Lucene search
K

39001 matches found

0day.today
0day.today
added 2019/01/14 12:0 a.m.24 views

i-doit CMDB 1.12 - SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: i-doit CMDB 1.12 - SQL Injection Exploit Author: Ihsan Sencan Vendor Homepage: https://www.i-doit.org/ Software Link: https://netcologne.dl.sourceforge.net/project/i-doit/i-doit/1.12/idoit-open-1.12.zip Version: 1.12 Category:...

0.1AI score
Exploits0
0day.today
0day.today
added 2019/01/14 12:0 a.m.54 views

Live Call Support Widget 1.5 - Cross-Site Request Forgery Vulnerability

Exploit for php platform in category web applications Exploit Title: Live Call Support 1.5 - Cross-Site Request Forgery Add Admin Exploit Author: Ihsan Sencan Vendor Homepage: http://ranksol.com/ Software Link:...

0.4AI score
Exploits0
0day.today
0day.today
added 2019/01/14 12:0 a.m.19 views

Modern POS 1.3 - SQL Injection Vulnerability

Exploit for php platform in category web applications...

1.7AI score
Exploits0
0day.today
0day.today
added 2019/01/14 12:0 a.m.18 views

Modern POS 1.3 - Arbitrary File Download Vulnerability

Exploit for php platform in category web applications Exploit Title: Modern POS 1.3 - Arbitrary File Download Exploit Author: Ihsan Sencan Vendor Homepage: http://itsolution24.com/ Software Link: https://codecanyon.net/item/modern-pos-point-of-sale-with-stock-management-system/22702683 Version: 1...

7.4AI score
Exploits0
0day.today
0day.today
added 2019/01/14 12:0 a.m.2813 views

Umbraco CMS 7.12.4 - Authenticated Remote Code Execution Exploit

Exploit for php platform in category web applications Exploit Title: Umbraco CMS - Remote Code Execution by authenticated administrators Exploit Author: Gregory DRAPERI & Hugo BOUTINON Vendor Homepage: http://www.umbraco.com/ Software Link: https://our.umbraco.com/download/releases Version: 7.12....

7.4AI score
Exploits0
0day.today
0day.today
added 2019/01/14 12:0 a.m.19 views

Twilio WEB To Fax Machine System Application 1.0 - SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: Fax Machine System Application 1.0 - SQL Injection Exploit Author: Ihsan Sencan Vendor Homepage: http://ranksol.com/ Software Link: https://codecanyon.net/item/twilio-web-to-fax-machine-system-application-php-script/22139608...

7.4AI score
Exploits0
0day.today
0day.today
added 2019/01/14 12:0 a.m.31 views

HealthNode Hospital Management System 1.0 - SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: HealthNode Hospital Management System 1.0 - SQL Injection Exploit Author: Ihsan Sencan Vendor Homepage: http://sunriseservices.biz/ Software Link: https://codecanyon.net/item/healthnode-hospital-management-system/22368747 Versio...

0.1AI score
Exploits0
0day.today
0day.today
added 2019/01/14 12:0 a.m.14 views

i-doit CMDB 1.12 - Arbitrary File Download Vulnerability

Exploit for php platform in category web applications Exploit Title: i-doit CMDB 1.12 - Arbitrary File Download Exploit Author: Ihsan Sencan Vendor Homepage: https://www.i-doit.org/ Software Link: https://netcologne.dl.sourceforge.net/project/i-doit/i-doit/1.12/idoit-open-1.12.zip Version: 1.12...

Exploits0
0day.today
0day.today
added 2019/01/14 12:0 a.m.56 views

ThinkPHP 5.X - Remote Command Execution Exploit

Exploit for php platform in category web applications Exploit Title: thinkphp 5.X RCE Exploit Author: vrsystem Vendor Homepage: http://www.thinkphp.cn/ Software Link: http://www.thinkphp.cn/down.html Version: 5.x Tested on: windows 7/10 CVE : None...

