39001 matches found
DLink DWL-2600AP - Multiple OS Command Injection Vulnerability
Exploit for hardware platform in category web applications Document Title: =============== D-Link DWL-2600AP - Authenticated OS Command Injection Restore Configuration Product & Service Introduction: =============================== The D-Link DWL-2600AP has a web interface for configuration. You...
WordPress Form Maker 1.13.3 SQL Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: WordPress Plugin Form Maker 1.13.3 - SQL Injection Exploit Author: Daniele Scanu @ Certimeter Group Vendor Homepage: https://10web.io/plugins/ Software Link: https://wordpress.org/plugins/form-maker/ Version: 1.13.3 Tested on:...
PasteShr 1.6 - Multiple SQL Injection Vulnerability
Exploit for php platform in category web applications =========================================================================================== Exploit Title: PasteShr - SQL İnj. Dork: N/A Date: 14-05-2019 Exploit Author: Mehmet EMIROGLU Vendor Homepage:...
XOOPS CMS 2.5.9 SQL Injection Vulnerability
Exploit for php platform in category web applications + Sql Injection on XOOPS CMS v.2.5.9 + Risk: High + CWE Number : CWE-89 + Author: Felipe Andrian Peixoto + Vendor Homepage: https://xoops.org/ + Contact: email protected + Tested on: Windows 7 and Gnu/Linux + Dork: inurl:gerarpdf.php...
OpenProject 5.0.0 - 8.3.1 - SQL Injection Vulnerability
Exploit for php platform in category web applications SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Unauthenticated SQL Injection vulnerability product: OpenProject vulnerable version: 5.0.0 - 8.3.1 fixed version:...
Firefly CMS 1.0 Remote Command Execution Exploit #RCE
Exploit for php platform in category web applications + Remote Comand Execution on Firefly CMS v. 1.0 + Date: 11/05/2019 + CWE number: CWE-78 + Risk: High + Author: Felipe Andrian Peixoto + Contact: email protected + Tested on: Windows 7 and Linux + Vendor Homepage: https://fireflydigital.com/ +...
Sales ERP 8.1 - Multiple SQL Injection Vulnerability
Exploit for php platform in category web applications =========================================================================================== Exploit Title: SalesERP v.8.1 SQL Inj. Exploit Author: Mehmet EMIROGLU Vendor Homepage: https://codecanyon.net/category/php-scripts?term=sales%20erp...
Tomabo MP4 Converter 3.25.22 - Denial of Service Exploit
-- coding: utf-8 -- Exploit Title: MP4 Converter 3.25.22 - 'Name' Denial of Service PoC Author: Alejandra Sánchez Vendor Homepage: http://www.tomabo.com/ Software: http://www.tomabo.com/downloads/mp4-converter-setup.exe Version: 3.25.22 Tested on: Windows 10 Proof of Concept: 1.- Run the python...
TwistedBrush Pro Studio 24.06 - (.srp) Denial of Service Exploit
-- coding: utf-8 -- Exploit Title: TwistedBrush Pro Studio 24.06 - '.srp' Denial of Service PoC Author: Alejandra Sánchez Vendor Homepage: http://www.pixarra.com Software Link http://www.pixarra.com/uploads/9/4/6/3/94635436/tbrusha.exe Version: 24.06 Tested on: Windows 10 Proof of Concept: 1.- Ru...
Selfie Studio 2.17 - Resize Image Denial of Service Exploit
-- coding: utf-8 -- Exploit Title: Selfie Studio 2.17 - 'Resize Image' Denial of Service PoC Date: 13/05/2019 Author: Alejandra Sánchez Vendor Homepage: http://www.pixarra.com Software Link http://www.pixarra.com/uploads/9/4/6/3/94635436/tbselfiestudioinstall.exe Version: 2.17 Tested on: Windows ...
SpotMSN 2.4.6 - Denial of Service Exploit
Exploit Title: SpotMSN 2.4.6 - 'Name/Key' Denial of Service PoC Discovery by: Victor Mondragón Vendor Homepage: www.nsauditor.com Software Link: http://www.nsauditor.com/downloads/spotmsnsetup.exe Tested Version: 2.4.6 Tested on: Windows Windows 10 Single Language x64 / 7 x64 Service Pack 1 Steps...
