41207 matches found
HRSALE 1.1.8 - Cross-Site Request Forgery (Add Admin)
HRSALE 1.1.8 - Cross-Site Request Forgery Add Admin Exploit Title: HRSALE 1.1.8 - Cross-Site Request Forgery Add Admin Date: 2020-03-11 Exploit Author: Ismail Akıcı Vendor Homepage: http://hrsale.com/ Software Link : http://demo.hrsale.com/ Software : HRSALE v1.1.8 Product Version: v1.1.8...
Joomla! Component com_newsfeeds 1.0 - feedid SQL Injection
Joomla! Component comnewsfeeds 1.0 - feedid SQL Injection Exploit Title: Joomla! Component comnewsfeeds 1.0 - 'feedid' SQL Injection Date: 2020-03-10 Author: Milad Karimi Software Link: Version: Category : webapps Tested on: windows 10 , firefox CVE : CWE-89 Dork:...
ASUS AAHM 1.00.22 - asHmComSvc Unquoted Service Path
ASUS AAHM 1.00.22 - asHmComSvc Unquoted Service Path Exploit Title: ASUS AAHM 1.00.22 - 'asHmComSvc' Unquoted Service Path Discovery by: Roberto Piña Discovery Date: 2020-03-11 Vendor Homepage: https://www.asus.com/ Software Link...
rConfig 3.9 - searchColumn SQL Injection
rConfig 3.9 - searchColumn SQL Injection Exploit Title: rConfig 3.9 - 'searchColumn' SQL Injection Exploit Author: vikingfr Date: 2020-03-03 CVE-2020-10220 Exploit link : https://github.com/v1k1ngfr/exploits-rconfig/blob/master/rconfigCVE-2020-10220.py Vendor Homepage: https://rconfig.com/ see al...
WatchGuard Fireware AD Helper Component 5.8.5.10317 - Credential Disclosure
WatchGuard Fireware AD Helper Component 5.8.5.10317 - Credential Disclosure Exploit: WatchGuard Fireware AD Helper Component 5.8.5.10317 - Credential Disclosure Author: RedTeam Pentesting GmbH Date: 2020-03-11 Vendor: https://www.watchguard.com Software link:...
Horde Groupware Webmail Edition 5.2.22 - PHAR Loading
Horde Groupware Webmail Edition 5.2.22 - PHAR Loading exploit-phar-loading.py !/usr/bin/env python3 from horde import Horde import requests import subprocess import sys TEMPDIR = '/tmp' WWWROOT = '/var/www/html' if lensys.argv ' sys.exit1 baseurl = sys.argv1 username = sys.argv2 password =...
ASUS AXSP 1.02.00 - asComSvc Unquoted Service Path
ASUS AXSP 1.02.00 - asComSvc Unquoted Service Path Exploit Title: ASUS AXSP 1.02.00 - 'asComSvc' Unquoted Service Path Discovery by: Roberto Piña Discovery Date: 2020-03-10 Vendor Homepage: https://www.asus.com/ Software Link...
Wordpress Plugin Search Meter 2.13.2 - CSV injection
Wordpress Plugin Search Meter 2.13.2 - CSV injection Exploit Title: Wordpress Plugin Search Meter 2.13.2 - CSV Injection Google Dork: N/A Date: 2020-03-10 Exploit Author: Daniel Monzón stark0de Vendor Homepage: https://thunderguy.com/semicolon/ Software Link:...
Horde Groupware Webmail Edition 5.2.22 - PHP File Inclusion
Horde Groupware Webmail Edition 5.2.22 - PHP File Inclusion exploit-inc-inclusion.py !/usr/bin/env python3 from horde import Horde import subprocess import sys TEMPDIR = '/tmp' if lensys.argv ' sys.exit1 baseurl = sys.argv1 username = sys.argv2 password = sys.argv3 filename = sys.argv4 phpcode =...
Horde Groupware Webmail Edition 5.2.22 - Remote Code Execution
Horde Groupware Webmail Edition 5.2.22 - Remote Code Execution !/bin/sh if "$" -ne 4 ; then echo '! Usage: ' 1&2 exit 1 fi BASE="$1" USERNAME="$2" PASSWORD="$3" COMMAND="$4" JAR="$mktemp" trap 'rm -f "$JAR"' EXIT echo "+ Logging in as $USERNAME:$PASSWORD" 1&2 curl -si -c "$JAR" "$BASE/login.php" ...
