41207 matches found
Arcadem Pro - articlecat SQL Injection
Arcadem Pro - articlecat SQL Injection || | | Arcadem Pro articlecat Remote SQL Injection Vulnerability | | |---------------------Hussin X----------------------| | | Author: Hussin X | | Home : WwW.IQ-ty.CoM | WwW.TrYaG.CC | | email: darkangelg85atYahooDoTcom | | | | | | | | script :...
Scripteen Free Image Hosting Script 1.2 - cookie Pass Grabber
Scripteen Free Image Hosting Script 1.2 - cookie Pass Grabber Scripteen Free Image Hosting Script V1.2. cookie Admin Password Grabber Exploit Coded By RMx - Liz0ziM Web:www.biyosecurity.com Dork:"Powered by Scripteen Free Image Hosting Script V1.2" TARGET HOST: Example:www.xxxx.com TARGET PATH:...
Joomla! Component JoomlaDate 1.2 - user SQL Injection
Joomla! Component JoomlaDate 1.2 - user SQL Injection /---------------------------------------------------------------\ \ / / Joomla Component joomladate Remote SQL injection \ \ / ---------------------------------------------------------------/ Author : His0k4 ALGERIAN HaCkEr Dork :...
Alcatel OmniPCX Office 210061.1 - Remote Command Execution
Alcatel OmniPCX Office 210061.1 - Remote Command Execution Digital Security Research Group DSecRG Advisory DSECRG-08-020 Application: Alcatel OmniPCX Office Versions Affected: Alcatel OmniPCX Office since release 210/061.1 Vendor URL: http://alcatel.com Bugs: Remote command execution Exploits: YE...
QT-cute QuickTalk Guestbook 1.6 - Multiple Cross-Site Scripting Vulnerabilities
QT-cute QuickTalk Guestbook 1.6 - Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/29013/info QT-cute QuickTalk Guestbook is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may...
Ruby 1.8.61.9 (WEBick HTTPd 1.3.1) - Directory Traversal
Ruby 1.8.61.9 WEBick HTTPd 1.3.1 - Directory Traversal ------------------------------------------------------------------------------------ Digital Security Research Group DSecRG Advisory DSECRG-08-018 Application: Ruby 1.8.6 WEBrick Web server Toolkit and applications that used WEBrick, like...
Apple Mac OSX xnu 1228.3.13 - IPv6-ipcomp Remote kernel Denial of Service (PoC)
Apple Mac OSX xnu 1228.3.13 - IPv6-ipcomp Remote kernel Denial of Service PoC / xnu-ipv6-ipcomp.c Copyright c 2008 by Apple MACOS X xnu md typo?. md = mpulldownm, off, sizeofipcomp, NULL; if !m - md = mpulldownm, off, sizeofipcomp, NULL; if !md bsd/netinet6/ipcompinput.c curiosly the same bug...
Joomla! Component Rapid Recipe 1.6.5 - SQL Injection
Joomla! Component Rapid Recipe 1.6.5 - SQL Injection joomla SQL Injectioncomrapidrecipe AUTHOR : S@BUN HOME : http://www.hackturkiye.com MAÄ°L : [email protected] DORK 1 : allinurl: "comrapidrecipe"userid DORK 2 : allinurl: "comrapidrecipe" categoryid EXPLOIT : after userid or...
Weblogicnet - files_dir Multiple Remote File Inclusions
Weblogicnet - filesdir Multiple Remote File Inclusions Nyubicrew Community Weblogicnet filesdir Remote File Inclusion vendor : http://www.weblogicnet.com/ source : http://weblogicnet.com/data/weblogicnet.tgz Bug Found By :homeedition2001 a.k.a bius 31-08-2007 contact: [email protected] Website :...
vBulletin Mod RPG Inferno 2.4 - inferno.php SQL Injection
vBulletin Mod RPG Inferno 2.4 - inferno.php SQL Injection --==+================================================================================+==-- --==+ RPG Inferno v2.4 SQL Injection Vulnerability +==-- --==+================================================================================+==--...