SOCA Access Control System 180612 - Information Disclosure
Exploit for php platform in category web applications SOCA Access Control System 180612 Information Disclosure Vendor: SOCA Technology Co., Ltd Product web page: http://www.socatech.com Affected version: 180612, 170000 and 141007 Summary: The company's products include proximity and fingerprint...
TwistedBrush Pro Studio 24.06 - Script Recorder Denial of Service Exploit
-- coding: utf-8 -- Exploit Title: TwistedBrush Pro Studio 24.06 - 'Script Recorder' Denial of Service PoC Author: Alejandra Sánchez Vendor Homepage: http://www.pixarra.com Software Link http://www.pixarra.com/uploads/9/4/6/3/94635436/tbrusha.exe Version: 24.06 Tested on: Windows 10 Proof of...
TwistedBrush Pro Studio 24.06 - Resize Image Denial of Service Exploit
-- coding: utf-8 -- Exploit Title: TwistedBrush Pro Studio 24.06 - 'Resize Image' Denial of Service PoC Author: Alejandra Sánchez Vendor Homepage: http://www.pixarra.com Software Link http://www.pixarra.com/uploads/9/4/6/3/94635436/tbrusha.exe Version: 24.06 Tested on: Windows 10 Proof of Concept...
DNSS 2.1.8 - Denial of Service Exploit
Exploit Title: DNSS Domain Name Search Software 2.1.8 - Denial of Service PoC Discovery by: Victor Mondragón Vendor Homepage: www.nsauditor.com Software Link: http://www.nsauditor.com/downloads/dnsssetup.exe Tested Version: 2.1.8 Tested on: Windows Windows 10 Single Language x64 / 7 x64 Service...
SOCA Access Control System 180612 - SQL Injection Vulnerability
Exploit for php platform in category web applications SOCA Access Control System 180612 SQL Injection And Authentication Bypass Vendor: SOCA Technology Co., Ltd Product web page: http://www.socatech.com Affected version: 180612, 170000 and 141007 Summary: The company's products include proximity...
SOCA Access Control System 180612 - CSRF (Add Admin) Vulnerability
Exploit for php platform in category web applications SOCA Access Control System 180612 CSRF Add Admin Exploit Vendor: SOCA Technology Co., Ltd Product web page: http://www.socatech.com Affected version: 180612, 170000 and 141007 Summary: The company's products include Proximity and Fingerprint...
Linux/x86 - /sbin/iptables -F Shellcode (43 bytes)
Title: Linux/x86 - /sbin/iptables -F Shellcode 43 bytes Author: Xavi Beltran Contact: email protected Webpage: https://xavibel.com Purpose: flush iptables rules Tested On: Ubuntu 3.5.0-17-generic Arch: x86 Size: 43 bytes iptables-flush.nasm global start section .text start: xor eax, eax push eax...
Google Chrome V8 - Turbofan JSCallReducer::ReduceArrayIndexOfIncludes Out-of-Bounds Read/Write
!-- Since commit https://chromium.googlesource.com/v8/v8.git/+/c22bb466d8934685d897708119543d099b9d2a9a turbofan supports inlining calls to array.includes and array.indexOf. The logic of the function is roughly: 1. Check the set of possible Maps of the array type with...
RICOH SP 4510DN Printer - HTML Injection Vulnerability
Exploit for hardware platform in category web applications Exploit Title: RICOH SP 4510DN Printer - HTML Injection Exploit Author: Ismail Tasdelen Vendor Homepage: https://www.ricoh.com/ Hardware Link: https://www.ricoh-europe.com/products/office-printers-fax/single-function-printers/sp-4520dn.ht...
