39001 matches found
Photoscape Textarea Denial Of Service Exploit
Exploit Title: Photoscape 2.7.1 Object and select Create 6.- Paste ClipBoard on "Textarea" 7.- Crashed.. PoC : !/usr/bin/python3 buf = "" buf += "\x90"5000 print buf...
Windscribe 1.83 - (WindscribeService) Unquoted Service Path Vulnerability
Exploit Title: Windscribe 1.83 - 'WindscribeService' Unquoted Service Path Exploit Author: MgThuraMoeMyint Vendor Homepage: https://windscribe.com Version: v1.83 Build 20 Tested on: Windows 10, version 1909 In windscribe v1.83 , there is a service via windscribe that every authenticated user can...
Linux 5.3 Insecure Root Path Handling Exploit
Linux versions 5.3 and above appear to have an issue where iouring suffers from insecure handling of the root directory for path lookups. Linux =5.3: iouring: insecure handling of root directory for path lookups When I saw today, I realized that this is not just a small correctness issue, but als...
WHM 0.82.19 Cross Site Scripting Vulnerability
Exploit for php platform in category web applications =================================================== Title : WHM v0.82.16 Twitter : @H3xr4in BLog : https://sudo-security.github.io 0day.today 2020-07-19...
AbsoluteTelnet 11.12 - SSH1/username Denial of Service Exploit
Exploit Title: AbsoluteTelnet 11.12 - 'SSH1/username' Denial of Service PoC Discovery by: chuyreds Vendor Homepage: https://www.celestialsoftware.net/ Software Link : https://www.celestialsoftware.net/telnet/AbsoluteTelnet11.12.exe Tested Version: 11.12 Vulnerability Type: Denial of Service DoS...
NagiosXL 5.6.11 orderby SQL Injection Vulnerability
Exploit for php platform in category web applications Title: Postauth SQL injection in NagiosXI 5.6.11 param: orderby Vendor: https://www.nagios.com/ Vulnerable software: https://www.nagios.com/downloads/nagios-xi/vmware/ Repo: https://github.com/c610/free/ email protected:$ cat n2.txt GET...
Centreon 19.11 SQL Injection Vulnerability
Exploit for php platform in category web applications Title: Postauth SQL injection in Centreon 19.11 param: aclresname Vendor: https://www.centreon.com/ Vulnerable software: https://download.centreon.com/index.php?product=19.10&action=ask&id=5074 Repo: https://github.com/c610/free/...
NagiosXI 5.6.11 start / end / step Remote Code Execution Exploit
Exploit for php platform in category web applications Title: Postauth RCE in NagiosXI 5.6.11 Vendor: www.nagios.com Vulnerable software: https://www.nagios.com/downloads/nagios-xi/vmware/ Repo: https://github.com/c610/free/ email protected:/src/eonila/nagiospox$ cat nagiospox.py !/usr/bin/env...
Symantec Web Gateway 5.0.2.8 Remote Code Execution Exploit
Exploit for windows platform in category web applications Title: Postauth RCE in Symantec Web Gateway 5.0.2.8 Vendor: www.symantec.com Vulnerable software: www.symantec.com Repo: https://github.com/c610/free/ POST /spywall/timeConfig.php HTTP/1.1 Host: 192.168.216.133 User-Agent: Mozilla/5.0...
NagiosXI 5.6.11 address Remote Code Execution Vulnerability
Exploit for php platform in category web applications Title: Postauth RCE in NagiosXI 5.6.11 param: address Vendor: https://www.nagios.com/ Vulnerable software: https://www.nagios.com/downloads/nagios-xi/vmware/ Repo: https://github.com/c610/free/ GET...
