39001 matches found
phpMyAdmin 4.8.1 - Remote Code Execution Exploit
Exploit Title: phpMyAdmin 4.8.1 - Remote Code Execution RCE Exploit Author: samguy Vulnerability Discovery By: ChaMd5 & Henry Huang Vendor Homepage: http://www.phpmyadmin.net Software Link: https://github.com/phpmyadmin/phpmyadmin/archive/RELEASE481.tar.gz Version: 4.8.1 Tested on: Linux - Debian...
Bitbucket Path Traversal / Remote Code Execution Vulnerability
Bitbucket Data Center had a path traversal vulnerability in the Data Center migration tool. A remote attacker with authenticated user with admin permissions can exploit this path traversal vulnerability to write files to arbitrary locations which can lead to remote code execution on systems that...
OpenSSH 7.4 - UsePrivilegeSeparation Disabled Forwarded Unix Domain Sockets Privilege Escalation Exp
Exploit for linux platform in category local exploits Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1010 This issue affects OpenSSH if privilege separation is disabled config option UsePrivilegeSeparation=no. While privilege separation is enabled by default, it is documented a...
Online Guestbook Pro (display) Blind SQL Injection Vulnerability
Exploit for unknown platform in category web applications ================================================================ Online Guestbook Pro display Blind SQL Injection Vulnerability ================================================================ Online Guestbook Pro display Blind SQL Injecti...
Communique Detail ID (communique_detail) SQL Injection Vulnerability
Exploit for php platform in category web applications ======================================================================== Communique Detail ID communiquedetail.php SQL Injection Vulnerability ======================================================================== Title: Communique Detail...
XMeye P2P Cloud Remote Code Execution / Integrity Issues Vulnerabilities
XMeye P2P Cloud used with Xiongmai IP Cameras, NVRs and DVRs suffer from predictable Cloud IDs, default admin password, and various other issues that can result in remote code execution. ======================================================================= title: Remote Code Execution via XMeye...
Apache 2.4.50 Remote Code Execution Exploit
include include include include include / Apache 2.4.50 exploit CVE-2021-42013 Author: Vilius Povilaika Website: www.povilaika.com / // compile: $ gcc cve-2021-42013.c -lcurl -o cve-2021-42013 int usagechar prog printf"Usage: %s \n", prog; printf" - %s https://127.0.0.1 "uname -a"\n", prog;...
AnyDesk 5.5.2 - Remote Code Execution Exploit
Exploit Title: AnyDesk 5.5.2 - Remote Code Execution Exploit Author: scryh Vendor Homepage: https://anydesk.com/en Version: 5.5.2 Tested on: Linux Walkthrough: https://devel0pment.de/?p=1881 !/usr/bin/env python import struct import socket import sys ip = '192.168.x.x' port = 50001 def...
Apache Tomcat JSP Upload Bypass Remote Code Execution Exploit
This Metasploit module uploads a jsp payload and executes it. This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Tomcat RCE via JSP Upload Bypass', 'Description' = %q This module uploads a jsp...
Windows User Profile Service Privlege Escalation Exploit
The user profile service, identified as ProfSrv, is vulnerable to a local privilege elevation vulnerability in its CreateDirectoryJunction function due to a lack of appropriate checks on the directory structure of the junctions it tries to link together. Attackers can leverage this vulnerability ...
VidiScript SQL Injection Vulnerability
Exploit for php platform in category web applications + Title: VidiScript Sql Injection Vulnerability + Date: 23.02.2011 + Software Link: VidiScript.com + Where : From Remote Founded by : ThEtA.Nu Team: Kosova Hacker Security Contact: theta.nuatwindowslivedotcom Home: www.khs-crew.org...
Nginx 1.20.0 - Denial of Service Exploit
Exploit Title: Nginx 1.20.0 - Denial of Service DOS Exploit Author: Mohammed Alshehri - https://Github.com/M507 Vendor Homepage: https://nginx.org/ Software Link: https://github.com/nginx/nginx/releases/tag/release-1.20.0 Version: 0.6.18 - 1.20.0 Tested on: Ubuntu 18.04.4 LTS bionic CVE:...
