39001 matches found
GreenCMS 2.x - SQL Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: Green CMS 2.x - SQL Injection Exploit Author: Ihsan Sencan Vendor Homepage: http://www.greencms.net/ Software Link: https://codeload.github.com/GreenCMS/GreenCMS/zip/beta Version: 2.x Category: Webapps Tested on:...
Wordpress Wisechat 2.6.3 Plugin - Reverse Tabnabbing Vulnerability
Exploit for php platform in category web applications Exploit Title: Wordpress Plugin Wisechat if window.opener window.opener.parent.location.replace'http://mtk911.cf/'; if window.parent != window window.parent.location.replace'http://mtk911.cf/'; Open Redirect TEST when you click on that user...
GreenCMS 2.x - Arbitrary File Download Vulnerability
Exploit for php platform in category web applications Exploit Title: Green CMS 2.x - Arbitrary File & Directory Download Exploit Author: Ihsan Sencan Vendor Homepage: http://www.greencms.net/ Software Link: https://codeload.github.com/GreenCMS/GreenCMS/zip/beta Version: 2.x Category: Webapps Test...
Lua 5.3.5 - debug.upvaluejoin Use After Free Exploit
Exploit Title: Lua 5.3.5 Exploit Author: Fady Mohamed Osman https://twitter.com/fadyothman Exploit-db : http://www.exploit-db.com/author/?a=2986 Blog : https://blog.fadyothman.com/ Date: Jan. 10th 2019 Vendor Homepage: https://www.lua.org/ Software Link: https://www.lua.org/ftp/lua-5.3.5.tar.gz...
iOS / macOS - task_swap_mach_voucher() Use-After-Free Exploit
/ voucherswap-poc.c Brandon Azad / if 0 iOS/macOS: taskswapmachvoucher does not respect MIG semantics leading to use-after-free The dangers of not obeying MIG semantics have been well documented: see issues 926 CVE-2016-7612, 954 CVE-2016-7633, 1417 CVE-2017-13861, asyncwake, 1520 CVE-2018-4139,...
Cisco RV320 Command Injection Vulnerability
RedTeam Pentesting discovered a command injection vulnerability in the web-based certificate generator feature of the Cisco RV320 router. Versions 1.4.2.15 through 1.4.2.19 are affected. Fixed in version 1.4.2.20. Product: Cisco RV320 Dual Gigabit WAN VPN Router, possibly others Affected Versions...
Microsoft Remote Desktop 10.2.4(134) - Denial of Service Exploit
Exploit Title: Microsoft Remote Desktop 10.2.4134 - Denial of Service PoC Author: Saeed Hasanzadeh Net.Hun73r Twitter: @nethun73r Software Link: https://itunes.apple.com/us/app/microsoft-remote-desktop-10/id1295203466?mt=12 Version: 10.2.4134 Tested on: Mac OS Mojave10.14.2 Proof of Concept: Run...
Joomla JHotelReservation 6.0.7 Component - SQL Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: Joomla! Component JHotelReservation 6.0.7 - SQL Injection Exploit Author: Ihsan Sencan Vendor Homepage: http://cmsjunkie.com/ Software Link:...
SimplePress CMS 1.0.7 - SQL Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: SimplePress CMS 1.0.7 - SQL Injection Exploit Author: Ihsan Sencan Vendor Homepage: https://sourceforge.net/projects/simplepresscms/ Software Link: https://ayera.dl.sourceforge.net/project/simplepresscms/1.0%20alpha/1.0.7alpha.z...
Zyxel NBG-418N v2 Modem 1.00(AAXM.6)C0 - Cross-Site Request Forgery Vulnerability
Exploit for hardware platform in category web applications NBG-418N v2 Modem CSRF Exploit & PoC 0day.today 2019-02-06...
AddressSanitizer (ASan) - SUID Executable Privilege Escalation Exploit
This Metasploit module attempts to gain root privileges on Linux systems using setuid executables compiled with AddressSanitizer ASan. ASan configuration related environment variables are permitted when executing setuid executables built with libasan. The logpath option can be set using the...
Splunk Enterprise 7.2.3 - Authenticated Custom App Remote Code Execution Exploit
Exploit for windows platform in category web applications !/usr/bin/python Exploit Title: Splunk Enterprise 7.2.3 Custom App RCE persistent backdoor Exploit Author: Lee Mazzoleni Vendor Homepage: https://www.splunk.com/ Software Link: https://www.splunk.com/enus/download/splunk-enterprise.html...
