41207 matches found
TigerCom iFolder+ 1.2 iOS - Multiple Vulnerabilities
TigerCom iFolder+ 1.2 iOS - Multiple Vulnerabilities Document Title: =============== TigerCom iFolder+ v1.2 iOS - Multiple Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1284 Release Date: ============= 2014-07-30 Vulnerability Laborator...
ISPConfig 3.0.54p1 - (Authenticated) Admin Privilege Escalation
ISPConfig 3.0.54p1 - Authenticated Admin Privilege Escalation Exploit Title: ISPConfig 3 authenticated admin Localroot vulnerability Date: 7/25/14 Exploit Author: mra Vendor Homepage: http://wwwispconfig.org Version: 3.0.54p1 Tested on: ubuntu, centos irc.criten.net elite-chat While logged in as...
SkaDate Lite 2.0 - Remote Code Execution
SkaDate Lite 2.0 - Remote Code Execution !/usr/bin/env python SkaDate Lite 2.0 Remote Code Execution Exploit Vendor: Skalfa LLC Product web page: http://lite.skadate.com | http://www.skalfa.com Affected version: 2.0 build 7651 Platform version: 1.7.0 build 7906 Summary: SkaDate Lite is a new...
SkaDate Lite 2.0 - Multiple Cross-Site Request Forgery Persistent Cross-Site Scripting Vulnerabilities
SkaDate Lite 2.0 - Multiple Cross-Site Request Forgery Persistent Cross-Site Scripting Vulnerabilities !-- SkaDate Lite 2.0 Multiple XSRF And Persistent XSS Vulnerabilities Vendor: Skalfa LLC Product web page: http://lite.skadate.com | http://www.skalfa.com Affected version: 2.0 build 7651 Platfo...
D-Link AP 3200 - Multiple Vulnerabilities
D-Link AP 3200 - Multiple Vulnerabilities Exploit Title: D-Link AP 3200 Multiple Vulnerabilities Date: 29/07/2014 Exploit Author: pws Vendor Homepage: http://www.dlink.com/ Firmware Link: http://ftp.dlink.ru/pub/Wireless/DWL-3200AP/Firmware/ Tested on: Latest version Shodan d0rk: "Server:...
D-Link DWR-113 Rev. Ax - Cross-Site Request Forgery Denial of Service
D-Link DWR-113 Rev. Ax - Cross-Site Request Forgery Denial of Service Exploit Title: Dlink DWR-113 Rev. Ax - CSRF causing Denial of Service Google dork : N/A Exploit Author: Blessen Thomas Date : 29/07/14 Vendor Homepage : http://www.dlink.com/ Software Link : N/A Firmware version: v2.02 2013-03-...
WiFi HD 7.3.0 iOS - Multiple Vulnerabilities
WiFi HD 7.3.0 iOS - Multiple Vulnerabilities Document Title: =============== WiFi HD v7.3.0 iOS - Multiple Web Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1283 Release Date: ============= 2014-07-29 Vulnerability Laboratory ID VL-ID:...
WordPress Plugin Lead Octopus Power - id SQL Injection
WordPress Plugin Lead Octopus Power - id SQL Injection source: https://www.securityfocus.com/bid/68934/info The Lead Octopus Power plugin for WordPress is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. A...
Sphider Search Engine 1.3.6 - Multiple Vulnerabilities
Sphider Search Engine 1.3.6 - Multiple Vulnerabilities Exploit Title: Sphider 1.3.6 or later SQL Injection Google Dork: intitle:"Sphider Admin Login" Date: 1 July 2014 Exploit Author: Mike Manzotti Vendor Homepage: http://www.sphider.eu/ Software Link: http://www.sphider.eu/sphider-1.3.6.zip...
Oxwall 1.7.0 - Remote Code Execution
Oxwall 1.7.0 - Remote Code Execution !/usr/bin/env python Oxwall 1.7.0 Remote Code Execution Exploit Vendor: Oxwall Software Foundation Product web page: http://www.oxwall.org Affected version: 1.7.0 build 7907 and 7906 Summary: Oxwall is unbelievably flexible and easy to use PHP/MySQL social...
