41207 matches found
School Event Management System 1.0 - Cross-Site Request Forgery (Update Admin)
School Event Management System 1.0 - Cross-Site Request Forgery Update Admin Exploit Title: School Event Management System 1.0 - Cross-Site Request Forgery Update Admin Dork: N/A Date: 2018-10-29 Exploit Author: Ihsan Sencan Vendor Homepage: https://www.sourcecodester.com/users/janobe Software...
Quick Count 2.0 - txtInstID SQL Injection
Quick Count 2.0 - txtInstID SQL Injection Exploit Title: Quick Count 2.0 - 'txtInstID' SQL Injection Dork: N/A Date: 2018-10-25 Exploit Author: Ihsan Sencan Vendor Homepage: https://quickcount.sourceforge.io/ Software Link: https://sourceforge.net/projects/quickcount/files/latest/download Version...
Veterinary Clinic Management 00.02 - editpetnum SQL Injection
Veterinary Clinic Management 00.02 - editpetnum SQL Injection Exploit Title: Veterinary Clinic Management 00.02 - 'editpetnum' SQL Injection Dork: N/A Date: 2018-10-25 Exploit Author: Ihsan Sencan Vendor Homepage: https://vetclinic.sourceforge.io/ Software Link:...
Delta Sql 1.8.2 - id SQL Injection
Delta Sql 1.8.2 - id SQL Injection Exploit Title: Delta Sql 1.8.2 - 'id' SQL Injection Dork: N/A Date: 2018-10-25 Exploit Author: Ihsan Sencan Vendor Homepage: http://deltasql.sourceforge.net/ Software Link: https://sourceforge.net/projects/deltasql/files/latest/download Software Link:...
MPS Box 0.1.8.0 - Arbitrary File Upload
MPS Box 0.1.8.0 - Arbitrary File Upload Exploit Title: MPS Box 0.1.8.0 - Arbitrary File Upload Dork: N/A Date: 2018-10-25 Exploit Author: Ihsan Sencan Vendor Homepage: http://www.mpsbox.com/ Software Link: https://sourceforge.net/projects/mpsbox/files/latest/download Version: 0.1.8.0 Category:...
phptpoint Hospital Management System 1.0 - user SQL injection
phptpoint Hospital Management System 1.0 - user SQL injection Exploit Title: phptpoint Hospital Management System 1.0 - 'user' SQL injection Date: 2018-10-24 Exploit Author: Boumediene KADDOUR Unit: Algerie Telecom R&D Unit Vendor Homepage: https://www.phptpoint.com/ Software Link: Version: 1...
Ekushey Project Manager CRM 3.1 - Cross-Site Scripting
Ekushey Project Manager CRM 3.1 - Cross-Site Scripting Exploit Title: Ekushey Project Manager CRM 3.1 - Cross-Site Scripting Date: 2018-10-16 Exploit Author: Ismail Tasdelen Vendor Homepage: http://creativeitem.com/ Software Link : http://creativeitem.com/demo/ekushey/ Software : Ekushey Project...
Delta Sql 1.8.2 - Arbitrary File Upload
Delta Sql 1.8.2 - Arbitrary File Upload Exploit Title: Delta Sql 1.8.2 - Arbitrary File Upload Dork: N/A Date: 2018-10-25 Exploit Author: Ihsan Sencan Vendor Homepage: http://deltasql.sourceforge.net/ Software Link: https://sourceforge.net/projects/deltasql/files/latest/download Software Link:...
User Management 1.1 - Cross-Site Scripting
User Management 1.1 - Cross-Site Scripting Exploit Title: User Management 1.1 - Cross-Site Scripting Date: 2018-10-16 Exploit Author: Ismail Tasdelen Vendor Homepage: http://ardawan.com/ Software Link : http://um.ardawan.com Software : User Management Version : 1.1 Vulernability Type : Cross-site...
libtiff 4.0.9 - Decodes Arbitrarily Sized JBIG into a Target Buffer
libtiff 4.0.9 - Decodes Arbitrarily Sized JBIG into a Target Buffer / libtiff up to and including 4.0.9 decodes arbitrarily-sized JBIG into a buffer, ignoring the buffer size. The issue occurs because JBIGDecode entirely ignores the size of the buffer that is passed to it: static int JBIGDecodeTI...
