41207 matches found
OpenBSD 6.x - Dynamic Loader Privilege Escalation
OpenBSD 6.x - Dynamic Loader Privilege Escalation Qualys Security Advisory Local Privilege Escalation in OpenBSD's dynamic loader CVE-2019-19726 ============================================================================== Contents...
Roxy Fileman 1.4.5 - Directory Traversal
Roxy Fileman 1.4.5 - Directory Traversal Exploit Title: Roxy Fileman 1.4.5 - Directory Traversal Author: Patrik Lantz Date: 2019-12-06 Software: Roxy Fileman Version: 1.4.5 Vendor Homepage: http://www.roxyfileman.com/ Software Link: http://www.roxyfileman.com/download.php?f=1.4.5-net CVE:...
D-Link DIR-615 - Privilege Escalation
D-Link DIR-615 - Privilege Escalation Exploit Title: D-Link DIR-615 - Privilege Escalation Date: 2019-12-10 Exploit Author: Sanyam Chawla Vendor Homepage: http://www.dlink.co.in Category: Hardware Wi-fi Router Hardware Link: http://www.dlink.co.in/products/?pid=678 Hardware Version: T1 Firmware...
FTP Commander Pro 8.03 - Local Stack Overflow
FTP Commander Pro 8.03 - Local Stack Overflow Exploit Title: FTP Commander Pro 8.03 - Local Stack Overflow Date: 2019-12-12 Exploit Author: boku Discovered by: UNNON Original DoS: FTP Commander 8.02 - Overwrite SEH Original DoS Link: https://www.exploit-db.com/exploits/37810 Software Vendor:...
NVMS 1000 - Directory Traversal
NVMS 1000 - Directory Traversal Title: NVMS-1000 - Directory Traversal Date: 2019-12-12 Author: Numan Türle Vendor Homepage: http://en.tvt.net.cn/ Version : N/A Software Link : http://en.tvt.net.cn/products/188.html POC --------- GET /../../../../../../../../../../../../windows/win.ini HTTP/1.1...
Lenovo Power Management Driver 1.67.17.48 - pmdrvs.sys Denial of Service (PoC)
Lenovo Power Management Driver 1.67.17.48 - pmdrvs.sys Denial of Service PoC Exploit Title: Lenovo Power Management Driver 1.67.17.48 - 'pmdrvs.sys' Denial of Service PoC Date: 2019-12-11 Exploit Author: Nassim Asrir CVE: CVE-2019-6192 Tested On: Windows 1064bit | ThinkPad T470p Vendor :...
Bullwark Momentum Series JAWS 1.0 - Directory Traversal
Bullwark Momentum Series JAWS 1.0 - Directory Traversal Title: Bullwark Momentum Series JAWS 1.0 - Directory Traversal Date: 2019-12-11 Author: Numan Türle Vendor Homepage: http://www.bullwark.net/ Version : Bullwark Momentum Series Web Server JAWS/1.0 Software Link :...
OpenNetAdmin 18.1.1 - Command Injection Exploit (Metasploit)
OpenNetAdmin 18.1.1 - Command Injection Exploit Metasploit class MetasploitModule 'OpenNetAdmin Ping Command Injection', 'Description' = %q This module exploits a command injection in OpenNetAdmin between 8.5.14 and 18.1.1. , 'Author' = 'mattpascoe', Vulnerability discovery 'Onur ER ' Metasploit...
ManageEngine Desktop Central - FileStorage getChartImage Deserialization Unauthenticated Remote Code Execution
ManageEngine Desktop Central - FileStorage getChartImage Deserialization Unauthenticated Remote Code Execution !/usr/bin/python3 """ ManageEngine Desktop Central FileStorage getChartImage Deserialization of Untrusted Data Remote Code Execution Vulnerability Download:...
AppXSvc 17763 - Arbitrary File Overwrite (DoS)
AppXSvc 17763 - Arbitrary File Overwrite DoS Exploit Title: AppXSvc 17763 - Arbitrary File Overwrite DoS Date: 2019-10-28 Exploit Author: Gabor Seljan Vendor Homepage: https://www.microsoft.com/ Version: 17763.1.amd64fre.rs5release.180914-1434 Tested on: Windows 10 Version 1809 for x64-based...
