39001 matches found
Paramiko 2.4.1 - Authentication Bypass Exploit
Exploit Title: Paramiko 2.4.1 - Authentication Bypass Exploit Author: Adam Brown Vendor Homepage: https://www.paramiko.org Software Link: https://github.com/paramiko/paramiko/tree/v1.15.2 Version: 1.17.6, 1.18.x 1.18.5, 2.0.x 2.0.8, 2.1.x 2.1.5, 2.2.x 2.2.3, 2.3.x 2.3.2, and 2.4.x 2.4.1 Tested on...
Modbus Slave PLC 7 - .msw Buffer Overflow Exploit
Exploit for windows platform in category local exploits Exploit Title: Modbus Slave PLC 7 - '.msw' Buffer Overflow PoC Author: Kağan Çapar Software Link: https://www.modbustools.com/download/ModbusSlaveSetup32Bit.exe Vendor Homepage : https://www.modbustools.com Tested Version: 7 Tested on OS:...
Veterinary Clinic Management 00.02 - editpetnum SQL Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: Veterinary Clinic Management 00.02 - 'editpetnum' SQL Injection Exploit Author: Ihsan Sencan Vendor Homepage: https://vetclinic.sourceforge.io/ Software Link: https://sourceforge.net/projects/vetclinic/files/latest/download...
Joomla Responsive eXtro jQuery Gallery 2.1.0 Component - filter_category SQL Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: Joomla Component Responsive eXtro jQuery Gallery 2.1.0 - 'filtercategory' SQL Injection Exploit Author: Özkan Mustafa Akkuş AkkuS Contact: https://pentest.com.tr Vendor Homepage: https://extro.media/ Software Link:...
ASRock Drivers Privilege Escalation / Code Execution Exploit
ASRock offers several utilities designed to give the user with an ASRock motherboard more control over certain settings and functions. These utilities include various features like the RGB LED control, hardware monitor, fan controls, and overclocking/voltage options. Multiple vulnerabilities were...
WordPress Arforms 3.5.1 Arbitrary File Delete Exploit
Exploit for php platform in category web applications Exploit Title: WordPress Plugin Arforms 3.5.1 - Delete arbitrary file Google Dork: /plugins/arforms/ Exploit Author: Amir Hossein Mahboubi Twitter: @Mahboubi66 Vendor Homepage: https://www.arformsplugin.com/ Version: =3.5.1 Tested on: Linux &...
HID ActivID ActivClient 7.1.0.202 Heap Spray / Denial Of Service Vulnerability
HID ActivID ActivClient version 7.1.0.202 may not enforce upper bounds on the size of data received from a smart card, which can lead to attacks such as memory exhaustion, or serve as a heap spraying primitive for other attacks against the software, albeit slowly. HID ActivID ActivClient 7.1.0.20...
Shell In A Box 2.2.0 Denial Of Service Exploit
Exploit for linux platform in category dos / poc Product: Shell In A Box aka shellinabox, shellinaboxd "Shell In A Box implements a web server that can export arbitrary command line tools to a web based terminal emulator. This emulator is accessible to any JavaScript and CSS enabled web browser a...
Webiness Inventory 2.9 Shell Upload Exploit
Exploit for php platform in category web applications Exploit Title: Webiness Inventory 2.9 Arbitrary File Upload Exploit Author: Boumediene KADDOUR Unit: Algerie Telecom R&D Unit Software Link: https://github.com/webiness/webinessinventory Version: 2.9 46 foreach $FILES as $file 47 $fileName =...
Joomla Com_Ajax Component Jsnextfw Plugin Jform_Article Incorrect Default Permission Vulnerability
Exploit for php platform in category web applications Exploit Title : Joomla ComAjax Component Jsnextfw Plugin JformArticle Incorrect Default Permission Vulnerability Author Discovered By : KingSkrupellos from Cyberizm Digital Security Army Date : 24/10/2018 Vendor Homepage : joomla.org Tested On...
Linux systemd Symlink Dereference Via chown_one() Exploit
Linux suffers from an issue with systemd where chownone can dereference symlinks. systemd: chownone can dereference symlinks CVE-2018-15687 I am sending this bug report to Ubuntu, even though it's an upstream bug, as requested at...
Delta Sql 1.8.2 - id SQL Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: Delta Sql 1.8.2 - 'id' SQL Injection Exploit Author: Ihsan Sencan Vendor Homepage: http://deltasql.sourceforge.net/ Software Link: https://sourceforge.net/projects/deltasql/files/latest/download Software Link:...
