50637 matches found
Foxit Reader 9.0.1.1049 Arbitrary Code Execution
Exploit Title: Foxit Reader 9.0.1.1049 - Arbitrary Code Execution Date: August 29, 2020 Exploit Author: CrossWire Vendor Homepage: https://www.foxitsoftware.com/ Software Link:...
Razer Chroma SDK Server 3.16.02 Race Condition
Exploit Title: Razer Chroma SDK Server 3.16.02 - Race Condition Remote File Execution Date: 2020-08-13 Exploit Author: Loke Hui Yi Vendor Homepage: https://razerid.razer.com Software Link: http://rzr.to/synapse-3-pc-download Version: , and create an exe file with the same application's name in th...
Pure-FTPd 1.0.48 Remote Denial Of Service
Exploit Title: Pure-FTPd 1.0.48 - Remote Denial of Service Date: 2020. nov. 26., 09:32:17 CET Exploit Author: xynmaps Vendor Homepage: https://www.pureftpd.org/project/pure-ftpd/ Software Link: https://github.com/jedisct1/pure-ftpd/ Version: 1.0.48 Tested on: Parrot Security OS 5.9.0 encoding=utf...
Fujitsu Eternus Storage DX200 S4 Broken Authentication
Title: Fujitsu Eternus Storage DX200 S4 Broken Authentication Author: Seccops https://seccops.com Vendor Homepage: https://www.fujitsu.com/global/products/computing/storage/disk/eternus-dx/ Version: Fujitsu Eternus Storage DX200 S4 devices through 2020-11-25 Classifications: OWASP: A2:2017-Broken...
libupnp 1.6.18 Denial Of Service
Exploit Title: libupnp 1.6.18 - Stack-based buffer overflow DoS Date: 2020-08-20 Exploit Author: Patrik Lantz Vendor Homepage: https://pupnp.sourceforge.io/ Software Link: https://sourceforge.net/projects/pupnp/files/pupnp/libUPnP%201.6.6/libupnp-1.6.6.tar.bz2/download Version: = 1.6.6 Tested on:...
House Rental 1.0 SQL Injection
Exploit Title: House Rental 1.0 - 'keywords' SQL Injection Exploit Author: Bobby Cooke boku & Adeeb Shah @hyd3sec Date: 2020-08-07 Vendor Homepage: https://projectworlds.in Software Link: https://projectworlds.in/wp-content/uploads/2019/06/home-rental.zip Version: 1.0 Tested On: Windows 10 Pro...
Kong Gateway Admin API Remote Code Execution
frozenstringliteral: true This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Kong Gateway Admin API Remote Code Execution', 'Description' = ' This module uses the Kong admin API to create a route...
SyncBreeze 10.0.28 Remote Buffer Overflow
Exploit Title: SyncBreeze 10.0.28 - 'password' Remote Buffer Overflow Date: 18-Sep-2020 Exploit Author: Abdessalam kingA.salam Vendor Homepage: http://www.syncbreeze.com Software Link: http://www.syncbreeze.com/setups/syncbreezeentsetupv10.0.28.exe Version: 10.0.28 Tested on: Windows 7,windows...
OpenMediaVault rpc.php Authenticated PHP Code Injection
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'OpenMediaVault rpc.php Authenticated PHP Code Injection', 'Description' = %q This module exploits an authenticated PHP code injection vulnerabili...
BigBlueButton 2.2.29 Brute Force
Title: BigBlueButton Meeting Access Code Brute Force Vulnerability Google Dork: N/A Date: 24.11.2020 Author: Seccops https://seccops.com Vendor Homepage: bigbluebutton.org Version: 2.2.29 and previous versions CVE: CVE-2020-29042 === Summary === An issue was discovered in BigBlueButton through...
osCommerce 2.3.4.1 Cross Site Scripting
Exploit Title: osCommerce 2.3.4.1 - 'title' Persistent Cross-Site Scripting Date: 2020-11-19 Exploit Author: Emre Aslan Vendor Homepage: https://www.oscommerce.com/ Version: 2.3.4.1 Tested on: Windows & XAMPP == Tutorial https://HOST/catalog/admin/newsletters.php?action=new 3- Enter the XSS paylo...
