WordPress Plugin WooCommerce CardGate Payment Gateway 3.1.15 - Payment Process Bypass

WordPress Plugin WooCommerce CardGate Payment Gateway 3.1.15 - Payment Process Bypass Exploit Title: WordPress Plugin WooCommerce CardGate Payment Gateway 3.1.15 - Payment Process Bypass Discovery Date: 2020-02-02 Public Disclosure Date: 2020-02-22 Exploit Author: GeekHack Vendor Homepage:...

SecuSTATION IPCAM-130 HD Camera - Remote Configuration Disclosure

SecuSTATION IPCAM-130 HD Camera - Remote Configuration Disclosure Exploit Title: SecuSTATION IPCAM-130 HD Camera - Remote Configuration Disclosure Author: Todor Donev Date: 2020-02-23 Vendor: https://secu.jp/ Product Link: https://secu.jp/support/831nh1.html CVE: N/A SecuSTATION IPCAM-130 HD Came...

Quick N Easy Web Server 3.3.8 - Denial of Service (PoC)

Quick N Easy Web Server 3.3.8 - Denial of Service PoC Title: Quick N Easy Web Server 3.3.8 - Denial of Service PoC Date: 2019-12-25 Author: Cody Winkler Vendor Homepage: https://www.pablosoftwaresolutions.com/ Software Link: https://www.pablosoftwaresolutions.com/html/quickneasywebserver.html...

DotNetNuke 9.5 - Persistent Cross-Site Scripting

DotNetNuke 9.5 - Persistent Cross-Site Scripting Exploit Title: DotNetNuke 9.5 - Persistent Cross-Site Scripting Date: 2020-02-23 Exploit Author: Sajjad Pourali Vendor Homepage: http://dnnsoftware.com/ Software Link:...

DotNetNuke 9.5 - File Upload Restrictions Bypass

DotNetNuke 9.5 - File Upload Restrictions Bypass Exploit Title: DotNetNuke 9.5 - File Upload Restrictions Bypass Date: 2020-02-23 Exploit Author: Sajjad Pourali Vendor Homepage: http://dnnsoftware.com/ Software Link:...

CandidATS 2.1.0 - Cross-Site Request Forgery (Add Admin)

CandidATS 2.1.0 - Cross-Site Request Forgery Add Admin Title: CandidATS 2.1.0 - Cross-Site Request Forgery Add Admin Date: 2020-02-21 Exploit Author: J3rryBl4nks Vendor Homepage: https://sourceforge.net/u/auieo/profile/ Software Link: https://sourceforge.net/projects/candidats/files/Version 2.1.0...

ATutor 2.2.4 - id SQL Injection

ATutor 2.2.4 - id SQL Injection Exploit Title: ATutor 2.2.4 - 'id' SQL Injection Date: 2020-02-23 Exploit Author: Andrey Stoykov Vendor Homepage: https://atutor.github.io/ Software Link: https://sourceforge.net/projects/atutor/files/latest/download Version: ATutor 2.2.4 Tested on: LAMP on Ubuntu...

Real Web Pentesting Tutorial Step by Step - [Persian]

Real Web Pentesting Tutorial Step by Step - Persian 1...

Cacti 1.2.8 - Remote Code Execution

Cacti 1.2.8 - Remote Code Execution Exploit Title: Cacti 1.2.8 - Remote Code Execution Date: 2020-02-03 Exploit Author: Askar @mohammadaskar2 CVE: CVE-2020-8813 Vendor Homepage: https://cacti.net/ Version: v1.2.8 Tested on: CentOS 7.3 / PHP 7.1.33 !/usr/bin/python3 import requests import sys impo...

AMSS++ v 4.31 - id SQL Injection

AMSS++ v 4.31 - id SQL Injection Title : AMSS++ v 4.31 - 'id' SQL Injection Author : indoushka Tested on: windows 10 Français V.Pro / browser : Mozilla firefox 65.032-bit Vendor: http://amssplus.ubn4.go.th/amssplusdownload/amssplus431install.rar Dork: แนะนำให้ใช้บราวเซอร์ Google Chrome "AMSS++"...

