41207 matches found
Microsoft Windows 10 (x86x64) - WLAN AutoConfig Denial of Service (PoC)
Microsoft Windows 10 x86x64 - WLAN AutoConfig Denial of Service PoC !/usr/bin/python wlanautoconfig-poc.py Windows WLAN AutoConfig Named Pipe POC Jeremy Brown jbrown3264/gmail Dec 2016 wifinetworkmanager.dll!FatalErrorchar const ,unsigned long,char const , ... AsyncPipe::ReadCompletedCallbackvoid...
SweetRice 1.5.1 - Cross-Site Request Forgery PHP Code Execution
SweetRice 1.5.1 - Cross-Site Request Forgery PHP Code Execution Hacked '; phpinfo; Code You Can Customize Exploit For Your Self . Exploit : -- Hacked '; phpinfo;? /textarea...
InfraPower PPS-02-S Q213V1 - Local File Disclosure
InfraPower PPS-02-S Q213V1 - Local File Disclosure InfraPower PPS-02-S Q213V1 Local File Disclosure Vulnerability Vendor: Austin Hughes Electronics Ltd. Product web page: http://www.austin-hughes.com Affected version: Q213V1 Firmware: V2395S Fixed version: Q216V3 Firmware: IPD-02-FW-v03 Summary:...
InfraPower PPS-02-S Q213V1 - Cross-Site Request Forgery
InfraPower PPS-02-S Q213V1 - Cross-Site Request Forgery InfraPower PPS-02-S Q213V1 Cross-Site Request Forgery Vendor: Austin Hughes Electronics Ltd. Product web page: http://www.austin-hughes.com Affected version: Q213V1 Firmware: V2395S Summary: InfraPower Manager PPS-02-S is a FREE built-in GUI...
Industrial Secure Routers EDR-810 EDR-G902 EDR-G903 - Insecure Configuration Management
Industrial Secure Routers EDR-810 EDR-G902 EDR-G903 - Insecure Configuration Management Title: Industrial Secure Routers - Insecure Configuration Management Type: Local/Remote Author: Nassim Asrir Author Company: HenceForth Impact: Insecure Configuration Management Risk: 4/5 Release Date:...
Advance MLM Script - SQL Injection
Advance MLM Script - SQL Injection x========================================================================================================================================x | Title : Advance MLM Script SQL Vulnerabilities | Software : Advance MLM Script | Vendor : http://www.i-netsolution.com/ |...
Cisco Firepower Threat Management Console 6.0.1 - Local File Inclusion
Cisco Firepower Threat Management Console 6.0.1 - Local File Inclusion KL-001-2016-006 : Cisco Firepower Threat Management Console Local File Inclusion Title: Cisco Firepower Threat Management Console Local File Inclusion Advisory ID: KL-001-2016-006 Publication Date: 2016.10.05 Publication URL:...
Mambo 4.5.4 - SQL Injection
Mambo 4.5.4 - SQL Injection Mambo SQL Injection Vendor: Miro International Pty Ltd Product: Mambo Version: = 4.5.4 Website: http://www.mamboserver.com/ BID: 20366 OSVDB: 50002 Description: Mambo is a popular Open Source Content Management System released under the GNU General Public license GNU...
Joomla! Component Portfolio Gallery 1.0.6 - SQL Injection
Joomla! Component Portfolio Gallery 1.0.6 - SQL Injection Title: Unauthenticated SQL Injection in Huge-IT Portfolio Gallery Joomla extension v1.0.6 Author: Larry W. Cashdollar, @larry0 Date: 2016-09-16 Download Site: http://huge-it.com/joomla-portfolio-gallery/ Vendor: huge-it.com Vendor Notified...
WIN-911 7.17.00 - Multiple Vulnerabilities
WIN-911 7.17.00 - Multiple Vulnerabilities Title: WIN-911 - Insecure File Permissions EoP CWE Class: CWE-276: Incorrect Default Permissions Date: 05/09/2016 Vendor: Win911 Product: WIN-911 Type: Alarm Notification Software Version: V7.17.00 Download URL: through Rockwell Automation downloads:...