WordPress Simple File List Unauthenticated Remote Code Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'WordPress Simple File List Unauthenticated Remote Code Execution', 'Description' = %q Simple File List simple-file-list plugin before 4.2.3 for...
Wondershare Driver Install Service Help 10.7.1.321 Unquoted Service Path
Exploit Title: Wondershare Driver Install Service help 10.7.1.321 - 'ElevationService' Unquote Service Path Date: 2020-11-24 Exploit Author: Luis Sandoval Vendor Homepage: https://www.wondershare.com/ Software Link: https://www.wondershare.com/drfone/ Version: 10.7.1.321 Tested on: Windows 10 Hom...
ZeroShell 3.9.0 Remote Command Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Zeroshell 3.9.0 Remote Command Execution', 'Description' = %q This module exploits an unauthenticated command injection vulnerability found in...
nopCommerce Store 4.30 Cross Site Scripting
Exploit Title: nopCommerce Store 4.30 - 'name' Stored Cross-Site Scripting Date: 24-11-2020 Exploit Author: Hemant Patidar HemantSolo Vendor Homepage: https://www.nopcommerce.com/ Version: 4.30 Tested on: Windows 10/Kali Linux Stored Cross-site scriptingXSS: Stored XSS, also known as persistent...
Seowon 130-SLC 1.0.11 Remote Code Execution
Exploit Title: Seowon 130-SLC router 1.0.11 - 'ipAddr' RCE Authenticated Date: 5 Aug 2020 Exploit Author: maj0rmil4d Vendor Homepage: http://www.seowonintech.co.kr/en/ Hardware Link: http://www.seowonintech.co.kr/en/product/detail.asp?num=150&bigkindB05&middlekindB0529 Version: 1.0.11 Possibly al...
OpenCart 3.0.3.6 Cross Site Scripting
Exploit Title: OpenCart 3.0.3.6 - 'subject' Stored Cross-Site Scripting Date: 24-11-2020 Exploit Author: Hemant Patidar HemantSolo Vendor Homepage: https://www.opencart.com/ Software Link: https://www.opencart.com/index.php?route=cms/download Version: 3.0.3.6 Tested on: Windows 10/Kali Linux Stor...
Apache OpenMeetings 5.0.0 Denial Of Service
Exploit Title: Apache OpenMeetings 5.0.0 - 'hostname' Denial of Service Google Dork: "Apache OpenMeetings DOS" Date: 2020-08-28 Exploit Author: SunCSR ThienNV - Sun Cyber Security Research Vendor Homepage: https://openmeetings.apache.org/ Software Link: https://openmeetings.apache.org/ Version:...
ZTE MF253V 1.0.0B04 XSS / CSRF / Hardcoded Password
SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Multiple Vulnerabilities product: ZTE WLAN router MF253V vulnerable version: V1.0.0B04 fixed version: V1.0.0B05 CVE number: impact: Medium homepage: https://www.zte.com.c...
TP-Link TL-WA855RE V5_200415 Device Reset Authentication Bypass
Exploit Title: TP-Link TL-WA855RE V5200415 - Device Reset Auth Bypass Date: 2020/07/29 Exploit Author: malwrforensics Vendor Homepage: https://tp-link.com Software link: https://static.tp-link.com/2020/202004/20200430/TL-WA855REV5200415.zip Version: TL-WA855REUSV5200415 Tested on: N/A CVE :...
LifeRay 7.2.1 GA2 Cross Site Scripting
Exploit Title: LifeRay 7.2.1 GA2 - Stored XSS Date: 10/05/2020 Exploit Author: 3ndG4me Vendor Homepage: https://www.liferay.com/ Software Link: https://www.liferay.com/ Version: 7.1.0 - 7.2.1 GA2 REQUIRED Tested on: Debian Linux CVE : CVE-2020-7934 Public Exploit/Whitepaper:...