WordPress Plugin FB Gorilla - game_play.php SQL Injection
WordPress Plugin FB Gorilla - gameplay.php SQL Injection source: https://www.securityfocus.com/bid/69222/info FB Gorilla plugin for WordPress is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied input. An attacker can exploit this issue to compromise...
CMSimple - Default Administrator Credentials
CMSimple - Default Administrator Credentials source: https://www.securityfocus.com/bid/68961/info CMSimple is prone to multiple security vulnerabilities including: 1. Multiple arbitrary PHP code-execution vulnerabilities 2. A weak authentication security-bypass vulnerability 3. Multiple security...
CMSimple 4.4.4 - color Remote Code Execution
CMSimple 4.4.4 - color Remote Code Execution source: https://www.securityfocus.com/bid/68961/info CMSimple is prone to multiple security vulnerabilities including: 1. Multiple arbitrary PHP code-execution vulnerabilities 2. A weak authentication security-bypass vulnerability 3. Multiple security...
Ubiquiti UbiFi mFi AirVision - Cross-Site Request Forgery
Ubiquiti UbiFi mFi AirVision - Cross-Site Request Forgery Vendor Homepage: http://www.ubnt.com/ Tested on: Kali Linux ----------------------------------------- Affected Products/Versions: ----------------------------------------- UniFi Controller v2.4.6 mFi Controller v2.0.15 AirVision Controller...
Oxwall 1.7.0 - Multiple Cross-Site Request Forgery HTML Injection Vulnerabilities
Oxwall 1.7.0 - Multiple Cross-Site Request Forgery HTML Injection Vulnerabilities Oxwall 1.7.0 Multiple CSRF And Stored XSS Vulnerabilities form action="http://192.168.0.105/admin/users/roles/" method="...
WordPress Plugin WhyDoWork AdSense - options-general.php Cross-Site Request Forgery (Option Manipulation)
WordPress Plugin WhyDoWork AdSense - options-general.php Cross-Site Request Forgery Option Manipulation source: https://www.securityfocus.com/bid/68954/info WhyDoWork AdSense plugin for WordPress is prone to a cross-site scripting vulnerability and a cross-site request-forgery vulnerability. An...
CMSimple 4.4.4 - Remote File Inclusion
CMSimple 4.4.4 - Remote File Inclusion source: https://www.securityfocus.com/bid/68961/info CMSimple is prone to multiple security vulnerabilities including: 1. Multiple arbitrary PHP code-execution vulnerabilities 2. A weak authentication security-bypass vulnerability 3. Multiple security...
ZeroCMS 1.0 - Persistent Cross-Site Scripting
ZeroCMS 1.0 - Persistent Cross-Site Scripting Exploit Title: Persistent ZeroCMS Cross-Site Scripting Vulnerability Discovered by: Mayuresh Dani Vendor Homepage: http://www.aas9.in/zerocms/ Software Link: https://github.com/pcx1256/zerocms/archive/master.zip Version: 1.0? Date: 2014-07-25 Tested o...
Sagem Fast 3304-V1 - Denial of Service
Sagem Fast 3304-V1 - Denial of Service Title : Sagem F@st 3304-V1 denial of service Vulnerability Vendor Homepage : http://www.sagemcom.com Tested on : Firefox, Google Chrome Tested Router : Sagem F@st 3304-V1 Date : 2014-07-26 Author : Z3ro0ne Contact : [email protected] Facebook Page :...
Moodle 2.7 - Persistent Cross-Site Scripting
Moodle 2.7 - Persistent Cross-Site Scripting Title: Moodle 2.7 Persistent XSS Vendor: https://moodle.org/ Moodle advisory: https://moodle.org/mod/forum/discuss.php?d=264265 Researched by: Osanda Malith Jayathissa @OsandaMalith E-Mail: osandacatunseen.is Original write-up:...
