41207 matches found
Embed Video Scripts - Persistent Cross-Site Scripting
Embed Video Scripts - Persistent Cross-Site Scripting Exploit Title: Embed Video Scripts - Cross-site Script stored Google Dork: N/A Date: 1 Jan 2019 Exploit Author: Deyaa Muhammad Author EMail: contact at deyaa.me Author Blog: http://deyaa.me POC Video: https://youtu.be/2CFJLwkxpT8 Vendor...
phpMoAdmin MongoDB GUI 1.1.5 - Cross-Site Request Forgery Cross-Site Scripting
phpMoAdmin MongoDB GUI 1.1.5 - Cross-Site Request Forgery Cross-Site Scripting Exploit Title: phpMoAdmin 1.1.5 - MongoDB GUI | Multiple Vulnerabilities Date: 03.01.2019 Exploit Author: Ozer Goker Vendor Homepage: http://www.phpmoadmin.com Software Link: http://www.phpmoadmin.com/file/phpmoadmin.z...
Leica Geosystems GR10GR25GR30GR50 GNSS 4.30.063 - JSHTML Code Injection
Leica Geosystems GR10GR25GR30GR50 GNSS 4.30.063 - JSHTML Code Injection function su...
MyT Project Management 1.5.1 - Charge[group_total] SQL Injection
MyT Project Management 1.5.1 - Chargegrouptotal SQL Injection Exploit Title: MyT-PM 1.5.1 - 'Chargegrouptotal' SQL Injection Date: 03.01.2019 Exploit Author: Mehmet Önder Key Vendor Homepage: https://manageyourteam.net/ Software Link: https://sourceforge.net/projects/myt/ Version: v1.5.1 Category...
SpotFTP Password Recover 2.4.2 - Name Denial of Service (PoC)
SpotFTP Password Recover 2.4.2 - Name Denial of Service PoC Exploit Title: SpotFTP Password Recover 2.4.2 - 'Name' Denial of Service PoC Discovery by: Luis Martinez Discovery Date: 2019-01-04 Vendor Homepage: www.nsauditor.com Software Link : http://www.nsauditor.com/downloads/spotftpsetup.exe...
Mailcleaner - (Authenticated) Remote Code Execution (Metasploit)
Mailcleaner - Authenticated Remote Code Execution Metasploit This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "Mailcleaner Remote Code Execution", 'Description' = %q This module exploits the...
Wordpress Plugin UserPro 4.9.21 - User Registration Privilege Escalation
Wordpress Plugin UserPro 4.9.21 - User Registration Privilege Escalation Exploit Title: Wordpress Plugin UserPro 4.9.21 User Registration With Administrator Role Google Dork: inurl:/wp-content/plugins/userpro/ Date: 3rd January, 2019 Exploit Author: Noman Riffat Vendor Homepage:...
Huawei E5330 21.210.09.00.158 - Cross-Site Request Forgery (Send SMS)
Huawei E5330 21.210.09.00.158 - Cross-Site Request Forgery Send SMS Exploit Title: Huawei E5330 Cross-Site Request Forgery Send SMS Date: 01/07/2019 Exploit Author: Nathu Nandwani Website: http://nandtech.co/ Vendor Homepage: https://consumer.huawei.com/in/mobile-broadband/e5330/ Version:...
All in One Video Downloader 1.2 - (Authenticated) SQL Injection
All in One Video Downloader 1.2 - Authenticated SQL Injection Exploit Title: All in One Video Downloader 1.2 - SQL Injection Google Dork: "developed by Niche Office" Date: 1 Jan 2019 Exploit Author: Deyaa Muhammad Author EMail: contact at deyaa.me Author Blog: http://deyaa.me Vendor Homepage:...
LayerBB 1.1.1 - Persistent Cross-Site Scripting
LayerBB 1.1.1 - Persistent Cross-Site Scripting Exploit Title: LayerBB 1.1.1 - Cross-Site Scripting Date: 10/4/2018 Author: 0xB9 Twitter: @0xB9Sec Contact: 0xB9atpm.me Software Link: https://forum.layerbb.com/downloads.php?view=file&id=26 Version: 1.1.1 Tested on: Ubuntu 18.04 CVE: CVE-2018-17997...
