41207 matches found
CIS Manager - email SQL Injection
CIS Manager - email SQL Injection source: https://www.securityfocus.com/bid/67442/info CIS Manager is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. A successful exploit will allow an attacker to compromise the...
Winamp - .flv File Processing Memory Corruption
Winamp - .flv File Processing Memory Corruption source: https://www.securityfocus.com/bid/67429/info Winamp is prone to a memory-corruption vulnerability. An attacker can leverage this issue to crash the affected application, causing a denial-of-service condition. Winamp 5.666 is vulnerable; othe...
RealPlayer - .3gp File Processing Memory Corruption
RealPlayer - .3gp File Processing Memory Corruption source: https://www.securityfocus.com/bid/67434/info RealPlayer is prone to a memory-corruption vulnerability. An attacker can leverage this issue to crash the affected application, causing a denial-of-service condition. Due to the nature of thi...
Nagios Plugins check_dhcp 2.0.1 - Arbitrary Option File Read
Nagios Plugins checkdhcp 2.0.1 - Arbitrary Option File Read ============================================= - Release date: 15.05.2014 - Discovered by: Dawid Golunski - Severity: Moderate ============================================= I. VULNERABILITY ------------------------- checkdhcp - Nagios...
Wireshark 1.10.7 - Denial of Service (PoC)
Wireshark 1.10.7 - Denial of Service PoC !/usr/bin/python Exploit Title: Wireshark Read Access Violation near NULL starting at libcairo2!cairoimagesurfacegetdata Date: May 15th 2014 Author: Osanda Malith Jayathissa E-Mail: osandajayathissagmail.com Version: 1.10.7 32-bit and 64-bit Vendor Homepag...
eGroupWare 1.8.006 - Multiple Vulnerabilities
eGroupWare 1.8.006 - Multiple Vulnerabilities Advisory ID: HTB23212 Product: EGroupware Vendor: http://www.egroupware.org/ Vulnerable Versions: 1.8.006 community edition and probably prior Tested Version: 1.8.006 community edition Advisory Publication: April 23, 2014 without technical details...
Seo Panel - file Directory Traversal
Seo Panel - file Directory Traversal source: https://www.securityfocus.com/bid/67911/info Seo Panel is prone to a directory-traversal vulnerability because it fails to sufficiently sanitize user-supplied input. Remote attackers can use a specially crafted request with directory-traversal sequence...
ElasticSearch - Remote Code Execution
ElasticSearch - Remote Code Execution body padding-top: 50px; .starter-template padding: 40px 15px; text-align: center; function esinject var readfile; var writefile; readfile = functionfilename return "import java.util.;\nimport java.io.;\nnew Scannernew File"" + filename +...
UPS WebSNMP-Manager CS121 - Authentication Bypass
UPS WebSNMP-Manager CS121 - Authentication Bypass source: https://www.securityfocus.com/bid/67438/info UPS Web/SNMP-Manager CS121 is prone to an authentication-bypass vulnerability. Attackers can exploit this issue to bypass authentication mechanism and gain access to the HTTPs, SNMP or Telnet po...
Broadcom PIPA C211 - Sensitive Information Disclosure
Broadcom PIPA C211 - Sensitive Information Disclosure Vulnerability title: Unauthenticated Credential And Configuration Retrieval In Broadcom Ltd PIPA C211 CVE: CVE-2014-2046 Vendor: Broadcom Ltd Product: PIPA C211 Affected version: Soft Rev: SR1.1, HW Rev: PIPA C211 rev2 Fixed version: N/A...
Easy File Sharing Web Server 6.8 - Remote Stack Buffer Overflow
Easy File Sharing Web Server 6.8 - Remote Stack Buffer Overflow Exploit Title: Easy File Sharing Web Server 6.8 stack buffer overflow Date: 10 May 2014 Exploit Author: superkojiman - http://www.techorganic.com Vendor Homepage: http://www.efssoft.com Software Link:...
TFTPD32 Tftpd64 - Denial of Service
TFTPD32 Tftpd64 - Denial of Service source: https://www.securityfocus.com/bid/67404/info Tftpd32 and Tftpd64 are prone to denial-of-service vulnerabilities. An attacker can exploit this issue to crash the affected application, denying service to legitimate users. Due to the nature of this issue,...
TFTPD32 4.5 TFTPD64 4.5 - Denial of Service (PoC)
TFTPD32 4.5 TFTPD64 4.5 - Denial of Service PoC Exploit Title: TFTPD32 4.5 / TFTPD64 4.5 DoS poc Date: 13/05/2014 Exploit Author: j0s3h4x0r Homepage: http://tftpd32.jounin.net/tftpd32testimonials.html Software Link: http://tftpd32.jounin.net/download/tftpd32.450.zip Version: 4.5 32 bits / 4.5 64...
