39001 matches found
Bosch Video Management System 8.0 - Configuration Client Denial of Service Exploit
Exploit for windows platform in category dos / poc Exploit Title: Bosch Video Management System 8.0-Configuration Client-Denial of Service Poc Discovery by: Daniel Software Name: Bosch Video Management System Software Version: 8.0 Vendor Homepage:...
SwitchVPN For MacOS 2.1012.03 Privilege Escalation Exploit
Exploit for macOS platform in category local exploits ======================================================================= Title: Privilege Escalation Vulnerability Product: SwitchVPN for MacOS Vulnerable version: 2.1012.03 CVE ID: CVE-2018-18860 Impact: Critical Homepage: https://switchvpn.ne...
ABC ERP 0.6.4 - Cross-Site Request Forgery (Update Admin) Vulnerability
Exploit for php platform in category web applications Exploit Title: ABC ERP 0.6.4 - Cross-Site Request Forgery Update Admin Exploit Author: Ihsan Sencan Vendor Homepage: http://www.abc-erp.com/ Software Link: https://netcologne.dl.sourceforge.net/project/abc-erp/abcv064.zip Version: 0.6.4...
AMPPS 2.7 - Denial of Service Exploit
Exploit for windows platform in category dos / poc Exploit Title: AMPPS 2.7 - Denial of Service PoC Exploit Author: Ihsan Sencan Vendor Homepage: http://www.ampps.com/ Software Link: https://kent.dl.sourceforge.net/project/ampps/2.7/Ampps-2.7-setup.exe Version: 2.7 Category: Dos Tested on:...
CentOS Web Panel 0.9.8.740 - Cross-Site Request Forgery / Cross-Site Scripting Vulnerabilities
Exploit for php platform in category web applications Title: CentOS Web Panel Root Account Takeover + Remote Command Execution var url = "http://targetserver:2030/admin/index.php?module=rootpwd"; var params = "ifpost=yes&password1=newpassword&password2=newpassword"; var vuln = new XMLHttpRequest;...
ntpd 4.2.8p10 - Out-of-Bounds Read Exploit
Exploit for linux platform in category local exploits Exploit Title: ntpd 4.2.8p10 - Out-of-Bounds Read PoC Bug Discovery: Yihan Lian, a security researcher of Qihoo 360 GearTeam Exploit Author: Magnus Klaaborg Stubman @magnusstubman Website: https://dumpco.re/blog/cve-2018-7182 Vendor Homepage:...
Musicco 2.0.0 - Arbitrary Directory Download Vulnerability
Exploit for php platform in category web applications Exploit Title: Musicco 2.0.0 - Arbitrary Directory Download Exploit Author: Ihsan Sencan Vendor Homepage: https://www.musicco.app/ Software Link: https://codeload.github.com/micser/musicco/zip/master Version: 2.0.0 Category: Webapps Tested on:...
Electricks eCommerce 1.0 - Persistent Cross-Site Scripting Vulnerability
Exploit for php platform in category web applications Exploit Title: Electricks eCommerce 1.0 - Cross-Site Scripting Exploit Author: Nawaf Alkeraithe Software Link: https://www.sourcecodester.com/sites/default/files/download/billyblue/electricks.zip Version: 1.0 When a user signs up for an accoun...
Webiness Inventory 2.3 - SQL Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: Webiness Inventory 2.3 - SQL Injection Exploit Author: Ihsan Sencan Vendor Homepage: https://github.com/webiness/webinessinventory Software Link:...
EdTv 2 - id SQL Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: EdTv 2 - 'id' SQL Injection Exploit Author: Ihsan Sencan Vendor Homepage: http://edtv.edsup.org/ Software Link: https://ayera.dl.sourceforge.net/project/edtv/beta/edtv2go.zip Version: 2 Category: Webapps Tested on:...
Cisco Immunet < 6.2.0 / Cisco AMP For Endpoints 6.2.0 - Denial of Service Exploit
Exploit for windows platform in category dos / poc / + Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/CISCO-IMMUNET-AND-CISCO-AMP-FOR-ENDPOINTS-SYSTEM-SCAN-DENIAL-OF-SERVICE.txt + ISR: ApparitionSec Greetz: indoushka |...
Evince 3.24.0 - Command Injection Exploit
Exploit for linux platform in category dos / poc Exploit Title: evince command line injection Exploit Author: Matlink Vendor Homepage: https://wiki.gnome.org/Apps/Evince Software Link: https://wiki.gnome.org/Apps/Evince Version: 3.24.0 Tested on: Debian sid CVE : CVE-2017-1000083 Can be tested on...
