39001 matches found
jizhi CMS 1.6.7 - Arbitrary File Download Vulnerability
Exploit for php platform in category web applications Exploit Title: jizhi CMS 1.6.7 - Arbitrary File Download Google Dork: jizhicms Exploit Author: iej1ctk1g Vendor Homepage: https://www.jizhicms.cn/ Software Link: http://down.jizhicms.cn/jizhicmsBeta1.6.7.zip Version: 1.6.7 Tested on: Mac OS CV...
CSZ CMS 1.2.7 - (title) HTML Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: CSZ CMS 1.2.7 - 'title' HTML Injection Exploit Author: Metin Yunus Kandemir Vendor Homepage: https://www.cszcms.com/ Software Link: https://sourceforge.net/projects/cszcms/ Version: v1.2.7 Description: Authenticated user can...
IBM Data Risk Manager Authentication Bypass / Command Injection / File Download Exploit
IBM Data Risk Manager suffers from authentication bypass, command injection, insecure default password, and arbitrary file download vulnerabilities. Multiple Vulnerabilities in IBM Data Risk Manager By Pedro Ribeiro email protected from Agile Information Security Disclosure Date: 21/04/2020 | Las...
Rubo DICOM Viewer 2.0 - Buffer Overflow (SEH) Exploit
Exploit Title: Rubo DICOM Viewer 2.0 - Buffer Overflow SEH Exploit Author: bzyo Vulnerable Software: Rubo Medical Imaging - DICOM Viewer 2.0 Vendor Homepage: http://www.rubomedical.com/ Version: 2.0 Software Link : http://www.rubomedical.com/download/index.php Tested Windows 7 SP1 x86 PoC 1...
ALLPlayer 7.6 Buffer Overflow Exploit
Exploit Title: ALLPlayer v7.6 Local Buffer Overflow SEHUnicode Version: 7.6 Exploit Author: Xenofon Vassilakopoulos Tested on: Windows 7 Home Premium SP1 x86 Steps to reproduce : 1. generate the test.m3u using this exploit 2. open ALLPlayer then go to Open audio file 3. load the test.m3u file 4...
Centreon 19.10.5 - (id) SQL Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: Centreon 19.10.5 - 'id' SQL Injection Exploit Author: Basim alabdullah Vendor Homepage: https://www.centreon.com Software Link: https://download.centreon.com/ Version: v.19.10.5 Tested on: Centos 5 EXECUTIVE SUMMARY Centreon has...
Linux/x86 Egghunter / Null-Free Shellcode (33 bytes)
/ Title: Linux/x86 - EggHunter + Null-Free Shellcode 33 Bytes Author: Shubham Singh Tested on: x86 GNU/Linux Shellcode Length: 33 Bytes Student ID: SLAE - 1342 Description: Null-Free Egg Hunter Shellcode - 33 Bytes file format elf32-i386 Disassembly of section .text: 08048060 : 8048060: eb 05 jmp...
Nsauditor 3.2.1.0 - Buffer Overflow (SEH+ASLR bypass (3 bytes overwrite)) Exploit
Exploit Title: Nsauditor 3.2.1.0 - Buffer Overflow SEH+ASLR bypass 3 bytes overwrite Exploit Author: Cervoise Vendor Homepage: https://www.nsauditor.com/ Software Link: https://www.nsauditor.com/downloads/nsauditorsetup.exe Version: 3.2.1.0 and 3.0.28 Tested on: Windows 10.0.18363.778 x86 Pro EN...
Atomic Alarm Clock 6.3 - Stack Overflow (Unicode+SEH) Exploit
Exploit Title: Atomic Alarm Clock 6.3 - Stack Overflow Unicode+SEH Exploit Author: Bobby Cooke Vendor: Drive Software Company Vendor Site: http://www.drive-software.com Software Download: http://www.drive-software.com/download/ataclock.exe Tested On: Windows 10 - Pro 1909 x86 Version: Atomic Alar...
