41207 matches found
Symantec Advanced Secure Gateway (ASG) ProxySG - Unrestricted File Upload
Symantec Advanced Secure Gateway ASG ProxySG - Unrestricted File Upload ===========Security Intelligence============ Vendor Homepage: adobe.com Version: 2018 Tested on: Adobe ColdFusion 2018 Exploit Author: Pankaj Kumar Thakur Nepal ==========Table of Contents============== Overview Detailed...
Ticket-Booking 1.4 - Authentication Bypass
Ticket-Booking 1.4 - Authentication Bypass Exploit Title: Ticket-Booking 1.4 - Authentication Bypass Author: Cakes Discovery Date: 2019-09-14 Vendor Homepage: https://github.com/ABHIJEET-MUNESHWAR/Ticket-Booking Software Link: https://github.com/ABHIJEET-MUNESHWAR/Ticket-Booking/archive/master.zi...
College-Management-System 1.2 - Authentication Bypass
College-Management-System 1.2 - Authentication Bypass Exploit Title: College-Management-System 1.2 - Authentication Bypass Author: Cakes Discovery Date: 2019-09-14 Vendor Homepage: https://github.com/ajinkyabodade/College-Management-System Software Link:...
google.com.ar
Pentest notes for: google.com.ar Exploit Pack Nmap 7.80 scan initiated Fri Sep 13 16:38:25 2019 as: "C:\Program Files x86\Nmap\nmap.exe" -sV -A -oA log/google.com.ar google.com.ar Nmap scan report for google.com.ar 173.194.222.94 Host is up 0.015s latency. rDNS record for 173.194.222.94:...
wbNj8EIMfXlmDDE
A Remote Browser's Agent XSS is a piece of software that allows a remote "operator" to control a browser as if he has physical access to that system. While desktop sharing and remote administration have many legal uses, "XSS" software is usually associated with criminal or malicious activity...
Folder Lock 7.7.9 - Denial of Service
Folder Lock 7.7.9 - Denial of Service Exploit Title: Folder Lock v7.7.9 Denial of Service Exploit Date: 12.09.2019 Vendor Homepage:https://www.newsoftwares.net/folderlock/ Software Link: https://www.newsoftwares.net/download/folderlock7-en/folder-lock-en.exe Exploit Author: Achilles Tested Versio...
Dolibarr ERP-CRM 10.0.1 - User-Agent Cross-Site Scripting
Dolibarr ERP-CRM 10.0.1 - User-Agent Cross-Site Scripting Exploit Title: Dolibarr ERP/CRM 10.0.1 - User-Agent Http Header Cross Site Scripting Exploit Author: Metin Yunus Kandemir kandemir Vendor Homepage: https://www.dolibarr.org/ Software Link: https://www.dolibarr.org/downloads Version: 10.0.1...
phpMyAdmin 4.9.0.1 - Cross-Site Request Forgery
phpMyAdmin 4.9.0.1 - Cross-Site Request Forgery ============================================= MGC ALERT 2019-003 - Original release date: June 13, 2019 - Last revised: September 13, 2019 - Discovered by: Manuel Garcia Cardenas - Severity: 4,3/10 CVSS Base Score - CVE-ID: CVE-2019-12922...
LimeSurvey 3.17.13 - Cross-Site Scripting
LimeSurvey 3.17.13 - Cross-Site Scripting SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Stored and reflected XSS vulnerabilities product: LimeSurvey vulnerable version: 3.17.14 CVE number: CVE-2019-16172,...
Microsoft DirectWrite - Invalid Read in SplicePixel While Processing OTF Fonts
Microsoft DirectWrite - Invalid Read in SplicePixel While Processing OTF Fonts Microsoft DirectWrite is a modern Windows API for high-quality text rendering. A majority of its code resides in the DWrite.dll user-mode library. It is used by a variety of widely used desktop programs such as the...
