41207 matches found
Starting Page 1.3 - category SQL Injection
Starting Page 1.3 - category SQL Injection Exploit Title: Starting Page 1.3 "Add a Link" - SQL Injection Date: 11-01-2017 Software Link: http://software.friendsinwar.com/downloads.php?catid=2&downloadid=11 Exploit Author: Ben Lee Contact: [email protected] Category: webapps Tested on: Win7 1...
Penny Auction Script - Arbitrary File Upload
Penny Auction Script - Arbitrary File Upload Vulnerability:Profile Arbitrary Shell Upload Google Dork: Penny Auction Script Date:11.01.2017 Vendor Homepage: http://www.tibsolutions.com/tibs-eauction/ Script Name: Penny Auction Script Script Buy Now:...
iTechscripts Freelancer Script 5.11 - sk SQL Injection
iTechscripts Freelancer Script 5.11 - sk SQL Injection !/usr/bin/perl -w iTechscripts Freelancer Script v5.11 sk SQL Injection Vulnerability Author : v3n0m Contact : v3n0matoutlookdotcom Date : January, 11-2017 GMT +7:00 Jakarta, Indonesia Software : Freelancer Script Version : 5.11 Lower version...
My Link Trader 1.1 - id SQL Injection
My Link Trader 1.1 - id SQL Injection Vulnerability: My link trader - SQL Injection Date: 11.01.2017 Vendor Homepage: http://software.friendsinwar.com/scriptsexample/mylinktrader/ Tested on: Kali Linux 2016.2 Author: Dawid Morawski Website: http://www.morawskiweb.pl Contact:...
Boxoft Wav 1.0 - Buffer Overflow
Boxoft Wav 1.0 - Buffer Overflow Document Title: =============== Boxoft Wav v1.1.0.0 - Buffer Overflow Vulnerability References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2027 Release Date: ============= 2017-01-09 Vulnerability Laboratory ID VL-ID:...
Adobe Flash Player 24.0.0.186 - ActionGetURL2 Out-of-Bounds Memory Corruption (1)
Adobe Flash Player 24.0.0.186 - ActionGetURL2 Out-of-Bounds Memory Corruption 1 Source: https://cosig.gouv.qc.ca/en/cosig-2017-01-en/ Application: Adobe Flash Player Platforms: Windows,OSX Versions: 24.0.0.186 and earlier Author: Francis Provencher of COSIG Website:...
Airbnb Clone Script - Arbitrary File Upload
Airbnb Clone Script - Arbitrary File Upload Vulnerability:Profile Arbitrary Shell Upload Google Dork: Airbnb Clone Script Date:11.01.2017 Vendor Homepage: http://www.tibsolutions.com/airbnb-clone/ Script Name: Airbnb Clone Script Script Buy Now:...
Itech Travel Portal Script 9.33 - SQL Injection
Itech Travel Portal Script 9.33 - SQL Injection Vulnerability: Travel Portal Script v9.33 - SQL Injection Web Vulnerability Google Dork: Travel Portal Script Date:11.01.2017 Vendor Homepage: http://itechscripts.com/travel-portal-script/ Script Name: Travel Portal Script Script Version: v9.33 Scri...
Itech Movie Portal Script 7.35 - SQL Injection
Itech Movie Portal Script 7.35 - SQL Injection Vulnerability: Movie Portal Script v7.35 - SQL Injection Web Vulnerability Google Dork: Movie Portal Script Date:11.01.2017 Vendor Homepage: http://itechscripts.com/movie-portal-script/ Script Name: Movie Portal Script Script Version: v7.35 Script Bu...
ECommerce-TIBSECART - Arbitrary File Upload
ECommerce-TIBSECART - Arbitrary File Upload Vulnerability:Profile Arbitrary Shell Upload Google Dork: ECommerce-TIBSECART Date:11.01.2017 Vendor Homepage: http://www.tibsolutions.com/tibs-ecart/ Script Name: ECommerce-TIBSECART Script Buy Now: http://www.tibsolutions.com/tibs-ecart/ Author: İhsan...