Moodle 3.4.1 - Remote Code Execution Exploit
Exploit for php platform in category web applications php MoodleExploit.php url=http://example.com user=teacher pass=password ip=10.10.10.10 port=1010 course=1 user The account username pass The password to the account ip Callback IP port Callback Port course Valid course ID belonging to the...
Microsoft Office - Composite Moniker Remote Code Execution Exploit
Exploit for windows platform in category local exploits What? This repo contains a Proof of Concept exploit for CVE-2017-8570, a.k.a the "Composite Moniker" vulnerability. This demonstrates using the Packager.dll trick to drop an sct file into the %TEMP% directory, and then execute it using the...
Liferay Portal Remote Code Execution Exploit
Liferay Portal versions prior to 7.2.1 CE GA2 exploit that gains code execution due to deserialization of untrusted data sent to the JSON web services interface. Exploit Title: Data in Liferay Portal prior to 7.2.1 CE GA2 - Remote code execution Author: nu11secur1ty Vendor: Link:...
SQL Server Reporting Services (SSRS) ViewState Deserialization Exploit
A vulnerability exists within Microsoft's SQL Server Reporting Services which can allow an attacker to craft an HTTP POST request with a serialized object to achieve remote code execution. The vulnerability is due to the fact that the serialized blob is not signed by the server. This module...
WordPress 6.4.3 Username Disclosure Vulnerability
WordPress versions 6.4.3 and below appear to suffer from a REST API related username disclosure vulnerability. Title: wordpress 6.4.3 - Username Disclosure Author: h4shur Vendor Homepage: https://www.wordpress.org Software Link: https://www.wordpress.org/download Version: 6.4.3 and earlier Tested...
osTicket 1.10.1 Shell Upload Vulnerability
Exploit for php platform in category web applications Reference: https://becomepentester.blogspot.ae/2017/10/osTicket-File-Upload- Restrictions-Bypassed-CVE-2017-15580.html Exploit Title: File Upload Restrictions Bypassed Date: 18 October, 2017 Exploit Author: Rajwinder Singh Vendor Homepage:...
mxBB Module Profile CP 0.91c Remote File Include Vulnerability
Exploit for unknown platform in category web applications ============================================================== mxBB Module Profile CP 0.91c Remote File Include Vulnerability ============================================================== mxBB Module Profile Control Panel 0.91c Remote Fil...
Werkzeug Debug Shell Command Execution Exploit
This Metasploit module will exploit the Werkzeug debug console to put down a Python shell. This debugger "must never be used on production machines" but sometimes slips passed testing. Tested against 0.9.6 on Debian, 0.9.6 on Centos, 0.10 on Debian. This module requires Metasploit:...
glFusion <= 1.1.2 COM_applyFilter()/cookies Blind SQL Injection Exploit
Exploit for unknown platform in category web applications ======================================================================= glFusion 1 // Check user status $status = SECcheckUserStatus$userid; if $status == USERACCOUNTACTIVE || $status == USERACCOUNTAWAITINGACTIVATION $userloggedin = 1;...
elFinder 2.0 - file manager for web(rc1) - File Upload Vulnerability
Usage Info Info : u can upload .php .php3 .php6 .txt .html .pl .htaccess and ... Upload Your webshell and load from : site.com/var/upload/ro0t.php site.com/files/upload/ro0t.php site.com/var/upload/ro0t.php for get file url double click on your file to open file iframe page |/ o o...
SPIP v4.2.0 - Remote Code Execution (Unauthenticated) Exploit
!/usr/bin/env python3 -- coding: utf-8 -- Exploit Title: SPIP v4.2.1 - Remote Code Execution Unauthenticated Google Dork: inurl:"/spip.php?page=login" Exploit Author: nuts7 https://github.com/nuts7/CVE-2023-27372 Vendor Homepage: https://www.spip.net/ Software Link:...
Linux/x86 execve /bin/sh Shellcode (10 bytes)
Exploit Title: Linux/x86 - execve "/bin/sh" 10 bytes Google Dork: None Exploit Author: cybersaki Vendor Homepage: None Software Link: None Version: None Tested on: Kali linux 2020.2a i386 x86 CVE : none Shellcode-length : 10 SLAE-id : Purchased | email protected Reference :...