Xinfire TV Player 6.0.1.2 Buffer Overflow Exploit
This Metasploit module exploits a buffer overflow in Xinfire TV Player Pro and Standard version 6.0.1.2. When the application is used to import a specially crafted plf file, a buffer overflow occurs allowing arbitrary code execution. Tested successfully on Win7, Win10. This software is similar as...
Xinfire DVD Player 5.5.0.0 Buffer Overflow Exploit
This Metasploit module exploits a buffer overflow in Xinfire DVD Player Pro and Standard version 5.5.0.0. When the application is used to import a specially crafted plf file, a buffer overflow occurs allowing arbitrary code execution. Tested successfully on Win7, Win10. This software is similar a...
Cisco IP Phone 11.7 - Denial of service Vulnerability
Exploit for hardware platform in category web applications Exploit Title: Cisco IP Phone 11.7 - Denial of Service PoC Date: 2020-04-15 Exploit Author: Jacob Baines Vendor Homepage: https://www.cisco.com Software Link:...
Common Desktop Environment 2.3.1 / 1.6 libDtSvc Buffer Overflow Vulnerability
A difficult to exploit stack-based buffer overflow in the DtCreateDtDirs function in the Common Desktop Environment version distributed with Oracle Solaris 10 1/13 Update 11 and earlier may allow local users to corrupt memory and potentially execute arbitrary code in order to escalate privileges...
Metasploit Libnotify Arbitrary Command Execution Exploit
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Metasploit Libnotify Plugin Arbitrary Command Execution', 'Description' = %q This module exploits a shell command injection vulnerability in the...
Code Blocks 16.01 - Buffer Overflow (SEH) UNICODE Exploit
Exploit Title: Code Blocks 16.01 - Buffer Overflow SEH UNICODE Exploit Author: T3jv1l Software Link: https://sourceforge.net/projects/codeblocks/files/Binaries/16.01/Windows/codeblocks-16.01-setup.exe Software version: 16.01 buffer="A"536 buffer buffer+="\x61\x41" POPAD + Aligned buffer+="\xF2\x4...
Unraid 6.8.0 Authentication Bypass / Arbitrary Code Execution Exploit
This Metasploit module exploits two vulnerabilities affecting Unraid 6.8.0. An authentication bypass is used to gain access to the administrative interface, and an insecure use of the extract PHP function can be abused for arbitrary code execution as root. This module requires Metasploit:...
Common Desktop Environment 1.6 Local Privilege Escalation Exploit
A buffer overflow in the SanityCheck function in the Common Desktop Environment version distributed with Oracle Solaris 10 1/13 Update 11 and earlier allows local users to gain root privileges via a long calendar name or calendar owner passed to sdtcmconvert in a malicious calendar file. The open...
Oracle Solaris 11.x / 10 whodo / w Buffer Overflow Vulnerability
A difficult to exploit heap-based buffer overflow in setuid root whodo and w binaries distributed with Solaris allows local users to corrupt memory and potentially execute arbitrary code in order to escalate privileges. Title: Heap-based buffer overflow in Solaris whodo and w commands Application...
Easy MPEG to DVD Burner 1.7.11 - Buffer Overflow (SEH + DEP) Exploit
Exploit Title: Easy MPEG to DVD Burner 1.7.11 - Buffer Overflow SEH + DEP Exploit Author: Bailey Belisario Tested On: Windows 7 Ultimate x64 Software Link: https://www.exploit-db.com/apps/32dc10d6e60ceb4d6e57052b6de3a0ba-easympegtodvd.exe Version: 1.7.11 Exploit Length: 1015 Bytes Steps : Open...
Prestashop 1.7.6.4 XSS / CSRF / Remote Code Execution Vulnerabilities
Exploit for php platform in category web applications Prestashop | stazot.com Last Modified: 2020-04-11 Vendor : https://www.prestashop.com/ Version : = 1.7.6.4 Tested on : 1.7.6.4 -- Table of Contents 00 - Introduction 01 - Exploit 02 - Cross-Site Request Forgery CSRF 02.1 - Exploitation 03 -...
