39001 matches found
WebKit - WebCore::AXObjectCache::handleMenuItemSelected Use-After-Free Exploit
Exploit for multiple platform in category dos / poc function jsfuzzer var a; forvar i=0;i !-- ================================================================= ASan log: ================================================================= ==69238==ERROR: AddressSanitizer: heap-use-after-free on...
PCProtect 4.8.35 - Privilege Escalation Vulnerability
Exploit for windows platform in category local exploits...
WordPress Breadcrumb NavXT 6.1.0 Username Disclosure
Exploit for php platform in category web applications Username Disclosure in Breadcrumb NavXT Wordpress plugin ============================================================ Author: Janek Vind "waraxe" Date: 26. September 2018 Location: Estonia, Tartu Web: http://www.waraxe.us/advisory-108.html...
ManageEngine Desktop Central 10.0.271 - Cross-Site Scripting Vulnerability
Exploit for java platform in category web applications...
Citrix StorageZones Controller Improper Access Restrictions / Traversal Exploit
Citrix StorageZones Controller versions prior to 5.4.2 suffer from padding oracle, improper access restriction, and path traversal vulnerabilities. ======================================================================= title: Multiple Vulnerabilities product: Citrix StorageZones Controller...
iWay Data Quality Suite Web Console 10.6.1.ga - XML External Entity Injection Vulnerability
Exploit for windows platform in category web applications Exploit Title: iWay Data Quality Suite Web Console 10.6.1.ga-2016-11-20 – XML External Entity Injection Exploit Author: Sureshbabu Narvaneni Author Blog : https://nullnews.in Vendor Homepage: www.informationbuilders.co.uk Software Link:...
WordPress WP Insert 2.4.2 Arbitrary File Upload Vulnerability
Exploit for php platform in category web applications Exploit Title: Wordpress Plugin Wp Insert - 'Fckeditor' Arbitrary File Upload Exploit Author: Mostafa Gharzi Website: https://www.certcc.ir Google Dork: /wp-content/plugins/wp-insert Vendor: Namith Jawahar Software Link:...
WordPress WebARX Website Firewall 4.9.8 XSS / Bypass Vulnerabilities
WordPress WebARX Website Firewall plugin version 4.9.8 suffers from bypass and cross site scripting vulnerabilities. Exploit Title: WordPress WebARX Website Firewall - Stored XSS and firewall bypass. Type: WordPress Plugin Exploit Author: ed0x21son Vendor Homepage: https://www.webarxsecurity.com...
Rausoft ID.prove 2.95 - Username SQL injection Vulnerability
Exploit for windows platform in category web applications Exploit Title: Rausoft ID.prove 2.95 - 'Username' SQL injection Google Dork: inurl:IdproveWebclient Exploit Author: Ilya Timchenko, Mercedes pay S.A. Vendor Homepage: https://www.idprove.de Software Link:...
TransMac 12.2 - Denial of Service Exploit
Exploit for windows platform in category dos / poc Exploit Title: TransMac 12.2 - Denial of Service PoC Author: Gionathan "John" Reale Software Link: http://www.acutesystems.com/tmac/tmsetup.exe Tested Version: 12.2 Tested on OS: Windows 7 32-bit Steps to Reproduce: Run the python exploit script,...
CrossFont 7.5 - Denial of Service Exploit
Exploit for windows platform in category dos / poc Exploit Title: CrossFont 7.5 - Denial of Service PoC Author: Gionathan "John" Reale Software Link: http://www.acutesystems.com/cfnt/cfsetup.exe Tested Version: 7.5 Tested on OS: Windows 7 32-bit Steps to Reproduce: Run the python exploit script, ...
Linux - #VMA Use-After-Free via Buggy vmacache_flush_all() Fastpath Exploit
Exploit for linux platform in category local exploits Linux - VMA Use-After-Free via Buggy vmacacheflushall Fastpath Exploit Since commit 615d6e8756c8 "mm: per-thread vma caching", first in 3.15, Linux has per-task VMA caches that contain up to four VMA pointers for fast lookup. VMA caches are...
Joomla Timetable Schedule 3.6.8 Component - SQL Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: Joomla! Component Timetable Schedule 3.6.8 - SQL Injection Vendor Homepage: http://osthemeclub.com/ Software Link: https://extensions.joomla.org/extensions/extension/calendars-a-events/timetable-schedule/ Version: 3.6.8 Category...
