Lucene search
K

39001 matches found

0day.today
0day.today
added 2019/03/15 12:0 a.m.70 views

CMS Made Simple Showtime2 Module 3.6.2 - Authenticated Arbitrary File Upload Exploit

Exploit for php platform in category web applications !/usr/bin/env python Exploit Title: CMS Made Simple authenticated arbitrary file upload in Showtime2 module Exploit Author: Daniele Scanu @ Certimeter Group Vendor Homepage: https://www.cmsmadesimple.org/ Software Link:...

5CVSS6.5AI score0.45896EPSS
Exploits7
0day.today
0day.today
added 2019/03/15 12:0 a.m.61 views

Vembu Storegrid Web Interface 4.4.0 - Multiple Vulnerabilities

Exploit for php platform in category web applications Exploit Title: Vembu Storegrid Web Interface 4.4.0 - Multiple Vulnerabilities Exploit Author: Gionathan "John" Reale Vendor Homepage: https://www.vembu.com/ Software Link : N/A Google Dork: N/A Version: 4.4.0 CVE : CVE-2014-10078,CVE-2014-1007...

5CVSS0.08749EPSS
Exploits6
0day.today
0day.today
added 2019/03/15 12:0 a.m.86 views

WinMPG Video Convert Local Dos Exploit

Exploit Title: WinMPG Video Convert Local Dos Exploit Date: 15.03.2019 Vendor Homepage:http://www.winmpg.com Software Link: http://www.winmpg.com/down/WinMPGVideoConvert.zip Exploit Author: Achilles Tested Version: 9.3.5 and older ones Tested on: Windows XP SP3 EN 1.- Run python code :WinMPG.py 2...

0.1AI score
Exploits0
0day.today
0day.today
added 2019/03/14 12:0 a.m.50 views

Pegasus CMS 1.0 - (extra_fields.php) Plugin Remote Code Execution Exploit

Exploit for php platform in category web applications Exploit Title: Pegasus extrafields.php Plugin Remote Code Execution Date: 14 March 2019 Exploit Author: R3zk0n Vendor Homepage: https://www.wisdom.com.au/web/pegasus-cms Software Link: N/A Version: 1.0 Tested on: Linux CVE : N/A The Pegasus CM...

7.4AI score
Exploits0
0day.today
0day.today
added 2019/03/14 12:0 a.m.41 views

Intel Modular Server System 10.18 - CSRF (Change Admin Password) Vulnerability

Exploit for php platform in category web applications history.pushState'', 't00t', 'index.php' input type="hidden" name="dbTableUser1UserId" valu...

7.4AI score
Exploits0
0day.today
0day.today
added 2019/03/14 12:0 a.m.51 views

Apache UNO / LibreOffice Version: 6.1.2 / OpenOffice 4.1.6 API - Remote Code Execution Exploit

""" Exploit Title: Apache UNO API RCE Exploit Author: sud0woodo Vendor Homepage: https://www.apache.org/ Software Link: https://www.openoffice.org/api/ Version: LibreOffice Version: 6.1.2 / OpenOffice 4.1.6 but really any version with the UNO API included Tested on: Ubuntu Mate 18.04 with kernel...

0.4AI score
Exploits0
0day.today
0day.today
added 2019/03/14 12:0 a.m.46 views

FTPGetter Standard 5.97.0.177 - Remote Code Execution Exploit

Exploit Title: FTPGetter Standard - v.5.97.0.177 Remote Code Execution Exploit Author: https://github.com/w4fz5uck5 | @w4fz5uck5 Vendor Homepage: https://www.ftpgetter.com Software Link: https://www.ftpgetter.com/ftpgettersetup.exe Version: v.5.97.0.177 Tested on: Windows 7 x64 CVE : CVE-2019-976...

9.8CVSS9.7AI score0.53093EPSS
Exploits5
0day.today
0day.today
added 2019/03/13 12:0 a.m.46 views

WordPress GraceMedia Media Player 1.0 Plugin - Local File Inclusion Vulnerability

Exploit for php platform in category web applications WordPress GraceMedia Media Player 1.0 Plugin - Local File Inclusion ============================================= MGC ALERT 2019-001 - Original release date: February 06, 2019 - Last revised: March 13, 2019 - Discovered by: Manuel García...