Dating Script 3.25 - SQL Injection
Dating Script 3.25 - SQL Injection Vulnerability: Dating Script v3.25 - SQL Injection Date: 11.01.2017 Software link: http://itechscripts.com/dating-script/ Demo: http://dating.itechscripts.com Price: 199$ Category: webapps Exploit Author: Dawid Morawski Website: http://www.morawskiweb.pl Contact...
Adobe Flash Player 24.0.0.186 - ActionGetURL2 Out-of-Bounds Memory Corruption (2)
Adobe Flash Player 24.0.0.186 - ActionGetURL2 Out-of-Bounds Memory Corruption 2 Source: https://cosig.gouv.qc.ca/en/cosig-2017-01-en/ Application: Adobe Flash Player Platforms: Windows,OSX Versions: 24.0.0.186 and earlier Author: Francis Provencher of COSIG Website:...
WordPress Plugin WP Support Plus Responsive Ticket System 7.1.3 - Privilege Escalation
WordPress Plugin WP Support Plus Responsive Ticket System 7.1.3 - Privilege Escalation Exploit Title: WP Support Plus Responsive Ticket System 7.1.3 Privilege Escalation Date: 10-01-2017 Software Link: https://wordpress.org/plugins/wp-support-plus-responsive-ticket-system/ Exploit Author: Kacper...
Starting Page 1.3 - linkid SQL Injection
Starting Page 1.3 - linkid SQL Injection Vulnerability: Starting Page- SQL Injection Date: 10.01.2017 Vendor Homepage: http://software.friendsinwar.com/ Tested on: win10 Author: JaMbA Script link: http://software.friendsinwar.com/news.php?readmore=31 SQL Injection/Exploit : Vulnerable Parametre :...
D-Link DIR-615 - Multiple Vulnerabilities
D-Link DIR-615 - Multiple Vulnerabilities Title: D-Link DIR-615 Multiple Vulnerabilities Date: 10-01-2017 Hardware Version: E3 Firmware Version: 5.10 Tested on: Windows 8 64-bit Exploit Author: Osanda Malith Jayathissa @OsandaMalith Original...
DiskBoss Enterprise 7.5.12 - POST Remote Buffer Overflow (SEH)
DiskBoss Enterprise 7.5.12 - POST Remote Buffer Overflow SEH !/usr/bin/python Exploit Title: DiskBoss Enterprise 7.5.12 SEH + Egghunter Buffer Overflow Date: 10-01-2017 Exploit Author: Wyndell Bibera Software Link: http://www.diskboss.com/setups/diskbossentsetupv7.5.12.exe Version: 7.5.12 Tested...
Apple OS X Yosemite - flow_divert-heap-overflow Kernel Panic
Apple OS X Yosemite - flowdivert-heap-overflow Kernel Panic / flowdivert-heap-overflow.c Brandon Azad CVE-2016-1827: Kernel heap overflow in the function flowdiverthandleappmapcreate on OS X and iOS. Exploitation requires root privileges. The vulnerability was patched in OS X El Capitan 10.11.5 a...
FMyLife Clone Script (Pro Edition) 1.1 - Cross-Site Request Forgery (Add Admin)
FMyLife Clone Script Pro Edition 1.1 - Cross-Site Request Forgery Add Admin Vulnerability: Add Admin Exploit Add/Edit/Delete/ Category, Admin Vs... Google Dork: FMyLife Clone Script Date:10.01.2017 Vendor Homepage: http://alstrasoft.com/fmylife-pro.htm Script Name: FMyLife Clone Script Pro Editio...
Huawei Flybox B660 - Cross-Site Request Forgery (1)
Huawei Flybox B660 - Cross-Site Request Forgery 1 Document Title: =============== Huawei Flybox B660 - POST Reboot CSRF Vulnerability References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2025 Release Date: ============= 2017-01-10 Vulnerability Laboratory ID...
Friends in War Make or Break 1.7 - imgid SQL Injection
Friends in War Make or Break 1.7 - imgid SQL Injection Exploit : Make or Break 1.7 imgid SQL Injection Vulnerability Author : v3n0m Contact : v3n0matoutlookdotcom Date : January, 09-2017 GMT +7:00 Jakarta, Indonesia Software : Make or Break Version : 1.7 Lower versions may also be affected Licens...
