Lucene search
K
ZdtMost viewed

39001 matches found

0day.today
0day.today
added 2019/05/02 12:0 a.m.1166 views

Windows PowerShell ISE / Filename Parsing Flaw Remote Code Execution Exploit

Microsoft Windows PowerShell ISE will execute wrongly supplied code when debugging specially crafted PowerShell scripts that contain array brackets as part of the filename. This can result in ISE executing attacker supplied scripts pointed to by the filename and not the "trusted" PS file currentl...

0.2AI score
Exploits0
0day.today
0day.today
added 2019/06/19 12:0 a.m.1165 views

BlogEngine.NET 3.3.7 Directory Traversal / Remote Code Execution Vulnerability #RCE

BlogEngine.NET versions 3.3.7 and earlier are vulnerable to two separate directory traversal issues that can lead to remote code execution. BlogEngine.NET, versions 3.3.7 and earlier, is vulnerable to two separate Directory Traversal issues that can lead to Remote Code Execution. CVE-2019-10719...

0.5AI score0.31725EPSS
Exploits16
0day.today
0day.today
added 2024/09/24 12:0 a.m.1163 views

Apple iOS 17.2.1 Screen Time Passcode Retrieval / Mitigation Bypass Vulnerabilities

A mitigation bypass / privilege escalation flaw has been discovered in Apple's iOS Screen Time functionality, granting one access to modify the restrictions. It allows a local attacker to acquire the Screen Time Passcode by bypassing the anti-bruteforce protections on the four-digit Passcode, and...

6.9AI score
Exploits0
0day.today
0day.today
added 2016/11/24 12:0 a.m.1160 views

Linux Kernel 2.6.x pipe.c Privilege Escalation Exploit

Linux kernel versions 2.6.10 up to but not including 2.6.31.5 pipe.c privilege escalation exploit. / expmoosecox.c Watch a video of the exploit here: http://www.youtube.com/watch?v=jt81NvaOj5Y developed entirely by Ingo Molnar exploit writer extraordinaire! , thanks to Fotis Loukos for pointing t...

6.9CVSS1AI score0.0493EPSS
Exploits7
0day.today
0day.today
added 2023/11/14 12:0 a.m.1149 views

MagnusBilling Remote Command Execution Exploit

This Metasploit module exploits a command injection vulnerability in MagnusBilling application versions 6.x and 7.x that allows remote attackers to run arbitrary commands via an unauthenticated HTTP request. A piece of demonstration code is present in lib/icepay/icepay.php, with a call to an exec...

9.8CVSS10AI score0.9425EPSS
Exploits15
0day.today
0day.today
added 2020/02/04 12:0 a.m.1148 views

PNG Silent Arbitrary Code Execution FUD Exploit

0day PNG Exploit. All Chrome, Edge, Opera, Firefox, Microsoft Internet Explorer, Yandex, tested. Running smoothly Latest version. Windows 7, Windows 8, Windows 8.1, Windows 10 Tested Works in the latest versions. All Mail services were Tested bypass, Gmail, Hotmail, Yahoo, Yandex-mail, Foxmail, Q...

2.4AI score
Exploits0
0day.today
0day.today
added 2019/04/11 12:0 a.m.1148 views

Zimbra Collaboration Autodiscover Servlet XXE / ProxyServlet SSRF Exploit

This Metasploit module exploits an XML external entity vulnerability and a server side request forgery to get unauthenticated code execution on Zimbra Collaboration Suite. The XML external entity vulnerability in the Autodiscover Servlet is used to read a Zimbra configuration file that contains a...

9.8CVSS0.1AI score0.99986EPSS
Exploits11
0day.today
0day.today
added 2020/07/27 12:0 a.m.1146 views

Rails 5.0.1 - Remote Code Execution Exploit

Exploit for ruby platform in category web applications Exploit Title: Rails 5.0.1 - Remote Code Execution Exploit Author: Lucas Amorim Vendor Homepage: www.rubyonrails.org Software Link: www.rubyonrails.org Version: Rails " end if ARGV.length 3 header exit-1 end url = ARGV0 ip = ARGV1 port = ARGV...

