39001 matches found
runC < 1.0-rc6 (Docker < 18.09.2) - Host Command Execution Exploit
Exploit for linux platform in category local exploits runc /bin/sh is issued on the host. More complete explanation here. Download: https://github.com/offensive-security/exploitdb-bin-sploits/raw/master/bin-sploits/46359.zip 0day.today 2019-02-25...
Avast Anti-Virus < 19.1.2360 - Local Credentials Disclosure Exploit
Exploit for windows platform in category local exploits Exploit Title: Avast Anti-Virus Local Credentials Disclosure 19.1.2360 Exploit Author: Nathu Nandwani Website: http://nandtech.co/ Version: before 19.1.2360 build 19.1.4142.0 Tested on: Windows 10 x64 CVE: CVE-2018-12572 Based on LiquidWorm'...
Indusoft Web Studio 8.1 SP2 - Remote Code Execution Exploit
Exploit Title: Indusoft Web Studio Unauthenticated RCE Exploit Author: Jacob Baines Vendor Homepage: http://www.indusoft.com/ Software http://www.indusoft.com/Products-Downloads/Download-Library Version: 8.1 SP2 and below Tested on: Windows 7 running the Web Studio 8.1 SP2 demo app CVE :...
MyBB Bans List 1.0 - Cross-Site Scripting Vulnerability
Exploit for php platform in category web applications Exploit Title: MyBB Bans List - Cross Site Scripting Author: 0xB9 Twitter: @0xB9Sec Contact: 0xB9atpm.me Software Link: https://community.mybb.com/mods.php?action=view&pid=423 Version: 1.0 Tested on: Ubuntu 18.04 CVE: CVE-2018-14724 1...
River Past Video Cleaner 7.6.3 - Local Buffer Overflow (SEH) Exploit
Exploit Title: River Past Video Cleaner Buffer Overflow SEH Exploit Author: crashmanucoot Contact: twitter.com/crashmanucoot Software Link: https://river-past-video-cleaner.softonic.com/ Version: 7.6.3 Tested on: Windows 10 Pro x64 SPANISH Category: Windows Local Exploit How to use:open the progr...
IPFire 2.21 - Cross-Site Scripting Vulnerability
Exploit for php platform in category web applications Exploit Title: IPFire 2.21 - Core Update 127 | Cross-Site Scripting Exploit Author: Ozer Goker Vendor Homepage: https://www.ipfire.org Software Link:...
AirDroid 4.2.1.6 - Denial of Service Exploit
!/bin/bash Author: Marcelo Vázquez aka s4vitar AirDroid Denial of Service DoS & System Crash Exploit Title: AirDroid Remote Denial of Service DoS & System Crash Exploit Author: Marcelo Vázquez Vendor Homepage: https://web.airdroid.com/ Software Link:...
IP-Tools 2.5 - Local Buffer Overflow (SEH) (Egghunter) Exploit
Exploit for windows platform in category local exploits !/usr/bin/env python ------------------------------------------------------------------------------------------------------------------------------------ Exploit: IP-Tools 2.5 - Local Buffer OverflowEggHunter Date: 2019-02-06 Author: Juan...
NordVPN 6.19.6 - Denial of Service Exploit
-- coding: utf-8 -- Exploit Title: NordVPN 6.19.6 - Denial of Service PoC Author: Alejandra Sánchez Vendor Homepage: https://nordvpn.com/ Software Link: https://downloads.nordcdn.com/apps/windows/10/NordVPN/latest/NordVPNSetup.exe Version: 6.19.6 Tested on: Windows 10 Proof of Concept: 1.- Run th...
Coship Wireless Router 4.0.0.x/5.0.0.x - WiFi Password Reset
Exploit for hardware platform in category web applications Exploit Title: Coship Wireless Router – Wireless SSID Unauthenticated Password Reset Exploit Author: Adithyan AK Vendor Homepage: http://en.coship.com/ Category: Hardware WiFi Router Affected Versions : Coship RT3052 - 4.0.0.48, Coship...