Firejail - Local Privilege Escalation
Firejail - Local Privilege Escalation firejail advisory for TOCTOU in --get and --put local root Releasing a brief advisory/writeup about a local root privesc found in firejail that we reported back in Nov, 2016. This is in response to a recent thread on oss-sec where people seem interested in...
My PHP Dating 2.0 - path SQL Injection
My PHP Dating 2.0 - path SQL Injection Vulnerability: My Php Dating 2.0 - SQL Injection Web Vulnerability Google Dork: My Php Dating Date:09.01.2017 Vendor Homepage: http://www.phponlinedatingsoftware.com/demo.htm Script Name: My Php Dating Script Version: 2.0 Script Buy Now:...
My PHP Dating 2.0 - id SQL Injection
My PHP Dating 2.0 - id SQL Injection Vulnerability: My Php Dating 2.0 - SQL Injection Google Dork: use your mind Date: 09.01.2017 Vendor Homepage: http://www.phponlinedatingsoftware.com/demo.htm Tested on: win7 Author: Nassim Asrir Author Company: Henceforth Contact: [email protected] SQL...
Blackboard LMS 9.1 SP14 - Cross-Site Scripting
Blackboard LMS 9.1 SP14 - Cross-Site Scripting Document Title: =============== Blackboard LMS 9.1 SP14 - Profile Persistent Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1900 Release Date: ============= 2017-01-09 Vulnerability Laboratory...
Ansible 2.1.42.2.1 - Command Execution
Ansible 2.1.42.2.1 - Command Execution Computest security advisory CT-2017-0109 Summary: Command execution on Ansible controller from host Affected software: Ansible CVE: CVE-2016-9587 Reference URL: https://www.computest.nl/advisories/ CT-2017-0109Ansible.txt Affected versions: 2.1.4, 2.2.1...
Cemu 1.6.4b - Information Leak Buffer Overflow (Emulator Breakout)
Cemu 1.6.4b - Information Leak Buffer Overflow Emulator Breakout For those who only care about one thing: the PoC is here. Mirror: https://github.com/offensive-security/exploitdb-bin-sploits/raw/master/bin-sploits/41021.zip Overview Cemu is a closed-source Wii U emulator developed by Exzap. New...
ManagEnegine ADManager Plus 6.5.40 - Multiple Vulnerabilities
ManagEnegine ADManager Plus 6.5.40 - Multiple Vulnerabilities 1. ADVISORY INFORMATION ======================================== Title: ManagEnegine ADManager Plus = 6.5.40 Multiple Vulnerabilities Application: ManagEnegine Admanager Remotely Exploitable: Yes Authentication Required: Yes Versions...
Brave Browser 1.2.161.9.56 - Address Bar URL Spoofing
Brave Browser 1.2.161.9.56 - Address Bar URL Spoofing Brave Browser Suffers from Address Bar Spoofing Vulnerability. Address Bar spoofing is a critical vulnerability in which any attacker can spoof the address bar to a legit looking website but the content of the web-page remains different from t...
Advanced Desktop Locker 6.0.0 - Lock Screen Bypass
Advanced Desktop Locker 6.0.0 - Lock Screen Bypass Exploit Title : Advanced Desktop Locker Locker Bypass Date: 8 - 1 - 2017 Software Link: http://www.encrypt4all.com/products/advanced-desktop-locker-information.php Sofrware Version : 6.0.0 Exploit Author: Squnity | Sir.matrix Contact:...
Microsoft Windows Kernel - win32k.sys NtSetWindowLongPtr Local Privilege Escalation (MS16-135) (2)
Microsoft Windows Kernel - win32k.sys NtSetWindowLongPtr Local Privilege Escalation MS16-135 2 / Source: https://ricklarabee.blogspot.com/2017/01/virtual-memory-page-tables-and-one-bit.html Binary:...