Exploits0
0day.today
0day.today
added 2019/01/14 12:0 a.m.72 views

PORTIER 4.4.4.2 / 4.4.4.6 SQL Injection Vulnerability

Exploit for php platform in category web applications PORTIER 4.4.4.2 / 4.4.4.6 SQL Injection Product: PORTIER Affected Versions: 4.4.4.2, 4.4.4.6 Tested Versions: 4.4.4.2, 4.4.4.6 Vulnerability Type: SQL Injection CWE-89 Risk Level: HIGH Solution Status: Open Manufacturer Notification: 2018-06-1...

0.1AI score0.03903EPSS
Exploits5
0day.today
0day.today
added 2019/01/14 12:0 a.m.29 views

Real Estate Custom Script 2.0 - SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: Real Estate Custom Script 2.0 - SQL Injection Exploit Author: Ihsan Sencan Vendor Homepage: http://ocsolutions.co.in/ Software Link: https://codecanyon.net/item/real-estate-custom-script/21268075 Version: 2.0 Category: Webapps...

0.1AI score
Exploits0
0day.today
0day.today
added 2019/01/14 12:0 a.m.59 views

xorg-x11-server < 1.20.3 - Local Privilege Escalation (Solaris 11 inittab) Exploit

Exploit for solaris/x86 platform in category local exploits !/bin/sh Exploit Title: xorg-x11-server A flaw was found in xorg-x11-server before 1.20.3. An incorrect permission check for -modulepath and -logfile options when starting Xorg. X server allows unprivileged users with the ability to log ...

7.2CVSS0.1AI score0.2704EPSS
Exploits39
0day.today
0day.today
added 2019/01/14 12:0 a.m.65 views

Horde Imp - imap_open Remote Command Execution

Exploit for php platform in category web applications Exploit Title: Horde Imp Unauthenticated Remote Command Execution Google Dork: inurl:/imp/login.php Exploit Author: Paolo Serracino - Pietro Minniti - Damiano Proietti Vendor Homepage: https://www.horde.org/apps/imp/ Software Link:...

7.1AI score
Exploits0
0day.today
0day.today
added 2019/01/14 12:0 a.m.57 views

PORTIER 4.4.4.2 / 4.4.4.6 Cryptographic Issues Exploit

Exploit for php platform in category web applications PORTIER 4.4.4.2 / 4.4.4.6 Cryptographic Issues Exploit Product: PORTIER Affected Versions: 4.4.4.2, 4.4.4.6 Tested Versions: 4.4.4.2, 4.4.4.6 Vulnerability Type: Cryptographic Issues CWE-310 Risk Level: HIGH Solution Status: Open Manufacturer...

0.4AI score0.01081EPSS
Exploits3
0day.today
0day.today
added 2019/01/14 12:0 a.m.21 views

Craigs Classified Ads CMS Theme 1.0.2 - SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: Craigs CMS 1.0.2 - SQL Injection Exploit Author: Ihsan Sencan Vendor Homepage: https://themerig.com/ Software Link: https://codecanyon.net/item/craigs-cms-directory-listing-theme/22431565 Version: 1.0.2 Category: Webapps Tested...

Exploits0
0day.today
0day.today
added 2019/01/12 12:0 a.m.274 views

Pixel Studio 2.17 - Denial of Service Exploit

Exploit Title: Pixel Studio 2.17 - Denial of Service PoC Exploit Author: Ihsan Sencan Vendor Homepage: http://www.pixarra.com/ Software Link: http://www.pixarra.com/uploads/9/4/6/3/94635436/tbpixelstudioinstall.exe Version: 2.17 Category: Dos Tested on: WiN7x64/KaLiLinuXx64 CVE: N/A POC: 1 Pixel...

7.4AI score
Exploits0
0day.today
0day.today
added 2019/01/12 12:0 a.m.29 views

WordPress wp-staging 2.4.8 Plugin - Local File Inclusion Vulnerability

Exploit for php platform in category web applications Exploit Title: WordPress Plugin wp-staging 2.4.8 - Local File Inclusion Date: 12/01/2019 Exploit Author:41!kh4224rDz Vendor Homepage: https://wp-staging.com/ Software Link: https://wordpress.org/plugins/wp-staging/ Category: webapps...

