39001 matches found
Bash Profile Persistence Exploit
This Metasploit module writes an execution trigger to the target's Bash profile. The execution trigger executes a call back payload whenever the target user opens a Bash terminal. A handler is not run automatically, so you must configure an appropriate exploit/multi/handler to receive the callbac...
Serv-U FTP Server 15.1.7 CSV Injection Vulnerability
Exploit for windows platform in category web applications Issue: Serv-U FTP Server 15.1.7 CSV Injection Vulnerability CVE: CVE-2019-13181 Security researcher: Richard Tan @ The Missing Link Security Product name: Serv-U FTP Server Product version: Tested on 15.1.7 Fixed in: Serv-U 15.1.7 Hotfix 2...
Metasploit Sample Webapp Exploit
Exploit for python platform in category web applications This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework This exploit sample shows how an exploit module could be written to exploit a bug in an arbitrary web server cla...
Netgear R6400 - Remote Code Execution Exploit
Exploit for hardware platform in category web applications Exploit Title: Netgear R6400 - Remote Code Execution Exploit Author: Kevin Randall CVE: CVE-2016-6277 Vendor Homepage: https://www.netgear.com/ Category: Hardware Version: V1.0.7.21.1.93 PoC !/usr/bin/python import urllib2 IPADDR =...
Squiz Matrix CMS 5.5.x.x Code Execution / Information Disclosure Vulnerabilities
Exploit for php platform in category web applications Introduction ============ ZX Security identified several vulnerabilities the Squiz Matrix CMS that can be chained together to gain pre-authenticated remote code execution in some circumstances. Affected Versions ================= The issues in...
Linux 5.3 - Privilege Escalation via io_uring Offload of sendmsg() onto Kernel
Linux 5.3 - Privilege Escalation via iouring Offload of sendmsg onto Kernel Thread with Kernel Creds Since commit 0fa03c624d8f "iouring: add support for sendmsg", first in v5.3, iouring has support for asynchronously calling sendmsg. Unprivileged userspace tasks can submit IORINGOPSENDMSG...
Control Web Panel 0.9.8.864 phpMyAdmin Password Disclosure Vulnerability
Exploit for php platform in category web applications Exploit Title : CWP Control Web Panel phpMyAdmin password access Exploit Author : Pongtorn Angsuchotmetee, Nissana Sirijirakal, Narin Boonwasanarak Vendor Homepage : https://control-webpanel.com/ Software Link : Not available, user panel only...
D-Link DIR-615 - Privilege Escalation Vulnerability
Exploit for hardware platform in category web applications Exploit Title: D-Link DIR-615 - Privilege Escalation Exploit Author: Sanyam Chawla Vendor Homepage: http://www.dlink.co.in Category: Hardware Wi-fi Router Hardware Link: http://www.dlink.co.in/products/?pid=678 Hardware Version: T1 Firmwa...
FTP Commander Pro 8.03 - Local Stack Overflow Exploit
Exploit Title: FTP Commander Pro 8.03 - Local Stack Overflow Exploit Author: boku Discovered by: UNNON Original DoS: FTP Commander 8.02 - Overwrite SEH Original DoS Link: https://www.exploit-db.com/exploits/37810 Software Vendor: http://www.internet-soft.com/ Software Link:...
Windows Defender Antivirus 4.18.1908.7-0 File Extension Spoofing Vulnerability
David Haintz ======================================================================= title: File Extension Spoofing product: Windows Defender Antivirus vulnerable version: 4.18.1908.7-0 fixed version: Virus Definition Update of 2019/09/30 CVE number: - impact: High homepage:...
NVMS 1000 - Directory Traversal Vulnerability
Exploit for hardware platform in category web applications Title: NVMS-1000 - Directory Traversal Author: Numan Türle Vendor Homepage: http://en.tvt.net.cn/ Version : N/A Software Link : http://en.tvt.net.cn/products/188.html POC --------- GET /../../../../../../../../../../../../windows/win.ini...
Roxy Fileman 1.4.5 For .NET Directory Traversal Vulnerability
Exploit for php platform in category web applications =========================== Exploit Title: Roxy Fileman 1.4.5 for .NET - Directory Traversal Software: Roxy Fileman Version: 1.4.5 Vendor Homepage: http://www.roxyfileman.com/ Software Link: http://www.roxyfileman.com/download.php?f=1.4.5-net...
Bullwark Momentum Series JAWS 1.0 - Directory Traversal Vulnerability
Exploit for php platform in category web applications Title: Bullwark Momentum Series JAWS 1.0 - Directory Traversal Author: Numan Türle Vendor Homepage: http://www.bullwark.net/ Version : Bullwark Momentum Series Web Server JAWS/1.0 Software Link :...
