41207 matches found
XPCOM - Race Condition
XPCOM - Race Condition XPCOM Race Condition Vendor: Mozilla Product: XPCOM Version: Website: http://www.mozilla.org/projects/xpcom/ CVE: CVE-2005-2414 OSVDB: 18226 PACKETSTORM: 38837 Description: xpcom, or cross platform component object model is a framework for writing cross-platform, modular...
Internet Download Manager - OLE Automation Array Remote Code Execution
Internet Download Manager - OLE Automation Array Remote Code Execution !/usr/bin/php Run Site Grabber 4 . Enter any word "Start page/address" 5 . Click Addvance 6 . check "Enter Login and password manually at the following web page" 7 . Enter your exploit link http://ipaddress:80/ 8 . Next -- Nex...
TcpDump - rpki_rtr_pdu_print Out-of-Bounds Denial of Service
TcpDump - rpkirtrpduprint Out-of-Bounds Denial of Service Exploit Title: TcpDump rpkirtrpduprint Out-of-Bounds Denial of Service Date: 7.18.2015 Exploit Author: Luke Arntson [email protected] Vendor Homepage: http://www.tcpdump.org/ Software Link: http://www.tcpdump.org/ Version: 4.6.2, 4.5.1,...
phpVibe 4.20 - Persistent Cross-Site Scripting
phpVibe 4.20 - Persistent Cross-Site Scripting phpVibe The vulnerability exists because the user input is not properly sanitized and this can lead to malicious code injection that will be executed on the target’s browser -- Proof of Concept -- 1. The attacker posts a new comment which contains ou...
Image Transfer IOS - Remote Crash (PoC)
Image Transfer IOS - Remote Crash PoC !/usr/bin/perl -w Title : Image Transfer IOS - Remote Crash Proof Of Concept Affected Versions: All Version Tested on IOS 8.4 12h143 / 2.0 Itunes link : https://itunes.apple.com/us/app/image-transfer-photo-video/id588696602?mt=8 EDB note: Might require to be...
Microsoft Word - Local Machine Zone Code Execution (MS15-022)
Microsoft Word - Local Machine Zone Code Execution MS15-022 Exploit Title: Microsoft Word Local Machine Zone Remote Code Execution Vulnerability Date: July 15th, 2015 Exploit Author: Eduardo Braun Prado Vendor Homepage : http://www.microsoft.com Version: 2007 Tested on: Microsoft Windows XP, 2003...
AirDroid iOS Android Win 3.1.3 - Persistent
AirDroid iOS Android Win 3.1.3 - Persistent Document Title: =============== Airdroid iOS, Android & Win 3.1.3 - Persistent Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1543 Release Date: ============= 2015-07-20 Vulnerability Laboratory ...
WordPress Plugin BuddyPress Activity Plus 1.5 - Cross-Site Request Forgery
WordPress Plugin BuddyPress Activity Plus 1.5 - Cross-Site Request Forgery Details ================ Software: BuddyPress Activity Plus Version: 1.5 Homepage: http://wordpress.org/plugins/buddypress-activity-plus/ Advisory report:...
4 TOTOLINK Router Models - Backdoor Credentials
4 TOTOLINK Router Models - Backdoor Credentials Advisory Information Title: Backdoor credentials found in 4 TOTOLINK router models Advisory URL: https://pierrekim.github.io/advisories/2015-totolink-0x03.txt Blog URL:...
8 TOTOLINK Router Models - Backdoor Access Remote Code Execution
8 TOTOLINK Router Models - Backdoor Access Remote Code Execution Advisory Information Title: Backdoor and RCE found in 8 TOTOLINK router models Advisory URL: https://pierrekim.github.io/advisories/2015-totolink-0x02.txt Blog URL:...
15 TOTOLINK Router Models - Multiple Remote Code Execution Vulnerabilities
15 TOTOLINK Router Models - Multiple Remote Code Execution Vulnerabilities Advisory Information Title: 15 TOTOLINK router models vulnerable to multiple RCEs Advisory URL: https://pierrekim.github.io/advisories/2015-totolink-0x00.txt Blog URL:...
