DiskBoss Service 12.2.18 Unquoted Service Path

Exploit Title: DiskBoss Service 12.2.18 - 'diskbsa.exe' Unquoted Service Path Discovery by: Erick Galindo Discovery Date: 2021-05-21 Vendor Homepage: https://www.diskboss.com Software : https://www.diskboss.com/setupsx64/diskbosssetupv12.2.18x64.exe Tested Version: 12.2.18 Vulnerability Type:...

Backdoor.Win32.SkyDance.216 Buffer Overflow

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/694ecf256c97ef6e206e2073d37e5944.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.SkyDance.216 Vulnerability: Remote Stack Buffer Overflow Description: The malware...

Backdoor.Win32.Singu.a Buffer Overflow

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/c7aabf5d248c6974b4cea6c070d6d441.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Singu.a Vulnerability: Remote Stack Buffer Overflow UDP Datagram Description: The...

Mozilla Firefox 88.0.1 File Extension Execution

Exploit Title: Mozilla Firefox 88.0.1 - File Extension Execution of Arbitrary Code Date: 20/05/2021 Exploit Authors: Carlo Di Dato and Michael Caruso from BestEffort Team https://besteffortteam.it Vendor Homepage: https://www.mozilla.org Version: = 88.0.1 Tested on: Windows XP Professional SP3...

WordPress WP Statistics 13.0.7 SQL Injection

Exploit Title: WordPress Plugin WP Statistics 13.0.7 - Time-Based Blind SQL Injection Unauthenticated Date: 20/05/2021 Exploit Author: Mansoor R @time4ster CVSS Score: 7.5 High CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N Version Affected: 13.0 to 13.0.7 Vendor URL:...

DELL dbutil_2_3.sys 2.3 Arbitrary Write / Privilege Escalation

Exploit Title: DELL dbutil23.sys 2.3 - Arbitrary Write to Local Privilege Escalation LPE Date: 10/05/2021 Exploit Author: Paolo Stagno aka VoidSec Version: include include include include define IOCTLCODE 0x9B0C1EC8 // IOCTLCODE value, used to reach the vulnerable function taken from IDA define...

libX11 Insufficient Length Check / Injection

Hello list, A missing length check in libX11 causes data from LookupColor requests mess up the client-server communication protocol and inject malicious X server requests. The flaw is comparable to SQLi injecting commands into database connections granting an attacker access to all features of th...

Microsoft Exchange ProxyLogon Collector

Exploit Title: Microsoft Exchange 2019 - Unauthenticated Email Download Metasploit Date: 2021-03-02 Exploit Author: RAMELLA Sébastien Vendor Homepage: https://microsoft.com Version: This vulnerability affects Exchange 2013 Versions 'Microsoft Exchange ProxyLogon Collector', 'Description' = %q Thi...

Acer Backup Manager Module 3.0.0.99 Unquoted Service Path

Exploit Title: Acer Backup Manager Module 3.0.0.99 - 'IScheduleSvc.exe' Unquoted Service Path Discovery by: Emmanuel Lujan Discovery Date: 2021-05-19 Vendor Homepage: https://www.acer.com/ac/en/US/content/home Tested Version: 3.0.0.99 Vulnerability Type: Unquoted Service Path Tested on OS: Window...

Spotweb-Develop 1.4.9 Cross Site Scripting

Exploit Title: Cross Site Scripting DOM Based spotweb-develop 1.4.9 Author: @nu11secur1ty Testing and Debugging: nu11secur1ty $ OWASP-ZAP Date: 05.20.2021 Vendor: https://www.nzbserver.com/ Link: https://github.com/spotweb/spotweb CVE: 2021-XXXX Proof: https://streamable.com/hix5o1 + Exploit...

Acer Updater Service 1.2.3500.0 Unquoted Service Path

Exploit Title: Acer Updater Service 1.2.3500.0 - 'UpdaterService.exe' Unquoted Service Path Discovery by: Emmanuel Lujan Discovery Date: 2020-11-26 Vendor Homepage: https://www.acer.com/ac/en/US/content/home Tested Version: 1.2.3500.0 Vulnerability Type: Unquoted Service Path Tested on OS: Window...