Joomla J-CruisePortal 6.0.4 Component - SQL Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: Joomla! Component J-CruisePortal 6.0.4 - SQL Injection Exploit Author: Ihsan Sencan Vendor Homepage: http://cmsjunkie.com/ Software Link: https://www.cmsjunkie.com/joomla-cruise-reservation-portal Version: 6.0.7 Category: Webapp...
Cisco RV320 Unauthenticated Configuration Export Vulnerability
RedTeam Pentesting discovered that the configuration of a Cisco RV320 router may be exported without authentication through the device's web interface. Affected versions include 1.4.2.15 and 1.4.2.17. Product: Cisco RV320 Dual Gigabit WAN VPN Router, possibly others Affected Versions: 1.4.2.15,...
Cisco RV320 Unauthenticated Diagnostic Data Retrieval Vulnerability
RedTeam Pentesting discovered that the Cisco RV320 router exposes sensitive diagnostic data without authentication through the device's web interface. Versions affected include 1.4.2.15 and 1.4.2.17. Product: Cisco RV320 Dual Gigabit WAN VPN Router, possibly others Affected Versions: 1.4.2.15,...
Ghostscript 9.26 - Pseudo-Operator Remote Code Execution Exploit
Ghostscript 9.26 - Pseudo-Operator Remote Code Execution Exploit I noticed ghostscript 9.26 was released, so had a quick look and spotted some errors. For background, this is how you define a subroutine in postscript: /hello hello\n print def That's simple enough, but because a subroutine is just...
ImpressCMS 1.3.11 - bid SQL Injection Vulnerability
Exploit for php platform in category web applications Title: ImpressCMS 1.3.11 - 'bid' SQL Injection Exploit Author: Mehmet Onder Key Vendor Homepage: http://www.impresscms.org/ Software Link: https://sourceforge.net/projects/impresscms/files/v1.3.11/impresscms1.3.11.zip Version: v1.3.11 Category...
SirsiDynix e-Library 3.5.x - Cross-Site Scripting Vulnerability
Exploit for cgi platform in category web applications Exploit Title: SirsiDynix e-Library = 3.5.x - Cross-Site Scripting CVE: CVE-2018-20503 Google Dork: inurl:/x/x/0/49 Exploit Author: Özkan Mustafa Akkuş AkkuS Contact: https://pentest.com.tr Vendor Homepage: http://www.sirsidynix.com Version:...
Joomla J-ClassifiedsManager 3.0.5 Component - SQL Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: Joomla! Component J-ClassifiedsManager 3.0.5 - SQL Injection Exploit Author: Ihsan Sencan Vendor Homepage: http://cmsjunkie.com/ Software Link:...
Joomla vWishlist 1.0.1 Component - SQL Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: Joomla! Component vWishlist 1.0.1 - SQL Injection Exploit Author: Ihsan Sencan Vendor Homepage: http://wdmtech.com/ Software Link:...
Joomla vBizz 1.0.7 Component - Remote Code Execution Vulnerability
Exploit for php platform in category web applications Exploit Title: Joomla! Component vBizz 1.0.7 - Remote Code Execution Exploit Author: Ihsan Sencan Vendor Homepage: http://wdmtech.com/ Software Link: https://extensions.joomla.org/extensions/extension/marketing/crm/vbizz/ Version: 1.0.7...
PLC Wireless Router GPN2.4P21-C-CN Incorrect Access Control Vulnerability
Exploit for hardware platform in category web applications Exploit Title: PLC Wireless Router GPN2.4P21-C-CN -Incorrect Access Control Exploit Author: Kumar Saurav Vendor: ChinaMobile Category: Hardware Version: GPN2.4P21-C-CN Firmware: W2001EN-00 Tested on: Windows CVE : CVE-2019-6279 Descriptio...
Joomla J-BusinessDirectory 4.9.7 Component - type SQL Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: Joomla! Component J-BusinessDirectory 4.9.7 - SQL Injection Exploit Author: Ihsan Sencan Vendor Homepage: http://cmsjunkie.com/ Software Link:...
Joomla vRestaurant 1.9.4 Component - SQL Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: Joomla! Component vRestaurant 1.9.4 - SQL Injection Exploit Author: Ihsan Sencan Vendor Homepage: http://wdmtech.com/ Software Link: https://extensions.joomla.org/extensions/extension/vertical-markets/food-a-beverage/vrestaurant...
Joomla vBizz 1.0.7 Component - SQL Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: Joomla! Component vBizz 1.0.7 - SQL Injection Exploit Author: Ihsan Sencan Vendor Homepage: http://wdmtech.com/ Software Link: https://extensions.joomla.org/extensions/extension/marketing/crm/vbizz/ Version: 1.0.7 Category:...