DirectAdmin 1.50.1 - Denial of Service
DirectAdmin 1.50.1 - Denial of Service @@@ @@@@@@@@@@@ @@@@@ @@@@@@@@@@ @@@ @@@@@@@ @@@ @@@@@@@@@@@ @@@ @@ @@@ @@ @@@ @@@@@@@@ @@@ @@@ @@@ @@ @@@ @@ @@@ @@@ @@@ @@@ @@@ @@@ @@ @@@ @@ @@@ @@@ @@@ @@@ @@@@@@@@@@@ @@@ @ @@@@@@@@@@ @@@ @@@@@@ @@@ @@@@@@@@@@@ @@@ @@ @@@ @@ @@@ @@@@@@ @@@ @@@ @@@ @@ @@...
Splunk 6.1.1 - Referer Header Cross-Site Scripting
Splunk 6.1.1 - Referer Header Cross-Site Scripting Exploit Title: Splunk 'Referer' Header Cross Site Scripting Vulnerability Date: 7th January 2017 Exploit Author: justpentest Vendor Homepage: http://www.splunk.com/ Version: Splunk 6.1.1 other versions may also be affected. Contact:...
My Link Trader 1.1 - Authentication Bypass
My Link Trader 1.1 - Authentication Bypass Vulnerability:: Admin Login Bypass & SQLi Date:09.01.2017 Vendor Homepage: http://software.friendsinwar.com/ Script Name: My Link Trader Script Version: v1.1 Script DL: http://software.friendsinwar.com/downloads.php?catid=2&fileid=13 Author: Ihsan Sencan...
Google Android max86902 Driver - sysfs Interfaces Race Condition
Google Android max86902 Driver - sysfs Interfaces Race Condition Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=963 The MAX86902 sensor has a driver that exposes several interfaces through which the device may be configured. In addition to exposing a character device, it also...
Microsoft Edge (Windows 10) - chakra.dll Information Leak Type Confusion Remote Code Execution
Microsoft Edge Windows 10 - chakra.dll Information Leak Type Confusion Remote Code Execution Source: https://github.com/theori-io/chakra-2016-11 Proofs of Concept: https://github.com/offensive-security/exploitdb-bin-sploits/raw/master/bin-sploits/40990.zip chakra.dll Info Leak + Type Confusion fo...
Firejail 0.9.44.4 0.9.38.8 LTS - Local Sandbox Escape
Firejail 0.9.44.4 0.9.38.8 LTS - Local Sandbox Escape / firejail local root exploit host to host C 2017 Sebastian Krahmer under the GPL. WARNING: This exploit uses ld.so.preload technique. If you are in bad luck, you may end up with an unusable system. SO BE WARNED. ONLY TEST IT IN YOUR SAFE VM's...
Kaspersky 17.0.0 - Local CA Root Incorrectly Protected
Kaspersky 17.0.0 - Local CA Root Incorrectly Protected / Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=989 When Kaspersky generate a private key for the local root, they store the private key in %ProgramData%. Obviously this file cannot be shared, because it's the private key...
Atlassian Confluence 5.10.6 - Persistent Cross-Site Scripting
Atlassian Confluence 5.10.6 - Persistent Cross-Site Scripting...
My Click Counter 1.0 - Authentication Bypass
My Click Counter 1.0 - Authentication Bypass x Type: Admin login bypass via SQLi x Vendor: http://software.friendsinwar.com/ x Script Name: My Click Counter x Script Version: 1.0 x Script DL: http://software.friendsinwar.com/downloads.php?catid=2&fileid=15 x Author: AnarchyAngel AKA Adam x Mail :...
Microsoft Windows 8.1 (x64) - RGNOBJ Integer Overflow (MS16-098)
Microsoft Windows 8.1 x64 - RGNOBJ Integer Overflow MS16-098 // Source: https://github.com/sensepost/ms16-098/tree/b85b8dfdd20a50fc7bc6c40337b8de99d6c4db80 // Binary: https://github.com/offensive-security/exploitdb-bin-sploits/raw/master/bin-sploits/41020.exe include include include include inclu...
Internet Download Accelerator 6.10.1.1527 - FTP Buffer Overflow (SEH)
Internet Download Accelerator 6.10.1.1527 - FTP Buffer Overflow SEH !/usr/bin/python Exploit Title: IDA 6.10.1.1527 FTP SEH Universal exploit. Exploit Author: Fady Mohamed Osman @fadyosman Exploit-db : http://www.exploit-db.com/author/?a=2986 Youtube : https://www.youtube.com/user/cutehack3r Date...
