41207 matches found
Centova Cast 3.2.11 - Arbitrary File Download
Centova Cast 3.2.11 - Arbitrary File Download Exploit Title: Centova Cast 3.2.11 - Arbitrary File Download Date: 2019-11-17 Exploit Author: DroidU Vendor Homepage: https://centova.com Affected Version: =v3.2.11 Tested on: Debian 9, CentOS 7 !/bin/bash if "$4" = "" then echo "Usage: $0...
Open Proficy HMI-SCADA 5.0.0.25920 - Password Denial of Service (PoC)
Open Proficy HMI-SCADA 5.0.0.25920 - Password Denial of Service PoC Exploit Title: Open Proficy HMI-SCADA 5.0.0.25920 - 'Password' Denial of Service PoC Discovery by: Luis Martinez Discovery Date: 2019-11-16 Vendor Homepage: https://apps.apple.com/us/app/proficyscada/id525792142 Software Link: Ap...
Foscam Video Management System 1.1.4.9 - Username Denial of Service (PoC)
Foscam Video Management System 1.1.4.9 - Username Denial of Service PoC Exploit Title: Foscam Video Management System 1.1.4.9 - 'Username' Denial of Service PoC Author: chuyreds Discovery Date: 2019-11-16 Vendor Homepage: https://www.foscam.es/ Software Link :...
NCP_Secure_Entry_Client 9.2 - Unquoted Service Paths
NCPSecureEntryClient 9.2 - Unquoted Service Paths Exploit Title: NCPSecureEntryClient 9.2 - Unquoted Service Paths Date: 2019-11-17 Exploit Author: Akif Mohamed Ik Vendor Homepage: http://software.ncp-e.com/ Software Link: http://software.ncp-e.com/NCPSecureEntryClient/Windows/9.2x/ Version: 9.2x...
iSmartViewPro 1.3.34 - Denial of Service (PoC)
iSmartViewPro 1.3.34 - Denial of Service PoC Exploit Title: iSmartViewPro 1.3.34 - Denial of Service PoC Discovery by: Ivan Marmolejo Discovery Date: 2019 -11-16 Vendor Homepage: http://www.smarteyegroup.com/ Software Link: https://apps.apple.com/mx/app/ismartviewpro/id834791071 Tested Version:...
Crystal Live HTTP Server 6.01 - Directory Traversal
Crystal Live HTTP Server 6.01 - Directory Traversal Title: Crystal Live HTTP Server 6.01 - Directory Traversal Date of found: 2019-11-17 Author: Numan Türle Vendor Homepage: https://www.genivia.com/ Version : Crystal Quality 6.01.x.x Software Link :...
Shrew Soft VPN Client 2.2.2 - iked Unquoted Service Path
Shrew Soft VPN Client 2.2.2 - iked Unquoted Service Path Exploit Title: Shrew Soft VPN Client 2.2.2 - 'iked' Unquoted Service Path Date: 2019-11-14 Exploit Author: D.Goedecke Vendor Homepage: www.shrew.net Software Link: https://www.shrew.net/download/vpn/vpn-client-2.2.2-release.exe Version: 2.2...
Siemens Desigo PX 6.00 - Denial of Service (PoC)
Siemens Desigo PX 6.00 - Denial of Service PoC Title: Siemens Desigo PX 6.00 - Denial of Service PoC Author: LiquidWorm Date: 2019-11-14 Vendor web page: https://www.siemens.com Product web page: https://new.siemens.com/global/en/products/buildings/automation/desigo.html Affected version:6.00...
Xfilesharing 2.5.1 - Arbitrary File Upload
Xfilesharing 2.5.1 - Arbitrary File Upload Exploit Title: Xfilesharing 2.5.1 - Arbitrary File Upload Google Dork: inurl:/?op=registration Date: 2019-11-4 Exploit Author: Noman Riffat Vendor Homepage: https://sibsoft.net/xfilesharing.html Version: Shell : http://xyz.com/cgi-bin/temp/joe/shell.php...
oXygen XML Editor 21.1.1 - XML External Entity Injection
oXygen XML Editor 21.1.1 - XML External Entity Injection Exploit Title: oXygen XML Editor 21.1.1 - XML External Entity Injection Author: Pablo Santiago Date: 2019-11-13 Vendor Homepage: https://www.oxygenxml.com/ Source:https://www.oxygenxml.com/xmleditor/downloadoxygenxmleditor.html Version:...