PHP-Fusion 6.00.306 - Multiple Vulnerabilities
PHP-Fusion 6.00.306 - Multiple Vulnerabilities !/usr/bin/php -q -d shortopentag=on ? echo "PHPFusion = v6.00.306 avatar modmime arbitrary file upload &\r\n"; echo "local inclusion vulnerabilities\r\n"; echo "by rgod [email protected]\r\n"; echo "site: http://retrogod.altervista.org\r\n\r\n"; if...
Mambo 4.5.2 - Globals Overwrite Remote Command Execution
Mambo 4.5.2 - Globals Overwrite Remote Command Execution Mambo body background-color:111111; SCROLLBAR-ARROW-COLOR: ffffff; SCROLLBAR-BASE-COLOR: black; CURSOR: crosshair; color: 1CB081; img background-color: F...
Microsoft Windows - Color Management Module Overflow (MS05-036) (1)
Microsoft Windows - Color Management Module Overflow MS05-036 1 / Author: snooq http://www.redpuffer.net/snooq/web/ Date: 21 July 2005 When I looked at the PoC posted on bugtraq.... I was basically quite disappointed. The 'PoC' fixed 'tag count' to a large number.. but this code path does not see...
Linux Kernel 2.4.26 - File Offset Pointer Handling Memory Disclosure
Linux Kernel 2.4.26 - File Offset Pointer Handling Memory Disclosure / CAN-2004-0415 / gcc -O3 prockmemdump.c -o prockmemdump Copyright c 2004 iSEC Security Research. All Rights Reserved. THIS PROGRAM IS FOR EDUCATIONAL PURPOSES ONLY IT IS PROVIDED "AS IS" AND WITHOUT ANY WARRANTY. COPYING,...
tcpdump - ISAKMP Identification Payload Integer Overflow
tcpdump - ISAKMP Identification Payload Integer Overflow / tcpdump packet sniffer Integer underflow in ISAKMP Identification payload denial of service vulnerability proof of concept code version 1.0 Apr 02 2004 CVE-ID: CAN-2004-0184 by Remi Denis-Courmont www simphalempin com dev Remi...
Gallery 1.3.x1.4 - Remote Global Variable Injection
Gallery 1.3.x1.4 - Remote Global Variable Injection source: https://www.securityfocus.com/bid/9490/info It has been reported that Gallery is prone to a vulnerability that may allow a remote attacker to gain unauthorized access by overwriting various values for global variables. The issue occurs d...
Solaris 8.0 LPD - Command Execution (Metasploit)
Solaris 8.0 LPD - Command Execution Metasploit $Id$ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/...
Yamaha MidiPlug 1.1 b-j MidiPlug - Local Buffer Overflow
Yamaha MidiPlug 1.1 b-j MidiPlug - Local Buffer Overflow // source: https://www.securityfocus.com/bid/760/info There is a buffer overflow in the MidiPlug that may allow arbitrary code to be executed on the local host. This overflow occurs if a long "Text" variable is specified within an EMBED tag...
HP System Event 1.2.9.0 - HPWMISVC Unquoted Service Path
HP System Event 1.2.9.0 - HPWMISVC Unquoted Service Path Exploit Title: HP System Event 1.2.9.0 - 'HPWMISVC' Unquoted Service Path Discovery by: Roberto Piña Discovery Date: 2020-02-14 Vendor Homepage:https://www8.hp.com/mx/es/home.html Software...
LearnDash WordPress LMS Plugin 3.1.2 - Reflective Cross-Site Scripting
LearnDash WordPress LMS Plugin 3.1.2 - Reflective Cross-Site Scripting Exploit Title: LearnDash WordPress LMS Plugin 3.1.2 - Reflective Cross-Site Scripting Date: 2020-01-14 Vendor Homepage: https://www.learndash.com Vendor Changelog: https://learndash.releasenotes.io/release/uCskc-version-312...
PHP 7.0 7.4 (Unix) - debug_backtrace disable_functions Bypass
PHP 7.0 7.4 Unix - debugbacktrace disablefunctions Bypass a; $backtrace = new Exception-getTrace; ; if!isset$backtrace1'args' PHP = 7.4 $backtrace = debugbacktrace; class Helper public $a, $b, $c, $d; function str2ptr&$str, $p = 0, $s = 8 $address = 0; for$j = $s-1; $j = 0; $j-- $address = 8;...