CuteFTP Mac 3.1 - Denial of Service Exploit
Exploit for macOS platform in category dos / poc Exploit Title: CuteFTP Mac 3.1 Denial of Service PoC Exploit Author: Yair Rodríguez Aparicio Vendor Homepage: https://www.globalscape.com/cuteftp Software Link: http://go.globalscape.com/download/cuteftp-macosx Version: 3.1 Tested on: macOS High...
Linux/x86 - Bind (99999/TCP) NetCat Traditional (/bin/nc) Shell (/bin/bash) Shellcode 58 bytes
/ Exploit Title: Linux/x86 - execve /bin/nc -lp99999 -e /bin/bash shellcode 58 bytes Exploit Description: Binds a TCP bash shell at port 99999 using netcat. Note: This shellcode uses netcat-traditional package. Otherwise, it will not work. Date: 04/11/2018 Exploit Author: Javier Tello Version: 1....
Android RSSI Broadcast Information Disclosure Vulnerability
Android OS suffers from a sensitive data exposure vulnerability in its RSSI broadcasts. Android RSSI Broadcast Information Disclosure Blog post here: https://wwws.nightwatchcybersecurity.com/2018/11/11/cve-2018-9581/ NOTE: This bug is part of a series of three related Android bugs with the same...
XAMPP Control Panel 3.2.2 - Buffer Overflow (SEH) (Unicode) Exploit
Exploit for windows platform in category local exploits Exploit Title: XAMPP Control Panel 3.2.2 - Buffer Overflow SEH Unicode Exploit Author: Gionathan "John" Reale 0-day DoS exploit, Semen Alexandrovich Lyhin 1-day fully working exploit. Shellcode Author: Giuseppe D'Amore EDB:28996 Software:...
Android 5.0 Battery Information Broadcast Information Disclosure Vulnerability
Android OS version 5.0 suffers from a sensitive data exposure vulnerability in its battery information broadcasts. Android 5.0 Battery Information Broadcast Information Disclosure NOTE: This bug is part of a series of three related Android bugs with the same root cause: CVE-2018-9489, CVE-2018-95...
xorg-x11-server < 1.20.1 - Local Privilege Escalation Exploit
Exploit for linux platform in category local exploits Exploit Title: xorg-x11-server bolo console opened Building root shell wait 2 minutes crontab overwritten ... cut Xorg output ... Xorg killed II Server terminated successfully 0. Closing log file. Don't forget to cleanup /etc/crontab and /tmp...
Cisco Prime Infrastructure Unauthenticated Remote Code Execution Exploit
Cisco Prime Infrastructure CPI contains two basic flaws that when exploited allow an unauthenticated attacker to achieve remote code execution. The first flaw is a file upload vulnerability that allows the attacker to upload and execute files as the Apache Tomcat user; the second is a privilege...
WordPress WP User Manager 2.0.8 SQL Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: WP User Manager v2.0.8 WordPress Plugin - Time-Based SQL Injection Author: Socket0x03 Alvaro J. Gene Software Link: https://wordpress.org/plugins/wp-user-manager Plugin: WP User Manager Version: v2.0.8 last version File: login...
Netscape Enterprise 3.63 Cross Site Scripting Vulnerability
Exploit for multiple platform in category web applications alert"XSS" The server response: Request URL: http://X.X.X.X/servlet/SnoopServlet Request information: Request method: GET Request URI: /servlet/SnoopServlet Request protocol: HTTP/1.1 Servlet path: /servlet/SnoopServlet Path info: Path...
TP-Link Archer C50 Wireless Router 171227 - CSRF (Configuration File Disclosure) Vulnerability
Exploit for hardware platform in category web applications Exploit Title: TP-Link Archer C50 Wireless Router 171227 - Cross-Site Request Forgery Configuration File Disclosure Exploit Author: Wadeek Vendor Homepage: https://www.tp-link.com/ Hardware Version: Archer C50 v3 00000001 Firmware Link:...
WordPress PeepSo 1.11.2 XSS / SQL Injection Vulnerabilities
Exploit for php platform in category web applications WordPress PeepSo 1.11.2 XSS / SQL Injection Vulnerabilities Author: Socket0x03 Alvaro J. Gene Software Link: https://wordpress.org/plugins/peepso-core/ Plugin: PeepSo Version: 1.11.2 File: Members Parameter: query Language: This application is...
Vignette Content Management 6 Security Bypass Vulnerability
Exploit for php platform in category web applications 0day.today 2018-11-12...
