41207 matches found
WebLog Expert Enterprise 9.4 - Privilege Escalation
WebLog Expert Enterprise 9.4 - Privilege Escalation Exploit Author: bzyo Twitter: @bzyo Exploit Title: WebLog Expert Enterprise 9.4 - Privilege Escalation Date: 03-31-2018 Vulnerable Software: WebLog Expert Enterprise 9.4 Vendor Homepage: https://www.weblogexpert.com/ Version: 9.4 Software Link:...
DLink DIR-601 - Admin Password Disclosure
DLink DIR-601 - Admin Password Disclosure Exploit Title: DLink DIR-601 Unauthenticated Admin password disclosure Google Dork: N/A Date: 12/24/2017 Exploit Author: Kevin Randall Vendor Homepage: https://www.dlink.com Software Link: N/A Version: Firmware: 2.02NA Hardware Version B1 Tested on: Windo...
LifeSize ClearSea 3.1.4 - Directory Traversal
LifeSize ClearSea 3.1.4 - Directory Traversal ''' Tittle: LifeSize ClearSea 3.1.4 Directory Traversal Vulnerabilities Author: rsp3ar Impact: Remote Code Execution Post-Authentication Recommendation: Use strong password for default 'admin' user and secure management access to the device. Please...
OpenCMS 10.5.3 - Cross-Site Request Forgery
OpenCMS 10.5.3 - Cross-Site Request Forgery Exploit Title: OpenCMS 10.5.3 Multiple Cross Site Request Forgery Vulnerabilities Injection Google Dork: N/A Date: 02-04-2018 Exploit Author: Sureshbabu Narvaneni Author Blog : http://nullnews.in Vendor Homepage: http://www.opencms.org/en/ Software Link...
WampServer 3.1.2 - Cross-Site Request Forgery
WampServer 3.1.2 - Cross-Site Request Forgery Exploit Title: WampServer 3.1.2 CSRF to add or delete any virtual hostsremotely Date: 31-03-2018 Software Link: http://www.wampserver.com/en/ Version: 3.1.2 Tested On: Windows 10 Exploit Author: Vipin Chaudhary Contact: http://twitter.com/vipinxsec...
WampServer 3.1.1 - Cross-Site Scripting Cross-Site Request Forgery
WampServer 3.1.1 - Cross-Site Scripting Cross-Site Request Forgery Exploit Title: WampServer 3.1.1 XSS via CSRF Date: 31-03-2018 Software Link: http://www.wampserver.com/en/ Version: 3.1.1 Tested On: Windows 10 Exploit Author: Vipin Chaudhary Contact: http://twitter.com/vipinxsec Website:...
Frog CMS 0.9.5 - Cross-Site Request Forgery (Add User)
Frog CMS 0.9.5 - Cross-Site Request Forgery Add User Exploit Title: Cross Site Request Forgery- Frog CMS Date: 31-03-2018 Exploit Author: Samrat Das Contact: http://twitter.com/SamratDas93 Website: https://securitywarrior9.blogspot.in/ Vendor Homepage: https://github.com/philippe/FrogCMS Versio...
OpenCMS 10.5.3 - Cross-Site Scripting
OpenCMS 10.5.3 - Cross-Site Scripting Exploit Title: OpenCMS 10.5.3 Stored Cross Site Scripting Vulnerability Google Dork: N/A Date: 02-04-2018 Exploit Author: Sureshbabu Narvaneni Author Blog : http://nullnews.in Vendor Homepage: http://www.opencms.org/en/ Software Link:...
Tenda FH303A300 Firmware v5.07.68_EN - Remote DNS Change
Tenda FH303A300 Firmware v5.07.68EN - Remote DNS Change Tenda FH303/A300 Firmware V5.07.68EN Cookie Session Weakness Remote DNS Change PoC Copyright 2018 c Todor Donev https://ethical-hacker.org/ https://facebook.com/ethicalhackerorg Once modified, systems use foreign DNS servers, which are usual...