Microsoft Windows 10 Build 1803 1903 - COMahawk Local Privilege Escalation
Microsoft Windows 10 Build 1803 1903 - COMahawk Local Privilege Escalation EDB Note Download: - https://github.com/offensive-security/exploitdb-bin-sploits/raw/master/bin-sploits/47684-1.exe - https://github.com/offensive-security/exploitdb-bin-sploits/raw/master/bin-sploits/47684-2.zip COMahawk...
Technicolor TC7300.B0 - hostname Persistent Cross-Site Scripting
Technicolor TC7300.B0 - hostname Persistent Cross-Site Scripting Exploit Title: Technicolor TC7300.B0 - 'hostname' Persistent Cross-Site Scripting Google Dork: N/A Date: 2019-11-11 Exploit Author: Luis Stefan Vendor Homepage: https://www.technicolor.com/ Software Link: N/A Version: TC7300.B0 -...
Linear eMerge E3 1.00-06 - Remote Code Execution
Linear eMerge E3 1.00-06 - Remote Code Execution Title: Linear eMerge E3 1.00-06 - Remote Code Execution Author: LiquidWorm Date: 2019-11-13 Vendor Homepage: http://linear-solutions.com/nscfamily/e3-series/ Software Link: http://linear-solutions.com/nscfamily/e3-series/ Affected version: =2.3.0a...
FUDForum 3.0.9 - Remote Code Execution
FUDForum 3.0.9 - Remote Code Execution Exploit Title : FUDForum 3.0.9 - Remote Code Execution Date: 2019-10-26 Exploit Author: liquidsky JMcPeters Vulnerable Software: FUDForum 3.0.9 Vendor Homepage: https://sourceforge.net/projects/fudforum/ Version: 3.0.9 Software Link:...
ScanGuard Antivirus 2020 - Insecure Folder Permissions
ScanGuard Antivirus 2020 - Insecure Folder Permissions Exploit Title: ScanGuard Antivirus 2020 - Insecure Folder Permissions Date: 2019-10-10 Exploit Author: hyp3rlinx Vendor Homepage: https://www.scanguard.com/ Software Link: https://support.scanguard.com/en/kb/22/upgrades-available Version: 202...
Technicolor TD5130.2 - Remote Command Execution
Technicolor TD5130.2 - Remote Command Execution Exploit Title: Technicolor TD5130.2 - Remote Command Execution Date: 2019-11-12 Exploit Author: João Teles Vendor Homepage: https://www.technicolor.com/ Version: TD5130v2 Firmware Version: OIFwV20 CVE : CVE-2019-18396 --------------------------- POS...
Fastweb Fastgate 0.00.81 - Remote Code Execution
Fastweb Fastgate 0.00.81 - Remote Code Execution Exploit Title: Fastweb Fastgate 0.00.81 - Remote Code Execution Date: 2019-11-13 Exploit Author: Riccardo Gasparini Vendor Homepage: https://www.fastweb.it/ Software Link: http://59.0.121.191:8080/ACS-server/file/0.00.81FW200Askey only from Fastweb...
gSOAP 2.8 - Directory Traversal
gSOAP 2.8 - Directory Traversal Title: gSOAP 2.8 - Directory Traversal Author: Numan Türle Date: 2019-11-13 Vendor Homepage: https://www.genivia.com/ Version : gSOAP 2.8 Software Link : https://www.genivia.com/products.htmlgsoap POC --------- GET /../../../../../../../../../etc/passwd HTTP/1.1...
eMerge E3 1.00-06 - Arbitrary File Upload
eMerge E3 1.00-06 - Arbitrary File Upload Exploit Title: eMerge E3 1.00-06 - Arbitrary File Upload Google Dork: NA Date: 2018-11-11 Exploit Author: LiquidWorm Vendor Homepage: http://linear-solutions.com/nscfamily/e3-series/ Software Link: http://linear-solutions.com/nscfamily/e3-series/ Version:...
eMerge E3 1.00-06 - layout Reflected Cross-Site Scripting
eMerge E3 1.00-06 - layout Reflected Cross-Site Scripting Exploit Title: eMerge E3 1.00-06 - 'layout' Reflected Cross-Site Scripting Google Dork: NA Date: 2018-11-11 Exploit Author: LiquidWorm Vendor Homepage: http://linear-solutions.com/nscfamily/e3-series/ Software Link:...
