39001 matches found
Zen Load Balancer 3.10.1 - Remote Code Execution Exploit
Exploit for cgi platform in category web applications Exploit Title: Zen Load Balancer 3.10.1 - Remote Code Execution Google Dork: no Exploit Author: Cody Sixteen Vendor Homepage: https://code610.blogspot.com Software Link:...
Microsoft Windows 10 (1903/1909) - (SMBGhost) SMB3.1.1 Local Privilege Escalation Exploit
Microsoft Windows 10 1903/1909 - 'SMBGhost' SMB3.1.1 'SMB2COMPRESSIONCAPABILITIES' Local Privilege Escalation CVE-2020-0796 Windows SMBv3 LPE Exploit Authors Daniel García Gutiérrez @danigargu Manuel Blanco Parajón @dialluvioso References...
Odin Secure FTP Expert 7.6.3 - (Site Info) Denial of Service Exploit
Exploit Title: Odin Secure FTP Expert 7.6.3 - 'Site Info' Denial of Service PoC Discovery by: Ivan Marmolejo Vendor Homepage: https://odin-secure-ftp-expert.jaleco.com/ Software Link Download : http://tr.oldversion.com/windows/odin-secure-ftp-expert-7-6-3 Version : Odin Secure FTP Expert 7.6.3...
10-Strike Network Inventory Explorer 9.03 - (Read from File) Buffer Overflow (SEH) (ROP) Exploit
Exploit Title: 10-Strike Network Inventory Explorer 9.03 - 'Read from File' Buffer Overflow SEHROP Exploit Author: Hodorsec Version: 9.03 Software Link: https://www.10-strike.com/networkinventoryexplorer/network-inventory-setup.exe Vendor Homepage: https://www.10-strike.com Tested on: Win8.1 x64 ...
Joomla com_fabrik 3.9.11 - Directory Traversal Vulnerability
Exploit for php platform in category web applications Exploit Title: Joomla! comfabrik 3.9.11 - Directory Traversal Google Dork: inurl:"index.php?option=comfabrik" Exploit Author: qw3rTyTy Vendor Homepage: https://fabrikar.com/ Software Link: https://fabrikar.com/downloads Version: 3.9 Tested on:...
DrayTek Products - Pre-authentication Remote Root Code Execution Exploit
package main / CVE-2020-8515: DrayTek pre-auth remote root RCE Mon Mar 30 2020 - 0xsha.io Affected: DrayTek Vigor2960 1.3.1Beta, Vigor3900 1.4.4Beta, and Vigor300B 1.3.3Beta, 1.4.2.1Beta, and 1.4.4Beta You should upgrade as soon as possible to 1.5.1 firmware or later This issue has been fixed in...
Redis Replication Code Execution Exploit
This Metasploit module can be used to leverage the extension functionality added since Redis 4.0.0 to execute arbitrary code. To transmit the given extension it makes use of the feature of Redis which called replication between master and slave. This module requires Metasploit:...
SAIA (Software Gestion Documental) SQL Injection & XSS Vulnerabilities
Exploit for php platform in category web applications Exploit Title: SAIA Software Gestion Documental SQL Injection & XSS Vulnerability D0rk: intext:"Todos los derechos reservados CERO K" Exploit Author: n4pst3r Vendor Homepage: https://www.cerok.co/ Tested on: Windows 10, Debian 9 ...
Webexcels Ecommerce CMS 2.x SQL Injection / Cross Site Scripting Vulnerabilities
Exploit for php platform in category web applications Exploit Title: Webexcels Ecommerce CMS SQL Injection & XSS Vulnerability Google Dork: intext:intext:" By WEB EXCELS "+inurl:"?Id=" Exploit Author: @ThelastVvV Vendor Homepage: https://www.webexcels.com/ Version: 2.x 2017,2018,2019,2020 Tested...
D-Link DWL-2600 Authenticated Remote Command Injection Exploit
This Metasploit module exploits some DLINK Access Points that are vulnerable to an authenticated OS command injection. Default credentials for the web interface are admin/admin. This module requires Metasploit: https://metasploit.com/download Current source:...