QNAP NAS Devices - Heap Overflow
QNAP NAS Devices - Heap Overflow ================== 1 Heap overflow ================== Path: /home/httpd/cgi-bin/cgi.cgi u = valid user guest|admin 1.1 / Remote / Remote host echo -en "GET /cgi-bin/cgi.cgi?u=admin&p=fori=0;i263;i++;do echo -en "A";done HTTP/1.0\nHost: QNAP\n\n" | ncat --ssl...
PHPMailer 5.2.20 SwiftMailer 5.4.5-DEV Zend Framework zend-mail 2.4.11 - AIO PwnScriptum Remote Code Execution
PHPMailer 5.2.20 SwiftMailer 5.4.5-DEV Zend Framework zend-mail 2.4.11 - AIO PwnScriptum Remote Code Execution !/usr/bin/python intro = """\03394m / / / / / / / / / / / / / / / / / / // / / / /// / / / / // / // / // / / / / // / // , / / / ///, /,// // //,///||// // // PHPMailer /...
Zend Framework zend-mail 2.4.11 - Remote Code Execution
Zend Framework zend-mail 2.4.11 - Remote Code Execution 09607 09607 09607 See the full advisory URL for the exploit details. / // Attacker's input coming from untrusted source such as $GET , $POST etc. // For example from a Contact form with sender field $emailfrom = '"attacker" -oQ/tmp/...
b2evolution 6.8.2 - Arbitrary File Upload
b2evolution 6.8.2 - Arbitrary File Upload Exploit Title: b2evolution6.8.2stable – Upload Date: 29/12/2016 Exploit Author: Li Fei Vendor Homepage: http://b2evolution.net/ Software Link: http://b2evolution.net/downloads/6-8-2-stable?download=6407 Version: 6.8.2 Tested on: win7 64bit No need admin...
WordPress Plugin Slider Templatic Tevolution 2.3.6 - Arbitrary File Upload
WordPress Plugin Slider Templatic Tevolution 2.3.6 - Arbitrary File Upload Exploit Title: WordPress Templatic = 2.3.6 Tevolution File Upload Vulnerability Date: 30-12-2016 Software Link: Permium plugin Vendor Homepage: https://templatic.com/wordpress-plugins/tevolution Exploit Author: r3m1ck...
Dell SonicWALL Secure Mobile Access SMA 8.1 - Cross-Site Scripting Cross-Site Request Forgery
Dell SonicWALL Secure Mobile Access SMA 8.1 - Cross-Site Scripting Cross-Site Request Forgery Dell SonicWALL Secure Mobile Access SMA 8.1 XSS And WAF CSRF Vendor: Dell Inc. Product web page: https://www.sonicwall.com/products/secure-mobile-access/ Affected version: 8.1 SSL-VPN Summary: Keep up wi...
Dell SonicWALL Global Management System GMS 8.1 - Blind SQL Injection
Dell SonicWALL Global Management System GMS 8.1 - Blind SQL Injection Dell SonicWALL Global Management System GMS 8.1 Blind SQL Injection Vendor: Dell Inc. Product web page: https://www.sonicwall.com/products/sonicwall-gms/ Affected version: 8.1 8.0 SP1 Build 8048.1410 Flow Server Virtual...
PHPMailer 5.2.18 - Remote Code Execution (Python)
PHPMailer 5.2.18 - Remote Code Execution Python """ Exploit Title: PHPMailer Exploit v1.0 Date: 29/12/2016 Exploit Author: Daniel aka anarc0der Version: PHPMailer 3 - Open other terminal and run the exploit: python3 anarcoder.py Video PoC: https://www.youtube.com/watch?v=DXeZxKr-qsU Full Advisory...
SapLPD 7.40 - Denial of Service
SapLPD 7.40 - Denial of Service Exploit Title: SAPlpd 7.40 Denial of Service Date: 2016-12-28 Exploit Author: Peter Baris Exploit code: http://saptech-erp.com.au/resources/saplpddos.zip Version: 7.40 all patch levels as a part of SAPGui 7.40 Tested on: Windows Server 2008 R2 x64, Windows 7 Pro x6...