Joomla Responsive Portfolio 1.6.1 Component - filter_order_Dir SQL Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: Joomla! Component Responsive Portfolio 1.6.1 - 'filterorderDir' SQL Injection Exploit Author: Özkan Mustafa Akkuş AkkuS Vendor Homepage: https://extro.media/ Software Link:...
Linux/ARM - Bind (0.0.0.0:4444/TCP) Shell (/bin/sh) + Null-Free Shellcode (92 Bytes)
/ Title: Linux/ARM - Bind 0.0.0.0:4444/TCP Shell /bin/sh + Null-Free Shellcode 92 Bytes Date: 2018-09-26 Tested: armv7l Raspberry Pi 3 Model B+ Author: Ken Kitahara System Information pi@raspberrypi: $ uname -a Linux raspberrypi 4.14.52-v7+ 1123 SMP Wed Jun 27 17:35:49 BST 2018 armv7l GNU/Linux...
Easy PhoroResQ 1.0 - Buffer Overflow Exploit
Exploit for windows platform in category local exploits Exploit Title: Easy PhoroResQ 1.0 - Buffer Overflow PoC Discovery by: Cemal Cihad ÇİFTÇİ Tested Version: 1.0 Vulnerability Type: Local Buffer Overflow Tested on OS: Windows XP Professional Service Pack 3 Vendor Homepage:...
Joomla Jobs Factory 2.0.4 Component - SQL Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: Joomla! Component Jobs Factory 2.0.4 - SQL Injection Vendor Homepage: https://thephpfactory.com/ Software Link: https://extensions.joomla.org/extensions/extension/ads-a-affiliates/jobs-a-recruitment/jobs-factory/ Version: 2.0.4...
RICOH MP C6503 Plus Printer Cross Site Scripting Vulnerability
Exploit for hardware platform in category web applications Exploit Title: RICOH MP C6503 Plus Printer - HTML Injection and Stored XSS Exploit Author: Ismail Tasdelen Vendor Homepage: https://www.ricoh.com/ Hardware Link :...
RICOH MP C406Z Printer Cross Site Scripting Vulnerability
Exploit for hardware platform in category web applications Exploit Title: RICOH MP C406Z Printer - HTML Injection and Stored XSS Exploit Author: Ismail Tasdelen Vendor Homepage: https://www.ricoh.com/ Hardware Link :...
Joomla Swap Factory 2.2.1 Component - SQL Injection Vulnerability
Exploit for php platform in category web applications...
RICOH MP C1803 JPN Printer Cross Site Scripting Vulnerability
Exploit for hardware platform in category web applications Exploit Title: RICOH MP C1803 JPN Printer - HTML Injection and Stored XSS Exploit Author: Ismail Tasdelen Vendor Homepage: https://www.ricoh.com/ Hardware Link : https://www.ricoh.co.jp/mfp/mpc/1803/ Software : RICOH Printer Product...
Super Cms Blog Pro 1.0 - SQL Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: Super Cms Blog Pro 1.0 - SQL Injection Vendor Homepage: http://coolscript.cf/ Software Link: https://www.codegrape.com/item/super-cms-blog-pro/22250 Version: 1.0 Category: Webapps Tested on: WiN7x64/KaLiLinuXx64 CVE:...
Joomla Article Factory Manager 4.3.9 Component - SQL Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: Joomla! Component Article Factory Manager 4.3.9 - SQL Injection Vendor Homepage: https://thephpfactory.com/ Software Link:...
Postman 6.3.0 Improper Certificate Validation Vulnerability
Exploit for hardware platform in category web applications Product: Postman standalone Manufacturer: Postman Affected Versions: 6.3.0 and older Tested Versions: 6.2.2 x64 Windows and Linux, 6.3.0 Vulnerability Type: Improper Certificate Validation CWE-295 Risk Level: Medium Solution Status: Open...
RICOH MP 305+ Printer Cross Site Scripting Vulnerability
Exploit for hardware platform in category web applications Exploit Title: RICOH MP 305+ Printer - HTML Injection and Stored XSS Exploit Author: Ismail Tasdelen Vendor Homepage: https://www.ricoh.com/ Hardware Link :...