Easy RM to MP3 Converter 2.7.3.700 - (Input) Local Buffer Overflow (SEH) Exploit
Exploit Title: Easy RM to MP3 Converter 2.7.3.700 - 'Input' Local Buffer Overflow SEH Author: Felipe Winsnes Software Link: https://www.exploit-db.com/apps/707414955696c57b71c7f160c720bed5-EasyRMtoMP3Converter.exe Version: 2.7.3.700 Tested on: Windows 7 x86 Proof of Concept: 1.- Run the python...
IBM Cognos TM1 / IBM Planning Analytics Server Configuration Overwrite / Code Execution Exploit
IBM Cognos TM1 Server / Planning Analytics Server TM1 suffers from a configuration overwrite vulnerability that can be leveraged to achieve code execution as SYSTEM via TM1 scripting. Extensive research is included in this advisory as well as the Metasploit module. IBM PA / TM1, dating back to...
rConfig 3.9.4 - (searchField) Unauthenticated Root Remote Code Execution Exploit
Exploit for php platform in category web applications Exploit Title: rConfig 3.9.4 - 'searchField' Unauthenticated Root Remote Code Execution Exploit Author: vikingfr Greetz : Orange Cyberdefense - team CSR-SO https://cyberdefense.orange.com CVE-2019-19509 + CVE-2019-19585 + CVE-2020-10220 Exploi...
ECK Hotel 1.0 - Cross-Site Request Forgery (Add Admin) Vulnerability
Exploit for php platform in category web applications Exploit Title : ECK Hotel 1.0 - Cross-Site Request Forgery Add Admin Product : ECK Hotel Version : 1.0-beta Software Download: https://sourceforge.net/projects/eckhotel/files/eck-hotel-v1.0-beta.zip/download Exploit Author: Mustafa Emre Gül...
Soluzione Globale Ecommerce CMS 1 SQL Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: Soluzione Globale Ecommerce cms v1 SQL Injection Vulnerability Google Dork: intext:" Soluzione Globale s.r.l.s. " +inurl:/.php?id= Exploit Author: @ThelastVvV Vendor Homepage: https://www.soluzioneglobale.com/ Version: v1 Tested...
Everest 5.50.2100 - (Open File) Denial of Service Exploit
Exploit Title: Everest 5.50.2100 - 'Open File' Denial of Service PoC Discovery by: Ivan Marmolejo Software Link : http://www.lavalys.com/ Tested Version: 5.50.2100 Vulnerability Type: Denial of Service DoS Local Tested on OS: Windows 10 Home Single Language Steps to produce the crash: 1.- Run...
FreeCommander XE 2020 Pathname Buffer Overflow Exploit
!/usr/bin/python Exploit Title: FreeCommander XE 2020 - Pathname Buffer Overflow SEH Version: Build 810a 32-bit Software Link: https://freecommander.com/downloads/FreeCommanderXE-32-publicsetup.zip Exploit Author: Hodorsec email protected / email protected Vendor Homepage:...
Jinfornet Jreport 15.6 - Unauthenticated Directory Traversal Exploit
Exploit for java platform in category web applications Exploit Title: Jinfornet Jreport 15.6 - Unauthenticated Directory Traversal Exploit Author: hongphukt Vendor Homepage: https://www.jinfonet.com/ Software Link: https://www.jinfonet.com/product/download-jreport/ Version: JReport 15.6 Tested on...
WordPress StatTraq 1.3.0 SQL Injection Vulnerability
Exploit for php platform in category web applications Exploit Title : WordPress StatTraq 1.3.0 SQL Injection Author Discovered By : KingSkrupellos Team : Cyberizm Digital Security Army Software Download Link : downloads.wordpress.org/plugin/wp-stattraq.zip Software Version : 1.3.0 WordPress Versi...
Centreo 19.10.8 - (DisplayServiceStatus) Remote Code Execution Exploit
Exploit for php platform in category web applications Exploit Title: Centreo 19.10.8 - 'DisplayServiceStatus' Remote Code Execution Exploit Author: Engin Demirbilek Vendor Homepage: https://www.centreon.com/ Version: 19.10.8 Tested on: CentOS Advisory link:...