KioWare Server Version 4.9.6 - Weak Folder Permissions Privilege Escalation
KioWare Server Version 4.9.6 - Weak Folder Permissions Privilege Escalation Exploit Title : KioWare Server Version 4.9.6 - Weak Folder Permissions Privilege Escalation Date : 10/12/2018 Exploit Author : Hashim Jawad - @ihack4falafel Vendor Homepage : https://www.kioware.com/ Tested on : Windows...
Ajera Timesheets 9.10.16 - Deserialization of Untrusted Data
Ajera Timesheets 9.10.16 - Deserialization of Untrusted Data Exploit Title: Ajera Timesheets = 9.10.16 - Deserialization of untrusted data Date: 2019-01-03 Exploit Author: Anthony Cole Vendor Homepage: https://www.deltek.com/en/products/project-erp/ajera Version: = 9.10.16 Contact:...
BlueAuditor 1.7.2.0 - Key Denial of Service (PoC)
BlueAuditor 1.7.2.0 - Key Denial of Service PoC Exploit Title: BlueAuditor 1.7.2.0 - 'Key' Denial of Service PoC Discovery by: Luis Martinez Discovery Date: 2019-01-04 Vendor Homepage: www.nsauditor.com Software Link : http://www.nsauditor.com/downloads/blueauditorsetup.exe Tested Version: 1.7.2....
Linux Kernel 4.15.x 4.19.2 - map_write() CAP_SYS_ADMIN Local Privilege Escalation (dbus Method)
Linux Kernel 4.15.x 4.19.2 - mapwrite CAPSYSADMIN Local Privilege Escalation dbus Method !/bin/sh EDB Note: Download https://github.com/offensive-security/exploitdb-bin-sploits/raw/master/bin-sploits/47165.zip wrapper for Jann Horn's exploit for CVE-2018-18955 uses dbus service technique ---...
Linux Kernel 4.15.x 4.19.2 - map_write() CAP_SYS_ADMIN Local Privilege Escalation (polkit Method)
Linux Kernel 4.15.x 4.19.2 - mapwrite CAPSYSADMIN Local Privilege Escalation polkit Method !/bin/sh EDB Note: Download https://github.com/offensive-security/exploitdb-bin-sploits/raw/master/bin-sploits/47167.zip wrapper for Jann Horn's exploit for CVE-2018-18955 uses polkit technique ---...
Microsoft Windows - Windows Error Reporting Local Privilege Escalation
Microsoft Windows - Windows Error Reporting Local Privilege Escalation Make sure to copy the file report.wer found in the folder PoC-Files in the same folder as the executable before running it... I guess I could have included it as a resource in the exe.. but whatever. Example:...
EZ CD Audio Converter 8.0.7 - Denial of Service (PoC)
EZ CD Audio Converter 8.0.7 - Denial of Service PoC Exploit Title: EZ CD Audio Converter 8.0.7 - Denial of Service PoC Date: 2018-12-30 Exploit Author: Achilles Vendor Homepage: https://www.poikosoft.com/ Software Link : https://download.poikosoft.com/ezcdaudioconvertersetupx64.exe Exploit Author...
Vtiger CRM 7.1.0 - Remote Code Execution
Vtiger CRM 7.1.0 - Remote Code Execution Exploit Title: Vtiger CRM 7.1.0 - Remote Code Execution Date: 2018-12-27 Exploit Author: Özkan Mustafa Akkuş AkkuS Contact: https://pentest.com.tr Vendor Homepage: https://www.vtiger.com Software Link:...
NBMonitor Network Bandwidth Monitor 1.6.5.0 - Name Denial of Service (PoC)
NBMonitor Network Bandwidth Monitor 1.6.5.0 - Name Denial of Service PoC Exploit Title: NBMonitor Network Bandwidth Monitor 1.6.5.0 - 'Name' Denial of Service PoC Author: Luis Martinez Date: 2018-12-27 Vendor Homepage: www.nsauditor.com Software Link :...
