github.com/monstra-cms/monstra...