4 TOTOLINK Router Models - Cross-Site Request Forgery Cross-Site Scripting
4 TOTOLINK Router Models - Cross-Site Request Forgery Cross-Site Scripting Advisory Information Title: 4 TOTOLINK router models vulnerable to CSRF and XSS attacks Advisory URL: https://pierrekim.github.io/advisories/2015-totolink-0x01.txt Blog URL:...
WordPress Plugin Download Manager Free 2.7.94 Pro 4 - (Authenticated) Persistent Cross-Site Scripting
WordPress Plugin Download Manager Free 2.7.94 Pro 4 - Authenticated Persistent Cross-Site Scripting WordPress Download Manager Free 2.7.94 & Pro 4 Authenticated Stored XSS Vendor Homepage: http://www.wpdownloadmanager.com Software Link: https://wordpress.org/plugins/download-manager Affected...
Kaseya Virtual System Administrator (VSA) - Multiple Vulnerabilities (1)
Kaseya Virtual System Administrator VSA - Multiple Vulnerabilities 1 Multiple vulnerabilities in Kaseya Virtual System Administrator Discovered by Pedro Ribeiro [email protected], Agile Information Security http://www.agileinfosec.co.uk/...
Joomla! Component com_docman - Multiple Vulnerabilities
Joomla! Component comdocman - Multiple Vulnerabilities Joomla docman Component 'comdocman' Full Path DisclosureFPD & Local File Disclosure/IncludeLFD/LFI CWE: CWE-200FPD CWE-98LFI/LFD Risk: High Author: Hugo Santiago dos Santos Contact: [email protected] Date: 13/07/2015 Vendor Homepage:...
Internet Download Manager - .ief Crash (PoC)
Internet Download Manager - .ief Crash PoC !/usr/bin/env python Title : Internet Download Manager - Crash Proof Of Concept Affected Versions: All Version Founder : InternetDownloadManager Tested on Windows 7 / Server 2008 Author : Mohammad Reza Espargham Linkedin : https://ir.linkedin.com/in/reza...
sysPass 1.0.9 - SQL Injection
sysPass 1.0.9 - SQL Injection -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Advisory ID: SYSS-2015-031 Product: sysPass Vendor: http://cygnux.org/ Affected Versions: 1.0.9 and below Tested Versions: 1.0.9 Vulnerability Type: SQL Injection CWE-89 Risk Level: High Solution Status: Fixed Vendor...
ZOC Terminal Emulator 7 - Quick Connection Crash (PoC)
ZOC Terminal Emulator 7 - Quick Connection Crash PoC !/usr/bin/python + Author: SATHISH ARTHAR + Exploit Title: ZOC Terminal Emulator-v7 Memory Corruption PoC + Date: 14-07-2015 + Category: DoS/PoC + Tested on: WinXp/Windows7/windows8 + Vendor: http://www.emtec.com + Download:...
Pimcore CMS Build 3450 - Directory Traversal
Pimcore CMS Build 3450 - Directory Traversal Vulnerability title: Directory Traversal/Configuration Update In Pimcore CMS CVE: CVE-2015-4425 Vendor: Pimcore Product: Pimcore CMS Affected version: Build 3450 Fixed version: Build 3473 Reported by: Josh Foote Details: It is possible for an...
SquirrelMail 1.4.5-RC1 - Arbitrary Variable Overwrite
SquirrelMail 1.4.5-RC1 - Arbitrary Variable Overwrite SquirrelMail Arbitrary Variable Overwrite Vendor: The SquirrelMail Project Team Product: SquirrelMail Version: = 1.4.5-RC1 Website: http://www.squirrelmail.org/ BID: 14254 CVE: CVE-2005-2095 SECUNIA: 16058 PACKETSTORM: 38709 Description:...
Internet Download Manager - Find Download Crash (PoC)
Internet Download Manager - Find Download Crash PoC !/usr/bin/env python Title : Internet Download Manager - Crash Proof Of Concept Affected Versions: All Version Founder : InternetDownloadManager Tested on Windows 7 / Server 2008 Author : Mohammad Reza Espargham Linkedin :...