RICOH SP 4520DN Printer - HTML Injection Vulnerability
Exploit for hardware platform in category web applications Exploit Title: RICOH SP 4520DN Printer - HTML Injection Exploit Author: Ismail Tasdelen Vendor Homepage: https://www.ricoh.com/ Hardware Link: https://www.ricoh-europe.com/products/office-printers-fax/single-function-printers/sp-4520dn.ht...
PHPRunner 10.1 - Denial of Service Exploit
Exploit Title: PHPRunner 10.1 - Denial of Service PoC Discovery by: Victor Mondragón Vendor Homepage: https://xlinesoft.com/ Software Link: https://xlinesoft.com/phprunner/download.htm Tested Version: 10.1 Tested on: Windows 7 Service Pack 1 x64 Steps to produce the crash: 1.- Run python code:...
SpotIM 2.2 - Denial of Service Exploit
-- coding: utf-8 -- Exploit Title: SpotIM 2.2 - 'Name/Key' Denial of Service PoC Author: Alejandra Sánchez Vendor Homepage: http://www.nsauditor.com Software Link http://www.nsauditor.com/downloads/spotimsetup.exe Version: 2.2 Tested on: Windows 10 Proof of Concept: 1.- Run the python script...
SpotPaltalk 1.1.5 - Denial of Service Exploit
-- coding: utf-8 -- Exploit Title: SpotPaltalk 1.1.5 - 'Name/Key' Denial of Service PoC Author: Alejandra Sánchez Vendor Homepage: http://www.nsauditor.com Software Link http://www.nsauditor.com/downloads/spotpaltalksetup.exe Version: 1.1.5 Tested on: Windows 10 Proof of Concept: 1.- Run the pyth...
dotCMS 5.1.1 - HTML Injection Vulnerability
Exploit for jsp platform in category web applications Exploit Title: dotCMS 5.1.1 - HTML Injection Exploit Author: Ismail Tasdelen Vendor Homepage: https://dotcms.com/ Software Link: https://github.com/dotCMS Software: dotCMS Product Version: 5.1.1 Vulernability Type: Code Injection Vulenrability...
Convert Video jetAudio 8.1.7 - Denial of Service Exploit
-- coding: utf-8 -- Exploit Title: Convert Video jetAudio 8.1.7 - Denial of Service PoC Author: Alejandra Sánchez Vendor Homepage: http://www.jetaudio.com/ Software Link http://www.jetaudio.com/download/5fc01426-741d-41b8-a120-d890330ec672/jetAudio/JAD8107BASIC.exe Version: 8.1.7 Tested on: Windo...
Lyric Maker 2.0.1.0 - Denial of Service Exploit
-- coding: utf-8 -- Exploit Title: Lyric Maker 2.0.1.0 - Denial of Service PoC Author: Alejandra Sánchez Vendor Homepage: http://www.jetaudio.com/ Software Link http://www.jetaudio.com/download/5fc01426-741d-41b8-a120-d890330ec672/jetAudio/JAD8107BASIC.exe Version: 2.0.1.0 Tested on: Windows 10...
Lyric Video Creator 2.1 - (.mp3) Denial of Service Exploit
-- coding: utf-8 -- Exploit Title: Lyric Video Creator 2.1 - '.mp3' Denial of Service PoC Author: Alejandra Sánchez Vendor Homepage: https://lyricvideocreator.com/ Software Link: https://lyricvideocreator.com/dwl/LyricVideoCreator.exe Version: 2.1 Tested on: Windows 10 Proof of Concept: 1.- Run t...
jetCast Server 2.0 - Denial of Service Exploit
Exploit Title: jetCast Server 2.0 - Denial of Service PoC Discovery by: Victor Mondragón Vendor Homepage: http://www.jetaudio.com/ Software Link: http://www.jetaudio.com/download/5fc01426-741d-41b8-a120-d890330ec672/jetAudio/Download/jetCast/build/JCS2000.exe Tested Version: 2.0 Tested on: Window...
Cortex Unshortenlink Analyzer < 1.1 - Server-Side Request Forgery Vulnerability
Exploit for multiple platform in category web applications Exploit Title: Cortex Unshortenlink Analyzer 1.1 - Server-Side Request Forgery Exploit Author: Alexandre Basquin Vendor Homepage: https://blog.thehive-project.org Software Link: https://github.com/TheHive-Project/Cortex Version: Cortex =...