ASUS HID Access Service 1.0.94.0 Unquoted Service Path

Exploit Title: ASUS HID Access Service 1.0.94.0 - 'AsHidSrv.exe' Unquoted Service Path Date: 2020-05-19 Exploit Author: Alejandra Sánchez Vendor Homepage: www.asus.com Version: 1.0.94.0 Tested on: Windows 10 Pro x64 es Description: ATK Hotkey 1.0.94.0 suffers from an unquoted search path issue...

COVID19 Testing Management System 1.0 SQL Injection

Exploit Title: COVID19 Testing Management System 1.0 - SQL Injection Auth Bypass Date: 19/05/2021 Exploit Author: Rohit Burke Vendor Homepage: https://phpgurukul.com Software Link: https://phpgurukul.com/covid19-testing-management-system-using-php-and-mysql/ Version: 1.0 Tested on: Windows 10 SQL...

COVID19 Testing Management System 1.0 Cross Site Scripting

Exploit Title: COVID19 Testing Management System 1.0 - 'Admin name' Cross-Site Scripting XSS Date: 19/05/2021 Exploit Author: Rohit Burke Vendor Homepage: https://phpgurukul.com Software Link: https://phpgurukul.com/covid19-testing-management-system-using-php-and-mysql/ Version: 1.0 Tested on:...

Backdoor.Win32.Psychward.c Code Execution

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/f60a8d71a822e0e485f22ada8f26c31e.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Psychward.c Vulnerability: Unauthenticated Remote Command Execution Description: The...

Backdoor.Win32.Psychward.ds Weak Hardcoded Password

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/9e22514c9b0e74c7fcb07b7c091f6123.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Psychward.ds Vulnerability: Weak Hardcoded Password Description: The malware listens ...

In4Suit ERP 3.2.74.1370 SQL Injection

Exploit Title: In4Suit ERP 3.2.74.1370 - 'txtLoginId' SQL injection Date: 18/05/2021 Exploit Author: Gulab Mondal Vendor Homepage: https://www.in4velocity.com/in4suite-erp.html Version: In4Suite ERP 3.2.74.1370 Tested on: Windows ----------------------------------------- SQL injection in In4Suite...

ManageEngine ADSelfService Plus 6.1 CSV Injection

Exploit Title: ManageEngine ADSelfService Plus 6.1 - CSV Injection Date: 19/05/2021 Exploit Author: Metin Yunus Kandemir Vendor Homepage: https://www.manageengine.com/ Software Link: https://www.manageengine.com/products/self-service-password/download.html Version: 6.1 Description:...

Visual Studio Code 1.47.1 Denial Of Service

Exploit Tittle: Visual Studio Code 1.47.1 - Denial of Service Poc Exploit Author: H.H.A.Ravindu Priyankara Category: Denial of ServiceDOS Tested Version:1.47.1 Vendor: Microsoft Software Download Link:https://code.visualstudio.com/updates/ Write-Host "...

Backdoor.Win32.RMFdoor.c Authentication Bypass / Code Execution

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/5e2e6ca532c20ee6a59861d936df7076.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.RMFdoor.c Vulnerability: Authentication Bypass RCE Description: The malware listens o...

WordPress Stop Spammers 2021.8 Cross Site Scripting

Exploit Title: WordPress Plugin Stop Spammers 2021.8 - 'log' Reflected Cross-site Scripting XSS Date: 04/08/2021 Exploit Author: Hosein Vita Vendor Homepage: https://wordpress.org/plugins/stop-spammer-registrations-plugin/ Software Link:...

WebSSH For iOS 14.16.10 Denial Of Service

Exploit Title: WebSSH for iOS 14.16.10 - 'mashREPL' Denial of Service PoC Author: Luis Martinez Discovery Date: 2021-05-18 Vendor Homepage: https://apps.apple.com/mx/app/webssh-ssh-client/id497714887 Software Link: App Store for iOS devices Tested Version: 14.16.10 Vulnerability Type: Denial of...