Microsoft SharePoint - Deserialization Remote Code Execution
Microsoft SharePoint - Deserialization Remote Code Execution !/usr/bin/env python3 -- coding: utf-8 -- import requests import sys from xml.sax.saxutils import escape from lxml import html import codecs import readline from clint.arguments import Args import signal def serializecommandcmd: total =...
Advanced System Repair Pro 1.9.1.7 - Insecure File Permissions
Advanced System Repair Pro 1.9.1.7 - Insecure File Permissions Exploit Title: Advanced System Repair Pro 1.9.1.7 - Insecure File Permissions Exploit Author: ZwX Exploit Date: 2020-01-12 Vendor Homepage : https://advancedsystemrepair.com/ Software Link:...
ASTPP VoIP 4.0.1 - Remote Code Execution
ASTPP VoIP 4.0.1 - Remote Code Execution Exploit Title: ASTPP VoIP 4.0.1 - Remote Code Execution Date: 2019-11-18 Exploit Author: Fabien AUNAY Vendor Homepage: https://www.astppbilling.org/ Software Link: https://github.com/iNextrix/ASTPP/tree/v4.0.1 Version: 4.0.1 vendor default setup script...
NetworkSleuth 3.0.0.0 - Key Denial of Service (PoC)
NetworkSleuth 3.0.0.0 - Key Denial of Service PoC Exploit Title: NetworkSleuth 3.0.0.0 - 'Key' Denial of Service PoC Exploit Author : Ismail Tasdelen Exploit Date: 2020-01-06 Vendor Homepage : http://www.nsauditor.com/ Link Software : http://www.nsauditor.com/downloads/networksleuthsetup.exe Test...
HomeAutomation 3.3.2 - Cross-Site Request Forgery (Add Admin)
HomeAutomation 3.3.2 - Cross-Site Request Forgery Add Admin Exploit: HomeAutomation 3.3.2 - Cross-Site Request Forgery Add Admin Date: 2019-12-30 Author: LiquidWorm Vendor: Tom Rosenback and Daniel Malmgren Product web page: http://karpero.mine.nu/ha/ Affected version: 3.3.2 Tested on:...
iSmartViewPro 1.3.34 - Denial of Service (PoC)
iSmartViewPro 1.3.34 - Denial of Service PoC Exploit Title: iSmartViewPro 1.3.34 - Denial of Service PoC Discovery by: Ivan Marmolejo Discovery Date: 2019 -11-16 Vendor Homepage: http://www.smarteyegroup.com/ Software Link: https://apps.apple.com/mx/app/ismartviewpro/id834791071 Tested Version:...
Open Proficy HMI-SCADA 5.0.0.25920 - Password Denial of Service (PoC)
Open Proficy HMI-SCADA 5.0.0.25920 - Password Denial of Service PoC Exploit Title: Open Proficy HMI-SCADA 5.0.0.25920 - 'Password' Denial of Service PoC Discovery by: Luis Martinez Discovery Date: 2019-11-16 Vendor Homepage: https://apps.apple.com/us/app/proficyscada/id525792142 Software Link: Ap...
Technicolor TC7300.B0 - hostname Persistent Cross-Site Scripting
Technicolor TC7300.B0 - hostname Persistent Cross-Site Scripting Exploit Title: Technicolor TC7300.B0 - 'hostname' Persistent Cross-Site Scripting Google Dork: N/A Date: 2019-11-11 Exploit Author: Luis Stefan Vendor Homepage: https://www.technicolor.com/ Software Link: N/A Version: TC7300.B0 -...
Smartwares HOME easy 1.0.9 - Client-Side Authentication Bypass
Smartwares HOME easy 1.0.9 - Client-Side Authentication Bypass Exploit Title: Smartwares HOME easy 1.0.9 - Client-Side Authentication Bypass Author: LiquidWorm Date: 2019-11-05 Vendor: Smartwares Product web page: https://www.smartwares.eu Affected version: =1.0.9 Advisory ID: ZSL-2019-5540...
