39001 matches found
FaceTime - readSPSandGetDecoderParams Stack Corruption Exploit
Exploit for macOS platform in category dos / poc FaceTime - readSPSandGetDecoderParams Stack Corruption Exploit There are a variety of problems that occur when processing malformed H264 streams in readSPSandGetDecoderParams, leading to OOB read, OOB write and stackchk crashes. I think the root...
Microsoft Windows ALPC Task Scheduler Local Privilege Elevation Exploit
On vulnerable versions of Windows the alpc endpoint method SchRpcSetSecurity implemented by the task scheduler service can be used to write arbitrary DACLs to .job files located in c:\windows\tasks because the scheduler does not use impersonation when checking this location. Since users can creat...
HP Client - Automation Command Injection / Remote Code Execution
Exploit for multiple platform in category local exploits Exploit Title: HP Client - Automation Command Injection Date: 10/10/2016 Exploit Author: SlidingWindow , Twitter: @kapilkhot Vendor Homepage: Previosuly HP, now http://www.persistentsys.com/ Version: Tested on version 7.9 but should work on...
Ocomon 2.0 - SQL Injection
Exploit for php platform in category web applications Exploit Title: Ocomon 2.0: Acess administrative Bypass / Multiple Sql Injection Google Dork: inurl:ocomon/index.php or intitle:Ocomon 2.0-RC6 Date: 2016.08.18 Exploit Author: Jonatas Fil a.k.a pwx Vendor Homepage: ninj4c0d3r.github.io Version:...
Microsoft .NET Framework XSS / Privilege Escalation Vulnerability
Exploit for windows platform in category remote exploits Product: =========================== Microsoft .NET Framework Vulnerability Type: ============================ XSS / Elevation of Privilege CVE Reference: ============== CVE-2015-6099 Vulnerability Details: ====================== Microsoft...
FreeBSD 9.1 ftpd Remote Denial of Service
Exploit for freebsd platform in category dos / poc FreeBSD 9.1 ftpd Remote Denial of Service Maksymilian Arciemowicz http://cxsecurity.org/ http://cxsec.org/ Public Date: 01.02.2013 URL: http://cxsecurity.com/issue/WLB-2013020003 --- 1. Description --- I have decided check BSD ftpd servers once...
Uploader by CeleronDude 5.3.0 - Upload Vulnerability
Exploit for unknown platform in category web applications ==================================================== Uploader by CeleronDude 5.3.0 - Upload Vulnerability ==================================================== Uploader by CeleronDude 5.3.0 - Upload Vulnerability Discovered by : Stink' Date...
RichStrong CMS (showproduct.asp cat) Remote SQL Injection Exploit
Exploit for unknown platform in category web applications ================================================================= RichStrong CMS showproduct.asp cat Remote SQL Injection Exploit ================================================================= --==+=================== Spanish Hackers Te...
YNP Portal System 2.2.0 (showpage.cgi p) Remote File Disclosure
Exploit for cgi platform in category web applications =============================================================== YNP Portal System 2.2.0 showpage.cgi p Remote File Disclosure =============================================================== YNP Portal System 2.2.0 showpage.cgi p Remote File...
PHP-Fusion <= 6.0 106 BBCode IMG Tag Script Injection Exploit
Exploit for unknown platform in category web applications ============================================================= PHP-Fusion deluser ./fusionimg banuser ./fusionimg delshout ./fusionimg deladmin is the PHP-Fusion version. enter 6.x or 5.x depending on the version number. is the start point ...
Sanity.b - phpBB <= 2.0.10 Bot Install (AOL/Yahoo Search)
Exploit for unknown platform in category web applications ========================================================= Sanity.b - phpBB newPeerAddr="$site",PeerPort="80",Proto="tcp" or next; print $sock "GET /aolcom/search?q=$procura&Stage=0&page=$n HTTP/1.0\n\n"; @resu = ; close$sock; $ae = "@resu"...
Checkmk 2.3.0p2 / NagVis 1.9.40 Cross Site Scripting Vulnerability
Title: Checkmk NagVis Reflected Cross-site Scripting Publication URL: https://korelogic.com/Resources/Advisories/KL-001-2025-001.txt 1. Vulnerability Details Affected Vendor: Checkmk Affected Product: Checkmk/NagVis Affected Version: Checkmk 2.3.0p2, NagVis 1.9.40 Platform: GNU/Linux CWE...
Prison Management System - SQL Injection Authentication Bypass Vulnerability
Exploit : Prison Management System Using PHP -SQL Injection Authentication Bypass Exploit Author: Sanjay Singh Vendor Homepage: https://www.sourcecodester.com Software Link:https://www.sourcecodester.com/sql/17287/prison-management-system.html Tested on: Windows ,XAMPP CVE : CVE-2024-33288 Proof ...