0.1AI score0.40771EPSS
Exploits5
0day.today
0day.today
added 2019/03/13 12:0 a.m.83 views

Microsoft Windows MSHTML Engine - (Edit) Remote Code Execution Exploit

Exploit for windows platform in category local exploits Exploit Title: Microsoft Windows CVE-2019-0541 MSHTML Engine "Edit" Remote Code Execution Vulnerability Google Dork: N/A Date: March, 13 2019 Exploit Author: Eduardo Braun Prado Vendor Homepage: http://www.microsoft.com/ Software Link:...

9.3CVSS0.1AI score0.53202EPSS
Exploits4
0day.today
0day.today
added 2019/03/13 12:0 a.m.69 views

pfSense 2.4.4-p1 (HAProxy Package 0.59_14) - Persistent Cross-Site Scripting Vulnerability

Exploit for php platform in category web applications Exploit Title: pfSense 2.4.4-p1 HAProxy Package 0.5914 - Stored Cross-Site Scripting Exploit Author: Gionathan "John" Reale Vendor Homepage: https://www.pfsense.org Version: 2.4.4-p1/0.5914 Software Link: N/A Google Dork: N/A CVE:2019-8953...

4.3CVSS6.4AI score0.52236EPSS
Exploits3
0day.today
0day.today
added 2019/03/13 12:0 a.m.105 views

Apache Tika-server < 1.18 - Command Injection Exploit

Description: This is a PoC for remote command execution in Apache Tika-server. Versions Affected: Tika-server versions " print "Example: python CVE-2018-1335.py localhost 9998 calc.exe" else: host = sys.argv1 port = sys.argv2 cmd = sys.argv3 url = host+":"+strport+"/meta" headers =...

9.3CVSS8.1AI score0.93972EPSS
Exploits10
0day.today
0day.today
added 2019/03/12 12:0 a.m.51 views

Microsoft Windows .Reg File / Dialog Box Message Spoofing Exploit

The Windows registry editor allows specially crafted .reg filenames to spoof the default registry dialog warning box presented to an end user. This can potentially trick unsavvy users into choosing the wrong selection shown on the dialog box. Furthermore, we can deny the registry editor its abili...

6.9AI score
Exploits0
0day.today
0day.today
added 2019/03/12 12:0 a.m.50 views

WordPress Fastest Cache 0.8.9.0 Arbitrary File Deletion Exploit

WordPress WP Fastest Cache plugin versions 0.8.9.0 and below suffer from an arbitrary file deletion vulnerability. The wordpress plugin "WP Fastest Cache" 0 suffered from an arbitrary file deletion bug. Description A successful attack allows an unauthenticated attacker to specify a path to a...

6.5AI score0.04348EPSS
Exploits3
0day.today
0day.today
added 2019/03/12 12:0 a.m.64 views

robinbhandari FTP Remote Denial Of Service Exploit

Title: CVE-2019-9668 robinbhandari FTP remote DoS vulnerability Vulnerable: - https://github.com/rovinbhandari/FTP Description: robinbhandari is a open source tiny ftp server/client in github.com. it has a remote DoS vulnerability in a 'put' command. Timeline: 2019-03-11 CVE-2019-9668 robinbhanda...

7.5CVSS7.7AI score0.01693EPSS
Exploits2
0day.today
0day.today
added 2019/03/12 12:0 a.m.38 views

Core FTP 2.0 Build 653 PBSZ Denial Of Service Exploit

Exploit Title: Core FTP 2.0 build 653 - 'PBSZ' - Unauthenticated - Denial of Service PoC Exploit Author: Hodorsec email protected / email protected Vendor Homepage: http://www.coreftp.com/ Software Link: http://coreftp.com/server/download/archive/CoreFTPServer653.exe Version: Version 2.0, build...

7.4AI score
Exploits0
0day.today
0day.today
added 2019/03/12 12:0 a.m.38 views

NREL BEopt 2.8.0 Insecure Library Loading Arbitrary Code Execution Exploit

BEopt suffers from a DLL Hijacking issue. The vulnerability is caused due to the application loading libraries sdl2.dll and libegl.dll in an insecure manner. This can be exploited to load arbitrary libraries by tricking a user into opening a related application file .BEopt located on a remote...