DirPHP 1.0 - Local File Inclusion
DirPHP 1.0 - Local File Inclusion Exploit Title: DirPHP - version 1.0 Local File Inclusion Google Dork: intext:DirPHP - version 1.0 - Created & Maintained by Stuart Montgomery Date: 7/26/14 Exploit Author: -Chosen- Contact: [email protected] Version: DirPHP - Version 1.0 Tested on: n...
Zenoss Monitoring System 4.2.5-2108 (x64) - Persistent Cross-Site Scripting
Zenoss Monitoring System 4.2.5-2108 x64 - Persistent Cross-Site Scripting Exploit Title: Stored XSS vulnerability in Zenoss core open source monitoring system Date: 12/05/2014 Exploit author: Dolev Farhi dolevatopenflare.org Vendor homepage: http://zenoss.com Software Link: http://www.zenoss.com...
Pligg CMS 2.0.1 - Multiple Vulnerabilities
Pligg CMS 2.0.1 - Multiple Vulnerabilities !/usr/bin/python Exploit Title: Pligg useremail; 62. $subject = $mainsmarty-getconfigvars"PLIGGVisualName".' '.$mainsmarty-getconfigvars"PLIGGPassEmailSubject"; 63. 64. $body = sprintf 65. $mainsmarty-getconfigvars"PLIGGPassEmailPassBody", 66...
Make 3.81 - Heap Overflow (PoC)
Make 3.81 - Heap Overflow PoC =for comment Exploit Title: MAKE Heap Overflow - Pointer dereferencing POC Calloc-X86 X64 Date: 14.07.14 Exploit Author: HyP Vendor Homepage: http://www.gnu.org/software/make/ Software Link: http://ftp.gnu.org/gnu/make/ Version: Make 3.81 Tested on: linux32,64 bits...
Lian Li NAS - Multiple Vulnerabilities
Lian Li NAS - Multiple Vulnerabilities Exploit Title: Lian Li NAS Multiple vulnerabilities Date: 21/07/2014 Exploit Author: pws Vendor Homepage: http://www.lian-li.com/en/dtportfoliocategory/nas/ Firmware Link: https://www.dropbox.com/s/imvkndl8m5yj7qp/G5S604121826700.tar.gz Tested on: Latest...
WordPress Plugin Video Gallery 2.5 - Multiple Vulnerabilities
WordPress Plugin Video Gallery 2.5 - Multiple Vulnerabilities Wordpress Video Gallery Exploit Title : Wordpress Video Gallery 2.5 SQL Injection and XSS Vulnerabilities Exploit Author : Claudio Viviani Vendor Homepage : http://www.apptha.com/category/extension/Wordpress/Video-Gallery Software Link...
BulletProof FTP Client 2010 - Buffer Overflow (SEH) (PoC)
BulletProof FTP Client 2010 - Buffer Overflow SEH PoC ----------------------------------------------------------------------------- Exploit Title: BulletProof FTP Client 2010 - Buffer Overflow SEH Date: Jul 24 2014 Exploit Author: Gabor Seljan Software Link: http://www.bpftp.com/ Version:...
Omeka 2.2.1 - Remote Code Execution
Omeka 2.2.1 - Remote Code Execution !/usr/bin/env python Omeka 2.2.1 Remote Code Execution Exploit Vendor: Omeka Team CHNM GMU Product web page: http://www.omeka.org Affected version: 2.2.1 and 2.2 Summary: Omeka is a free, flexible, and open source web-publishing platform for the display of...
Barracuda Networks #35 Web Firewall 610 6.0.1 - Filter Bypass Persistent
Barracuda Networks 35 Web Firewall 610 6.0.1 - Filter Bypass Persistent Document Title: =============== Barracuda Networks 35 Web Firewall 610 v6.0.1 - Filter Bypass & Persistent Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1101 Barracud...