Simple Attendance System 1.0 - Unauthenticated Blind SQL Injection Vulnerability
Exploit Title: Simple Attendance System 1.0 - Unauthenticated Blind SQLi Exploit Author: t//\1 Vendor Homepage: https://www.sourcecodester.com/php/14948/simple-attendance-system-php-and-sqlite-free-source-code.html Tested on: Linux Version: v1.0 Exploit Description: The application suffers from a...
Dell OpenManage Enterprise Hardcoded Credentails / Privilege Escalation / Deserialization
Dell OpenManage Enterprise versions up to 3.6.1 suffer from multiple hard-coded credential issues, multiple privilege escalation, weak permissions, authentication bypass, and other vulnerabilities. Please find a text-only version below sent to security mailing lists. The complete version on...
ExpressVPN VPN Router 1.0 - Router Login Panels Integer Overflow Vulnerability
Exploit Title: ExpressVPN VPN Router 1.0 - Router Login Panel's Integer Overflow Exploit Author: Jai Kumar Sharma Vendor Homepage: https://www.expressvpn.com/ Software Link: https://www.expressvpn.com/vpn-software/vpn-router Version: version 1 Tested on: Windows/Ubuntu/MacOS CVE : CVE-2020-29238...
BSA Radar 1.6.7234.24750 - Cross-Site Request Forgery (Change Password) Vulnerability
Exploit for hardware platform in category web applications Exploit title: BSA Radar 1.6.7234.24750 - Cross-Site Request Forgery Change Password Exploit Author: William Summerhill Vendor Homepage:bhttps://www.globalradar.com/ Version: BSA Radar - Version 1.6.7234.24750 and lower CVE: CVE-2020-1494...
ZenTao Pro 8.8.2 - Command Injection Exploit
Exploit for php platform in category web applications Exploit Title: ZenTao Pro 8.8.2 - Command Injection Exploit Author: Daniel Monzón & Melvin Boers Vendor Homepage: https://www.zentao.pm/ Version: 8.8.2 Tested on: Windows 10 / WampServer Other versions like pro or enterprise edition could be...
10-Strike Bandwidth Monitor 3.9 Unquoted Service Path Vulnerability
10-Strike Bandwidth Monitor version 3.9 services Svc10StrikeBandMontitor, Svc10StrikeBMWD, and Svc10StrikeBMAgent suffer from unquoted service path vulnerabilities. Exploit Title: Bandwidth Monitor 3.9 - Unquoted Services Paths Exploit Author: Bobby Cooke Vendor Site: https://www.10-strike.com/...
Druva inSync Windows Client 6.6.3 - Local Privilege Escalation Exploit
Exploit Title: Druva inSync Windows Client 6.6.3 - Local Privilege Escalation Exploit Author: Matteo Malvica Credits: Chris Lyne for previous version's exploit Vendor Homepage: druva.com Software Link: https://downloads.druva.com/downloads/inSync/Windows/6.6.3/inSync6.6.3r102156.msi Version: 6.6....
Microsoft Windows Media Center 2002 - XML External Entity MotW Bypass Vulnerability
Exploit Title: Microsoft Windows Media Center 2002 - XML External Entity MotW Bypass Discovery by: hyp3rlinx Date: 2019-12-03 Vendor Homepage: www.microsoft.com CVE: N/A + Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source:...
VMware VeloCloud 3.3.0 / 3.2.2 Authorization Bypass Vulnerability
Exploit for linux platform in category web applications Product: VeloCloud Vendor: VMware CVE ID: CVE-2019-5533 CSNC ID: CSNC-2019-007 Subject: Authorization Bypass Risk: Moderate Effect: Remotely exploitable CVSS v3.1 Vector: AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N Author: Silas Bärtsch Date:...
Karenderia Multiple Restaurant System 5.3 - Local File Inclusion Vulnerability
Exploit for php platform in category web applications =========================================================================================== Exploit Title: Karenderia CMS 5.1 - LFI Vuln. Dork: N/A Date: 04-07-2019 Exploit Author: Mehmet EMIROGLU Software Link:...
WordPress Insert or Embed Articulate Content Plugin - Remote Code Execution Exploit
Exploit for php platform in category web applications Exploit Title: Authenticated code execution in insert-or-embed-articulate-content-into-wordpress Wordpress plugin Description: It is possible to upload and execute a PHP file using the plugin option to upload a zip archive Exploit Author:...
