56796 matches found
Enalean Tuleap 7.2 - XXE File Disclosure
No description provided by source. Vulnerability title: Tuleap = 7.2 External XML Entity Injection in Enalean Tuleap CVE: CVE-2014-7177 Vendor: Enalean Product: Tuleap Affected version: 7.2 and earlier Fixed version: 7.4.99.5 Reported by: Jerzy Kramarz Details: A multiple XML External Entity...
Xerox Multifunction Printers (MFP) "Patch" DLM Vulnerability
No description provided by source. This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 Msf::Exploit::Remote Rank = GoodRanking include Msf::Exploit::Remote::Tcp def initializeinfo =...
Telefonica O2 Connection Manager 8.7 - Service Trusted Path Privilege Escalation
No description provided by source. Telefonica O2 Connection Manager 8.7 Service Trusted Path Privilege Escalation Vendor: Telefonica S.A. Product web page: http://www.telefonica.com | http://www.o2.co.uk Affected version: 8.7.6.792 Summary: O2 Connection Manager will help you to manage your...
Visual Mining NetCharts Server Remote Code Execution
No description provided by source. This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 Msf::Exploit::Remote Rank = ExcellentRanking include Msf::Exploit::Remote::HttpClient include...
Another Wordpress Classifieds Plugin - SQL Injection
No description provided by source. Exploit Title: Another Wordpress Classifieds Plugin sql injection and Cross Site Scripting Author: dill download: https://wordpress.org/plugins/another-wordpress-classifieds-plugin/Client Webpage: http://awpcp.com/ SQL injection Details: The parameter...
Linux PolicyKit Race Condition Privilege Escalation
No description provided by source. This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class Metasploit4 Msf::Exploit::Local Rank = GreatRanking include Msf::Exploit::EXE include Msf::Post::File include...
Symantec Endpoint Protection 12.1.4023.4080 - Multiple Vulnerabilities
No description provided by source. SEC Consult Vulnerability Lab Security Advisory 20141106-0 ======================================================================= title: XXE & XSS & Arbitrary File Write vulnerabilities product: Symantec Endpoint Protection vulnerable version: 12.1.4023.4080...
CBN CH6640E/CG6640E Wireless Gateway Series Multiple Vulnerabilities
No description provided by source. CBN CH6640E/CG6640E Wireless Gateway Series Multiple Vulnerabilities Vendor: Compal Broadband Networks CBN, Inc. Product web page: http://www.icbn.com.tw Affected version: Model: CH6640 and CH6640E Hardware version: 1.0 Firmware version: CH6640-3.5.11.7-NOSH Boo...
Microsoft Bluetooth Personal Area Networking (BthPan.sys) Privilege Escalation
No description provided by source. This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' require 'msf/core/exploit/local/windowskernel' require 'rex' class Metasploit3 Msf::Exploit::Local Rank =...
MS Office 2007 and 2010 - OLE Arbitrary Command Execution
No description provided by source. Full exploit: http://www.exploit-db.com/sploits/35216.rar CVE-2014-6352 OLE Remote Code Execution Author Abhishek Lyall - abhilyallatgmaildotcom, infoataslitsecuritydotcom Advanced Hacking Trainings - http://training.aslitsecurity.com Web -...
Magento Server MAGMI Plugin - Remote File Inclusion (RFI)
No description provided by source. Exploit found date: 10/24/2014 Security Researcher name: Parvinder Bhasin Contact info: [email protected] twitter: @parvinderb - scorpio Currently tested version: Magento version: Magento CE - 1.8 older MAGMI version: v0.7.17a older Download software...
Dell SonicWall GMS 7.2.x - Code Injection
No description provided by source. Document Title: =============== Dell SonicWall GMS v7.2.x - Persistent Web Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1222 Release Date: ============= 2014-10-21 Vulnerability Laboratory ID VL-ID:...
PayPal Inc BB #85 MB iOS 4.6 - Auth Bypass Vulnerability
No description provided by source. Document Title: =============== PayPal Inc BB 85 MB iOS 4.6 - Auth Bypass Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=895 PayPal Security UID: Vxda0S Video:...
X7 Chat 2.0.5 lib/message.php preg_replace() PHP Code Execution
No description provided by source. This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 Msf::Exploit::Remote Rank = ExcellentRanking include Msf::Exploit::Remote::HttpClient include...
Drupal < 7.32 Pre Auth SQL Injection
No description provided by source. ?php // // / / / // / / // \ / / /// / / / / / / / / / // / / / , / // / // / / / / // / / / // ////||//// ///// /// // Poc for Drupal Pre Auth SQL Injection - c 2014 SektionEins // // created by Stefan Horst [email protected] // and Stefan Esser...