Microsoft Windows Unquoted Service Path Privilege Escalation Exploit
This Metasploit module exploits a logic flaw due to how the lpApplicationName parameter is handled. When the lpApplicationName contains a space, the file name is ambiguous. Take this file path as example: C:\program files\hello.exe; The Windows API will try to interpret this as two possible paths...
TP-Link Archer A7/C7 Unauthenticated LAN Remote Code Execution Exploit
This Metasploit module exploits a command injection vulnerability in the tdpServer daemon /usr/bin/tdpServer, running on the router TP-Link Archer A7/C7 AC1750, hardware version 5, MIPS Architecture, firmware version 190726. The vulnerability can only be exploited by an attacker on the LAN side o...
Pinger 1.0 - Remote Code Execution Exploit
Exploit for php platform in category web applications Title: Pinger 1.0 - Remote Code Execution Author: Milad Karimi Vendor Homepage: https://github.com/wcchandler/pinger Software Link: https://github.com/wcchandler/pinger Tested on: windows 10 , firefox Version: 1.0 CVE : N/A...
BlazeDVD 7.0.2 - Buffer Overflow (SEH) Exploit
Exploit Title: BlazeDVD 7.0.2 - Buffer Overflow SEH Exploit Author: areyou1or0 Software Link: http://www.blazevideo.com/dvd-player/free-dvd-player.html Version: 7.0.2 Tested on: Windows 7 Pro x86 !/usr/bin/python file = "exploit.plf" offset ="A"612-4 nseh = "\xeb\x1e\x90\x90" seh =...
Xeroneit Library Management System 3.0 - (category) SQL Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: Xeroneit Library Management System 3.0 - 'category' SQL Injection Google Dork: "LMS v3.0 - Xerone IT " Exploit Author: Sohel Yousef jellyfish security team Software Link:...
Nexus Repository Manager 3.21.1-01 Remote Code Execution Exploit
This Metasploit module exploits a Java Expression Language EL injection in Nexus Repository Manager versions up to and including 3.21.1 to execute code as the Nexus user. Tested against 3.21.1-01. This module requires Metasploit: https://metasploit.com/download Current source:...
AirDisk Pro 5.5.3 for iOS - Persistent Cross-Site Scripting Vulnerability
Exploit for iOS platform in category web applications Title: AirDisk Pro 5.5.3 for iOS - Persistent Cross-Site Scripting Vendor: http://www.app2pro.com Software Link: https://apps.apple.com/us/app/airdisk-pro-wireless-flash/id505904421 CVE: N/A Document Title: =============== AirDisk Pro v5.5.3 i...
File Transfer iFamily 2.1 - Directory Traversal Vulnerability
Exploit for iOS platform in category web applications Title: File Transfer iFamily 2.1 - Directory Traversal Software Link: http://www.dedecms.com/products/dedecms/downloads/ CVE: N/A Document Title: =============== File Transfer iFamily v2.1 - Directory Traversal Vulnerability Vulnerability Clas...
SuperBackup 2.0.5 for iOS - Persistent Cross-Site Scripting Vulnerability
Exploit for iOS platform in category web applications Title: SuperBackup 2.0.5 for iOS - Persistent Cross-Site Scripting Vendor: http://dropouts.in/ Software Link: https://apps.apple.com/us/app/super-backup-export-import/id1052684097 CVE: N/A Document Title: =============== SuperBackup v2.0.5 iOS...
Liferay Portal Java Unmarshalling Remote Code Execution Exploit
This Metasploit module exploits a Java unmarshalling vulnerability via JSONWS in Liferay Portal versions prior to 6.2.5 GA6, 7.0.6 GA7, 7.1.3 GA4, and 7.2.1 GA2 to execute code as the Liferay user. Tested against 7.2.0 GA1. This module requires Metasploit: https://metasploit.com/download Current...