Sysaid 20.1.11 b26 - Remote Command Execution
Sysaid 20.1.11 b26 - Remote Command Execution Exploit Title: Sysaid 20.1.11 b26 - Remote Command Execution Google Dork: intext:"Help Desk Software by SysAid " Date: 2020-03-09 Exploit Author: Ahmed Sherif Vendor Homepage: https://www.sysaid.com/free-help-desk-software Software Link:...
YzmCMS 5.5 - url Persistent Cross-Site Scripting
YzmCMS 5.5 - url Persistent Cross-Site Scripting Exploit Title: YzmCMS 5.5 - 'url' Persistent Cross-Site Scripting Google Dork: N/A Date: 2020-03-10 Exploit Author: En Vendor Homepage: https://github.com/yzmcms/yzmcms Software Link: https://github.com/yzmcms/yzmcms Version: V5.5 Category: Web...
Persian VIP Download Script 1.0 - active SQL Injection
Persian VIP Download Script 1.0 - active SQL Injection Exploit Title: Persian VIP Download Script 1.0 - 'active' SQL Injection Data: 2020-03-09 Exploit Author: S3FFR Vendor HomagePage: http://download.freescript.ir/scripts/Persian-VIP-DownloadFreeScript.ir.zip Version: = 1.0 Final Version Tested...
60CycleCMS - news.php SQL Injection
60CycleCMS - news.php SQL Injection Exploit Title: 60CycleCMS - 'news.php' Multiple vulnerability Google Dork: N/A Date: 2020-02-10 Exploit Author: Unkn0wn Vendor Homepage: http://davidvg.com/ Software Link: https://www.opensourcecms.com/60cyclecms Version: 2.5.2 Tested on: Ubuntu CVE : N/A...
Counter Strike: GO - .bsp Memory Control (PoC)
Counter Strike: GO - .bsp Memory Control PoC So I’ve been holding onto this neat little gem of a .bsp that has four bytes very close to the end of the file that controls the memory allocator. See above picture. Works on all supported operating systems last I checked so Linux, Windows, and macOS,...
Sentrifugo HRMS 3.2 - id SQL Injection
Sentrifugo HRMS 3.2 - id SQL Injection Exploit Title: Sentrifugo HRMS 3.2 - 'id' SQL Injection Exploit Author: minhnb Website: Date: 2020-03-06 Google Dork: N/A Vendor: http://www.sapplica.com Software Link: http://www.sentrifugo.com/download Affected Version: 3.2 and possibly before Patched...
ASUS GiftBox Desktop 1.1.1.127 - ASUSGiftBoxDesktop Unquoted Service Path
ASUS GiftBox Desktop 1.1.1.127 - ASUSGiftBoxDesktop Unquoted Service Path Exploit Title: ASUS GiftBox Desktop 1.1.1.127 - 'ASUSGiftBoxDesktop' Unquoted Service Path Discovery by: Oscar Flores Discovery Date: 2020-03-05 Vendor Homepage: https://www.asus.com/ Software Link :...
SpyHunter 4 - SpyHunter 4 Service Unquoted Service Path
SpyHunter 4 - SpyHunter 4 Service Unquoted Service Path Exploit Title: SpyHunter 4 - 'SpyHunter 4 Service' Unquoted Service Path Discovery by: Alejandro Reyes Discovery Date: 2020-03-05 Vendor Homepage: https://www.enigmasoftware.com Software Link :...
Iskysoft Application Framework Service 2.4.3.241 - IsAppService Unquoted Service Path
Iskysoft Application Framework Service 2.4.3.241 - IsAppService Unquoted Service Path Exploit Title: Iskysoft Application Framework Service 2.4.3.241 - 'IsAppService' Unquoted Service Path Discovery by: Alejandro Reyes Discovery Date: 2020-03-05 Vendor Homepage: https://www.iskysoft.us Software...
Deep Instinct Windows Agent 1.2.29.0 - DeepMgmtService Unquoted Service Path
Deep Instinct Windows Agent 1.2.29.0 - DeepMgmtService Unquoted Service Path Exploit Title: Deep Instinct Windows Agent 1.2.29.0 - 'DeepMgmtService' Unquoted Service Path Discovery by: Oscar Flores Discovery Date: 2020-03-05 Vendor Homepage: https://www.deepinstinct.com/ Software Links :...