Ubiquiti Networks UniFi Video Default - crossdomain.xml Security Bypass
Ubiquiti Networks UniFi Video Default - crossdomain.xml Security Bypass source: https://www.securityfocus.com/bid/68866/info UniFi Video is prone to a security-bypass vulnerability. An authenticated attacker can exploit this issue to bypass certain security restrictions and perform unauthorized...
Ilya Birman E2 - @actionscomment-process SQL Injection
Ilya Birman E2 - @actionscomment-process SQL Injection source: https://www.securityfocus.com/bid/68843/info Ilya Birman E2 is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied input. An attacker can exploit this issue to compromise the application,...
NETGEAR DGN2200 1.0.0.29_1.7.29_HotS - Password Disclosure
NETGEAR DGN2200 1.0.0.291.7.29HotS - Password Disclosure Exploit Title: Password Disclosure vulnerability Software: NETGEAR DGN2200 Software Link: netgear.com Version: DGN2200 Author: Dolev Farhi, email: dolevatopenflaredotorg Date: 23.7.2014 Tested on: Kali Linux Firmware 1.0.0.291.7.29HotS 2...
DjVuLibre 3.5.25.3 - Out of Bounds Access Violation
DjVuLibre 3.5.25.3 - Out of Bounds Access Violation from shutil import copyfile import sys """ Exploit Title: DjVuLibre .text:004D3BC5 mov eax, eax+ecx4 .text:004D3BC8 test eax, eax .text:004D3BCA jnz short loc We overwrite 4 bytes in an FG44 chunk header with \xff\xff\xff\xff: 46 47 34 34 00 00 ...
Microsoft Windows XP SP3 - BthPan.sys Arbitrary Write Privilege Escalation
Microsoft Windows XP SP3 - BthPan.sys Arbitrary Write Privilege Escalation """ Title: Microsoft XP SP3 BthPan.sys Arbitrary Write Privilege Escalation Advisory ID: KL-001-2014-002 Publication Date: 2014-07-18 Publication URL: https://www.korelogic.com/Resources/Advisories/KL-001-2014-002.txt 1...
Apache 2.4.7 mod_status - Scoreboard Handling Race Condition
Apache 2.4.7 modstatus - Scoreboard Handling Race Condition -- 0. Sparse summary Race condition between updating httpd's "scoreboard" and modstatus, leading to several critical scenarios like heap buffer overflow with user supplied payload and leaking heap which can leak critical memory containin...
Raritan PowerIQ 4.1.0 - SQL Injection (Metasploit)
Raritan PowerIQ 4.1.0 - SQL Injection Metasploit =begin Raritan PowerIQ suffers from an unauthenticated SQL injection vulnerability within an endpoint used during initial configuration of the licensing for the product. This endpoint is still available after the appliance has been fully configured...
Linux Kernel 3.2.0-23 (Ubuntu 12.04 x64) - ptracesysret Local Privilege Escalation
Linux Kernel 3.2.0-23 Ubuntu 12.04 x64 - ptracesysret Local Privilege Escalation / CVE-2014-4699 ptrace/sysret PoC by Vitaly Nikolenko [email protected] gcc -O2 pocv0.c This code is kernel specific. On Ubuntu 12.04.0 LTS 3.2.0-23-generic, the following will trigger the GP in sysret and overwrite...
MTS MBlaze Ultra Wi-Fi ZTE AC3633 - Multiple Vulnerabilities
MTS MBlaze Ultra Wi-Fi ZTE AC3633 - Multiple Vulnerabilities Author: Ajin Abraham - xboz http://opensecurity.in Product MTS MBlaze 3G Wi-Fi Modem System Version 107 Manufacturer ZTE Model AC3633 import requests import os import urllib2 print "MTS MBlaze Ultra Wi-Fi / ZTE AC3633 Exploit" print...
World Of Warcraft 3.3.5a - macros-cache.txt Stack Overflow
World Of Warcraft 3.3.5a - macros-cache.txt Stack Overflow Exploit Title: World Of Warcraft 3.3.5a Stack Overflow macros-cache.txt Date: 21 Jul 2014 Exploit Author: Alireza Chegini @nimaarek Vendor Homepage: http://us.battle.net/wow/ Version: 3.3.5a Tested on: Win7 Output: --WoWError CrashDUmp :...