Adobe Acrobat Reader DC - Heap-Based Memory Corruption due to Malformed TTF Font
Adobe Acrobat Reader DC - Heap-Based Memory Corruption due to Malformed TTF Font We have observed the following access violation exception in the latest version of Adobe Acrobat Reader DC for Windows, when opening a malformed PDF file: --- cut --- First chance exceptions are reported before any...
Apache Olingo OData 4.0 - XML External Entity Injection
Apache Olingo OData 4.0 - XML External Entity Injection COMPASS SECURITY ADVISORY https://www.compass-security.com/research/advisories/ Product: Apache Olingo OData 4.0 Vendor: Apache Foundation CSNC ID: CSNC-2009-025 CVE ID: CVE-2019-17554 Subject: XML External Entity Resolution XXE Risk: High...
Product Key Explorer 4.2.0.0 - Name Denial of Service (POC)
Product Key Explorer 4.2.0.0 - Name Denial of Service POC Exploit Title: Product Key Explorer 4.2.0.0 - 'Name' Denial of Service POC Discovery by: SajjadBnd Date: 2019-12-10 Vendor Homepage: http://www.nsauditor.com Software Link: http://www.nsauditor.com/downloads/productkeyexplorersetup.exe...
Product Key Explorer 4.2.0.0 - Key Denial of Service (PoC)
Product Key Explorer 4.2.0.0 - Key Denial of Service PoC Exploit Title: Product Key Explorer 4.2.0.0 - 'Key' Denial of Service POC Discovery by: SajjadBnd Date: 2019-12-10 Vendor Homepage: http://www.nsauditor.com Software Link: http://www.nsauditor.com/downloads/productkeyexplorersetup.exe Teste...
Inim Electronics Smartliving SmartLAN 6.x - Unauthenticated Server-Side Request Forgery
Inim Electronics Smartliving SmartLAN 6.x - Unauthenticated Server-Side Request Forgery Exploit Title: Inim Electronics Smartliving SmartLAN 6.x - Unauthenticated Server-Side Request Forgery Author: LiquidWorm Date: 2019-12-09 Product web page: https://www.inim.biz Link:...
Inim Electronics Smartliving SmartLAN 6.x - Hard-coded Credentials
Inim Electronics Smartliving SmartLAN 6.x - Hard-coded Credentials Exploit Title: Inim Electronics Smartliving SmartLAN 6.x - Hard-coded Credentials Exploit Author: LiquidWorm Date: 2019-12-09 Product web page: https://www.inim.biz Link:...
Inim Electronics Smartliving SmartLAN 6.x - Remote Command Execution
Inim Electronics Smartliving SmartLAN 6.x - Remote Command Execution Exploit Title: Inim Electronics Smartliving SmartLAN 6.x - Remote Command Execution Author: LiquidWorm Date: 2019-12-09 Product web page: https://www.inim.biz Link:...
PRO-7070 Hazır Profesyonel Web Sitesi 1.0 - Authentication Bypass
PRO-7070 Hazır Profesyonel Web Sitesi 1.0 - Authentication Bypass Exploit Title: PRO-7070 Hazır Profesyonel Web Sitesi 1.0 - Authentication Bypass Date: 2019-12-08 Exploit Author: Ahmet Ümit BAYRAM Vendor Homepage: https://www.websitem.biz/hazir-site/pro-7070-hazir-mobil-tablet-uyumlu-web-sitesi...
Oracle Siebel Sales 8.1 - Persistent Cross-Site Scripting
Oracle Siebel Sales 8.1 - Persistent Cross-Site Scripting Exploit Title : Oracle Siebel Sales 8.1 - Persistent Cross-Site Scripting Exploit Author : omurugur Software link: https://www.oracle.com/tr/applications/siebel/ Effective version : Oracle Siebel Sales 8.1 CVE: N/A Examples Request; POST...