ZOC Terminal 7.25.5 - (Script) Denial of Service Exploit
Exploit Title: ZOC Terminal 7.25.5 - 'Script' Denial of Service PoC Discovery by: chuyreds Vendor Homepage: https://www.emtec.com Software Link : http://www.emtec.com/downloads/zoc/zoc7255x64.exe Tested Version: 7.25.5 Vulnerability Type: Local Tested on OS: Windows 10 Pro x64 es Steps to produce...
dnsmasq-utils 2.79-1 - (dhcp_release) Denial of Service Exploit
Exploit Title: dnsmasq-utils 2.79-1 - 'dhcprelease' Denial of Service PoC Exploit Author: Josue Encinar Software Link: https://launchpad.net/ubuntu/+source/dnsmasq/2.79-1 Version: 2.79 Tested on: Ubuntu 18.04 from subprocess import Popen, PIPE data = "" bof = False for i in range 1, 200: A = "A"i...
Amcrest Dahua NVR Camera IP2M-841 - Denial of Service Exploit
Exploit Title: Amcrest Dahua NVR Camera IP2M-841 - Denial of Service PoC Exploit Author: Jacob Baines Vendor Homepage: https://amcrest.com/ Software Link: https://amcrest.com/firmwaredownloads Version: Many different versions due to number of Dahua/Amcrest/etc devices affected Tested on: Amcrest...
TAO Open Source Assessment Platform 3.3.0 RC2 Cross Site Scripting Vulnerability
Exploit for php platform in category web applications ======================================================================= title: Multiple XSS vulnerabilities product: TAO Open Source Assessment Platform vulnerable version: 3.3.0 RC2 fixed version: - CVE number: - impact: medium homepage:...
Django 3.0 - Cross-Site Request Forgery Token Bypass Exploit
Exploit for php platform in category web applications Exploit Title: Django 3.0 - Cross-Site Request Forgery Token Bypass Exploit Author: Spad Security Group Vendor Homepage: https://www.djangoproject.com/ Software Link: https://pypi.org/project/Django/ Version: 3.0 = Tested on: windows 10...
UltraVNC Launcher 1.2.4.0 - (RepeaterHost) Denial of Service Exploit
Exploit Title: UltraVNC Launcher 1.2.4.0 - 'RepeaterHost' Denial of Service PoC Discovery by: chuyreds Vendor Homepage: https://www.uvnc.com/ Software Link : https://www.uvnc.com/component/jdownloads/send/0-/394-ultravnc-1240-x86-setup.html?Itemid=0 Tested Version: 1.2.4.0 Vulnerability Type: Loc...
pfSense 2.4.4-P3 - (User Manager) Persistent Cross-Site Scripting Vulnerability
Exploit for php platform in category web applications Exploit Title: pfSense 2.4.4-P3 - 'User Manager' Persistent Cross-Site Scripting Exploit Author: Matthew Aberegg Vendor Homepage: https://www.pfsense.org Version: PfSense 2.4.4-P3 Tested on: FreeBSD 11.2-RELEASE-p10 CVE : CVE-2020-11457...
UltraVNC Viewer 1.2.4.0 - (VNCServer) Denial of Service Exploit
Exploit Title: UltraVNC Viewer 1.2.4.0 - 'VNCServer' Denial of Service PoC Discovery by: chuyreds Vendor Homepage: https://www.uvnc.com/ Software Link : https://www.uvnc.com/component/jdownloads/send/0-/394-ultravnc-1240-x86-setup.html?Itemid=0 Tested Version: 1.2.4.0 Vulnerability Type: Local...
Microsoft NET USE win10 - Insufficient Authentication Logic Exploit
Title: Microsoft NET USE win10 - Insufficient Authentication Logic Date: 2020-04-04 Author: hyp3rlinx Vendor: www.microsoft.com CVE: N/A + Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source:...
LimeSurvey 4.1.11 - (File Manager) Path Traversal Vulnerability
Exploit for php platform in category web applications Exploit Title: LimeSurvey 4.1.11 - 'File Manager' Path Traversal Exploit Author: Matthew Aberegg, Michael Burkey Vendor Homepage: https://www.limesurvey.org Version: LimeSurvey 4.1.11+200316 Tested on: Ubuntu 18.04.4 CVE : CVE-2020-11455...