6.5CVSS8.8AI score0.83085EPSS
Exploits10
0day.today
0day.today
added 2017/09/28 12:0 a.m.1146 views

Oracle WebLogic Server 10.3.6.0 - Java Deserialization Exploit

Exploit for java platform in category remote exploits Exploit Title: Oracle WebLogic Server Java Deserialization Remote Code Execution Date: 27/09/2017 Exploit Author: SlidingWindow , Twitter: @kapilkhot Vulnerability Author: FoxGloveSecurity Vendor Homepage:...

7.5CVSS8.7AI score0.96032EPSS
Exploits17
0day.today
0day.today
added 2024/06/14 12:0 a.m.1139 views

PHP < 8.3.8 - Unauthenticated Remote Code Execution (Windows) Exploit

This Metasploit module exploits a PHP CGI argument injection vulnerability affecting PHP in certain configurations on a Windows target. A vulnerable configuration is locale dependant such as Chinese or Japanese, such that the Unicode best-fit conversion scheme will unexpectedly convert a soft...

9.8CVSS7.2AI score0.99987EPSS
Exploits64
0day.today
0day.today
added 2021/10/13 12:0 a.m.1139 views

Moodle SpellChecker Path Authenticated Remote Command Execution Exploit

Moodle allows an authenticated administrator to define spellcheck settings via the web interface. An administrator can update the aspell path to include a command injection. This is extremely similar to CVE-2013-3630, just using a different variable. This Metasploit module was tested against Mood...

9.1CVSS0.9AI score0.42566EPSS
Exploits11
0day.today
0day.today
added 2020/08/04 12:0 a.m.1119 views

Pi-hole 4.3.2 - Remote Code Execution (Authenticated) Exploit

Exploit for linux platform in category web applications !/usr/bin/env python2 Exploit Title: Pi-hole 4.3.2 - Remote Code Execution Authenticated Date: 2020-08-04 Exploit Author: Luis Vacas @CyberVaca Vendor Homepage: https://pi-hole.net/ Software Link: https://github.com/pi-hole/pi-hole Version: ...

6.5CVSS0.7819EPSS
Exploits13
0day.today
0day.today
added 2018/02/07 12:0 a.m.1114 views

Uniview - Remote Command Execution / Export Config (PoC) Vulnerability

Exploit for multiple platform in category remote exploits STX Subject: Uniview RCE and export config PoC Researcher: bashis October 2017 Attack Vector: Remote Authentication: Anonymous no credentials needed Export config...

7.1AI score
Exploits0
0day.today
0day.today
added 2021/09/15 12:0 a.m.1109 views

elFinder Archive Command Injection Exploit

elFinder versions below 2.1.59 are vulnerable to a command injection vulnerability via its archive functionality. When creating a new zip archive, the name parameter is sanitized with the escapeshellarg php function and then passed to the zip utility. Despite the sanitization, supplying the -TmTT...

9.8CVSS0.7AI score0.69934EPSS
Exploits5
0day.today
0day.today
added 2013/06/05 12:0 a.m.1103 views

Cuppa CMS Remote / Local File Inclusion Vulnerability

Cuppa CMS suffers from remote and local file inclusion vulnerabilities. Exploit Title : Cuppa CMS File Inclusion Date : 4 June 2013 Exploit Author : CWH Underground Site : www.2600.in.th Vendor Homepage : http://www.cuppacms.com/ Software Link :...

6.9AI score
Exploits0
0day.today
0day.today
added 2022/07/01 12:0 a.m.1091 views

WiFi Mouse 1.7.8.5 - Remote Code Execution Exploit (2)

Exploit Title: WiFi Mouse 1.7.8.5 - Remote Code Execution Author: H4rk3nz0 Vendor Homepage: http://necta.us/ Software Link: http://wifimouse.necta.us/download Version: 1.7.8.5 Tested on: Windows Enterprise Build 17763 ​ Python 3 port done by RedHatAugust Original exploit:...

7.4AI score
Exploits0
0day.today
0day.today
added 2020/03/05 12:0 a.m.1091 views

Exchange Control Panel Viewstate Deserialization Exploit

This Metasploit module exploits a .NET serialization vulnerability in the Exchange Control Panel ECP web page. The vulnerability is due to Microsoft Exchange Server not randomizing the keys on a per-installation basis resulting in them using the same validationKey and decryptionKey values. With...