Linux PTRACE_TRACEME Local Root Exploit
Linux kernel versions starting at 4.10 and below 5.1.7 PTRACETRACEME local root exploit that uses the pkexec technique. Exploit Title: Ubuntu 16.04.6-Kernel-PTRACETRACEME-allowslocaluserstoobtainrootaccess - Local Author: nu11secur1ty Vendor: Ubuntu Linux kernel before 5.1.17 Link:...
TP-Link Archer C50 3 - Denial of Service Exploit
Exploit Title: TP-Link Archer C50 3 - Denial of Service PoC Exploit Author: thewhiteh4t Vendor Homepage: https://www.tp-link.com/ Version: TP-Link Archer C50 v3 Build 171227 Tested on: Arch Linux x64 CVE: CVE-2020-9375 Description:...
SialWeb CMS eCommerce 1.0 / 1.1 Cross Site Scripting / SQL Injection Vulnerabilities
Exploit for php platform in category web applications Exploit Title: SialWeb CMS SQL Injection & XSS Vulnerability Google Dork: intext:" By Sial Web" +inurl:/.php?id= Exploit Author: @ThelastVvV Vendor Homepage: https://sialweb.net/ Tested on: Ubuntu...
HP ThinPro 6.x / 7.x Privileged Command Injection Vulnerability
HP ThinPro - Privileged command injection =============================================================================== Identifiers ------------------------------------------------- CVE-2019-18910 CVSSv3 score ------------------------------------------------- 7.6...
SITS:Vision 9.7.0 Authentication Bypass Vulnerability
An authentication bypass vulnerability is present in the stand-alone SITS:Vision component of Tribal SITS in its default configuration, related to unencrypted communications sent by the client each time it is launched. This vulnerability allows unauthenticated attackers to gain access to...
HP ThinPro 6.x / 7.x Citrix Command Injection Vulnerability
HP ThinPro - Citrix command injection =============================================================================== Identifiers ------------------------------------------------- CVE-2019-18909 CVSSv3 score ------------------------------------------------- 6.1 AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N...
Android Bluetooth Remote Denial Of Service Exploit
Exploit Title: Critical Bluetooth Vulnerability in Android CVE-2020-0022 - Remote DoS Author: nu11secur1ty Date: 2020-03-24 Vendor: Android Link: https://github.com/nu11secur1ty/Andr01dExploits/tree/master/CVE-2020-0022 CVE: CVE-2020-0022 + Credits: Ventsislav Varbanovski @ nu11secur1ty + Website...
SharePoint Workflows XOML Injection Exploit
This Metasploit module exploits a vulnerability within SharePoint and its .NET backend that allows an attacker to execute commands using specially crafted XOML data sent to SharePoint via the Workflows functionality. This module requires Metasploit: https://metasploit.com/download Current source:...
Joomla GMapFP 3.30 Component - Arbitrary File Upload Vulnerability
Exploit for php platform in category web applications Exploit Title: Joomla! Component GMapFP 3.30 - Arbitrary File Upload Google Dork: inurl:''comgmapfp'' Exploit Author: ThelastVvV Vendor Homepage:https://gmapfp.org/ Version: Version J3.30pro Tested on: Ubuntu PoC:...
10-Strike Network Inventory Explorer 8.54 - (Add) Local Buffer Overflow (SEH) Exploit
Exploit Title: 10-Strike Network Inventory Explorer 8.54 - 'Add' Local Buffer Overflow SEH Author: Felipe Winsnes Vendor Homepage: https://www.10-strike.com/ Software Link: https://www.10-strike.com/networkinventoryexplorer/network-inventory-setup.exe Version: 8.54 Tested on: Windows 7 Proof of...
10-Strike Network Inventory Explorer - (srvInventoryWebServer) Unquoted Service Path Vulnerability
Exploit for php platform in category web applications Exploit Title: 10-Strike Network Inventory Explorer - 'srvInventoryWebServer' Unquoted Service Path Author: Felipe Winsnes Vendor Homepage: https://www.10-strike.com/ Software Link:...
