41207 matches found
ManageEngine Desktop Central - Create Administrator
ManageEngine Desktop Central - Create Administrator Administrator account creation in ManageEngine Desktop Central / Desktop Central MSP Discovered by Pedro Ribeiro [email protected], Agile Information Security =================================================================================...
ASUS-RT-AC66U-acsd-Param
TitleASUS RT-AC66U Remote Root Shell Exploit - acsd param command Discovered and ReportedJune 2013 Discovered/Exploited ByJacob Holcomb/Gimppy and Jacob Thompson Security Analsyts @ Independent Security Evaluators Software Vendorhttp://asus.com Exploit/Advisoryhttp://securityevaluators.com,...
Innovaphone PBX Admin-GUI - Cross-Site Request Forgery
Innovaphone PBX Admin-GUI - Cross-Site Request Forgery Title: Innovaphone PBX Admin-GUI CSRF Impact: High CVSS2 Score: 7.8 AV:N/AC:M/Au:S/C:P/I:C/A:C/E:F/RL:U/RC:C Announced: August 21, 2014 Reporter: Rainer Giedat NSIDE ATTACK LOGIC GmbH, www.nsideattacklogic.de Products: Innovaphone PBX...
Microsoft Windows XP SP3 - BthPan.sys Arbitrary Write Privilege Escalation
Microsoft Windows XP SP3 - BthPan.sys Arbitrary Write Privilege Escalation """ Title: Microsoft XP SP3 BthPan.sys Arbitrary Write Privilege Escalation Advisory ID: KL-001-2014-002 Publication Date: 2014-07-18 Publication URL: https://www.korelogic.com/Resources/Advisories/KL-001-2014-002.txt 1...
Linux Kernel 3.13 - SGID Privilege Escalation
Linux Kernel 3.13 - SGID Privilege Escalation / CVE-2014-4014 Linux Kernel Local Privilege Escalation PoC Vitaly Nikolenko http://hashcrack.org Usage: ./poc filepath where filepath is the file on which you want to set the sgid bit / define GNUSOURCE include include include include include include...
Ilch CMS 2.0 - Persistent Cross-Site Scripting
Ilch CMS 2.0 - Persistent Cross-Site Scripting Advisory ID: HTB23203 Product: Ilch CMS Vendor: http://ilch.de Vulnerable Versions: 2.0 and probably prior Tested Version: 2.0 Advisory Publication: February 12, 2014 without technical details Vendor Notification: February 12, 2014 Public Disclosure:...
MediaWiki 1.22.1 PdfHandler - Remote Code Execution
MediaWiki 1.22.1 PdfHandler - Remote Code Execution -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 MediaWiki images/xnz.php 3. access to php-backdoor! http://vulnerable-site/images/xnz.php?1=rm%20-rf%20%2f%20--no-preserve-root 4. happy pwning!! Related files: thumb.php -- extract all GET array to...
Karotz Smart Rabbit 12.07.19.00 - Multiple Vulnerabilities
Karotz Smart Rabbit 12.07.19.00 - Multiple Vulnerabilities Trustwave SpiderLabs Security Advisory TWSL2013-021: Multiple Vulnerabilities in Karotz Smart Rabbit Published: 08/01/13 Version: 1.0 Vendor: Electronic Arts http://www.ea.com/, formerly Mindscape, formerly Violet Product: Karotz Version...
Symantec Web Gateway 5.1.0.x - Multiple Vulnerabilities
Symantec Web Gateway 5.1.0.x - Multiple Vulnerabilities SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Multiple vulnerabilities - Surveillance via Symantec Web Gateway product: Symantec Web Gateway vulnerable version:...
Apache CXF 2.5.102.6.72.7.4 - Denial of Service
Apache CXF 2.5.102.6.72.7.4 - Denial of Service SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Denial of service vulnerability product: Apache CXF vulnerable version: Apache CXF prior to 2.5.10, 2.6.7 and 2.7.4 fixed...