Boxoft Audio Converter 2.3.0 Buffer Overflow
Exploit Title: Boxoft Audio Converter 2.3.0 - '.wav' Buffer Overflow SEH Discovery by: Luis Martinez Discovery Date: 2020-11-22 Vendor Homepage: http://www.boxoft.com/ Software Link: http://www.boxoft.com/audio-converter/a-pdf-bac.exe Tested Version: 2.3.0 Vulnerability Type: Local Buffer Overflo...
Barco wePresent Insecure Firmware Image
KL-001-2020-009 : Barco wePresent Insecure Firmware Image Title: Barco wePresent Insecure Firmware Image Advisory ID: KL-001-2020-009 Publication Date: 2020.11.20 Publication URL: https://korelogic.com/Resources/Advisories/KL-001-2020-009.txt 1. Vulnerability Details Affected Vendor: Barco Affect...
Barco wePresent Admin Credential Exposure
KL-001-2020-005 : Barco wePresent Admin Credentials Exposed In Plain-text Title: Barco wePresent Admin Credentials Exposed In Plain-text Advisory ID: KL-001-2020-005 Publication Date: 2020.11.20 Publication URL: https://korelogic.com/Resources/Advisories/KL-001-2020-005.txt 1. Vulnerability Detai...
Barco wePresent Global Hardcoded Root SSH Password
KL-001-2020-008 : Barco wePresent Global Hardcoded Root SSH Password Title: Barco wePresent Global Hardcoded Root SSH Password Advisory ID: KL-001-2020-008 Publication Date: 2020.11.20 Publication URL: https://korelogic.com/Resources/Advisories/KL-001-2020-008.txt 1. Vulnerability Details Affecte...
Free MP3 CD Ripper 2.8 Buffer Overflow
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "Free MP3 CD Ripper 2.6 %q This module exploits a buffer overflow in Free MP3 CD Ripper versions 2.6 and 2.8. By constructing a specially crafted...
Wonder CMS 3.1.3 Cross Site Scripting
Exploit Title: WonderCMS 3.1.3 - 'content' Persistent Cross-Site Scripting Date: 20-11-2020 Exploit Author: Hemant Patidar HemantSolo Vendor Homepage: https://www.wondercms.com/ Version: 3.1.3 Tested on: Windows 10/Kali Linux Stored Cross-site scriptingXSS: Stored XSS, also known as persistent XS...
Barco wePresent Authentication Bypass
KL-001-2020-006 : Barco wePresent Authentication Bypass Title: Barco wePresent Authentication Bypass Advisory ID: KL-001-2020-006 Publication Date: 2020.11.20 Publication URL: https://korelogic.com/Resources/Advisories/KL-001-2020-006.txt 1. Vulnerability Details Affected Vendor: Barco Affected...
IBM Tivoli Storage Manager 5.2.0.1 Buffer Overflow
Exploit Title: IBM Tivoli Storage Manager Command Line Administrative Interface 5.2.0.1 - id' Field Stack Based Buffer Overflow Exploit Author: Paolo Stagno aka VoidSec Vendor Homepage: https://www.ibm.com/support/knowledgecenter/en/SSGSG77.1.0/com.ibm.itsm.tsm.doc/welcome.html Version: 5.2.0.1...
Zortam MP3 Media Studio 27.60 Remote Code Execution
Exploit Title: Zortam Mp3 Media Studio 27.60 - Remote Code Execution SEH Date: November 19, 2020 Exploit Author: Vincent Wolterman Vendor Homepage: https://www.zortam.com/index.html Software Link: https://www.zortam.com/download.html Version: 27.60 Tested on: Windows 7 Professional SP 1 Build 760...