Veterinary Clinic Management 00.02 - editpetnum SQL Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: Veterinary Clinic Management 00.02 - 'editpetnum' SQL Injection Exploit Author: Ihsan Sencan Vendor Homepage: https://vetclinic.sourceforge.io/ Software Link: https://sourceforge.net/projects/vetclinic/files/latest/download...
Oracle Hyperion Planning 11.1.2.4 Cross Site Scripting Vulnerability
Exploit for windows platform in category web applications Exploit Title: Oracle Hyperion Planning, 11.1.2.4 Vulnerable to Cross Site Scripting Exploit Author: Hasan Alqawzai Vendor Homepage: https://www.oracle.com Software Link:...
Quick Count 2.0 - txtInstID SQL Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: Quick Count 2.0 - 'txtInstID' SQL Injection Exploit Author: Ihsan Sencan Vendor Homepage: https://quickcount.sourceforge.io/ Software Link: https://sourceforge.net/projects/quickcount/files/latest/download Version: 2.0 Category:...
MPS Box 0.1.8.0 - Arbitrary File Upload Vulnerability
Exploit for php platform in category web applications Exploit Title: MPS Box 0.1.8.0 - Arbitrary File Upload Exploit Author: Ihsan Sencan Vendor Homepage: http://www.mpsbox.com/ Software Link: https://sourceforge.net/projects/mpsbox/files/latest/download Version: 0.1.8.0 Category: Webapps Tested...
xorg-x11-server 1.20.3 - Local Privilege Escalation Exploit
Exploit for multiple platform in category local exploits xorg-x11-server Local Privilege Escalation CVE-2018-14665 - a LPE exploit via http://X.org fits in a tweet cd /etc; Xorg -fp "root::16431:0:99999:7:::" -logfile shadow :1;su Overwrite shadow or any file on most Linux, get root privileges. B...
xorg-x11-server 1.20.3 - Local Privilege Escalation Exploit (2)
Exploit for multiple platform in category local exploits xorg-x11-server Local Privilege Escalation 2 !/bin/bash x0rg - Xorg Local Root Exploit Released under the Snitches Get Stitches Public Licence. props to prdelka / fantastic for the shadow vector. Gr33tz to everyone in lizardhq and elsewhere...
Linux systemd Line Splitting Exploit
Linux has an issue with systemd where overlong input to fgets during reexec state injection can lead to line splitting. systemd: reexec state injection: fgets on overlong lines leads to line splitting CVE-2018-15686 I am sending this bug report to Ubuntu, even though it's an upstream bug, as...
Open STA Manager 2.3 - Arbitrary File Download Vulnerability
Exploit for php platform in category web applications Exploit Title: Open STA Manager 2.3 - Arbitrary File Download Exploit Author: Ihsan Sencan Vendor Homepage: http://www.openstamanager.com/ Software Link: https://sourceforge.net/projects/openstamanager/files/latest/download Version: 2.3...
WebExec Authenticated User Code Execution Exploit
This Metasploit module uses a valid username and password of any level or password hash to execute an arbitrary payload. This Metasploit module is similar to the "psexec" module, except allows any non-guest account by default. This module requires Metasploit: https://metasploit.com/download Curre...
WordPress Pie Register 3.0.17 Cross Site Scripting Vulnerability
Exploit for php platform in category web applications =============================================================================================== Pie Register v3.0.17 WordPress Plugin - Cross-Site Scripting Vulnerability in Forgot-Password...
jQuery-File-Upload < v9.22.1 (ImageMagick / Ghostscript) - Remote Code Execution Exploit
Exploit for php platform in category web applications jQuery-File-Upload is the second most starred jQuery project on GitHub, after the jQuery framework itself. The project was recently reported to have a three-year-old arbitrary file upload vulnerability that was fixed in the release of v9.22.2,...
ClipBucket 2.8 - id SQL Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: ClipBucket 2.8 - 'id' SQL Injection Exploit Author: Ihsan Sencan Vendor Homepage: http://clipbucket.com/ Software Link: https://sourceforge.net/projects/clipbucket/files/latest/download Version: 2.8.v3354 Category: Webapps Teste...
PHPTPoint Pharmacy Management System 1.0 - username SQL injection Vulnerability
Exploit for php platform in category web applications Exploit Title: phptpoint Pharmacy Management System 1.0 - 'username' SQL injection Exploit Author: Boumediene KADDOUR Unit: Algerie Telecom R&D Unit Vendor Homepage: https://www.phptpoint.com/ Software Link:...