Webiness Inventory 2.3 - email SQL Injection Vulnerability
Exploit for php platform in category web applications =========================================================================================== Exploit Title: Webiness Inventory 2.3 - 'email' SQL Vulnerability Exploit Author: Mehmet EMIROGLU Vendor Homepage:...
VA MAX 8.3.4 - Authenticated Remote Code Execution Exploit
Exploit for php platform in category web applications email protected:/home/c/src/nippur cat vamax3.py !/usr/bin/env python quick poc for postauth rce bug in va max 8.3.4 more: https://code610.blogspot.com 10.02.2019 p.s. listening on any 4444 ... 192.168.1.126: inverse host lookup failed: Unknow...
CentOS Web Panel 0.9.8.763 - Persistent Cross-Site Scripting Vulnerability
Exploit for linux platform in category web applications Exploit Title: CentOS Web Panel 0.9.8.763 - Stored Cross-Site Scripting Vulnerability Google Dork: N/A Date: 10 - January - 2019 Exploit Author: DKM Vendor Homepage: http://centos-webpanel.com Software Link: http://centos-webpanel.com Versio...
Smoothwall Express 3.1-SP4 - Cross-Site Scripting Vulnerability
Exploit for cgi platform in category web applications Exploit Title: Smoothwall Express 3.1-SP4-polar-x8664-update9 | Cross-Site Scripting Date: 06.02.2019 Exploit Author: Ozer Goker Vendor Homepage: http://www.smoothwall.org Software Link:...
Adobe Flash Player DeleteRangeTimelineOperation Type Confusion Exploit
This Metasploit module exploits a type confusion on Adobe Flash Player, which was originally found being successfully exploited in the wild. This module has been tested successfully on: macOS Sierra 10.12.3, Safari and Adobe Flash Player 21.0.0.182, Firefox and Adobe Flash Player 21.0.0.182. This...
osCommerce 2.3.4.1 - currency SQL Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: osCommerce 2.3.4.1 - 'currency' SQL Vulnerabilities Exploit Author: Mehmet EMIROGLU Vendor Homepage: https://www.oscommerce.com Software Link: https://www.oscommerce.com/Products Version: 2.3.4.1 Category: Webapps Tested on: Wam...
osCommerce 2.3.4.1 - products_id SQL Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: osCommerce 2.3.4.1 - 'productsid' SQL Vulnerabilities Exploit Author: Mehmet EMIROGLU Vendor Homepage: https://www.oscommerce.com Software Link: https://www.oscommerce.com/Products Version: 2.3.4.1 Category: Webapps Tested on:...
River Past Audio Converter 7.7.16 - Buffer Overflow (SEH) Exploit
Exploit for windows platform in category local exploits Exploit Title: RiverPastAudioConverter - Buffer Overflow SEH Vendor Homepage: www.riverpast.com Software Link: https://en.softonic.com/download/river-past-audio-converter/windows/post-download?sl=3D1 Exploit Author: Matteo Malvica Tested...
River Past Cam Do 3.7.6 - Local Buffer Overflow (SEH) Exploit
Exploit for windows platform in category local exploits Exploit Title: River Past CamDo SEH Local Exploit Date: 07.02.2019 Vendor Homepage:www.riverpast.com Software Link: https://en.softonic.com/download/river-past-cam-do/windows/post-download?sl=1 Exploit Author: Achilles Tested Version: 3.7.6...
osCommerce 2.3.4.1 - reviews_id SQL Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: osCommerce 2.3.4.1 - 'reviewsid' SQL Vulnerabilities Exploit Author: Mehmet EMIROGLU Vendor Homepage: https://www.oscommerce.com Software Link: https://www.oscommerce.com/Products Version: 2.3.4.1 Category: Webapps Tested on:...