Snipe-IT Open Source Asset Management 4.7.5 - Persistent Cross-Site Scripting
Snipe-IT Open Source Asset Management 4.7.5 - Persistent Cross-Site Scripting Exploit Title: Snipe-IT Open Source Asset Management 4.7.5 - Persistent Cross-Site Scripting Exploit Author: Metin Yunus Kandemir kandemir Vendor Homepage: https://snipeitapp.com/ Software Link:...
Alcatel-Lucent Omnivista 8770 - Remote Code Execution
Alcatel-Lucent Omnivista 8770 - Remote Code Execution Exploit Title: Alcatel-Lucent Omnivista 8770 - Remote Code Execution Google Dork: inurl:php-bin/webclient.php Date: 2019-12-01 Author: 0x1911 Vendor Homepage: https://www.al-enterprise.com/ Software Link:...
Yachtcontrol Webapplication 1.0 - Unauthenticated Remote Code Execution
Yachtcontrol Webapplication 1.0 - Unauthenticated Remote Code Execution Exploit Title: Yachtcontrol Webapplication 1.0 - Unauthenticated Remote Code Execution Google Dork: N/A Date: 2019-12-06 Exploit Author: Hodorsec Vendor Homepage: http://www.yachtcontrol.nl/en/ Version: 1.0 Software Link:...
Omron PLC 1.0.0 - Denial of Service (PoC)
Omron PLC 1.0.0 - Denial of Service PoC Exploit Title: Omron PLC 1.0.0 - Denial of Service PoC Google Dork: n/a Date: 2019-12-06 Exploit Author: n0b0dy Vendor Homepage: https://automation.omron.com, ia.omron.com Software Link: n/a Version: 1.0.0 Tested on: PLC f/w rev.: CJ2M v2.01 CWE-412 :...
SpotAuditor 5.3.2 - Base64 Local Buffer Overflow (SEH)
SpotAuditor 5.3.2 - Base64 Local Buffer Overflow SEH Exploit Title: SpotAuditor 5.3.2 - 'Base64' Local Buffer Overflow SEH Exploit Author: Kirill Nikolaev Date: 2019-12-06 Vulnerable Software: SpotAuditor Vendor Homepage: http://www.nsauditor.com/ Version: 5.3.2 Software Link:...
Microsoft Windows - Multiple UAC Protection Bypasses
Microsoft Windows - Multiple UAC Protection Bypasses Windows 10 UAC bypass for all executable files which are autoelevate true. https://heynowyouseeme.blogspot.com/2019/08/windows-10-lpe-uac-bypass-in-windows.html Download...
Mozilla FireFox (Windows 10 x64) - Full Chain Client Side Attack
Mozilla FireFox Windows 10 x64 - Full Chain Client Side Attack // Axel '0vercl0k' Souchet - November 19 2019 // EDB Note: Download https://github.com/offensive-security/exploitdb-bin-sploits/raw/master/bin-sploits/47752.zip // 0:000 ? xul!sAutomationPrefIsSet - xul // Evaluate expression: 8572494...
Integard Pro NoJs 2.2.0.9026 - Remote Buffer Overflow
Integard Pro NoJs 2.2.0.9026 - Remote Buffer Overflow Exploit Title: Integard Pro NoJs 2.2.0.9026 - Remote Buffer Overflow Date: 2019-09-22 Exploit Author: purpl3f0xsecur1ty Vendor Homepage: https://www.tucows.com/ Software Link: http://www.tucows.com/preview/519612/Integard-Home Version: Pro...
Trend Micro Deep Security Agent 11 - Arbitrary File Overwrite
Trend Micro Deep Security Agent 11 - Arbitrary File Overwrite Exploit Title: Trend Micro Deep Security Agent 11 - Arbitrary File Overwrite Exploit Author : Peter Lapp Exploit Date: 2019-12-05 Vendor Homepage : https://www.trendmicro.com/enus/business.html Link Software :...
Verot 2.0.3 - Remote Code Execution
Verot 2.0.3 - Remote Code Execution Exploit Title: Verot 2.0.3 - Remote Code Execution Date: 2019-12-05 Exploit Author: Jinny Ramsmark Vendor Homepage: https://www.verot.net/phpclassupload.htm Software Link: https://github.com/verot/class.upload.php Version: '; $quality = "85"; $baseurl =...