Mongoose Web Server 6.9 - Denial of Service Exploit
Exploit for windows platform in category dos / poc Exploit Title: Mongoose Web Server 6.9 - Denial of Service PoC Exploit Author: Ihsan Sencan Vendor Homepage: https://cesanta.com/binary.html Software Link: https://backend.cesanta.com/cgi-bin/api.cgi?act=dl&os=win Version: 6.9 Category: Dos Teste...
Advanced Comment System 1.0 SQL Injection Vulnerability
Exploit for php platform in category web applications 0day.today 2018-11-12...
Easyndexer 1.0 - Cross-Site Request Forgery (Add Admin) Vulnerability
Exploit for php platform in category web applications Exploit Title: Easyndexer 1.0 - Cross-Site Request Forgery Add Admin Exploit Author: Ihsan Sencan Vendor Homepage: https://sourceforge.net/projects/easyndexer/ Software Link:...
Data Center Audit 2.6.2 - username SQL Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: Data Center Audit 2.6.2 - 'username' SQL Injection Exploit Author: Ihsan Sencan Vendor Homepage: https://sourceforge.net/projects/datacenteraudit/ Software Link:...
Nominas 0.27 - username SQL Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: Nominas 0.27 - 'username' SQL Injection Exploit Author: Ihsan Sencan Vendor Homepage: http://arixolab.com/proyecto.html Software Link: https://netix.dl.sourceforge.net/project/nominascrm/Nominas%20v0.27.tar.gz Version: 0.27...
HeidiSQL 9.5.0.5196 - Denial of Service Exploit
Exploit for windows platform in category dos / poc Exploit Title: HeidiSQL 9.5.0.5196 - Denial of Service PoC Discovery by: Victor Mondragón Vendor Homepage: https://www.heidisql.com/ Software Link: https://www.heidisql.com/download.php Tested Version: 9.5.0.5196 Tested on: Windows 10 Single...
Wordpress Media File Manager 1.4.2 Plugin - Directory Traversal Vulnerability
Exploit for php platform in category web applications Exploit Title: Wordpress Plugin Media File Manager 1.4.2 - Directory Traversal Exploit Author: Pasquale Turi aka boombyte Vendor Homepage: https://wordpress.org/plugins/media-file-manager/ Software Link:...
The Don 1.0.1 - login SQL Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: The Don 1.0.1 - 'login' SQL Injection Exploit Author: Ihsan Sencan Vendor Homepage: https://thedon.sourceforge.io/ Software Link: https://netix.dl.sourceforge.net/project/thedon/thedon-1.0b.rar Version: 1.0.1 Category: Webapps...
Facturation System 1.0 - modid SQL Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: Facturation System 1.0 - 'modid' SQL Injection Exploit Author: Ihsan Sencan Vendor Homepage: http://obedalvarado.pw/simple-invoice/ Software Link: https://kent.dl.sourceforge.net/project/simple-invoice/simple-invoice-master.zip...
ServerZilla 1.0 - email SQL Injection Vulnerability
Exploit for php platform in category web applications...
TufinOS 2.17 Build 1193 - XML External Entity Injection Vulnerability
Exploit for linux platform in category web applications Exploit Title: TufinOS 2.17 Build 1193 - XML External Entity Injection Exploit Author: konstantinos Alexiou Vendor: https://www.tufin.com Software Link: https://www.tufin.com/tufin-orchestration-suite/securetrack CVE: N/A Category: webapps 1...
GPS Tracking System 2.12 - username SQL Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: GPS Tracking System 2.12 - 'username' SQL Injection Exploit Author: Ihsan Sencan Vendor Homepage: https://sourceforge.net/projects/gpstracking/ Software Link: https://kent.dl.sourceforge.net/project/gpstracking/gps.zip Version:...
Paroiciel 11.20 - tRecIdListe SQL Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: Paroiciel 11.20 - 'tRecIdListe' SQL Injection Exploit Author: Ihsan Sencan Vendor Homepage: https://www.paroiciel.com/ Software Link: https://datapacket.dl.sourceforge.net/project/paroiciel/version%2011/par6lus1120160225.exe...
CuteFTP 9.3.0.3 - Denial of Service Exploit
Exploit for windows platform in category dos / poc Exploit Title: CuteFTP 9.3.0.3 - Denial of Service PoC Exploit Author: Ismael Nava Vendor Homepage: https://www.globalscape.com/cuteftp Software Link: https://www.globalscape.com/cuteftp Version: 9.3.0.3 Tested on: Windows 10 Home x64 CVE : n/a...