Macs Framework 1.14f CMS - Persistent Cross-Site Scripting Vulnerability
Exploit for php platform in category web applications Title: Macs Framework 1.14f CMS - Persistent Cross-Site Scripting Software Link: https://sourceforge.net/projects/macs-framework/files/latest/download CVE: N/A Document Title: =============== Macs Framework v1.14f CMS - Multiple Web...
DedeCMS 7.5 SP2 - Persistent Cross-Site Scripting Vulnerability
Exploit for php platform in category web applications Title: DedeCMS 7.5 SP2 - Persistent Cross-Site Scripting Vendor Link: http://www.dedecms.com Software Link: http://www.dedecms.com/products/dedecms/downloads/ CVE: N/A Document Title: =============== DedeCMS v7.5 SP2 - Multiple Persistent Web...
Cellebrite UFED 7.29 Hardcoded ADB Authentication Keys Vulnerability
Cellebrite UFED versions 5.0 through 7.29 use four hardcoded RSA private keys to authenticate to the ADB daemon on target devices. Extracted keys can be used to place evidence onto target devices when performing a forensic extraction. Title: Cellebrite Hardcoded ADB Authentication Keys Publicatio...
Luckycrush video chat full unlimited Exploit
LuckyCrush is a video chat site that randomly connects men with women and women with men. with this program you can bypass Luckycrush video chat minutes limitation. proof video: https://0day.today/videos/34240.mp4 Usage Info run application and enjoy free unlimited video chat : This is private...
ThinkPHP 5.0.23 Remote Code Execution Exploit
This Metasploit module exploits one of two PHP injection vulnerabilities in the ThinkPHP web framework to execute code as the web user. Versions up to and including 5.0.23 are exploitable, though 5.0.23 is vulnerable to a separate vulnerability. The module will automatically attempt to detect the...
Matrix42 Workspace Management 9.1.2.2765 Cross Site Scripting Vulnerability
Matrix42 Workspace Management version 9.1.2.2765 suffers from a persistent cross site scripting vulnerability. Matrix42 Workspace Management 9.1.2.2765 – Stored Cross-Site Scripting =============================================================================== Identifiers...
B64dec 1.1.2 - Buffer Overflow (SEH Overflow + Egg Hunter) Exploit
Exploit Title: B64dec 1.1.2 - Buffer Overflow SEH Overflow + Egg Hunter Exploit Author: Andy Bowden Vendor Homepage: http://4mhz.de/b64dec.html Software Link: http://4mhz.de/download.php?file=b64dec-1-1-2.zip Version: Base64 Decoder 1.1.2 Tested on: Windows 10 x86 Instructions: Run the script to...
Edimax Technology EW-7438RPn-v3 Mini 1.27 - Remote Code Execution Vulnerability
Exploit for hardware platform in category web applications Exploit Title: Edimax Technology EW-7438RPn-v3 Mini 1.27 - Remote Code Execution Exploit Author: Wadeek Hardware Version: EW-7438RPn-v3 Mini Firmware Version: 1.23 / 1.27 Vendor Homepage:...
WSO2 3.1.0 - Persistent Cross-Site Scripting Vulnerability
Exploit for java platform in category web applications Title: WSO2 3.1.0 - Persistent Cross-Site Scripting Author: raki ben hamouda Vendor: https://apim.docs.wso2.com Softwrare link: https://apim.docs.wso2.com/en/latest/ CVE: N/A Advisory:...
Vesta Control Panel 0.9.8-26 - Authenticated Remote Code Execution Exploit
This Metasploit module exploits an authenticated command injection vulnerability in the v-list-user-backups bash script file in Vesta Control Panel to gain remote code execution as the root user. This module requires Metasploit: https://metasploit.com/download Current source:...