Impero Education Pro - System Remote Command Execution
Impero Education Pro - System Remote Command Execution / If you're unsure what Impero is, it's essentially a corporate/educational RAT. Vendor site: https://www.imperosoftware.co.uk/ They recently were in the news about how they implemented "anti-radicalisation" shit or something. They had a boot...
WordPress Plugin CP Contact Form with Paypal 1.1.5 - Multiple Vulnerabilities
WordPress Plugin CP Contact Form with Paypal 1.1.5 - Multiple Vulnerabilities Title: Cross-Site Request Forgery, Cross-Site Scripting and SQL Injection in CP Contact Form with Paypal Wordpress Plugin v1.1.5 Submitter: Nitin Venkatesh Product: CP Contact Form with Paypal Wordpress Plugin Product...
phpVibe - Arbitrary File Disclosure
phpVibe - Arbitrary File Disclosure In The Name Of ALLAH Exploit Title: phpVibe ALL versions LFD vulnerability Google Dork: "powered by phpvibe" Date: 2015/07/13 july 13th Exploit Author: ali ahmady -- Iranian Security Researcher snip3rirathotmail.com Vendor Homepage: http://www.phpvibe.com/...
WordPress Plugin Swim Team 1.44.10777 - Arbitrary File Download
WordPress Plugin Swim Team 1.44.10777 - Arbitrary File Download Title: Remote file download vulnerability in Wordpress Plugin wp-swimteam v1.44.10777 Author: Larry W. Cashdollar, @larry0 Date: 2015-07-02 Download Site: https://wordpress.org/plugins/wp-swimteam Vendor: Mike Walsh...
ArticleFR 3.0.6 - Multiple Vulnerabilities
ArticleFR 3.0.6 - Multiple Vulnerabilities ArticleFR 3.0.6 CSRF Add Admin Exploit Vendor: Free Reprintables Product web page: http://www.freereprintables.com Affected version: 3.0.6 Summary: A lightweight fully featured content article / video management system. Comes with a pluginable and...
FreiChat 9.6 - SQL Injection
FreiChat 9.6 - SQL Injection / Exploit Title: FreiChat 9.6 SQL Injection Date: 27-11-2014 Software Link: http://codologic.com/page/freichat-free-php-chat-script-software Exploit Author: Kacper Szurek Contact: http://twitter.com/KacperSzurek Website: http://security.szurek.pl/ Category: webapps 1...
Full Player 8.2.1 - Memory Corruption (PoC)
Full Player 8.2.1 - Memory Corruption PoC !/usr/bin/python + Author: SATHISH ARTHAR + Exploit Title: Full Player 8.2.1 Memory Corruption PoC + Date: 13-07-2015 + Category: DoS/PoC + Tested on: WinXp/Windows 7 + Vendor: http://www.fplayer.net + Download: http://www.fplayer.net/fullplayer.exe +...
SO Planning 1.32 - Multiple Vulnerabilities
SO Planning 1.32 - Multiple Vulnerabilities SOPlanning - Simple Online Planning Tool multiple vulnerabilities CVEs: CVE-2014-8673, CVE-2014-8674, CVE-2014-8675, CVE-2014-8676, CVE-2014-8677 Vendor: http://www.soplanning.org/ Product: SOPlanning - Simple Online Planning Version affected: 1.32 and...
Arab Portal 3 - SQL Injection
Arab Portal 3 - SQL Injection In The Name Of ALLAH title : Arabportal 3 SQL injection vulnerability Exploit Title: Arabportal 3 registeration section SQL injection vulnerability Google Dork: inurl:members.php?action=signup Date: 2015/07/10 july 10th Exploit Author: ali ahmady -- Iranian Security...
phpSQLiteCMS - Multiple Vulnerabilities
phpSQLiteCMS - Multiple Vulnerabilities Exploit Title: CSRF, Unrestricted File Upload, Privilege escalation & XSS Google Dork: intitle: CSRF, Unrestricted File Upload, Privilege escalation & XSS Date: 2015-07-12 Exploit Author: John Page hyp3rlinx Website: hyp3rlinx.altervista.org Vendor Homepage...