Joomla Collection Factory 4.1.9 Component - SQL Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: Joomla! Component Collection Factory 4.1.9 - SQL Injection Vendor Homepage: https://thephpfactory.com/ Software Link: https://extensions.joomla.org/extensions/extension/vertical-markets/thematic-directory/collection-factory/...
Joomla Reverse Auction Factory 4.3.8 Component - SQL Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: Joomla! Component Reverse Auction Factory 4.3.8 - SQL Injection Vendor Homepage: https://thephpfactory.com/ Software Link: https://extensions.joomla.org/extensions/extension/e-commerce/auction/reverse-auction-factory/ Version:...
EE 4GEE Mini Local Privilege Escalation Vulnerability
Exploit for windows platform in category local exploits Title: EE 4GEE Mini Local Privilege Escalation Vulnerability Software Version: EE400002.0044 Tested on: Windows 10 64-bit and Windows 7 64-bit Exploit Author: Osanda Malith Jayathissa @OsandaMalith Original Advisory:...
Joomla Questions 1.4.3 Component - SQL Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: Joomla! Component Questions 1.4.3 - SQL Injection Vendor Homepage: https://extensiondeveloper.com/ Software Link: https://extensions.joomla.org/extensions/extension/communication/question-a-answers/questions/ Version: 1.4.3...
RICOH MP C307 Printer Cross Site Scripting Vulnerability
Exploit for hardware platform in category web applications Exploit Title: RICOH MP C307 Printer - HTML Injection and Stored XSS Exploit Author: Ismail Tasdelen Vendor Homepage: https://www.ricoh.com/ Hardware Link :...
Joomla Social Factory 3.8.3 Component - SQL Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: Joomla! Component Social Factory 3.8.3 - SQL Injection Vendor Homepage: https://thephpfactory.com/ Software Link: https://extensions.joomla.org/extensions/extension/clients-a-communities/communities/social-factory/ Version: 3.8....
Joomla Raffle Factory 3.5.2 Component - SQL Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: Joomla! Component Raffle Factory 3.5.2 - SQL Injection Vendor Homepage: https://thephpfactory.com/ Software Link: https://extensions.joomla.org/extensions/extension/e-commerce/auction/raffle-factory/ Version: 3.5.2 Category:...
Solaris EXTREMEPARR dtappgather Privilege Escalation Exploit
This Metasploit module exploits a directory traversal vulnerability in the dtappgather executable included with Common Desktop Environment CDE on unpatched Solaris systems prior to Solaris 10u11 which allows users to gain root privileges. dtappgather allows users to create a user-owned directory ...
Joomla Music Collection 3.0.3 Component - SQL Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: Joomla! Component Music Collection 3.0.3 - SQL Injection Vendor Homepage: http://joomlathat.com/ Software Link: https://extensions.joomla.org/extensions/extension/multimedia/multimedia-players/music-collection/ Version: 3.0.3...
Joomla Penny Auction Factory 2.0.4 Component - SQL Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: Joomla! Component Penny Auction Factory 2.0.4 - SQL Injection Vendor Homepage: https://thephpfactory.com/ Software Link: https://extensions.joomla.org/extensions/extension/e-commerce/auction/penny-auction-factory/ Version: 2.0.4...
Joomla Dutch Auction Factory 2.0.2 Component - filter_order_Dir SQL Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: Joomla! Component Dutch Auction Factory 2.0.2 - 'filterorderDir' SQL Injection Exploit Author: Ihsan Sencan Vendor Homepage: https://thephpfactory.com/ Software Link:...
Joomla eXtroForms 2.1.5 Component - filter_type_id SQL Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: Joomla Component eXtroForms 2.1.5 - 'filtertypeid' SQL Injection Exploit Author: Özkan Mustafa Akkuş AkkuS Vendor Homepage: https://extro.media/ Software Link:...
Joomla AlphaIndex Dictionaries 1.0 Component - SQL Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: Joomla! Component AlphaIndex Dictionaries 1.0 - SQL Injection Vendor Homepage: http://multiplanet.gr/ Software Link: https://extensions.joomla.org/extensions/extension/authoring-a-content/alphaindex-dictionaries/ Version: 1.0...
RICOH MP C2003 Printer Cross Site Scripting Vulnerability
Exploit for hardware platform in category web applications Exploit Title: RICOH MP C2003 Printer - HTML Injection and Stored XSS Exploit Author: Ismail Tasdelen Vendor Homepage: https://www.ricoh.com/ Hardware Link :...