Oracle WebLogic Server 12.2.1.4.0 - Remote Code Execution Exploit
Exploit for java platform in category web applications Exploit Title: Oracle WebLogic Server 12.2.1.4.0 - Remote Code Execution Author: nu11secur1ty Vendor: Oracle Software Link: https://download.oracle.com/otn/nt/middleware/12c/122140/fmw12.2.1.4.0wlsDisk11of1.zip Exploit link:...
WSO2 3.1.0 - Arbitrary File Delete Vulnerability
Exploit for java platform in category web applications Title: WSO2 3.1.0 - Arbitrary File Delete Author: raki ben hamouda Vendor: https://apim.docs.wso2.com Softwrare link: https://apim.docs.wso2.com/en/latest/ CVE: N/A Document Title: =============== WOS2 API ManagerDelete Extension Arbitrary Fi...
Wordpress Media Library Assistant 2.81 Plugin - Local File Inclusion Vulnerability
Exploit for php platform in category web applications Exploit Title: Wordpress Plugin Media Library Assistant 2.81 - Local File Inclusion Exploit Author: Daniel Monzón stark0de Vendor Homepage: http://davidlingren.com/ Software Link: https://wordpress.org/plugins/media-library-assistant/ Version:...
MOVEit Transfer 11.1.1 - (token) Unauthenticated SQL Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: MOVEit Transfer 11.1.1 - 'token' Unauthenticated SQL Injection Google Dork: inurl:human.aspx intext:moveit Exploit Authors: Aviv Beniash, Noam Moshe Vendor Homepage: https://www.ipswitch.com/ Version: MOVEit Transfer 2018 SP2...
TVT NVMS 1000 - Directory Traversal Exploit
Exploit for hardware platform in category web applications Exploit Title: TVT NVMS 1000 - Directory Traversal Exploit Author: Mohin Paramasivam Shad0wQu35t Vendor Homepage: http://en.tvt.net.cn/ Version : N/A Software Link : http://en.tvt.net.cn/products/188.html Original Author : Numan Türle CVE...
Huawei HG630 2 Router - Authentication Bypass Vulnerability
Exploit for hardware platform in category web applications Title: Huawei HG630 2 Router - Authentication Bypass Author: Eslam Medhat Vendor Homepage: www.huawei.com Version: HG630 V2 HardwareVersion: VER.B CVE: N/A POC: The default password of this router is the last 8 characters of the device's...
Webtateas 2.0 - Arbitrary File Read Vulnerability
Exploit for php platform in category web applications Exploit Title: Webtateas 2.0 - Arbitrary File Read Exploit Author: China Banking and Insurance Information Technology Management Co.,Ltd. Vendor Homepage: http://webtareas.sourceforge.net/general/home.php Software Link:...
Free Desktop Clock x86 Venetian Blinds Zipper 3.0 - Unicode Stack Overflow (SEH) Exploit
Exploit Title: Free Desktop Clock x86 Venetian Blinds Zipper 3.0 - Unicode Stack Overflow SEH Exploit Author: Bobby Cooke Vendor: Drive Software Company Vendor Site: http://www.drive-software.com Software Download: http://www.drive-software.com/download/freeclock.exe Tested On: Windows 10 - Pro...
Zen Load Balancer 3.10.1 - (index.cgi) Directory Traversal Exploit
Exploit for cgi platform in category web applications Exploit Title: Zen Load Balancer 3.10.1 - 'index.cgi' Directory Traversal Exploit Author: Basim Alabdullah Software Link: https://sourceforge.net/projects/zenloadbalancer/files/Distro/zenloadbalancer-distro3.10.1.iso/download Version: 3.10.1...
Xeroneit Library Management System 3.0 SQL Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: Xeroneit Library Management System SQLI Google Dork: "LMS v3.0 - Xerone IT " Exploit Author: Sohel Yousef jellyfish security team Software Link: https://xeroneit.net/portfolio/library-management-system-lms Software Demo...