0.1AI score
Exploits0
0day.today
0day.today
added 2019/01/12 12:0 a.m.148 views

Liquid Studio 2.17 - Denial of Service Exploit

Exploit Title: Liquid Studio 2.17 - Denial of Service PoC Exploit Author: Ihsan Sencan Vendor Homepage: http://www.pixarra.com/ Software Link: http://www.pixarra.com/uploads/9/4/6/3/94635436/tbliquidstudioinstall.exe Version: 2.17 Category: Dos Tested on: WiN7x64/KaLiLinuXx64 CVE: N/A POC: 1 Liqu...

7.4AI score
Exploits0
0day.today
0day.today
added 2019/01/12 12:0 a.m.15 views

Paint Studio 2.17 - Denial of Service Exploit

Exploit Title: Paint Studio 2.17 - Denial of Service PoC Exploit Author: Ihsan Sencan Vendor Homepage: http://www.pixarra.com/ Software Link: http://www.pixarra.com/uploads/9/4/6/3/94635436/tbpaintstudioinstall.exe Version: 2.17 Category: Dos Tested on: WiN7x64/KaLiLinuXx64 CVE: N/A POC: 1 Paint...

Exploits0
0day.today
0day.today
added 2019/01/12 12:0 a.m.28 views

Joomla JoomCRM 1.1.1 Component - SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: Joomla! Component JoomCRM 1.1.1 - SQL Injection Exploit Author: Ihsan Sencan Vendor Homepage: http://joomboost.com/ Software Link: https://extensions.joomla.org/extensions/extension/marketing/crm/joomcrm/ Version: 1.1.1 Category...

0.2AI score
Exploits0
0day.today
0day.today
added 2019/01/12 12:0 a.m.48 views

AudioCode 400HD Remote Command Injection Vulnerability

Exploit for cgi platform in category web applications CVE-2018-10093 Remote command injection vulnerability in AudioCode IP phones Description The AudioCodes 400HD series of IP phones consists in a range of easy-to-use, feature-rich desktop devices for the service provider hosted services,...

8.7AI score0.68683EPSS
Exploits5
0day.today
0day.today
added 2019/01/12 12:0 a.m.39 views

Microsoft Windows VCF Remote Code Execution Exploit

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing...

0.4AI score
Exploits0
0day.today
0day.today
added 2019/01/12 12:0 a.m.15 views

Selfie Studio 2.17 - Denial of Service Exploit

Exploit Title: Selfie Studio 2.17 - Denial of Service PoC Exploit Author: Ihsan Sencan Vendor Homepage: http://www.pixarra.com/ Software Link: http://www.pixarra.com/uploads/9/4/6/3/94635436/tbselfiestudioinstall.exe Version: 2.17 Category: Dos Tested on: WiN7x64/KaLiLinuXx64 CVE: N/A POC: 1 Self...

0.1AI score
Exploits0
0day.today
0day.today
added 2019/01/12 12:0 a.m.74 views

AudioCode 400HD Cross Site scripting Vulnerability

Exploit for cgi platform in category web applications CVE-2018-10091 Stored XSS vulnerabilities in AudioCode IP phones Description The AudioCodes 400HD series of IP phones is a range of easy-to-use, feature-rich desktop devices for the service provider hosted services, enterprise IP telephony and...

0.1AI score0.00787EPSS
Exploits3
0day.today
0day.today
added 2019/01/12 12:0 a.m.364 views

Code Blocks 17.12 - Local Buffer Overflow (SEH) (Unicode) Exploit

Exploit for windows platform in category local exploits !/usr/bin/python Exploit Author: bzyo Twitter: @bzyo Exploit Title: Code Blocks 17.12 - Local Buffer Overflow SEHUnicode Date: 01-10-2019 Vulnerable Software: Code Blocks 17.12 Vendor Homepage: http://www.codeblocks.org/ Version: 17.12...