Atlassian Confluence WebWork OGNL Injection Exploit
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Atlassian Confluence WebWork OGNL Injection', 'Description' = %q This module exploits an OGNL injection in Atlassian Confluence's WebWork compone...
Network Management Card 6.2.0 - Host Header Injection Vulnerability
Exploit for hardware platform in category web applications Exploit Title: Network Management Card 6.2.0 - Host Header Injection Exploit Author: Amal E Thamban,Kamal Paul Vendor Homepage: https://www.apc.com/in/en/ Software Link: https://www.apc.com/shop/in/en/products/Network-Management-Card...
WordPress 5.9.0 core Remote Code Execution 0day Exploit
This python exploit allow remote code execution, work with default installations and should not require any authentication or user interaction...
Oracle Weblogic Server Deserialization Remote Code Execution Exploit
An unauthenticated attacker with network access to the Oracle Weblogic Server T3 interface can send a malicious SOAP request to the interface WLS AsyncResponseService to execute code on the vulnerable host. This module requires Metasploit: https://metasploit.com/download Current source:...
php iCalendar <= 2.21 (publish.ical.php) Remote Code Execution Exploit
Exploit for unknown platform in category web applications ====================================================================== php iCalendar autisticiorg\r\n"; echo "this works if "phpicalendarpublishing" is set to 1 in config.inc.php\r\n\r\n"; short explaination: phpICal lets users...
PHP-FPM + Nginx - Remote Code Execution Exploit
Exploit for php platform in category web applications PHuiP-FPizdaM What's this This is an exploit for a bug in php-fpm CVE-2019-11043. In certain nginx + php-fpm configurations, the bug is possible to trigger from the outside. This means that a web user may get code execution if you have...
PhreeBooks ERP 5.2.3 - Arbitrary File Upload Exploit
Exploit for php platform in category web applications PhreeBooks ERP v5.2.3 - Arbitrary File Upload Exploit Author: Abdullah Çelebi Vendor Homepage: https://www.phreesoft.com/ Software Link: https://sourceforge.net/projects/phreebooks/files/latest/download Category: Webapps Version: 5.2.3 Tested...
MongoDB nativeHelper.apply Remote Code Execution Vulnerability
This Metasploit module exploits the nativeHelper feature from spiderMonkey which allows control over execution by calling it with specially crafted arguments. This Metasploit module has been tested successfully on MongoDB 2.2.3 on Ubuntu 10.04 and Debian Squeeze. This file is part of the Metasplo...
CodeAvalanche News 1.x (CAT_ID) Remote SQL Injection Vulnerability
Exploit for unknown platform in category web applications ================================================================== CodeAvalanche News 1.x CATID Remote SQL Injection Vulnerability ================================================================== CodeAvalanche News SQL Injection Software...
ThinkPHP 5.0.23 Remote Code Execution Exploit
This Metasploit module exploits one of two PHP injection vulnerabilities in the ThinkPHP web framework to execute code as the web user. Versions up to and including 5.0.23 are exploitable, though 5.0.23 is vulnerable to a separate vulnerability. The module will automatically attempt to detect the...
ClanSphere 2011.0 (CKEditor) Multiple Vulnerabilities
Exploit for php platform in category web applications 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 +...
Nexans FTTO GigaSwitch Outdated Components / Hardcoded Backdoor Vulnerability
Nexans FTTO GigaSwitch industrial/office switches HW version 5 suffer from having a hardcoded backdoor user and multiple outdated vulnerable software components. ======================================================================= title: Hardcoded Backdoor User and Outdated Software Components...
deV!Lz Clanportal [DZCP] <= 1.3.6 Arbitrary File Upload Vulnerability
Exploit for unknown platform in category web applications ===================================================================== deV!Lz Clanportal DZCP = 1.3.6 Arbitrary File Upload Vulnerability ===================================================================== S Y N O P S I S /...