OpenNetAdmin 18.1.1 - Command Injection Exploit #RCE
Exploit for php platform in category web applications class MetasploitModule 'OpenNetAdmin Ping Command Injection', 'Description' = %q This module exploits a command injection in OpenNetAdmin between 8.5.14 and 18.1.1. , 'Author' = 'mattpascoe', Vulnerability discovery 'Onur ER ' Metasploit modul...
Lenovo Power Management Driver 1.67.17.48 - (pmdrvs.sys) Denial of Service Exploit
Exploit Title: Lenovo Power Management Driver 1.67.17.48 - 'pmdrvs.sys' Denial of Service PoC Exploit Author: Nassim Asrir CVE: CVE-2019-6192 Tested On: Windows 1064bit | ThinkPad T470p Vendor : https://www.lenovo.com/us/en/ Ref : https://support.lenovo.com/us/fr/solutions/len-29334 Description A...
Product Key Explorer 4.2.0.0 - (Key) Denial of Service Exploit
Exploit Title: Product Key Explorer 4.2.0.0 - 'Key' Denial of Service POC Discovery by: SajjadBnd Vendor Homepage: http://www.nsauditor.com Software Link: http://www.nsauditor.com/downloads/productkeyexplorersetup.exe Tested Version: 4.2.0.0 Vulnerability Type: Denial of Service DoS Local Tested ...
Product Key Explorer 4.2.0.0 - (Name) Denial of Service Exploit
Exploit Title: Product Key Explorer 4.2.0.0 - 'Name' Denial of Service POC Discovery by: SajjadBnd Vendor Homepage: http://www.nsauditor.com Software Link: http://www.nsauditor.com/downloads/productkeyexplorersetup.exe Tested Version: 4.2.0.0 Vulnerability Type: Denial of Service DoS Local Tested...
Inim Electronics Smartliving SmartLAN 6.x - Hard-coded Credentials Vulnerability
Exploit for hardware platform in category web applications Exploit Title: Inim Electronics Smartliving SmartLAN 6.x - Hard-coded Credentials Exploit Author: LiquidWorm Product web page: https://www.inim.biz Link:...
vBulletin 5.5.4 Remote Command Execution Exploit #RCE
This Metasploit module exploits vBulletin versions 5.x through 5.5.4 leveraging a remote command execution vulnerability via the widgetConfigcode parameter in an ajax/render/widgetphp routestring POST request. This module requires Metasploit: https://metasploit.com/download Current source:...
Apache Olingo OData 4.0 - XML External Entity Injection Exploit
Exploit for java platform in category web applications Product: Apache Olingo OData 4.0 Vendor: Apache Foundation CSNC ID: CSNC-2009-025 CVE ID: CVE-2019-17554 Subject: XML External Entity Resolution XXE Risk: High Effect: Remotely exploitable Author: Archibald Haddock email protected Date:...
Inim Electronics Smartliving SmartLAN 6.x - Unauthenticated Server-Side Request Forgery Vulnerabilit
Exploit for hardware platform in category web applications Exploit Title: Inim Electronics Smartliving SmartLAN 6.x - Unauthenticated Server-Side Request Forgery Author: LiquidWorm Product web page: https://www.inim.biz Link:...
Adobe Acrobat Reader DC - Heap-Based Memory Corruption due to Malformed TTF Font Exploit
We have observed the following access violation exception in the latest version of Adobe Acrobat Reader DC for Windows, when opening a malformed PDF file: --- cut --- First chance exceptions are reported before any exception handling. This exception may be expected and handled. eax=707779e0...
Inim Electronics Smartliving SmartLAN 6.x - Remote Command Execution Exploit
Exploit for hardware platform in category web applications Exploit Title: Inim Electronics Smartliving SmartLAN 6.x - Remote Command Execution Author: LiquidWorm Product web page: https://www.inim.biz Link:...
Alcatel-Lucent Omnivista 8770 - Remote Code Execution Exploit
Exploit for php platform in category web applications Exploit Title: Alcatel-Lucent Omnivista 8770 - Remote Code Execution Google Dork: inurl:php-bin/webclient.php Author: 0x1911 Vendor Homepage: https://www.al-enterprise.com/ Software Link:...
Oracle Siebel Sales 8.1 - Persistent Cross-Site Scripting Vulnerability
Exploit for java platform in category web applications Exploit Title : Oracle Siebel Sales 8.1 - Persistent Cross-Site Scripting Exploit Author : omurugur Software link: https://www.oracle.com/tr/applications/siebel/ Effective version : Oracle Siebel Sales 8.1 CVE: N/A Examples Request; POST...