MPS Box 0.1.8.0 - uuid SQL Injection
MPS Box 0.1.8.0 - uuid SQL Injection Exploit Title: MPS Box 0.1.8.0 - 'uuid' SQL Injection Dork: N/A Date: 2018-10-25 Exploit Author: Ihsan Sencan Vendor Homepage: http://www.mpsbox.com/ Software Link: https://sourceforge.net/projects/mpsbox/files/latest/download Version: 0.1.8.0 Category: Webapp...
Adult Filter 1.0 - Buffer Overflow (SEH)
Adult Filter 1.0 - Buffer Overflow SEH...
ClipBucket 2.8 - id SQL Injection
ClipBucket 2.8 - id SQL Injection Exploit Title: ClipBucket 2.8 - 'id' SQL Injection Dork: N/A Date: 2018-10-25 Exploit Author: Ihsan Sencan Vendor Homepage: http://clipbucket.com/ Software Link: https://sourceforge.net/projects/clipbucket/files/latest/download Version: 2.8.v3354 Category: Webapp...
Open STA Manager 2.3 - Arbitrary File Download
Open STA Manager 2.3 - Arbitrary File Download Exploit Title: Open STA Manager 2.3 - Arbitrary File Download Dork: N/A Date: 2018-10-25 Exploit Author: Ihsan Sencan Vendor Homepage: http://www.openstamanager.com/ Software Link: https://sourceforge.net/projects/openstamanager/files/latest/download...
AiOPMSD Final 1.0.0 - q SQL Injection
AiOPMSD Final 1.0.0 - q SQL Injection Exploit Title: AiOPMSD Final 1.0.0 - 'q' SQL Injection Dork: N/A Date: 2018-10-24 Exploit Author: Ihsan Sencan Vendor Homepage: https://aiopmsd.sourceforge.io/ Software Link: https://sourceforge.net/projects/aiopmsd/files/latest/download Version: 1.0.0...
Simple Chat System 1.0 - id SQL Injection
Simple Chat System 1.0 - id SQL Injection Exploit Title: Simple Chat System 1.0 - 'id' SQL Injection Dork: N/A Date: 2018-10-24 Exploit Author: Ihsan Sencan Vendor Homepage: https://www.sourcecodester.com/php/11610/simple-chat-system.html Software Link:...
BORGChat 1.0.0 build 438 - Denial of Service (PoC)
BORGChat 1.0.0 build 438 - Denial of Service PoC Exploit Title: BORGChat 1.0.0 build 438 - Denial of Service PoC Dork: N/A Date: 2018-10-22 Exploit Author: Ihsan Sencan Vendor Homepage: http://borgchat.10n.ro Software Link: http://borgchat.10n.ro/download.php Version: 1.0.0 build 438 Category: Do...
Simple POS and Inventory 1.0 - cat SQL Injection
Simple POS and Inventory 1.0 - cat SQL Injection Exploit Title: Simple POS and Inventory 1.0 - 'cat' SQL Injection Dork: N/A Date: 2018-10-24 Exploit Author: Ihsan Sencan Vendor Homepage: https://www.sourcecodester.com/php/11625/simple-pos-and-inventory-system.html Software Link:...
ProjeQtOr Project Management Tool 7.2.5 - Remote Code Execution
ProjeQtOr Project Management Tool 7.2.5 - Remote Code Execution Exploit Title: ProjeQtOr Project Management Tool 7.2.5 - Remote Code Execution Date: 2018-10-22 Exploit Author: Özkan Mustafa Akkuş AkkuS Contact: https://pentest.com.tr Vendor Homepage: https://www.projeqtor.org Software Link:...
Oracle Weblogic Server - Deserialization Remote Command Execution (Patch Bypass)
Oracle Weblogic Server - Deserialization Remote Command Execution Patch Bypass // All respects goes to Zhiyi Zhang of 360 ESG Codesafe Team // URL: https://blogs.projectmoon.pw/2018/10/19/Oracle-WebLogic-Two-RCE-Deserialization-Vulnerabilities/ package ysoserial.payloads; import...
xorg-x11-server 1.20.3 - Local Privilege Escalation
xorg-x11-server 1.20.3 - Local Privilege Escalation CVE-2018-14665 - a LPE exploit via http://X.org fits in a tweet cd /etc; Xorg -fp "root::16431:0:99999:7:::" -logfile shadow :1;su Overwrite shadow or any file on most Linux, get root privileges. BSD and any other Xorg desktop also affected...