Sony Playstation 4 (PS4) 3.15 3.55 - WebKit Code Execution (PoC)
Sony Playstation 4 PS4 3.15 3.55 - WebKit Code Execution PoC PS4 3.55 Unsigned Code Execution ============== This GitHub Repository contains all the necessary tools for getting PoC Unsigned Code Execution on a Sony PS4 System with firmwares 3.15, 3.50 and 3.55. This Exploit, is based-off Henkaku'...
SquirrelMail 1.4.7 - Arbitrary Variable Overwrite
SquirrelMail 1.4.7 - Arbitrary Variable Overwrite SquirrelMail Arbitrary Variable Overwrite Vendor: SquirrelMail Product: SquirrelMail Version: = 1.4.7 Website: http://www.squirrelmail.org BID: 19486 CVE: CVE-2006-4019 OSVDB: 27917 SECUNIA: 21354 Description: SquirrelMail is a standards-based...
Getsimple CMS 3.3.10 - Arbitrary File Upload
Getsimple CMS 3.3.10 - Arbitrary File Upload Exploit Title: Getsimple CMS 2. An attacker login to the admin page and uploading the backdoor 3. The uploaded file will be under the "/data/uploads/" folder Report Timeline ======================== 2016-06-23 : Vulnerability reported to...
Linux Kernel - ecryptfs proc$pidenviron Local Privilege Escalation
Linux Kernel - ecryptfs proc$pidenviron Local Privilege Escalation Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=836 Stacking filesystems, including ecryptfs, protect themselves against deep nesting, which would lead to kernel stack overflow, by tracking the recursion depth of...
Google Android - systembinsdcard Stack Buffer Overflow (PoC)
Google Android - systembinsdcard Stack Buffer Overflow PoC Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=798 Android: Stack-buffer-overflow in /system/bin/sdcard There's an integer overflow issue in getnodepathlocked, which results in a buffer overflow. For all of the calling...
Cisco EPC 3928 - Multiple Vulnerabilities
Cisco EPC 3928 - Multiple Vulnerabilities Title: Cisco EPC 3928 Multiple Vulnerabilities Vendor: http://www.cisco.com/ Vulnerable Versions: Cisco Model EPC3928 DOCSIS 3.0 8x4 Wireless Residential Gateway CVE References: CVE-2015-6401 / CVE-2015-6402 / CVE-2016-1328 / CVE-2016-1336 / CVE-2016-1337...
Operation Technology ETAP 14.1.0 - Local Privilege Escalation
Operation Technology ETAP 14.1.0 - Local Privilege Escalation Operation Technology ETAP 14.1.0 Local Privilege Escalation Vendor: Operation Technology, Inc. Product web page: http://www.etap.com Affected version: 14.1.0.0 Summary: Enterprise Software Solution for Electrical Power Systems. ETAP is...
PHP 7.0.5 - ZipArchive::getFrom* Integer Overflow
PHP 7.0.5 - ZipArchive::getFrom Integer Overflow Details ======= An integer wrap may occur in PHP 7.x before version 7.0.6 when reading zip files with the getFromIndex and getFromName methods of ZipArchive, resulting in a heap overflow. php-7.0.5/ext/zip/phpzip.c ,---- | 2679 static void...
TH692 Outdoor P2P HD Waterproof IP Camera - Hard-Coded Credentials
TH692 Outdoor P2P HD Waterproof IP Camera - Hard-Coded Credentials Exploit Title: TH692- Outdoor P2P HD Waterproof IP Camera hardcoded credentials Date: 4/16/2016 Exploit Author: DLY Vendor: TENVIS Technology Co., Ltd Product: TH692- Outdoor P2P HD Waterproof IP Camera Product webpage:...
Manage Engine Application Manager 12.5 - Arbitrary Command Execution
Manage Engine Application Manager 12.5 - Arbitrary Command Execution !C:/Python27/python.exe -u Applications Manager 12.5 Arbitrary Command Execution Exploit Vendor: Zoho Corporation Pvt. Ltd. Product web page: https://www.manageengine.com Affected version: 12.5 Summary: ManageEngine Applications...
iniNet SpiderControl SCADA Web Server Service 2.02 - Insecure File Permissions
iniNet SpiderControl SCADA Web Server Service 2.02 - Insecure File Permissions iniNet SpiderControl SCADA Web Server Service 2.02 Insecure File Permissions Vendor: iniNet Solutions GmbH Product web page: http://www.spidercontrol.net Affected version: 2.02.0000 Summary: Modular and automated...