7AI score
Exploits0
0day.today
0day.today
added 2019/03/12 12:0 a.m.141 views

elFinder PHP Connector < 2.1.48 - exiftran Command Injection Exploit

This Metasploit module exploits a command injection vulnerability in elFinder versions prior to 2.1.48. The PHP connector component allows unauthenticated users to upload files and perform file modification operations, such as resizing and rotation of an image. The file name of uploaded files is...

7.5CVSS3.2AI score0.96633EPSS
Exploits11
0day.today
0day.today
added 2019/03/12 12:0 a.m.88 views

CoreFTP Server FTP / SFTP Server v2 Build 674 MDTM Directory Traversal Vulnerability

CoreFTP Server FTP and SFTP Server version 2 build 674 suffer from a directory traversal vulnerability. By utilizing a directory traversal along with the FTP MDTM command, an attacker can browse outside the root directory to determine if a file exists based on return file size along with the date...

5.3CVSS5.6AI score0.14535EPSS
Exploits8
0day.today
0day.today
added 2019/03/12 12:0 a.m.64 views

Core FTP Server FTP / SFTP Server v2 Build 674 - SIZE Directory Traversal Exploit Vulnerability

Exploit Title: CoreFTP Server FTP / SFTP Server v2 - Build 674 SIZE Directory Traversal Google Dork: N/A Date: 3/13/2019 Exploit Author: Kevin Randall Vendor Homepage: https://www.coreftp.com Software Link: http://www.coreftp.com/server/index.html Version: Firmware: CoreFTP Server FTP / SFTP Serv...

5.3CVSS5.8AI score0.1433EPSS
Exploits7
0day.today
0day.today
added 2019/03/12 12:0 a.m.44 views

PilusCart 1.4.1 - Cross-Site Request Forgery (Add Admin) Vulnerability

Exploit for php platform in category web applications Exploit Title: PilusCart 1.4.1 - Cross-Site Request Forgery Add Admin Exploit Author: Gionathan "John" Reale Vendor Homepage: https://github.com/piluscart Software Link:...

0.2AI score
Exploits0
0day.today
0day.today
added 2019/03/11 12:0 a.m.128 views

Linux Kernel 4.4 (Ubuntu 16.04) - snd_timer_user_ccallback() Kernel Pointer Leak Exploit

include include include include include include include include include include include include include include Exploit Title: Linux Kernel 4.4 Ubuntu 16.04 - Leak kernel pointer in sndtimeruserccallback Google Dork: - Date: 2019-03-11 Exploit Author: wally0813 Vendor Homepage: - Software Link: -...

5.5CVSS0.01213EPSS
Exploits5
0day.today
0day.today
added 2019/03/11 12:0 a.m.330 views

OpenKM 6.3.2 < 6.3.7 - Remote Command Execution Exploit #RCE

Exploit for jsp platform in category web applications This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'OpenKM Document Management %q Versions of the OpenKM Document Management 'AkkuS ' ,...

0.2AI score
Exploits0
0day.today
0day.today
added 2019/03/11 12:0 a.m.112 views

NetSetMan 4.7.1 - Local Buffer Overflow (SEH Unicode) Exploit

Exploit for windows platform in category local exploits Exploit Title: NetSetMan 4.7.1 - Local Buffer Overflow SEH Unicode Exploit Author: Devin Casadey Vendor Homepage: https://www.netsetman.com/ Software Link: https://www.netsetman.com/netsetman.exe Tested Version: 4.7.1 Tested on: Windows XP S...

Exploits0
0day.today
0day.today
added 2019/03/11 12:0 a.m.520 views

Liferay CE Portal < 7.1.2 ga3 - Remote Command Execution Exploit #RCE

Exploit for multiple platform in category web applications This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class MetasploitModule 'Liferay CE Portal Tomcat %q This module uses the Liferay CE Portal...

7.1AI score
Exploits0
0day.today
0day.today
added 2019/03/11 12:0 a.m.81 views

Flexpaper PHP Publish Service 2.3.6 - Remote Code Execution Exploit #RCE

Exploit for php platform in category web applications !/usr/bin/env python Exploit Title: FlexPaper PHP Publish Service = 2.3.6 RCE Date: March 2019 Exploit Author: Red Timmy Security - redtimmysec.wordpress.com Vendor Homepage: https://flowpaper.com/download/ Version: = 2.3.6 Tested on: Linux/Un...