VMware Workstations 10.0.0.40273 vmx86.sys Arbitrary Kernel Read
No description provided by source. Title: VMWare vmx86.sys Arbitrary Kernel Read Advisory ID: KL-001-2014-004 Publication Date: 2014.11.04 Publication URL: https://www.korelogic.com/Resources/Advisories/KL-001-2014-004.txt 1. Vulnerability Details Affected Vendor: VMWare Affected Product:...
Belkin n750 jump login Parameter Buffer Overflow
No description provided by source. """ Source: https://labs.integrity.pt/articles/from-0-day-to-exploit-buffer-overflow-in-belkin-n750-cve-2014-1635/ A vulnerability in the guest network web interface of the Belkin N750 DB Wi-Fi Dual-Band N+ Gigabit Router with firmware F9K1103WW1.10.16m, allows ...
Drupal Core <= 7.32 - SQL Injection (#2)
No description provided by source. !/usr/bin/python Drupal 7.x SQL Injection SA-CORE-2014-005 https://www.drupal.org/SA-CORE-2014-005 Inspired by yukyuk's P.o.C https://www.reddit.com/user/fyukyuk Tested on Drupal 7.31 with BackBox 3.x This material is intended for educational purposes only and t...
ZTE ZXDSL 831CII - Insecure Direct Object Reference
No description provided by source. Exploit Title: ZTE ZXDSL 831 Insecure Direct Object Reference Date: 11/3/2014 Exploit Author: Paulos Yibelo Vendor Homepage: zte.com.cn Software Link: - Version: - Tested on: Windows 7 CVE :- ZTE ZXDSL 831CII suffers from an insecure direct object reference...
Windows OLE Package Manager SandWorm Exploit
No description provided by source. !/usr/bin/env python import os import zipfile import sys ''' Full Exploit: http://www.exploit-db.com/sploits/35019.tar.gz Very quick and ugly SandWorm CVE-2014-4114 exploit builder Exploit Title: CVE-2014-4114 SandWorm builder Built to run on: Linux/MacOSX Date:...
HttpCombiner ASP.NET - Remote File Disclosure Vulnerability
No description provided by source. Exploit Title: HttpCombiner ASP.NET Remote File Disclosure Vulnerability Google Dork: filetype:txt intext:HttpCombiner.ashx Date: 2014-10-10 Exploit Author: Hoang Anh Thai Vendor Homepage:...
Folder Plus 2.5.1 iOS - Persistent XSS Vulnerability
No description provided by source. Document Title: =============== Folder Plus v2.5.1 iOS - Persistent Item Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1348 Release Date: ============= 2014-10-24 Vulnerability Laboratory ID VL-ID:...
Mac OS X Mavericks IOBluetoothHCIUserClient Privilege Escalation
No description provided by source. / pwn.c, by @rpaleari and @joystick This PoC exploits a missing sign check in IOBluetoothHCIUserClient::SimpleDispatchWL. Tested on Mac OS X Mavericks 10.9.4/10.9.5. Compile with: gcc -Wall -o pwn,.c -framework IOKit / include stdio.h include string.h include...
ManageEngine OpManager, Social IT Plus and IT360 - Multiple Vulnerabilities
No description provided by source. Multiple vulnerabilities in ManageEngine OpManager, Social IT Plus and IT360 Discovered by Pedro Ribeiro [email protected], Agile Information Security ========================================================================== Disclosure: 27/09/2014 1 and 2,...
IBM Tivoli Monitoring 6.2.2 kbbacf1 - Privilege Escalation
No description provided by source. !/bin/sh Title: IBM Tivoli Monitoring V6.2.2 kbbacf1 privilege escalation exploit CVE: CVE-2013-5467 Vendor Homepage: http://www-03.ibm.com/software/products/pl/tivomoni Author: Robert Jaroszuk Tested on: RedHat 5, Centos 5 Vulnerable version: IBM Tivoli...
Wordpress CP Multi View Event Calendar 1.01 - SQL Injection
No description provided by source. Exploit Title : CP Multi View Event Calendar 1.01 SQL Injection Vulnerability Exploit Author : Claudio Viviani Software Link : https://downloads.wordpress.org/plugin/cp-multi-view-calendar.zip Date : 2014-10-23 Tested on : Windows 7 / Mozilla Firefox Windows 7 /...