ClipShare (uprofile.php UID) Remote SQL Injection Vulnerability
Exploit for unknown platform in category web applications =============================================================== ClipShare uprofile.php UID Remote SQL Injection Vulnerability =============================================================== video sharing www.clip-share.com Remote SQL...
e107 Plugin - FilleDownload Plugin Upload Shell / Remote File Disclosure
Exploit for php platform in category web applications 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 +...
Jcow 4.2.1 LFI Vulnerability
Exploit for php platform in category web applications ------------------------------------------------------------------------ Software................Jcow 4.2.1 Vulnerability...........Local File Inclusion Threat Level............Critical 4/5 Download................http://www.jcow.net/ Discover...
deV!Lz Clanportal [DZCP] <= 1.34 (id) Remote SQL Injection Exploit
Exploit for unknown platform in category web applications ================================================================== deV!Lz Clanportal DZCP = 1.34 id Remote SQL Injection Exploit ================================================================== ? errorreportingEERROR; function exploitini...
Moodle Admin Shell Upload Exploit
This Metasploit module will generate a plugin which can receive a malicious payload request and upload it to a server running Moodle provided valid admin credentials are used. Then the payload is sent for execution, and the plugin uninstalled. You must have an admin account to exploit this...
October CMS 1.0.412 Code Execution / Shell Upload Vulnerabilities
Exploit for php platform in category web applications October CMS v1.0.412 several vulnerabilities Information =========== Name: October CMS v1.0.412 build 412 Homepage: http://octobercms.com Vulnerability: several issues, including PHP code execution Prerequisites: attacker has to be authenticat...
IObit Advanced SystemCare 9 Unquoted Service Path Privilege Escalation Vulnerability
Exploit for windows platform in category local exploits Exploit Title: IObit Advanced SystemCare 9 Unquoted Service Path Privilege Escalation Date: 19/10/2016 Exploit Author: Federico Zambito Vendor Homepage: http://www.iobit.com/ Software Link: http://www.iobit.com/en/advancedsystemcarefree.php...
Obehotel CMS SQL Injection Vulnerability
Obehotel CMS suffers from denial of service, insecure transit, directory listing, and remote SQL injection vulnerabilities. OBEHOTEL Spanish CMS Blind SQLinjection / Apache httpd Remote Denial of Service / Directory Listing / Insecure transition from HTTPS to HTTP in form post I-VULNERABILITY...
OpenNMS Horizon 31.0.7 Remote Command Execution Exploit
This Metasploit module exploits built-in functionality in OpenNMS Horizon in order to execute arbitrary commands as the opennms user. For versions 32.0.2 and higher, this module requires valid credentials for a user with ROLEFILESYSTEMEDITOR privileges and either ROLEADMIN or ROLEREST. For versio...
MobileIron Log4Shell Remote Command Execution Exploit
MobileIron Core is affected by the Log4Shell vulnerability whereby a JNDI string sent to the server will cause it to connect to the attacker and deserialize a malicious Java object. This results in OS command execution in the context of the tomcat user. This Metasploit module will start an LDAP...
BBPortalS <= 2.0 Remote Blind SQL Injection Exploit
Exploit for unknown platform in category web applications =================================================== BBPortalS get$sql; if!$res - content = /Warning/ print " The Current number of fields is : $err\n"; $err++; max007; else if$err=...
Samba 3.5.0 - Remote code execution Exploit
Exploit for linux platform in category remote exploits ! /usr/bin/env python Title : ETERNALRED Date: 05/24/2017 Exploit Author: steelo Vendor Homepage: https://www.samba.org Samba 3.5.0 - 4.5.4/4.5.10/4.4.14 CVE-2017-7494 import argparse import os.path import sys import tempfile import time from...
XOS Shop 1.0 rc7o (redirect.php, goto param) - SQL Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: XOS Shopv1.0rc7o Sql Injection Vulnerability Date: 23/01/2014 Exploit Author: JoKeRStEx Vendor Homepage: http://www.xos-shop.com/ Software Link: http://xos-shop.com/main/index.php/cPath/25/ Version: v1.0 rc7o Tested on: Windows...