Joomla vReview 1.9.11 Component - SQL Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: Joomla! Component vReview 1.9.11 - SQL Injection Exploit Author: Ihsan Sencan Vendor Homepage: http://wdmtech.com/ Software Link: https://extensions.joomla.org/extensions/extension/clients-a-communities/ratings-a-reviews/vreview...
Nagios XI 5.5.6 - Remote Code Execution / Privilege Escalation Exploit
Exploit for linux platform in category web applications Exploit Title: Nagios XI 5.5.6 Remote Code Execution and Privilege Escalation Exploit Author: Chris Lyne @lynerc Vendor Homepage: https://www.nagios.com/ Product: Nagios XI Software Link:...
Joomla VMap 1.9.6 Component - SQL Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: Joomla! Component VMap 1.9.6 - SQL Injection Exploit Author: Ihsan Sencan Vendor Homepage: http://wdmtech.com/ Software Link: https://extensions.joomla.org/extensions/extension/maps-a-weather/maps-a-locations/vmap/ Version: 1.9....
Joomla vAccount 2.0.2 Component - vid SQL Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: Joomla! Component vAccount 2.0.2 - SQL Injection Exploit Author: Ihsan Sencan Vendor Homepage: http://wdmtech.com/ Software Link: https://extensions.joomla.org/extensions/extension/financial/cost-calculators/vaccount/ Version:...
ManageEngine OpManager 12.3 Privilege Escalation Vulnerability
ManageEngine OpManager version 12.3 suffers from a weak permissions issue in which an attacker can replace the service binary with a binary of his choice. This service runs as Localsystem thus allowing for a privilege escalation vector. ManageEngine OpManager Privilege Escalation Vendor: Zoho...
Microsoft Windows CONTACT - HTML Injection / Remote Code Execution Vulnerability
Exploit for windows platform in category local exploits + Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/MICROSOFT-WINDOWS-CONTACT-FILE-HTML-INJECTION-MAILTO-LINK-ARBITRARY-CODE-EXECUTION.txt Vendor www.microsoft.com Produ...
Joomla JMultipleHotelReservation 6.0.7 Component - SQL Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: Joomla! Component J-MultipleHotelReservation 6.0.7 - SQL Injection Exploit Author: Ihsan Sencan Vendor Homepage: http://cmsjunkie.com/ Software Link:...
PLC Wireless Router GPN2.4P21-C-CN Cross Site Request Forgery Vulnerability
Exploit for hardware platform in category web applications Exploit Title: PLC Wireless Router GPN2.4P21-C-CN -Cross-Site Request Forgery CSRF Exploit Author: Kumar Saurav Vendor: ChinaMobile Category: Hardware Version: GPN2.4P21-C-CN Firmware: W2001EN-00 Tested on: Windows CVE : CVE-2019-6282...
Joomla Easy Shop 1.2.3 Component - Local File Inclusion Vulnerability
Exploit for php platform in category web applications Exploit Title: Joomla! Component Easy Shop 1.2.3 - Local File Inclusion Exploit Author: Ihsan Sencan Vendor Homepage: https://joomtech.net/ Software D.:...
Microsoft Windows VCF or Contact File - URL Manipulation-Spoof Arbitrary Code Execution Exploit
Exploit Title: Microsoft Windows 'VCF' or 'Contact' File URL Manipulation-Spoof Arbitrary Code Execution Vulnerability -- Remote Vector Exploit Author: Eduardo Braun Prado Vendor Homepage: http://www.microsoft.com/ Software Link: http://www.microsoft.com/ Version: Windows 7 SP1, 8.1, 10 v.1809 wi...
CloudMe Sync 1.11.2 - Buffer Overflow + Egghunt Exploit
Exploit Title: CloudMe Sync v1.11.2 Buffer Overflow + Egghunt Exploit Author:T3jv1l Vendor Homepage:https://www.cloudme.com/en Software: https://www.cloudme.com/downloads/CloudMe1112.exe Category:Local Contact:https://twitter.com/T3jv1l Version: CloudMe Sync 1.11.2 - Buffer Overflow + Egghunt...
PHP Dashboards NEW 5.8 - Local File Inclusion Vulnerability
Exploit for php platform in category web applications Exploit Title: PHP Dashboards NEW 5.8 - Local File Inclusion Exploit Author: Ihsan Sencan Vendor Homepage: http://dataninja.biz Software Link: https://codecanyon.net/item/php-dashboards-v50-brand-new-enterprise-edition/21540104 Version: 5.8...
PHP Uber-style GeoTracking 1.1 - SQL Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: PHP Uber-style GeoTracking 1.1 - SQL Injection Exploit Author: Ihsan Sencan Vendor Homepage: http://dataninja.biz Software Link: https://codecanyon.net/item/php-uberstyle-geotracking/20320021 Version: 1.1 Category: Webapps Teste...