SpiceWorks 7.2.00174 - Persistent Cross-Site Scripting
SpiceWorks 7.2.00174 - Persistent Cross-Site Scripting Exploit Title: Multiple Stored XSS vulnerabilities in SpiceWorks Ticketing system Date: 12/05/2014 Exploit author: Dolev Farhi @f1nhack Vendor homepage: http://spiceworks.com Software Link: http://download.spiceworks.com/Spiceworks.exe Versio...
JetAudio 8.1.1 - .ogg Crash (PoC)
JetAudio 8.1.1 - .ogg Crash PoC ''' Exploit Title: JetAudio memory corruption in latest Version 8.1.1 Date: 2014/05/08 Exploit Author: Aryan Bayaninejad Linkedin : https://www.linkedin.com/profile/view?id=276969082 Vendor Homepage: www.jetaudio.com Version: Version 8.1.1 and prior to that Tested...
Skybox Security 6.3.x 6.4.x - Multiple Information Disclosures
Skybox Security 6.3.x 6.4.x - Multiple Information Disclosures Exploit Title: SKYBOX Security – Multiple Information Disclosure Date: 22-Jan-2014 Exploit Author: Luigi Vezzoso Vendor Homepage: http://www.skyboxsecurity.com Version: Skybox View Appliances with ISO versions: 6.3.33-2.14, 6.3.31-2.1...
EFS Easy Chat Server 3.1 - Remote Stack Buffer Overflow
EFS Easy Chat Server 3.1 - Remote Stack Buffer Overflow Exploit-DB Note: The offset to SEH is influenced by the installation path of the program. For this specific exploit to work, easy chat must be installed to: 'C:\Program Files\EFS Software\Easy Chat Server' Exploit Title: Easy Chat Server 3.1...
GOM Player 2.2.57.5189 - .ogg Crash (PoC)
GOM Player 2.2.57.5189 - .ogg Crash PoC ''' Exploit Title: Gomplayer Memory Corruption vulnerability latest Version 2.2.57.5189 Date: 2014/05/06 Exploit Author: Aryan Bayaninejad Linkedin : https://www.linkedin.com/profile/view?id=276969082 Vendor Homepage: www.gomlab.com Software Link:...
VM Turbo Operations Manager 4.5x - Directory Traversal
VM Turbo Operations Manager 4.5x - Directory Traversal Product: VM Turbo Operations Manager Vendor: VM Turbo Vulnerable Versions: 4.5.x earlier Tested Version: 4.0 Advisory Publication: April 11, 2014 Vendor Notification: April 11, 2014 Public Disclosure: May 8, 2014 Vulnerability Type: Directory...
Skybox Security 6.3.x 6.4.x - Multiple Denial of Service Vulnerabilities
Skybox Security 6.3.x 6.4.x - Multiple Denial of Service Vulnerabilities Exploit Title: SKYBOX Security - DDOS Date: 22-Jan-2014 Exploit Author: Luigi Vezzoso Vendor Homepage: http://www.skyboxsecurity.com Version: Skybox View Appliances with ISO versions: 6.3.33-2.14, 6.3.31-2.14, 6.4.42-2.54,...
Alienvault Open Source SIEM (OSSIM) 4.6.1 - (Authenticated) SQL Injection (Metasploit)
Alienvault Open Source SIEM OSSIM 4.6.1 - Authenticated SQL Injection Metasploit Exploit Title: AlienVault newpolicyform.php SQLi Date: 5/9/2014 Exploit Author: chrisdhebertatgmail.com Vendor Homepage: http://www.alienvault.com/ Software Link: http://www.alienvault.com/free-downloads-services...
VideoLAN VLC Media Player 2.1.3 - .wav File Memory Corruption
VideoLAN VLC Media Player 2.1.3 - .wav File Memory Corruption source: https://www.securityfocus.com/bid/67315/info VLC Media Player is prone to a memory-corruption vulnerability. Attackers can exploit this issue to cause a denial-of-service condition. Due to the nature of this issue, arbitrary co...
Cobbler 2.4.x 2.6.x - Local File Inclusion
Cobbler 2.4.x 2.6.x - Local File Inclusion Exploit Title: Local File Inclusion vulnerability in cobbler Exploit author: Dolev Farhi @f1nhack Date 07/05/2014 Vendor homepage: http://www.cobblerd.org Affected Software version: 2.4.x - 2.6.x Alerted vendor: 7.5.14 Software Description...
Foscam IP Camera - Predictable Credentials Security Bypass
Foscam IP Camera - Predictable Credentials Security Bypass // source: https://www.securityfocus.com/bid/67510/info Foscam IP Camera is prone to a security-bypass vulnerability. An attacker can exploit this issue to gain access to sensitive information and perform certain unauthorized actions; thi...