QNAP NetBak Replicator 4.5.6.0607 - QVssService Unquoted Service Path
QNAP NetBak Replicator 4.5.6.0607 - QVssService Unquoted Service Path Exploit Title: QNAP NetBak Replicator 4.5.6.0607 - 'QVssService' Unquoted Service Path Discovery Date: 2019-11-05 Exploit Author: Ivan Marmolejo Vendor Homepage: https://www.qnap.com/en/ Software Link:...
DESKTOP-NQLQSKD
A Remote Browser's Agent XSS is a piece of software that allows a remote "operator" to control a browser as if he has physical access to that system. While desktop sharing and remote administration have many legal uses, "XSS" software is usually associated with criminal or malicious activity...
LSoft ListServ 16.5-2018a - Cross-Site Scripting
LSoft ListServ 16.5-2018a - Cross-Site Scripting Exploit Title: LSoft ListServ 2. http://127.0.0.1/scripts/wa.exe?OK= References: 1. http://www.lsoft.com/manuals/16.5/LISTSERV16.5-2018aWhatsNew.pdf 2. https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15501...
Amcrest Cameras 2.520.AC00.18.R - Unauthenticated Audio Streaming
Amcrest Cameras 2.520.AC00.18.R - Unauthenticated Audio Streaming Exploit Title: Unauthenticated Audio Streaming from Amcrest Camera Shodan Dork: html:"@WebVersion@" Date: 08/29/2019 Exploit Author: Jacob Baines Vendor Homepage: https://amcrest.com/ Software Link:...
Microsoft DirectWrite AFDKO - Stack Corruption in OpenType Font Handling While Processing CFF Blend DICT Operator
Microsoft DirectWrite AFDKO - Stack Corruption in OpenType Font Handling While Processing CFF Blend DICT Operator -----===== Background =====----- AFDKO Adobe Font Development Kit for OpenType is a set of tools for examining, modifying and building fonts. The core part of this toolset is a font...
OrientDB 3.0.17 GA Community Edition - Cross-Site Request Forgery Cross-Site Scripting
OrientDB 3.0.17 GA Community Edition - Cross-Site Request Forgery Cross-Site Scripting Exploit Title: OrientDB 3.0.17 GA Community Edition March 7th, 2019 | Multiple Vulnerabilities Date: 07.03.2019 Exploit Author: Ozer Goker Vendor Homepage: https://orientdb.org Software Link:...
osCommerce 2.3.4.1 - products_id SQL Injection
osCommerce 2.3.4.1 - productsid SQL Injection Exploit Title: osCommerce 2.3.4.1 - 'productsid' SQL Vulnerabilities Dork: N/A Date: 05-02-2019 Exploit Author: Mehmet EMIROGLU Vendor Homepage: https://www.oscommerce.com Software Link: https://www.oscommerce.com/Products Version: 2.3.4.1 Category:...
SuiteCRM 7.10.7 - parentTab SQL Injection
SuiteCRM 7.10.7 - parentTab SQL Injection Exploit Title: SuiteCRM 7.10.7 - 'parentTab' SQL Vulnerabilities Dork: N/A Date: 03-02-2019 Exploit Author: Mehmet EMIROGLU Vendor Homepage: https://suitecrm.com/ Software Link: https://suitecrm.com/download/ Version: 7.10.7 Category: Webapps Tested on:...
CyberArk 9.7 - Memory Disclosure
CyberArk 9.7 - Memory Disclosure Exploit Title: CyberArk 9.7 - Memory Disclosure Date: 2018-06-04 Exploit Author: Thomas Zuk @Freakazoidile Vendor Homepage: https://www.cyberark.com/products/privileged-account-security-solution/enterprise-password-vault/ Version: 9.7 and 10 Tested on: Windows 200...
Maitra Mail Tracking System 1.7.2 - SQL Injection Database File Download
Maitra Mail Tracking System 1.7.2 - SQL Injection Database File Download Exploit Title: Maitra - Mail Tracking System 1.7.2 - SQL Injection / Database File Download Dork: N/A Date: 2018-11-11 Exploit Author: Ihsan Sencan Vendor Homepage: http://salzertechnologies.com/ Software Link:...