ESCAM QD-900 WIFI HD Camera - Remote Configuration Disclosure

ESCAM QD-900 WIFI HD Camera - Remote Configuration Disclosure Title: ESCAM QD-900 WIFI HD Camera - Remote Configuration Disclosure Author: Todor Donev Date: 2020-02-23 Vendor: www.escam.cn Product Link: http://www.escam.cn/search/?class1=&class2=&class3=&searchtype=0&searchword=qd-900&lang=en CVE...

SecuSTATION SC-831 HD Camera - Remote Configuration Disclosure

SecuSTATION SC-831 HD Camera - Remote Configuration Disclosure Exploit Title: SecuSTATION SC-831 HD Camera - Remote Configuration Disclosure Author: Todor Donev Date: 2020-02-23 Vendor: https://secu.jp/ Product Link: https://secu.jp/support/831.html CVE: N/A !/usr/bin/perl SecuSTATION SC-831 HD...

eLection 2.0 - id SQL Injection

eLection 2.0 - id SQL Injection Title: eLection 2.0 - 'id' SQL Injection Date: 2020-02-21 Exploit Author: J3rryBl4nks Vendor Homepage: https://sourceforge.net/projects/election-by-tripath/ Software Link: https://sourceforge.net/projects/election-by-tripath/files/Version 2.0 Tested on Ubuntu 19/Ka...

ManageEngine EventLog Analyzer 10.0 - Information Disclosure

ManageEngine EventLog Analyzer 10.0 - Information Disclosure Exploit Title: ManageEngine EventLog Analyzer 10.0 - Information Disclosure Date: 2020-02-23 Author:Scott Goodwin Vendor: https://www.manageengine.com/ Software Link: https://www.manageengine.com/products/eventlog/ CVE: CVE-2019-19774...

Go SSH servers 0.0.2 - Denial of Service (PoC)

Go SSH servers 0.0.2 - Denial of Service PoC Exploit Title: Go SSH servers 0.0.2 - Denial of Service PoC Author: Mark Adams Date: 2020-02-21 Link: https://github.com/mark-adams/exploits/blob/master/CVE-2020-9283/poc.py CVE: CVE-2020-9283 Running this script may crash the remote SSH server if it i...

Avaya IP Office Application Server 11.0.0.0 - Reflective Cross-Site Scripting

Avaya IP Office Application Server 11.0.0.0 - Reflective Cross-Site Scripting Exploit Title: Avaya IP Office Application Server 11.0.0.0 - Reflective Cross-Site Scripting Release Date: 2019-12-11 Exploit Authors: Dan Bohan, Scott Goodwin, OCD Tech Vendor Homepage: https://www.avaya.com/en/ Softwa...

GUnet OpenEclass E-learning platform 1.7.3 - uname SQL Injection

GUnet OpenEclass E-learning platform 1.7.3 - uname SQL Injection Exploit Title: GUnet OpenEclass E-learning platform 1.7.3 - 'uname' SQL Injection Google Dork: intext:"© GUnet 2003-2007" Date: 2019-11-03 Exploit Author: emaragkos Vendor Homepage: https://www.openeclass.org/ Software Link:...

Aptina AR0130 960P 1.3MP Camera - Remote Configuration Disclosure

Aptina AR0130 960P 1.3MP Camera - Remote Configuration Disclosure Exploit Title: Aptina AR0130 960P 1.3MP Camera - Remote Configuration Disclosure Author: Todor Donev Date: 2020-02-23 Vendor: https://acesecurity.jp Product Link: https://acesecurity.jp/support/top/wipseries/wip-90113 CVE: N/A...

AMSS++ 4.7 - Backdoor Admin Account

AMSS++ 4.7 - Backdoor Admin Account Title: AMSS++ 4.7 - Backdoor Admin Account Author: indoushka Date: 2020-02-23 Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 65.032-bit Vendor : http://amssplus.ubn4.go.th/amssplusdownload/amssplus431install.rar Dork : แนะนำให้ใช้บราวเซอร์...

I6032B-P POE 2.0MP Outdoor Camera - Remote Configuration Disclosure

I6032B-P POE 2.0MP Outdoor Camera - Remote Configuration Disclosure Exploit Title: I6032B-P POE 2.0MP Outdoor Camera - Remote Configuration Disclosure Author: Todor Donev Date: 2020-02-23 Vendor: https://www.revotec.com/ Product Link: CVE: N/A !/usr/bin/perl Revotech I6032B-P POE 1920x1080P 2.0MP...