Advantech WebAccess 8.1 - webvrpcs DrawSrv.dll Path BwBuildPath Stack-Based Buffer Overflow
Advantech WebAccess 8.1 - webvrpcs DrawSrv.dll Path BwBuildPath Stack-Based Buffer Overflow !/usr/bin/python2.7 Exploit Title: Advantech WebAccess 8.1 webvrpcs DrawSrv.dll Path BwBuildPath Stack-Based Buffer Overflow RCE Date: 03-29-2018 Exploit Author: Chris Lyne @lynerc Vendor Homepage:...
Systematic SitAware - NVG Denial of Service
Systematic SitAware - NVG Denial of Service Exploit Title: SitAware NVG Denial of Service Date: 03/31/2018 Exploit Author: 2u53 Vendor Homepage: https://systematic.com/defence/products/c2/sitaware/ Version: 6.4 SP2 Tested on: Windows Server 2012 R2 CVE: CVE-2018-9115 Remarks: PoC needs bottlypy:...
WordPress Plugin Relevanssi 4.0.4 - Reflected Cross-Site Scripting
WordPress Plugin Relevanssi 4.0.4 - Reflected Cross-Site Scripting Exploit Title : Relevanssi Wordpress Search Plugin Reflected Cross Site Scripting XSS Date: 23-03-2018 Exploit Author : Stefan Broeder Contact : https://twitter.com/stefanbroeder Vendor Homepage: https://www.relevanssi.com Softwar...
MiniCMS 1.10 - Cross-Site Request Forgery
MiniCMS 1.10 - Cross-Site Request Forgery test document.forms0.submit;...
Tenda W316R Wireless Router 5.07.50 - Remote DNS Change
Tenda W316R Wireless Router 5.07.50 - Remote DNS Change Tenda W316R Wireless Router V5.07.50 Cookie Session Weakness Remote DNS Change PoC Copyright 2018 c Todor Donev https://ethical-hacker.org/ https://facebook.com/ethicalhackerorg Once modified, systems use foreign DNS servers, which are usual...
osCommerce 2.3.4.1 - Remote Code Execution
osCommerce 2.3.4.1 - Remote Code Execution Exploit Title: osCommerce 2.3.4.1 Remote Code Execution Date: 29.0.3.2018 Exploit Author: Simon Scannell - https://scannell-infosec.net Version: 2.3.4.1, 2.3.4 - Other versions have not been tested but are likely to be vulnerable Tested on: Linux, Window...
Allok Video Joiner 4.6.1217 - Stack-Based Buffer Overflow
Allok Video Joiner 4.6.1217 - Stack-Based Buffer Overflow SWAMI KARUPASAMI THUNAI Exploit Title: Alloksoft Video joiner 4.6.1217 - Buffer Overflow Vulnerability Windows XP SP3 Date: 06-03-2018 Exploit Author: Mohan Ravichandran & Velayutham Selvaraj Organization : TwinTech Solutions Vulnerable...
Open-AuditIT Professional 2.1 - Cross-Site Request Forgery
Open-AuditIT Professional 2.1 - Cross-Site Request Forgery Exploit Title: Open-AuditIT Professional 2.1 - Cross-Site Request Forgery CSRF Date: 27-03-2018 Exploit Author: Nilesh Sapariya Contact: https://twitter.com/nileshloganx Website: https://nileshsapariya.blogspot.com Vendor Homepage:...
Faleemi Windows Desktop Software - (DDNSIP) Local Buffer Overflow
Faleemi Windows Desktop Software - DDNSIP Local Buffer Overflow ''' Faleemi Desktop Software for Windows- DDNS/IP Local Buffer Overflow Vuln Description: Faleemi Desktop Software for Windows and its Beta version Faleemi Plus Desktop Software for WindowsBeta are vulnerable to Buffer Overflow...
Allok WMV to AVI MPEG DVD WMV Converter 4.6.1217 - Buffer Overflow
Allok WMV to AVI MPEG DVD WMV Converter 4.6.1217 - Buffer Overflow SWAMI KARUPASAMI THUNAI Exploit Title: Allok soft WMV to AVI MPEG DVD WMV Converter - Buffer Overflow Vulnerability Windows XP SP3 Date: 06-03-2018 Exploit Author: Mohan Ravichandran & Velayutham Selvaraj Organization : TwinTech...