Microsoft DirectWrite - Out-of-Bounds Read in sfac_GetSbitBitmap While Processing TTF Fonts
Microsoft DirectWrite - Out-of-Bounds Read in sfacGetSbitBitmap While Processing TTF Fonts Microsoft DirectWrite is a modern Windows API for high-quality text rendering. A majority of its code resides in the DWrite.dll user-mode library. It is used by a variety of widely used desktop programs suc...
eWON Flexy - Authentication Bypass
eWON Flexy - Authentication Bypass ! /usr/bin/env python ''' Exploit Title: eWON v13.0 Authentication Bypass Date: 2018-10-12 Exploit Author: Photubias – tijldotDeneutatHowestdotbe for www.ic4.be Vendor Advisory: 1 https://websupport.ewon.biz/support/news/support/ewon-security-enhancement-131s0-0...
AVCON6 systems management platform - OGNL Remote Command Execution
AVCON6 systems management platform - OGNL Remote Command Execution Exploit Title: AVCON6 systems management platform - OGNL - Remote root command execution Date: 10/09/2018 Exploit Author: Nassim Asrir Contact: [email protected] | https://www.linkedin.com/in/nassim-asrir-b73a57122/ CVE: N\A Test...
WordPress Plugin Photo Gallery 1.5.34 - Cross-Site Scripting (2)
WordPress Plugin Photo Gallery 1.5.34 - Cross-Site Scripting 2 Exploit Title: WordPress Plugin Photo Gallery by 10Web img src=a onerror='alert2;' 4. Click Save. 5. It will show pop-up confirming existence of XSS vulnerability Timeline 09-01-2019 - Vulnerability Reported 09-03-2019 - Vendor...
WordPress Plugin Photo Gallery 1.5.34 - Cross-Site Scripting
WordPress Plugin Photo Gallery 1.5.34 - Cross-Site Scripting Exploit Title: WordPress Plugin Photo Gallery by 10Web alert1; 4. Click Save and preview. 5. It will show pop-up confirming existence of XSS vulnerability Timeline 09-01-2019 - Vulnerability Reported 09-03-2019 - Vendor responded...
WordPress Plugin Photo Gallery 1.5.34 - SQL Injection
WordPress Plugin Photo Gallery 1.5.34 - SQL Injection Exploit Title: WordPress Plugin Photo Gallery by 10Web Add new and in add galleries / Gallery groups. GET request going with parameter albumid is vulnerable to Time Based Blind SQL injection. Following is the POC, 1...
Enigma NMS 65.0.0 - OS Command Injection
Enigma NMS 65.0.0 - OS Command Injection !/usr/bin/python -------------------------------------------------------------------- Exploit Title: Enigma NMS OS Command Injection NETSAS Pty Ltd Enigma NMS Date: 21 July 2019 Author: Mark Cross @xerubus | mogozobo.com Vendor: NETSAS Pty Ltd Vendor...
Enigma NMS 65.0.0 - Cross-Site Request Forgery
Enigma NMS 65.0.0 - Cross-Site Request Forgery -------------------------------------------------------------------- Exploit Title: Enigma NMS Cross-Site Request Forgery CSRF Date: 21 July 2019 Author: Mark Cross @xerubus | mogozobo.com Vendor: NETSAS Pty Ltd Vendor Homepage:...
Dolibarr ERP-CRM 10.0.1 - elemid SQL Injection
Dolibarr ERP-CRM 10.0.1 - elemid SQL Injection Exploit Title: Dolibarr ERP/CRM - elemid Sql Injection Exploit Author: Metin Yunus Kandemir kandemir Vendor Homepage: https://www.dolibarr.org/ Software Link: https://www.dolibarr.org/downloads Version: 10.0.1 Category: Webapps Tested on: Xampp for...
Online Appointment - SQL Injection
Online Appointment - SQL Injection Exploit Title: Online Appointment SQL Injection Data: 07.09.2019 Exploit Author: mohammad zaheri Vendor HomagePage: https://github.com/girish03/Online-Appointment-Booking-System Tested on: Windows Google Dork: N/A ========= Vulnerable Page: =========...
Rifatron Intelligent Digital Security System - animate.cgi Stream Disclosure
Rifatron Intelligent Digital Security System - animate.cgi Stream Disclosure !/bin/bash Rifatron Intelligent Digital Security System animate.cgi Stream Disclosure Vendor: Rifatron Co., Ltd. | SAM MYUNG Co., Ltd. Product web page: http://www.rifatron.com Affected version: 5brid DVR HD6-532/516,...