Wondershare Application Framework Service - _WsAppService_ Unquote Service Path
Wondershare Application Framework Service - WsAppService Unquote Service Path Exploit Title: Wondershare Application Framework Service - "WsAppService" Unquote Service Path Google Dork: N/A Date: 2019-11-11 Exploit Author: chuyreds Vendor Homepage: https://www.wondershare.com/ Software Link:...
Acronis True Image OEM 19.0.5128 - afcdpsrv Unquoted Service Path
Acronis True Image OEM 19.0.5128 - afcdpsrv Unquoted Service Path Exploit Title: Acronis True Image OEM 19.0.5128 - 'afcdpsrv' Unquoted Service Path Date: 2019-11-11 Author: Alejandra Sánchez Vendor Homepage: https://www.acronis.com Software:...
Optergy 2.3.0a - Remote Code Execution (Backdoor)
Optergy 2.3.0a - Remote Code Execution Backdoor Title: Optergy 2.3.0a - Remote Code Execution Author: LiquidWorm Date: 2019-11-05 Vendor: https://optergy.com/ Product web page: https://optergy.com/products/ Affected version: \n' sys.exit while True: challengeurl =...
CBAS-Web 19.0.0 - Remote Code Execution
CBAS-Web 19.0.0 - Remote Code Execution Exploit Title: CBAS-Web 19.0.0 - Remote Code Execution Google Dork: NA Date: 2019-11-11 Exploit Author: LiquidWorm Vendor Homepage: https://www.computrols.com/capabilities-cbas-web/ Software Link: https://www.computrols.com/building-automation-software/...
Optergy 2.3.0a - Username Disclosure
Optergy 2.3.0a - Username Disclosure Title: Optergy 2.3.0a - Username Disclosure Author: LiquidWorm Date: 2019-11-05 Vendor: https://optergy.com/ Product web page: https://optergy.com/products/ Affected version: djuro teppi view alerton stef humba drmio de3 andri myko dzonka kosto beebee...
CBAS-Web 19.0.0 - Username Enumeration
CBAS-Web 19.0.0 - Username Enumeration Exploit Title: CBAS-Web 19.0.0 - Username Enumeration Google Dork: NA Date: 2019-11-11 Exploit Author: LiquidWorm Vendor Homepage: https://www.computrols.com/capabilities-cbas-web/ Software Link: https://www.computrols.com/building-automation-software/...
eMerge E3 Access Controller 4.6.07 - Remote Code Execution (Metasploit)
eMerge E3 Access Controller 4.6.07 - Remote Code Execution Metasploit Exploit Title: eMerge E3 Access Controller 4.6.07 - Remote Code Execution Metasploit Google Dork: NA Date: 2018-11-11 Exploit Author: LiquidWorm Vendor Homepage: http://linear-solutions.com/nscfamily/e3-series/ Software Link:...
eMerge50P 5000P 4.6.07 - Remote Code Execution
eMerge50P 5000P 4.6.07 - Remote Code Execution Exploit Title: eMerge50P 5000P 4.6.07 - Remote Code Execution Google Dork: NA Date: 2018-11-11 Exploit Author: LiquidWorm Vendor Homepage: http://linear-solutions.com/nscfamily/e3-series/ Software Link: http://linear-solutions.com/nscfamily/e3-series...
Adrenalin Core HCM 5.4.0 - ReportID Reflected Cross-Site Scripting
Adrenalin Core HCM 5.4.0 - ReportID Reflected Cross-Site Scripting Exploit Title: Adrenalin Core HCM 5.4.0 - 'ReportID' Reflected Cross-Site Scripting Google Dork: NA Date: 2018-09-06 Exploit Author: Rishu Ranjan Vendor Homepage: https://www.myadrenalin.com/ Software Link:...
Prima FlexAir Access Control 2.3.38 - Remote Code Execution
Prima FlexAir Access Control 2.3.38 - Remote Code Execution Exploit Title: Prima FlexAir Access Control 2.3.38 - Remote Code Execution Google Dork: NA Date: 2018-09-06 Exploit Author: LiquidWorm Vendor Homepage: https://www.primasystems.eu/ Software Link:...