Microsoft ACL Shortcomings

Hi @ll, the following is a substantially shortened version of and Windows NT supports access control for almost all its objects, "How Security Descriptors and Access Control Lists Work" and "How Permissions Work" provide a comprehensive and exhaustive explanation. "Access Control Lists" provides ...

rxvt 2.7.0 / rxvt-unicode 9.22 Code Execution

!/usr/bin/env python Title: rxvt remote code execution over scp with $SHELL=/bin/bash 0day Version: rxvt 2.7.10, rxvt-unicode 9.22 Author: def Date: 2021-05-16 CVE: N/A ------------------------------------------------------------------------------ URXVT VULNERABILITY In rxvt-based terminals, ANSI...

EgavilanMedia PHPCRUD 1.0 SQL Injection

Exploit Title: EgavilanMedia PHPCRUD 1.0 - 'First Name' SQL Injection Date: 5/17/2021 Exploit Author: Dimitrios Mitakos Vendor Homepage: https://egavilanmedia.com Software Link: https://egavilanmedia.com/crud-operation-with-php-mysql-bootstrap-and-dompdf/ Version: 1.0 Tested on: Debian GNU/Linux ...

NetMotion Mobility Server MvcUtil Java Deserialization

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'NetMotion Mobility Server MvcUtil Java Deserialization', 'Description' = %q This module exploits an unauthenticated Java deserialization in the...

NiceHash Miner Excavator 1.6.7c Cross Site Request Forgery

NiceHash Miner Excavator API Cross-Site Request Forgery ======================================================= The latest version of this advisory is available at: https://sintonen.fi/advisories/nicehash-miner-excavator-api-csrf.txt Overview -------- NiceHash Miner Excavator plugin contains a...

Backdoor.Win32.DarkMoon.a Insecure Transit

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/7361fe3620fb6e18467c8e15e224b0b8B.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.DarkMoon.a Vulnerability: Insecure Transit Description: Dark Moon v1 client by...

Microsoft Exchange 2019 Unauthenticated Email Download

Exploit Title: Microsoft Exchange 2019 - Unauthenticated Email Download Date: 03-11-2021 Exploit Author: Gonzalo Villegas a.k.a Cl34r Vendor Homepage: https://www.microsoft.com/ Version: OWA Exchange 2013 - 2019 Tested on: OWA 2016 CVE : CVE-2021-26855 Details: checking users mailboxes and...

Backdoor.Win32.DarkMoon.a Weak Hardcoded Password

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/7361fe3620fb6e18467c8e15e224b0b8.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.DarkMoon.a Vulnerability: Weak Hardcoded Password Description: Dark Moon v1 client by...

Backdoor.Win32.Delf.aez Code Execution

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/be4a6274679ca966a1d99140db54c25a.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Delf.aez Vulnerability: Unauthenticated Remote Command Execution Description: The...

Microsoft Internet Explorer 8 SetMouseCapture Use-After-Free

Exploit Title: Microsoft Internet Explorer 8 - 'SetMouseCapture ' Use After Free Date: 15/05/2021 CVE : CVE-2013-3893 PoC: https://github.com/travelworld/cve20133893trigger.html/blob/gh-pages/params.json Exploit Author: SlidingWindow Vendor Advisory:...

Billing Management System 2.0 SQL Injection

Exploit Title: Billing Management System 2.0 - Union based SQL injection Authenticated Date: 2021-05-16 Exploit Author: Mohammad Koochaki Vendor Homepage: https://www.sourcecodester.com/php/14380/billing-management-system-php-mysql-updated.html Software Link:...

IPFire 2.25 Remote Code Execution

Exploit Title: IPFire 2.25 - Remote Code Execution Authenticated Date: 15/05/2021 Exploit Author: Mücahit Saratar Vendor Homepage: https://www.ipfire.org/ Software Link: https://downloads.ipfire.org/releases/ipfire-2.x/2.25-core156/ipfire-2.25.x8664-full-core156.iso Version: 2.25 - core update 15...

Dental Clinic Appointment Reservation System 1.0 Cross Site Scripting

Exploit Title: Dental Clinic Appointment Reservation System 1.0 - 'Firstname' Persistent Cross Site Scripting Authenticated Date: 14-05-2021 Exploit Author: Reza Afsahi Vendor Homepage: https://www.sourcecodester.com/php/6848/appointment-reservation-system.html Software Link:...

Backdoor.Win32.Agent.cy Denial Of Service / Null Pointer

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/e85a1028a52fcc723353a236ada54feeC.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Agent.cy Vulnerability: Denial of Service Description: The malware listens on TCP po...