ThinkSNS微吧储存型XSS(无视WAF,无过滤插入任意代码)
简要描述: ThinkSNS微吧储存型XSS无视WAF,无任何过滤,可插入任意代码 官网demo测试。 详细说明: 进入http://demo.thinksns.com/t3/weiba 发布新贴, 在正文里面输入HTML转码后的脚本,例如: alert1; HTML编码后为: 即为我们要加到正文的内容。 确定之后即可看到脚本被执行了。 看看代码: apps/weiba/Lib/Action/IndexAction.class.php 413 public function postDetail 414 $postid = intval$GET'postid'; 415...
OpenBSD <= 5.5 - Local Kernel Panic
No description provided by source. / tenochtitlan.c OpenBSD = 5.5 Local Kernel Panic by Alejandro Hernandez @nitr0usmx Advisory and technical details: http://www.ioactive.com/pdfs/IOActiveAdvisoryOpenBSD55LocalKernelPanic.pdf Fix: http://www.openbsd.org/errata55.html013kernexec This PoC works onl...
vBulletin Tapatalk - Blind SQL Injection
No description provided by source. !/usr/bin/env python -- coding: utf-8 -- ''' @author: tintinweb 0x721427D8 ''' import urllib2, urllib import xmlrpclib,re, urllib2,string,itertools,time from distutils.version import LooseVersion class Exploitobject: def initself, target, debug=0 :...
Creative Contact Form - Arbitrary File Upload
No description provided by source. ========================================================== "Creative Contact Form - The Best WordPress Contact Form Builder" - Arbitrary File Upload Author: Gianni Angelozzi Date: 08/10/2014 Remote: Yes Vendor Homepage:...
Dell EqualLogic Storage - Directory Traversal
No description provided by source. Exploit Title: Remote Directory Traversal exploit for Dell EqualLogic 6.0 Storage Date: 09/2013 Exploit Author: Mauricio Pampim Corr�a Vendor Homepage: www.dell.com Version: 6.0 Tested on: Equipment Model Dell EqualLogic PS4000 CVE : CVE-2013-3304 The malicious...
WebDisk+ 2.1 iOS - Code Execution Vulnerability
No description provided by source. Document Title: =============== WebDisk+ v2.1 iOS - Code Execution Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1349 Release Date: ============= 2014-10-23 Vulnerability Laboratory ID VL-ID:...
Drupal Core <= 7.32 - SQL Injection (PHP)
No description provided by source. ?php ----------------------------------------------------------------------------- Exploit Title: Drupal core 7.x - SQL Injection Date: Oct 16 2014 Exploit Author: Dustin Dörr Software Link: http://www.drupal.com/ Version: Drupal core 7.x versions prior to 7.32...
WordPress SupportEzzy Ticket System Plugin 1.2.5 - Stored XSS Vulnerability
No description provided by source. Exploit Title: SupportEzzy Ticket System - WordPress Plugin Stored XSS Vulnerability Date: 12-10-2014 Exploit Author: Halil Dalabasmaz Version: v1.2.5 Vendor Homepage: http://codecanyon.net/item/supportezzy-ticket-system-wordpress-plugin/8908617 Software Test...
Enalean Tuleap 7.4.99.5 - Remote Command Execution
No description provided by source. Vulnerability title: Tuleap = 7.4.99.5 Remote Command Execution in Enalean Tuleap CVE: CVE-2014-7178 Vendor: Enalean Product: Tuleap Affected version: 7.4.99.5 and earlier Fixed version: 7.5 Reported by: Jerzy Kramarz Details: Tuleap does not validate the syntax...
Typo3 JobControl 2.14.0 - Cross Site Scripting / SQL Injection
No description provided by source. Mogwai Security Advisory MSA-2014-02 ---------------------------------------------------------------------- Title: JobControl dmmjobcontrol Multiple Vulnerabilities Product: dmmjobcontrol Typo3 Extension Affected versions: 2.14.0 Impact: high Remote: yes Product...
Who's Who Script - CSRF Exploit (Add Admin Account)
No description provided by source. Title : Who's Who Script CSRF Exploit Add Admin Account Author : ZoRLu / [email protected] / [email protected] Home : http://milw00rm.com / its online Date : 30.10.2014 Demo : http://demo.phpscriptlerim.com/free/whoswho/ Download1 :...
Drupal Core <= 7.32 - SQL Injection (#1)
No description provided by source...
IP.Board 3.4.x /interface/ipsconnect/ipsconnect.php SQL注入漏洞
No description provided by source...