9CVSS0.5AI score0.99965EPSS
Exploits30
0day.today
0day.today
added 2021/10/06 12:0 a.m.1080 views

Dahua Authentication Bypass Vulnerability

STX Subject: Update: Dahua Authentication bypass CVE-2021-33044, CVE-2021-33045 Attack vector: Remote Authentication: Anonymous no credentials needed Researcher: bashis 2021 Limited Disclosure: September 6, 2021 Full Disclosure: October 6, 2021 PoC: https://github.com/mcw0/DahuaConsole -=Dahua=-...

10CVSS0.3AI score0.99871EPSS
Exploits13
0day.today
0day.today
added 2019/05/31 12:0 a.m.1075 views

Microsoft Windows Remote Desktop - BlueKeep Denial of Service Exploit

import socket, sys, struct from OpenSSL import SSL from impacket.structure import Structure I'm not responsible for what you use this to accomplish and should only be used for education purposes Could clean these up since I don't even use them class TPKTStructure: commonHdr = 'Version','B=3',...

9.8CVSS10AI score0.99999EPSS
Exploits123
0day.today
0day.today
added 2017/11/15 12:0 a.m.1075 views

WIFICAM Wireless IP Camera (P2P) - Unauthenticated Remote Code Execution Exploit

Exploit for hardware platform in category remote exploits include include include include include include include include define CAMPORT 80 define REMOTEHOST "192.168.1.1" define REMOTEPORT "1337" define PAYLOAD0 "GET...

10CVSS8.7AI score0.18005EPSS
Exploits8
0day.today
0day.today
added 2023/04/05 12:0 a.m.1070 views

Binwalk v2.3.2 - Remote Command Execution Exploit

Exploit Title: Binwalk v2.3.2 - Remote Command Execution RCE Exploit Author: Etienne Lacoche CVE-ID: CVE-2022-4510 import os import inspect import argparse print"" print"" print"------------------CVE-2022-4510----------------" print"" print"--------Binwalk Remote Command Execution--------"...

7.8CVSS7.6AI score0.22013EPSS
Exploits8
0day.today
0day.today
added 2020/06/02 12:0 a.m.1067 views

Microsoft Windows - (SMBGhost) Remote Code Execution Exploit

!/usr/bin/env python ''' EDB Note Download: https://github.com/offensive-security/exploitdb-bin-sploits/raw/master/bin-sploits/48537.zip SMBGhostRCEPoC RCE PoC for CVE-2020-0796 "SMBGhost" For demonstration purposes only! Only use this a reference. Seriously. This has not been tested outside of m...

10CVSS9AI score0.9981EPSS
Exploits125
0day.today
0day.today
added 2022/03/15 12:0 a.m.1066 views

WordPress Core 5.9.0 / 5.9.1 Cross Site Scripting Vulnerability

Contributor+ Stored Cross Site Scripting Vulnerability Description: Contributor+ Stored XSS Affected Versions: WordPress Core 5.9.0-5.9.1 CVE ID: Pending CVSS Score: 8.0 High CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H Fully Patched Version: 5.9.2 Researcher/s: Ben Bidner WordPress...

8.8CVSS8.8AI score0.04186EPSS
Exploits2
0day.today
0day.today
added 2018/07/24 12:0 a.m.1066 views

Cisco Adaptive Security Appliance Path Traversal Exploit

This Metasploit module exploits a security vulnerability in Cisco ASA that would allow an attacker to view sensitive system information without authentication by using directory traversal techniques. require 'msf/core' class MetasploitModule "Cisco Adaptive Security Appliance - Path Traversal",...

5CVSS0.5AI score0.99903EPSS
Exploits18
0day.today
0day.today
added 2010/09/05 12:0 a.m.1065 views

online product / shop online (productdetail.cfm) SQL Injection

Exploit for asp platform in category web applications ============================================================== online product / shop online productdetail.cfm SQL Injection ============================================================== + Category : vurnerebility SQLI online product + Running...