Xpient - Cash Drawer Operation
Xpient - Cash Drawer Operation Core Security - Corelabs Advisory http://corelabs.coresecurity.com/ Xpient Cash Drawer Operation Vulnerability 1. Advisory Information Title: Xpient Cash Drawer Operation Vulnerability Advisory ID: CORE-2013-0517 Advisory URL:...
AV Arcade Free Edition - add_rating.php?id Blind SQL Injection
AV Arcade Free Edition - addrating.php?id Blind SQL Injection Exploit Title: AV Arcade Free Edition Blind SQL Injection Date: 31/08/2012 Author: DaOne @LibyanCA Software Link: http://www.avscripts.net/avarcade/freearcadescript/ Google Dork: intext:Powered by AV Arcade Free Edition" Exploit-DB Not...
Webmatic 3.1.1 - Blind SQL Injection
Webmatic 3.1.1 - Blind SQL Injection Advisory ID: HTB23096 Product: Webmatic Vendor: valarsoft.com Vulnerable Versions: 3.1.1 and probably prior Tested Version: 3.1.1 Vendor Notification: 13 June 2012 Public Disclosure: 4 July 2012 Vulnerability Type: Blind SQL Injection CVE Reference:...
TORCS 1.3.2 - .xml File Buffer Overflow SafeSEH Evasion
TORCS 1.3.2 - .xml File Buffer Overflow SafeSEH Evasion / Exploit Title: TORCS Research Team Division Author: Andres Gomez and David Mora a.k.a Mighty-D ... Pwn and beans! Software Link: http://torcs.sourceforge.net/ Version: torcs 1.3.2 Vendor notified: 03/02/2012 Tested on: Windows XP Service...
PHP 5.3.8 - Multiple Vulnerabilities
PHP 5.3.8 - Multiple Vulnerabilities -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 PHP 5.3.8 Multiple vulnerabilities Author: Maksymilian Arciemowicz Website: http://cxsecurity.com/ Date: 14.01.2012 CVE: CVE-2011-4153 zendstrndup Original link: http://cxsecurity.com/research/103 --- 1. Multiple...
Final Draft 8 - Multiple Stack Buffer Overflows (Metasploit)
Final Draft 8 - Multiple Stack Buffer Overflows Metasploit Name : Final Draft 8 Multiple Stack Buffer Overflows Vendor Website : http://www.finaldraft.com/index.php Date Released : 29/11/2011 Affected Software : Final Draft in in in in in in in By crafting a file that contains more than 10,032...
Kahf Poems 1.0 - Multiple Vulnerabilities
Kahf Poems 1.0 - Multiple Vulnerabilities + Title : Kahf Poems V1.0 guestbook.php SQL Injection + Name : Kahf Poems + Affected Version : v1.0 + Software Link : http://www.traidnt.net/vb/traidnt19736/ + Tested on : L:Vista & Windows Xp and Windows 7 + Date : 13/08/2011 + Dork : "intitle:Kahf Poems...
Oracle Sun GlassFish Enterprise Server - Persistent Cross-Site Scripting
Oracle Sun GlassFish Enterprise Server - Persistent Cross-Site Scripting Sense of Security - Security Advisory - SOS-11-009 Release Date. 19-Jul-2011 Last Update. - Vendor Notification Date. 23-Mar-2011 Product. Oracle Sun GlassFish Enterprise Server Platform. Java EE Affected versions. 2.1.1 v2....
Majordomo2 - SMTPHTTP Directory Traversal
Majordomo2 - SMTPHTTP Directory Traversal Original Advisory: https://sitewat.ch/en/Advisory/View/1 Credit: Michael Brooks https://sitewat.ch Vulnerability: Directory Traversal Software: Majordomo2 Identifier:CVE-2011-0049 Vendor: http://www.mj2.org/ Affected Build: 20110121 and prior Google...
textpattern CMS 4.2.0 - Remote File Inclusion
textpattern CMS 4.2.0 - Remote File Inclusion Remote File Inclusion Vulnerability ------------------------------------------------------------------------------ Textpattern index.php -------------------------------------------------------------- + Author : Sn!pEr.S!Te Hacker + Email :...