Microsoft Windows - Multiple UAC Protection Bypass Exploit
Windows 10 UAC bypass for all executable files which are autoelevate true. https://heynowyouseeme.blogspot.com/2019/08/windows-10-lpe-uac-bypass-in-windows.html Download https://github.com/offensive-security/exploitdb-bin-sploits/raw/master/bin-sploits/47753.zip...
PRO-7070 Hazır Profesyonel Web Sitesi 1.0 - Authentication Bypass Vulnerability
Exploit for php platform in category web applications Exploit Title: PRO-7070 Hazır Profesyonel Web Sitesi 1.0 - Authentication Bypass Exploit Author: Ahmet Ümit BAYRAM Vendor Homepage: https://www.websitem.biz/hazir-site/pro-7070-hazir-mobil-tablet-uyumlu-web-sitesi Tested on: Kali Linux Version...
Microsoft Windows - WSReset UAC Protection Bypass (Registry) Exploit
Fileless UAC bypass WSReset.exe @404death base on : https://www.activecyber.us/activelabs/windows-uac-bypass EDB Note: Download https://github.com/offensive-security/exploitdb-bin-sploits/raw/master/bin-sploits/47754.zip import sys, os from ctypes import import winreg CMD =...
Omron PLC 1.0.0 - Denial of Service Exploit
Exploit Title: Omron PLC 1.0.0 - Denial of Service PoC Exploit Author: n0b0dy Vendor Homepage: https://automation.omron.com, ia.omron.com Software Link: n/a Version: 1.0.0 Tested on: PLC f/w rev.: CJ2M v2.01 CWE-412 : Unrestricted Externally Accessible Lock CVE : n/a !usr/bin/python...
Microsoft Windows 10 - WSReset UAC Protection Bypass (propsys.dll) Exploit
// ref : https://medium.com/tenable-techblog/uac-bypass-by-mocking-trusted-directories-24a96675f6e include // uac bypass via wsreset.exe // @404death // EDB Note: Download https://github.com/offensive-security/exploitdb-bin-sploits/raw/master/bin-sploits/47755.zip int main printf"\n+ Run First...
SpotAuditor 5.3.2 - Base64 Local Buffer Overflow (SEH) Exploit
Exploit Title: SpotAuditor 5.3.2 - 'Base64' Local Buffer Overflow SEH Exploit Author: Kirill Nikolaev Vulnerable Software: SpotAuditor Vendor Homepage: http://www.nsauditor.com/ Version: 5.3.2 Software Link: http://spotauditor.nsauditor.com/downloads/spotauditorsetup.exe Tested Windows 7 SP1 x86...
Snipe-IT Open Source Asset Management 4.7.5 - Persistent Cross-Site Scripting Vulnerability
Exploit for php platform in category web applications Exploit Title: Snipe-IT Open Source Asset Management 4.7.5 - Persistent Cross-Site Scripting Exploit Author: Metin Yunus Kandemir kandemir Vendor Homepage: https://snipeitapp.com/ Software Link:...
Mozilla FireFox (Windows 10 x64) - Full Chain Client Side Attack Exploit
// Axel '0vercl0k' Souchet - November 19 2019 // EDB Note: Download https://github.com/offensive-security/exploitdb-bin-sploits/raw/master/bin-sploits/47752.zip // 0:000 ? xul!sAutomationPrefIsSet - xul // Evaluate expression: 85724947 = 00000000051c0f13 const XulsAutomationPrefIsSet = 0x051c0f13...
SiteVision 4.x / 5.x Insufficient Module Access Control Vulnerability #ByPass
SiteVision suffers from an issue where attacker may inject non-authorized module when editing pages using a lower privileged account, which can lead to cross site scripting and remote code execution. All versions of SiteVision 4 until 4.5.6 and all versions of SiteVision 5 until 5.1.1 are...
SiteVision 4.x / 5.x Remote Code Execution Exploit #RCE
Exploit for jsp platform in category web applications SiteVision Remote Code Execution CVE-2019-12733 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12733 https://www.cybercom.com/About-Cybercom/Blogs/Security-Advisories/high-risk-vulnerabilities-in-cms-product/ Summary Attackers may...
OkayCMS 2.3.4 Remote Code Execution Exploit #RCE
Exploit for php platform in category web applications Unauthenticated remote code execution in OkayCMS Overview Target: OkayCMS Vendor: OkayCMS Version: all versions including 2.3.4 CVE: CVE-2019-16885 Accessibility: Local Severity: Critical Author: Wolfgang Hotwagner AIT Austrian Institute of...
Integard Pro NoJs 2.2.0.9026 - Remote Buffer Overflow Exploit
Exploit Title: Integard Pro NoJs 2.2.0.9026 - Remote Buffer Overflow Exploit Author: purpl3f0xsecur1ty Vendor Homepage: https://www.tucows.com/ Software Link: http://www.tucows.com/preview/519612/Integard-Home Version: Pro 2.2.0.9026 / Home 2.0.0.9021 Tested on: Windows XP / Win7 / Win10 CVE:...