Joomla CW Article Attachments 1.0.6 - id SQL Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: Joomla! CW Article Attachments 1.0.6 - 'id' SQL Injection Exploit Author: Haboob Team Software Link: https://extensions.joomla.org/extension/cw-article-attachments/ Version: below 1.0.6 CVE : CVE-2018-14592...
LG SuperSign EZ CMS 2.5 - Remote Code Execution Exploit
Exploit for hardware platform in category web applications Exploit Title: LG SuperSign EZ CMS 2.5 - Remote Code Execution Exploit Author: Alejandro Fanjul Vendor Homepage:https://www.lg.com Software Link: https://www.lg.com/ar/software-lg-supersign Version: SuperSignEZ 1.3 Tested on: LG WebOS 3.1...
RICOH Aficio MP 301 Printer - Cross-Site Scripting Vulnerability
Exploit for hardware platform in category web applications Exploit Title: RICOH Aficio MP 301 Printer - Cross-Site Scripting Exploit Author: Ismail Tasdelen Vendor Homepage: https://www.ricoh.com/ Hardware Link:...
Joomla AMGallery 1.2.3 Component - filter_category_id SQL Injection Exploit
Exploit for php platform in category web applications Exploit Title: Joomla! Component AMGallery 1.2.3 - 'filtercategoryid' SQL Injection Exploit Author: Ihsan Sencan Vendor Homepage: http://arenam.ru/ Software Link:...
SoftX FTP Client 3.3 - Denial of Service Exploit
Exploit for windows platform in category dos / poc Exploit Title: SoftX FTP Client 3.3 - Denial of Service PoC Discovery by: Cemal Cihad ÇİFTÇİ Tested Version: 3.3 Vulnerability Type: DOS Tested on OS: Windows XP Professional Service Pack 3 Vendor Homepage: www.softx.org Download Link:...
RICOH MP C6003 Printer - Cross-Site Scripting Vulnerability
Exploit for hardware platform in category web applications Exploit Title: RICOH MP C6003 Printer - Cross-Site Scripting Exploit Author: Ismail Tasdelen Vendor Homepage: https://www.ricoh.com/ Hardware Link:...
Termite 3.4 - Denial of Service Exploit
Exploit for windows platform in category dos / poc Exploit Title: Termite 3.4 - Denial of Service PoC Author: Abdullah Alıç Homepage: https://www.compuphase.com Software Link: https://www.compuphase.com/softwaretermite.htm Tested Version: 3.4 Tested on OS: Windows XP Professional sp3 ENG Steps to...
udisks2 2.8.0 - Denial of Service Vulnerability
Exploit for linux platform in category dos / poc Exploit: udisks2 2.8.0 - Denial of Service PoC Author: oxagast Vendor Homepage: http://storaged.org/ Software Link: https://github.com/storaged-project/udisks Version: =udisks2 2.8.0 Tested on: Ubuntu x64 / / / \ / / / O / / \ \ /\//\//...
Beyond Remote 2.2.5.3 - Denial of Service Exploit
Exploit for windows platform in category dos / poc Exploit Title: Beyond Remote 2.2.5.3 - Denial of Service PoC Author: Erenay Gencay Software Link: https://beyond-remote-client-and-server.jaleco.com/ Tested Version: 2.2.5.3 Tested on OS: Windows XP Professional sp3 ENG Steps to Reproduce: Run th...
Linux/ARM - Egghunter (PWN!) + execve("/bin/sh", NULL, NULL) Shellcode (28 Bytes)
/ Title: Linux/ARM - Egghunter PWN! + execve"/bin/sh", NULL, NULL Shellcode 28 Bytes Tested: armv7l Raspberry Pi 3 Model B+ Author: Ken Kitahara System Information pi@raspberrypi: $ uname -a Linux raspberrypi 4.14.52-v7+ 1123 SMP Wed Jun 27 17:35:49 BST 2018 armv7l GNU/Linux pi@raspberrypi: $...
Joomla Micro Deal Factory 2.4.0 Component - id SQL Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: Joomla! Component Micro Deal Factory 2.4.0 - 'id' SQL Injection Exploit Author: Ihsan Sencan Vendor Homepage: https://thephpfactory.com/ Software Link:...