41207 matches found
Sudo 1.8.25p - pwfeedback Buffer Overflow (PoC)
Sudo 1.8.25p - pwfeedback Buffer Overflow PoC Title: Sudo 1.8.25p - Buffer Overflow Date: 2020-01-30 Author: Joe Vennix Software: Sudo Versions: Sudo versions prior to 1.8.26 CVE: CVE-2019-18634 Reference: https://www.sudo.ws/alerts/pwfeedback.html Sudo's pwfeedback option can be used to provide...
P2PWIFICAM2 for iOS 10.4.1 - Camera ID Denial of Service (PoC)
P2PWIFICAM2 for iOS 10.4.1 - Camera ID Denial of Service PoC Exploit Title: P2PWIFICAM2 for iOS 10.4.1 - 'Camera ID' Denial of Service PoC Discovery by: Ivan Marmolejo Discovery Date: 2020-02-02 Vendor Homepage: https://apps.apple.com/mx/app/p2pwificam2/id663665207 Software Link: App Store for iO...
IceWarp WebMail 11.4.4.1 - Reflective Cross-Site Scripting
IceWarp WebMail 11.4.4.1 - Reflective Cross-Site Scripting Title: IceWarp WebMail 11.4.4.1 - Reflective Cross-Site Scripting Date: 2020-01-27 Author: Lutfu Mert Ceylan Vendor Homepage: www.icewarp.com Tested on: Windows 10 Versions: 11.4.4.1 and before Vulnerable Parameter: "color" Get Method...
Cacti 1.2.8 - Unauthenticated Remote Code Execution
Cacti 1.2.8 - Unauthenticated Remote Code Execution !/usr/bin/python3 Exploit Title: Cacti v1.2.8 Unauthenticated Remote Code Execution Date: 03/02/2020 Exploit Author: Askar @mohammadaskar2 CVE: CVE-2020-8813 Vendor Homepage: https://cacti.net/ Version: v1.2.8 Tested on: CentOS 7.3 / PHP 7.1.33...
Jira 8.3.4 - Information Disclosure (Username Enumeration)
Jira 8.3.4 - Information Disclosure Username Enumeration Exploit Title: Jira 8.3.4 - Information Disclosure Username Enumeration Date: 2019-09-11 Exploit Author: Mufeed VH Vendor Homepage: https://www.atlassian.com/ Software Link: https://www.atlassian.com/software/jira Version: 8.3.4 Tested on:...
Cacti 1.2.8 - Authenticated Remote Code Execution
Cacti 1.2.8 - Authenticated Remote Code Execution !/usr/bin/python3 Exploit Title: Cacti v1.2.8 Remote Code Execution Date: 03/02/2020 Exploit Author: Askar @mohammadaskar2 CVE: CVE-2020-8813 Vendor Homepage: https://cacti.net/ Version: v1.2.8 Tested on: CentOS 7.3 / PHP 7.1.33 import requests...
School ERP System 1.0 - Cross Site Request Forgery (Add Admin)
School ERP System 1.0 - Cross Site Request Forgery Add Admin Title: School ERP System 1.0 - Cross Site Request Forgery Add Admin Date: 2020-01-31 Exploit Author: J3rryBl4nks Vendor Homepage: https://sourceforge.net/projects/school-erp-ultimate/files/ Software Link:...
BearFTP 0.1.0 - PASV Denial of Service
BearFTP 0.1.0 - PASV Denial of Service Exploit Title: BearFTP 0.1.0 - 'PASV' Denial of Service Date: 2020-01-29 Exploit Author: kolya5544 Vendor Homepage: http://iktm.me/ Software Link: https://github.com/kolya5544/BearFTP/releases Version: v0.0.1 - v0.1.0 Tested on: Ubuntu 18.04 CVE :...
phpList 3.5.0 - Authentication Bypass
phpList 3.5.0 - Authentication Bypass Exploit Title: phpList 3.5.0 - Authentication Bypass Google Dork: N/A Date: 2020-02-03 Exploit Author: Suvadip Kar Author Contact: https://twitter.com/spidersec Vendor Homepage: https://www.phplist.org Software Link: https://www.phplist.org/download-phplist/...
