39001 matches found
Apache CouchDB 2.3.0 - Cross-Site Scripting Vulnerability
Exploit for multiple platform in category web applications Exploit Title: Apache CouchDB 2.3.0 | Cross-Site Scripting Exploit Author: Ozer Goker Vendor Homepage: http://couchdb.apache.org Software Link: http://couchdb.apache.org/download Version: 2.3.0 Introduction A CouchDB server hosts named...
macOS Reverse TCP Port 4444 IPv6 Shellcode (119 bytes)
/ Title: macOS - Reverse ::1:4444/TCP Shell /bin/sh +IPv6 Shellcode 119 bytes Tested: macOS 10.14.1 Author: Ken Kitahara Compilation: gcc -o loader loader.c dev:works devuser$ swvers ProductName: Mac OS X ProductVersion: 10.14.1 BuildVersion: 18B75 dev:works devuser$ cat ipv6rev.s section .text...
ArangoDB Community Edition 3.4.2-1 - Cross-Site Scripting Vulnerability
Exploit for multiple platform in category web applications Exploit Title: ArangoDB Community Edition 3.4.2-1 | Cross-Site Scripting Exploit Author: Ozer Goker Vendor Homepage: https://www.arangodb.com Software Link: https://www.arangodb.com/download-major/ Version: 3.4.2-1 Introduction ArangoDB i...
macOS TCP/4444 Bind Shell Null Free Shellcode (123 bytes)
/ Title: macOS - Bind 4444/TCP Shell /bin/sh + Null-Free Shellcode 123 bytes Tested: macOS 10.14.1 Author: Ken Kitahara Compilation: gcc -o loader loader.c dev:works devuser$ swvers ProductName: Mac OS X ProductVersion: 10.14.1 BuildVersion: 18B75 dev:works devuser$ cat ipv4bind.s section .text...
Webiness Inventory 2.3 - ProductModel Arbitrary File Upload Vulnerability
Exploit for php platform in category web applications =========================================================================================== Exploit Title: Webiness Inventory 2.3 - 'ProductModel' Arbitrary File Upload Exploit Author: Mehmet EMIROGLU Vendor Homepage:...
mIRC < 7.55 - Remote Command Execution Using Argument Injection Through Custom URI Vulnerability
Exploit Title: RCE on mIRC 7.55 using argument injection through custom URI protocol handlers Date: 18/02/2019 Exploit Author: https://twitter.com/proofofcalc/ Vendor Homepage: https://www.mirc.com Software Link: https://www.mirc.com/get.php Version: 7.55 Tested on: Windows CVE : CVE-2019-6453 RC...
macOS 127.0.0.1:4444 Reverse Shell Shellcode (103 bytes)
/ Title: macOS - Reverse 127.0.0.1:4444/TCP Shell /bin/sh + Null-Free Shellcode 103 bytes Tested: macOS 10.14.1 Author: Ken Kitahara Compilation: gcc -o loader loader.c dev:works devuser$ swvers ProductName: Mac OS X ProductVersion: 10.14.1 BuildVersion: 18B75 dev:works devuser$ cat ipv4rev.s...
macOS TCP Port 4444 IPv6 Shellcode (129 bytes)
/ Title: macOS - Bind 4444/TCP Shell /bin/sh + IPv6 Shellcode 129 bytes Tested: macOS 10.14.1 Author: Ken Kitahara Compilation: gcc -o loader loader.c dev:works devuser$ swvers ProductName: Mac OS X ProductVersion: 10.14.1 BuildVersion: 18B75 dev:works devuser$ cat ipv6bind.s section .text global...
Zoho ManageEngine ServiceDesk Plus (SDP) < 10.0 build 10012 - Arbitrary File Upload Vulnerability
Exploit for jsp platform in category web applications...
