Docker Privileged Container Escape

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework POC modified from https://blog.trailofbits.com/2019/07/19/understanding-docker-container-escapes/ class MetasploitModule 'Docker Privileged Container Escape',...

Online Shopping Alphaware 1.0 Unauthorized Administrative Access

Exploit Title: Online Shopping Alphaware 1.0 - Unauthorized Admin Page Access Date: 2020-8-4 Exploit Author: Edo Maland Vendor Homepage: https://www.sourcecodester.com/php/14368/online-shopping-alphaware-phpmysql.html Software Link:...

ACTi NVR3 Standard / Professional Server 3.0.12.42 Denial Of Service

Exploit Title: ACTi NVR3 Standard or Professional Server 3.0.12.42 - Denial of Service PoC Date: 2020-08-04 Exploit Author: MegaMagnus Vendor Homepage: https://www.acti.com/ Software Link: https://www.acti.com/DownloadCenter Version: V.3.0.12.42 , V.2.3.04.07 Tested on: Windows 7, Windows 10 CVE:...

Daily Expenses Management System 1.0 SQL Injection

Exploit Title: Daily Expenses Management System 1.0 - Multiple SQL Injection Vulnerabilty Date: 2020-8-5 Exploit Author: Edo Maland Vendor Homepage: https://www.sourcecodester.com/php/14372/daily-tracker-system-phpmysql.html Software Link:...

Online Shopping Alphaware 1.0 Cross Site Request Forgery

Exploit Title: Online Shopping Alphaware 1.0 - Cross-Site Request Forgery Account Takeover Date: 2020-8-4 Exploit Author: Edo Maland Vendor Homepage: https://www.sourcecodester.com/php/14368/online-shopping-alphaware-phpmysql.html Software Link:...

Daily Expenses Management System 1.0 Cross SIte Request Forgery

Exploit Title: Daily Expenses Management System 1.0 - Cross-Site Request Forgery Date: 2020-8-5 Exploit Author: Edo Maland Vendor Homepage: https://www.sourcecodester.com/php/14372/daily-tracker-system-phpmysql.html Software Link:...

Online Shopping Alphaware 1.0 Insecure Direct Object Reference

Exploit Title: Online Shopping Alphaware 1.0 - 'Summary' Insecure Direct Object Reference Authenticated Date: 2020-8-4 Exploit Author: Edo Maland Vendor Homepage: https://www.sourcecodester.com/php/14368/online-shopping-alphaware-phpmysql.html Software Link:...

Online Shopping Alphaware 1.0 SQL Injection

Exploit Title: Online Shopping Alphaware 1.0 - Multiple SQL Injection Vulnerabilty Date: 2020-8-4 Exploit Author: Edo Maland Vendor Homepage: https://www.sourcecodester.com/php/14368/online-shopping-alphaware-phpmysql.html Software Link:...

Online Shopping Alphaware 1.0 Cross Site Scripting

Exploit Title: Online Shopping Alphaware 1.0 - 'Edit Customer Account' Persistent Cross-Site Scripting Authenticated Date: 2020-8-4 Exploit Author: Edo Maland Vendor Homepage: https://www.sourcecodester.com/php/14368/online-shopping-alphaware-phpmysql.html Software Link:...

Daily Expenses Management System 1.0 SQL Injection

Exploit Title: Daily Expenses Management System 1.0 - 'username' SQL Injection Exploit Author: Daniel Ortiz Date: 2020-08-01 Vendor Homepage: https://www.sourcecodester.com/php/14372/daily-tracker-system-phpmysql.html Tested on: XAMPP Version 5.6.40 / Windows 10 Software Link:...

Pi-hole 4.3.2 Remote Code Execution

!/usr/bin/env python2 Exploit Title: Pi-hole 4.3.2 - Remote Code Execution Authenticated Date: 2020-08-04 Exploit Author: Luis Vacas @CyberVaca Vendor Homepage: https://pi-hole.net/ Software Link: https://github.com/pi-hole/pi-hole Version: = 4.3.2 Tested on: Ubuntu 19.10 CVE : CVE-2020-8816...

Car Rental Management System 1.0 Cross Site Scripting

Exploit Title: Car Rental Management System v1.0 - Persistent Cross-Site Scripting Unauthenticated Exploit Author: Adeeb Shah @hyd3sec Date: August 3, 2020 Vendor Homepage: https://projectsworld.in/ Software Link:...

Car Rental Management System 1.0 Remote Code Execution

Exploit Title: Car Rental Management System v1.0 - Unauthenticated RCE Exploit Author: Adeeb Shah @hyd3sec Shout out: Bobby Cooke boku Date: August 3, 2020 Vendor Homepage: https://projectworlds.in Software Link:...