Core FTP Lite 1.3 - Denial of Service (PoC)

Core FTP Lite 1.3 - Denial of Service PoC Exploit Title : Core FTP Lite 1.3 - Denial of Service PoC Exploit Author: Berat Isler Date: 2020-02-20 Vendor Homepage: http://www.coreftp.com/ Software Link Download:http://tr.oldversion.com/windows/core-ftp-le-1-3cbuild1437 Version: Core FTP 1.3cBuild14...

Apache Tomcat - AJP Ghostcat File ReadInclusion

Apache Tomcat - AJP Ghostcat File ReadInclusion !/usr/bin/env python CNVD-2020-10487 Tomcat-Ajp lfi by ydhcui import struct Some references: https://tomcat.apache.org/connectors-doc/ajp/ajpv13a.html def packstrings: if s is None: return struct.pack"h", -1 l = lens return struct.pack"H%dsb" % l, l...

Easy2Pilot 7 - Cross-Site Request Forgery (Add User)

Easy2Pilot 7 - Cross-Site Request Forgery Add User Exploit Title: Easy2Pilot 7 - Cross-Site Request Forgery Add User Author: indoushka Date: 2020-02-20 Tested on: windows 10 Français V.Pro / browser : Mozilla firefox 69.032-bit Vendor: http://easy2pilot-v7.com/ CVE: N/A poc : + Dorking İn Google ...

Virtual Freer 1.58 - Remote Command Execution

Virtual Freer 1.58 - Remote Command Execution Exploit title : Virtual Freer 1.58 - Remote Command Execution Exploit Author : SajjadBnd Date : 2020-02-17 Vendor Homepage : http://freer.ir/virtual/ Software Link : http://www.freer.ir/virtual/download.php?action=get Software Linkmirror :...

Nanometrics Centaur 4.3.23 - Unauthenticated Remote Memory Leak

Nanometrics Centaur 4.3.23 - Unauthenticated Remote Memory Leak Exploit Title: Nanometrics Centaur 4.3.23 - Unauthenticated Remote Memory Leak Date: 2020-02-15 Author: byteGoblin Vendor: https://www.nanometrics.ca Product: https://www.nanometrics.ca/products/accelerometers/titan-sma Product:...

DBPower C300 HD Camera - Remote Configuration Disclosure

DBPower C300 HD Camera - Remote Configuration Disclosure Exploit Title: DBPower C300 HD Camera - Remote Configuration Disclosure Date: 2020-02-19 Author: Todor Donev Vendor: https://donev.eu/ CVE: N/A Copyright 2020 c Todor Donev https://donev.eu/...

SOPlanning 1.45 - Cross-Site Request Forgery (Add User)

SOPlanning 1.45 - Cross-Site Request Forgery Add User Exploit Title: SOPlanning 1.45 - Cross-Site Request Forgery Add User Date: 2020-02-14 Exploit Author: J3rryBl4nks Vendor Homepage: https://www.soplanning.org/en/ Software Link: https://sourceforge.net/projects/soplanning/files/soplanning/...

DHCP Turbo 4.61298 - DHCP Turbo 4 Unquoted Service Path

DHCP Turbo 4.61298 - DHCP Turbo 4 Unquoted Service Path Exploit Title: DHCP Turbo 4.61298 - 'DHCP Turbo 4' Unquoted Service Path Exploit Author: boku Date: 2020-02-10 Vendor Homepage: https://www.weird-solutions.com Software Link:...

WordPress Theme Fruitful 3.8 - Persistent Cross-Site Scripting

WordPress Theme Fruitful 3.8 - Persistent Cross-Site Scripting Exploit Title: WordPress Theme Fruitful 3.8 - Persistent Cross-Site Scripting Dork: intext:"Fruitful theme by fruitfulcode Powered by: WordPress" intext:"Comment" intext:"Leave a Reply" Date: 2020-02-14 Category : Webapps Software Lin...

Ice HRM 26.2.0 - Cross-Site Request Forgery (Add User)

Ice HRM 26.2.0 - Cross-Site Request Forgery Add User Exploit Title: Ice HRM 26.2.0 - Cross-Site Request Forgery Add User Date: 2020-02-14 Exploit Author: J3rryBl4nks Vendor Homepage: https://icehrm.com/ Software Link: https://sourceforge.net/projects/icehrm/Version 26.2.0 Tested on Windows 10/Kal...

