39001 matches found
Rukovoditel Project Management CRM 2.5.2 - (reports_id) SQL Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: Rukovoditel Project Management CRM 2.5.2 - 'reportsid' SQL Injection Blog: https://fatihhcelik.blogspot.com/ Exploit Author: Fatih Çelik Vendor Homepage: https://www.rukovoditel.net/ Software Link:...
Sagemcom [email protected] 3890 (50_10_19-T1) Cable Modem - Cable Haunt Remote Code Execution Exploit
// EDB Note: Download https://github.com/offensive-security/exploitdb-bin-sploits/raw/master/bin-sploits/47936.zip function buf2hexbuffer // buffer is an ArrayBuffer return Array.prototype.map.callnew Uint8Arraybuffer, x = '00' + x.toString16.slice-2.join''; function insertAtarr, index, toInsert...
Barco WePresent - file_transfer.cgi Command Injection Exploit
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "Barco WePresent filetransfer.cgi Command Injection", 'Description' = %q This module exploits an unauthenticated remote command injection...
Huawei HG255 - Directory Traversal Exploit
Exploit for hardware platform in category web applications This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. class MetasploitModule 'Huawei HG255...
Trend Micro Maximum Security 2019 - Arbitrary Code Execution Vulnerability
Exploit Title: Trend Micro Maximum Security 2019 - Arbitrary Code Execution Exploit Author: hyp3rlinx Vendor Homepage: www.trendmicro.com Version: Platform Microsoft Windows, Premium Security 2019 v15, Maximum Security 2019 v15 Internet Security 2019 v15, Antivirus + Security 2019 v15 + Credits:...
Online Book Store 1.0 - (bookisbn) SQL Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: Online Book Store 1.0 - 'bookisbn' SQL Injection Exploit Author: AmirHadi Yazdani Ertebat Gostar Co. Vendor Homepage: https://projectworlds.in/free-projects/php-projects/online-book-store-project-in-php/ Software Link:...
Android - ashmem Readonly Bypasses via remap_file_pages() and ASHMEM_UNPIN Exploit
This bug report describes two ways in which an attacker can modify the contents of a read-only ashmem fd. I'm not sure at this point what the most interesting user of ashmem is in the current Android release, but there are various users, including Chrome and a bunch of utility classes. In AOSP...
Redir 3.3 - Denial of Service Exploit
Exploit Title: Redir 3.3 - Denial of Service PoC Exploit Author: hieubl from HPT Cyber Security Vendor Homepage: https://github.com/troglobit/redir Software Link: https://github.com/troglobit/redir Version: 3.3 Tested on: Kali GNU/Linux Rolling 2019.4 CVE : if applicable The source code of redir....
IBM RICOH 6400 Printer - HTML Injection Vulnerability
Exploit for hardware platform in category web applications Exploit Title: IBM RICOH 6400 Printer - HTML Injection Exploit Author: Ismail Tasdelen Vendor Homepage: https://www.ibm.com/il-en Hardware Link:...
IBM RICOH InfoPrint 6500 Printer - HTML Injection Vulnerability
Exploit for hardware platform in category web applications Exploit Title: IBM RICOH InfoPrint 6500 Printer - HTML Injection Exploit Author: Ismail Tasdelen Vendor Homepage: https://www.ibm.com/il-en Hardware Link:...
WeChat - Memory Corruption in CAudioJBM::InputAudioFrameToJBM Exploit
There is a memory corruption vulnerability in audio processing during a voice call in WeChat. When an RTP packet is processed, there is a call to UnpacketRTP. This function decrements the length of the packet by 12 without checking that the packet has at least 12 bytes in it. This leads to a...
SpotOutlook 1.2.6 - (Name) Denial of Service Exploit
Exploit Title: SpotOutlook 1.2.6 - 'Name' Denial of Service PoC Exploit Author: Ismail Tasdelen Vendor Homepage : http://www.nsauditor.com/ Link Software : http://www.nsauditor.com/downloads/spotoutlooksetup.exe Tested on OS: Windows 10 CVE : N/A ''' Proof of Concept PoC: =======================...
