41207 matches found
Nsauditor 3.1.8.0 - Key Denial of Service (PoC)
Nsauditor 3.1.8.0 - Key Denial of Service PoC Exploit Title: Nsauditor 3.1.8.0 - 'Key' Denial of Service PoC Discovery by: SajjadBnd Date: 2019-11-30 Vendor Homepage: http://www.nsauditor.com Software Link: http://www.nsauditor.com/downloads/nsauditorsetup.exe Tested Version: 3.1.8.0 Vulnerabilit...
Max Secure Anti Virus Plus 19.0.4.020 - Insecure File Permissions
Max Secure Anti Virus Plus 19.0.4.020 - Insecure File Permissions Exploit Title: Max Secure Anti Virus Plus 19.0.4.020 - Insecure File Permissions Discovery by: hyp3rlinx Date: 2019-12-02 Vendor Homepage: www.maxpcsecure.com Tested Version: 19.0.4.020 CVE: N/A + Credits: John Page aka hyp3rlinx +...
SmartHouse Webapp 6.5.33 - Cross-Site Request Forgery
SmartHouse Webapp 6.5.33 - Cross-Site Request Forgery Exploit Title: SmartHouse Webapp 6.5.33 - Cross-Site Request Forgery Discovery by: LiquidWorm Date: 2019-12-02 Vendor Homepage: Tested Version: 6.5.33.17072501 CVE: N/A Advisory ID: ZSL-2019-5543 Advisory URL:...
Visual Studio 2008 - XML External Entity Injection
Visual Studio 2008 - XML External Entity Injection Exploit Title: Visual Studio 2008 - XML External Entity Injection Discovery by: hyp3rlinx Date: 2019-12-02 Vendor Homepage: www.microsoft.com Software Link: Visual Studio 2008 Express IDE Tested Version: 2008 CVE: N/A + Credits: John Page aka...
Anviz CrossChex 4.3.12 - Local Buffer Overflow
Anviz CrossChex 4.3.12 - Local Buffer Overflow Exploit Title: Anviz CrossChex 4.3.12 - Local Buffer Overflow Date: 2019-11-30 Exploit Author: Luis Catarino & Pedro Rodrigues Vendor Homepage: https://www.anviz.com/ Software Link: https://www.anviz.com/download.html Version: Crosschex Standard x86 ...
Nsauditor 3.1.8.0 - Name Denial of Service (PoC)
Nsauditor 3.1.8.0 - Name Denial of Service PoC Exploit Title: Nsauditor 3.1.8.0 - 'Name' Denial of Service PoC Discovery by: SajjadBnd Date: 2019-11-30 Vendor Homepage: http://www.nsauditor.com Software Link: http://www.nsauditor.com/downloads/nsauditorsetup.exe Tested Version: 3.1.8.0...
Dokuwiki 2018-04-22b - Username Enumeration
Dokuwiki 2018-04-22b - Username Enumeration Exploit Title: Dokuwiki 2018-04-22b - Username Enumeration Date: 2019-12-01 Exploit Author: Talha ŞEN Vendor Homepage: https://www.dokuwiki.org/dokuwiki Software Link: https://download.dokuwiki.org/ Version: 2018-04-22b "Greebo" Tested on: Alpine Linux...
Microsoft Excel 2016 1901 - XML External Entity Injection
Microsoft Excel 2016 1901 - XML External Entity Injection Exploit Title: Microsoft Excel 2016 1901 - XML External Entity Injection Discovery by: hyp3rlinx Date: 2019-12-02 Vendor Homepage: www.microsoft.com Tested Version: 2016 v1901 CVE: N/A + Credits: John Page aka hyp3rlinx + Website:...
SpotAuditor 5.3.2 - Name Denial of Service
SpotAuditor 5.3.2 - Name Denial of Service Exploit Title: SpotAuditor 5.3.2 - 'Name' Denial Of Service Exploit Author : ZwX Exploit Date: 2019-11-28 Vendor Homepage : http://www.nsauditor.com/ Link Software : http://spotauditor.nsauditor.com/downloads/spotauditorsetup.exe Tested on OS: Windows 7...
Online Inventory Manager 3.2 - Persistent Cross-Site Scripting
Online Inventory Manager 3.2 - Persistent Cross-Site Scripting Exploit Title: Online Inventory Manager 3.2 - Persistent Cross-Site Scripting Date: 2019-11-29 Exploit Author: Cemal Cihad ÇİFTÇİ Vendor Homepage: https://bigprof.com Software Link :...