7.2AI score
Exploits0
0day.today
0day.today
added 2019/01/12 12:0 a.m.147 views

Blob Studio 2.17 - Denial of Service Exploit

Exploit Title: Blob Studio 2.17 - Denial of Service PoC Exploit Author: Ihsan Sencan Vendor Homepage: http://www.pixarra.com/ Software Link: http://www.pixarra.com/uploads/9/4/6/3/94635436/tbblobstudioinstall.exe Version: 2.17 Category: Dos Tested on: WiN7x64/KaLiLinuXx64 CVE: N/A POC: 1 Blob...

7.4AI score
Exploits0
0day.today
0day.today
added 2019/01/12 12:0 a.m.19 views

Adapt Inventory Management System 1.0 - SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: Adapt Inventory Management System 1.0 - SQL Injection Exploit Author: Ihsan Sencan Vendor Homepage: https://www.adaptinventory.com/ Software Link: https://codecanyon.net/item/adapt-inventory-management-system/22838514 Version: 1...

0.4AI score
Exploits0
0day.today
0day.today
added 2019/01/12 12:0 a.m.41 views

Joomla JoomProject 1.1.3.2 Component - Information Disclosure Exploit

Exploit for php platform in category web applications Exploit Title: Joomla! Component JoomProject 1.1.3.2 - Information Disclosure Exploit Author: Ihsan Sencan Vendor Homepage: http://joomboost.com/ Software Link:...

7.1AI score
Exploits0
0day.today
0day.today
added 2019/01/12 12:0 a.m.789 views

Windows/x86 - Download With TFTP And Execute Shellcode (Generator) (51-60 bytes)

!/bin/python Author: Semen Alexandrovich Lyhin. https://www.linkedin.com/in/semenlyhin/ This script generates x86 shellcode to download and execute .exe file via tftp. File name should be equal to: "1.exe" Lenght: 51-56 bytes, zero-free. import sys def GetOpcodesip,addr: command = r"tftp -i " + i...

7.4AI score
Exploits0
0day.today
0day.today
added 2019/01/12 12:0 a.m.16 views

Tree Studio 2.17 - Denial of Service Exploit

Exploit Title: Tree Studio 2.17 - Denial of Service PoC Exploit Author: Ihsan Sencan Vendor Homepage: http://www.pixarra.com/ Software Link: http://www.pixarra.com/uploads/9/4/6/3/94635436/tbtreestudioinstall.exe Version: 2.17 Category: Dos Tested on: WiN7x64/KaLiLinuXx64 CVE: N/A POC: 1 Tree...

Exploits0
0day.today
0day.today
added 2019/01/12 12:0 a.m.143 views

Luminance Studio 2.17 - Denial of Service Exploit

Exploit Title: Luminance Studio 2.17 - Denial of Service PoC Exploit Author: Ihsan Sencan Vendor Homepage: http://www.pixarra.com/ Software Link: http://www.pixarra.com/uploads/9/4/6/3/94635436/tbluminancestudioinstall.exe Version: 2.17 Category: Dos Tested on: WiN7x64/KaLiLinuXx64 CVE: N/A POC: ...

7.4AI score
Exploits0
0day.today
0day.today
added 2019/01/11 12:0 a.m.38 views

RGui 3.5.0 - Local Buffer Overflow (SEH) DEP Bypass Exploit

Exploit for windows platform in category local exploits !/usr/bin/python Exploit Author: bzyo Twitter: @bzyo Exploit Title: RGui 3.5.0 - Local Buffer Overflow SEHDEP Bypass Date: 01-09-2018 Vulnerable Software: RGui 3.5.0 Vendor Homepage: https://www.r-project.org/ Version: 3.5.0 Software Link:...