Vtiger CRM 6.3.0 - (Authenticated) Arbitrary File Upload (Metasploit)
Vtiger CRM 6.3.0 - Authenticated Arbitrary File Upload Metasploit This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Vtiger CRM 6.3.0 - Authenticated Arbitrary File Upload', 'Description' = %q...
Homematic CCU2 2.29.23 - Arbitrary File Write
Homematic CCU2 2.29.23 - Arbitrary File Write !/usr/bin/ruby Exploit Title: Homematic CCU2 Arbitrary File Write Date: 28-03-18 Exploit Author: Patrick Muench, Gregor Kopf Vendor Homepage: http://www.eq-3.de Software Link: http://www.eq-3.de/service/downloads.html?id=268 Version: 2.29.23 CVE :...
Homematic CCU2 2.29.23 - Remote Command Execution
Homematic CCU2 2.29.23 - Remote Command Execution !/usr/bin/ruby Exploit Title: Homematic CCU2 Remote Command Execution Date: 28-03-18 Exploit Author: Patrick Muench, Gregor Kopf Vendor Homepage: http://www.eq-3.de Software Link: http://www.eq-3.de/service/downloads.html?id=268 Version: 2.29.23 C...
SysGauge 4.5.18 - Local Denial of Service
SysGauge 4.5.18 - Local Denial of Service !/usr/bin/python Exploit Title : SysGauge v4.5.18 - Local Denial of Service Exploit Author : Hashim Jawad Twitter : @ihack4falafel Author Website : ihack4falafel.com Vendor Homepage : http://www.sysgauge.com/ Vulnerable Software :...
Tenda W3002RA302w309r Wireless Router v5.07.64_en - Remote DNS Change (PoC)
Tenda W3002RA302w309r Wireless Router v5.07.64en - Remote DNS Change PoC Tenda W3002R/A302/w309r Wireless Router V5.07.64en Cookie Session Weakness Remote DNS Change PoC Copyright 2018 c Todor Donev https://ethical-hacker.org/ https://facebook.com/ethicalhackerorg Once modified, systems use forei...
Tenda W308R v2 Wireless Router 5.07.48 - (Cookie Session) Remote DNS Change
Tenda W308R v2 Wireless Router 5.07.48 - Cookie Session Remote DNS Change Tenda W308R v2 Wireless Router V5.07.48 Cookie Session Weakness Remote DNS Change PoC Copyright 2018 c Todor Donev https://ethical-hacker.org/ https://facebook.com/ethicalhackerorg Once modified, systems use foreign DNS...
D-Link DIR-850L Wireless AC1200 Dual Band Gigabit Cloud Router - Authentication Bypass
D-Link DIR-850L Wireless AC1200 Dual Band Gigabit Cloud Router - Authentication Bypass Exploit Title: D-Link DIR-850L Wireless AC1200 Dual Band Gigabit Cloud Route Authentication Bypass CVE: CVE-2018-9032 Date: 24-03-2018 Exploit Author: Gem George Author Contact:...
Allok AVI DivX MPEG to DVD Converter 2.6.1217 - Buffer Overflow (SEH)
Allok AVI DivX MPEG to DVD Converter 2.6.1217 - Buffer Overflow SEH !/usr/bin/env python Exploit Title : Allok AVI DivX MPEG to DVD Converter - Buffer Overflow SEH Date : 3/27/18 Exploit Author : wetw0rk Vulnerable Software : Allok AVI DivX MPEG to DVD Converter Vendor Homepage :...
Joomla! Component Acymailing Starter 5.9.5 - CSV Macro Injection
Joomla! Component Acymailing Starter 5.9.5 - CSV Macro Injection Exploit Title: Joomla! Component Acymailing Starter 5.9.5 CSV Macro Injection Google Dork: N/A Date: 22-03-2018 Exploit Author: Sureshbabu Narvaneni Vendor Homepage: https://www.acyba.com Software Link:...
WordPress Plugin WP Security Audit Log 3.1.1 - Sensitive Information Disclosure
WordPress Plugin WP Security Audit Log 3.1.1 - Sensitive Information Disclosure Exploit Title: WP Security Audit Log Plugin, Sensitive Information Disclosure CheckDirectory $useruploadpath wpmkdirp $useruploadpath ;...