TheHive Project Cortex < 1.15.2 - Server-Side Request Forgery Vulnerability
Exploit for multiple platform in category web applications Exploit Title: SSRF in TheHive Project Cortex = 2.1.3 Exploit Author: Alexandre Basquin Vendor Homepage: https://blog.thehive-project.org Software Link: https://github.com/TheHive-Project/Cortex Version: Cortex = 2.1.3 Tested on: 2.1.3 CV...
CyberArk Enterprise Password Vault 10.7 - XML External Entity Injection Vulnerability
Exploit for multiple platform in category web applications Exploit Title: CyberArk XML External Entity XXE Injection in SAML authentication Exploit Author: Marcelo Toran @spamv Vendor Homepage: https://www.cyberark.com Version: =10.7 CVE : CVE-2019-7442 -----------Product description The CyberArk...
ASPRunner.NET 10.1 - Denial of Service Exploit
Exploit Title: ASPRunner.NET 10.1 - Denial of Service PoC Discovery by: Victor Mondragón Vendor Homepage: https://xlinesoft.com/ Software Link: https://xlinesoft.com/asprunnernet/download.htm Tested Version: 10.1 Tested on: Windows 7 Service Pack 1 x64 Steps to produce the crash: 1.- Run python...
Zoho ManageEngine ADSelfService Plus 5.7 < 5702 build - Cross-Site Scripting Vulnerability
Exploit for php platform in category web applications + Zoho ManageEngine ADSelfService Plus 5.7 &searchType=contains&searchBy=ALLFIELDS&actionId=Search HTTP/1.1 &adscsrf= 4- Stored XSS in self-...
Lotus Domino 8.5.3 - EXAMINE Stack Buffer Overflow DEP/ASLR Bypass (NSAs EMPHASISMINE) Exploit
Here is a working version of the NSA's EMPHASISMINE for IMAP Server Lotus Domino 8.5.3 FP0 DEP/ASLR bypass Replace breakpoints with msfvenom payload ALPHANUMERIC I love you Alison Thompson OAM @ThirdWaveORG Author: Charles Truscott @r0ss1n1 import base64 import struct import socket import time...
D-Link DWL-2600AP Save Configuration Command Injection Vulnerability
D-Link DWL-2600AP suffers from an authentication OS command injection vulnerability via the save configuration functionality. Document Title: =============== D-Link DWL-2600AP - Authenticated OS Command Injection Save Configuration Product & Service Introduction: =============================== T...
NetNumber Titan ENUM/DNS/NP 7.9.1 - Path Traversal / Authorization Bypass Vulnerabilities
Exploit for linux platform in category web applications Exploit Title: NetNumber Titan ENUM/DNS/NP - Path Traversal - Authorization Bypass Exploit Author: MobileNetworkSecurity Vendor Homepage: https://www.netnumber.com/products/data Software Link: N/A Version: Titan Master 7.9.1 Tested on: Linux...
jetAudio 8.1.7.20702 Basic - (Enter URL) Denial of Service Exploit
Exploit Title: jetAudio 8.1.7.20702 Basic - Denial of Service PoC Discovery by: Victor Mondragón Vendor Homepage: http://www.jetaudio.com/ Software Link: http://www.jetaudio.com/download/ Tested Version: 8.1.7.20702 Tested on: Windows 7 Service Pack 1 x64 / Windows 10 Single Language x64 Steps to...
D-Link DWL-2600AP Upgrade Firmware Command Injection Vulnerability
D-Link DWL-2600AP suffers from an authentication OS command injection vulnerability via the upgrade firmware functionality. Document Title: =============== D-Link DWL-2600AP - Authenticated OS Command Injection Upgrade Firmware Product & Service Introduction: =============================== The...