TexasSoft CyberPlanet 6.4.131 - CCSrvProxy Unquoted Service Path
TexasSoft CyberPlanet 6.4.131 - CCSrvProxy Unquoted Service Path Exploit Title: TexasSoft CyberPlanet 6.4.131 - 'CCSrvProxy' Unquoted Service Path Date: 2019-11-28 Exploit Author: Cristian Ayala G Vendor Homepage: https://tenaxsoft.com/index.html Software Link: https://tenaxsoft.com/descargas.htm...
Bash 5.0 Patch 11 - SUID Priv Drop Exploit
Bash 5.0 Patch 11 - SUID Priv Drop Exploit Exploit Title : Bash 5.0 Patch 11 - SUID Priv Drop Exploit Date : 2019-11-29 Original Author: Ian Pudney , Chet Ramey Exploit Author : Mohin Paramasivam Shad0wQu35t Version : pwn.c cat pwn.c include...
SpotAuditor 5.3.2 - Key Denial of Service
SpotAuditor 5.3.2 - Key Denial of Service Exploit Title: SpotAuditor 5.3.2 - 'Key' Denial of Service Exploit Author : ZwX Exploit Date: 2019-11-28 Vendor Homepage : http://www.nsauditor.com/ Link Software : http://spotauditor.nsauditor.com/downloads/spotauditorsetup.exe Tested on OS: Windows 7...
GHIA CamIP 1.2 for iOS - Password Denial of Service (PoC)
GHIA CamIP 1.2 for iOS - Password Denial of Service PoC Exploit Title: GHIA CamIP 1.2 for iOS - 'Password' Denial of Service PoC Discovery by: Ivan Marmolejo Discovery Date: 2019-11-27 Vendor Homepage: https://apps.apple.com/mx/app/ghia-camip/id1342090963 Software Link: App Store for iOS devices...
Mersive Solstice 2.8.0 - Remote Code Execution
Mersive Solstice 2.8.0 - Remote Code Execution Exploit Title: Mersive Solstice 2.8.0 - Remote Code Execution Google Dork: N/A Date: 2016-12-23 Exploit Author: Alexandre Teyar Vendor Homepage: https://www2.mersive.com/ Firmware Link:...
WordPress Core 5.3 - User Disclosure
WordPress Core 5.3 - User Disclosure Exploit Title : Wordpress 5.3 - User Disclosure Author: SajjadBnd Date: 2019-11-17 Software Link: https://wordpress.org/download/ version : wp ' vuln = url + "/wp-json/wp/v2/users/" while True: try: r = requests.getvuln,verify=False content = json.loadsr.text...
SpotAuditor 5.3.2 - Base64 Denial Of Service (PoC)
SpotAuditor 5.3.2 - Base64 Denial Of Service PoC Exploit Title: SpotAuditor 5.3.2 - 'Base64' Denial Of Service PoC Exploit Author : ZwX Exploit Date: 2019-11-26 Vendor Homepage : http://www.nsauditor.com/ Link Software : http://spotauditor.nsauditor.com/downloads/spotauditorsetup.exe Tested on OS...
Microsoft DirectX SDK 2010 - .PIXrun Denial Of Service (PoC)
Microsoft DirectX SDK 2010 - .PIXrun Denial Of Service PoC Exploit Title: Microsoft DirectX SDK 2010 - '.PIXrun' Denial Of Service PoC Exploit Author : ZwX Exploit Date: 2019-11-26 Vendor Homepage : https://www.microsoft.com/ Link Software :...
InduSoft Web Studio 8.1 SP1 - _Atributos_ Denial of Service (PoC)
InduSoft Web Studio 8.1 SP1 - Atributos Denial of Service PoC Exploit Title: InduSoft Web Studio 8.1 SP1 - "Atributos" Denial of Service PoC Discovery by: chuyreds Discovery Date: 2019-11-23 Vendor Homepage: http://www.indusoft.com/ Software Link : http://www.indusoft.com/Products-Downloads Teste...
iNetTools for iOS 8.20 - Whois Denial of Service (PoC)
iNetTools for iOS 8.20 - Whois Denial of Service PoC Exploit Title: iNetTools for iOS 8.20 - 'Whois' Denial of Service PoC Discovery by: Ivan Marmolejo Discovery Date: 2019-11-25 Vendor Homepage: https://apps.apple.com/mx/app/inettools-ping-dns-port-scan/id561659975 Software Link: App Store for i...