Chevereto 3.13.4 Core - Remote Code Execution Exploit
Exploit for php platform in category web applications Exploit Title: Chevereto 3.13.4 Core - Remote Code Execution Exploit Author: Jinny Ramsmark Vendor Homepage: https://chevereto.com/ Software Link: https://github.com/Chevereto/Chevereto-Free/releases Version: 1.0.0 Free - 1.1.4 Free, = 3.13.4...
VPN unlimited 6.1 - Unquoted Service Path Vulnerability
Exploit Title: VPN unlimited 6.1 - Unquoted Service Path Exploit Author: Amin Rawah Vendor Homepage: https://www.vpnunlimitedapp.com Version: 6.1 Tested on: Windows 10 64bit C:\Users\Aminsc qc VPNUnlimitedService SC QueryServiceConfig SUCCESS SERVICENAME: VPNUnlimitedService TYPE : 10...
Top Password Software Dialup Password Recovery 1.30 - Denial of Service Exploit
Exploit Title: Top Password Software Dialup Password Recovery 1.30 - Denial of Service PoC Exploit Author: Antonio de la Piedra Vendor Homepage: https://www.top-password.com/ Software Link: https://www.top-password.com/download/DialupPRSetup.exe Version: 1.30 Tested on: Windows 7 SP1 32-bit Copy...
Advanced System Repair Pro 1.9.1.7 - Insecure File Permissions Vulnerability
Exploit Title: Advanced System Repair Pro 1.9.1.7 - Insecure File Permissions Exploit Author: ZwX Vendor Homepage : https://advancedsystemrepair.com/ Software Link: http://advancedsystemrepair.com/ASRProInstaller.exe Tested on OS: Windows 10 Proof of Concept PoC: ==========================...
Top Password Firefox Password Recovery 2.8 - Denial of Service Exploit
Exploit Title: Top Password Firefox Password Recovery 2.8 - Denial of Service PoC Exploit Author: Antonio de la Piedra Vendor Homepage: https://www.top-password.com/ Software Link: https://www.top-password.com/download/FirefoxPRSetup.exe Version: 2.8 Tested on: Windows 7 SP1 32-bit Copy paste the...
Backup Key Recovery 2.2.5 - (Name) Denial of Service Exploit
Exploit Title: Backup Key Recovery 2.2.5 - 'Name' Denial of Service PoC Exploit Author : Ismail Tasdelen Vendor Homepage : http://www.nsauditor.com/ Link Software : http://www.nsauditor.com/downloads/backeyrecoverysetup.exe Tested on OS: Windows 10 CVE : N/A ''' Proof of Concept PoC:...
Citrix Application Delivery Controller and Gateway 10.5 - Remote Code Execution Exploit
Exploit for multiple platform in category web applications This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Citrix ADC Remote Code Execution', 'Description' = %q An issue was discovered in Citri...
TaskCanvas 1.4.0 - (Registration) Denial Of Service Exploit
Exploit Title: TaskCanvas 1.4.0 - 'Registration' Denial Of Service Exploit Author : Ismail Tasdelen Vendor Homepage : https://www.digitalvolcano.co.uk/ Link Software : https://www.digitalvolcano.co.uk/taskcanvasdownload.html Tested on OS: Windows 10 CVE : N/A ''' Proof of Concept PoC:...
Microsoft Windows 10 build 1809 - Local Privilege Escalation (UAC Bypass) Exploit
Exploit Title: Microsoft Windows 10 - Local Privilege Escalation UAC Bypass Author: Nassim Asrir Exploit Author: Nassim Asrir CVE: N/A Tested On: Windows 10Pro 1809 Vendor : https://www.microsoft.com Technical Details I discovered a Local Privilege Escalation in Windows 10 UAC Bypass, via an...
SpotDialup 1.6.7 - (Name) Denial of Service Exploit
Exploit Title: SpotDialup 1.6.7 - 'Name' Denial of Service PoC Exploit Author : Ismail Tasdelen Vendor Homepage : http://www.nsauditor.com/ Link Software : http://www.nsauditor.com/downloads/spotdialupsetup.exe Tested on OS: Windows 10 CVE : N/A ''' Proof of Concept PoC: =======================...