MiniFtp - parseconf_load_setting Buffer Overflow Exploit
Exploit for linux platform in category local exploits Exploit Title: MiniFtp parseconfloadsetting local-bufferoverflow 318 bytes Exploit Author: strider Vendor Homepage: https://github.com/skyqinsc/MiniFtp Software Link: https://github.com/skyqinsc/MiniFtp Tested on: Debian 9 Stretch i386/ Kali...
Chrome 72.0.3626.119 FileReader Use-After-Free Exploit
This exploit takes advantage of a use after free vulnerability in Google Chrome 72.0.3626.119 running on Windows 7 x86. The FileReader.readAsArrayBuffer function can return multiple references to the same ArrayBuffer object, which can be freed and overwritten with sprayed objects. The dangling...
Admin Express 1.2.5.485 Buffer Overflow Exploit
Exploit for windows platform in category local exploits Title: Admin Express v1.2.5.485 Folder Path Local SEH Alphanumeric Encoded Buffer Overflow Date: May 6th, 2019 Author: Connor McGarr https://connormcgarr.github.io Vendor Homepage: https://admin-express.en.softonic.com/ Software Link:...
Linux/x86 - execve /bin/sh Shellcode (20 bytes)
/ Linux/x86 - execve /bin/sh shellcode 20 bytes Author: Rajvardhan Tested on: i686 GNU/Linux Shellcode Length: 20 Disassembly of section .text: 08049000 : 8049000: 31 c9 xor %ecx,%ecx 8049002: 6a 0b push $0xb 8049004: 58 pop %eax 8049005: 51 push %ecx 8049006: 68 2f 2f 73 68 push $0x68732f2f...
D-Link DWL-2600AP Authenticated OS Command Injection Vulnerability
D-Link DWL-2600AP suffers from an authentication OS command injection vulnerability via the tftp restore functionality. Document Title: =============== D-Link DWL-2600AP - Authenticated OS Command Injection Restore Configuration Product & Service Introduction: =============================== The...
Prinect Archive System 2015 Release 2.6 - Cross-Site Scripting Vulnerability
Exploit for multiple platform in category web applications Details ================ Software: Prinect Archive System Version: v2015 Release 2.6 Homepage: https://www.heidelberg.com Advisory report: https://github.com/alt3kx/CVE-2019-10685 CVE:...
Easy Chat Server 3.1 Denial Of Service Exploit
!/usr/bin/python --------------------------------------------------------- Title: Easy Chat Server Version 3.1 - DOS Author: Miguel Mendez Z Team: www.exploiting.cl Vendor: http://www.echatserver.com Software Link: http://www.echatserver.com/ecssetup.exe Platforms: Windows Version: 3.1 Tested on:...
PostgreSQL COPY FROM PROGRAM Command Execution Exploit
Installations running Postgres 9.3 and above have functionality which allows for the superuser and users with 'pgexecuteserverprogram' to pipe to and from an external program using COPY. This allows arbitrary command execution as though you have console access. This module attempts to create a ne...
Oracle Weblogic Server Deserialization Remote Code Execution Exploit
An unauthenticated attacker with network access to the Oracle Weblogic Server T3 interface can send a malicious SOAP request to the interface WLS AsyncResponseService to execute code on the vulnerable host. This module requires Metasploit: https://metasploit.com/download Current source:...
Xitami Web Server 2.5 - Remote Buffer Overflow (SEH + Egghunter) Exploit
Exploit Title: Xitami Web Server 2.5 Remote Buffer Overflow SEH + Egghunter Author: ElSoufiane Version: 2.5b4 Tested on: Windows Vista Ultimate Build 6000 and Windows XP SP3 Professional Discovered by: Krystian Kloskowski Set up a multi handler listener in MSFConsole then run exploit...
NSClient++ 0.5.2.35 - Privilege Escalation Vulnerability
Exploit for windows platform in category local exploits Exploit Author: bzyo Twitter: @bzyo Exploit Title: NSClient++ 0.5.2.35 - Privilege Escalation Vulnerable Software: NSClient++ 0.5.2.35 Vendor Homepage: http://nsclient.org/ Version: 0.5.2.35 Software Link: http://nsclient.org/download/ Teste...