WordPress Plugin Sell Downloads 1.0.86 - Cross-Site Scripting
WordPress Plugin Sell Downloads 1.0.86 - Cross-Site Scripting Exploit Title: WordPress Plugin Sell Downloads 1.0.86 - Cross Site Scripting Exploit Author: Mr Winst0n Author E-mail: [email protected] Discovery Date: September 09,2019 Vendor Homepage:...
Enigma NMS 65.0.0 - SQL Injection
Enigma NMS 65.0.0 - SQL Injection -------------------------------------------------------------------- Exploit Title: Enigma NMS searchpattern SQL Injection Date: 21 July 2019 Author: Mark Cross @xerubus | mogozobo.com Vendor: NETSAS Pty Ltd Vendor Homepage: https://www.netsas.com.au/ Software...
Dolibarr ERP-CRM 10.0.1 - SQL Injection
Dolibarr ERP-CRM 10.0.1 - SQL Injection Exploit Title: Dolibarr ERP/CRM - Multiple Sql Injection Exploit Author: Metin Yunus Kandemir kandemir Vendor Homepage: https://www.dolibarr.org/ Software Link: https://www.dolibarr.org/downloads Version: 10.0.1 Category: Webapps Tested on: Xampp for Linux...
WordPress 5.2.3 - Cross-Site Host Modification
WordPress 5.2.3 - Cross-Site Host Modification !/usr/bin/perl -w Wordpress Type: Remote Risk: High Solution: Set security headers to web server and no-cache for Cache-Control Simple Attack Scenarios: o This attack can bypass Simple WAF to access restricted content on the web server, something lik...
FusionPBX 4.4.8 - Remote Code Execution
FusionPBX 4.4.8 - Remote Code Execution !/usr/bin/python3 ''' Exploit Title: FusionPBX v4.4.8 Remote Code Execution Date: 13/08/2019 Exploit Author: Askar @mohammadaskar2 CVE : 2019-15029 Vendor Homepage: https://www.fusionpbx.com Software link: https://www.fusionpbx.com/download Version: v4.4.8...
Pulse Secure 8.1R15.18.28.39.0 SSL VPN - Remote Code Execution
Pulse Secure 8.1R15.18.28.39.0 SSL VPN - Remote Code Execution !/usr/bin/python Exploit Title: Pulse Secure Post-Auth Remote Code Execution Google Dork: inurl:/dana-na/ filetype:cgi Date: 09/05/2019 Exploit Author: Justin Wagner 0xDezzy, Alyssa Herrera @AlyssaHerrera Vendor Homepage:...
Windows NTFS - Privileged File Access Enumeration
Windows NTFS - Privileged File Access Enumeration + Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/MICROSOFT-WINDOWS-NTFS-PRIVILEGED-FILE-ACCESS-ENUMERATION.txt + ISR: ApparitionSec Vendor www.microsoft.com Product Windows...
Inventory Webapp - itemquery SQL injection
Inventory Webapp - itemquery SQL injection Exploit Title: Inventory Webapp SQL injection Data: 05.09.2019 Exploit Author: mohammad zaheri Vendor HomagePage: https://github.com/edlangley/inventory-webapp Tested on: Windows Google Dork: N/A ========= Vulnerable Page: ========= /php/add-item.php...
DASAN Zhone ZNID GPON 2426A EU - Multiple Cross-Site Scripting
DASAN Zhone ZNID GPON 2426A EU - Multiple Cross-Site Scripting Multiple Cross-Site Scripting XSS in the web interface of DASAN Zhone ZNID GPON 2426A EU version S3.1.285 application allows a remote attacker to execute arbitrary JavaScript via manipulation of an unsanitized GET parameters. Exploit...
WordPress Plugin Download Manager 2.9.93 - Cross-Site Scripting
WordPress Plugin Download Manager 2.9.93 - Cross-Site Scripting Exploit Title: WordPress Download Manager Cross-site Scripting Discovery Date: 2019-04-13 Exploit Author: ThuraMoeMyint Author Link: https://twitter.com/mgthuramoemyint Vendor Homepage: https://www.wpdownloadmanager.com Software Link...