RTSP For iOS 1.0 Denial Of Service

Exploit Title: RTSP for iOS 1.0 - 'IP Address' Denial of Service PoC Author: Luis Martinez Discovery Date: 2020-08-03 Vendor Homepage: https://appadvice.com/app/rtsp-viewer/1056996189 Software Link: App Store for iOS devices Tested Version: 1.0 Vulnerability Type: Denial of Service DoS Local Test...

Mocha Telnet Lite For iOS 4.2 Denial Of Service

Exploit Title: Mocha Telnet Lite for iOS 4.2 - 'User' Denial of Service PoC Discovery by: Luis Martinez Discovery Date: 2020-08-03 Vendor Homepage: https://apps.apple.com/us/app/telnet-lite/id286893976 Software Link: App Store for iOS devices Tested Version: 4.2 Vulnerability Type: Denial of...

Gantt-Chart For Jira 5.5.3 Missing Privilege Check

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Advisory ID: SYSS-2020-029 Product: Jira module "Gantt-Chart for Jira" Manufacturer: Frank Polscheit - Solutions & IT-Consulting Affected Versions: =5.5.3 Tested Versions: 5.5.3 Vulnerability Type: Improper Privilege Management CWE-269 Risk Level:...

Documalis Free PDF Editor 5.7.2.26 / Documalis Free PDF Scanner 5.7.2.122 Buffer Overflow

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Documalis Free PDF Editor and Scanner JPEG Stack Buffer Overflow', 'Description' = %q Documalis Free PDF Editor version 5.7.2.26 and Documalis Fr...

Gantt-Chart For Jira 5.5.4 Cross Site Scripting

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Advisory ID: SYSS-2020-030 Product: Jira module "Gantt-Chart for Jira" Manufacturer: Frank Polscheit - Solutions & IT-Consulting Affected Versions: alert'XSS'...

Umbraco CMS 7.12.4 Remote Code Execution

Exploit Title: Umbraco CMS - Authenticated Remote Code Execution Date: 2020-03-28 Exploit Author: Alexandre ZANNI noraj Based on: https://www.exploit-db.com/exploits/46153 Vendor Homepage: http://www.umbraco.com/ Software Link: https://our.umbraco.com/download/releases Version: 7.12.4 Category:...

Mara CMS 7.5 Cross Site Scripting

============================================================================== | Title : Mara CMS 7.5 Cross Site Scripting | | Author : George Tsimpidas | | Tested on : Kali Linux X64 | | Vendor : https://sourceforge.net/projects/maracms/ |...

Stock Management System 1.0 Cross Site Scripting

Exploit Title: Stock Management System v1.0 - Cross-Site Scripting Credential Harvester Login-Portal Exploit Author: Bobby Cooke Date: 2020-08-01 Vendor Homepage: https://www.sourcecodester.com/php/14366/stock-management-system-php.html Software Link:...

Stock Management System 1.0 Cross Site Request Forgery

Exploit Title: Stock Management System v1.0 - Cross-Site Request Forgery Change Username Exploit Author: Bobby Cooke Date: 2020-08-01 Vendor Homepage: https://www.sourcecodester.com/php/14366/stock-management-system-php.html Software Link:...

October CMS Build 465 XSS / File Read / File Deletion / CSV Injection

October CMS = Build 465 Multiple Vulnerabilities Author - Sivanesh Ashok | @sivaneshashok | stazot.com Date : 2020-03-31 Vendor : https://octobercms.com/ Version : = Build 465 Tested on : Build 465 CVE : CVE-2020-5295, CVE-2020-5296, CVE-2020-5297, CVE-2020-5298, CVE-2020-5299, CVE-2020-11083 Las...

Stock Management System 1.0 Cross Site Scripting

Exploit Title: Stock Management System 1.0 - Persistent Cross-Site Scripting Brand Name Exploit Author: Adeeb Shah @hyd3sec Date: August 2, 2020 Vendor Homepage: https://www.sourcecodester.com/ Software Link: https://www.sourcecodester.com/php/14366/stock-management-system-php.html Version: 1.0...

OpenEMR 5.0.1 Remote Code Execution

!/usr/bin/env ruby Title: OpenEMR --shell --user --password --debug FILE semi-auto --root-url --user --password --payload --lhost --lport --debug FILE auto --root-url --user --password --lhost --lport --debug FILE -H | --help Options: -r , --root-url Root URL base path including HTTP scheme, port...