Adrenalin Core HCM 5.4.0 - strAction Reflected Cross-Site Scripting
Adrenalin Core HCM 5.4.0 - strAction Reflected Cross-Site Scripting Exploit Title: Adrenalin Core HCM 5.4.0 - 'strAction' Reflected Cross-Site Scripting Google Dork: NA Date: 2018-09-06 Exploit Author: Rishu Ranjan Cy83rl0gger Vendor Homepage: https://www.myadrenalin.com/ Software Link:...
RTK IIS Codec Service 6.4.10041.133 - RtkI2SCodec Unquote Service Path
RTK IIS Codec Service 6.4.10041.133 - RtkI2SCodec Unquote Service Path Exploit Title: RTK IIS Codec Service 6.4.10041.133 - 'RtkI2SCodec' Unquote Service Path Google Dork: N/A Date: 2019-11-11 Exploit Author: chuyreds Vendor Homepage:https://www.realtek.com/en/ Software Link:...
Prima Access Control 2.3.35 - HwName Persistent Cross-Site Scripting
Prima Access Control 2.3.35 - HwName Persistent Cross-Site Scripting Exploit Title: Prima Access Control 2.3.35 - 'HwName' Persistent Cross-Site Scripting Google Dork: NA Date: 2019-11-11 Exploit Author: LiquidWorm Vendor Homepage: https://www.computrols.com/capabilities-cbas-web/ Software Link:...
CBAS-Web 19.0.0 - Information Disclosure
CBAS-Web 19.0.0 - Information Disclosure Exploit Title: CBAS-Web 19.0.0 - Information Disclosure Google Dork: NA Date: 2019-11-11 Exploit Author: LiquidWorm Vendor Homepage: https://www.computrols.com/capabilities-cbas-web/ Software Link: https://www.computrols.com/building-automation-software/...
eMerge E3 1.00-06 - Remote Code Execution
eMerge E3 1.00-06 - Remote Code Execution Exploit Title: eMerge E3 1.00-06 - Remote Code Execution Google Dork: NA Date: 2018-09-11 Exploit Author: LiquidWorm Vendor Homepage: http://linear-solutions.com/nscfamily/e3-series/ Software Link: http://linear-solutions.com/nscfamily/e3-series/ Version:...
Adrenalin Core HCM 5.4.0 - prntDDLCntrlName Reflected Cross-Site Scripting
Adrenalin Core HCM 5.4.0 - prntDDLCntrlName Reflected Cross-Site Scripting Exploit Title: Adrenalin Core HCM 5.4.0 - 'prntDDLCntrlName' Reflected Cross-Site Scripting Google Dork: NA Date: 2018-09-06 Exploit Author: Rishu Ranjan Cy83rl0gger Vendor Homepage: https://www.myadrenalin.com/ Software...
Bematech Printer MP-4200 - Denial of Service
Bematech Printer MP-4200 - Denial of Service Exploit Title: Bematech Printer MP-4200 - Denial of Service Date: 2019-11-11 Exploit Author: Jonatas Fil Vendor Homepage: https://www.bematech.com.br/ Software Link: https://www.bematech.com.br/produto/mp-4200-th/ Version: MP-4200 TH Tested on: Windows...
CBAS-Web 19.0.0 - Cross-Site Request Forgery (Add Super Admin)
CBAS-Web 19.0.0 - Cross-Site Request Forgery Add Super Admin Exploit Title: CBAS-Web 19.0.0 - Cross-Site Request Forgery Add Super Admin Google Dork: NA Date: 2019-11-11 Exploit Author: LiquidWorm Vendor Homepage: https://www.computrols.com/capabilities-cbas-web/ Software Link:...
Optergy 2.3.0a - Cross-Site Request Forgery (Add Admin)
Optergy 2.3.0a - Cross-Site Request Forgery Add Admin Title: Optergy 2.3.0a - Cross-Site Request Forgery Add Admin Author: LiquidWorm Date: 2019-11-05 Vendor: https://optergy.com/ Product web page: https://optergy.com/products/ Affected version: history.pushState'', '', '/' input type="hidden"...