FileThingie 2.5.7 - Arbitrary File Upload
FileThingie 2.5.7 - Arbitrary File Upload Exploit Title: FileThingie 2.5.7 - Arbitrary File Upload Author: Cakes Discovery Date: 2019-09-03 Vendor Homepage: www.solitude.dk/filethingie Software Link: https://github.com/leefish/filethingie/archive/master.zip Tested Version: 2.5.7 Tested on OS:...
ChaosPro 3.1 - SEH Buffer Overflow
ChaosPro 3.1 - SEH Buffer Overflow !C:\Python27\python.exe Title : ChaosPro 3.1 Twitter : @securitychops Blog Post : https://securitychops.com/2019/08/24/retro-exploit-series-episode-one-chaospro-3-1.html our egg! payload = "T00WT00W" adjust the stack from 00F2FFA6 to 00F2FFA8 payload +=...
ChaosPro 2.1 - SEH Buffer Overflow
ChaosPro 2.1 - SEH Buffer Overflow !C:\Python27\python.exe Title : ChaosPro 2.1 Twitter : @securitychops Blog Post : https://securitychops.com/2019/08/24/retro-exploit-series-episode-one-chaospro-3-1.html our egg! payload = "T00WT00W" the payload payload += msfvenom -p windows/shellreversetcp...
Alkacon OpenCMS 10.5.x - Cross-Site Scripting (2)
Alkacon OpenCMS 10.5.x - Cross-Site Scripting 2 Exploit Title: Alkacon OpenCMS 10.5.x - Multiple XSS in Alkacon OpenCms Site Management Google Dork: N/A Date: 18/07/2019 Exploit Author: Aetsu Vendor Homepage: http://www.opencms.org Software Link: https://github.com/alkacon/opencms-core Version:...
Kaseya VSA agent 9.5 - Privilege Escalation
Kaseya VSA agent 9.5 - Privilege Escalation Exploit Title: Kaseya VSA agent CVE-2017-12410 found by Filip Palian. A a fix was put in place for the original CVE, however it was specific to binaries and not scripts. The root cause for both issues is allowing a low privileged group excessive...
IntelBras TELEFONE IP TIP200200 LITE 60.61.75.15 - Arbitrary File Read
IntelBras TELEFONE IP TIP200200 LITE 60.61.75.15 - Arbitrary File Read !/usr/bin/perl -w IntelBras TELEFONE IP TIP200/200 LITE 60.61.75.15 'dumpConfigFile' Pre-Auth Remote Arbitrary File Read Todor Donev 2019 c Disclaimer: This or previous programs are for Educational purpose ONLY. Do not use it...
Cisco Email Security Appliance (IronPort) C160 - Host Header Injection
Cisco Email Security Appliance IronPort C160 - Host Header Injection !/usr/bin/perl -w Cisco Titsco Email Security Appliance IronPort C160 Header 'Host' Injection Copyright 2019 c Todor Donev Disclaimer: This or previous programs are for Educational purpose ONLY. Do not use it without permission...
Craft CMS 2.7.93.2.5 - Information Disclosure
Craft CMS 2.7.93.2.5 - Information Disclosure Exploit Title : CraftCms Users information disclosure From uploaded File Author Discovered By : Mohammed Abdul Raheem Author's Company Name : TrekShield IT Solution Author Exploit-db : https://www.exploit-db.com/?author=9783 Found Vulnerability On :...
Alkacon OpenCMS 10.5.x - Local File inclusion
Alkacon OpenCMS 10.5.x - Local File inclusion Exploit Title: Alkacon OpenCMS 10.5.x - Multiple LFI in Alkacon OpenCms Site Management Google Dork: N/A Date: 18/07/2019 Exploit Author: Aetsu Vendor Homepage: http://www.opencms.org Software Link: https://github.com/alkacon/opencms-core Version:...