Schneider Electric U.Motion Builder 1.3.4 - Authenticated Command Injection
Schneider Electric U.Motion Builder 1.3.4 - Authenticated Command Injection Exploit Title: Schneider Electric U.Motion Builder 1.3.4 - Authenticated Command Injection Date: 2018-08-01 Exploit Author: Cosmin Craciun Vendor Homepage: https://www.se.com Version: = 1.3.4 Tested on: Delivered Virtual...
Lotus Core CMS 1.0.1 - Local File Inclusion
Lotus Core CMS 1.0.1 - Local File Inclusion Exploit Title: Lotus Core CMS 1.0.1 - Local File Inclusion Google Dork: N/A Date: 2020-01-31 Exploit Author: Daniel Monzón stark0de Vendor Homepage: http://lotuscore.sourceforge.net/ Software Link:...
FlexNet Publisher 11.12.1 - Cross-Site Request Forgery (Add Local Admin)
FlexNet Publisher 11.12.1 - Cross-Site Request Forgery Add Local Admin Exploit Title: FlexNet Publisher 11.12.1 - Cross-Site Request Forgery Add Local Admin Date: 2019-12-29 Exploit Author: Ismail Tasdelen Vendor Homepage: https://www.flexerasoftware.com/ Software : FlexNet Publisher Product...
rConfig 3.9.3 - Authenticated Remote Code Execution
rConfig 3.9.3 - Authenticated Remote Code Execution Exploit Title: rConfig 3.9.3 - Authenticated Remote Code Execution Date: 2019-11-07 CVE-2019-19509 Exploit Author: vikingfr Vendor Homepage: https://rconfig.com/ see also : https://github.com/rconfig/rconfig Software Link :...
OpenSMTPD 6.6.2 - Remote Code Execution
OpenSMTPD 6.6.2 - Remote Code Execution Exploit Title: OpenSMTPD 6.6.2 - Remote Code Execution Date: 2020-01-29 Exploit Author: 1F98D Original Author: Qualys Security Advisory Vendor Homepage: https://www.opensmtpd.org/ Software Link: https://github.com/OpenSMTPD/OpenSMTPD/releases/tag/6.6.1p1...
PHP 7.0 7.4 (Unix) - debug_backtrace disable_functions Bypass
PHP 7.0 7.4 Unix - debugbacktrace disablefunctions Bypass a; $backtrace = new Exception-getTrace; ; if!isset$backtrace1'args' PHP = 7.4 $backtrace = debugbacktrace; class Helper public $a, $b, $c, $d; function str2ptr&$str, $p = 0, $s = 8 $address = 0; for$j = $s-1; $j = 0; $j-- $address = 8;...
Centreon 19.10.5 - centreontrapd Remote Command Execution
Centreon 19.10.5 - centreontrapd Remote Command Execution Exploit Title: Centreon 19.10.5 - 'centreontrapd' Remote Command Execution Date: 2020-01-29 Exploit Author: Fabien AUNAY, Omri Baso Vendor Homepage: https://www.centreon.com/ Software Link: https://github.com/centreon/centreon Version:...
XMLBlueprint 16.191112 - XML External Entity Injection
XMLBlueprint 16.191112 - XML External Entity Injection Exploit Title: XMLBlueprint 16.191112 - XML External Entity Injection Exploit Author: Javier Olmedo Date: 2018-11-14 Vendor: XMLBlueprint XML Editor Software Link: https://www.xmlblueprint.com/update/download-64bit.exe Affected Version:...
Fifthplay S.A.M.I 2019.2_HP - Persistent Cross-Site Scripting
Fifthplay S.A.M.I 2019.2HP - Persistent Cross-Site Scripting Exploit Title: Fifthplay S.A.M.I 2019.2HP - Persistent Cross-Site Scripting Date: 2020-01-29 Exploit Author: LiquidWorm Vendor: Fifthplay NV Vendor Homepage: https://www.fifthplay.com Version: 2019.2HP Tested on: Linux CVE : - Fifthplay...
Satellian 1.12 - Remote Code Execution
Satellian 1.12 - Remote Code Execution Exploit Title: Satellian 1.12 - Remote Code Execution Date: 2020-01-28 Exploit Author: Xh4H Vendor Homepage: https://www.intelliantech.com/?lang=en Version: v1.12+ Tested on: Kali linux, MacOS CVE : CVE-2020-7980 Github repository:...