Barco wePresent Undocumented SSH Interface
KL-001-2020-007 : Barco wePresent Undocumented SSH Interface Accessible Via Web UI Title: Barco wePresent Undocumented SSH Interface Accessible Via Web UI Advisory ID: KL-001-2020-007 Publication Date: 2020.11.20 Publication URL: https://korelogic.com/Resources/Advisories/KL-001-2020-007.txt 1...
Barco wePresent Hardcoded API Credentials
KL-001-2020-004 : Barco wePresent Hardcoded API Credentials Title: Barco wePresent Hardcoded API Credentials Advisory ID: KL-001-2020-004 Publication Date: 2020.11.20 Publication URL: https://korelogic.com/Resources/Advisories/KL-001-2020-004.txt 1. Vulnerability Details Affected Vendor: Barco...
NetSurveillance Unauthorized Password Change
Exploit Title: NetSurveillance Web interface password change Google Dork: Date: 20.10.2020 Exploit Author: AsCiI Vendor Homepage: Software Link: Version: V4.02.R11.00000140.10001.131900.00000 maybe other Tested on: V4.02.R11.00000140.10001.131900.00000 Build Date:2017/12/6 9:4:23 CVE :...
Boxoft Convert Master 1.3.0 Local Buffer Overflow
Exploit Title: Boxoft Convert Master 1.3.0 - 'wav' SEH Local Exploit Date: 17.09.2020 Vendor Homepage: http://www.boxoft.com/ Software Link: http://www.boxoft.com/convert-master/setupboxoft-conver=t-master.exe Exploit Author: Achilles Tested Version: 1.3.0 Tested on: Windows 7 x64 1.- Run python...
Rockwell FactoryTalk View SE SCADA Unauthenticated Remote Code Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Rockwell FactoryTalk View SE SCADA Unauthenticated Remote Code Execution', 'Description' = %q This module exploits a series of vulnerabilities to...
Vtiger CRM 7.0 Cross Site Scripting
Document Title: =============== VTiger v7.0 CRM - To Persistent Email Vulnerability References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2227 Release Date: ============= 2020-11-18 Vulnerability Laboratory ID VL-ID: ==================================== 2227...
Gitlab 12.9.0 Arbitrary File Read
Exploit Title: Gitlab 12.9.0 - Arbitrary File Read Authenticated Google Dork: - Date: 11/15/2020 Exploit Author: Jasper Rasenberg Vendor Homepage: https://about.gitlab.com Software Link: https://about.gitlab.com/install Version: tested on gitlab version 12.9.0 Tested on: Kali Linux 2020.3 You can...
TestBox CFML Test Framework 4.1.0 Directory Traversal
Title: TestBox CFML Test Framework 4.1.0 - Directory Traversal Author: Darren King Date: 2020-07-23 Vendor Homepage: https://www.ortussolutions.com/products/testbox Software Link: https://www.ortussolutions.com/parent/download/testbox?version=3.1.0 Version : 2.3.0 through to 4.1.0 Tested on: Adob...
Fortinet FortiOS 6.0.4 Password Modification
Exploit Title: Fortinet FortiOS 6.0.4 - Unauthenticated SSL VPN User Password Modification Google Dork: intitle:"Please Login" "Use FTM Push" Date: 15/11/2020 Exploit Author: Ricardo Longatto Details: This exploit allow change users password from SSLVPN web portal Vendor Homepage:...
PESCMS TEAM 2.3.2 Cross Site Scripting
Exploit Title: PESCMS TEAM 2.3.2 - Multiple Reflected XSS Date: 2020-11-18 Exploit Author: icekam Vendor Homepage: https://www.pescms.com/ Software Link: https://github.com/lazyphp/PESCMS-TEAM Version: PESCMS Team 2.3.2 CVE: CVE-2020-28092 PESCMS Team 2.3.2 has multiple reflected XSS via the id...