AjentiCP 1.2.23.13 - Cross-Site Scripting
AjentiCP 1.2.23.13 - Cross-Site Scripting Title: AjentiCP 1.2.23.13 - Cross-Site Scripting Author: Numan OZDEMIR https://infinitumit.com.tr Vendor Homepage: ajenti.org Software Link: https://github.com/ajenti/ajenti Version: Up to v1.2.23.13 CVE: CVE-2018-18548 Description: Attacker can inject...
LANGO Codeigniter Multilingual Script 1.0 - Cross-Site Scripting
LANGO Codeigniter Multilingual Script 1.0 - Cross-Site Scripting Exploit Title: LANGO Codeigniter Multilingual Script 1.0 - Cross-Site Scripting Date: 2018-10-16 Exploit Author: Ismail Tasdelen Vendor Homepage: http://pokkho.com/lango/ Software Link : http://pokkho.com/lango/auth/login Software :...
Axioscloud Sissiweb Registro Elettronico 7.0.0 - Error_desc Cross-Site Scripting
Axioscloud Sissiweb Registro Elettronico 7.0.0 - Errordesc Cross-Site Scripting Exploit Title: Axioscloud Sissiweb Registro Elettronico 7.0.0 - 'Errordesc' Cross-Site Scripting Dork: n/a Date: 2018-10-11 Exploit Author: Dino Barlattani Vendor Homepage: http://axiositalia.it/ Software Link:...
Apache OFBiz 16.11.04 - XML External Entity Injection
Apache OFBiz 16.11.04 - XML External Entity Injection Exploit Title: Apache OFBiz 16.11.04 - XML External Entity Injection Date: 2018-10-15 Exploit Author: Jamie Parfet Vendor Homepage: https://ofbiz.apache.org/ Software Link: https://archive.apache.org/dist/ofbiz/ Version: xXx xXx """ if...
SG ERP 1.0 - info SQL Injection
SG ERP 1.0 - info SQL Injection Exploit Title: SG ERP 1.0 - 'info' SQL Injection Dork: N/A Date: 2018-10-24 Exploit Author: Ihsan Sencan Vendor Homepage: http://fankstribe.org/ Software Link: https://sourceforge.net/projects/sgerp/files/latest/download Version: 1.0 Category: Webapps Tested on:...
Adult Filter 1.0 - Denial of Service (PoC)
Adult Filter 1.0 - Denial of Service PoC Exploit Title: ADULT FILTER 1.0 - Denial of Service PoC Date: 2018-10-28 Exploit Author: Beren Kuday GÖRÜN Vendor Homepage: http://www.armcode.com/adult-filter/ Software Link: http://www.armcode.com/downloads/adult-filter.exe Version: 1.0 Build 2007-Mar-...
Fifa Master XLS 2.3.2 - usw SQL Injection
Fifa Master XLS 2.3.2 - usw SQL Injection Exploit Title: Fifa Master XLS 2.3.2 - 'usw' SQL Injection Dork: N/A Date: 2018-10-24 Exploit Author: Ihsan Sencan Vendor Homepage: http://fankstribe.org/ Software Link: https://sourceforge.net/projects/fifamasterxls/files/latest/download Version: 2.3.2...
exim 4.90 - Remote Code Execution
exim 4.90 - Remote Code Execution Exploit Title: exim 4.90 - Remote Code Execution Date: 2018-10-24 Exploit Author: hackk.gr Vendor Homepage: exim.org Version: exim -1: authplainavailable = True if test: if lenl 70: sys.stdout.writel:70 + " ...\n" sys.stdout.flush else: print l.strip"\r".strip"\n...