Skia - Incorrect Convexity Assumptions Leading to Buffer Overflows Exploit
I was looking into the root cause of https://bugs.chromium.org/p/chromium/issues/detail?id=850350. In that bug, due to precision errors, Skia generated a concave RRect, but declared it convex. Later, the RRect was transformed with an affine transform and used as a clipping region for drawing...
Evince CBT File Command Injection Exploit
This Metasploit module exploits a command injection vulnerability in Evince before version 3.24.1 when opening comic book .cbt files. Some file manager software, such as Nautilus and Atril, may allow automatic exploitation without user interaction due to thumbnailer preview functionality. Note th...
FutureDj Pro 1.7.2.0 - Denial of Service Exploit
Exploit Title: FutureDj Pro Local Dos Exploit Date: 07.02.2019 Vendor Homepage: https://www.xylio.com Software Link: https://www.xylio.com/future-dj-pro-a-new-level-of-mixing-perfection/ Exploit Author: Achilles Tested Version: 1.7.2.0 32bit Tested on: Windows 7 SP1 Ultimate 1.- Run python code :...
NUUO NVRmini upgrade_handle.php Remote Command Execution Exploit
This Metasploit module exploits a vulnerability in the web application of NUUO NVRmini IP camera, which can be done by triggering the writeuploaddir command in the upgradehandle.php file. This module requires Metasploit: https://metasploit.com/download Current source:...
WordPress WP User Manager 2.0.8 Shell Upload Vulnerability
WordPress WP User Manager plugin version 2.0.8 suffers from a remote shell upload vulnerability. Exploit Title: Wordpress Plugin WP User Manager 2.0.8 - Arbitrary file upload Exploit Author: Mr Winst0n Author E-mail: [email protected] Vendor Homepage: https://wpusermanager.com Software Li...
Cisco ISE 2.4.0 XSS / Remote Code Execution Exploit
Cisco Identity Services Engine ISE version 2.4.0 suffers from cross site scripting, java deserialization, and in conjunction can lead to remote code execution. Full exploit provided. Multiple vulnerabilities in Cisco Identity Services Engine Unauth XSS to RCE as root Discovered by Pedro Ribeiro...
Device Monitoring Studio 8.10.00.8925 - Denial of Service Exploit
Exploit Title: Device Monitoring Studio 8.10.00.8925 - Denial of Service PoC Discovery by: Victor Mondragón Tested Version: 8.10.00.8925 Tested on: Windows 7 Service Pack 1 x64 Steps to produce the crash: 1.- Run python code: DeviceMonitoringStudio8.10.00.8925.py 2.- Open code.txt and copy conten...
OpenMRS Platform < 2.24.0 - Insecure Object Deserialization Vulnerability
Exploit for java platform in category web applications Insecure Object Deserialization on the OpenMRS Platform Vulnerability Details CVE ID: CVE-2018-19276 Access Vector: Remote Security Risk: Critical Vulnerability: CWE-502 CVSS Base Score: 10.0 CVSS vector:...
River Past Audio Converter Version 7.7.6 Denial Of Service Exploit
Exploit Title: RiverPastAudioConverterDoS Vendor Homepage:www.riverpast.com Software Link :https://en.softonic.com/download/river-past-audio-converter/windows/post-download?sl=1 Exploit Author: Achilles Tested Version: 7.7.16 Tested on: Windows XP SP3 Vulnerability Type: Denial of Service DoS Loc...
BEWARD N100 H.264 VGA IP Camera M2.1.6 - CSRF (Add Admin) Vulnerability
Exploit for hardware platform in category web applications BEWARD N100 H.264 VGA IP Camera M2.1.6 CSRF Add Admin Exploit Vendor: Beward R&D Co., Ltd Product web page: https://www.beward.net Affected version: M2.1.6.04C014 Summary: The N100 compact color IP camera with support for a more efficient...
devolo dLAN 550 duo+ Starter Kit - Cross-Site Request Forgery Vulnerability
Exploit for hardware platform in category web applications devolo dLAN 550 duo+ Starter Kit Cross-Site Request Forgery Vendor: devolo AG Product web page: https://www.devolo.com Affected version: dLAN 500 AV Wireless+ 3.1.0-1 i386 Summary: Devolo dLAN® 550 duo+ Starter Kit is Powerlineadapter whi...