Linux - kvm_ioctl_create_device() NULL Pointer Dereference Exploit
Linux - kvmioctlcreatedevice NULL Pointer Dereference Exploit kvmioctlcreatedevice contains the following code: dev = kzallocsizeofdev, GFPKERNEL; if !dev return -ENOMEM; dev-ops = ops; dev-kvm = kvm; mutexlock&kvm-lock; ret = ops-createdev, cd-type; if ret lock; kfreedev; return ret;...
AirMore 1.6.1 - Denial of Service Exploit
!/usr/bin/python coding: utf-8 Author: Marcelo Vázquez aka s4vitar AirMore 1.6.1 Remote Denial of Service DoS & System Freeze Exploit Title: AirMore 1.6.1 Remote Denial of Service DoS & System Freeze Date: 2019-02-14 Exploit Author: Marcelo Vázquez aka s4vitar Vendor Homepage: https://airmore.com...
VSCO 1.1.1.0 - Denial of Service Exploit
Exploit Title: VSCO 1.1.1.0 - Denial of Service PoC Author: 0xB9 Twitter: @0xB9Sec Contact: 0xB9atpm.me Software Link: https://www.microsoft.com/store/productId/9NC1RLNH76PB Version: 1.1.1.0 Tested on: Windows 10 Proof of Concept: Run the python script, it will create a new file "PoC.txt" Copy th...
MyBB Trash Bin Plugin 1.1.3 - Cross-Site Scripting / Cross-Site Request Forgery
Exploit for php platform in category web applications Exploit Title: MyBB Trash Bin Plugin 1.1.3 - Cross-Site Scripting / CSRF Author: 0xB9 Twitter: @0xB9Sec Contact: 0xB9atpm.me Software Link: https://community.mybb.com/mods.php?action=view&pid=957 Version: 1.1.3 Tested on: Ubuntu 18.04 CVE:...
Free IP Switcher 3.1 - Computer Name Denial of Service Exploit
Exploit Title: Free IP Switcher 3.1 - Denial of Service PoC Discovery by: Victor Mondragón Vendor Homepage: http://www.eusing.com/index.html Software Link: http://www.eusing.com/ipscan/freeipscanner.htm Tested Version: 3.1 Tested on: Windows 10 Single Language x64 / Windows 7 x32 Service Pack 1...
Navicat for Oracle 12.1.15 - Password Denial of Service Exploit
Exploit Title: Navicat for Oracle 12.1.15 - "Password" Denial of Service PoC Discovery by: Victor Mondragón Vendor Homepage: https://www.navicat.com/es/ Software Link: https://www.navicat.com/es/download/navicat-for-oracle Tested Version: 12.1.15 Tested on: Windows 10 Single Language x64/ Windows...
UniSharp Laravel File Manager 2.0.0-alpha7 - Arbitrary File Upload Exploit
Exploit for php platform in category web applications Exploit Title: UniSharp Laravel File Manager - Arbitrary File Upload Google Dork: inurl:"laravel-filemanager?type=Files" -site:github.com -site:github.io Exploit Author: Mohammad Danish Vendor Homepage:...
qdPM 9.1 - search_by_extrafields[] SQL Injection Vulnerability
Exploit for php platform in category web applications =========================================================================================== Exploit Title: qdPM 9.1 - 'searchbyextrafields' SQL Injection Exploit Author: Mehmet EMIROGLU Vendor Homepage: http://qdpm.net Software Link:...
Jinja2 2.10 - (from_string) Server Side Template Injection Exploit
Exploit for python platform in category web applications ''' Exploit Title: Jinja2 Command injection fromstring function Date: date Exploit Author: JameelNabbo Website: Ordina.nl Vendor Homepage: http://jinja.pocoo.org Software Link: https://pypi.org/project/Jinja2/files Version: 2.10 Tested on:...
DomainMOD 4.11.01 - (assets/edit/host.php?whid=5) Cross-Site Scripting Vulnerability
Exploit for php platform in category web applications Exploit Title: DomainMOD 4.11.01 - Cross-Site Scripting Exploit Author: Mohammed Abdul Kareem Vendor Homepage: domainmod https://domainmod.org/ Software Link: domainmod https://github.com/DomainMod/DomainMod Version: v4.09.03 to v4.11.01 CVE :...