0.1AI score0.49787EPSS
Exploits4
0day.today
0day.today
added 2019/03/11 12:0 a.m.675 views

PRTG Network Monitor 18.2.38 - Authenticated Remote Code Execution Exploit

Exploit for windows platform in category web applications !/bin/bash echo -e "\n\e00;33m++ \e00m" echo -e "\e00;32m Authenticated PRTG network Monitor remote code execution \e00m" echo -e "\e00;33m++ \e00m" echo -e "\e00;32m Date: 11/03/2019 \e00m" echo -e "\e00;33m++ \e00m" echo -e "\e00;32m...

9CVSS0.87173EPSS
Exploits12
0day.today
0day.today
added 2019/03/11 12:0 a.m.181 views

SonyPlaystation 4 (PS4) < 6.20 - WebKit Code Execution Exploit

Exploit for hardware platform in category local exploits...

1.3AI score0.12808EPSS
Exploits7
0day.today
0day.today
added 2019/03/10 12:0 a.m.228 views

Linux/x86 - INSERTION Encoder / Decoder execve(/bin/sh) Shellcode (88 bytes)

/ ''' ; Date: 07/03/2019 ; Insertion-Encoder.asm ; Author: Daniele Votta ; Description: This program encode shellcode with insertion technique 0xAA. ; Tested on: i686 GNU/Linux ''' !/usr/bin/python Python Insertion Encoder import random Execve /bin/sh 25 bytes shellcode...

7.4AI score
Exploits0
0day.today
0day.today
added 2019/03/10 12:0 a.m.203 views

DirectAdmin 1.55 - CMD_ACCOUNT_ADMIN Cross-Site Request Forgery Vulnerability

Exploit for php platform in category web applications Exploit title: DirectAdmin v1.55 - CSRF via CMDACCOUNTADMIN Admin Panel Exploit Author: ManhNho Vendor Homepage: https://www.directadmin.com/ Software Link: https://www.directadmin.com/ Demo Link: https://www.directadmin.com:2222/CMDACCOUNTADM...

6.8CVSS8.7AI score0.02435EPSS
Exploits5
0day.today
0day.today
added 2019/03/10 12:0 a.m.172 views

OrientDB 3.0.17 GA Community Edition - Cross-Site Request Forgery / Cross-Site Scripting

Exploit for multiple platform in category web applications Exploit Title: OrientDB 3.0.17 GA Community Edition March 7th, 2019 | Multiple Vulnerabilities Date: 07.03.2019 Exploit Author: Ozer Goker Vendor Homepage: https://orientdb.org Software Link: https://orientdb.org/download Version: 3.0.17 ...

0.3AI score
Exploits0
0day.today
0day.today
added 2019/03/10 12:0 a.m.208 views

McAfee ePO 5.9.1 - Registered Executable Local Access Bypass Vulnerability

Exploit for windows platform in category web applications Exploit Title: McAfee ePO 5.9.1 Registered Executable Local Access Bypass Exploit Author: @leonjza Vendor Homepage: https://www.mcafee.com/ Software Link: https://www.mcafee.com/enterprise/en-us/products/epolicy-orchestrator.html Version:...

4CVSS5.6AI score0.04699EPSS
Exploits4
0day.today
0day.today
added 2019/03/08 12:0 a.m.8149 views

OpenSSH SCP Client - Write Arbitrary Files Exploit

''' OpenSSH SCP Client - Write Arbitrary Files Exploit Title: SSHtranger Things Author: Mark E. Haase Homepage: https://www.hyperiongray.com CVE: CVE-2019-6111, CVE-2019-6110 Advisory: https://sintonen.fi/advisories/scp-client-multiple-vulnerabilities.txt Tested on: Ubuntu 18.04.1 LTS, OpenSSH...