Digi AnywhereUSB 14 - Reflective Cross-Site Scripting Vulnerability
Exploit for php platform in category web applications Exploit Title: Digi AnywhereUSB 14 - Reflective Cross-Site Scripting Exploit Author: Raspina Net Pars Group Vendor Homepage: https://www.digi.com/products/networking/usb-connectivity/usb-over-ip/awusb Version: 1.93.21.19 CVE : CVE-2019-18859 P...
Allok Video Converter 4.6.1217 - Stack Overflow (SEH) Exploit
Exploit Title: Allok Video Converter 4.6.1217 - Stack Overflow SEH Exploit Author: Antonio de la Piedra Vendor Homepage: https://www.alloksoft.com Software Link: https://www.alloksoft.com/allokvconverter.exe Version: 4.6.1217 Tested on: Windows 7 SP1 32-bit Copy paste the contents of poc.txt into...
Allok RM RMVB to AVI MPEG DVD Converter 3.6.1217 - Stack Overflow (SEH) Exploit
Exploit Title: Allok RM RMVB to AVI MPEG DVD Converter 3.6.1217 - Stack Overflow SEH Exploit Author: Antonio de la Piedra Vendor Homepage: https://www.alloksoft.com Software Link: https://www.alloksoft.com/allokrmconverter.exe Version: 3.6.1217 Tested on: Windows 7 SP1 32-bit Copy paste the...
PixelStor 5000 K:4.0.1580-20150629 - Remote Code Execution Exploit
Exploit for php platform in category web applications Exploit Title: PixelStor 5000 - Remote Code Execution Product: PixelStor 5000 Vendor: Rasilient Exploit Author: .:UND3R:. Vendor Homepage: http://rasilient.com Version: K:4.0.1580-20150629 KDI Version Tested on: K:4.0.1580-20150629 KDI Version...
Pandora 7.0NG - Remote Code Execution Exploit
Exploit for php platform in category web applications Exploit Title: Pandora 7.0NG - Remote Code Execution Exploit Author: Askar @mohammadaskar2 CVE: CVE-2019-20224 Vendor Homepage: https://pandorafms.org/ Software link: https://pandorafms.org/features/free-download-monitoring-software/ Version:...
Citrix Application Delivery Controller and Citrix Gateway - Remote Code Execution Vulnerability (1)
Exploit for multiple platform in category web applications !/bin/bash Remote Code Execution Exploit for Citrix Application Delivery Controller and Citrix Gateway - CVE-2019-19781 Usage : bash CVE-2019-19781.sh IPOFVULNURABLEHOST COMMANDTOEXECUTE e.g : bash CVE-2019-19781.sh XX.XX.XX.XX 'uname -a'...
Citrix Application Delivery Controller and Citrix Gateway - Remote Code Execution Exploit (2)
Exploit for multiple platform in category web applications !/usr/bin/python3 Exploits the Citrix Directory Traversal Bug: CVE-2019-19781 You only need a listener like netcat to catch the shell. Shout out to the team: Rob Simon, Justin Elze, Logan Sampson, Geoff Walton, Christopher Paschen, Kevin...
ASTPP 4.0.1 VoIP Billing - Database Backup Download Vulnerability
Exploit for linux platform in category web applications Exploit Title: ASTPP 4.0.1 VoIP Billing - Database Backup Download Exploit Author: Fabien AUNAY Vendor Homepage: https://www.astppbilling.org/ Software Link: https://github.com/iNextrix/ASTPP/tree/v4.0.1 Version: 4.0.1 vendor default setup...
TotalAV 2020 4.14.31 - Privilege Escalation Vulnerability
Exploit Title: TotalAV 2020 4.14.31 - Privilege Escalation Exploit Author: Kusol Watchara-Apanukorn Vendor Homepage: https://www.totalav.com/ Version: 4.14.31 Fixed on: 5.3.35 Tested on: Windows 10 x64 CVE : N/A Vulnerability Description: TotalAV 2020 4.14.31 has quarantine flaw that allows...