LeptonCMS 4.5.0 - Persistent Cross-Site Scripting Vulnerability
Exploit for php platform in category web applications Exploit Title: LeptonCMS 4.5.0 - Persistent Cross-Site Scripting Google Dork: "lepton cms" Date: 2019-03-24 Exploit Author: SunCSR Sun Cyber Security Research Vendor Homepage: https://lepton-cms.org/english/home.php Software Link:...
AVAST SecureLine 5.5.522.0 - (SecureLine) Unquoted Service Path Vulnerability
Exploit Title: AVAST SecureLine 5.5.522.0 - 'SecureLine' Unquoted Service Path Discovery by: Roberto Piña Vendor Homepage:https://www.avast.com/ Software Link :https://www.avast.com/es-mx/download-thank-you.php?product=SLN&locale=es-mx Tested Version: 5.5.522.0 Vulnerability Type: Unquoted Servic...
Wordpress WPForms 1.5.9 Plugin - Persistent Cross-Site Scripting Vulnerability
Exploit for php platform in category web applications Exploit Title: Wordpress Plugin WPForms 1.5.9 - Persistent Cross-Site Scripting Vendor Homepage: https://wpforms.com Vendor Changelog: https://wordpress.org/plugins/wpforms-lite/developers Exploit Author: Jinson Varghese Behanan Author Advisor...
UCM6202 1.0.18.13 - Remote Command Injection Exploit
Exploit for hardware platform in category web applications Exploit Title: UCM6202 1.0.18.13 - Remote Command Injection Exploit Author: Jacob Baines Vendor: http://www.grandstream.com Product Link: http://www.grandstream.com/products/ip-pbxs/ucm-series-ip-pbxs/product/ucm6200-series Tested on:...
Veyon 4.3.4 - (VeyonService) Unquoted Service Path Vulnerability
Exploit Title: Veyon 4.3.4 - 'VeyonService' Unquoted Service Path Discovery by: Víctor García Vendor Homepage: https://veyon.io/ Software Link: https://github.com/veyon/veyon/releases/download/v4.3.4/veyon-4.3.4.0-win64-setup.exe Tested Version: 4.3.4 Vulnerability Type: Unquoted Service Path...
UliCMS 2020.1 - Persistent Cross-Site Scripting Vulnerability
Exploit for hardware platform in category web applications Exploit Title: UliCMS 2020.1 - Persistent Cross-Site Scripting Exploit Author: SunCSR Vendor Homepage: https://en.ulicms.de Software Link: https://en.ulicms.de/currentversions.html Version: 2020.1 Tested on: Windows CVE : N/A Vulnerabilit...
CyberArk PSMP 10.9.1 - Policy Restriction Bypass Vulnerability
Exploit Title: CyberArk PSMP 10.9.1 - Policy Restriction Bypass Exploit Author: LAHBAL Said Vendor Homepage: https://www.cyberark.com/ Software Link: https://www.cyberark.com/ Version: PSMP = 11.1 Prerequisites Policy allows us to overwrite PSMRemoteMachine Description An issue was discovered in...
Windows/x64 - WinExec Add-Admin Dynamic Null-Free Shellcode (210 Bytes)
210 bytes small WinExec add-admin dynamic null-free shellcode. // Shellcode Title: WinExec Add-Admin Dynamic Null-Free Shellcode 210 Bytes // Shellcode Author: Bobby Cooke // Date: March 21st, 2020 // Tested on: Windows 10 Home - 1909 x8664, Windows 10 Pro - 1909 x86 // Description: Windows...
Linux/x86 - (reboot) polymorphic Shellcode (26 bytes)
Exploit Title: Linux\x86 - 'reboot' polymorphic Shellcode 26 bytes Purpose: This is a x86 Linux null-free polymorphic shellcode for forcing a reboot. Author: Upayan a.k.a. slaeryan Contact: email protected SLAE: 1525 Vendor Homepage: None Software Link: None Tested on: Linux x86 CVE: N/A / ;...