IBM GCM1632 1.20.0.22575 - Multiple Vulnerabilities
IBM GCM1632 1.20.0.22575 - Multiple Vulnerabilities Product description The IBM 1754 GCM family provides KVM over IP and serial console management technology in a single appliance. Versions v1.20.0.22575 and prior are vulnerables. Note that this vulnerability is also present in some DELL and...
WordPress Plugin WP BackupPlus - Database and Files Backup Download
WordPress Plugin WP BackupPlus - Database and Files Backup Download Exploit Title: Wordpress wpbackupplus Database and files Backup download 0-day Google Dork: Index of:"/wp-backup-plus" Date: 19/07/2014 Exploit Author: pSyCh03D Arfaoui Moslem https://www.facebook.com/lulz.sec Vendor Homepage:...
Microsoft Windows XP SP3 - MQAC.sys Arbitrary Write Privilege Escalation
Microsoft Windows XP SP3 - MQAC.sys Arbitrary Write Privilege Escalation Title: Microsoft XP SP3 MQAC.sys Arbitrary Write Privilege Escalation Advisory ID: KL-001-2014-003 Publication Date: 2014.07.18 Publication URL: https://www.korelogic.com/Resources/Advisories/KL-001-2014-003.txt 1...
ACME micro_httpd - Denial of Service
ACME microhttpd - Denial of Service """ Exploit Title: Buffer Overflow in microhttpd by ACME Date: 4/7/2014 Exploit Author: Yuval tisf Nativ Vendor Homepage: http://www.acme.com/software/microhttpd/ Software Link: http://www.acme.com/software/microhttpd/ Version: June 2012 CVE: CVE-2014-4927 Test...
Barracuda Networks Message Archiver 650 - Persistent Cross-Site Scripting
Barracuda Networks Message Archiver 650 - Persistent Cross-Site Scripting Document Title: =============== Barracuda Networks Message Archiver 650 - Persistent Input Validation Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=751...
WordPress Plugin Gallery Objects 0.4 - SQL Injection
WordPress Plugin Gallery Objects 0.4 - SQL Injection Exploit Title : Wordpress Gallery Objects 0.4 SQL Injection Exploit Author : Claudio Viviani Vendor Homepage : http://galleryobjects.com/ Software Link : http://downloads.wordpress.org/plugin/gallery-objects.0.4.zip Dork Google:...
OL-Commerce - OL-Commercecreate_account.php?country SQL Injection
OL-Commerce - OL-Commercecreateaccount.php?country SQL Injection source: https://www.securityfocus.com/bid/68719/info ol-commerce is prone to multiple SQL-injection vulnerabilities and multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied input...
OL-Commerce - OL-Commerceadmincreate_account.php?entry_country_id SQL Injection
OL-Commerce - OL-Commerceadmincreateaccount.php?entrycountryid SQL Injection source: https://www.securityfocus.com/bid/68719/info ol-commerce is prone to multiple SQL-injection vulnerabilities and multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplie...
Fonality trixbox - asterisk_info.php Directory Traversal
Fonality trixbox - asteriskinfo.php Directory Traversal source: https://www.securityfocus.com/bid/68719/info ol-commerce is prone to multiple SQL-injection vulnerabilities and multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied input. Exploiting...
OL-Commerce - OL-Commerceaffiliate_signup.php?a_country SQL Injection
OL-Commerce - OL-Commerceaffiliatesignup.php?acountry SQL Injection source: https://www.securityfocus.com/bid/68719/info ol-commerce is prone to multiple SQL-injection vulnerabilities and multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied input...
Fonality trixbox - index.php Directory Traversal
Fonality trixbox - index.php Directory Traversal source: https://www.securityfocus.com/bid/68719/info ol-commerce is prone to multiple SQL-injection vulnerabilities and multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied input. Exploiting these...