6.8CVSS0.58204EPSS
Exploits10
0day.today
0day.today
added 2019/03/08 12:0 a.m.26 views

TeamCity < 9.0.2 - Disabled Registration Bypass Exploit

TeamCity 9.0.2 - Disabled Registration Bypass Exploit var login = 'testuser'; //логин пользователя var password = 'SuperMEgaPa$$'; //пароль var email = 'email protected'; // email / Code / var b = BS.LoginForm; var publickey = $F"publicKey"; var encryptedpass = BS.Encrypt.encryptDatapassword,...

0.3AI score
Exploits0
0day.today
0day.today
added 2019/03/08 12:0 a.m.472 views

Oracle Weblogic Server - Deserialization Remote Command Execution (Patch Bypass) Exploit

Oracle Weblogic Server - Deserialization Remote Command Execution Patch Bypass Exploit // All greets goes to RIPS Tech // Run this JS on Attachment Settings ACP page var pluploadsalt = ''; var formtoken = ''; var creationtime = ''; var filepath =...

9.8CVSS1.1AI score0.99448EPSS
Exploits70
0day.today
0day.today
added 2019/03/08 12:0 a.m.99 views

phpBB 3.2.3 - Remote Code Execution Exploit

Exploit for php platform in category web applications phpBB 3.2.3 - Remote Code Execution Exploit // All greets goes to RIPS Tech // Run this JS on Attachment Settings ACP page var pluploadsalt = ''; var formtoken = ''; var creationtime = ''; var filepath =...

0.3AI score
Exploits0
0day.today
0day.today
added 2019/03/08 12:0 a.m.1250 views

WordPress Core 5.0 - Remote Code Execution Exploit

Exploit for php platform in category web applications WordPress Core 5.0 - Remote Code Execution Exploit var wpnonce = ''; var ajaxnonce = ''; var wpattachedfile = ''; var imgurl = ''; var postajaxdata = ''; var postid = 0; var cmd = '?php phpinfo;/'; var cmdlen = cmd.length var payload =...

6.5CVSS0.1AI score0.91985EPSS
Exploits10
0day.today
0day.today
added 2019/03/07 12:0 a.m.536 views

Android su Privilege Escalation Exploit

This Metasploit module uses the su binary present on rooted devices to run a payload as root. A rooted Android device will contain a su binary often linked with an application that allows the user to run commands as root. This module will use the su binary to execute a command stager as root. The...

0.6AI score
Exploits0
0day.today
0day.today
added 2019/03/07 12:0 a.m.156 views

QNAP TS-431 QTS < 4.2.2 - Remote Command Execution Exploit

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'base64' class MetasploitModule 'QNAP TS-431 QTS %q This module creates a virtual web server and uploads the php payload into it. Admin privileges cannot access a...

0.1AI score
Exploits0
0day.today
0day.today
added 2019/03/07 12:0 a.m.40 views

Kados R10 GreenBee - Multiple SQL Injection Vulnerability

Exploit for php platform in category web applications =========================================================================================== Exploit Title: Kados R10 GreenBee - 'menulev1' SQL Injection Dork: N/A Exploit Author: Mehmet EMIROGLU Vendor Homepage: https://www.kados.info/ Softwar...

0.1AI score
Exploits0
0day.today
0day.today
added 2019/03/07 12:0 a.m.39 views

Anyburn 4.3 x86 - Copy disc to image file Buffer Overflow - (UNICODE) (SEH) Exploit

Exploit for windows platform in category local exploits !/usr/bin/python Exploit Title: Anyburn 4.3 - 'Copy disc to image file' Buffer Overflow - UNICODESEH Version: 4.3 Author: Hodorsec email protected / email protected Vendor Homepage: http://www.anyburn.com/ Software Link:...

7.2AI score
Exploits0
0day.today
0day.today
added 2019/03/07 12:0 a.m.83 views

ClearOS 7 Community Edition Cross Site Scripting Vulnerability

Exploit for php platform in category web applications Exploit Title: ClearOS 7 Community Edition | Cross-Site Scripting Exploit Author: Ozer Goker Vendor Homepage: https://www.clearos.com Software Link: http://mirror.clearos.com/clearos/7/iso/x8664/ClearOS-DVD-x8664.iso Version: 7 Introduction...

7.4AI score
Exploits0
0day.today
0day.today
added 2019/03/07 12:0 a.m.142 views

FreeBSD - Intel SYSRET Privilege Escalation Exploit

Exploit for freebsd platform in category local exploits This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'FreeBSD Intel SYSRET Privilege Escalation', 'Description' = %q This module exploits a...