NETGATE Data Backup 3.0.620 - NGDatBckpSrv Unquoted Service Path
NETGATE Data Backup 3.0.620 - NGDatBckpSrv Unquoted Service Path Exploit Title: NETGATE Data Backup 3.0.620 - 'NGDatBckpSrv' Unquoted Service Path Exploit Author : ZwX Exploit Date: 2019-12-04 Vendor Homepage : http://www.netgate.sk/ Link Software : http://www.netgate.sk/download/download.php?id=...
Amiti Antivirus 25.0.640 - Unquoted Service Path
Amiti Antivirus 25.0.640 - Unquoted Service Path Exploit Title: Amiti Antivirus 25.0.640 - Unquoted Service Path Exploit Author : ZwX Exploit Date: 2019-12-04 Vendor Homepage : http://www.netgate.sk/ Link Software : https://www.netgate.sk/download/download.php?id=11 Tested on OS: Windows 7 Analyz...
Broadcom CA Privilged Access Manager 2.8.2 - Remote Command Execution
Broadcom CA Privilged Access Manager 2.8.2 - Remote Command Execution Title: Broadcom CA Privilged Access Manager 2.8.2 - Remote Command Execution Author: Peter Lapp Date: 2019-12-05 Vendor:...
Cisco WLC 2504 8.9 - Denial of Service (PoC)
Cisco WLC 2504 8.9 - Denial of Service PoC Exploit Title: Cisco WLC 2504 8.9 - Denial of Service PoC Google Dork: N/A Date: 2019-11-25 Exploit Author: SecuNinja Vendor Homepage: cisco.com Software Link: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191106-wlc-do...
Online Clinic Management System 2.2 - HTML Injection
Online Clinic Management System 2.2 - HTML Injection Exploit Title: Online Clinic Management System 2.2 - HTML Injection Date: 2019-11-29 Exploit Author: Cemal Cihad ÇİFTÇİ Vendor Homepage: https://bigprof.com Software Download Link :...
OwnCloud 8.1.8 - Username Disclosure
OwnCloud 8.1.8 - Username Disclosure Exploit Title: OwnCloud 8.1.8 - Username Disclosure Exploit Author : Daniel Moreno Exploit Date: 2019-11-29 Vendor Homepage : https://owncloud.org/ Link Software : https://ftp.icm.edu.pl/packages/owncloud/ old version. Download at your own risk Tested on OS:...
Microsoft Visual Basic 2010 Express - XML External Entity Injection
Microsoft Visual Basic 2010 Express - XML External Entity Injection Exploit Title: Microsoft Visual Basic 2010 Express - XML External Entity Injection Exploit Author: ZwX Exploit Date: 2019-12-03 Version Software : 10.0.30319.1 RTMRel Vendor Homepage : https://www.microsoft.com/ Software Link:...
msdn.com
Pentest notes for: msdn.com Exploit Pack Nmap 7.80 scan initiated Tue Dec 3 09:58:32 2019 as: /usr/bin/nmap -sV -A -oA log/msdn.com msdn.com Nmap scan report for msdn.com 13.77.161.179 Host is up 0.17s latency. Other addresses for msdn.com not scanned: 104.215.148.63 40.76.4.15 40.112.72.205...
packetstormsecurity.com
Pentest notes for: packetstormsecurity.com Exploit Pack Nmap 7.80 scan initiated Tue Dec 3 09:27:33 2019 as: /usr/bin/nmap -sV -A -oA log/exploitpack.com exploitpack.com Nmap scan report for exploitpack.com 132.148.22.104 Host is up 0.18s latency. rDNS record for 132.148.22.104:...
microsoft.com
Pentest notes for: microsoft.com Exploit Pack Nmap 7.80 scan initiated Tue Dec 3 09:27:33 2019 as: /usr/bin/nmap -sV -A -oA log/exploitpack.com exploitpack.com Nmap scan report for exploitpack.com 132.148.22.104 Host is up 0.18s latency. rDNS record for 132.148.22.104:...