WebKit JSC - JSArray::shiftCountWithArrayStorage Out-of-Bounds ReadWrite
WebKit JSC - JSArray::shiftCountWithArrayStorage Out-of-Bounds ReadWrite / bool JSArray::shiftCountWithArrayStorageVM& vm, unsigned startIndex, unsigned count, ArrayStorage storage unsigned oldLength = storage-length; RELEASEASSERTcount hasHoles && this-structurevm-holesMustForwardToPrototypevm,...
WebKit JSC - AbstractValue::set Use-After-Free
WebKit JSC - AbstractValue::set Use-After-Free indexingType; mtype = speculationFromStructurestructure.get; mvalue = JSValue; checkConsistency; assertIsRegisteredgraph; It works out marrayModes using structure-indexingType instead of structure-indexingMode. As structure-indexingType masks out the...
Ayukov NFTP FTP Client 2.0 - Buffer Overflow
Ayukov NFTP FTP Client 2.0 - Buffer Overflow...
Frog CMS 0.9.5 - Cross-Site Scripting
Frog CMS 0.9.5 - Cross-Site Scripting Exploit Title: Frog CMS 0.9.5 - Cross-Site Scripting Date: 2018-12-25 Exploit Author:WangDudu Vendor Homepage: https://github.com/philippe/FrogCMS Software Link: https://github.com/philippe/FrogCMS Version:0.9.5 CVE :CVE-2018-20448 The parameter under...
WordPress Plugin Adicon Server 1.2 - selectedPlace SQL Injection
WordPress Plugin Adicon Server 1.2 - selectedPlace SQL Injection Exploit Title: WordPress Plugin Adicon Server 1.2 - 'selectedPlace' SQL Injection Date: 2018-12-28 Software Link: https://wordpress.org/plugins/adicons/ Exploit Author: Kaimi Website: https://kaimi.io Version: 1.2 Category: webapps...
GDB-Connector
GDB Connector is a remote script to use for controlling a remote target and debug an exploit on a target directly from Exploit Pack. Copy this script to your target and execute it to connect back to your framework. Shell Script created using Exploit Pack http://www.exploitpack.com -...
Reverse-Shell
Establish a reverse shell and get persistance on your target using this script,copy this script to your target and leave it run it on the background after a successfull exploitation. Multi-sessions are supported. Shell Script created using Exploit Pack http://www.exploitpack.com -...
VMware WorkstationPlayer 12.5.5 - Local Privilege Escalation
VMware WorkstationPlayer 12.5.5 - Local Privilege Escalation !/bin/bash VMware Workstation Local Privilege Escalation exploit CVE-2017-4915 - https://www.vmware.com/security/advisories/VMSA-2017-0009.html - https://www.exploit-db.com/exploits/42045/ Affects: - VMware Workstation Player...
Deepin Linux 15 - lastore-daemon Local Privilege Escalation
Deepin Linux 15 - lastore-daemon Local Privilege Escalation !/bin/bash Deepin Linux 15.5 lastore-daemon D-Bus Local Root Exploit The lastore-daemon D-Bus configuration on Deepin Linux 15.5 permits any user in the sudo group to install arbitrary packages without providing a password, resulting in...
Linux Kernel 4.4.0 4.8.0 (Ubuntu 14.0416.04 Linux Mint 1718 Zorin) - Local Privilege Escalation (KASLR SMEP)
Linux Kernel 4.4.0 4.8.0 Ubuntu 14.0416.04 Linux Mint 1718 Zorin - Local Privilege Escalation KASLR SMEP // A proof-of-concept local root exploit for CVE-2017-1000112. // Includes KASLR and SMEP bypasses. No SMAP bypass. // Tested on: // - Ubuntu trusty 4.4.0 kernels // - Ubuntu xenial 4.4.0 and...
Linux Kernel 4.4.0-21 4.4.0-51 (Ubuntu 14.0416.04 x86-64) - AF_PACKET Race Condition Privilege Escalation
Linux Kernel 4.4.0-21 4.4.0-51 Ubuntu 14.0416.04 x86-64 - AFPACKET Race Condition Privilege Escalation / chocoboroot.c linux AFPACKET race condition exploit for CVE-2016-8655. Includes KASLR and SMEP/SMAP bypasses. For Ubuntu 14.04 / 16.04 x8664 kernels 4.4.0 before 4.4.0-53.74. All kernel offset...