Bolt CMS 3.7.0 - Authenticated Remote Code Execution Exploit
Exploit for php platform in category web applications Exploit Title: Bolt CMS 3.7.0 - Authenticated Remote Code Execution Exploit Author: r3m0t3nu11 Vendor Homepage: https://bolt.cm/ Software Link: https://bolt.cm/ Version: up to date and 6.x Tested on: Linux CVE : not-yet-0day last version p0c...
UltraVNC Launcher 1.2.4.0 - (Password) Denial of Service Exploit
Exploit Title: UltraVNC Launcher 1.2.4.0 - 'Password' Denial of Service PoC Discovery by: chuyreds Vendor Homepage: https://www.uvnc.com/ Software Link : https://www.uvnc.com/component/jdownloads/send/0-/394-ultravnc-1240-x86-setup.html?Itemid=0 Tested Version: 1.2.4.0 Vulnerability Type: Local...
Frigate 3.36 - Denial of Service Exploit
Exploit Title: Frigate 3.36 - Denial of Service PoC Exploit Author: inter Vendor Homepage: http://www.Frigate3.com/ Software Link Download: http://www.Frigate3.com/download/Frigate3Stdv36.exe Vulnerable Software: Firgate Version: 3.36 Vulnerability Type: Denial of Service DoS Local Tested on:...
Triologic Media Player 8 - (.m3l) Buffer Overflow (Unicode) (SEH) Exploit
Exploit Title: Triologic Media Player 8 - '.m3l' Buffer Overflow Unicode SEH Author: Felipe Winsnes Software Link: http://download.cnet.com/Triologic-Media-Player/3000-21394-10691520.html Version: 8 Tested on: Windows 7 x86 Proof of Concept: 1.- Run the python script, it will create a new file...
Vesta Control Panel 0.9.8-26 - Authenticated Remote Code Execution Exploit
Exploit for multiple platform in category web applications This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "Vesta Control Panel Authenticated Remote Code Execution", 'Description' = %q This modu...
PlaySMS Unauthenticated Template Injection Code Execution Exploit
This Metasploit module exploits a preauth Server-Side Template Injection vulnerability that leads to remote code execution in PlaySMS before version 1.4.3. This issue is caused by double processing a server-side template with a custom PHP template system called TPL which is used in the PlaySMS...
Memu Play 7.1.3 - Insecure Folder Permissions Vulnerability
Exploit Title: Memu Play 7.1.3 - Insecure Folder Permissions Discovery by: chuyreds Vendor Homepage: https://www.memuplay.com/ Software Link : https://www.memuplay.com/download-en.php?filename=Memu-Setup&from=officialrelease Tested Version: 7.1.3 Vulnerability Type: Local Tested on OS: Windows 10...
WhatsApp Desktop 0.3.9308 - Persistent Cross-Site Scripting Exploit
Exploit for multiple platform in category web applications Title: WhatsApp Desktop 0.3.9308 - Persistent Cross-Site Scripting Exploit Author: Gal Weizman Vendor Homepage: https://www.whatsapp.com Software Link: https://web.whatsapp.com/desktop/windows/release/x64/WhatsAppSetup.exe Software Link:...
ZOC Terminal v7.25.5 - (Private key file) Denial of Service Exploit
Exploit Title: ZOC Terminal v7.25.5 - 'Private key file' Denial of Service PoC Discovery by: chuyreds Vendor Homepage: https://www.emtec.com Software Link : http://www.emtec.com/downloads/zoc/zoc7255x64.exe Tested Version: 7.25.5 Vulnerability Type: Local Tested on OS: Windows 10 Pro x64 es Steps...
Pandora FMS Ping Authenticated Remote Code Execution Exploit
This Metasploit module exploits a vulnerability found in Pandora FMS 7.0NG and lower. nettools.php in Pandora FMS 7.0NG allows remote attackers to execute arbitrary OS commands. This module requires Metasploit: https://metasploit.com/download Current source:...
LimeSurvey 4.1.11 - (Survey Groups) Persistent Cross-Site Scripting Vulnerability
Exploit for php platform in category web applications Exploit Title: LimeSurvey 4.1.11 - 'Survey Groups' Persistent Cross-Site Scripting Exploit Author: Matthew Aberegg, Michael Burkey Vendor Homepage: https://www.limesurvey.org Version: LimeSurvey 4.1.11+200316 Tested on: Ubuntu 18.04.4 CVE :...