MGB OpenSource Guestbook 0.7.0.2 - id SQL Injection
MGB OpenSource Guestbook 0.7.0.2 - id SQL Injection Exploit Title: MGB OpenSource Guestbook 0.7.0.2 - 'id' SQL Injection Dork: N/A Date: 2018-10-23 Exploit Author: Ihsan Sencan Vendor Homepage: http://www.m-gb.org/ Software Link: https://sourceforge.net/projects/mopzz-gb/files/latest/download...
School ERP Pro+Responsive 1.0 - fid SQL Injection
School ERP Pro+Responsive 1.0 - fid SQL Injection Exploit Title: School ERP Pro+Responsive 1.0 - 'fid' SQL Injection Dork: N/A Date: 2018-10-23 Exploit Author: Ihsan Sencan Vendor Homepage: http://www.arox.in/ Software Link:...
Appsource School Management System 1.0 - student_id SQL Injection
Appsource School Management System 1.0 - studentid SQL Injection Exploit Title: Appsource School Management System 1.0 - 'studentid' SQL Injection Dork: N/A Date: 2018-10-19 Exploit Author: Ihsan Sencan Vendor Homepage: http://www.appsource.ug/school/ Software Link:...
SIM-PKH 2.4.1 - id SQL Injection
SIM-PKH 2.4.1 - id SQL Injection Exploit Title: SIM-PKH 2.4.1 - 'id' SQL Injection Dork: N/A Date: 2018-10-22 Exploit Author: Ihsan Sencan Vendor Homepage: https://simpkh.sourceforge.io/ Software Link: https://sourceforge.net/projects/simpkh/files/latest/download Version: 2.4.1 Category: Webapps...
ServersCheck Monitoring Software 14.3.3 - id SQL Injection
ServersCheck Monitoring Software 14.3.3 - id SQL Injection Exploit Title: ServersCheck Monitoring Software 14.3.3 - 'id' SQL Injection Author: John Page aka hyp3rlinx Date: 2018-10-23 Vendor: www.serverscheck.com Software link: http://downloads.serverscheck.com/monitoringsoftware/setup.exe CVE: N...
Microsoft Data Sharing - Local Privilege Escalation (PoC)
Microsoft Data Sharing - Local Privilege Escalation PoC Bug description: RpcDSSMoveFromSharedFilehandle,L"token",L"c:\blah1\pci.sys"; This function exposed over alpc, has a arbitrary delete vuln. Hitting the timing was pretty annoying. But my PoC will keep rerunning until...
School ERP Pro+Responsive 1.0 - Arbitrary File Download
School ERP Pro+Responsive 1.0 - Arbitrary File Download Exploit Title: School ERP Pro+Responsive 1.0 - Arbitrary File Download Dork: N/A Date: 2018-10-23 Exploit Author: Ihsan Sencan Vendor Homepage: http://www.arox.in/ Software Link:...
SIM-PKH 2.4.1 - Arbitrary File Upload
SIM-PKH 2.4.1 - Arbitrary File Upload Exploit Title: SIM-PKH 2.4.1 - Arbitrary File Upload Dork: N/A Date: 2018-10-22 Exploit Author: Ihsan Sencan Vendor Homepage: https://simpkh.sourceforge.io/ Software Link: https://sourceforge.net/projects/simpkh/files/latest/download Version: 2.4.1 Category:...
ServersCheck Monitoring Software 14.3.3 - Arbitrary File Write
ServersCheck Monitoring Software 14.3.3 - Arbitrary File Write Exploit Title: ServersCheck Monitoring Software 14.3.3 - Denial of Service PoC Author: John Page aka hyp3rlinx Date: 2018-10-23 Vendor: www.serverscheck.com Software Link: http://downloads.serverscheck.com/monitoringsoftware/setup.exe...
The Open ISES Project 3.30A - Arbitrary File Download
The Open ISES Project 3.30A - Arbitrary File Download Exploit Title: The Open ISES Project 3.30A - Arbitrary File Download Dork: N/A Date: 2018-10-18 Exploit Author: Ihsan Sencan Vendor Homepage: http://openises.sourceforge.net/ Software Link:...