Linux Kernel 4.8.0-34 4.8.0-45 (Ubuntu Linux Mint) - Packet Socket Local Privilege Escalation
Linux Kernel 4.8.0-34 4.8.0-45 Ubuntu Linux Mint - Packet Socket Local Privilege Escalation // A proof-of-concept local root exploit for CVE-2017-7308. // Includes a SMEP & SMAP bypass. // Tested on Ubuntu / Linux Mint: // - 4.8.0-34-generic // - 4.8.0-36-generic // - 4.8.0-39-generic // -...
WordPress Plugin Audio Record 1.0 - Arbitrary File Upload
WordPress Plugin Audio Record 1.0 - Arbitrary File Upload Exploit Title: WordPress Plugin Audio Record 1.0 - Arbitrary File Upload Date: 2018-12-24 Software Link: https://wordpress.org/plugins/audio-record/ Exploit Author: Kaimi Website: https://kaimi.io Version: 1.0 Category: webapps Unrestricte...
WordPress Plugin Baggage Freight Shipping Australia 0.1.0 - Arbitrary File Upload
WordPress Plugin Baggage Freight Shipping Australia 0.1.0 - Arbitrary File Upload Exploit Title: WordPress Plugin Baggage Freight Shipping Australia 0.1.0 - Arbitrary File Upload Date: 2018-12-24 Software Link: https://wordpress.org/plugins/baggage-freight/ Exploit Author: Kaimi Website:...
MAGIX Music Editor 3.1 - Buffer Overflow (SEH)
MAGIX Music Editor 3.1 - Buffer Overflow SEH Exploit Title: MAGIX Music Editor 3.1 - Buffer Overflow SEH Exploit Author: bzyo Twitter: @bzyo Date: 2018-12-24 Vulnerable Software: MAGIX Music Editor 3.1 Vendor Homepage: https://www.magix.com/us/ Version: 3.1 Software Link:...
Product Key Explorer 4.0.9 - Denial of Service (PoC)
Product Key Explorer 4.0.9 - Denial of Service PoC Exploit Title: Product Key Explorer 4.0.9 - Denial of Service PoC Date: 2018-12-25 Exploit Author: T3jv1l Vendor Homepage: :http://www.nsauditor.com Software: http://www.nsauditor.com/downloads/productkeyexplorersetup.exe Contact:...
Terminal Services Manager 3.1 - Local Buffer Overflow (SEH)
Terminal Services Manager 3.1 - Local Buffer Overflow SEH...
Iperius Backup 5.8.1 - Buffer Overflow (SEH)
Iperius Backup 5.8.1 - Buffer Overflow SEH...
bludit Pages Editor 3.0.0 - Arbitrary File Upload
bludit Pages Editor 3.0.0 - Arbitrary File Upload Exploit Title: bludit Pages Editor 3.0.0 - Arbitrary File Upload Date: 2018-10-02 Google Dork: N/A Exploit Author: BouSalman Vendor Homepage: https://www.bludit.com/ Software Link: N/A Version: 3.0.0 Tested on: Ubuntu 18.04 CVE : 2018-1000811 POST...
ShareAlarmPro 2.1.4 - Denial of Service (PoC)
ShareAlarmPro 2.1.4 - Denial of Service PoC Exploit Title:ShareAlarmPro 2.1.4 - Denial of Service PoC Date: 2018-12-25 Exploit Author: T3jv1l Vendor Homepage: :http://www.nsauditor.com Software: http://sharealarm.nsauditor.com/downloads/sharealarmprosetup.exe Contact: https://twitter.com/T3jv1l...
Craft CMS 3.0.25 - Cross-Site Scripting
Craft CMS 3.0.25 - Cross-Site Scripting Exploit Title: Craft CMS 3.0.25 - Cross-Site Scripting Google Dork: N/A Date: 2018-12-20 Exploit Author: Raif Berkay Dincel Contact: www.raifberkaydincel.com More Details 1 :...