Schneider Electric U.Motion Builder 1.3.4 Command Injection Vulnerability
Schneider Electric U.Motion Builder version 1.3.4 suffers from an unauthenticated command injection vulnerability in trackimportexport.php. 1. ADVISORY INFORMATION ======================= Product: Schneider Electric U.Motion Builder Vendor URL: www.schneider-electric.com Type: OS Command Injectio...
Cisco Immunet < 6.2.0 / Cisco AMP For Endpoints 6.2.0 - Denial of Service Exploit
Exploit for windows platform in category dos / poc / + Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/CISCO-IMMUNET-AND-CISCO-AMP-FOR-ENDPOINTS-SYSTEM-SCAN-DENIAL-OF-SERVICE.txt + ISR: ApparitionSec Greetz: indoushka |...
qdPM 9.1 - filter_by SQL Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: qdPM 9.1 - 'filterby' SQL Injection Exploit Author: Özkan Mustafa Akkuş AkkuS Contact: https://pentest.com.tr Vendor Homepage: http://qdpm.net Software Link: http://qdpm.net/download-qdpm-free-project-management Version: v9.1...
phpLDAPadmin 1.2.2 LDAP Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: phpLDAPadmin 1.2.2 - 'serverid' LDAP Injection Username Exploit Author: Berk Dusunur Vendor Homepage: http://phpldapadmin.sourceforge.net Software Link: http://phpldapadmin.sourceforge.net Version: 1.2.2 Tested on: Pardus / Debi...
Trend Micro IMSVA Management Portal 9.1.0.1600 Authentication Bypass Exploit
Trend Micro IMSVA Management Portal version 9.1.0.1600 suffers from an authentication bypass vulnerability. Title: Trend Micro IMSVA Management Portal Authentication Bypass Advisory ID: KL-001-2018-006 Publication Date: 2018.02.08 Publication URL:...
Apache Sling Framework (Adobe AEM) 2.3.6 - Information Disclosure
Exploit for multiple platform in category web applications Document Title: =============== Apache Sling Framework v2.3.6 Adobe AEM CVE-2016-0956 - Information Disclosure Vulnerability Adobe Bulletin: https://helpx.adobe.com/security/products/experience-manager/apsb16-05.html...
WordPress Responsive Thumbnail Slider Plugin 1.0 - XSS / Arbitrary File Upload Vulnerabilities
Exploit for php platform in category web applications " name="thumbnails" " style="width:50px" height="50px"/ input type="checkbox" val...
SuperLinks SQL Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: SuperLinks SQLi Google Dork: inurl:/superlinks/browse.php?id= Date: 27/01/2011 Author: Daniel Godoy Author Mail: DanielGodoyatGobiernoFederaldotcom Author Web: www.delincuentedigital.com.ar Tested on: Linux, Windows Comment...
Mediatheka 4.2 (index.php lang) Local File Inclusion Vulnerability
Exploit for unknown platform in category web applications ================================================================== Mediatheka 4.2 index.php lang Local File Inclusion Vulnerability ================================================================== START 0x01 Informations: Script :...
GuildFTPd 0.999.8.11/0.999.14 Heap Corruption PoC/DoS Exploit
Exploit for unknown platform in category dos / poc ============================================================= GuildFTPd 0.999.8.11/0.999.14 Heap Corruption PoC/DoS Exploit ============================================================= GuildFTPd v0.999.8.11/v0.999.14 heap corruption PoC/DoS...
XMB <= 1.9.6 (u2uid) Remote SQL Injection Exploit (mq=off)
Exploit for unknown platform in category web applications ========================================================== XMB = 4.1 allowing subs / if $argc5 echo "Usage: php ".$argv0." host path username password OPTIONS\n"; echo "host: target server ip/hostname\n"; echo "path: path to XMB \n"; echo...
PyroCMS v3.0.1 - Stored XSS Vulnerability
Exploit Title: PyroCMS v3.0.1 - Stored XSS Exploit Author: tmrswrr Category : Webapps Vendor Homepage: https://pyrocms.com/ Version: v3.0.1 Tested on: https://www.softaculous.com/apps/cms/PyroCMS ----------------------------------------------------------------------------------------------------...
D-Link DAP-1325 - Broken Access Control Vulnerability
Exploit Title: D-Link DAP-1325 - Broken Access Control Exploit Author: ieduardogoncalves Contact : twitter.com/0x00dia Vendor : www.dlink.com Version: Hardware version: A1 Firmware version: 1.01 Tested on:All Platforms 1 Description Security vulnerability known as "Unauthenticated access to...