AudioCodes 440HD / 450HD IP Phone 3.1.2.89 Man-In-The-Middle Vulnerability
Exploit for hardware platform in category local exploits AudioCodes 440HD / 450HD IP Phone 3.1.2.89 Man-In-The-Middle Vulnerability Product: 440HD / 450HD IP Phone Manufacturer: AudioCodes Affected Versions: = 3.1.2.89 Tested Versions: VC3.1.1.43.1, VC3.1.2.89 Vulnerability Type: X.509 validation...
ProjeQtOr Project Management Tool 7.2.5 - Remote Code Execution Exploit
Exploit for php platform in category web applications Exploit Title: ProjeQtOr Project Management Tool 7.2.5 - Remote Code Execution Exploit Author: Özkan Mustafa Akkuş AkkuS Contact: https://pentest.com.tr Vendor Homepage: https://www.projeqtor.org Software Link:...
Delta Sql 1.8.2 - Arbitrary File Upload Vulnerability
Exploit for php platform in category web applications Exploit Title: Delta Sql 1.8.2 - Arbitrary File Upload Exploit Author: Ihsan Sencan Vendor Homepage: http://deltasql.sourceforge.net/ Software Link: https://sourceforge.net/projects/deltasql/files/latest/download Software Link:...
Linux/x86 - execve(/bin/cat /etc/ssh/sshd_config) Shellcode 44 Bytes
/ Linux/x86 - execve/bin/cat /etc/ssh/sshdconfig Shellcode 44 Bytes Author: Goutham Madhwaraj Tested on: i686 GNU/Linux Shellcode Length: 44 ShoutOut - BarrierSec gcc -fno-stack-protector -z execstack loader-bind.c -o Disassembly of section .text: 08048080 : 8048080: 31 c0 xor eax,eax 8048082: 50...
BORGChat 1.0.0 build 438 - Denial of Service Exploit
Exploit for windows platform in category dos / poc Exploit Title: BORGChat 1.0.0 build 438 - Denial of Service PoC Exploit Author: Ihsan Sencan Vendor Homepage: http://borgchat.10n.ro Software Link: http://borgchat.10n.ro/download.php Version: 1.0.0 build 438 Category: Dos Tested on:...
Simple Chat System 1.0 - id SQL Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: Simple Chat System 1.0 - 'id' SQL Injection Exploit Author: Ihsan Sencan Vendor Homepage: https://www.sourcecodester.com/php/11610/simple-chat-system.html Software Link:...
AiOPMSD Final 1.0.0 - q SQL Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: AiOPMSD Final 1.0.0 - 'q' SQL Injection Exploit Author: Ihsan Sencan Vendor Homepage: https://aiopmsd.sourceforge.io/ Software Link: https://sourceforge.net/projects/aiopmsd/files/latest/download Version: 1.0.0 Category: Webapps...
WebEx Local Service Permissions Code Execution Exploit
This Metasploit module exploits a flaw in the 'webexservice' Windows service, which runs as SYSTEM, can be used to run arbitrary commands locally, and can be started by limited users in default installations. This module requires Metasploit: https://metasploit.com/download Current source:...
Apache OFBiz 16.11.04 - XML External Entity Injection Exploit
Exploit for java platform in category web applications Exploit Title: Apache OFBiz 16.11.04 - XML External Entity Injection Exploit Author: Jamie Parfet Vendor Homepage: https://ofbiz.apache.org/ Software Link: https://archive.apache.org/dist/ofbiz/ Version: xXx xXx """ if lensys.argv = 1: print'...
WordPress Question Answer 1.2.30 Cross Site Scripting Vulnerability
Exploit for php platform in category web applications ========================================================================================== Question Answer v1.2.30 WordPress Plugin - Multiple Cross-Site Scripting Vulnerabilities...
Fifa Master XLS 2.3.2 - usw SQL Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: Fifa Master XLS 2.3.2 - 'usw' SQL Injection Exploit Author: Ihsan Sencan Vendor Homepage: http://fankstribe.org/ Software Link: https://sourceforge.net/projects/fifamasterxls/files/latest/download Version: 2.3.2 Category: Webapp...
MPS Box 0.1.8.0 - uuid SQL Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: MPS Box 0.1.8.0 - 'uuid' SQL Injection Exploit Author: Ihsan Sencan Vendor Homepage: http://www.mpsbox.com/ Software Link: https://sourceforge.net/projects/mpsbox/files/latest/download Version: 0.1.8.0 Category: Webapps Tested o...
libtiff 4.0.9 - Decodes Arbitrarily Sized JBIG into a Target Buffer Exploit
Exploit for linux platform in category dos / poc / libtiff up to and including 4.0.9 decodes arbitrarily-sized JBIG into a buffer, ignoring the buffer size. The issue occurs because JBIGDecode entirely ignores the size of the buffer that is passed to it: static int JBIGDecodeTIFF tif, uint8 buffe...