7.2CVSS0.1AI score0.37212EPSS
Exploits6
0day.today
0day.today
added 2019/03/06 12:0 a.m.90 views

Sagemcom [email protected] 5260 Router Insufficient Default PSK Entropy Vulnerability

Sagemcom email protected 5260 routers on firmware version 0.4.39 and possibly others, in WPA mode, default to using a PSK that is generated from a 2-part wordlist of known values and a nonce with insufficient entropy. The number of possible PSKs is about 1.78 billion, which is too small. 0day.tod...

5.7AI score0.01103EPSS
Exploits2
0day.today
0day.today
added 2019/03/06 12:0 a.m.78 views

Java Debug Wire Protocol Remote Code Execution Exploit

Java Debug Wire Protocol JDWP remote code execution exploit. !/usr/bin/python Universal JDWP shellifier @hugsy And special cheers to @lanjelot import socket import time import sys import struct import urllib import argparse JDWP protocol variables HANDSHAKE = "JDWP-Handshake" REQUESTPACKETTYPE =...

0.6AI score
Exploits0
0day.today
0day.today
added 2019/03/06 12:0 a.m.97 views

Android - getpidcon() Usage in Hardware binder ServiceManager Permits ACL Bypass Exploit

Android - getpidcon Usage in Hardware binder ServiceManager Permits ACL Bypass Exploit We already reported four bugs in Android that are caused by the use of getpidcon, which is fundamentally unsafe: https://bugs.chromium.org/p/project-zero/issues/detail?id=727 AndroidID-27111481; unexploitable...

7.8CVSS7.8AI score0.00489EPSS
Exploits1
0day.today
0day.today
added 2019/03/06 12:0 a.m.61 views

Imperva SecureSphere 13.x PWS Command Injection Exploit

This Metasploit module exploits a command injection vulnerability in Imperva SecureSphere version 13.x. The vulnerability exists in the PWS service, where Python CGIs did not properly sanitize user supplied command parameters and directly passes them to corresponding CLI utility, leading to comma...

0.5AI score
Exploits0
0day.today
0day.today
added 2019/03/06 12:0 a.m.317 views

Drupal RESTful Web Services unserialize() Remote Code Execution Exploit

This Metasploit module exploits a PHP unserialize vulnerability in Drupal RESTful Web Services by sending a crafted request to the /node REST endpoint. As per SA-CORE-2019-003, the initial remediation was to disable POST, PATCH, and PUT, but Ambionics discovered that GET was also vulnerable albei...

6.8CVSS0.2AI score0.91919EPSS
Exploits22
0day.today
0day.today
added 2019/03/06 12:0 a.m.152 views

Linux < 4.20.14 - Virtual Address 0 is Mappable via Privileged write() to /proc/*/mem Exploit

Linux memrw - accessremotevm - accessremotevm - getuserpagesremote - getuserpageslocked - getuserpages - findextendvma Then, if the VMA in question has the VMGROWSDOWN flag set: expandstack - expanddownwards - securitymmapaddr - capmmapaddr This, if the address is below dacmmapminaddr, does a...

5.5CVSS6.8AI score0.05667EPSS
Exploits6
0day.today
0day.today
added 2019/03/06 12:0 a.m.90 views

Android - binder Use-After-Free via racy Initialization of ->allow_user_free Exploit

Android - binder Use-After-Free via racy Initialization of -allowuserfree Exploit The following bug report solely looks at the situation on the upstream master branch; while from a cursory look, at least the wahoo kernel also looks affected, I have only properly tested this on upstream master. Th...

7.8CVSS0.5AI score0.00523EPSS
Exploits1
0day.today
0day.today
added 2019/03/05 12:0 a.m.86 views

OpenDocMan 1.3.4 - (search.php where) SQL Injection Vulnerability

Exploit for php platform in category web applications =========================================================================================== Exploit Title: OpenDocMan 1.3.4 - ’where’ SQL Injection Exploit Author: Mehmet EMIROGLU Vendor Homepage:...

7.4AI score
Exploits0
Total number of security vulnerabilities39001