PHP Dashboards NEW 5.8 - dashID SQL Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: PHP Dashboards NEW 5.8 - SQL Injection Exploit Author: Ihsan Sencan Vendor Homepage: http://dataninja.biz Software Link: https://codecanyon.net/item/php-dashboards-v50-brand-new-enterprise-edition/21540104 Version: 5.8 Category:...
Echo Mirage 3.1 - Buffer Overflow Exploit
!/usr/bin/python Exploit Title: Echo Mirage 3.1 Buffer Overflow PoC Stack Overflow Software Link: https://sourceforge.net/projects/echomirage.oldbutgold.p/ Version: 3.1 x64 Exploit Author: InitD Community Contact: https://twitter.com/initdsh Website: http://initd.sh/ Tested on: Windows 7 """ Step...
Kepler Wallpaper Script 1.1 - SQL Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: Kepler Wallpaper Script 1.1 - SQL Injection Exploit Author: Ihsan Sencan Vendor Homepage: https://keplerwallpapers.online/ Software Link: https://codeclerks.com/PHP/1559/Kepler-Wallpaper-Script Version: 1.1 Category: Webapps...
Linux Kernel 4.13 - compat_get_timex() Leak kernel pointer Exploit
Linux Kernel 4.13 - compatgettimex Leak kernel pointer Exploit define GNUSOURCE define BSDSOURCE include include include include include include include include include include include include include include include include include include // Ubuntu 4.13.0-16-generic // gcc -o poc poc.c -m32...
Coman 1.0 - id SQL Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: Coman - Company Management System 1.0 - SQL Injection Exploit Author: Ihsan Sencan Vendor Homepage: http://ragob.com/ Software Link: https://codecanyon.net/item/coman-company-management-system/17799270 Version: 1.0 Category:...
Reservic 1.0 - id SQL Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: Reservic - Reserves Management System 1.0 - SQL Injection Exploit Author: Ihsan Sencan Vendor Homepage: http://ragob.com/ Software Link: https://codecanyon.net/item/reservic-reserves-management-system/11736786 Version: 1.0...
Adianti Framework 5.5.0 - SQL Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: SQL Injection in Adianti Framework Exploit Author: Joner de Mello Assolin Vendor Homepage: https://www.adianti.com.br Version: 5.5.0 and 5.6.0 REQUIRED Tested on: XAMPP Version 7.2.2, phpMyAdmin 4.7.7 and 4.8.4, PHP 7.1 ,...
MoneyFlux 1.0 - id SQL Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: MoneyFlux - Cashflow Management System 1.0 - SQL Injection Exploit Author: Ihsan Sencan Vendor Homepage: http://ragob.com/ Software Link: https://codecanyon.net/item/moneyflux-laravel-5-cashflow-system/21577611 Version: 1.0...
GattLib 0.2 - Stack Buffer Overflow Exploit
Exploit Title: stack-based overflow Exploit Author: Dhiraj Mishra Vendor Homepage: http://labapart.com/ Software Link: https://github.com/labapart/gattlib/issues/81 Version: 0.2 Tested on: Linux 4.15.0-38-generic CVE: CVE-2019-6498 References: https://github.com/labapart/gattlib/issues/81...
Check Point ZoneAlarm 8.8.1.110 - Local Privilege Escalation Exploit
Exploit for windows platform in category local exploits Exploit Title: Check Point ZoneAlarm Local Privilege Escalation Exploit Author: Chris Anastasio Vendor Homepage: https://www.zonealarm.com/software/free-antivirus/ Software Link: Vulnerable Versions included in repo Version: ZoneAlarm Free...
Linux/x86 TCP/4444 Bindshell Shellcode (100 bytes)
; Title : Linux/x86 - Bind 4444/TCP Shell /bin/bash Shellcode 100 bytes ; Date : Jan, 2019 ; Author : Joao Batista ; Website : overflw.wordpress.com ; Twitter : @x42x42x42x42 ; SLAE-ID : 1420 ; Tested on : i686 GNU/Linux global start section .text start: xor eax,eax xor ebx,ebx ; socket push ebx...
VPN Browser+ 1.1.0.0 - Denial of Service Exploit
Exploit Title: VPN Browser+ 1.1.0.0 - Denial of Service PoC Author: 0xB9 Twitter: @0xB9Sec Contact: 0xB9atpm.me Software Link: https://www.microsoft.com/store/productId/9NFFFFS5Z2C7 Version: 1.1.0.0 Tested on: Windows 10 Proof of Concept: Run the python script, it will create a new file "PoC.txt"...