Android ashmem Read-Only Bypasses Exploit
Android suffers from ashmem read-only bypass vulnerabilities via remapfilepages and ASHMEMUNPIN. Android: ashmem readonly bypasses via remapfilepages and ASHMEMUNPIN This bug report describes two ways in which an attacker can modify the contents of a read-only ashmem fd. I'm not sure at this poin...
MSN Password Recovery 1.30 - XML External Entity Injection Vulnerability
Exploit Title: MSN Password Recovery 1.30 - XML External Entity Injection Exploit Author: ZwX Vendor Homepage : https://www.top-password.com/ Software Link: https://www.top-password.com/download/MSNPRSetup.exe Tested on OS: Windows 10 + Exploit : PoC =================== 1 python -m SimpleHTTPServ...
ZIP Password Recovery 2.30 - (ZIP File) Denial of Service Exploit
Exploit Title: ZIP Password Recovery 2.30 - 'ZIP File' Denial of Service PoC Exploit Author : ZwX Vendor Homepage : https://www.top-password.com/purchase.html Link Software : https://www.top-password.com/download/ZIPPRSetup.exe Tested on OS: Windows 10 Proof of Concept PoC: ======================...
Oracle Weblogic 10.3.6.0.0 - Remote Command Execution Exploit
Exploit for java platform in category web applications Exploit Title: Oracle Weblogic 10.3.6.0.0 - Remote Command Execution Exploit Author: Waffles & Paveway3 Vendor Homepage: https://www.oracle.com/middleware/technologies/weblogic.html Version: 10.3.6.0.0, 12.1.3.0.0, 12.2.1.3.0 Tested on: Windo...
Codoforum 4.8.3 - (input_txt) Persistent Cross-Site Scripting Vulnerability
Exploit for php platform in category web applications Exploit Title: Codoforum 4.8.3 - Persistent Cross-Site Scripting Google Dork: intext:"Powered by Codoforum" Exploit Author: Vyshnav Vizz Vendor Homepage: https://codoforum.com/index.php Software Link: https://codoforum.com/buy Version: Codofor...
JetBrains TeamCity 2018.2.4 - Remote Code Execution Exploit
Exploit Title: JetBrains TeamCity 2018.2.4 - Remote Code Execution Exploit Author: Harrison Neal Vendor Homepage: https://www.jetbrains.com/ Software Link: https://confluence.jetbrains.com/display/TW/Previous+Releases+Downloads Version: 2018.2.4 for Windows CVE: CVE-2019-15039 You'll need a few...
Job Portal 1.0 - Remote Code Execution Exploit
Exploit for php platform in category web applications Exploit Title: Job Portal 1.0 - Remote Code Execution Exploit Author: Tib3rius Vendor Homepage: https://phpgurukul.com/job-portal-project/ Software Link: https://phpgurukul.com/?smdprocessdownload=1&downloadid=7855 Version: 1.0 Tested on: Ubun...
Cisco DCNM JBoss 10.4 - Credential Leakage Exploit
Exploit Title: Cisco DCNM JBoss 10.4 - Credential Leakage Exploit Author: Harrison Neal Vendor Homepage: https://www.cisco.com/ Software Link: https://software.cisco.com/download/home/281722751/type/282088134/release/10.42 Version: 10.42 CVE: CVE-2019-15999 You'll need a few .jars from a copy of...
AnyDesk 5.4.0 - Unquoted Service Path Vulnerability
Exploit Title: AnyDesk 5.4.0 - Unquoted Service Path Exploit Author: SajjadBnd Vendor Homepage: http://anydesk.com Software Link: https://download.anydesk.com/AnyDesk.exe Version: Software Version 5.4.0 Tested on: Win10 x64 SERVICENAME: AnyDesk TYPE : 10 WIN32OWNPROCESS STARTTYPE : 2 AUTOSTART...
Sony Playstation 4 (PS4) < 6.72 - WebKit Code Execution Exploit
Exploit for hardware platform in category web applications / Sony Playstation 4 PS4 6.72 - WebKit Code Execution Exploit badhoist ============ Exploit implementation of CVE-2018-4386. Obtains addrof/fakeobj and arbitrary read/write primitives. Supports PS4 consoles on 6.XX. May also work on older...