M/Monit 3.7.4 Password Disclosure
Title: M/Monit 3.7.4 - Password Disclosure Author: Dolev Farhi Date: 2020-07-09 Vendor Homepage: https://mmonit.com/ Version : 3.7.4 import sys import requests url = 'http://youriphere:8080' username = 'test' password = 'test123' sess = requests.Session sess.gethost def login: print'Attempting to...
M/Monit 3.7.4 Privilege Escalation
Title: M/Monit 3.7.4 - Privilege Escalation Author: Dolev Farhi Date: 2020-07-09 Vendor Homepage: https://mmonit.com/ Version : 3.7.4 import sys import requests url = 'http://youriphere:8080' username = 'test' password = 'test123' sess = requests.Session sess.gethost def login: print'Attempting t...
Internet Download Manager 6.38.12 Buffer Overflow
Exploit Title: Internet Download Manager 6.38.12 - Scheduler Downloads Scheduler Buffer Overflow PoC Date: November 18, 2020 Exploit Author: Vincent Wolterman Vendor Homepage: http://www.internetdownloadmanager.com/ Software Link: http://www.internetdownloadmanager.com/download.html Version:...
TestBox CFML Test Framework 4.1.0 Arbitrary File Write / Code Execution
Title: TestBox CFML Test Framework 4.1.0 - Arbitrary File Write and Remote Code Execution Author: Darren King Date: 2020-07-23 Vendor Homepage: https://www.ortussolutions.com/products/testbox Software Link: https://www.ortussolutions.com/parent/download/testbox?version=3.1.0 Version : 2.4.0 throu...
Oracle WebLogic Server Administration Console Handle Remote Code Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Oracle WebLogic Server Administration Console Handle RCE', 'Description' = %q This module exploits a path traversal and a Java class instantiatio...
Sokrates SOWA SowaSQL Cross Site Scripting
Title: SOWA.OPAC Reflected Cross Site Scripting Vulnerability Type: Cross Site Scripting XSS Attack Type: Account Hijacking, Credential Theft, Data Leakage Author: Marek Holka Date: 2020-11-08 Vendor: SOKRATES-software Software Link: https://www.demo.sowwwa.pl/sowacgi.php Version: SOWA.OPAC all...
xuucms 3 SQL Injection
Exploit Title: xuucms 3 - 'keywords' SQL Injection Date: 2020-11-18 Exploit Author: icekam Vendor Homepage: https://www.cxuu.top/ Software Link: https://github.com/cbkhwx/cxuucmsv3 Version: cxuucms - v3 CVE : CVE-2020-28091 SQL injection exists in search.php. For details, please refer to:...
Gemtek WVRTM-127ACN 01.01.02.141 Command Injection
Exploit Title: Gemtek WVRTM-127ACN 01.01.02.141 - Authenticated Arbitrary Command Injection Date: 13/09/2020 Exploit Author: Gabriele Zuddas Version: 01.01.02.127, 01.01.02.141 CVE : CVE-2020-24365 Service Provider : Linkem Product Name : LTE CPE Model ID : WVRTM-127ACN Serial ID : GMK17041801108...
Nagios Log Server 2.1.7 Cross Site Scripting
Exploit Title: Nagios Log Server 2.1.7 - 'snapshotname' Persistent Cross-Site Scripting Date: 31.08.2020 Exploit Author: Emre ÖVÜNÇ Vendor Homepage: https://www.nagios.com/ Software Link: https://www.nagios.com/products/nagios-log-server/ Version: 2.1.7 Tested on: Linux/ISO Link:...
WordPress WP Forms 1.6.3.1 Cross SIte Scripting
Exploit Title : Wordpress Plugin WPForms 1.6.3.1 - Persistent Cross Site Scripting Authenticated Exploit Author : ZwX Exploit Date : 2020-10-23 Vendor Homepage : https://wpforms.com/ Download Plugin : https://downloads.wordpress.org/plugin/wpforms-lite.1.6.3.1.zip + Description Vulnerability:...