Polycom VVX 500 / VVX 601 5.8.0.12848 Information Exposure Vulnerability
Exploit for hardware platform in category local exploits Polycom VVX 500 / VVX 601 5.8.0.12848 Information Exposure Vulnerability Product: VVX 500 / VVX 601 Manufacturer: Polycom Affected Versions: OWNIP=192.168.100.102 if -z "$1" then echo "Please enter an IPv4 address as target" exit else...
D-Link Routers - Command Injection Vulnerability
Exploit for hardware platform in category web applications Shell command injection CVE: CVE-2018-10823 CVSS v3: 9.1 AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H Description: An issue was discovered on D-Link routers: DWR-116 through 1.06, DWR-512 through 2.02, DWR-712 through 2.02, DWR-912 through 2.02,...
Adult Filter 1.0 - Denial of Service Exploit
Exploit for windows platform in category dos / poc Exploit Title: ADULT FILTER 1.0 - Denial of Service PoC Exploit Author: Beren Kuday GÖRÜN Vendor Homepage: http://www.armcode.com/adult-filter/ Software Link: http://www.armcode.com/downloads/adult-filter.exe Version: 1.0 Build 2007-Mar-12 Test...
Simple POS and Inventory 1.0 - cat SQL Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: Simple POS and Inventory 1.0 - 'cat' SQL Injection Exploit Author: Ihsan Sencan Vendor Homepage: https://www.sourcecodester.com/php/11625/simple-pos-and-inventory-system.html Software Link:...
PHPTPoint Hospital Management System 1 SQL Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: phptpoint hospital management system Multiple SQL injection Exploit Author: Boumediene KADDOUR Unit: Algerie Telecom R&D Unit Vendor Homepage: https://www.phptpoint.com/ Software Link:...
D-Link Routers - Directory Traversal Vulnerability
Exploit for hardware platform in category web applications Directory Traversal CVE: CVE-2018-10822 CVSS v3: 8.6 AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N Description: Directory traversal vulnerability in the web interface on D-Link routers: DWR-116 through 1.06, DIR-140L through 1.02, DIR-640L through...
D-Link Routers - Plaintext Password Vulnerability
Exploit for hardware platform in category web applications Password stored in plaintext CVE: CVE-2018-10824 Description: An issue was discovered on D-Link routers: DWR-116 through 1.06, DIR-140L through 1.02, DIR-640L through 1.02, DWR-512 through 2.02, DWR-712 through 2.02, DWR-912 through 2.02,...
Axioscloud Sissiweb Registro Elettronico 7.0.0 - Error_desc Cross-Site Scripting Vulnerability
Exploit for asp platform in category web applications Exploit Title: Axioscloud Sissiweb Registro Elettronico 7.0.0 - 'Errordesc' Cross-Site Scripting Exploit Author: Dino Barlattani Vendor Homepage: http://axiositalia.it/ Software Link: http://axiositalia.it/?pageid=1907 Version: 1.7.0/7.0.0...
Polycom VVX 500 / VVX 601 5.8.0.12848 Man-In-The-Middle Vulnerability
Exploit for hardware platform in category local exploits Polycom VVX 500 / VVX 601 5.8.0.12848 Man-In-The-Middle Vulnerability Product: VVX 500 / VVX 601 Manufacturer: Polycom Affected Versions: = 5.8.0.12848 Tested Versions: 5.4.0.10182, 5.8.0.12848 Vulnerability Type: X.509 validation -...
SG ERP 1.0 - info SQL Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: SG ERP 1.0 - 'info' SQL Injection Exploit Author: Ihsan Sencan Vendor Homepage: http://fankstribe.org/ Software Link: https://sourceforge.net/projects/sgerp/files/latest/download Version: 1.0 Category: Webapps Tested on:...
Microsoft Data Sharing - Local Privilege Escalation Exploit
Exploit for windows platform in category local exploits Microsoft Data Sharing - Local Privilege Escalation Exploit Bug description: RpcDSSMoveFromSharedFilehandle,L"token",L"c:\blah1\pci.sys"; This function exposed over alpc, has a arbitrary delete vuln. Hitting the timing was pretty annoying...
AjentiCP 1.2.23.13 - Cross-Site Scripting Vulnerability
Exploit for php platform in category web applications Title: AjentiCP 1.2.23.13 - Cross-Site Scripting Author: Numan OZDEMIR https://infinitumit.com.tr Vendor Homepage: ajenti.org Software Link: https://github.com/ajenti/ajenti Version: Up to v1.2.23.13 CVE: CVE-2018-18548 Description: Attacker c...