google.com
Pentest notes for: google.com Exploit Pack Nmap 7.80 scan initiated Tue Dec 3 09:27:33 2019 as: /usr/bin/nmap -sV -A -oA log/exploitpack.com exploitpack.com Nmap scan report for exploitpack.com 132.148.22.104 Host is up 0.18s latency. rDNS record for 132.148.22.104:...
exploitpack.com
Pentest notes for: exploitpack.com Exploit Pack Nmap 7.80 scan initiated Tue Dec 3 09:27:33 2019 as: /usr/bin/nmap -sV -A -oA log/exploitpack.com exploitpack.com Nmap scan report for exploitpack.com 132.148.22.104 Host is up 0.18s latency. rDNS record for 132.148.22.104:...
Revive Adserver 4.2 - Remote Code Execution
Revive Adserver 4.2 - Remote Code Execution Exploit Title: Revive Adserver 4.2 - Remote Code Execution Google Dork: "inurl:www/delivery filetype:php" Exploit Author: crlf Vendor Homepage: https://www.revive-adserver.com/ Software Link: https://www.revive-adserver.com/download/archive/ Version:...
Microsoft Windows Media Center 2002 - XML External Entity MotW Bypass
Microsoft Windows Media Center 2002 - XML External Entity MotW Bypass Exploit Title: Microsoft Windows Media Center 2002 - XML External Entity MotW Bypass Discovery by: hyp3rlinx Date: 2019-12-03 Vendor Homepage: www.microsoft.com CVE: N/A + Credits: John Page aka hyp3rlinx + Website:...
CompMgmtLauncher
Auto-Elevate process using CompMgmtLauncher.exe Author: jsacco How to use: 1. Copy the batch into run.bat 2. Run it! 3. Admin Tested on Windows 10 @echo off echo UAC-Bypass by jsacco reg add "HKCU\Software\Classes\mscfile\shell\open\command" /d "cmd.exe /c" /f && reg add...
sdcltUAC
Auto-Elevate process using sdclt.exe Author: jsacco How to use: 1. Copy the batch into run.bat 2. Run it! 3. Admin Tested on Windows 10 @echo off echo UAC-Bypass by jsacco reg add "HKCU\Software\Classes\Folder\shell\open\command" /d "cmd.exe /c notepad.exe" /f && reg add...
Intelbras Router RF1200 1.1.3 - Cross-Site Request Forgery
Intelbras Router RF1200 1.1.3 - Cross-Site Request Forgery Exploit Title: Intelbras Router RF1200 1.1.3 - Cross-Site Request Forgery Date: 2019-11-06 Exploit Author: Joas Antonio Vendor Homepage: intelbras.com.br Software Link:...
Online Invoicing System 2.6 - description Persistent Cross-Site Scripting
Online Invoicing System 2.6 - description Persistent Cross-Site Scripting Exploit Title: Online Invoicing System 2.6 - 'description' Persistent Cross-Site Scripting Date: 2019-11-29 Exploit Author: Cemal Cihad ÇİFTÇİ Vendor Homepage: https://bigprof.com Software Download Link :...
ComputerDefaults
Auto-Elevate process using ComputerDefaults.exe Author: jsacco How to use: 1. Copy the batch into run.bat 2. Run it! 3. Admin Tested on Windows 10 @echo off echo UAC-Bypass by jsacco reg add "HKCU\Software\Classes\ms-settings\shell\open\command" /d "cmd.exe /c" /f && reg add...
NetProfiler
On .NET 4, the CLSID must be defined via the HKCR\CLSIDGUID\InprocServer32 registry key containing the path to the profiling DLL. On recent versions, the CLR uses the CORPROFILERPATH environment variable to find the DLL – and falls back to using the CLSID if CORPROFILERPATH is not defined. Author...
null
A remote administration tool a RAT is a piece of software that allows a remote "operator" to control a system as if he has physical access to that system. While desktop sharing and remote administration have many legal uses, "RAT" software is usually associated with criminal or malicious activity...