Waves MaxxAudio Drivers 1.1.6.0 - WavesSysSvc64 Unquoted Service Path
Waves MaxxAudio Drivers 1.1.6.0 - WavesSysSvc64 Unquoted Service Path Exploit Title: Waves MaxxAudio Drivers 1.1.6.0 - 'WavesSysSvc64' Unquoted Service Path Discovery by: Luis Martinez Discovery Date: 2019-11-24 Vendor Homepage: https://www.dell.com/ Software Link :...
SMPlayer 19.5.0 - Denial of Service (PoC)
SMPlayer 19.5.0 - Denial of Service PoC Title : SMPlayer 19.5.0 - Denial of Service PoC Tested on : Windows 7 64 bit Vulnerable Software: SMPlayer v 19.5.0 Exploit Author: Malav Vyas Vendor Homepage: https://smplayer.info Version : 19.5.0 Software Link : https://smplayer.info/en/downloads POC run...
Easy-Hide-IP 5.0.0.3 - EasyRedirect Unquoted Service Path
Easy-Hide-IP 5.0.0.3 - EasyRedirect Unquoted Service Path Exploit Title: Easy-Hide-IP 5.0.0.3 - 'EasyRedirect' Unquoted Service Path Date: 2019-11-22 Exploit Author: Rene Cortes S Vendor Homepage: https://easy-hide-ip.com Software Link: https://easy-hide-ip.com Version: 5.0.0.3 Tested on: Windows...
Microsoft Windows AppXsvc Deployment Extension - Privilege Escalation
Microsoft Windows AppXsvc Deployment Extension - Privilege Escalation Exploit Title: Microsoft Windows AppXsvc Deployment Extension - Privilege Escalation Date: 2019-11-22 Exploit Author: Abdelhamid Naceri Vendor Homepage: www.microsoft.com Tested on: Windows 10 1903 CVE : CVE-2019-1385 Windows:...
InTouch Machine Edition 8.1 SP1 - Atributos Denial of Service (PoC)
InTouch Machine Edition 8.1 SP1 - Atributos Denial of Service PoC Exploit Title: InTouch Machine Edition 8.1 SP1 - 'Atributos' Denial of Service PoC Discovery by: chuyreds Discovery Date: 12019-11-16 Vendor Homepage: https://on.wonderware.com/ Software Link :...
macOS 10.14.6 - root-kernel Privilege Escalation via update_dyld_shared_cache
macOS 10.14.6 - root-kernel Privilege Escalation via updatedyldsharedcache Tested on macOS Mojave 10.14.6, 18G87 and Catalina Beta 10.15 Beta 19A536g. On macOS, the dyld shared cache in /private/var/db/dyld/ is generated locally on the system and therefore doesn't have a real code signature;...
ProShow Producer 9.0.3797 - (ScsiAccess) Unquoted Service Path
ProShow Producer 9.0.3797 - ScsiAccess Unquoted Service Path Exploit Title: ProShow Producer 9.0.3797 - 'ScsiAccess' Unquoted Service Path Exploit Author : ZwX Exploit Date: 2019-11-21 Vendor Homepage : http://www.photodex.com/ Link Software : http://files.photodex.com/release/pspro903797.exe...
LiteManager 4.5.0 - Insecure File Permissions
LiteManager 4.5.0 - Insecure File Permissions Exploit Title: LiteManager 4.5.0 - Insecure File Permissions Exploit Author: ZwX Exploit Date: 2019-11-21 Vendor Homepage : LiteManager Team Software Link: http://html.tucows.com/preview/1594042/LiteManager-Free?q=remote+support Tested on OS: Windows...
Internet Explorer - Use-After-Free in JScript Arguments During toJSON Callback
Internet Explorer - Use-After-Free in JScript Arguments During toJSON Callback There is a use-after-free issue in JSCript triggerable via Internet Explorer where the members of the 'arguments' object aren't tracked by the garbage collector during the 'toJSON' callback. Thus, during the 'toJSON'...
Network Management Card 6.2.0 - Host Header Injection
Network Management Card 6.2.0 - Host Header Injection Exploit Title: Network Management Card 6.2.0 - Host Header Injection Google Dork: Date: 2019-11-21 Exploit Author: Amal E Thamban,Kamal Paul Vendor Homepage: https://www.apc.com/in/en/ Software Link:...