CoolerMaster MasterPlus 1.8.5 - (MPService) Unquoted Service Path Vulnerability
Exploit Title: CoolerMaster MasterPlus 1.8.5 - 'MPService' Unquoted Service Path Exploit Author: Damian Semon Jr Blue Team Alpha Version: 1.8.5 Vendor Homepage: https://masterplus.coolermaster.com/ Software Link: https://masterplus.coolermaster.com/ Tested on: Windows 10 64x Step to discover the...
WebTareas 2.4 - Remote Command Execution (Authorized) Vulnerability
Exploit Title: WebTareas 2.4 - RCE Authorized Exploit Author: Hubert Wojciechowski Contact Author: email protected Vendor Homepage: https://sourceforge.net/projects/webtareas/ Software Link: https://sourceforge.net/projects/webtareas/ Version: 2.4 Testeted on: Windows 10 using XAMPP, Apache/2.4.4...
Polkit D-Bus Authentication Bypass Exploit
A vulnerability exists within the polkit system service that can be leveraged by a local, unprivileged attacker to perform privileged operations. In order to leverage the vulnerability, the attacker invokes a method over D-Bus and kills the client process. This will occasionally cause the operati...
Online DJ Booking Management System Project Report 1.0 SQL Injection / Code Execution Vulnerabilitie
Exploit for php platform in category web applications Exploit Title: Online DJ Booking Management System Project Report - RCE Through SQLi Authenticated User - admin Exploit Author: gh1mau Team Members: Capt'N,muzzo,chaos689 | https://h0fclanmalaysia.wordpress.com/ Vendor Homepage:...
ATutor 2.2.4 Directory Traversal / Remote Code Execution Exploit
This Metasploit module exploits an arbitrary file upload vulnerability together with a directory traversal flaw in ATutor versions 2.2.4, 2.2.2 and 2.2.1 in order to execute arbitrary commands. This module requires Metasploit: https://metasploit.com/download Current source:...
Beauty Parlour Management System 1.0 - Authentication Bypass Vulnerability
Exploit for php platform in category web applications Exploit Title: Beauty Parlour Management System 1.0 - Authentication Bypass Exploit Author: Prof. Kailas PATIL krp Vendor Homepage: https://phpgurukul.com/ Software Link:...
ECK Hotel 1.0 - Cross-Site Request Forgery (Add Admin) Vulnerability
Exploit for php platform in category web applications Exploit Title : ECK Hotel 1.0 - Cross-Site Request Forgery Add Admin Product : ECK Hotel Version : 1.0-beta Software Download: https://sourceforge.net/projects/eckhotel/files/eck-hotel-v1.0-beta.zip/download Exploit Author: Mustafa Emre Gül...
Neowise CarbonFTP 1.4 Insecure Proprietary Password Encryption Exploit
Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/NEOWISE-CARBONFTP-v1.4-INSECURE-PROPRIETARY-PASSWORD-ENCRYPTION.txt + twitter.com/hyp3rlinx + ISR: ApparitionSec Vendor www.neowise.com Product CarbonFTP v1.4 CarbonFTP is a...
OrientDB 3.0.17 GA Community Edition - Cross-Site Request Forgery / Cross-Site Scripting
Exploit for multiple platform in category web applications Exploit Title: OrientDB 3.0.17 GA Community Edition March 7th, 2019 | Multiple Vulnerabilities Date: 07.03.2019 Exploit Author: Ozer Goker Vendor Homepage: https://orientdb.org Software Link: https://orientdb.org/download Version: 3.0.17 ...
FTPShell Client 6.70 Enterprise Edition Stack Buffer Overflow Exploit
This Metasploit module exploits a buffer overflow in the FTPShell client 6.70 Enterprise edition allowing remote code execution. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'FTPShell client...
PHP Login And User Management 4.1.0 Shell Upload Vulnerability
Exploit for php platform in category web applications Title PHP Login & User Management = 4.1.0 - Arbitrary File Upload CVE-2018-11392 Product PHP Login & User Management https://codecanyon.net/item/php-login-user-management/49008 CVE CVE-2018-11392 Credit Reginald Dodd Description An arbitrary...
bitrix.scan Bitrix 1.0.3 Path Traversal Vulnerability
bitrix.mpbuilder Bitrix module version 1.0.10 suffers from a local file inclusion vulnerability. Product: bitrix.mpbuilder Bitrix module Vendor: www.1c-bitrix.ru Vulnerable Versions: 1.0.10 and probably prior Tested Version: 1.0.10 Advisory Publication: November 18, 2015 without technical details...
ZTE ZXV10-H201L Multiple Vulnerabilities
Exploit for hardware platform in category web applications /-------------------------------------------------/ /Exploits found by TheWalk1ngShad0w / /My email: email protected / /-------------------------------------------------/ Exploit tested & working on modem with this build info:...