OpenFiler 2.99.1 - Multiple Persistent Cross-Site Scripting Vulnerabilities
OpenFiler 2.99.1 - Multiple Persistent Cross-Site Scripting Vulnerabilities Exploit Title: Multiple persistent XSS in Openfiler Exploit author: Dolev Farhi @f1nhack Date 07/05/2014 Vendor homepage: http://www.openfiler.com Affected Software version: 2.99.1 Alerted vendor: 7.5.14 Software...
Python - Interpreter Heap Memory Corruption (PoC)
Python - Interpreter Heap Memory Corruption PoC Title: Python Interpreter Heap Memory Corruption Date: Sun, 30 Mar 2014 20:09:44 -0400 Vulnerability Discovered By : Unknown Proof of Concept : Debasish Mandal https://twitter.com/debasishm89 Software Link: https://www.python.org/ Version: All , Fix...
Collabtive 1.2 - Persistent Cross-Site Scripting
Collabtive 1.2 - Persistent Cross-Site Scripting Vulnerability title: Stored XSS vulnerability in Collabtive application CVE-2014-3247 CVE: CVE-2014-3247coordinated with cve assigning team and vendor Vendor: Collabtive Product: Collabtive Open Source Project Management Software Affected version:...
CMS Touch - news.php?News_ID SQL Injection
CMS Touch - news.php?NewsID SQL Injection source: https://www.securityfocus.com/bid/67377/info CMS Touch is prone to multiple SQL-injection and cross-site scripting vulnerabilities. Successful exploits could allow an attacker to steal cookie-based authentication credentials, compromise the...
OpenFiler 2.99.1 - Arbitrary Code Execution
OpenFiler 2.99.1 - Arbitrary Code Execution Exploit Title: Arbitrary Code Execution in Openfiler Exploit author: Dolev Farhi @f1nhack Date 07/05/2014 Vendor homepage: http://www.openfiler.com Affected Software version: 2.99.1 Alerted vendor: 7.5.14 Software Description =====================...
TOA - Cross-Site Request Forgery
TOA - Cross-Site Request Forgery source: https://www.securityfocus.com/bid/67291/info TOA is prone to a cross-site request-forgery vulnerability because it does not properly validate HTTP requests. Exploiting this issue may allow a remote attacker to perform certain unauthorized actions in the...
CMS Touch - pages.php?Page_ID SQL Injection
CMS Touch - pages.php?PageID SQL Injection source: https://www.securityfocus.com/bid/67377/info CMS Touch is prone to multiple SQL-injection and cross-site scripting vulnerabilities. Successful exploits could allow an attacker to steal cookie-based authentication credentials, compromise the...
Collabtive 1.2 - SQL Injection
Collabtive 1.2 - SQL Injection Vulnerability title: SQL Injection / SQL Error message in Collabtive application CVE-2014-3246 CVE: CVE-2014-3246 cordinated with Vendor: Collabtive Product: Collabtive Open Source Project Management Software Affected version: 1.12 Fixed version: 2.0 Reported by:...
Caldera - costview2jobs.php?tr SQL Injection
Caldera - costview2jobs.php?tr SQL Injection source: https://www.securityfocus.com/bid/67256/info Caldera is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied input before using it in an SQL query. Exploiting these issues could allow an attack...
Caldera - costview2printers.php?tr SQL Injection
Caldera - costview2printers.php?tr SQL Injection source: https://www.securityfocus.com/bid/67256/info Caldera is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied input before using it in an SQL query. Exploiting these issues could allow an...
AssistMyTeam Team Helpdesk - Multiple Information Disclosure Vulnerabilities
AssistMyTeam Team Helpdesk - Multiple Information Disclosure Vulnerabilities source: https://www.securityfocus.com/bid/67271/info AssistMyTeam Team Helpdesk is prone to multiple information-disclosure vulnerabilities. Successfully exploiting these issues may allow an attacker to obtain sensitive...
TeamHelpdesk Customer Web Service (CWS) 8.3.5 Technician Web Access (TWA) 8.3.5 - Remote User Credential Dump
TeamHelpdesk Customer Web Service CWS 8.3.5 Technician Web Access TWA 8.3.5 - Remote User Credential Dump Exploit Title: Team Helpdesk Customer Web Service CWS Remote User Credential Dump exploit Exploit Title: Team Helpdesk Technician Web Access TWA Remote User Credential Dump exploit Date: May ...
PrestaShop - getSimilarManufacturer.php?id_manufacturer SQL Injection
PrestaShop - getSimilarManufacturer.php?idmanufacturer SQL Injection source: https://www.securityfocus.com/bid/67249/info PrestaShop is prone to an SQL-injection vulnerability and a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may...
Crime24 Stealer Panel 1.0 - Multiple Vulnerabilities
Crime24 Stealer Panel 1.0 - Multiple Vulnerabilities =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= | \ | | | \ | | | |/ | / | | | | |/ / \ | | | |/ | ' \ | || | | | \ \ || | Twitter @TheHackersBay Pentester / Underground hacker Exploit Title: Crime24 Stealer Panel...