FlexAir Access Control 2.3.35 - Authentication Bypass
FlexAir Access Control 2.3.35 - Authentication Bypass Exploit Title: FlexAir Access Control 2.3.35 - Authentication Bypass Google Dork: NA Date: 2019-11-11 Exploit Author: LiquidWorm Vendor Homepage: https://www.computrols.com/capabilities-cbas-web/ Software Link:...
eMerge E3 1.00-06 - Cross-Site Request Forgery
eMerge E3 1.00-06 - Cross-Site Request Forgery Exploit Title: eMerge E3 1.00-06 - Cross-Site Request Forgery Google Dork: NA Date: 2018-11-11 Exploit Author: LiquidWorm Vendor Homepage: http://linear-solutions.com/nscfamily/e3-series/ Software Link: http://linear-solutions.com/nscfamily/e3-series...
Joomla 3.9.13 - Host Header Injection
Joomla 3.9.13 - Host Header Injection Exploit Title: Joomla 3.9.13 - 'Host' Header Injection Author: Pablo Santiago Date: 2019-11-12 Vendor Homepage: https://www.joomla.org/ Source: https://downloads.joomla.org/cms/joomla3/3-9-13/Joomla3-9-13-Stable-FullPackage.zip?format=zip Version: 3.9.13 CVE ...
FlexAir Access Control 2.4.9api3 - Remote Code Execution
FlexAir Access Control 2.4.9api3 - Remote Code Execution Exploit Title: FlexAir Access Control 2.4.9api3 - Remote Code Execution Google Dork: NA Date: 2019-11-11 Exploit Author: LiquidWorm Vendor Homepage: https://www.computrols.com/capabilities-cbas-web/ Software Link:...
CBAS-Web 19.0.0 - id Boolean-based Blind SQL Injection
CBAS-Web 19.0.0 - id Boolean-based Blind SQL Injection Exploit Title: CBAS-Web 19.0.0 - 'id' Boolean-based Blind SQL Injection Google Dork: NA Date: 2019-11-11 Exploit Author: LiquidWorm Vendor Homepage: https://www.computrols.com/capabilities-cbas-web/ Software Link:...
Alps Pointing-device Controller 8.1202.1711.04 - ApHidMonitorService Unquoted Service Path
Alps Pointing-device Controller 8.1202.1711.04 - ApHidMonitorService Unquoted Service Path Exploit Title: Alps Pointing-device Controller 8.1202.1711.04 - 'ApHidMonitorService' Unquoted Service Path Date: 2019-11-12 Exploit Author: Mario Rodriguez Vendor Homepage: https://www.alps.com/e/ Software...
Atlassian Confluence 6.15.1 - Directory Traversal (Metasploit)
Atlassian Confluence 6.15.1 - Directory Traversal Metasploit Exploit Title: Atlassian Confluence 6.15.1 - Directory Traversal Metasploit Google Dork: N/A Date: 2019-11-11 Exploit Author: max7253 Vendor Homepage: https://www.atlassian.com Software Link:...
Prima Access Control 2.3.35 - Arbitrary File Upload
Prima Access Control 2.3.35 - Arbitrary File Upload Exploit Title: Prima Access Control 2.3.35 - Arbitrary File Upload Google Dork: NA Date: 2019-11-11 Exploit Author: LiquidWorm Vendor Homepage: https://www.computrols.com/capabilities-cbas-web/ Software Link:...
Optergy 2.3.0a - Remote Code Execution
Optergy 2.3.0a - Remote Code Execution Title: Optergy 2.3.0a - Remote Code Execution Author: LiquidWorm Date: 2019-11-05 Vendor: https://optergy.com/ Product web page: https://optergy.com/products/ Affected version: =2.3.0a Advisory: https://applied-risk.com/resources/ar-2019-008 Paper:...
Control Center PRO 6.2.9 - Local Stack Based Buffer Overflow (SEH)
Control Center PRO 6.2.9 - Local Stack Based Buffer Overflow SEH Exploit Title: Control Center PRO 6.2.9 - Local Stack Based BufferOverflow SEH Date: 2019-11-09 Exploit Author: Samir sanchez garnica @sasaga92 Vendor Homepage: http://www.webgateinc.com/wgi/eng/products/list.php?ecidx1=P610 Softwar...
eMerge E3 1.00-06 - Unauthenticated Directory Traversal
eMerge E3 1.00-06 - Unauthenticated Directory Traversal Exploit Title: eMerge E3 1.00-06 - Unauthenticated Directory Traversal Google Dork: NA Date: 2018-09-11 Exploit Author: LiquidWorm Vendor Homepage: http://linear-solutions.com/nscfamily/e3-series/ Software Link:...