DomainMOD 4.11.01 - ssl-provider-name Cross-Site Scripting Vulnerability
Exploit for php platform in category web applications Exploit Title: DomainMOD 4.11.01 - Cross-Site Scripting Exploit Author: Mohammed Abdul Raheem Vendor Homepage: domainmod https://domainmod.org/ Software Link: domainmod https://github.com/DomainMod/DomainMod Version: v4.09.03 to v4.11.01 CVE :...
ApowerManager 3.1.7 - Phone Manager Remote Denial of Service Exploit
!/usr/bin/python coding: utf-8 Author: Marcelo Vázquez aka s4vitar ApowerManager Remote Denial of Service DoS / Application Crash Exploit Title: ApowerManager - Phone Manager Remote Denial of Service DoS / Application Crash Date: 2019-02-14 Exploit Author: Marcelo Vázquez aka s4vitar Vendor...
MediaMonkey 4.1.23 - (.mp3) URL Denial of Service Exploit
-- coding: utf-8 -- Exploit Title: MediaMonkey 4.1.23 - URL Denial of Service PoC Author: Alejandra Sánchez Vendor Homepage: https://www.mediamonkey.com/ Software Link: https://www.mediamonkey.com/sw/MediaMonkey4.1.23.1881.exe Version: 4.1.23.1881 Tested on: Windows 10 Proof of Concept: 1.- Run t...
runc < 1.0-rc6 (Docker < 18.09.2) - Container Breakout (2)
Exploit for linux platform in category local exploits runc . + constructed fdpath + badinit is ready -- see for logs. dying to allow /proc/self/exe to be unused... % cat /usr/sbin/docker-runc !/bin/bash touch /w00tw00t ; cat /etc/shadow And now if you try to use Docker normally, t...
Core FTP / SFTP Server 1.2 Build 589.42 - User domain Denial of Service Exploit
Exploit Title: Core FTP/SFTP Server 1.2 - Build 589.42 - Denial of Service PoC Discovery by: Victor Mondragón Vendor Homepage: http://www.coreftp.com/ Software Link: http://www.coreftp.com/server/download/archive/CoreFTPServer589.42.exe Tested Version: v2-Build 673 Tested on: Windows 7 Service Pa...
DomainMOD 4.11.01 - (assets/add/dns.php) Cross-Site Scripting Vulnerability
Exploit for php platform in category web applications Exploit Title: DomainMOD 4.11.01 - Cross-Site Scripting Exploit Author: Mohammed Abdul Raheem Vendor Homepage: domainmod https://domainmod.org/ Software Link: domainmod https://github.com/DomainMod/DomainMod Version: v4.09.03 to v4.11.01 CVE :...
exacqVision ESM 5.12.2 - Privilege Escalation Vulnerability
Exploit for windows platform in category local exploits...
DomainMOD 4.11.01 - (category.php CatagoryName, StakeHolder) Cross-Site Scripting Vulnerability
Exploit for php platform in category web applications Exploit Title: DomainMOD 4.11.01 - Cross-Site Scripting Exploit Author: Mohammed Abdul Raheem Vendor Homepage: domainmod https://domainmod.org/ Software Link: domainmod https://github.com/DomainMod/DomainMod Version: v4.09.03 to v4.11.01 CVE :...
WordPress Booking Calendar 8.4.3 Plugin - Authenticated SQL Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: Wordpress Booking Calendar v8.4.3 - Authenticated SQL Injection Vulnerability Exploit Author: B0UG Vendor Homepage: https://wpbookingcalendar.com/ Software Link: https://wordpress.org/plugins/booking/ Version: Tested on version...
DomainMOD 4.11.01 - ssl-accounts.php username Cross-Site Scripting Vulnerability
Exploit for php platform in category web applications Exploit Title: DomainMOD 4.11.01 - Cross-Site Scripting Exploit Author: Mohammed Abdul Raheem Vendor Homepage: domainmod https://domainmod.org/ Software Link: domainmod https://github.com/DomainMod/DomainMod Version: v4.09.03 to v4.11.01 CVE :...