Seagate BlackArmor NAS - Multiple Vulnerabilities
Seagate BlackArmor NAS - Multiple Vulnerabilities Exploit Title: Seagate BlackArmor NAS Multiple Vulnerabilities Date: 2/17/14 Exploit Author: Shayan Sadigh twitter.com/r1pplex | Vendor Homepage: http://www.seagate.com/external-hard-drives/network-storage/ Version: All BlackArmor NAS devices...
F5 BIG-IQ 4.1.0.2013.0 - Privilege Escalation (Metasploit)
F5 BIG-IQ 4.1.0.2013.0 - Privilege Escalation Metasploit This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' require 'json' class Metasploit3 "F5 BIG-IQ v4.1.0.2013.0 authenticated arbitrary user password...
NETGEAR DGN2200 1.0.0.29_1.7.29_HotS - Persistent Cross-Site Scripting
NETGEAR DGN2200 1.0.0.291.7.29HotS - Persistent Cross-Site Scripting Exploit Title: Stored XSS Vulnerability in NETGEAR DGN2200 Web interface Date 30/04/2014 Exploit author: Dolev Farhi @f1nhack Vendor homepage: http://netgear.com Affected Firmware version: 1.0.0.291.7.29HotS Affected Hardware:...
Fritz!Box - Remote Command Execution
Fritz!Box - Remote Command Execution App : Fritz!Box Author : 0x4148 Fritz!Box is Networking/voice Over ip router produced by AVM it suffer from Unauthenticated remote command execution flaw Poc :...
Beetel 450TC2 Router - Cross-Site Request Forgery (Admin Password)
Beetel 450TC2 Router - Cross-Site Request Forgery Admin Password input type=...
NULL NUKE CMS 2.2 - Multiple Vulnerabilities
NULL NUKE CMS 2.2 - Multiple Vulnerabilities NULL NUKE CMS v2.2 Multiple Vulnerabilities Vendor: nullwanton Product web page: http://sourceforge.net/projects/nullnuke/ Affected version: 2.2 and 2.1 rc3 Summary: NULL-8x3-NUKE is a fast, powerful and secure cross platform CMS for windows and Linux...
TRENDnet TEW-634GRU 1.00.23 - Multiple Vulnerabilities
TRENDnet TEW-634GRU 1.00.23 - Multiple Vulnerabilities Title: TRENDnet TEW-634GRU 1.00.23 Multiple Vulnerabilities Author: SirGod Website: www.rstforums.com Vendor Homepage: http://www.trendnet.com/ Version: 1.00.23 1. Local file disclosure The router has the TFTP service enabled by default and i...
NTP ntpd monlist Query Reflection - Denial of Service
NTP ntpd monlist Query Reflection - Denial of Service / Exploit Title: CVE-2013-5211 PoC - NTP DDoS amplification Date: 28/04/2014 Code Author: Danilo PC - CVE : CVE-2013-5211 / / I coded this program to help other to understand how an DDoS attack amplified by NTP servers works CVE-2013-5211 I to...
WordPress Plugin iMember360 3.8.012 3.9.001 - Multiple Vulnerabilities
WordPress Plugin iMember360 3.8.012 3.9.001 - Multiple Vulnerabilities ------------ BACKGROUND ------------ "iMember360is a WordPress plugin that will turn a normal WordPress site into a full featured membership site. It includes all the protection controls you can imagine, yet driven by...
ApPHP MicroBlog 1.0.1 - Remote Command Execution
ApPHP MicroBlog 1.0.1 - Remote Command Execution !/usr/bin/python import random import hashlib import urllib from base64 import b64encode as b64 import sys import re Exploit Title: Python exploit for ApPHP MicroBlog 1.0.1 Free Version - RCE Exploit Author: LOTFREE Version: ApPHP MicroBlog 1.0.1...
Adem 0.5.1 - Local File Inclusion
Adem 0.5.1 - Local File Inclusion ----------exploit Debut Local File Include Vulnerability ----------Script Info Author : JIKO ----------Script Info Site : https://github.com/4FSB/Adem && http://adem.faares.com/demo Version : 0.5.1 Download : https://codeload.github.com/4FSB/Adem/zip/master...
GeoCore MAX DB Ver. 7.3.3 - Blind SQL Injection
GeoCore MAX DB Ver. 7.3.3 - Blind SQL Injection Exploit Title: GeoCore MAX DB Ver. 7.3.3 - Time-Based Blind Injection Official site: http://geodesicsolutions.com Risk Level: High Vendor : http://geodesicsolutions.com Exploit Author: Esac Homepage author : www.iss4m.ma Last Checked: 25/04/2014...