OpenMRS 2.3 (1.11.4) - Multiple Cross-Site Scripting Vulnerabilities
OpenMRS 2.3 1.11.4 - Multiple Cross-Site Scripting Vulnerabilities OpenMRS 2.3 1.11.4 Multiple Cross-Site Scripting Vulnerabilities Vendor: OpenMRS Inc. Product web page: http://www.openmrs.org Affected version: OpenMRS 2.3, 2.2, 2.1, 2.0 Platform 1.11.4 Build 6ebcaf, 1.11.2 and 1.10.0 OpenMRS-TB...
RHEL 7.07.1 - abrtsosreport Local Privilege Escalation
RHEL 7.07.1 - abrtsosreport Local Privilege Escalation !/usr/bin/python CVE-2015-5287 ? abrt/sosreport RHEL 7.0/7.1 local root rebel 09/2015 user@localhost $ python sosreport-rhel7.py crashing pid 19143 waiting for dump directory dump directory: /var/tmp/abrt/ccpp-2015-11-30-19:41:13-19143 waitin...
PROLiNK H5004NK ADSL Wireless Modem - Multiple Vulnerabilities
PROLiNK H5004NK ADSL Wireless Modem - Multiple Vulnerabilities Exploit Title: PROLiNK H5004NK ADSL Wireless Modem Multiple Vulnerabilities Discovered by: Karn Ganeshen Reported on: October 13, 2015 Vendor Response: No process to handle vuln reports Vendor Homepage:...
ManageEngine OpManager 11.5 - Multiple Vulnerabilities
ManageEngine OpManager 11.5 - Multiple Vulnerabilities Exploit Title: ManageEngine OpManager multiple vulnerabilities Product: ManageEngine OpManager Vulnerable Versions: v11.5 and previous versions Tested Version: v11.5 Windows Advisory Publication: 14/09/2015 Vulnerability Type: hardcoded...
Magento eCommerce - Remote Code Execution
Magento eCommerce - Remote Code Execution Exploit Title : Magento Shoplift exploit SUPEE-5344 Author : Manish Kishan Tanwar AKA error1046 Date : 25/08/2015 Love to : zero cool,Team indishell,Mannu,Viki,Hardeep Singh,Jagriti,Kishan Singh and ritu rathi Debugged At : Indishell Laboriginally develop...
Microsoft Word - Local Machine Zone Code Execution (MS15-022)
Microsoft Word - Local Machine Zone Code Execution MS15-022 Exploit Title: Microsoft Word Local Machine Zone Remote Code Execution Vulnerability Date: July 15th, 2015 Exploit Author: Eduardo Braun Prado Vendor Homepage : http://www.microsoft.com Version: 2007 Tested on: Microsoft Windows XP, 2003...
Photoshop CC2014 Bridge CC 2014 - .png Parsing Memory Corruption
Photoshop CC2014 Bridge CC 2014 - .png Parsing Memory Corruption Application: Adobe Photoshop CC 2014 & Bridge CC 2014 Platforms: Windows Versions: The vulnerability is confirmed in version Photoshop CC 2014 and Bridge CC 2014. Secunia: PRL: 2015-08 Author: Francis Provencher Protek Research Lab’...
FiverrScript - Cross-Site Request Forgery (Add Admin)
FiverrScript - Cross-Site Request Forgery Add Admin Exploit Title: FiverrScript CSRF Vulnerability add New admin Author: Mahmoud Gamal @Zombiehelp54 Google Dork: intext:Powered by FiverrScript Date: 10/06/2015 Exploit Author: Scriptolution Vendor Homepage: http://scriptolution.com Software Link:...