ProficySCADA for iOS 5.0.25920 - (Password) Denial of Service Exploit
Exploit Title: ProficySCADA for iOS 5.0.25920 - 'Password' Denial of Service PoC Author: Ivan Marmolejo Vendor Homepage: https://apps.apple.com/us/app/proficyscada/id525792142 Software Link: App Store for iOS devices Tested Version: 5.0.25920 Vulnerability Type: Denial of Service DoS Local Tested...
Horde 5.2.22 CSV Import Code Execution Exploit
The HordeData module version 2.1.4 and before present in Horde Groupware version 5.2.22 allows authenticated users to inject arbitrary PHP code thus achieving remote code execution the server hosting the web application. This module requires Metasploit: https://metasploit.com/download Current...
Joomla com_hdwplayer 4.2 - (search.php) SQL Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: Joomla! comhdwplayer 4.2 - 'search.php' SQL Injection Dork: inurl:"index.php?option=comhdwplayer" Exploit Author: qw3rTyTy Vendor Homepage: https://www.hdwplayer.com/ Software Link: https://www.hdwplayer.com/download/ Version: 4...
EnovaNet Chateau-Thierry FormaLog WebService02 eChampagne 7.0 XSS / SQL Injection Vulnerabilities
EnovaNet Chateau-Thierry FormaLog WebService02 eChampagne version 7.0 suffers from cross site scripting and remote SQL injection vulnerabilities. Exploit Title : EnovaNet Chateau-Thierry FormaLog WebService02 eChampagne 7.0 XSS SQL Injection Author Discovered By : KingSkrupellos Vendor Homepages ...
rConfig 3.9.4 - (search.crud.php) Remote Command Injection Exploit
Exploit for php platform in category web applications Exploit Title: rConfig 3.9.4 - 'search.crud.php' Remote Command Injection Exploit Author: Matthew Aberegg, Michael Burkey Vendor Homepage: https://www.rconfig.com Software Link: https://www.rconfig.com/downloads/rconfig-3.9.4.zip Version:...
Google Chrome 80.0.3987.87 - Heap-Corruption Remote Denial of Service Exploit
Exploit Title: Google Chrome 80.0.3987.87 - Heap-Corruption Remote Denial of Service PoC Exploit Author: Cem Onat Karagun of Diesec GmBH Vendor Homepage: https://www.google.com/ Version: Google Chrome 80.0.3987.87 Tested on: Windows x64 / Linux Debian x64 / MacOS CVE: CVE-2020-6404 PoC Video:...
360 Security Sandbox Escape 0day Exploit
Sandbox is a feature introduced to isolate risky programs. Application running in sandbox have only limited access and it wont allow tasks such as network communication , creating file or anything malicious in nature A vulnerability in 360 security sandbox allows attackers to escape from the...
FIBARO System Home Center 5.021 - Remote File Include Vulnerability
Exploit for multiple platform in category web applications Exploit Title: FIBARO System Home Center 5.021 - Remote File Include Author: LiquidWorm Vendor: https://www.fibaro.com CVE: N/A Vendor: FIBAR GROUP S.A. Product web page: https://www.fibaro.com Affected version: Home Center 3, Home Center...
Avast Secure Browser 76.0.1659.101 Local Privilege Escalation Vulnerability
A local privilege escalation issue was discovered in Avast Secure Browser version 76.0.1659.101. The vulnerability is due to an insecure ACL set by the AvastBrowserUpdate.exe which is running as NT AUTHORITY\SYSTEM when AvastSecureBrowser.exe checks for new updates. Avast Secure Browser...
Exagate Sysguard 6001 - Cross-Site Request Forgery (Add Admin) Vulnerability
Exploit for php platform in category web applications Exploit Title: Exagate Sysguard 6001 - Cross-Site Request Forgery Add Admin Exploit Author: Metin Yunus Kandemir Vendor Homepage: https://www.exagate.com/ Software Link: https://www.exagate.com/sysguard-6001 Version: SYSGuard 6001 HTML CSRF Po...