Joomla! Component AcySMS 3.5.0 - CSV Macro Injection
Joomla! Component AcySMS 3.5.0 - CSV Macro Injection Exploit Title: Joomla! Component AcySMS 3.5.0 CSV Macro Injection Google Dork: N/A Date: 22-03-2018 Exploit Author: Sureshbabu Narvaneni Vendor Homepage: https://www.acyba.com Software Link:...
WordPress Plugin Contact Form 7 to Database Extension 2.10.32 - CSV Injection
WordPress Plugin Contact Form 7 to Database Extension 2.10.32 - CSV Injection Exploit Title : Contact Form 7 to Database Extension Wordpress Plugin CSV Injection Date: 23-03-2018 Exploit Author : Stefan Broeder Contact : https://twitter.com/stefanbroeder Vendor Homepage: None Software Link:...
Cisco Smart Install - Crash (PoC)
Cisco Smart Install - Crash PoC smiibcinitdiscoveryBoF.py import socket import struct from optparse import OptionParser Parse the target options parser = OptionParser parser.addoption"-t", "--target", dest="target", help="Smart Install Client", default="192.168.1.1" parser.addoption"-p", "--port"...
TeamCity 9.0.2 - Disabled Registration Bypass
TeamCity 9.0.2 - Disabled Registration Bypass var login = 'testuser'; //логин пользователя var password = 'SuperMEgaPa$$'; //пароль var email = '[email protected]'; // email / Code / var b = BS.LoginForm; var publickey = $F"publicKey"; var encryptedpass =...
Open-AuditIT Professional 2.1 - Cross-Site Scripting
Open-AuditIT Professional 2.1 - Cross-Site Scripting Exploit Title: Open-AuditIT Professional 2.1 - Stored Cross site scripting XSS Date: 27-03-2018 Exploit Author: Nilesh Sapariya Contact: https://twitter.com/nileshloganx Website: https://nileshsapariya.blogspot.com Vendor Homepage:...
Microsoft Windows Remote Assistance - XML External Entity Injection
Microsoft Windows Remote Assistance - XML External Entity Injection Exploit Title: Microsoft Windows Remote Assistance XXE Date: 27/03/2018 Exploit Author: Nabeel Ahmed Tested on: Windows 7 x64, Windows 10 x64 CVE : CVE-2018-0878 Category: Remote Exploits Invitation.msrcincident...
TwonkyMedia Server 7.0.11-8.5 - Persistent Cross-Site Scripting
TwonkyMedia Server 7.0.11-8.5 - Persistent Cross-Site Scripting --------------------------------------------------------------------- 1. About --------------------------------------------------------------------- Exploit Title: TwonkyMedia Server 7.0.11-8.5 Persistent XSS Date: 2018-03-27 Exploit...
Tenda N11 Wireless Router 5.07.43_en_NEX01 - Remote DNS Change
Tenda N11 Wireless Router 5.07.43enNEX01 - Remote DNS Change !/bin/bash Tenda N11 Wireless Router V5.07.43enNEX01 Cookie Session Weakness Remote DNS Change PoC Exploit Copyright 2018 c Todor Donev https://ethical-hacker.org/ https://facebook.com/ethicalhackerorg Once modified, systems use foreign...
TwonkyMedia Server 7.0.11-8.5 - Directory Traversal
TwonkyMedia Server 7.0.11-8.5 - Directory Traversal ''' --------------------------------------------------------------------- 1. About --------------------------------------------------------------------- Exploit Title: TwonkyMedia Server 7.0.11-8.5 Directory Traversal Date: 2018-03-27 Exploit...
TestLink Open Source Test Management 1.9.16 - Remote Code Execution (PoC)
TestLink Open Source Test Management 1.9.16 - Remote Code Execution PoC Title: TestLink Open Source Test Management comment out skip-networking as well as bind-address if any presen...
DLINK DCS-5020L - Remote Code Execution (PoC)
DLINK DCS-5020L - Remote Code Execution PoC “The DCS-5020L Wireless N Day & Night Pan/Tilt Cloud Camera is a day/night network camera that easily connects to your existing home network for remote viewing on a range of mobile devices. It features pan, tilt and digital zoom function to allow you to...