7.2AI score
Exploits0
0day.today
0day.today
added 2019/01/11 12:0 a.m.17 views

Matrix MLM Script 1.0 - Information Disclosure Vulnerability

Exploit for php platform in category web applications Exploit Title: Matrix MLM Script 1.0 - Information Leakage Exploit Author: Ihsan Sencan Vendor Homepage: https://royallifefoundation.org/ Software Link: https://codecanyon.net/item/mlmpro-multistage-forced-matrix-mlm-script/23050292 Version: 1...

0.1AI score
Exploits0
0day.today
0day.today
added 2019/01/11 12:0 a.m.21 views

Matrix MLM Script 1.0 SQL Injection Vulnerability

Matrix MLM Script version 1.0 suffers from a remote SQL injection vulnerability. Exploit Title: Matrix MLM Script 1.0 - SQL Injection Exploit Author: Ihsan Sencan Vendor Homepage: https://royallifefoundation.org/ Software Link:...

Exploits0
0day.today
0day.today
added 2019/01/11 12:0 a.m.14 views

eBrigade ERP 4.5 - Arbitrary File Download Exploit

Exploit for php platform in category web applications !/usr/bin/python import mechanize, sys, cookielib, requests import colorama, urllib, re, random, urllib2 import wget from colorama import Fore from tqdm import tqdm from pathlib import Path def bannerche: print ''' @email protected | eBrigade...

7.4AI score
Exploits0
0day.today
0day.today
added 2019/01/11 12:0 a.m.73 views

Cisco VoIP Script Insertion / Weak Passwords / Undocumented Functionality

Cisco VoIP phone such as models 88XX suffer from script insertion, weak and hard-coded passwords, undocumented debug functionality, and various outdated components with known vulnerabilities. ======================================================================= title: Multiple Vulnerabilities...

0.2AI score0.01501EPSS
Exploits2
0day.today
0day.today
added 2019/01/11 12:0 a.m.17 views

Shield CMS 2.2 - email SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: SHIELD - Freelancer Content Management System 2.2 - SQL Injection / CSRF Exploit Author: Ihsan Sencan Vendor Homepage: http://ezcode.pt/ Software Link: https://codecanyon.net/item/shield-content-management-system/18833498 Versio...

0.3AI score
Exploits0
0day.today
0day.today
added 2019/01/11 12:0 a.m.45 views

OpenSource ERP 6.3.1. - SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: OpenSource ERP SQL Injection Exploit Author: Emre ÖVÜNÇ Vendor Homepage: http://www.nelson-it.ch Software Link: http://sourceforge.net/projects/opensourceerp/files/Windows/erp6.3.1.exe/download Version: v6.3.1 Tested on: Windows...

7.5CVSS0.1AI score0.2471EPSS
Exploits6
0day.today
0day.today
added 2019/01/11 12:0 a.m.21 views

MLMPro 1.0 - SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: Matrix MLM Script 1.0 - SQL Injection Exploit Author: Ihsan Sencan Vendor Homepage: https://royallifefoundation.org/ Software Link: https://codecanyon.net/item/mlmpro-multistage-forced-matrix-mlm-script/23050292 Version: 1.0...

0.1AI score
Exploits0
0day.today
0day.today
added 2019/01/11 12:0 a.m.23 views

Event Locations 1.0.1 - id SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: Event Locations 1.0.1 - SQL Injection Exploit Author: Ihsan Sencan Vendor Homepage: http://ezcode.pt/ Software Link: https://codecanyon.net/item/event-locations-phpmysql-plugin/22100679 Version: 1.0.1 Category: Webapps Tested on...

0.1AI score
Exploits0
0day.today
0day.today
added 2019/01/11 12:0 a.m.16 views

doitX 1.0 - search SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: doitX 1.0 - SQL Injection Exploit Author: Ihsan Sencan Vendor Homepage: http://mybizcms.com/ Software Link: https://codecanyon.net/item/doitx/23041037 Version: 1.0 Category: Webapps Tested on: WiN7x64/KaLiLinuXx64 CVE: N/A POC: ...