TestLink 1.9.19 - Persistent Cross-Site Scripting
TestLink 1.9.19 - Persistent Cross-Site Scripting Exploit Title: TestLink 1.9.19 - Persistent Cross-Site Scripting Date: 2019-11-20 Exploit Author: Milad Khoshdel Software Link: http://testlink.org/ Version: TestLink 1.9.19 Tested on: Linux Apache/2 PHP/7.3.11 ========= Vulnerable Pages: ========...
GNU Mailutils 3.7 - Privilege Escalation
GNU Mailutils 3.7 - Privilege Escalation Exploit Title: GNU Mailutils 3.7 - Local Privilege Escalation Date: 2019-11-06 Exploit Author: Mike Gualtieri Vendor Homepage: https://mailutils.org/ Software Link: https://ftp.gnu.org/gnu/mailutils/mailutils-3.7.tar.gz Version: 2.0 = 3.7 Tested on: Gentoo...
Ubuntu 19.10 - Refcount Underflow and Type Confusion in shiftfs
Ubuntu 19.10 - Refcount Underflow and Type Confusion in shiftfs Tested on Ubuntu 19.10, kernel "5.3.0-19-generic 20-Ubuntu". Ubuntu ships a filesystem "shiftfs" in fs/shiftfs.c in the kernel tree that doesn't exist upstream. This filesystem can be mounted from user namespaces, meaning that this i...
Ubuntu 19.10 - ubuntu-aufs-modified mmap_region() Breaks Refcounting in overlayfsshiftfs Error Path
Ubuntu 19.10 - ubuntu-aufs-modified mmapregion Breaks Refcounting in overlayfsshiftfs Error Path Tested on 19.10. Ubuntu's aufs kernel patch includes the following change which I interestingly can't see in the AUFS code at https://github.com/sfjro/aufs5-linux/blob/master/mm/mmap.c:...
iOS 12.4 - Sandbox Escape due to Integer Overflow in mediaserverd
iOS 12.4 - Sandbox Escape due to Integer Overflow in mediaserverd mediaserverd has various media parsing responsibilities; its reachable from various sandboxes and is able to talk to interesting kernel drivers so is a valid target in an exploit chain. One of the services it vends is...
OpenNetAdmin 18.1.1 - Remote Code Execution
OpenNetAdmin 18.1.1 - Remote Code Execution Exploit Title: OpenNetAdmin 18.1.1 - Remote Code Execution Date: 2019-11-19 Exploit Author: mattpascoe Vendor Homepage: http://opennetadmin.com/ Software Link: https://github.com/opennetadmin/ona Version: v18.1.1 Tested on: Linux Exploit Title:...
Centova Cast 3.2.12 - Denial of Service (PoC)
Centova Cast 3.2.12 - Denial of Service PoC Exploit Title: Centova Cast 3.2.12 - Denial of Service PoC Date: 2019-11-18 Exploit Author: DroidU Vendor Homepage: https://centova.com Affected Version: =v3.2.12 Tested on: Debian 9, CentOS 7 =============================================== The Centova...
XMedia Recode 3.4.8.6 - .m3u Denial Of Service
XMedia Recode 3.4.8.6 - .m3u Denial Of Service Exploit Title: XMedia Recode 3.4.8.6 - '.m3u' Denial Of Service Exploit Author : ZwX Exploit Date: 2019-11-18 Vendor Homepage : https://www.xmedia-recode.de/ Link Software : https://www.xmedia-recode.de/download.php Tested on OS: Windows 7 Social:...
Microsoft Windows 7 (x86) - BlueKeep Remote Desktop Protocol (RDP) Remote Windows Kernel Use After Free
Microsoft Windows 7 x86 - BlueKeep Remote Desktop Protocol RDP Remote Windows Kernel Use After Free EDB Note: Download https://github.com/offensive-security/exploitdb-bin-sploits/raw/master/bin-sploits/47683.zip import rdp import socket import binascii import time def poolsprays, crypter, payload...
Studio 5000 Logix Designer 30.01.00 - FactoryTalk Activation Service Unquoted Service Path
Studio 5000 Logix Designer 30.01.00 - FactoryTalk Activation Service Unquoted Service Path Exploit Title: Studio 5000 Logix Designer 30.01.00 - 'FactoryTalk Activation Service' Unquoted Service Path Discovery by: Luis Martinez Discovery Date: 2019-11-18 Vendor Homepage:...