Trend Micro Deep Security Agent 11 - Arbitrary File Overwrite Exploit
Exploit Title: Trend Micro Deep Security Agent 11 - Arbitrary File Overwrite Exploit Author : Peter Lapp Vendor Homepage : https://www.trendmicro.com/enus/business.html Link Software : https://help.deepsecurity.trendmicro.com/software.html?regs=NABU&prodid=1716 Tested on OS: v11.0.582 and...
BeeGFS 7.1.3 Privilege Escalation Vulnerability
============================================ BeeGFS Privilege Escalation CVE-2019-15897 ============================================ Software: BeeGFS Affected Versions: All versions upto and including 7.1.3 Vendor: ThinkparQ CVE: CVE-2019-15897 Severity: CVSS 9.6 Critical...
Verot 2.0.3 - Remote Code Execution Exploit #RCE
Exploit for php platform in category web applications Exploit Title: Verot 2.0.3 - Remote Code Execution Date: 2019-12-05 Exploit Author: Jinny Ramsmark Vendor Homepage: https://www.verot.net/phpclassupload.htm Software Link: https://github.com/verot/class.upload.php Version: '; $quality = "85";...
Yachtcontrol 2019-10-06 Remote Code Execution Exploit #RCE
Exploit for windows platform in category remote exploits Exploit Title: Yachtcontrol Webapplication - Unauthenticated Remote Code Execution Exploit Author: Hodorsec Vendor Homepage: http://www.yachtcontrol.nl/en/ Software Link: http://download.yachtcontrol.nl/klant/Software/ &...
Broadcom CA Privilged Access Manager 2.8.2 - Remote Command Execution Exploit #RCE
Exploit for windows platform in category web applications Title: Broadcom CA Privilged Access Manager 2.8.2 - Remote Command Execution Author: Peter Lapp Vendor:...
YouPHPTube 7.7 SQL Injection Vulnerability
Exploit for php platform in category web applications ---------------------------------------------------------------- YouPHPTube = 7.7 getChat.json.php SQL Injection Vulnerability ---------------------------------------------------------------- - Software Link: https://www.youphptube.com -...
OwnCloud 8.1.8 - Username Disclosure Vulnerability
Exploit for php platform in category web applications Exploit Title: OwnCloud 8.1.8 - Username Disclosure Exploit Author : Daniel Moreno Vendor Homepage : https://owncloud.org/ Link Software : https://ftp.icm.edu.pl/packages/owncloud/ old version. Download at your own risk Tested on OS: CentOS Po...
Online Clinic Management System 2.2 - HTML Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: Online Clinic Management System 2.2 - HTML Injection Exploit Author: Cemal Cihad ÇİFTÇİ Vendor Homepage: https://bigprof.com Software Download Link : https://bigprof.com/appgini/applications/online-clinic-management-system...
Cisco WLC 2504 8.9 - Denial of Service Exploit
Exploit Title: Cisco WLC 2504 8.9 - Denial of Service PoC Exploit Author: SecuNinja Vendor Homepage: cisco.com Software Link: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191106-wlc-dos Version: 8.4 to 8.9 Tested on: not applicable, works independent from OS CV...
SSDWLAB 6.1 - Authentication #Bypass Vulnerability
Exploit for asp platform in category web applications Exploit Title: SSDWLAB 6.1 - Authentication Bypass Exploit Author: Luis Buendía exoticpayloads Vendor Homepage: http://www.sbpsoftware.com/ Version: 6.1 Tested on: IIS 7.5 CVE : Pending Description: By injection on the SOAP function in the...
Microsoft Visual Basic 2010 Express - XML External Entity Injection Exploit
Exploit Title: Microsoft Visual Basic 2010 Express - XML External Entity Injection Exploit Author: ZwX Exploit Date: 2019-12-03 Version Software : 10.0.30319.1 RTMRel Vendor Homepage : https://www.microsoft.com/ Software Link:...
Ajenti 2.1.31 Command Injection Exploit
This Metasploit module exploits a command injection in Ajenti version 2.1.31. By injecting a command into the username POST parameter to api/core/auth, a shell can be spawned. This module requires Metasploit: https://metasploit.com/download Current source:...
Online Invoicing System 2.6 - (description) Persistent Cross-Site Scripting Vulnerability
Exploit for php platform in category web applications Exploit Title: Online Invoicing System 2.6 - 'description' Persistent Cross-Site Scripting Exploit Author: Cemal Cihad ÇİFTÇİ Vendor Homepage: https://bigprof.com Software Download Link :...