Cuckoo Clock v5.0 - Buffer Overflow

Cuckoo Clock v5.0 - Buffer Overflow Exploit Title: Cuckoo Clock 5.0 - Buffer Overflow Exploit Author: boku Date: 2020-02-14 Vendor Homepage: https://en.softonic.com/author/pxcompany Software Link: https://en.softonic.com/download/parallaxis-cuckoo-clock/windows/post-download Version: 5.0 Tested O...

BOOTP Turbo 2.0.1214 - BOOTP Turbo Unquoted Service Path

BOOTP Turbo 2.0.1214 - BOOTP Turbo Unquoted Service Path Exploit Title: BOOTP Turbo 2.0.1214 - 'BOOTP Turbo' Unquoted Service Path Exploit Author: boku Date: 2020-02-10 Vendor Homepage: https://www.weird-solutions.com Software Link:...

Wordpress Plugin Strong Testimonials 2.40.1 - Persistent Cross-Site Scripting

Wordpress Plugin Strong Testimonials 2.40.1 - Persistent Cross-Site Scripting Exploit Title: Wordpress Plugin Strong Testimonials 2.40.0 - Persistent Cross-Site Scripting Date: 2020-01-23 Vendor Homepage: https://strongtestimonials.com Vendor Changelog:...

SOPlanning 1.45 - by SQL Injection

SOPlanning 1.45 - by SQL Injection Exploit Title: SOPlanning 1.45 - 'by' SQL Injection Date: 2020-02-14 Exploit Author: J3rryBl4nks Vendor Homepage: https://www.soplanning.org/en/ Software Link: https://sourceforge.net/projects/soplanning/files/soplanning/ Version 1.45 Tested on Windows 10/Kali...

HP System Event 1.2.9.0 - HPWMISVC Unquoted Service Path

HP System Event 1.2.9.0 - HPWMISVC Unquoted Service Path Exploit Title: HP System Event 1.2.9.0 - 'HPWMISVC' Unquoted Service Path Discovery by: Roberto Piña Discovery Date: 2020-02-14 Vendor Homepage:https://www8.hp.com/mx/es/home.html Software...

MSI Packages Symbolic Links Processing - Windows 10 Privilege Escalation

MSI Packages Symbolic Links Processing - Windows 10 Privilege Escalation Exploit Title: MSI Packages Symbolic Links Processing - Windows 10 Privilege Escalation Author: nu11secur1ty Date: 2020-02-14 Vendor: Microsoft Link:...

SOPlanning 1.45 - users SQL Injection

SOPlanning 1.45 - users SQL Injection Exploit Title: SOPlanning 1.45 - 'users' SQL Injection Date: 2020-02-14 Exploit Author: J3rryBl4nks, Homebrewer Vendor Homepage: https://www.soplanning.org/en/ Software Link: https://sourceforge.net/projects/soplanning/files/soplanning/ Version 1.45 Tested on...

Avaya Aura Communication Manager 5.2 - Remote Code Execution

Avaya Aura Communication Manager 5.2 - Remote Code Execution Exploit Title: Avaya Aura Communication Manager 5.2 - Remote Code Execution Exploit Author: Sarang Tumne a.k.a SarT Date: 2020-02-14 Confirmed on release 5.2 Vendor: https://www.avaya.com/en/ Avaya's advisory:...

TFTP Turbo 4.6.1273 - TFTP Turbo 4 Unquoted Service Path

TFTP Turbo 4.6.1273 - TFTP Turbo 4 Unquoted Service Path Exploit Title: TFTP Turbo 4.6.1273 - 'TFTP Turbo 4' Unquoted Service Path Exploit Author: boku Date: 2020-02-10 Vendor Homepage: https://www.weird-solutions.com Software Link:...

LabVantage 8.3 - Information Disclosure

LabVantage 8.3 - Information Disclosure Exploit Title: LabVantage 8.3 - Information Disclosure Google Dork: N/A Date: 2020-02-16 Exploit Author: Joel Aviad Ossi Vendor Homepage: labvantage.com Software Link: N/A Version: LabVantage 8.3 Tested on: CVE : N/A import requests import operator def...