UniSharp Laravel File Manager 2.0.0 - Arbitrary File Read
UniSharp Laravel File Manager 2.0.0 - Arbitrary File Read Exploit Title: UniSharp Laravel File Manager 2.0.0 - Arbitrary File Read Google Dork: inurl:"laravel-filemanager?type=Files" -site:github.com -site:github.io Date: 2020-02-04 Exploit Author: NgoAnhDuc Vendor Homepage:...
GUnet OpenEclass 1.7.3 E-learning platform - month SQL Injection
GUnet OpenEclass 1.7.3 E-learning platform - month SQL Injection Exploit Title: GUnet OpenEclass 1.7.3 E-learning platform - 'month' SQL Injection Google Dork: intext:"© GUnet 2003-2007" Date: 2020-03-02 Exploit Author: emaragkos Vendor Homepage: https://www.openeclass.org/ Software Link:...
RICOH Aficio SP 5200S Printer - entryNameIn HTML Injection
RICOH Aficio SP 5200S Printer - entryNameIn HTML Injection Exploit Title: RICOH Aficio SP 5200S Printer - 'entryNameIn' HTML Injection Discovery by: Paulina Girón Discovery Date: 2020-03-02 Vendor Homepage: https://www.ricoh.com/ Hardware Link:...
Microsoft Windows - WizardOpium Local Privilege Escalation
Microsoft Windows - WizardOpium Local Privilege Escalation include include extern "C" NTSTATUS NtUserMessageCallHWND hWnd, UINT msg, WPARAM wParam, LPARAM lParam, ULONGPTR ResultInfo, DWORD dwType, BOOL bAscii; int main HINSTANCE hInstance = GetModuleHandleNULL; WNDCLASSEX wcx; ZeroMemory&wcx,...
Alfresco 5.2.4 - Persistent Cross-Site Scripting
Alfresco 5.2.4 - Persistent Cross-Site Scripting Exploit Title: Alfresco 5.2.4 - Persistent Cross-Site Scripting Date: 2020-03-02 Exploit Author: Romain LOISEL & Alexandre ZANNI https://pwn.by/noraj - Pentesters from Orange Cyberdefense France Vendor Homepage: https://www.alfresco.com/ Software...
RICOH Aficio SP 5210SF Printer - entryNameIn HTML Injection
RICOH Aficio SP 5210SF Printer - entryNameIn HTML Injection Exploit Title: RICOH Aficio SP 5210SF Printer - 'entryNameIn' HTML Injection Discovery by: Olga Villagran Discovery Date: 2020-03-02 Vendor Homepage: https://www.ricoh.com/ Hardware Link:...
Cacti v1.2.8 - Unauthenticated Remote Code Execution (Metasploit)
Cacti v1.2.8 - Unauthenticated Remote Code Execution Metasploit Exploit Title: Cacti v1.2.8 - Unauthenticated Remote Code Execution Metasploit Date: 2020-02-29 Exploit Author: Lucas Amorim sh286s CVE: CVE-2020-8813 Vendor Homepage: https://cacti.net/ Version: v1.2.8 Tested on: Linux This module...
TL-WR849N 0.9.1 4.16 - Authentication Bypass (Upload Firmware)
TL-WR849N 0.9.1 4.16 - Authentication Bypass Upload Firmware Exploit Title: TL-WR849N 0.9.1 4.16 - Authentication Bypass Upload Firmware Date: 2019-11-20 Exploit Author: Elber Tavares Vendor Homepage: https://www.tp-link.com/ Software Link:...
TP LINK TL-WR849N - Remote Code Execution
TP LINK TL-WR849N - Remote Code Execution Exploit Title: TP LINK TL-WR849N - Remote Code Execution Date: 2019-11-20 Exploit Author: Elber Tavares Vendor Homepage: https://www.tp-link.com/ Software Link: https://www.tp-link.com/br/support/download/tl-wr849n/Firmware Version: TL-WR849N 0.9.1 4.16...