Apple iOSmacOS - Kernel Memory Corruption due to Integer Overflow in IOHIDResourceQueue::enqueueReport
Apple iOSmacOS - Kernel Memory Corruption due to Integer Overflow in IOHIDResourceQueue::enqueueReport / IOHIDResourceQueue inherits from IOSharedDataQueue and adds its own ::enqueueReport method, which seems to be mostly copy-pasted from IOSharedDataQueue and IODataQueue's ::enqueue methods. I...
Advanced HRM 1.6 - Remote Code Execution
Advanced HRM 1.6 - Remote Code Execution Exploit Title: Advanced HRM 1.6 - Remote Code Execution Google Dork: intext:"Advanced HRM" Date: 2018-10-06 Exploit Author: Renos Nikolaou Vendor Homepage: https://coderpixel.com/ Software Link: https://codecanyon.net/item/advanced-hrm/17767006 Version: 1....
OpenEMR 5.0.1.3 - (Authenticated) Arbitrary File Actions
OpenEMR 5.0.1.3 - Authenticated Arbitrary File Actions Exploit Title: OpenEMR 5.0.1.3 - Arbitrary File Actions Date: 2018-08-14 Exploit Author: Joshua Fam Twitter : @Insecurity Vendor Homepage: https://www.open-emr.org/ Software Link: https://github.com/openemr/openemr/archive/v5013.tar.gz Versio...
Online Trade - Information Disclosure
Online Trade - Information Disclosure Exploit Title: Online Trade 1 - Information Disclosure Date: 2018-07-03 Exploit Author: L0RD Vendor Homepage: https://codecanyon.net/item/online-trade-online-forex-and-cryptocurrency-investment-system/21987193?srank=14 CVE: CVE-2018-12908 Version: 1 Tested on...
HPE VAN SDN 2.7.18.0503 - Remote Root
HPE VAN SDN 2.7.18.0503 - Remote Root ''' -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 KL-001-2018-008 : HPE VAN SDN Unauthenticated Remote Root Vulnerability Title: HPE VAN SDN Unauthenticated Remote Root Vulnerability Advisory ID: KL-001-2018-008 Publication Date: 2018.06.25 Publication URL:...
Foxit Reader 9.0.1.1049 - Remote Code Execution
Foxit Reader 9.0.1.1049 - Remote Code Execution %PDF 1 0 obj 2 0 obj /S /JavaScript /JS / Foxit Reader Remote Code Execution Exploit ========================================== Written by: Steven Seeley mrme of Source Incite Date: 22/06/2018 Technical details:...
WebKitGTK+ 2.21.3 - Crash (PoC)
WebKitGTK+ 2.21.3 - Crash PoC Title: WebKitGTK+ win = window.open"sleeponesecond.php", "WIN"; window.open"https://www.paypal.com", "WIN"; win.document.execCommand'Stop'; win.document.write"Spoofed URL"; win.document.close; Backtrace using fedora 27: 0 WTF::StringImpl::rawHash at...
Brother HL Series Printers 1.15 - Cross-Site Scripting
Brother HL Series Printers 1.15 - Cross-Site Scripting Exploit Title: XSS at Brother HL series printers Date: 30.05.2018 Exploit Author: Huy Kha Vendor Homepage: http://support.brother.com Software Link: Website Version: Brother HL series printers. Tested on: Mozilla FireFox Reflected XSS Payload...
Oracle WebCenter Sites 11.1.1.8.012.2.1.x - Cross-Site Scripting
Oracle WebCenter Sites 11.1.1.8.012.2.1.x - Cross-Site Scripting Exploit Title: Multiple XSS Oracle WebCenter Sites FatWire Content Server 7.x 11gR1 Dork: inurl:Satellite?c Date: 18.12.201 Exploit Author: Richard Alviarez Vendor Homepage: http://oracle.com Version: 7.x 11gR1 CVE: CVE-2018-2791...
Dell EMC Avamar and Integrated Data Protection Appliance Installation Manager - Invalid Access Control
Dell EMC Avamar and Integrated Data Protection Appliance Installation Manager - Invalid Access Control Exploit Title: Dell EMC Avamar and Integrated Data Protection Appliance Installation Manager Missing Access Control Vulnerability DSA-2018-025 Date: 24/11/2017 Exploit Author: SlidingWindow Vend...