Tomcat proprietaryEvaluate 9.0.0.M1 - Sandbox Escape Exploit
Exploit for java platform in category web applications Exploit Title: Tomcat proprietaryEvaluate 9.0.0.M1 - Sandbox Escape Exploit Author: Harrison Neal, PatchAdvisor Vendor Homepage: https://tomcat.apache.org/ Software Link:...
Online Book Store 1.0 - Unauthenticated Remote Code Execution Exploit
Exploit for php platform in category web applications Exploit Title: Online Book Store 1.0 - Unauthenticated Remote Code Execution Exploit Author: Tib3rius Vendor Homepage: https://projectworlds.in/free-projects/php-projects/online-book-store-project-in-php/ Software Link:...
EBBISLAND EBBSHAVE 6100-09-04-1441 - Remote Buffer Overflow Exploit
Exploit Title: EBBISLAND EBBSHAVE 6100-09-04-1441 - Remote Buffer Overflow Exploit Author: Harrison Neal Vendor Homepage: https://www.ibm.com/us-en/ Version: 6100-09-04-1441, 7100-03-05-1524, 7100-04-00-0000, 7200-01-01-1642 Tested on: IBM AIX PPC CVE: CVE-2017-3623 EBBISLAND / EBBSHAVE RPC Buffe...
Linux/x86 - Random Bytes Encoder + XOR/SUB/NOT/ROR execve(/bin/sh) Shellcode (114 bytes)
Title: Linux/x86 - Random Bytes Encoder + XOR/SUB/NOT/ROR execve/bin/sh Shellcode 114 Author: Xenofon Vassilakopoulos Tested on: Linux kali 5.3.0-kali2-686-pae 1 SMP Debian 5.3.9-3kali1 2019-11-20 i686 GNU/Linux Architecture: i686 GNU/Linux Shellcode Length: 114 bytes SLAE-ID: SLAE - 1314...
ASTPP VoIP 4.0.1 - Remote Code Execution Vulnerability
Exploit Title: ASTPP VoIP 4.0.1 - Remote Code Execution Exploit Author: Fabien AUNAY Vendor Homepage: https://www.astppbilling.org/ Software Link: https://github.com/iNextrix/ASTPP/tree/v4.0.1 Version: 4.0.1 vendor default setup script Tested on: Debian 9 - CentOS 7 CVE : - ASTPP 4.0.1 VoIP Billi...
Complaint Management System 4.0 - Remote Code Execution Exploit
Exploit for php platform in category web applications Exploit Title: Complaint Management System 4.0 - Remote Code Execution Exploit Author: Metin Yunus Kandemir Vendor Homepage: https://phpgurukul.com/ Software Link: https://phpgurukul.com/complaint-management-sytem/ Version: v4.0 Category:...
piSignage 2.6.4 - Directory Traversal Vulnerability
Exploit for hardware platform in category web applications Exploit Title: piSignage 2.6.4 - Directory Traversal Exploit Author: JunYeong Ko Vendor Homepage: https://pisignage.com/ Version: piSignage before 2.6.4 Tested on: piSignage before 2.6.4 CVE : CVE-2019-20354 Summary: The web application...
WordPress ezp-coming-soon v1.0.7 Plugin - Cross-site Scripting Vulnerability
Exploit for php platform in category web applications Exploit Title: WordPress Plugin ezp-coming-soon v1.0.7 -Cross-site Scripting XSS Vendor Homepage: https://snapcreek.com/ezp-coming-soon/ Software: https://wordpress.org/plugins/easy-pie-coming-soon/ Version: 1.0.7 Tested on: Win7 x32, Exploit...
SpotMSN 2.4.6 - (Name) Denial of Service Exploit
Exploit Title: SpotMSN 2.4.6 - 'Name' Denial of Service PoC Exploit Author: Ismail Tasdelen Exploit Date: 2020-01-06 Vendor Homepage : http://www.nsauditor.com/ Link Software : http://www.nsauditor.com/downloads/spotmsnsetup.exe Tested on OS: Windows 10 CVE : N/A ''' Proof of Concept PoC:...