APBoard 2.1.0 - board.php?id SQL Injection
APBoard 2.1.0 - board.php?id SQL Injection APBoard 2.1.0 / board.php?id= SQL Injection Author : secret - [email protected] Homepage : http://swissfaking.net/ Date : 05 August, 2010 / // // // \ / // / / // \ / | / |/ / \ \ / / / / / , // / / / / / / , // | / / //// ///||// //////||//...
Creato Script - SQL Injection
Creato Script - SQL Injection Title: Creato Script SQL Injection Vulnerability Version: 2.1 Author: Mr.P3rfekT Software Site: http://www.creato.biz Tested on Lunix CVE : N/A Founded By Mr.P3rfekT Dork : " created by creato.biz " Helllo Allz. Exploit : http://site/mainpage.php?id=SQLi Poc Username...
ProWeb Design - SQL Injection
ProWeb Design - SQL Injection .----..--.--.| |--..-----..----.| |.-----..-----. | || | || || -|| || || || | ||| ||||||| ||||| | || || ProWeb Design SQL Injection Vulnerability Vendor: http://www.prowebassociates.com/ Discovered by : cyberlog Site : Sekuritionline.net Channel : SekuritiOnline Now...
OpenSSL - Remote Denial of Service
OpenSSL - Remote Denial of Service / hoagieopensslrecordofdeath.c OPENSSL REMOTE DENIAL-OF-SERVICE EXPLOIT - OpenSSL 0.9.8m short = 16 bit - OpenSSL 0.9.8f through 0.9.8m short != 16 bit CVE-2010-0740 Bug discovered by: Bodo Moeller and Adam Langley Google Philip Olausson...
Ele Medios CMS - SQL Injection
Ele Medios CMS - SQL Injection ALGERIAN HACKER - NORTH-AFRICA SECURITY TEAM - ! Ele Medios CMS SQL Injection Vulnerability ! Author : Dr.0rYX and Cr3w-DZ ! MAIL : [email protected] & [email protected] / Software Information + Vendor : http://www.elemedios.net/ + script : Ele Medios CMS + Download :...
BPLawyerCaseDocuments - SQL Injection
BPLawyerCaseDocuments - SQL Injection x========================================================================================================================================x | AntiSecuritydotorg |...
PHP 5.2.8 gd library - imageRotate() Information Leak
PHP 5.2.8 gd library - imageRotate Information Leak PHP - gd library - imageRotatefunction Information Leak Vulnerability Discovered by: Hamid Ebadi, Further research and exploit: Mohammad R. Roohian CSIRT Team Members Amirkabir University APA Laboratory Introduction PHP is a popular web...
GGCMS 1.1.0 RC1 - Remote Code Execution
GGCMS 1.1.0 RC1 - Remote Code Execution ? // //Kacper & str0ke Settings $exploitname = "GGCMS = v1.1.0 RC1 Remote Auto Deface Exploit / Remote Code Execution Exploit"; $scriptname = "GGCMS v1.1.0 RC1"; $scriptsite = "http://ggcms.weblance.pl/"; $dork = '"Powered by GGCMS"'; // print ' :::::::::...
EncapsCMS 0.3.6 - corecore.php Remote File Inclusion
EncapsCMS 0.3.6 - corecore.php Remote File Inclusion Firewall encapscms 0.3.6 - Remote File Include by Firewall BuG FounD by Firewall Application Affect: encapscms 0.3.6 Sorce Code: http://scripts.ringsworld.com/content-management/encapscms-0.3.6.zip Code: includeonce$root."core/Config.php";...
EZContents 2.0.3 - showpoll.php?GLOBALS[admin_home] Remote File Inclusion
EZContents 2.0.3 - showpoll.php?GLOBALSadminhome Remote File Inclusion source: https://www.securityfocus.com/bid/19776/info ezContents is prone to multiple remote file-include vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker can exploit these...
IBM eGatherer 3.20.0284.0 - ActiveX Remote Code Execution (Metasploit)
IBM eGatherer 3.20.0284.0 - ActiveX Remote Code Execution Metasploit This file is part of the Metasploit Framework and may be redistributed according to the licenses defined in the Authors field below. In the case of an unknown or missing license, this file defaults to the same license as the cor...