Microsoft Server Message Block 3.1.1 (SMBv3) Compression Buffer Overflow Exploit
A vulnerability exists within the Microsoft Server Message Block 3.1.1 SMBv3 protocol that can be leveraged to execute code on a vulnerable server. This local exploit implementation leverages this flaw to elevate itself before injecting a payload into winlogon.exe. This module requires Metasploit...
Nsauditor 3.2.0.0 - (Name) Denial of Service Exploit
Exploit Title: Nsauditor 3.2.0.0 - 'Name' Denial of Service PoC Discovery by: 0xMoHassan Date: 2020-04-04 Vendor Homepage: http://www.nsauditor.com Software Link: http://www.nsauditor.com/downloads/nsauditorsetup.exe Tested Version: 3.2.0.0 Vulnerability Type: Denial of Service DoS Local Tested o...
Product Key Explorer 4.2.2.0 - (Key) Denial of Service Exploit
Exploit Title: Product Key Explorer 4.2.2.0 - 'Key' Denial of Service PoC Discovery by: 0xMoHassan Date: 2020-04-04 Vendor Homepage: http://www.nsauditor.com Software Link: http://www.nsauditor.com/downloads/productkeyexplorersetup.exe Tested Version: 4.2.2.0 Vulnerability Type: Denial of Service...
SpotAuditor 5.3.4 - (Name) Denial of Service Exploit
Exploit Title: SpotAuditor 5.3.4 - 'Name' Denial of Service PoC Exploit Author: 0xMoHassan Date: 2020-04-04 Vendor Homepage: https://www.spotauditor.com/ Software Link: http://www.nsauditor.com/downloads/spotauditorsetup.exe Tested Version: 5.3.4 Vulnerability Type: Denial of Service DoS Local...
VMware Fusion USB Arbitrator Setuid Privilege Escalation Exploit
This Metasploit module exploits an improper use of setuid binaries within VMware Fusion versions 10.1.3 through 11.5.3. The Open VMware USB Arbitrator Service can be launched outside of its standard path which allows loading of an attacker controlled binary. By creating a payload in the user home...
Oracle Coherence Fusion Middleware Remote Code Execution Exploit
Exploit Title: Oracle Coherence Fusion Middleware - Remote Author: nu11secur1ty Vendor: Oracle Link: https://github.com/nu11secur1ty/Windows10Exploits/tree/master/Undefined/CVE-2020-2555 CVE: CVE-2020-2555 + Credits: Ventsislav Varbanovski @ nu11secur1ty + Website: https://www.nu11secur1ty.com/ +...
Pandora FMS 7.0NG - (net_tools.php) Remote Code Execution Exploit
Exploit for php platform in category web applications Exploit Title: Pandora FMS 7.0NG - 'nettools.php' Remote Code Execution Build: PC170324 - MR 0 Exploit Author: Basim Alabdullah Vendor homepage: http://pandorafms.org/ Version: 7.0 Software link:...
MicroStrategy Intelligence Server And Web 10.4 XSS / Disclosure / SSRF / Code Execution Vulnerabilit
Exploit for multiple platform in category web applications Exploit Title: MicroStrategy Intelligence Server and Web 10.4 - multiple vulnerabilities Exploit Author: RedTimmy Security Authors blog: https://www.redtimmy.com/web-application-hacking/another-ssrf-another-rce-the-microstrategy-case/...
DotNetNuke Cookie Deserialization Remote Code Execution Exploit
This Metasploit module exploits a deserialization vulnerability in DotNetNuke DNN versions 5.0.0 through 9.3.0-RC. Vulnerable versions store profile information for users in the DNNPersonalization cookie as XML. The expected structure includes a "type" attribute to instruct the server which type ...