ZenPhoto 1.4.8 - Multiple Vulnerabilities
ZenPhoto 1.4.8 - Multiple Vulnerabilities Vulnerability: SQL Injection, Reflected XSS, Path Traversal Affected Software: ZenPhoto http://www.zenphoto.org/ Affected Version: 1.4.8 probably also prior versions Patched Version: 1.4.9 Risk: Medium Vendor Contacted: 2015-05-18 Vendor Fix: 2015-07-09...
Notepad++ 6.7.3 - Crash (PoC)
Notepad++ 6.7.3 - Crash PoC Title: Notepad++ - Crash Date: 10/07/2015 Author: Rahul Pratap Singh @0x62626262 Vendor Homepage: https://notepad-plus-plus.org Download: https://notepad-plus-plus.org/download/v6.7.3.html Version: v6.7.3 Tested on: WindowsXPx86 & Windows7x86 Incorrect theme file...
WordPress Plugin CP Multi View Event Calendar 1.1.7 - SQL Injection
WordPress Plugin CP Multi View Event Calendar 1.1.7 - SQL Injection Exploit Title: WordPress cp-multi-view-calendar.1.1.7 Unauthenticated SQL injection vulnerabilities Date: 2015-07-10 Google Dork: Index of /wordpress/wp-content/plugins/cp-multi-view-calendar Exploit Author: Joaquin Ramirez...
WordPress Plugin CP Image Store with Slideshow 1.0.5 - Arbitrary File Download
WordPress Plugin CP Image Store with Slideshow 1.0.5 - Arbitrary File Download Exploit Title: WordPress CP Image Store with Slideshow 1.0.5 Arbitrary file download vulnerability Date: 2015-07-10 Google Dork: Exploit Author: Joaquin Ramirez Martinez i0akiN SEC-LABORATORY Vendor Homepage:...
UPNPD M-SEARCH - ssdp:discover Reflection Denial of Service
UPNPD M-SEARCH - ssdp:discover Reflection Denial of Service !/usr/bin/perl upnpd M-SEARCH ssdp:discover reflection Copyright 2015 c Todor Donev [email protected] http://www.ethical-hacker.org/ https://www.facebook.com/ethicalhackerorg The SSDP protocol can discover Plug & Play devices, with...
NTPD - MON_GETLIST Query Amplification Denial of Service
NTPD - MONGETLIST Query Amplification Denial of Service !/usr/bin/perl ntp MONGETLIST query amplification ddos Copyright 2015 c Todor Donev [email protected] http://www.ethical-hacker.org/ https://www.facebook.com/ethicalhackerorg A Network Time Protocol NTP Amplification attack is an emergin...
File Roller v3.4.1 - Denial of Service (PoC)
File Roller v3.4.1 - Denial of Service PoC !/usr/bin/perl Title: File Roller - DoS PoC Date: 08/07/2015 Author: Arsyntex Homepage: https://wiki.gnome.org/Apps/FileRoller Version: v3.4.1 Tested on: Linux lab 3.2.0-85-generic-pae 122-Ubuntu i686 i386 GNU/Linux...
Cradlepoint MBR1400 and MBR1200 - Local File Inclusion
Cradlepoint MBR1400 and MBR1200 - Local File Inclusion Exploit Title: Cradlepoint MBR LFI Date: 7/7/2015 Exploit Author: DocHak Vendor Homepage: https://cradlepoint.com/ Version: 1200/1400 REQUIRED Tested on: Embedded linux I found a local file include with root level permissions on cradlepoint...
Immunity Debugger 1.85 - Crash (PoC)
Immunity Debugger 1.85 - Crash PoC Title: Immunity Debugger - Crash Date: 08/07/2015 Author: Arsyntex Vendor Homepage: http://www.immunityinc.com/products/debugger/ Version: v1.85 Tested on: Windows 8.1 Pro Incorrect path/file EXtEnsion parsing. -Create folder with the name: .exe.exe and put any...