Kayako eSupport 2.3.1 - subd Remote File Inclusion
Kayako eSupport 2.3.1 - subd Remote File Inclusion Script: Kayako eSupport Comments: It seems like the vendor silently fixed the issue in the current version more like since v2.3.5 withouth warning users of previous versions, noobs. Requires that "registerglobals" is enabled. Vulnerable File:...
Multiple AntiVirus - .zip Detection Bypass
Multiple AntiVirus - .zip Detection Bypass / zipbrk.c - Proof-of-Concept for CAN-2004-0932 - CAN-2004-0937 Copyright C 2004 oc.192 This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation...
Solaris 2.x7.08 IRIX 6.5.x OpenBSD 2.x NetBSD 1.x Debian 3 HP-UX 10 - TelnetD Remote Buffer Overflow
Solaris 2.x7.08 IRIX 6.5.x OpenBSD 2.x NetBSD 1.x Debian 3 HP-UX 10 - TelnetD Remote Buffer Overflow // source: https://www.securityfocus.com/bid/3064/info A boundary condition error exists in telnet daemons derived from the BSD telnet daemon. Under certain circumstances, the buffer overflow can...
Hassan Consulting Shopping Cart 1.18 - Directory Traversal
Hassan Consulting Shopping Cart 1.18 - Directory Traversal source: https://www.securityfocus.com/bid/1777/info The $page variable in Hassan Consulting Shopping Cart does not properly check for insecure relative paths such as the double dot "..". Therefore, requesting the following URL will displa...
WU-FTPD 2.4.22.5 .02.6.0 - Remote Format String Stack Overwrite (1)
WU-FTPD 2.4.22.5 .02.6.0 - Remote Format String Stack Overwrite 1 // source: https://www.securityfocus.com/bid/1387/info Washington University ftp daemon wu-ftpd is a very popular unix ftp server shipped with many distributions of Linux and other UNIX operating systems. Wu-ftpd is vulnerable to a...
Business Live Chat Software 1.0 - Cross-Site Request Forgery (Add Admin)
Business Live Chat Software 1.0 - Cross-Site Request Forgery Add Admin Exploit Title: Business Live Chat Software 1.0 - Cross-Site Request Forgery Add Admin Description: Operator Can Change Role User Type to admin Date: 2020-02-26 Exploit Author: Meisam Monsef Vendor Homepage:...
Aptina AR0130 960P 1.3MP Camera - Remote Configuration Disclosure
Aptina AR0130 960P 1.3MP Camera - Remote Configuration Disclosure Exploit Title: Aptina AR0130 960P 1.3MP Camera - Remote Configuration Disclosure Author: Todor Donev Date: 2020-02-23 Vendor: https://acesecurity.jp Product Link: https://acesecurity.jp/support/top/wipseries/wip-90113 CVE: N/A...
Cacti 1.2.8 - Remote Code Execution
Cacti 1.2.8 - Remote Code Execution Exploit Title: Cacti 1.2.8 - Remote Code Execution Date: 2020-02-03 Exploit Author: Askar @mohammadaskar2 CVE: CVE-2020-8813 Vendor Homepage: https://cacti.net/ Version: v1.2.8 Tested on: CentOS 7.3 / PHP 7.1.33 !/usr/bin/python3 import requests import sys impo...
rConfig 3.9.3 - Authenticated Remote Code Execution
rConfig 3.9.3 - Authenticated Remote Code Execution Exploit Title: rConfig 3.9.3 - Authenticated Remote Code Execution Date: 2019-11-07 CVE-2019-19509 Exploit Author: vikingfr Vendor Homepage: https://rconfig.com/ see also : https://github.com/rconfig/rconfig Software Link :...
Netgear R6400 - Remote Code Execution
Netgear R6400 - Remote Code Execution Exploit Title: Netgear R6400 - Remote Code Execution Date: 2019-12-14 Exploit Author: Kevin Randall CVE: CVE-2016-6277 Vendor Homepage: https://www.netgear.com/ Category: Hardware Version: V1.0.7.21.1.93 PoC !/usr/bin/python import urllib2 IPADDR =...