AIDA64 Engineer 6.20.5300 - (Report File) filename Buffer Overflow (SEH) Exploit
Exploit Title: AIDA64 Engineer 6.20.5300 - 'Report File' filename Buffer Overflow SEH Exploit Author: Hodorsec Version: v6.20.5300 Software Link: http://download.aida64.com/aida64engineer620.exe Vendor Homepage: https://www.aida64.com/products/aida64-engineer Tested on: Win7 x86 SP1 - Build 7601...
Apache Solr 8.3.0 Velocity Template Remote Code Execution Exploit
This Metasploit module exploits a vulnerability in Apache Solr versions 8.3.0 and below which allows remote code execution via a custom Velocity template. Currently, this module only supports Solr basic authentication. From the Tenable advisory: An attacker could target a vulnerable Apache Solr...
DiskBoss 7.7.14 - (Input Directory) Local Buffer Overflow Exploit
Exploit Title: DiskBoss 7.7.14 - 'Input Directory' Local Buffer Overflow PoC Vendor Homepage: https://www.diskboss.com/ Software Link Download: https://github.com/x00x00x00x00/diskboss7.7.14/raw/master/diskbosssetupv7.7.14.exe Exploit Author: Paras Bhatia Vulnerable Software: DiskBoss Version:...
DiskBoss 7.7.14 - Denial of Service Exploit
Exploit Title: DiskBoss 7.7.14 - Denial of Service PoC Exploit Author: Paras Bhatia Vendor Homepage: https://www.diskboss.com/ Software Link Download: https://github.com/x00x00x00x00/diskboss7.7.14/raw/master/diskbosssetupv7.7.14.exe Vulnerable Software: DiskBoss Version: 7.7.14 Vulnerability Typ...
TP-LINK Cloud Cameras NCXXX Remote NULL Pointer Dereference Vulnerability
Vulnerability title: TP-LINK Cloud Cameras NCXXX Remote NULL Pointer Dereference Author: Pietro Oliva CVE: CVE-2020-10231 Vendor: TP-LINK Product: NC200, NC210, NC220, NC230, NC250, NC260, NC450 Affected version: NC200 = 2.1.8 build 171109, NC210 = 1.0.9 build 171214, NC220 = 1.3.0 build 180105,...
10Strike LANState 9.32 - (Force Check) Buffer Overflow (SEH) Exploit
Exploit Title: 10Strike LANState 9.32 - 'Force Check' Buffer Overflow SEH Exploit Author: Hodorsec Version: v9.32 x86 Software Link: https://www.10-strike.com/lanstate/lanstate-setup.exe Vendor Homepage: https://www.freecommander.com Tested on: Win7 x86 SP1 - Build 7601 Description: - Exploits th...
Grandstream UCM6200 Series CTI Interface - (user_password) SQL Injection Exploit
Exploit for hardware platform in category web applications Exploit Title: Grandstream UCM6200 Series CTI Interface - 'userpassword' SQL Injection Exploit Author: Jacob Baines Vendor Homepage: http://www.grandstream.com/ Software Link:...
IBM TM1 / Planning Analytics - Unauthenticated Remote Code Execution Exploit (2)
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'openssl' class MetasploitModule "IBM TM1 / Planning Analytics Unauthenticated Remote Code Execution", 'Description' = %q This module exploits a vulnerability in...
Grandstream UCM6200 Series WebSocket 1.0.20.20 - (user_password) SQL Injection Exploit
Exploit for hardware platform in category web applications Exploit Title: Grandstream UCM6200 Series WebSocket 1.0.20.20 - 'userpassword' SQL Injection Exploit Author: Jacob Baines Vendor Homepage: http://www.grandstream.com/ Software Link:...
FlashFXP 4.2.0 Build 1730 - Denial of Service Exploit
Exploit Title: FlashFXP 4.2.0 Build 1730 - Denial of Service PoC Vendor Homepage: https://www.flashfxp.com/ Software Link Download: https://www.filehorse.com/download-flashfxp/22451/download/ Exploit Author: Paras Bhatia Vulnerable Software: FlashFXP Version: 4.2.0 Build 1730 Vulnerability Type:...