NetShareWatcher 1.5.8 - Denial of Service (PoC)
NetShareWatcher 1.5.8 - Denial of Service PoC Exploit Title: NetShareWatcher 1.5.8 - Denial of Service PoC Date: 2018-12-25 Exploit Author: T3jv1l Vendor Homepage: :http://www.nsauditor.com Software: http://netsharewatcher.nsauditor.com/downloads/NetShareWatchersetup.exe Contact:...
ycVxpXedN5ngh9E
A Remote Browser's Agent XSS is a piece of software that allows a remote "operator" to control a browser as if he has physical access to that system. While desktop sharing and remote administration have many legal uses, "XSS" software is usually associated with criminal or malicious activity...
WSTMart 2.0.8 - Cross-Site Scripting
WSTMart 2.0.8 - Cross-Site Scripting Exploit Title: WSTMart 2.0.8 - Cross-Site Scripting Date: 2018-12-23 Exploit Author: linfeng Vendor Homepage: https://github.com/wstmall/wstmart/ Software Link: http://www.wstmart.net/ Version: WSTMart 2.0.8181212 CVE: CVE-2018-20367 0x01 stored XSS PoC Functi...
WSTMart 2.0.8 - Cross-Site Request Forgery (Add Admin)
WSTMart 2.0.8 - Cross-Site Request Forgery Add Admin Exploit Title: WSTMart 2.0.8 - Cross-Site Request Forgery Add Admin Date: 2018-12-23 Exploit Author: linfeng Vendor Homepage:https://github.com/wstmall/wstmart/ Software Link:http://www.wstmart.net/ Version: WSTMart 2.0.8181212 CVE...
Angry IP Scanner for Linux 3.5.3 - Denial of Service (PoC)
Angry IP Scanner for Linux 3.5.3 - Denial of Service PoC Exploit Title: Angry IP Scanner for Linux 3.5.3 - Denial of Service PoC Discovery by: Mr Winst0n Discovery Date: 2018-12-22 Vendor Homepage: https://angryip.org/ Software Link : https://angryip.org/download/ Tested Version: 3.5.3 latest...
FrontAccounting 2.4.5 - SubmitUser SQL Injection
FrontAccounting 2.4.5 - SubmitUser SQL Injection Exploit Title: FrontAccounting 2.4.5 - 'SubmitUser' SQL Injection Google Dork: N/A Date: 2018-12-22 Exploit Author: Sainadh Jamalpur Vendor Homepage: http://frontaccounting.com/ Software Link: https://sourceforge.net/projects/frontaccounting/...
Adobe Flash ActiveX Plugin 28.0.0.137 - Remote Code Execution (PoC)
Adobe Flash ActiveX Plugin 28.0.0.137 - Remote Code Execution PoC Download: https://github.com/offensive-security/exploitdb-bin-sploits/raw/master/bin-sploits/46051.zip Password: infected...
Netatalk 3.1.12 - Authentication Bypass (PoC)
Netatalk 3.1.12 - Authentication Bypass PoC import socket import struct import sys if lensys.argv != 3: sys.exit0 ip = sys.argv1 port = intsys.argv2 sock = socket.socketsocket.AFINET, socket.SOCKSTREAM print "+ Attempting connection to " + ip + ":" + sys.argv2 sock.connectip, port dsipayload =...
Netatalk 3.1.12 - Authentication Bypass
Netatalk 3.1.12 - Authentication Bypass Exploit Title: Netatalk Authentication Bypass Date: 12/20/2018 Exploit Author: Jacob Baines Vendor Homepage: http://netatalk.sourceforge.net/ Software Link: https://sourceforge.net/projects/netatalk/files/ Version: Before 3.1.12 Tested on: Seagate NAS OS...
SQLScan 1.0 - Denial of Service (PoC)
SQLScan 1.0 - Denial of Service PoC Exploit Title: McAfee Foundstone SQLScan - Denial of Service PoC and EIP record overwrite Discovery by: Rafael Pedrero Discovery Date: 2018-12-20 Vendor Homepage: http://www.mcafee.com/us/downloads/free-tools/sqlscan.aspx Software Link :...