HP WebInspect 10.4 - XML External Entity Injection
HP WebInspect 10.4 - XML External Entity Injection Exploit Title: HP WebInspect - XML External Entity Date: 23\04\2015 Exploit Author: Jakub Palaczynski Vendor Homepage: http://www.hp.com/ Version: 10.4, 10.3, 10.2, 10.1, 10.0, 9.x, 8.x, 7.x CVE : CVE-2015-2125 1. Create website that exploits...
Piwigo 2.7.3 - SQL Injection
Piwigo 2.7.3 - SQL Injection CVE-2015-1517 Piwigo - SQL Injection in Version 2.7.3 ---------------------------------------------------------------- Product Information: Software: Piwigo Tested Version: 2.7.3, released on 9 January 2015 Vulnerability Type: SQL Injection CWE-89 Download link:...
Publish-It 3.6d - Local Buffer Overflow (SEH)
Publish-It 3.6d - Local Buffer Overflow SEH !/usr/bin/python Title: Publish-It 3.6d - Buffer Overflow SEH Exploit Date: 2/16/15 Vulnerability: Discovery and PoC by Core Security http://www.exploit-db.com/exploits/31461/ Exploit Author: jakx Andrew Smith of Sword & Shield Enterprise Security Vendo...
IceCream Ebook Reader 1.41 - Crash (PoC)
IceCream Ebook Reader 1.41 - Crash PoC Exploit Title: Icecream Ebook Reader v1.41 .mobi/.prc Denial of Service Date: 23/01/2015 Exploit Author: Kapil Soni Twitter: @Haxinos Vendor Homepage: http://icecreamapps.com/ Version: Icecream Ebook Reader v1.41 Tested on: Windows XP SP2 Technical Details &...
WordPress Plugin Cart66 Lite eCommerce 1.5.1.17 - Blind SQL Injection
WordPress Plugin Cart66 Lite eCommerce 1.5.1.17 - Blind SQL Injection Exploit Title: Cart66 Lite WordPress Ecommerce 1.5.1.17 Blind SQL Injection Date: 29-10-2014 Exploit Author: Kacper Szurek - http://security.szurek.pl/ http://twitter.com/KacperSzurek Software Link:...
WebsiteBaker 2.8.3 - Multiple Vulnerabilities
WebsiteBaker 2.8.3 - Multiple Vulnerabilities ============================================= MGC ALERT 2014-004 - Original release date: March 11, 2014 - Last revised: November 18, 2014 - Discovered by: Manuel Garcia Cardenas - Severity: 10/10 CVSS Base Score...
Bash CGI - Shellshock Remote Command Injection (Metasploit)
Bash CGI - Shellshock Remote Command Injection Metasploit This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 'Shellshock Bashed CGI RCE', 'Description' = %q This module exploits the...
HP Laser Jet - JavaScript Persistent Cross-Site Scripting via PJL Directory Traversal
HP Laser Jet - JavaScript Persistent Cross-Site Scripting via PJL Directory Traversal !/usr/bin/perl use strict; use warnings; use IO::Socket::INET; my $host = $ARGV0; Exploit Title: HP Laser Jet Persistent Javascript Cross Site Scripting via PJL Google Dork: n/a Date: 4/22/14 Exploit Author:...
CubeCart 5.2.8 - Session Fixation
CubeCart 5.2.8 - Session Fixation Exploit Title: CubeCart 5.2.8 Session Fixation Exploit Author: James Sibley absane Blog: http://www.pentester.co Download link: http://www.cubecart.com/download/5.2.8/zip Discovery date: March 14th, 2014 Vendor notified: March 15th, 2014 Vendor fixed: April 10th,...
CA 2E Web Option 8.1.2 - Authentication Bypass
CA 2E Web Option 8.1.2 - Authentication Bypass Vulnerability title: Unauthenticated Privilege Escalation in CA 2E Web Option CVE: CVE-2014-1219 Vendor: CA Product: 2E Web Option Affected version: 8.1.2 Fixed version: N/A Reported by: Mike Emery Details: CA 2E Web Option r8.1.2 and potentially...
pChart 2.1.3 - Multiple Vulnerabilities
pChart 2.1.3 - Multiple Vulnerabilities Exploit Title: pChart 2.1.3 Directory Traversal and Reflected XSS Date: 2014-01-24 Exploit Author: Balazs Makany Vendor Homepage: www.pchart.net Software Link: www.pchart.net/download Google Dork: intitle:"pChart 2.x - examples" intext:"2.1.3" Version: 2.1....