Windows/x86 - Messagebox Shellcode 358 bytes
// Exploit Title : win32 Messagebox shellcode 358 bytes // Exploit Author : Febriyanto Nugroho email protected // Tested on : Windows 7 x86 Ultimate include include char shellcode= "\x31\xdb\xb3\x30\x29\xdc\x64\x8b\x03\x8b\x40\x0c\x8b" "\x58\x1c\x8b\x1b\x8b\x1b\x8b\x73\x08\x89\xf7\x89\x3c"...
D-LINK Central WifiManager (CWM 100) 1.03 r0098 Server-Side Request Forgery Vulnerability
Using a web browser or script server-side request forgery SSRF can be initiated against internal/external systems to conduct port scans by leveraging D-LINK's MailConnect component. The MailConnect feature on D-Link Central WiFiManager CWM-100 version 1.03 r0098 devices is intended to check a...
OpenSLP 2.0.0 - Multiple Vulnerabilities
Exploit for linux platform in category local exploits OpenSLP 2.0.0 - Multiple Vulnerabilities ========================== I discovered some bugs in openslp-2.0.0 back in January, 2018. One of them I disclosed in June dumpco.re/blog/openslp-2.0.0-double-free, and today I'm disclosing two more. BUG...
D-LINK Central WifiManager (CWM 100) 1.03 r0098 Man-In-The-Middle Vulnerability
The FTP Server component of the D-LINK Central WifiManager can be used as a man-in-the-middle machine allowing PORT Command bounce scan attacks. This vulnerability allows remote attackers to abuse your network and discreetly conduct network port scanning. Victims will then think these scans are...
D-LINK Central WifiManager (CWM 100) 1.03 r0098 DLL Hijacking Exploit
D-Link Central WiFiManager CWM-100 version 1.03 r0098 devices will load a trojan horse "quserex.dll" and will create a new thread running with SYSTEM integrity. + Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source:...
Microsoft Windows 10 (Build 17134) - Local Privilege Escalation (UAC Bypass) Exploit
Exploit for windows platform in category local exploits Microsoft Windows 10 Build 17134 - Local Privilege Escalation UAC Bypass Exploit include "stdafx.h" include include "resource.h" void DropResourceconst wchart rsrcName, const wchart filePath HMODULE hMod = GetModuleHandleNULL; HRSRC res =...
Cisco Immunet / Cisco AMP For Endpoints Scanning Denial Of Service Exploit
A vulnerability in the system scanning component of Cisco Immunet and Cisco Advanced Malware Protection AMP for Endpoints running on Microsoft Windows could allow a local attacker to disable the scanning functionality of the product. This could allow executable files to be launched on the system...
Cradlepoint Router Password Disclosure Vulnerability
Exploit for hardware platform in category web applications Cradlepoint Router Password Disclosure Many vulnerabilities in the built-in software of the Cradlepoint Router. 100000 such routers can be seen in the shodan https://www.shodan.io/search?query=cradlepointhttpservice. These vulnerabilities...
Dell OpenManage Network Manager 6.2.0.51 SP3 Privilege Escalation Exploit
Dell OpenManage Network Manager exposes a MySQL listener that can be accessed with default credentials. This MySQL service is running as the root user, so an attacker can exploit this configuration to, e.g., deploy a backdoor and escalate privileges into the root account. Dell OpenManage Network...
Grocery crud 1.6.1 - search_field SQL Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: Grocery crud 1.6.1 - 'searchfield' SQL Injection Exploit Author: Loading Kura Kura Vendor Homepage: https://www.grocerycrud.com/ Software Link: https://www.grocerycrud.com/downloads Version: 1.6.1 Tested on: Win10/Kali Linux CVE...
OOP CMS BLOG 1.0 - Cross-Site Request Forgery (Add Admin) Vulnerability
Exploit for php platform in category web applications Exploit Title: OOP CMS BLOG 1.0 - Cross-Site Request Forgery Add Admin Exploit Author: Ihsan Sencan Vendor Homepage: http://zsoft.com.bd/ Software Link: https://datapacket.dl.sourceforge.net/project/php-oop-cms-blog/blogforup.zip Version: 1.0...
PlayJoom 0.10.1 - catid SQL Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: PlayJoom 0.10.1 - 'catid' SQL Injection Exploit Author: Ihsan Sencan Vendor Homepage: http://playjoom.telgo.info/ Software Link: https://ayera.dl.sourceforge.net/project/playjoom/0.10.1/playjoom-0.10.1-installpackage.zip Version...