Alkacon OpenCMS 10.5.x - Cross-Site Scripting
Alkacon OpenCMS 10.5.x - Cross-Site Scripting Exploit Title: Alkacon OpenCMS 10.5.x - Multiple XSS in Apollo Template Google Dork: N/A Date: 18/07/2019 Exploit Author: Aetsu Vendor Homepage: http://www.opencms.org Software Link: https://github.com/alkacon/apollo-template Version: 10.5.x Tested on...
Wordpress Plugin Event Tickets 4.10.7.1 - CSV Injection
Wordpress Plugin Event Tickets 4.10.7.1 - CSV Injection Exploit Title: WordPress Plugin Event Tickets = 4.10.7.1 - CSV Injection Google Dork: inurl:"\wp-content\plugins\event-tickets" Date: 09-01-2019 Exploit Author: MTK http://mtk911.cf/ Vendor Homepage: https://tri.be/ Software Link:...
ChaosPro 2.0 - SEH Buffer Overflow
ChaosPro 2.0 - SEH Buffer Overflow !C:\Python27\python.exe Title : ChaosPro 2.0 Twitter : @securitychops Blog Post : https://securitychops.com/2019/08/24/retro-exploit-series-episode-one-chaospro-3-1.html this needs to be a backwards jump to give us room to call stack jump code jmpback80 =...
Microsoft Windows - WSReset UAC Protection Bypass (Registry)
Microsoft Windows - WSReset UAC Protection Bypass Registry Fileless UAC bypass WSReset.exe @404death base on : https://www.activecyber.us/activelabs/windows-uac-bypass EDB Note: Download https://github.com/offensive-security/exploitdb-bin-sploits/raw/master/bin-sploits/47754.zip import sys, os fr...
Opencart 3.x - Cross-Site Scripting
Opencart 3.x - Cross-Site Scripting Exploit Title: Opencart 3.x.x Authenticated Stored XSS Date: 08/15/2019 Exploit Author: Nipun Somani Author Web: http://thehackerstore.net Vendor Homepage: https://www.opencart.com/ Software Link: https://github.com/opencart/opencart Version: 3.x.x Tested on:...
YouPHPTube 7.4 - Remote Code Execution
YouPHPTube 7.4 - Remote Code Execution Exploit Title: YouPHPTube &webSiteTitle=Zerodays.lol&databaseHost=&databaseName=&databasePass=&databasePort=&databaseUser="...
Sentrifugo 3.2 - Persistent Cross-Site Scripting
Sentrifugo 3.2 - Persistent Cross-Site Scripting Exploit Title: Sentrifugo 3.2 - Persistent Cross-Site Scripting Google Dork: N/A Date: 8/29/2019 Exploit Author: creosote Vendor Homepage: http://www.sentrifugo.com/ Version: 3.2 Tested on: Ubuntu 18.04 CVE : CVE-2019-15814 Multiple Stored XSS...
DomainMod 4.13 - Cross-Site Scripting
DomainMod 4.13 - Cross-Site Scripting Exploit Title: DomainMod = 4.13 - Cross-Site Scripting Date: 30 August 2019 Exploit Author: Damian Ebelties https://zerodays.lol/ Vendor Homepage: https://domainmod.org/ Version: = 4.13 Tested on: Ubuntu 18.04.1 CVE: CVE-2019-15811 The software 'DomainMOD' is...
VX Search Enterprise 10.4.16 - User-Agent Denial of Service
VX Search Enterprise 10.4.16 - User-Agent Denial of Service Exploit Title: VX Search Enterprise v10.4.16 DoS Google Dork: N/A Date: 17.01.2018 Exploit Author: James Chamberlain chumb0 Vendor Homepage: http://www.vxsearch.com/downloads.html Software Link:...
Asus Precision TouchPad 11.0.0.25 - Denial of Service
Asus Precision TouchPad 11.0.0.25 - Denial of Service !/usr/bin/python Exploit Title: Asus Precision TouchPad 11.0.0.25 - DoS/Privesc Date: 29-08-2019 Exploit Author: Athanasios Tserpelis of Telspace Systems Vendor Homepage: https://www.asus.com Version: 11.0.0.25 Software Link :...