Jiofi 4 (JMR 1140 Amtel_JMR1140_R12.07) - Reflected Cross-Site Scripting Vulnerability
Exploit for hardware platform in category web applications Exploit Title: Jiofi 4 JMR 1140 Reflected Cross Site Scripting Exploit Author: Ronnie T Baby Contact:https://www.linkedin.com/in/ronnietbaby Vendor Homepage: www.jio.com Hardware Link: https://www.jio.com/shop/en-in/jmr-1140/p/491193574...
Nokia 8810 Denial Of Service Exploit
A denial of service issue has been discovered in the Gecko component of KaiOS 2.5 10.05 platform 48.0.a2 on Nokia 8810 4G devices. When a crafted web page is visited with the internal browser, the Gecko process crashes with a segfault. Successful exploitation could lead to the remote code executi...
snapd < 2.37 (Ubuntu) - dirty_sock Local Privilege Escalation (1)
Exploit for linux platform in category local exploits...
NetworkSleuth 3.0 - Name Denial of Service Exploit
-- coding: utf-8 -- Exploit Title: NetworkSleuth 3.0 - Denial of Service PoC Author: Alejandra Sánchez Vendor Homepage: http://www.nsauditor.com/ Software Link: http://www.nsauditor.com/downloads/networksleuthsetup.exe Version: 3.0.0.0 Tested on: Windows 10 Proof of Concept: 1.- Run the python...
SYSTORME ISG Command Injection Vulnerability
SYSTORME ISG products ISG-600C, ISG-600H, and ISG-800W suffer from an authenticated command injection vulnerability. SYSTORME ISG Command Injection Vulnerability ===================================== Authenticated Shell Command Injection ===================================== . contents:: Table Of...
SYSTORME ISG Cross Site Request Forgery Vulnerability
Exploit for multiple platform in category web applications SYSTORME ISG Cross Site Request Forgery Vulnerability ===================================================== Authenticated XSRF leads to complete Account Takeover ===================================================== . contents:: Table Of...
Jiofi 4 (JMR 1140 Amtel_JMR1140_R12.07) - CSRF (Password Disclosure) Vulnerability
Exploit for hardware platform in category web applications Exploit Title: Jiofi 4 JMR 1140 CSRF To View Wi-fi Password Exploit Author: Ronnie T Baby Contact:https://www.linkedin.com/in/ronnietbaby Vendor Homepage: www.jio.com Hardware Link: https://www.jio.com/shop/en-in/jmr-1140/p/491193574...
Raisecom Technology GPON-ONU HT803G-07 Command Injection (2)
Raisecom Technology GPON-ONU HT803G-07 suffers from an authenticated command injection vulnerability in the newpass and confpass parameters in /bin/WebMGR. Raisecom Technology GPON-ONU HT803G-07 Command Injection 2 ===================================== Authenticated Shell Command Injection...
Rukovoditel Project Management CRM 2.4.1 - Cross-Site Scripting Vulnerability
Exploit for php platform in category web applications Exploit Title : Rukovoditel Project Management CRM 2.4.1 - XSS Vulnerability DOM BASED Author Discovered By : Mehmet EMIROGLU Vendor Homepage : https://www.rukovoditel.net/ Software Link : https://sourceforge.net/projects/rukovoditel/ Affected...
Jiofi 4 (JMR 1140 Amtel_JMR1140_R12.07) - CSRF (Admin Token Disclosure) Vulnerability
Exploit for hardware platform in category web applications Exploit Title: Jiofi 4 JMR 1140 CSRF To Leak Admin Tokens to change wifi Password or Factory Reset Router Exploit Author: Ronnie T Baby Contact:https://www.linkedin.com/in/ronnietbaby Vendor Homepage: www.jio.com Hardware Link:...