PHPJabbers Event Booking Calendar 2.0 - Multiple Vulnerabilities
PHPJabbers Event Booking Calendar 2.0 - Multiple Vulnerabilities Event Booking Calendar V2.0 - Multiple Vulnerabilities ==================================================================== .:. Author : HackXBack .:. Contact : [email protected] .:. Home : http://www.iphobos.com/blog/ .:. Script :...
Photo Video Album Transfer 1.0 iOS - Multiple Vulnerabilities
Photo Video Album Transfer 1.0 iOS - Multiple Vulnerabilities Document Title: =============== Photo Video Album Transfer 1.0 iOS - Multiple Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1166 Release Date: ============= 2013-12-10...
GTX CMS 2013 Optima - SQL Injection
GTX CMS 2013 Optima - SQL Injection Document Title: =============== GTX CMS 2013 Optima - Multiple Web Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1124 Release Date: ============= 2013-10-29 Vulnerability Laboratory ID VL-ID:...
NETGEAR ProSafe - Information Disclosure
NETGEAR ProSafe - Information Disclosure !/usr/bin/python Netgear ProSafe - CVE-2013-4775 PoC written by Juan J. Guelfo @ Encripto AS [email protected] Copyright 2013 Encripto AS. All rights reserved. This software is licensed under the FreeBSD license. http://www.encripto.no/tools/license.php...
Bitbot (C2 Web Panel) - gate2.php Multiple Vulnerabilities
Bitbot C2 Web Panel - gate2.php Multiple Vulnerabilities Exploit Title: Bitbot C2 Panel gate2.php SQLi + XSS Date: 08/19/2013 Exploit Author: Brian Wallace bwall aka @botnethunter Software Link: https://sourceforge.net/p/flippingbitbot/wiki/Home/ Vulnerable Virtual Machine including Bitbot Tested...
Dell Kace 1000 SMA 5.4.70402 - Persistent Cross-Site Scripting
Dell Kace 1000 SMA 5.4.70402 - Persistent Cross-Site Scripting Title: ====== Dell Kace 1000 SMA v5.4.70402 - Persistent Vulnerabilities Date: ===== 2013-07-16 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=833 VL-ID: ===== 833 Common Vulnerability Scoring System:...
GLPI 0.83.8 - Multiple Vulnerabilities
GLPI 0.83.8 - Multiple Vulnerabilities GLPI v0.83.8 Multiple Error-based SQL Injection Vulnerabilities Vendor: INDEPNET Development Team Product web page: http://www.glpi-project.org Affected version: 0.83.7 and 0.83.8 Summary: GLPI, an initialism for Gestionnaire libre de parc informatique Free...
Microsoft Windows NT200020032008XPVista78 - EPATHOBJ Local Ring
Microsoft Windows NT200020032008XPVista78 - EPATHOBJ Local Ring ifndef WIN32NOSTATUS define WIN32NOSTATUS endif include include include include include ifdef WIN32NOSTATUS undef WIN32NOSTATUS endif include pragma commentlib, "gdi32" pragma commentlib, "kernel32" pragma commentlib, "user32" pragma...
Huawei SNMPv3 Service - Multiple Buffer Overflow Vulnerabilities (PoC)
Huawei SNMPv3 Service - Multiple Buffer Overflow Vulnerabilities PoC Multiple buffer overflows on Huawei SNMPv3 service ================================================== ADVISORY INFORMATION Title: Multiple buffer overflows on Huawei SNMPv3 service Discovery date: 11/02/2013 Release date:...
ircd-hybrid 8.0.5 - Denial of Service
ircd-hybrid 8.0.5 - Denial of Service !/usr/bin/perl ircd-hybrid remote denial of service exploit for CVE-2013-0238 quick and dirty h4x by kingcope tested against ircd-hybrid-8.0.5 centos6 please modify below in case of buggy code. enjoy! use Socket; srandtime; $exploitingnick = "hybExpl"...