7.1AI score
Exploits0
0day.today
0day.today
added 2022/04/06 12:0 a.m.1053 views

Roxy File Manager 1.4.5 PHP File Upload Restriction Bypass Exploit

Roxy File Manager version 1.4.5 proof of concept exploit for a PHP file upload restriction bypass vulnerability. Exploit Title: Roxy File Manager 1.4.5 PHP File Upload Restriction Bypass Exploit Author: Adam Shebani NULLHE4D Software: Roxy File Manager Version: 1.4.5 CVE: CVE-2018-20525 Vendor...

9.1CVSS0.21646EPSS
Exploits7
0day.today
0day.today
added 2023/10/15 12:0 a.m.1051 views

Apache Superset 2.0.0 Remote Code Execution Exploit

Apache Superset versions 2.0.0 and below utilize Flask with a known default secret key which is used to sign HTTP cookies. These cookies can therefore be forged. If a user is able to login to the site, they can decode the cookie, set their userid to that of an administrator, and re-sign the cooki...

9.8CVSS7.7AI score0.97405EPSS
Exploits20
0day.today
0day.today
added 2007/02/21 12:0 a.m.1045 views

deV!Lz Clanportal [DZCP] <= 1.4.5 Remote File Disclosure Vulnerability

Exploit for unknown platform in category web applications ====================================================================== deV!Lz Clanportal DZCP = 1.4.5 Remote File Disclosure Vulnerability ====================================================================== DZCP Devilz Clanportal = 1.4....

7.1AI score
Exploits0
0day.today
0day.today
added 2008/01/05 12:0 a.m.1043 views

ClipShare 2.6 Remote User Password Change Exploit

Exploit for unknown platform in category web applications ================================================= ClipShare 2.6 Remote User Password Change Exploit ================================================= !/usr/bin/perl -w priv8 Pr0metheuS Exploit Name: Clipshare Remote User Password Change...

7.1AI score
Exploits0
0day.today
0day.today
added 2022/03/16 12:0 a.m.1041 views

Pluck CMS 4.7.16 - Remote Code Execution (Authenticated) Exploit

Exploit Title: Pluck CMS 4.7.16 - Remote Code Execution RCE Authenticated Exploit Author: Ashish Koli Shikari Vendor Homepage: https://github.com/pluck-cms/pluck Version: 4.7.16 Tested on Ubuntu 20.04.3 LTS CVE: CVE-2022-26965 Usage : python3 exploit.py Example: python3 exploit.py 127.0.0.1 80...

7.2CVSS0.37716EPSS
Exploits4
0day.today
0day.today
added 2021/11/10 12:0 a.m.1035 views

Win32k NtGdiResetDC Use-After-Free / Local Privilege Escalation Exploit

A use after free vulnerability exists in the NtGdiResetDC function of Win32k which can be leveraged by an attacker to escalate privileges to those of NT AUTHORITY\SYSTEM. The flaw exists due to the fact that this function calls hdcOpenDCW, which performs a user mode callback. During this callback...

7.8CVSS8.2AI score0.73381EPSS
Exploits11
0day.today
0day.today
added 2019/06/14 12:0 a.m.1028 views

CentOS 7.6 - ptrace_scope Privilege Escalation Exploit #RCE #LPE

Exploit for linux platform in category local exploits !/usr/bin/env bash 'ptracescope' misconfiguration Local Privilege Escalation Affected operating systems TESTED: Parrot Home/Workstation 4.6 Latest Version Parrot Security 4.6 Latest Version CentOS / RedHat 7.6 Latest Version Kali Linux 2018.4...

0.1AI score
Exploits0
0day.today
0day.today
added 2020/07/17 12:0 a.m.1026 views

RiteCMS 2.2.1 - Remote Code Execution Exploit

Exploit for php platform in category web applications Exploit Title: RiteCMS 2.2.1 - Remote Code Execution Exploit Author: Enes Özeser Vendor Homepage: http://ritecms.com/ Version: 2.2.1 Tested on: Linux 1- Go to following url. http://CHANGE-THIS/ritecms/cms/ 2- Default username and password is...