Centreon 19.10.5 - Pollers Remote Command Execution
Centreon 19.10.5 - Pollers Remote Command Execution Exploit Title: Centreon 19.10.5 - 'Pollers' Remote Command Execution Date: 2020-01-27 Exploit Author: Omri Baso, Fabien Aunay Vendor Homepage: https://www.centreon.com/ Software Link: https://github.com/centreon/centreon Version: 19.10.5 Tested...
Kibana 6.6.1 - CSV Injection
Kibana 6.6.1 - CSV Injection Exploit Title: Kibana 6.6.1 - CSV Injection Google Dork: inurl:"/app/kibana" intitle:"Kibana" Date: 2020-01-15 Exploit Author: Aamir Rehman Vendor Homepage: https://www.elastic.co/kibana Software Link: https://www.elastic.co/downloads/ Version: v6.6.1 possibly latest...
Liferay CE Portal 6.0.2 - Remote Command Execution
Liferay CE Portal 6.0.2 - Remote Command Execution Exploit Title: Liferay CE Portal 6.0.2 - Remote Command Execution Google Dork: N/A Date: 2020-01-29 Exploit Author: Berk Dusunur Vendor Homepage: https://www.liferay.com/ Software Link:...
Cups Easy 1.0 - Cross Site Request Forgery (Password Reset)
Cups Easy 1.0 - Cross Site Request Forgery Password Reset Title: Cups Easy 1.0 - Cross Site Request Forgery Password Reset Date: 2020-01-28 Exploit Author: J3rryBl4nks Vendor Homepage: https://sourceforge.net/u/ajayshar76/profile/ Software Link:...
Microsoft Windows 10 - Theme API ThemePack File Parsing
Microsoft Windows 10 - Theme API ThemePack File Parsing Exploit Title: Microsoft Windows 10 - Theme API 'ThemePack' File Parsing Google Dork: n/a Date: 2020-10-28 Exploit Author: Eduardo Braun Prado Vendor Homepage: http://www.microsoft.com/ Software Link: http://www.microsoft.com/ Version: 10...
Centreon 19.10.5 - Remote Command Execution
Centreon 19.10.5 - Remote Command Execution Exploit Title: Centreon 19.10.5 - Remote Command Execution Date: 2020-01-27 Exploit Author: Fabien AUNAY, Omri BASO Vendor Homepage: https://www.centreon.com/ Software Link: https://github.com/centreon/centreon Version: 19.10.5 Tested on: CentOS 7 CVE :...
Adive Framework 2.0.8 - Cross-Site Request Forgery (Change Admin Password)
Adive Framework 2.0.8 - Cross-Site Request Forgery Change Admin Password Exploit Title: Adive Framework 2.0.8 - Cross-Site Request Forgery Change Admin Password Exploit Author: Sarthak Saini Date: 2020-01-18 Vendor Link : https://www.adive.es/ Software Link:...
Centreon 19.10.5 - Database Credentials Disclosure
Centreon 19.10.5 - Database Credentials Disclosure Exploit Title: Centreon 19.10.5 - Database Credentials Disclosure Date: 2020-01-27 Exploit Author: Fabien AUNAY, Omri Baso Vendor Homepage: https://www.centreon.com/ Software Link: https://github.com/centreon/centreon Version: 19.10.5 Tested on:...
macOSiOS ImageIO - Heap Corruption when Processing Malformed TIFF Image
macOSiOS ImageIO - Heap Corruption when Processing Malformed TIFF Image The attached tiff image causes a crash in ImageIO on the latest macOS and iOS. To reproduce the issue, the attached code tester.m can be used. I've attached another code snippet to reproduce the issue on iOS as well. With...
Octeth Oempro 4.8 - CampaignID SQL Injection
Octeth Oempro 4.8 - CampaignID SQL Injection Exploit Title: Octeth Oempro 4.8 - 'CampaignID' SQL Injection Date: 2020-01-27 Exploit Author: Bruno de Barros Bulle www.xlabs.com.br Vendor Homepage: www2.octeth.com Version: Octeth Oempro v.4.7 and v.4.8 Tested on: Oempro v.4.7 CVE : CVE-2019-19740 A...