BartVPN 1.2.2 - BartVPNService Unquoted Service Path
BartVPN 1.2.2 - BartVPNService Unquoted Service Path Exploit Title: BartVPN 1.2.2 - 'BartVPNService' Unquoted Service Path Exploit Author : ZwX Exploit Date: 2019-11-18 Vendor Homepage : https://www.filehorse.com/ Link Software : https://www.filehorse.com/download-bartvpn/ Tested on OS: Windows 7...
scadaApp for iOS 1.1.4.0 - Servername Denial of Service (PoC)
scadaApp for iOS 1.1.4.0 - Servername Denial of Service PoC Exploit Title: scadaApp for iOS 1.1.4.0 - 'Servername' Denial of Service PoC Discovery by: Luis Martinez Discovery Date: 2019-11-18 Vendor Homepage: https://apps.apple.com/ca/app/scadaapp/id1206266634 Software Link: App Store for iOS...
ipPulse 1.92 - Enter Key Denial of Service (PoC)
ipPulse 1.92 - Enter Key Denial of Service PoC Exploit Title: ipPulse 1.92 - 'Enter Key' Denial of Service PoC Discovery by: Diego Buztamante Discovery Date: 2019-11-18 Vendor Homepage: https://www.netscantools.com/ippulseinfo.html Software Link : http://download.netscantools.com/ipls192.zip Test...
MobileGo 8.5.0 - Insecure File Permissions
MobileGo 8.5.0 - Insecure File Permissions Exploit Title: MobileGo 8.5.0 - Insecure File Permissions Exploit Author: ZwX Exploit Date: 2019-11-15 Vendor Homepage : https://www.wondershare.net/ Software Link: https://www.wondershare.net/mobilego/ Tested on OS: Windows 7 Proof of Concept PoC:...
nipper-ng 0.11.10 - Remote Buffer Overflow (PoC)
nipper-ng 0.11.10 - Remote Buffer Overflow PoC Exploit Title: nipper-ng 0.11.10 - Remote Buffer Overflow PoC Date: 2019-10-20 Exploit Author: Guy Levin https://blog.vastart.dev Vendor Homepage: https://tools.kali.org/reporting-tools/nipper-ng Software Link:...
Lexmark Services Monitor 2.27.4.0.39 - Directory Traversal
Lexmark Services Monitor 2.27.4.0.39 - Directory Traversal Exploit Title: Lexmark Services Monitor 2.27.4.0.39 - Directory Traversal Google Dork: N/A Date: 2019-11-15 Exploit Author: Kevin Randall Vendor Homepage: https://www.lexmark.com/enus.html Software Link:...
TemaTres 3.0 - Cross-Site Request Forgery (Add Admin)
TemaTres 3.0 - Cross-Site Request Forgery Add Admin Exploit Title: TemaTres 3.0 — Cross-Site Request Forgery Add Admin Author: Pablo Santiago Date: 2019-11-14 Vendor Homepage: https://www.vocabularyserver.com/ Source:...
TemaTres 3.0 - value Persistent Cross-site Scripting
TemaTres 3.0 - value Persistent Cross-site Scripting Exploit Title: TemaTres 3.0 - 'value' Persistent Cross-site Scripting Author: Pablo Santiago Date: 2019-11-14 Vendor Homepage: https://www.vocabularyserver.com/ Source:...
ASUS HM Com Service 1.00.31 - asHMComSvc Unquoted Service Path
ASUS HM Com Service 1.00.31 - asHMComSvc Unquoted Service Path Exploit Title: ASUS HM Com Service 1.00.31 - 'asHMComSvc' Unquoted Service Path Date: 2019-11-16 Exploit Author : Olimpia Saucedo Vendor Homepage: www.asus.com Version: 1.00.31 Tested on: Windows 10 Pro x64 but it should works on all...
Emerson PAC Machine Edition 9.70 Build 8595 - FxControlRuntime Unquoted Service Path
Emerson PAC Machine Edition 9.70 Build 8595 - FxControlRuntime Unquoted Service Path Exploit Title: Emerson PAC Machine Edition 9.70 Build 8595 - 'FxControlRuntime' Unquoted Service Path Discovery by: Luis Martinez Discovery Date: 2019-11-17 Vendor Homepage: https://www.emerson.com/en-us Software...