Exploits0
0day.today
0day.today
added 2019/12/04 12:0 a.m.1026 views

SSDWLAB 6.1 - Authentication #Bypass Vulnerability

Exploit for asp platform in category web applications Exploit Title: SSDWLAB 6.1 - Authentication Bypass Exploit Author: Luis Buendía exoticpayloads Vendor Homepage: http://www.sbpsoftware.com/ Version: 6.1 Tested on: IIS 7.5 CVE : Pending Description: By injection on the SOAP function in the...

0.4AI score
Exploits0
0day.today
0day.today
added 2020/02/22 12:0 a.m.1024 views

D-Link DGS-1250 Header Injection Vulnerability

Exploit for hardware platform in category web applications D-Link DGS-1250 header injection vulnerability ============================================== The latest version of this advisory is available at: https://sintonen.fi/advisories/d-link-dgs-1250-header-injection.txt Overview -------- D-Lin...

0.3AI score
Exploits0
0day.today
0day.today
added 2022/11/17 12:0 a.m.1019 views

Gitea Git Fetch Remote Code Execution Exploit

This Metasploit module exploits the Git fetch command in the Gitea repository migration process to allow for remote command execution on the system. This vulnerability affect Gitea versions prior to 1.16.7. This module requires Metasploit: https://metasploit.com/download Current source:...

7.5CVSS0.9AI score0.87678EPSS
Exploits8
0day.today
0day.today
added 2018/10/01 12:0 a.m.1014 views

Linux/x64 - execve ("/bin/bash") Shellcode (27 bytes)

Author: Artr0n Linux/x64 - Execve/bin/bash Shellcode Shellcode Lenght: 27 include include int mainvoid char shellcode = "\xeb\x0b\x5f\x48\x31\xd2\x52\x5e\x6a\x3b\x58\x0f\x05\xe8\xf0\xff\xff\xff\x2f\x62\x69\x6e\x2f\x62\x61\x73\x68"; printf"size: %d\n", strlenshellcode; void shellcode; return 0;...

0.3AI score
Exploits0
0day.today
0day.today
added 2022/10/05 12:0 a.m.1014 views

Remote Mouse 4.110 Remote Code Execution Exploit

This Metasploit module utilizes the Remote Mouse Server by Emote Interactive protocol to deploy a payload and run it from the server. This module will only deploy a payload if the server is set without a password default. Tested against 4.110, current at the time of module writing. This module...

9.8CVSS0.1AI score0.02044EPSS
Exploits3
0day.today
0day.today
added 2014/02/04 12:0 a.m.995 views

Apache Tomcat Manager Code Execution Exploit

This Metasploit module can be used to execute a payload on Apache Tomcat servers that have an exposed "manager" application. The payload is uploaded as a WAR archive containing a jsp application using a POST request against the /manager/html/upload component. NOTE: The compatible payload sets var...

10CVSS8.5AI score0.78995EPSS
Exploits25
0day.today
0day.today
added 2021/11/07 12:0 a.m.988 views

Pentaho Business Analytics / Pentaho Business Server 9.1 Authentication Bypass Vulnerability

Product: Pentaho Business Analytics / Pentaho Business Server Vendor / Manufacturer: Hitachi Vantara Affected Versions: sec:intercept-url pattern="\A/api/.\Z" access="Authent...

7.5CVSS8.8AI score0.51653EPSS
Exploits5
0day.today
0day.today
added 2023/11/14 12:0 a.m.986 views

ZoneMinder Snapshots Command Injection Exploit

This Metasploit module exploits an unauthenticated command injection in zoneminder that can be exploited by appending a command to an action of the snapshot view. Versions prior to 1.36.33 and 1.37.33 are affected. This module requires Metasploit: https://metasploit.com/download Current source:...

9.8CVSS9.8AI score0.80462EPSS
Exploits11
0day.today
0day.today
added 2023/03/16 12:0 a.m.983 views

Microsoft SQL Server 2014 / 2016 / 2017 / 2019 / 2022 Audit Logging Failure Vulnerability

Microsoft SQL Server 2014, 2016, 2017, 2019, and 2022 appears to ignore audit rules for sys.sysxlgns allowing an attacker with administrative permissions to extract password hashes under the radar. Microsoft told the researcher they are not willing to fix it but acknowledge it as a security...