Modbus Poll 7.2.2 - Denial of Service (PoC)
Modbus Poll 7.2.2 - Denial of Service PoC Exploit Title: Modbus Poll 7.2.2 - Denial of Service PoC Discovery by: Cemal Cihad ÇİFTÇİ Discovery Date: 2018-10-19 Tested Version: 7.2.2 Vulnerability Type: DOS Tested on OS: Windows XP Professional Service Pack 3 Vendor Homepage:...
eNdonesia Portal 8.7 - artid SQL Injection
eNdonesia Portal 8.7 - artid SQL Injection Exploit Title: eNdonesia Portal 8.7 - 'artid' SQL Injection Dork: N/A Date: 2018-10-21 Exploit Author: Ihsan Sencan Vendor Homepage: http://www.endonesia.org/ Software Link: https://sourceforge.net/projects/endonesia/files/latest/download Version: 8.7...
Oracle Siebel CRM 8.1.1 - CSV Injection
Oracle Siebel CRM 8.1.1 - CSV Injection Exploit Title: Oracle Siebel CRM 8.1.1 - CSV Injection Date: 2018-10-21 Exploit Author: Sarath Nair aka AceNeon13 Contact: @AceNeon13 Vendor Homepage: www.oracle.com Software Link:...
Viva Visitor Volunteer ID Tracking 0.95.1 - fname SQL Injection
Viva Visitor Volunteer ID Tracking 0.95.1 - fname SQL Injection Exploit Title: Viva Visitor & Volunteer ID Tracking 0.95.1 - 'fname' SQL Injection Dork: N/A Date: 2018-10-19 Exploit Author: Ihsan Sencan Vendor Homepage: https://viva-visitor.sourceforge.io/ Software Link:...
School ERP Ultimate 2018 - Arbitrary File Download
School ERP Ultimate 2018 - Arbitrary File Download Exploit Title: School ERP Ultimate 2018 - Arbitrary File Download Dork: N/A Date: 2018-10-21 Exploit Author: Ihsan Sencan Vendor Homepage: http://freeschoolerp.com/ Software Link: http://freeschoolerp.com/schoolerp30Nov2017free.zip Software Link:...
Apple iOS Kernel - Use-After-Free due to bad Error Handling in Personas
Apple iOS Kernel - Use-After-Free due to bad Error Handling in Personas / There was recently some cleanup in the persona code to fix some race conditions there, I don't think it was sufficient: In kpersonaallocsyscall if we provide an invalid userspace pointer for the ipd outptr we can cause this...
Keybase keybase-redirector - $PATH Local Privilege Escalation
Keybase keybase-redirector - $PATH Local Privilege Escalation keybase-redirector is a setuid root binary. keybase-redirector calls the fusermount binary using a relative path and the application trusts the value of $PATH. This allows a local, unprivileged user to trick the application to executin...
School ERP Ultimate 2018 - fid SQL Injection
School ERP Ultimate 2018 - fid SQL Injection Exploit Title: School ERP Ultimate 2018 - 'fid' SQL Injection Dork: N/A Date: 2018-10-21 Exploit Author: Ihsan Sencan Vendor Homepage: http://freeschoolerp.com/ Software Link: http://freeschoolerp.com/schoolerp30Nov2017free.zip Software Link:...
Apple iOSmacOS - Kernel Memory Corruption due to Integer Overflow in IOHIDResourceQueue::enqueueReport
Apple iOSmacOS - Kernel Memory Corruption due to Integer Overflow in IOHIDResourceQueue::enqueueReport / IOHIDResourceQueue inherits from IOSharedDataQueue and adds its own ::enqueueReport method, which seems to be mostly copy-pasted from IOSharedDataQueue and IODataQueue's ::enqueue methods. I...
The Open ISES Project 3.30A - tick_lat SQL Injection
The Open ISES Project 3.30A - ticklat SQL Injection Exploit Title: The Open ISES Project 3.30A - 'ticklat' SQL Injection Dork: N/A Date: 2018-10-18 Exploit Author: Ihsan Sencan Vendor Homepage: http://openises.sourceforge.net/ Software Link:...
Apple iOS - Kernel Stack Memory Disclosure due to Failure to Check copyin Return Value
Apple iOS - Kernel Stack Memory Disclosure due to Failure to Check copyin Return Value Here's a code snippet from sleh.c with the second level exception handler for undefined instruction exceptions: static void handleuncategorizedarmsavedstatet state, booleant instrLen2 exceptiontypet exception =...