0.3AI score
Exploits0
0day.today
0day.today
added 2019/01/11 12:0 a.m.24 views

Event Calendar 3.7.4 - id SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: Event Calendar 3.7.4 - SQL Injection Exploit Author: Ihsan Sencan Vendor Homepage: http://ezcode.pt/ Software Link: https://codecanyon.net/item/event-calendar-phpmysql-plugin/19246267 Version: 3.7.4 Category: Webapps Tested on:...

7.1AI score
Exploits0
0day.today
0day.today
added 2019/01/11 12:0 a.m.21 views

eBrigade ERP 4.5 - SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: eBrigade ERP 4.5 - SQL Injection Exploit Author: Ihsan Sencan Vendor Homepage: https://ebrigade.net/ Software Link: https://netcologne.dl.sourceforge.net/project/ebrigade/ebrigade/eBrigade%204.5/ebrigade4.5.zip Version: 4.5...

0.1AI score
Exploits0
0day.today
0day.today
added 2019/01/11 12:0 a.m.20 views

Architectural 1.0 - email SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: Architectural Cms 1.0 - SQL Injection Exploit Author: Ihsan Sencan Vendor Homepage: http://ezcode.pt/ Software Link: https://codecanyon.net/item/architectural-multipage-theme-admin-panel/20968597 Version: 1.0 Category: Webapps...

0.1AI score
Exploits0
0day.today
0day.today
added 2019/01/11 12:0 a.m.296 views

systemd-journald Memory Corruption / Information Leak Vulnerability

This is a thorough analysis of how Qualys approached exploiting three vulnerabilities in systemd-journald. Although they have not released formal exploits yet, they detail in here is useful in understanding the flaws. Qualys Security Advisory System Down: A systemd-journald exploit...

7.2AI score0.14806EPSS
Exploits9
0day.today
0day.today
added 2019/01/11 12:0 a.m.38 views

PEAR Archive_Tar < 1.4.4 - PHP Object Injection Vulnerability

Exploit for php platform in category web applications PEAR ArchiveTar temptarname will be called in the destructor method. If another class with useful gadget is loaded, remote code execution may be possible. Steps to reproduce object injection and arbitrary file deletion: 1. Make sure that PHP &...

6.7AI score0.18286EPSS
Exploits5
0day.today
0day.today
added 2019/01/10 12:0 a.m.467 views

Adobe Coldfusion 11 CKEditor Arbitrary File Upload Exploit

A file upload vulnerability exists in the CKEditor of Adobe ColdFusion 11 Update 14 and earlier. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Adobe ColdFusion CKEditor unrestricted file...

10CVSS0.5AI score0.9995EPSS
Exploits11
0day.today
0day.today
added 2019/01/09 12:0 a.m.67 views

Microsoft Windows - DSSVC CheckFilePermission Arbitrary File Deletion Exploit

Exploit for windows platform in category local exploits Windows: DSSVC CheckFilePermission Arbitrary File Delete EoP Platform: Windows 10 1803 and 1809. Class: Elevation of Privilege Security Boundary per Windows Security Service Criteria: User boundary NOTE: This is one of multiple issues I’m...

7.2CVSS8.1AI score0.02696EPSS
Exploits2
0day.today
0day.today
added 2019/01/09 12:0 a.m.14 views

Microsoft Windows - Windows Error Reporting Local Privilege Escalation Exploit

Exploit for windows platform in category local exploits Microsoft Windows - Windows Error Reporting Local Privilege Escalation Exploit Make sure to copy the file report.wer found in the folder PoC-Files in the same folder as the executable before running it... I guess I could have included it as ...

0.6AI score
Exploits0
0day.today
0day.today
added 2019/01/09 12:0 a.m.105 views

Microsoft Office SharePoint Server 2016 - Denial of Service Exploit

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'sharepoint-ruby' class MetasploitModule 'DOS Vulnerability in SharePoint 2016 Server', 'Description' = %q A vulnerability in Microsoft SharePoint Server could...

7.5CVSS7.7AI score0.25745EPSS
Exploits5
Total number of security vulnerabilities39001