Blueberry Express 5.9.0.3678 - Local Buffer Overflow (SEH)
Blueberry Express 5.9.0.3678 - Local Buffer Overflow SEH Document Title: =============== Blueberry Express v5.9.x - SEH Buffer Overflow Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1535 Video:...
Centreon 2.5.4 - Multiple Vulnerabilities
Centreon 2.5.4 - Multiple Vulnerabilities Merethis Centreon - Unauthenticated blind SQLi and Authenticated Remote Command Execution CVEs: CVE-2015-1560, CVE-2015-1561 Vendor: Merethis - www.centreon.com Product: Centreon Version affected: 2.5.4 and prior Product description: Centreon is the choic...
Orchard CMS 1.7.31.8.21.9.0 - Persistent Cross-Site Scripting
Orchard CMS 1.7.31.8.21.9.0 - Persistent Cross-Site Scripting ----------------- Background ----------------- Orchard is a free, open source, community-focused content management system written in ASP.NET platform using the ASP.NET MVC framework. Its vision is to create shared components for...
Grandstream GXV3275 1.0.3.30 - Multiple Vulnerabilities
Grandstream GXV3275 1.0.3.30 - Multiple Vulnerabilities The Grandstream GXV3275 is an Android-based VoIP phone. Several vulnerabilities were found affecting this device. The device ships with a default root SSH key, which could be used as a backdoor: /system/root/.ssh cat authorizedkeys Public ke...
AirLink101 SkyIPCam1620W - OS Command Injection
AirLink101 SkyIPCam1620W - OS Command Injection 1. Advisory Information Title: AirLink101 SkyIPCam1620W OS Command Injection Advisory ID: CORE-2015-0011 Advisory URL: http://www.coresecurity.com/advisories/airlink101-skyipcam1620w-os-command-injection Date published: 2015-07-08 Date of last updat...
WordPress Plugin Easy2Map 1.24 - SQL Injection
WordPress Plugin Easy2Map 1.24 - SQL Injection Title: SQL Injection in easy2map wordpress plugin v1.24 Author: Larry W. Cashdollar, @larry0 Date: 2015-06-08 Download Site: https://wordpress.org/plugins/easy2map Vendor: Steven Ellis Vendor Notified: 2015-06-08, fixed in v1.25 Vendor Contact:...
WordPress Plugin WP E-Commerce Shop Styling 2.5 - Arbitrary File Download
WordPress Plugin WP E-Commerce Shop Styling 2.5 - Arbitrary File Download Title: Remote file download vulnerability in wordpress plugin wp-ecommerce-shop-styling v2.5 Author: Larry W. Cashdollar, @larry0 Date: 2015-07-05 Download Site: https://wordpress.org/plugins/wp-ecommerce-shop-styling Vendo...
AirLive (Multiple Products) - OS Command Injection
AirLive Multiple Products - OS Command Injection 1. Advisory Information Title: AirLive Multiple Products OS Command Injection Advisory ID: CORE-2015-0012 Advisory URL: http://www.coresecurity.com/advisories/airlive-multiple-products-os-command-injection Date published: 2015-07-06 Date of last...
Symantec Endpoint Protection 12.1.4013 - Service Disabling
Symantec Endpoint Protection 12.1.4013 - Service Disabling Exploit Title: Antivirus Google Dork: intitle: Antivirus Date: 2015-07-07 Exploit Author: John Page hyp3rlinx Website: hyp3rlinx.altervista.org Vendor Homepage: www.symantec.com Software Link: www.symantec.com/endpoint-protection...
WordPress Plugin ACF Frontend Display 2.0.5 - Arbitrary File Upload
WordPress Plugin ACF Frontend Display 2.0.5 - Arbitrary File Upload +---------------------------------------------------------------------------+ + Author: TUNISIAN CYBER + Title: WP Plugin Free ACF Frontend Display File Upload Vulnerability + Date: 3-07-2015 + Type: WebAPP + Download Plugin:...