Joplin Desktop 1.0.184 - Cross-Site Scripting
Joplin Desktop 1.0.184 - Cross-Site Scripting Exploit Title: Joplin Desktop 1.0.184 - Cross-Site Scripting Exploit Author: Javier Olmedo Date: 2020-02-27 Vendor: Laurent Cozic Software Link: https://github.com/laurent22/joplin/archive/v1.0.184.zip Affected Version: 1.0.184 and before Patched...
Intelbras Wireless N 150Mbps WRN240 - Authentication Bypass (Config Upload)
Intelbras Wireless N 150Mbps WRN240 - Authentication Bypass Config Upload Exploit Title: Intelbras Wireless N 150Mbps WRN240 - Authentication Bypass Config Upload Date: 2019-11-20 Exploit Author: Elber Tavares Vendor Homepage: https://www.intelbras.com/ Software Link:...
Wing FTP Server 6.2.5 - Privilege Escalation
Wing FTP Server 6.2.5 - Privilege Escalation Exploit Title: Wing FTP Server 6.2.5 - Privilege Escalation Google Dork: intitle:"Wing FTP Server - Web" Date: 2020-03-03 Exploit Author: Cary Hooper Vendor Homepage: https://www.wftpserver.com Software Link:...
Netis WF2419 2.2.36123 - Remote Code Execution
Netis WF2419 2.2.36123 - Remote Code Execution Exploit Title: Netis WF2419 2.2.36123 - Remote Code Execution Exploit Author: Elias Issa Vendor Homepage: http://www.netis-systems.com Software Link: http://www.netis-systems.com/Suppory/downloads/dd/1/img/75 Date: 2020-02-11 Version: WF2419 V2.2.361...
Cyberoam Authentication Client 2.1.2.7 - Buffer Overflow (SEH)
Cyberoam Authentication Client 2.1.2.7 - Buffer Overflow SEH Exploit Title: Cyberoam Authentication Client 2.1.2.7 - Buffer Overflow SEH Date: 2020-02-28 Exploit Author: Andrey Stoykov Version: Cyberoam General Authentication Client 2.1.2.7 Tested on: Windows Vista SP2 x86 Steps to Reproduce: 1 R...
netkit-telnet-0.17 telnetd (Fedora 31) - BraveStarr Remote Code Execution
netkit-telnet-0.17 telnetd Fedora 31 - BraveStarr Remote Code Execution !/usr/bin/env python3 BraveStarr ========== Proof of Concept remote exploit against Fedora 31 netkit-telnet-0.17 telnetd. This is for demonstration purposes only. It has by no means been engineered to be reliable: 0xff bytes ...
CA Unified Infrastructure Management Nimsoft 7.80 - Remote Buffer Overflow
CA Unified Infrastructure Management Nimsoft 7.80 - Remote Buffer Overflow Exploit Title: CA Unified Infrastructure Management Nimsoft 7.80 - Remote Buffer Overflow Exploit Author: wetw0rk Exploit Version: Public POC Vendor Homepage:...
Wing FTP Server 6.2.3 - Privilege Escalation
Wing FTP Server 6.2.3 - Privilege Escalation Exploit Title: Wing FTP Server 6.2.3 - Privilege Escalation Google Dork: intitle:"Wing FTP Server - Web" Date: 2020-03-02 Exploit Author: Cary Hooper Vendor Homepage: https://www.wftpserver.com Software Link:...
Wordpress Plugin Tutor LMS 1.5.3 - Cross-Site Request Forgery (Add User)
Wordpress Plugin Tutor LMS 1.5.3 - Cross-Site Request Forgery Add User Exploit Title: Wordpress Plugin Tutor LMS 1.5.3 - Cross-Site Request Forgery Add User Date: 2020-01-30 Vendor Homepage: https://www.themeum.com/product/tutor-lms/ Vendor Changelog: https://wordpress.org/plugins/tutor/developer...
Microsoft Exchange 2019 15.2.221.12 - Authenticated Remote Code Execution
Microsoft Exchange 2019 15.2.221.12 - Authenticated Remote Code Execution Exploit Title: Microsoft Exchange 2019 15.2.221.12 - Authenticated Remote Code Execution Date: 2020-02-28 Exploit Author: Photubias Vendor Advisory: 1...
qdPM 9.1 - Remote Code Execution
qdPM 9.1 - Remote Code Execution !/usr/bin/python ------------------------------------------------------------------------------------- Title: qdPM Webshell Upload + RCE Exploit qdPMv9.1 and below CVE-2020-7246 Author: Tobin Shields @TobinShields Description: This is an exploit to automatically...