Windows Kernel - Information Disclosure
Windows Kernel - Information Disclosure PoC for the SWAPGS attack CVE-2019-1125 This holds the sources for the SWAPGS attack PoC publicly shown at Black Hat USA, 2019. Contents leakgsbkva - variant 1 look for random values in kernel memory; limited to PE kernel image header leakgsbkvat - variant ...
Torrent 3GP Converter 1.51 - Stack Overflow (SEH)
Torrent 3GP Converter 1.51 - Stack Overflow SEH Exploit Title: Torrent 3GP Converter 1.51 - Stack Overflow SEH Exploit Author: boku Date: 2020-01-24 Software Vendor: torrentrockyou Vendor Homepage: http://www.torrentrockyou.com Software Link:...
Webtareas 2.0 - id SQL Injection
Webtareas 2.0 - id SQL Injection Exploit Title: Webtareas 2.0 - 'id' SQL Injection Date: 2020-01-23 Exploit Author: Greg.Priest Vendor Homepage: http://webtareas.sourceforge.net/general/home.php Software Link: http://webtareas.sourceforge.net/general/home.php Version: Webtareas v2.0 Tested on:...
TP-Link TP-SG105E 1.0.0 - Unauthenticated Remote Reboot
TP-Link TP-SG105E 1.0.0 - Unauthenticated Remote Reboot Exploit Title: TP-Link TP-SG105E 1.0.0 - Unauthenticated Remote Reboot Date: 2020-01-20 Exploit Author: PCEumel Vendor Homepage: https://www.tp-link.com/ Software Link: https://www.tp-link.com/us/support/download/tl-sg105e/Firmware Version:...
Genexis Platinum-4410 2.1 - Authentication Bypass
Genexis Platinum-4410 2.1 - Authentication Bypass Exploit Title: Genexis Platinum-4410 2.1 - Authentication Bypass Date: 20220-01-08 Exploit Author: Husinul Sanub Author Contact: https://www.linkedin.com/in/husinul-sanub-658239106/ Vulnerable Product: Genexis Platinum-4410 v2.1 Home Gateway Route...
OLK Web Store 2020 - Cross-Site Request Forgery
OLK Web Store 2020 - Cross-Site Request Forgery Exploit Title: OLK Web Store 2020 - Cross-Site Request Forgery Google Dork: intext:"TopManage ® 2002 - 2020" Date: 2020-01-13 Exploit Author: Joel Aviad Ossi Vendor Homepage: http://www.topmanage.com/ Software Link:...
qdPM 9.1 - Remote Code Execution
qdPM 9.1 - Remote Code Execution Exploit Title: qdPM 9.1 - Remote Code Execution Google Dork: intitle:qdPM 9.1. Copyright © 2020 qdpm.net Date: 2020-01-22 Exploit Author: Rishal Dwivedi Loginsoft Vendor Homepage: http://qdpm.net/ Software Link: http://qdpm.net/download-qdpm-free-project-managemen...
Remote Desktop Gateway - BlueGate Denial of Service (PoC)
Remote Desktop Gateway - BlueGate Denial of Service PoC include "BlueGate.h" / EDB Note: - Download Binary https://github.com/offensive-security/exploitdb-bin-sploits/raw/master/bin-sploits/47964-1.exe - Download Source...
Pachev FTP Server 1.0 - Path Traversal
Pachev FTP Server 1.0 - Path Traversal Exploit Title: Pachev FTP Server 1.0 - Path Traversal Date: 2020-01-23 Vulnerability: Path Traversal Exploit Author: 1F98D Vendor Homepage: https://github.com/pachev/pachevftp from ftplib import FTP ip = rawinput"Target IP: " port = intrawinput"Target Port: ...
BOOTP Turbo 2.0 - Denial of Service (SEH)(PoC)
BOOTP Turbo 2.0 - Denial of Service SEHPoC Exploit Title: BOOTP Turbo 2.0 - Denial of Service SEHPoC Exploit Author: boku Date: 2020-01-22 Software Vendor: Wierd Solutions Vendor Homepage: https://www.weird-solutions.com Software Link:...