Apache Olingo OData 4.0 - XML External Entity Injection
Apache Olingo OData 4.0 - XML External Entity Injection COMPASS SECURITY ADVISORY https://www.compass-security.com/research/advisories/ Product: Apache Olingo OData 4.0 Vendor: Apache Foundation CSNC ID: CSNC-2009-025 CVE ID: CVE-2019-17554 Subject: XML External Entity Resolution XXE Risk: High...
Omron PLC 1.0.0 - Denial of Service (PoC)
Omron PLC 1.0.0 - Denial of Service PoC Exploit Title: Omron PLC 1.0.0 - Denial of Service PoC Google Dork: n/a Date: 2019-12-06 Exploit Author: n0b0dy Vendor Homepage: https://automation.omron.com, ia.omron.com Software Link: n/a Version: 1.0.0 Tested on: PLC f/w rev.: CJ2M v2.01 CWE-412 :...
Intelbras Router RF1200 1.1.3 - Cross-Site Request Forgery
Intelbras Router RF1200 1.1.3 - Cross-Site Request Forgery Exploit Title: Intelbras Router RF1200 1.1.3 - Cross-Site Request Forgery Date: 2019-11-06 Exploit Author: Joas Antonio Vendor Homepage: intelbras.com.br Software Link:...
SmartHouse Webapp 6.5.33 - Cross-Site Request Forgery
SmartHouse Webapp 6.5.33 - Cross-Site Request Forgery Exploit Title: SmartHouse Webapp 6.5.33 - Cross-Site Request Forgery Discovery by: LiquidWorm Date: 2019-12-02 Vendor Homepage: Tested Version: 6.5.33.17072501 CVE: N/A Advisory ID: ZSL-2019-5543 Advisory URL:...
Prima Access Control 2.3.35 - Arbitrary File Upload
Prima Access Control 2.3.35 - Arbitrary File Upload Exploit Title: Prima Access Control 2.3.35 - Arbitrary File Upload Google Dork: NA Date: 2019-11-11 Exploit Author: LiquidWorm Vendor Homepage: https://www.computrols.com/capabilities-cbas-web/ Software Link:...
eMerge E3 1.00-06 - Privilege Escalation
eMerge E3 1.00-06 - Privilege Escalation Exploit Title: eMerge E3 1.00-06 - Privilege Escalation Google Dork: NA Date: 2018-09-11 Exploit Author: LiquidWorm Vendor Homepage: http://linear-solutions.com/nscfamily/e3-series/ Software Link: http://linear-solutions.com/nscfamily/e3-series/ Version:...
iOS IOUSBDeviceFamily 12.4.1 - IOInterruptEventSource Heap Corruption (PoC)
iOS IOUSBDeviceFamily 12.4.1 - IOInterruptEventSource Heap Corruption PoC Exploit Title: iOS IOUSBDeviceFamily 12.4.1 - 'IOInterruptEventSource' Heap Corruption PoC Date: 2019-10-29 Exploit Author: Sem Voigtlander, Joshua Hill and Raz Mashat Vendor Homepage: https://apple.com/ Software Link:...
YouPHPTube 7.4 - Remote Code Execution
YouPHPTube 7.4 - Remote Code Execution Exploit Title: YouPHPTube &webSiteTitle=Zerodays.lol&databaseHost=&databaseName=&databasePass=&databasePort=&databaseUser="...
Ahsay Backup 7.x - 8.1.1.50 - Authenticated Arbitrary File Upload Remote Code Execution (Metasploit)
Ahsay Backup 7.x - 8.1.1.50 - Authenticated Arbitrary File Upload Remote Code Execution Metasploit Exploit Title: Authenticated insecure file upload and code execution flaw in Ahsay Backup v7.x - v8.1.1.50. Metasploit Date: 26-6-2019 Exploit Author: Wietse Boonstra Vendor Homepage:...