Backdoor.Win32.Danton.43 Code Execution / Hardcoded Credentials

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/85f7ef2b6b8da9adb7723a13b91ac1c7.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Danton.43 Vulnerability: Weak Hardcoded Credentials RCE Description: The malware...

Advanced Guestbook 2.4.4 Cross Site Scripting

Exploit Title: Advanced Guestbook 2.4.4 - 'Smilies' Persistent Cross-Site Scripting XSS Date: 17/08/2021 Exploit Author: Abdulkadir AYDOGAN Vendor Homepage: https://www.ampps.com/apps/guestbooks/AdvancedGuestbook Software Link: https://www.ampps.com/apps/guestbooks/AdvancedGuestbook Version: 2.4....

Microsoft Windows TokenMagic Privilege Escalation

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Windows Privilege Escalation via TokenMagic UAC Bypass', 'Description' = %q This module leverages a UAC bypass TokenMagic in order to spawn a...

Subrion CMS 4.2.1 Shell Upload

Exploit Title: File Upload Bypass to RCE Authenticated Google Dork: N/A Date: 17/05/2021 Exploit Author: Fellipe Oliveira Vendor Homepage: https://subrion.org/ Software Link: https://github.com/intelliants/subrion Version: SubrionCMS 4.2.1 Tested on: Debian9, Debian 10 and Ubuntu 16.04 CVE :...

Backdoor.Win32.Danton.43 Man-In-The-Middle

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/85f7ef2b6b8da9adb7723a13b91ac1c7B.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Danton.43 Vulnerability: MITM Port Bounce Scan Description: The backdoor FTP server...

Backdoor.Win32.Agent.lyw Buffer Overflow

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/4de6f4104a5fc2185164747a6fcf20ce.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Agent.lyw Vulnerability: Remote Stack Buffer Overflow UDP Description: The malware...

Backdoor.Win32.Antilam.14.d Code Execution

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/a53351e8fa0cb4f7db3d0250387a0e4f.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Antilam.14.d Vulnerability: Unauthenticated Remote Command Execution Description: The...

Backdoor.Win32.Agent.cy Insecure Transit

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/e85a1028a52fcc723353a236ada54feeB.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Agent.cy Vulnerability: Insecure Transit Description: The malware listens on TCP por...

Printable Staff ID Card Creator System 1.0 Shell Upload / SQL Injection

Exploit Title: Printable Staff ID Card Creator System 1.0 - SQLi & RCE via Arbitrary File Upload Date: 2021-05-16 Exploit Author : bwnz Software Link: https://www.sourcecodester.com/php/12802/php-staff-id-card-creation-and-printing-system.html Version: 1.0 Tested on: Ubuntu 20.04.2 LTS Printable...

Dental Clinic Appointment Reservation System 1.0 Cross Site Request Forgery

Exploit Title: Dental Clinic Appointment Reservation System 1.0 - Cross Site Request Forgery Add Admin Date: 15-05-2021 Exploit Author: Reza Afsahi Vendor Homepage: https://www.sourcecodester.com/php/6848/appointment-reservation-system.html Software Link:...

Backdoor.Win32.Agent.oda Buffer Overflow

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/380ff48c4a28ac25f5efb630883eeb17.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Agent.oda Vulnerability: Remote Stack Buffer Overflow UDP Description: The malware...

Dell DBUtil_2_3.sys IOCTL Memory Read / Write

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Dell DBUtil23.sys IOCTL memmove', 'Description' = %q The DBUtil23.sys driver distributed by Dell exposes an unprotected IOCTL interface that can ...

Simple Chatbot Application 1.0 Cross Site Scripting

Exploit Title: Simple Chatbot Application 1.0 - 'Category' Stored Cross site Scripting Date: 16-05-2021 Exploit Author: Vani K G Vendor Homepage: https://www.sourcecodester.com/ Software Link: https://www.sourcecodester.com/php/14788/simple-chatbot-application-using-php-source-code.html Version:...

Backdoor.Win32.Agent.cy Hardcoded Credentials

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/e85a1028a52fcc723353a236ada54fee.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Agent.cy Vulnerability: Weak Hardcoded Credentials Description: The malware listens o...