HomeGuard Pro 9.3.1 - Insecure Folder Permissions

HomeGuard Pro 9.3.1 - Insecure Folder Permissions Exploit Title: HomeGuard Pro 9.3.1 - Insecure Folder Permissions Exploit Author: boku Date: 2020-02-13 Vendor Homepage: https://veridium.net Software Link: https://veridium.net/filesu/hg-pro/exe/HomeGuardPro-Setup.exe Version 9.3.1 Tested On:...

EPSON EasyMP Network Projection 2.81 - EMP_NSWLSV Unquoted Service Path

EPSON EasyMP Network Projection 2.81 - EMPNSWLSV Unquoted Service Path Exploit Title: EPSON EasyMP Network Projection 2.81 - 'EMPNSWLSV' Unquoted Service Path Discovery by: Roberto Piña Discovery Date: 2020-02-13 Vendor Homepage: https://epson.com/support/easymp-network-projection-v2-86-for-windo...

phpMyChat Plus 1.98 - pmc_username SQL Injection

phpMyChat Plus 1.98 - pmcusername SQL Injection Title: phpMyChat Plus 1.98 - 'pmcusername' SQL Injection Date: 2020-02-13 Exploit Author: J3rryBl4nks Vendor Homepage: http://ciprianmp.com/latest/ Software Link: https://sourceforge.net/projects/phpmychat/files/phpMyChatPlus/ Version MyChat Plus 1....

SprintWork 2.3.1 - Local Privilege Escalation

SprintWork 2.3.1 - Local Privilege Escalation Exploit Title: SprintWork 2.3.1 - Local Privilege Escalation Exploit Author: boku Date: 2020-02-13 Vendor Homepage: https://veridium.net Software Link: https://veridium.net/filesu/spx/exe/SprintWork-Setup.exe Version: 2.3.1 Tested On: Windows 10 32-bi...

PANDORAFMS 7.0 - Authenticated Remote Code Execution

PANDORAFMS 7.0 - Authenticated Remote Code Execution Exploit Title: PANDORAFMS 7.0 - Authenticated Remote Code Execution Date: 2020-02-12 Exploit Author: Engin Demirbilek Vendor homepage: http://pandorafms.org/ Version: 7.0 Software link:...

OpenTFTP 1.66 - Local Privilege Escalation

OpenTFTP 1.66 - Local Privilege Escalation Exploit Title: OpenTFTP 1.66 - Local Privilege Escalation Exploit Author: boku Date: 2020-02-12 Vendor Homepage: https://sourceforge.net/projects/tftp-server/ Software Link:...

MyVideoConverter Pro 3.14 - TVSeries Buffer Overflow

MyVideoConverter Pro 3.14 - TVSeries Buffer Overflow Exploit Title: MyVideoConverter Pro 3.14 - 'TVSeries' Buffer Overflow Exploit Author : ZwX Exploit Date: 2020-02-11 Vendor Homepage : http://www.ivideogo.com/ Tested on OS: Windows 10 v1803 Social: twitter.com/ZwX2a Steps to Reproduce: 1. Run t...

HP System Event Utility - Local Privilege Escalation

HP System Event Utility - Local Privilege Escalation Exploit Title: HP System Event Utility - Local Privilege Escalation Author: hyp3rlinx Date: 2020-02-11 Vendor: www.hp.com Link: https://hp-system-event-utility.en.lo4d.com/download CVE: CVE-2019-18915 + Credits: John Page aka hyp3rlinx + Websit...

MyVideoConverter Pro 3.14 - Movie Buffer Overflow

MyVideoConverter Pro 3.14 - Movie Buffer Overflow Exploit Title: MyVideoConverter Pro 3.14 - 'Movie' Buffer Overflow Exploit Author : ZwX Exploit Date: 2020-02-11 Vendor Homepage : http://www.ivideogo.com/ Tested on OS: Windows 10 v1803 Social: twitter.com/ZwX2a Steps to Reproduce: 1. Run the...

MyVideoConverter Pro 3.14 - Output Folder Buffer Overflow

MyVideoConverter Pro 3.14 - Output Folder Buffer Overflow Exploit Title: MyVideoConverter Pro 3.14 - 'Output Folder' Buffer Overflow Exploit Author : ZwX Exploit Date: 2020-02-11 Vendor Homepage : http://www.ivideogo.com/ Tested on OS: Windows 10 v1803 Social: twitter.com/ZwX2a Steps to Reproduce...