KeePass 2.44 - Denial of Service (PoC)
KeePass 2.44 - Denial of Service PoC Exploit Title : KeePass 2.44 - Denial of Service PoC Product : KeePass Password Safe Version : Help About KeePass Help any local help area Drag&Drop HTML File Save the contents to html. Payload-1: DoS & Run Cmd //=0;i-- tryo+=x.c" + "harAti;catchereturn...
Ricoh Printer Drivers - Local Privilege Escalation
Ricoh Printer Drivers - Local Privilege Escalation / This proof of concept code monitors file changes on Ricoh's driver DLL files and overwrites a DLL file before the library is loaded CVE-2019-19363. Written by Pentagrid AG, 2019. Cf...
Citrix XenMobile Server 10.8 - XML External Entity Injection
Citrix XenMobile Server 10.8 - XML External Entity Injection Exploit Title: Citrix XenMobile Server 10.8 - XML External Entity Injection Google Dork: inurl:zdm logon Date: 2019-11-28 Exploit Author: Jonas Lejon Vendor Homepage: https://www.citrix.com Software Link: Version: XenMobile Server 10.8...
Microsoft SharePoint - Deserialization Remote Code Execution
Microsoft SharePoint - Deserialization Remote Code Execution !/usr/bin/env python3 -- coding: utf-8 -- import requests import sys from xml.sax.saxutils import escape from lxml import html import codecs import readline from clint.arguments import Args import signal def serializecommandcmd: total =...
ManageEngine Network Configuration Manager 12.2 - apiKey SQL Injection
ManageEngine Network Configuration Manager 12.2 - apiKey SQL Injection Exploit Title: ManageEngine Network Configuration Manager 12.2 - 'apiKey' SQL Injection discovery Date: 2019-01-24 published : 2020-01-20 Exploit Author: AmirHadi Yazdani Vendor Homepage:...
NEOWISE CARBONFTP 1.4 - Weak Password Encryption
NEOWISE CARBONFTP 1.4 - Weak Password Encryption Exploit Title: NEOWISE CARBONFTP 1.4 - Weak Password Encryption discovery Date: 2019-01-24 published : 2020-01-20 Exploit Author: hyp3rlinx Vendor Homepage: https://www.neowise.com Software Link: https://www.neowise.com/freeware/ Version: 1.4 +...
Easy XML Editor 1.7.8 - XML External Entity Injection
Easy XML Editor 1.7.8 - XML External Entity Injection Exploit Title: Easy XML Editor 1.7.8 - XML External Entity Injection Exploit Author: Javier Olmedo Date: 2018-11-21 Vendor: Richard Wuerflein Software Link: https://www.edit-xml.com/EasyXMLEditor.exe Affected Version: 1.7.8 and before Patched...
Centreon 19.04 - Authenticated Remote Code Execution (Metasploit)
Centreon 19.04 - Authenticated Remote Code Execution Metasploit This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "Centreon Authenticated Macro Expression Location Setting Handler Code Execution",...
Adive Framework 2.0.8 - Persistent Cross-Site Scripting
Adive Framework 2.0.8 - Persistent Cross-Site Scripting Exploit Title: Adive Framework 2.0.8 - Persistent Cross-Site Scripting Exploit Author: Sarthak Saini Dork: N/A Date: 2020-01-18 Vendor Link : https://www.adive.es/ Software Link: https://github.com/ferdinandmartin/adive-php7 Version: 2.0.8...
Sysax Multi Server 5.50 - Denial of Service (PoC)
Sysax Multi Server 5.50 - Denial of Service PoC Exploit Title: Sysax Multi Server 5.50 - Denial of Service PoC Google Dork: NA Date: 2020-01-20 Exploit Author: Shailesh Kumavat Vendor Homepage: https://www.sysax.com/ Software Link: https://www.sysax.com/download.htmsysaxserv Version: Sysax Multi...
Torrent FLV Converter 1.51 Build 117 - Stack Oveflow (SEH partial overwrite)
Torrent FLV Converter 1.51 Build 117 - Stack Oveflow SEH partial overwrite Exploit Title: Torrent FLV Converter 1.51 Build 117 - Stack Oveflow SEH partial overwrite Date: 2020-01-16 Exploit Author: antonio Vendor Homepage: http://www.torrentrockyou.com/ Software Link:...