BEWARD N100 H.264 VGA IP Camera M2.1.6 - Remote Code Execution Vulnerability
Exploit for hardware platform in category web applications BEWARD N100 H.264 VGA IP Camera M2.1.6 Root Remote Code Execution Vendor: Beward R&D Co., Ltd Product web page: https://www.beward.net Affected version: M2.1.6.04C014 Summary: The N100 compact color IP camera with support for a more...
Linux/x86 - Random Insertion Encoder and Decoder Shellcode (Generator)
!/usr/bin/python Python Random Insertion Encoder Author: Aditya Chaudhary Date: 5th Feb 2019 import random import sys import argparse shellcode = "\x31\xc0\x50\x89\xe2\x68\x62\x61\x73\x68\x68\x62\x69\x6e\x2f\x68\x2f\x2f\x2f\x2f\x89\xe3\x50\x53\x89\xe1\xb0\x0b\xcd\x80" Parse Arguments parser =...
BEWARD N100 H.264 VGA IP Camera M2.1.6 - Arbitrary File Disclosure Vulnerability
Exploit for hardware platform in category web applications BEWARD N100 H.264 VGA IP Camera M2.1.6 Arbitrary File Disclosure Vendor: Beward R&D Co., Ltd Product web page: https://www.beward.net Affected version: M2.1.6.04C014 Summary: The N100 compact color IP camera with support for a more...
BEWARD N100 H.264 VGA IP Camera M2.1.6 - RTSP Stream Disclosure Vulnerability
Exploit for hardware platform in category web applications BEWARD N100 H.264 VGA IP Camera M2.1.6 Unauthenticated RTSP Stream Disclosure Vendor: Beward R&D Co., Ltd Product web page: https://www.beward.net Affected version: M2.1.6.04C014 Summary: The N100 compact color IP camera with support for ...
Zyxel VMG3312-B10B DSL-491HNU-B1B v2 Modem - Cross-Site Request Forgery Vulnerability
Exploit for hardware platform in category web applications Exploit Title: Zyxel VMG3312-B10B DSL-491HNU-B1B v2 modem CSRF Exploit Version: Zyxel VMG3312-B10B Tested on : Parrot Os Author: Yusuf Furkan Twitter: h1yusuf CVE: CVE-2019-7391 model name: DSL-491HNU-B1B v2 history.pushState'', '', '/'...
devolo dLAN 550 duo+ Starter Kit - Remote Code Execution Vulnerability
Exploit for hardware platform in category web applications devolo dLAN 550 duo+ Starter Kit Remote Code Execution Vendor: devolo AG Product web page: https://www.devolo.com Affected version: dLAN 500 AV Wireless+ 3.1.0-1 i386 Summary: Devolo dLAN® 550 duo+ Starter Kit is Powerlineadapter which is...
River Past Ringtone Converter 2.7.6.1601 - Denial of Service Exploit
Exploit Title: River Past Ringtone Converter v2.7.6.1601 - Denial of Service PoC Discovery by: Rafael Pedrero Vendor Homepage: http://www.riverpast.com/ Software Link : http://www.riverpast.com/ Tested Version: v2.7.6.1601 Tested on: Windows XP SP3 Vulnerability Type: Denial of Service DoS Local...
TaskInfo 8.2.0.280 - Denial of Service Exploit
Exploit Title: TaskInfo v8.2.0.280 - Denial of Service PoC Discovery by: Rafael Pedrero Vendor Homepage: http://www.iarsn.com/ Software Link : http://www.iarsn.com/ Tested Version: v8.2.0.280 Tested on: Windows XP SP3 Vulnerability Type: Denial of Service DoS Local Buffer Overflow Steps to Produc...