ZTE ZXDSL-931VII - Unauthenticated Configuration Dump
No description provided by source. Exploit Title: ZTE ZXDSL-931VII Unauthenticated Configuration Dump Google Dork: use your imagination Date: 09-12-2014 Exploit Author: L0ukanik0sGR Vendor Homepage: www.zte.com.cn Software Link:...
BiWEB最新商城版搜索型注入多枚
简要描述: BiWEB最新商城版搜索型注入多枚 详细说明: 在wooyun上看到了有人提了BiWEB的一个XSS漏洞: WooYun: BIWEB商城版XSS盲打cookie ,也有人提了SQL注入,我也来找找它的漏洞吧。去官网下BiWEB商城版最新的5.8.4来看看。发现BiWEB有多处搜索,都存在注入漏洞。 看看搜索处是怎么处理的。BiWEB首先对GET和POST进行了过滤,/config/filtrate.inc.php 这里就先不说这种过滤的脑残之处了。 继续往下看,BiWEB有所有搜索处都存在同样的注入问题。举一例来说。/search.php 无关代码...
Mulesoft ESB Runtime 3.5.1 - Privilege Escalation Vulnerability
No description provided by source. Mulesoft ESB Runtime 3.5.1 Authenticated Privilege Escalation → Remote Code Execution Mulesoft ESB Runtime 3.5.1 allows any arbitrary authenticated user to create an administrator user due to a lack of permissions check in the handler/securityService.rpc endpoin...
Mini-stream RM-MP3 Converter 3.1.2.1.2010.03.30 - (.wax) Buffer Overflow/DoS EIP Overwrite
No description provided by source. EDB Note: DoS - b0f isn't working. Title : Mini-stream RM-MP3 Converter 3.1.2.1.2010.03.30 .wax Buffer Overflow Author : ZoRLu / [email protected] / [email protected] Home : http://milw00rm.com / its online Date : 28.10.2014 Python : V 2.7 Thks :...
Windows OLE - Remote Code Execution "Sandworm" Exploit (MS14-060)
No description provided by source. !/usr/bin/python Windows OLE RCE Exploit MS14-060 CVE-2014-4114 Sandworm Author: Mike Czumak Tv3rn1x - @SecuritySift Written: 10/21/2014 Tested Platforms: Windows 7 SP1 w/ exploit script run on Kali Linux You are free to reuse this code in part or in whole wit...
Filemaker Pro 13.03 & Advanced 12.04 - Login Bypass and Privilege Escalation
No description provided by source. Filemaker Login Bypass and Privilege Escalation ======================================================================= ADVISORY INFORMATION Title: Filemaker Login Bypass and Privilege Escalation Discovery date: 19/10/2014 Release date: 19/10/2014 Vendor Homepag...
i.Hex 0.98 - Local Crash PoC
No description provided by source. !/usr/bin/python Exploit Title:i.Hex Local Crash Poc Homepage:http://www.memecode.com/ihex.php Software Link:www.memecode.com/data/ihex-win32-v0.98.exe Version:i.Hex-v0.98 Win32 Release Description:i.Hex is a small and free graphical Hex Editor for Windows...
i.Mage 1.11 - Local Crash PoC
No description provided by source. !/usr/bin/python Exploit Title:i.Mage Local Crash Poc Homepage:http://www.memecode.com/image.php Software Link:http://sourceforge.net/projects/image-editor/files/i.mage-win32-v111.exe/download Version:i.i.Mage v1.11 Win32 Release Description:i.Mage is a small an...
DotNetNuke DNNspot Store 3.0.0 Arbitary File Upload
No description provided by source. Exploit Title: DotNetNuke DNNspot Store UploadifyHandler.ashx = 3.0.0 Arbitary File Upload Date: 23/01/2014 Author: Glafkos Charalambous Version: 3.0.0 Vendor: DNNspot Vendor URL: https://www.dnnspot.com Google Dork: inurl:/DesktopModules/DNNspot-Store/ root@kal...
MS14-060 Microsoft Windows OLE Package Manager Code Execution
No description provided by source. This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 Msf::Exploit::Remote Rank = ExcellentRanking include Msf::Exploit::FILEFORMAT include...
Tenda A32 Router - CSRF Vulnerability
No description provided by source. Exploit Title: Tenda A32 Router CSRF Vulnerabilityreboot the Router CVE ID :CVE-2014-7281 Date: 2014-10-10 Exploit Author: zixian Vendor Homepage: http://tenda.com.cn/ Software Link: http://tenda.com.cn/Catalog/Product/325 Version: V5.07.53CN When the...