8.1AI score
Exploits0
0day.today
0day.today
added 2015/01/08 12:0 a.m.983 views

Ntpdc 4.2.6p3 - Local Buffer Overflow Exploit

Ntpdc version 4.2.6p3 suffers from a local buffer overflow vulnerability. Source: https://hatriot.github.io/blog/2015/01/06/ntpdc-exploit/ from os import system, environ from struct import pack import sys ntpdc 4.2.6p3 bof @dronesec tested on x86 Ubuntu 12.04.5 LTS IMAGEBASE = 0x80000000...

7.2AI score
Exploits0
0day.today
0day.today
added 2011/03/05 12:0 a.m.983 views

ADAN Neuronlabs (view.php ) SQL Injection Vulnerability

Exploit for php platform in category web applications -------------------------------------------------------- ADAN view.php Sql Injection Vulnerability -------------------------------------------------------- Date 04-03-2011 -------------------------------------------------------- Discovered By:...

7.1AI score
Exploits0
0day.today
0day.today
added 2019/06/10 12:0 a.m.978 views

Ubuntu 18.04 - (lxd) Privilege Escalation Exploit #LPE #RCE

Exploit for linux platform in category local exploits !/usr/bin/env bash ---------------------------------- Authors: Marcelo Vazquez S4vitar Victor Lasa vowkin ---------------------------------- Step 1: Download build-alpine = wget...

Exploits0
0day.today
0day.today
added 2021/12/04 12:0 a.m.977 views

WordPress All-in-One Video Gallery plugin 2.4.9 Plugin - Local File Inclusion Vulnerability

Exploit Title: WordPress Plugin All-in-One Video Gallery plugin 2.4.9 - Local File Inclusion LFI Exploit Author: Mohamed Magdy Abumusilm Aka m19o Software: All-in-One Video Gallery plugin Version: = 2.4.9 Tested on: Windows,linux Poc:...

Exploits0
0day.today
0day.today
added 2021/03/18 12:0 a.m.977 views

CuteNews 2.1.2 Shell Upload Exploit

CuteNews version 2.1.2 Avatar upload remote shell upload exploit. Original discovery of remote shell upload in this version is attributed to Ozkan Mustafa Akkus in April of 2019. ! /usr/bin/env python3 Exploit Title: CuteNews 2.1.2 - Avatar upload RCE Authenticated Exploit Author: Mayank Deshmukh...

8.8CVSS0.5AI score0.52901EPSS
Exploits10
0day.today
0day.today
added 2006/08/08 12:0 a.m.977 views

phNNTP <= 1.3 (article-raw.php) Remote File Include Vulnerability

Exploit for unknown platform in category web applications ================================================================= phNNTP = 1.3 article-raw.php Remote File Include Vulnerability ================================================================= phNNTP v1.3 Remote File Inclusion CreW: Toxi...

7.1AI score
Exploits0
0day.today
0day.today
added 2019/11/14 12:0 a.m.965 views

Microsoft Windows 10 Build 1803 < 1903 - (COMahawk) Local Privilege Escalation Exploit

EDB Note Download: - https://github.com/offensive-security/exploitdb-bin-sploits/raw/master/bin-sploits/47684-1.exe - https://github.com/offensive-security/exploitdb-bin-sploits/raw/master/bin-sploits/47684-2.zip COMahawk Privilege Escalation: Weaponizing CVE-2019-1405 and CVE-2019-1322 Video Dem...

7.8CVSS0.2AI score0.2995EPSS
Exploits25
0day.today
0day.today
added 2019/04/03 12:0 a.m.965 views

PhreeBooks ERP 5.2.3 - Remote Command Execution Exploit

Exploit for php platform in category web applications Exploit Title: PhreeBooks ERP 5.2.3 - Remote Command Execution Exploit Author: Metin Yunus Kandemir kandemir Vendor Homepage: https://www.phreesoft.com/ Software Link: https://sourceforge.net/projects/phreebooks/ Version: v5.2.3 Category:...

Exploits0
Total number of security vulnerabilities5000