BacklinkSpeed 2.4 Buffer Overflow

!/usr/bin/python ''' Exploit Title: BacklinkSpeed v2.4 Buffer Overflow PoC SEH Date: Aug-01-2020 Exploit Author: Saeed reza Zamanian Vendor Homepage: http://www.dummysoftware.com Software Link: http://www.dummysoftware.com/backlinkspeed.html Version: 2.4 Tested on: Windows 10.0 x64 Build 10240...

Stock Management System 1.0 SQL Injection

Exploit Title: Stock Management System 1.0 - Authentication Bypass Exploit Author: Adeeb Shah @hyd3sec Date: August 1, 2020 Vendor Homepage: https://www.sourcecodester.com/ Software Link: https://www.sourcecodester.com/php/14366/stock-management-system-php.html Version: 1.0 Tested On: Windows 10...

Microsoft Windows Win32k Privilege Escalation

Exploit Title: Elevation of Privilege Author: nu11secur1ty Date: 08.03.2020 Exploit Date: 01/14/2020 Vendor: Microsoft Software Link: https://support.microsoft.com/en-us/help/3095649/win32k-sys-update-in-windows-october-2015 Exploit link:...

CloudMe 1.11.2 SEH Buffer Overflow

import socket import sys target = "127.0.0.1" Written by : lutzenfried Clement Cruchet Exploiting CloudMe 1.11.2 Publisher : CloudMe AB Windows x64 10.0.18362 Build 18362 Buffer Overflow using SEH overwritten technic POP POP RET Exploit for CVE-2018-6892 Technical information used for exploit...

All-Dynamics Software enlogic:show Digital Signage System 2.0.2 CSRF

Grants the user the gl...

All-Dynamics Software enlogic:show Digital Signage System 2.0.2 Session Fixation

All-Dynamics Software enlogic:show Digital Signage System 2.0.2 Session Fixation Vendor: All-Dynamics Software GmbH Vendor web page: https://www.all-dynamics.de Product web page: https://www.enlogic-show.com Affected version: 2.0.2 Build 2098 ILP32W 0/1/3/1597919619 Summary: Bring communication...

Online Bike Rental 1.0 Shell Upload

Exploit Title: Online Bike Rental 1.0 - Authenticated Remote Code Execution Exploit Author: Adeeb Shah @hyd3sec & Bobby Cooke boku Vulnerability Discovery: Adeeb Shah @hyd3sec Date: 2020-07-31 Vendor Homepage: ttps://www.sourcecodester.com/php/14374/online-bike-rental-phpmysql.html Software Link:...

SharePoint DataSet / DataTable Deserialization

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'SharePoint DataSet / DataTable Deserialization', 'Description' = %q A remotely exploitable vulnerability exists within SharePoint that can be...

CA Unified Infrastructure Management Nimsoft 7.80 Buffer Overflow

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'CA Unified Infrastructure Management Nimsoft 7.80 - Remote Buffer Overflow', 'Description' = %q This module exploits a buffer overflow within the...

Online Shopping Alphaware 1.0 SQL Injection

Title: Online Shopping Alphaware 1.0 - Authentication Bypass Exploit Author: Ahmed Abbas Date: 2020-07-28 Vendor Homepage: https://www.sourcecodester.com/php/14368/online-shopping-alphaware-phpmysql.html Software Link:...

Daily Tracker System 1.0 SQL Injection

Exploit Title: Daily Tracker System 1.0 - Authentication Bypass Exploit Author: Adeeb Shah @hyd3sec Credit to Bobby Cooke Date: July 29th, 2020 Vendor Homepage: https://www.sourcecodetester.com Software Link:...

Online Bike Rental 1.0 Shell Upload

Exploit Title: Online Bike Rental v1.0 – Authenticated Arbitrary File Upload / Remote Code Execution Date: July 31, 2020 Exploit Author: Adeeb Shah @hyd3sec Vendor Homepage: https:/www.sourcecodester.com Software Link: https://www.sourcecodester.com/php/14374/online-bike-rental-phpmysql.html...

Daily Tracker System 1.0 Cross Site Scripting

Exploit Title: Daily Tracker System v1.0 - Reflected Cross Site Scripting XSS Exploit Author: Adeeb Shah Date: July 30th, 2020 Vendor Homepage: https://www.sourcecodester.com/ Software Link: https://www.sourcecodester.com/download-code?nid=14372&title=Daily+Tracker+System+in+PHP%2FMySQL Version:...

FreeBSD ip6_setpktopt Use-After-Free Privilege Escalation

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'FreeBSD ip6setpktopt Use-After-Free Privilege Escalation', 'Description' = %q This module exploits a race and use-after-free vulnerability in the...