LabF nfsAxe 3.7 - Privilege Escalation
LabF nfsAxe 3.7 - Privilege Escalation Exploit Author: bzyo Twitter: @bzyo Exploit Title: LabF nfsAxe 3.7 - Privilege Escalation Date: 03-24-2018 Vulnerable Software: LabF nfsAxe 3.7 Vendor Homepage: http://www.labf.com/ Version: 3.7 Software Link: http://www.labf.com/download/nfsaxe.exe Tested O...
Microsoft Windows Manager (7 x86) - Menu Management Component UAF Privilege Elevation
Microsoft Windows Manager 7 x86 - Menu Management Component UAF Privilege Elevation...
Laravel Log Viewer 0.13.0 - Local File Download
Laravel Log Viewer 0.13.0 - Local File Download Exploit Title: Laravel log viewer by rap2hpoutre local file download LFD Date: 23/02/2018 Exploit Author: Haboob Team Software Link: https://github.com/rap2hpoutre/laravel-log-viewer/tree/v0.11.1 Version: v0.12.0 and below CVE : CVE-2018-8947 1...
Acrolinx Server 5.2.5 - Directory Traversal
Acrolinx Server 5.2.5 - Directory Traversal Exploit Title: Acrolinx Dashboard Directory Traversal CVE: CVE 2018-7719 Date: 19.02.2017 Exploit Author: Berk Dusunur Vendor Homepage: www.acrolinx.com Version:Before 5.2.5 PoC Acrolinx dashboard windows works on the server...
Fast AVI MPEG Splitter 1.2 - Stack-Based Buffer Overflow
Fast AVI MPEG Splitter 1.2 - Stack-Based Buffer Overflow SWAMI KARUPASAMI THUNAI Exploit Title: Stack Based Buffer Overflow in Allok Fast AVI MPEG Splitter 1.2 Windows XP SP3 Date: 06-03-2018 Exploit Author: Mohan Ravichandran & Velayutham Selvaraj Organization : TwinTech Solutions Vulnerable...
Easy Avi Divx Xvid to DVD Burner 2.9.11 - .avi Denial of Service
Easy Avi Divx Xvid to DVD Burner 2.9.11 - .avi Denial of Service !/usr/bin/python Exploit Title : Easy Avi Divx Xvid to DVD Burner v2.9.11 - Local Denial of Service Exploit Author : Hashim Jawad Twitter : @ihack4falafel Author Website : ihack4falafel.com Vendor Homepage :...
Android Bluetooth - BNEP BNEP_SETUP_CONNECTION_REQUEST_MSG Out-of-Bounds Read
Android Bluetooth - BNEP BNEPSETUPCONNECTIONREQUESTMSG Out-of-Bounds Read import os import sys import struct import bluetooth BNEPPSM = 15 BNEPFRAMECONTROL = 0x01 Control types parsed by bnepprocesscontrolpacket in bneputils.cc BNEPSETUPCONNECTIONREQUESTMSG = 0x01 def oobreadsrcbdaddr, dst: bnep ...
Crashmail 1.6 - Stack-Based Buffer Overflow (ROP)
Crashmail 1.6 - Stack-Based Buffer Overflow ROP Exploit author: Juan Sacco Website: http://exploitpack.com Description: Crashmail is prone to a stack-based buffer overflow because the application fails to perform adequate boundary checks on user supplied input. Impact: An attacker could exploit...
WM Recorder 16.8.1 - Denial of Service
WM Recorder 16.8.1 - Denial of Service !/usr/bin/python Exploit Author: bzyo Twitter: @bzyo Exploit Title: WM Recorder 16.8.1 - Denial of Service Date: 03-20-2018 Vulnerable Software: WM Recorder 16.8.1 Vendor Homepage: http://wmrecorder.com/home/ Version: 16.8.1 Software Link:...
Android Bluetooth - BNEP bnep_data_ind() Remote Heap Disclosure
Android Bluetooth - BNEP bnepdataind Remote Heap Disclosure import os import sys import struct import bluetooth BNEPPSM = 15 BNEPFRAMECOMPRESSEDETHERNET = 0x02 LEAKATTEMPTS = 20 def leaksrcbdaddr, dst: bnep = bluetooth.BluetoothSocketbluetooth.L2CAP bnep.settimeout5 bnep.bindsrcbdaddr, 0 print...