Business Live Chat Software 1.0 - Cross-Site Request Forgery (Add Admin)
Business Live Chat Software 1.0 - Cross-Site Request Forgery Add Admin Exploit Title: Business Live Chat Software 1.0 - Cross-Site Request Forgery Add Admin Description: Operator Can Change Role User Type to admin Date: 2020-02-26 Exploit Author: Meisam Monsef Vendor Homepage:...
Comtrend VR-3033 - Command Injection
Comtrend VR-3033 - Command Injection Title: Comtrend VR-3033 - Authenticated Command Injection Date: 2020-02-26 Author: Author : Raki Ben Hamouda Vendor: https://us.comtrend.com Product link: https://us.comtrend.com/products/vr-3030/ CVE: CVE-2020-10173 The Comtrend VR-3033 is prone to Multiple...
OpenSMTPD 6.6.3 - Arbitrary File Read
OpenSMTPD 6.6.3 - Arbitrary File Read Title: OpenSMTPD 6.6.3 - Arbitrary File Read Date: 2020-02-20 Author: qualys Vendor: https://www.opensmtpd.org/ CVE: 2020-8793 / Local information disclosure in OpenSMTPD CVE-2020-8793 Copyright C 2020 Qualys, Inc. This program is free software: you can...
PhpIX 2012 Professional - id SQL Injection
PhpIX 2012 Professional - id SQL Injection Title: PhpIX 2012 Professional - 'id' SQL Injection Date: 2020-02-26 Author: indoushka Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 69.032-bit Vendor : http://www.allhandsmarketing.com/ poc : + Dorking İn Google Or Other Search...
OpenSMTPD 6.6.3p1 - Local Privilege Escalation + Remote Code Execution
OpenSMTPD 6.6.3p1 - Local Privilege Escalation + Remote Code Execution / LPE and RCE in OpenSMTPD's default install CVE-2020-8794 Copyright C 2020 Qualys, Inc. This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by...
Core FTP LE 2.2 - Denial of Service (PoC)
Core FTP LE 2.2 - Denial of Service PoC Exploit Title: Core FTP LE 2.2 - Denial of Service PoC Date: 2020-25-02 Exploit Author: Ismael Nava Vendor Homepage: http://www.coreftp.com/ Software Link: http://www.coreftp.com/download.html Version: 2.2 build 1947 Tested on: Windows 10 Home x64 CVE : n/a...
Magento WooCommerce CardGate Payment Gateway 2.0.30 - Payment Process Bypass
Magento WooCommerce CardGate Payment Gateway 2.0.30 - Payment Process Bypass Exploit Title: Magento WooCommerce CardGate Payment Gateway 2.0.30 - Payment Process Bypass Discovery Date: 2020-02-02 Public Disclosure Date: 2020-02-22 Exploit Author: GeekHack Vendor Homepage: https://www.cardgate.com...
SpotFTP-FTP Password Recover 2.4.8 - Denial of Service (PoC)
SpotFTP-FTP Password Recover 2.4.8 - Denial of Service PoC Exploit Title: SpotFTP-FTP Password Recover 2.4.8 - Denial of Service PoC Date: 2020-24-02 Exploit Author: Ismael Nava Vendor Homepage: http://www.nsauditor.com/ Software Link: http://www.nsauditor.com/spotftp.html Version: 2.4.8 Tested o...
aSc TimeTables 2020.11.4 - Denial of Service (PoC)
aSc TimeTables 2020.11.4 - Denial of Service PoC Exploit Title: aSc TimeTables 2020.11.4 - Denial of Service PoC Date: 2020-24-02 Exploit Author: Ismael Nava Vendor Homepage: https://www.asctimetables.com/!/home Software Link: https://www.asctimetables.com/!/home/download Version: 2020.11.4 Teste...
Odin Secure FTP Expert 7.6.3 - Denial of Service (PoC)
Odin Secure FTP Expert 7.6.3 - Denial of Service PoC Exploit Title : Odin Secure FTP Expert 7.6.3 - Denial of Service PoC Exploit Author : Berat Isler Date : 2020-02-25 Vendor Homepage : https://odin-secure-ftp-expert.jaleco.com/ Software Link Download :...