SpotAuditor 3.6.7 - Denial of Service Exploit
Exploit Title: SpotAuditor v3.6.7 - Denial of Service PoC Discovery by: Rafael Pedrero Vendor Homepage: http://www.nsauditor.com/order.html Software Link : http://www.nsauditor.com/order.html Tested Version: v3.6.7 Tested on: Windows XP SP3 Vulnerability Type: Denial of Service DoS Local Buffer...
ResourceSpace 8.6 - watched_searches.php SQL Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: ResourceSpace =8.6 'watchedsearches.php' SQL Injection Dork: intext:"Powered by ResourceSpace" Exploit Author: dd email protected Vendor Homepage: https://www.resourcespace.com/ Software Link: https://www.resourcespace.com/get...
pfSense 2.4.4-p1 - Cross-Site Scripting Vulnerability
Exploit for multiple platform in category web applications Exploit Title: pfSense 2.4.4-p1 | Cross-Site Scripting Exploit Author: Ozer Goker Vendor Homepage: https://www.pfsense.org Software Link: https://frafiles.pfsense.org/mirror/downloads/pfSense-CE-2.4.4-RELEASE-p1-amd64.iso.gz Version:...
SuiteCRM 7.10.7 - record SQL Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: SuiteCRM 7.10.7 - 'record' SQL Vulnerabilities Exploit Author: Mehmet EMIROGLU Vendor Homepage: https://suitecrm.com/ Software Link: https://suitecrm.com/download/ Version: 7.10.7 Category: Webapps Tested on: Wampp @Win CVE: N/A...
SuiteCRM 7.10.7 - parentTab SQL Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: SuiteCRM 7.10.7 - 'parentTab' SQL Vulnerabilities Exploit Author: Mehmet EMIROGLU Vendor Homepage: https://suitecrm.com/ Software Link: https://suitecrm.com/download/ Version: 7.10.7 Category: Webapps Tested on: Wampp @Win CVE:...
Nessus 8.2.1 - Cross-Site Scripting Vulnerability
Exploit for multiple platform in category web applications Exploit Title: Nessus 8.2.1 | Stored Cross-Site Scripting Exploit Author: Ozer Goker Vendor Homepage: https://www.tenable.com Software Link: https://www.tenable.com/downloads/nessus Version: 8.2.1 Introduction Nessus is 1 For Vulnerabilit...
MyVideoConverter Pro 3.14 Denial of Service Exploit
Exploit Title: MyVideoConverter Pro 3.14 Denial of Service Date: 03.02.2019 Vendor Homepage: http://www.ivideogo.com/ Software Link : http://www.ivideogo.com/ Exploit Author: Achilles Tested Version: 3.14 Tested on: Windows 7 x64 Vulnerability Type: Denial of Service DoS Local Buffer Overflow Ste...
Tebilisim Remote File Read Vulnerability
Exploit for php platform in category web applications This is private exploit. You can buy it at https://0day.today...
CUJO Firewall User Enumeration / Authorization Bypass Vulnerabilities
Exploit for multiple platform in category local exploits Despite CUJO Firewall is a cute device and quite challenging to break from hardware hacking point of view... the APIs which are just a click away, once bypassed pinning and apk's obfuscation suffer of authorization bypass issues. An attacke...
SolarWinds Serv-U FTP 15.1.6 Privilege Escalation Vulnerability
SolarWinds Serv-U FTP Server version 15.1.6 is vulnerable to privilege escalation from remote authenticated users by leveraging the CSV user import function. This leads to obtaining remote code execution under the context of the Windows SYSTEM account in a default installation. CVE: CVE-2018-1590...
Linux/x86 Read /etc/passwd Shellcode 58 bytes
/ Shellcode Title: Linux/x86 - Read File /etc/passwd 58 bytes. NULL byte free Author: Kiewicz @Kiewicz Homepage: https://0xkiewicz.github.io Tested on: Debian/x86 gcc -o shellcode -z execstack -fno-stack-protector shellcode.c PA-7854 / / $ objdump -d -M intel readfile readfile: file format...