Raisecom Technology GPON-ONU HT803G-07 Command Injection (1)
Raisecom Technology GPON-ONU HT803G-07 suffers from an authenticated command injection vulnerability in the fmgponloid parameter. Raisecom Technology GPON-ONU HT803G-07 Command Injection 1 ===================================== Authenticated Shell Command Injection...
snapd < 2.37 (Ubuntu) - dirty_sock Local Privilege Escalation (2)
Exploit for linux platform in category local exploits !/usr/bin/env python3 """ dirtysock: Privilege Escalation in Ubuntu via snapd In January 2019, current versions of Ubuntu Linux were found to be vulnerable to local privilege escalation due to a bug in the snapd API. This repository contains t...
PilusCart 1.4.1 - send SQL Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: PilusCart 1.4.1 - 'send' SQL Vulnerability Exploit Author: Mehmet EMIROGLU Vendor Homepage: https://sourceforge.net/projects/pilus/ Software Link: https://sourceforge.net/projects/pilus/ Version: 1.4.1 Category: Webapps Tested o...
OPNsense < 19.1.1 - Cross-Site Scripting Vulnerability
Exploit for php platform in category web applications Exploit Title: OPNsense 19.1 | Cross-Site Scripting Exploit Author: Ozer Goker Vendor Homepage: https://opnsense.org Software Link: http://mirror.ams1.nl.leaseweb.net/opnsense/releases/19.1/OPNsense-19.1-OpenSSL-dvd-amd64.iso.bz2 Version: 19.1...
runC < 1.0-rc6 (Docker < 18.09.2) - Host Command Execution Exploit
Exploit for linux platform in category local exploits runc /bin/sh is issued on the host. More complete explanation here. Download: https://github.com/offensive-security/exploitdb-bin-sploits/raw/master/bin-sploits/46359.zip 0day.today 2019-02-25...
Android - binder Use-After-Free via fdget() Optimization Exploit
Android - binder Use-After-Free via fdget Optimization Exploit This bug report describes two different issues in different branches of the binder kernel code. The first issue is in the upstream Linux kernel, commit 7f3dc0088b98 "binder: fix proc-files use-after-free"; the second issue is in the...
Android - binder Use-After-Free of VMA via race Between reclaim and munmap Exploit
Android - binder Use-After-Free of VMA via race Between reclaim and munmap The following bug report solely looks at the situation on the upstream master branch; while from a cursory look, at least the wahoo kernel also looks affected, I have only properly tested this on upstream master. There is ...
BlogEngine.NET 3.3.6 - Directory Traversal / Remote Code Execution Vulnerabilities
Exploit for asp platform in category web applications Exploit Title: BlogEngine.NET = 3.3.6 Directory Traversal RCE Date: 02-11-2019 Exploit Author: Dustin Cobb Vendor Homepage: https://github.com/rxtur/BlogEngine.NET/ Software Link:...
LayerBB 1.1.2 - Cross-Site Scripting Vulnerability
Exploit for php platform in category web applications Exploit Title: LayerBB 1.1.2 - Cross-Site Scripting Author: 0xB9 Twitter: @0xB9Sec Contact: 0xB9atpm.me Software Link: https://forum.layerbb.com/downloads.php?view=file&id=28 Version: 1.1.2 Tested on: Ubuntu 18.04 CVE: CVE-2019-7688 1...
Skyworth GPON HomeGateways and Optical Network Terminals - Stack Overflow Exploit
''' ======================================================== Unauthenticated Stack Overflow in Multiple Gpon Devices ======================================================== . contents:: Table Of Content Overview ======== Title:- StackOverflow in Multiple Skyworth GPON HomeGateways and Optical...
Dolibarr 8.0.4 - user privilege escalation Vulnerability
Exploit for php platform in category web applications Exploit title : Dolibarr 8.0.4 - user privilege escalation Google Dork : N/A Date : 06.02.2019 Exploit Author : Mikayıl İlyas / Cyber-warrior.org - Bug Researchers group Vendor Homepage : https://dolibarr.org Software download :...