Namirial SIGNificant SignAnyWhere 6.10.x Cross Site Scripting

SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Stored Cross-Site Scripting XSS Vulnerability product: Namirial SIGNificant SignAnyWhere vulnerable version: v6.10.60.25434 SSP v4.22.60.25434 v6.10.100.25817 SSP...

Baldr Botnet Panel Shell Upload

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Baldr Botnet Panel Shell Upload Exploit', 'Description' = %q This module exploits a arbitrary file upload vulnerability within the Baldr stealer...

WordPress Maintenance Mode By SeedProd 5.1.1 Cross Site Scripting

Exploit Title: Wordpress Plugin Maintenance Mode by SeedProd 5.1.1 - Persistent Cross-Site Scripting Date: 2020-06-22 Vendor Homepage: https://www.seedprod.com/ Vendor Changelog: https://wordpress.org/plugins/coming-soon/developers Exploit Author: Jinson Varghese Behanan @JinsonCyberSec Author...

Cisco Adaptive Security Appliance Software 9.11 Local File Inclusion

Exploit Title: Cisco Adaptive Security Appliance Software 9.11 - Local File Inclusion Google Dork: inurl:/+CSCOE+/ Date: 2020-08-27 Exploit Author: 0xmmnbassel Vendor Homepage: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-ro-path-KJuQhB86 Version: Cisco AS...

Cisco Adaptive Security Appliance Software 9.7 Arbitrary File Deletion

Exploit Title: Cisco Adaptive Security Appliance Software 9.7 - Unauthenticated Arbitrary File Deletion Google Dork: inurl:/+CSCOE+/ Date: 2020-08-27 Exploit Author: 0xmmnbassel Vendor Homepage: https://www.cisco.com/c/en/us/products/security/asa-firepower-services/index.htmlmodels Version: Cisco...

INNEO Startup TOOLS 2018 M040 13.0.70.3804 Remote Code Execution

Exploit Title: INNEO Startup TOOLS 2018 M040 13.0.70.3804 - Remote Code Execution Date: 2020-07-23 Exploit Author: Patrick Hener, SySS GmbH Many credits go to Dr. Benjamin Heß, SySS GmbH for helping with php oddities and the powershell payload Advisory: SYSS-2020-028...

Socket.io-file 2.0.31 Arbitrary File Upload

Exploit Title: Socket.io-file 2.0.31 - Arbitrary File Upload Date: 2020-07-02 Exploit Author: Cr0wTom Vendor Homepage: https://www.npmjs.com/package/socket.io-file Software Link: https://www.npmjs.com/package/socket.io-file/v/2.0.31 Version: = v2.0.31 Tested on: node v10.19.0, Socket.io-file...

Virtual Airlines Manager 2.6.2 Cross Site Scripting

Exploit Title: Virtual Airlines Manager 2.6.2 - Persistent Cross-Site Scripting Google Dork: inurl:"/vam/indexvamop.php" Date: 2020-06-29 Exploit Author: Peter Blue Vendor Homepage: https://virtualairlinesmanager.net Software Link: https://virtualairlinesmanager.net Version: 2.6.2 Tested on: Linu...

pfSense 2.4.4-p3 Cross Site Request Forgery

Exploit Title: pfSense 2.4.4-p3 - Cross-Site Request Forgery Date: 2019-09-27 Exploit Author: ghostfh Vendor Homepage: https://www.pfsense.org/ Software Link: https://www.pfsense.org/download/index.html?section=downloads Version: Till 2.4.4-p3 Tested on: freebsd CVE : CVE-2019-16667 Vulnerability...

MAMP PRO 4.2.0 Local Privilege Escalation

Exploit Title: MAMP PRO 4.2.0 Local Privilege Escalation Date: 2020-07-08 Exploit Author: b1nary Vendor Homepage: https://www.mamp.info/ Software Link: https://downloads.mamp.info/MAMP-PRO-WINDOWS/releases/4.2.0/MAMPMAMPPRO4.2.0.exe Version: 4.2.0 Tested on: Windows 10 Pro x64 Version 10.0.19041...

Socusoft Photo To Video Converter Professional 8.07 Buffer Overflow

Exploit Title: Socusoft Photo to Video Converter Professional 8.07 - 'Output Folder' Buffer Overflow SEH Egghunter Date: 2020-07-23 Exploit Author: MasterVlad Vendor Homepage: http://www.dvd-photo-slideshow.com/photo-to-video-converter.html Software Link:...