39001 matches found
Linux 4.18 - Arbitrary Kernel Read into dmesg via Missing Address Check in segfault Handler
Exploit for linux platform in category dos / poc There is a missing address check in both showopcodes callers. showopcodes is mostly used by the kernel to print the raw instruction bytes surrounding an instruction that generated an unexpected exception; however, sometimes it is also used to print...
MediaTek Wirless Utility rt2870 - Denial of Service Exploit
Exploit for windows platform in category dos / poc Exploit Title: MediaTek Wirless Utility rt2870 - Denial of Service PoC Autor: Lawrence Amer Vendor: MediaTek Software url:...
Faleemi Plus 1.0.2 - Denial of Service Exploit
Exploit for windows platform in category dos / poc Exploit Title: Faleemi Plus 1.0.2 - Denial of Service PoC Author: Gionathan "John" Reale Software Link: http://support.faleemi.com/fsc776/FaleemiPlusv1.0.2.exe Tested Version: 1.0.2 Tested on OS: Windows 10 Steps to Reproduce: Run the python...
Netis ADSL Router DL4322D RTK 2.1.1 - Denial of Service Exploit
Exploit for hardware platform in category dos / poc Exploit Title: Netis ADSL Router DL4322D RTK 2.1.1 - Denial of Service PoC Author: Cakes Vendor Homepage: http://www.netis-systems.com Software Link: http://www.netis-systems.com/Home/detail/id/74.html Tested Version: RTK 2.1.1 Tested on OS: Kal...
Joomla JCK Editor 6.4.4 Component - parent SQL Injection Vulnerability
Exploit for php platform in category web applications Title: Joomla Component JCK Editor 6.4.4 - 'parent' SQL Injection Exploit Author: Hamza Megahed Vendor Homepage:https://www.joomla.org/ Download: https://arkextensions.com/products/jck-editor Version: 6.4.4 Tested on: Ubuntu, FireFox, CVE: N/A...
Netis ADSL Router DL4322D RTK 2.1.1 - Cross-Site Scripting Vulnerability
Exploit for hardware platform in category web applications Exploit Title: Netis ADSL Router DL4322D RTK 2.1.1 - Cross-Site Scripting Author: Cakes Vendor Homepage: http://www.netis-systems.com Software Link: http://www.netis-systems.com/Home/detail/id/74.html Tested Version: RTK 2.1.1 Tested on O...
Oracle VirtualBox Manager 5.2.18 r124319 - Name Attribute Denial of Service Exploit
Exploit for windows platform in category dos / poc Exploit Title: Oracle VirtualBox Manager 5.2.18 r124319 - 'Name Attribute' Denial of Service PoC Discovery by: Jose Eduardo Castro Vendor Homepage: https://www.virtualbox.org/ Software Link:...
Rubedo CMS 3.4.0 - Directory Traversal Vulnerability
Exploit for linux platform in category web applications Exploit Title: Rubedo CMS 3.4.0 - Directory Traversal Google Dork: intext:rubedo.current.page.description Exploit Author: Marouene Boubakri Vendor Homepage: https://www.rubedo-project.org Version: through 3.4.0 Tested on: Linux CVE :...
Linux/x86 - Read File (/etc/passwd) MSF Optimized Shellcode (61 bytes)
/ Shellcode Title: Linux/x86 - Read File /etc/passwd MSF Optimized Shellcode 61 bytes Author: Ray Doyle @doylersec Homepage: https://www.doyler.net Tested on: Linux/x86 gcc -o readfileshellcode -z execstack -fno-stack-protector readfileshellcode.c / / Disassembly of section .text: 08048060 :...
LG Smart IP Camera 1508190 - Backup File Download Exploit
Exploit for hardware platform in category web applications Exploit Title: LG Smart IP Camera 1508190 - Backup File Download Exploit Author: Ege Balci Vendor Homepage: https://www.lg.com Software version: 1310250 " exit0...
CirCarLife SCADA 4.3.0 - Credential Disclosure Exploit
Exploit for hardware platform in category web applications Exploit Title: CirCarLife SCADA 4.3.0 - Credential Disclosure Exploit Author: David Castro Vendor Homepage: https://circontrol.com/ Shodan Dork: Server: CirCarLife Server: PsiOcppApp Version: CirCarLife Scada all versions under 4.3.0 OCPP...
Free MP3 CD Ripper 2.6 - .mp3 Buffer Overflow (SEH) Exploit
Exploit for windows platform in category local exploits Exploit Title: Free MP3 CD Ripper 2.6 - '.mp3' Buffer Overflow SEH Author: Gionathan "John" Reale Software Link: http://www.commentcamarche.net/download/telecharger-34082200-free-mp3-cd-ripper Tested on OS: Windows 7 32bit Tested Version: 2....
Android (zygote->init;) Chain from USB Privilege Escalation Exploit
Exploit for Android platform in category local exploits After reporting https://bugs.chromium.org/p/project-zero/issues/detail?id=1583 Android ID 80436257, CVE-2018-9445, I discovered that this issue could also be used to inject code into the context of the zygote. Additionally, I discovered a...
SynaMan 4.0 build 1488 - SMTP Credential Disclosure Vulnerability
Exploit for windows platform in category web applications Exploit Author: bzyo CVE: CVE-2018-10814 Twitter: @bzyo Exploit Title: SynaMan 4.0 - Cleartext password SMTP settings Date: 09-12-18 Vulnerable Software: SynaMan 4.0 build 1488 Vendor Homepage: http://web.synametrics.com/SynaMan.htm Versio...
IBM Identity Governance and Intelligence 5.2.3.2 / 5.2.4 - SQL Injection Vulnerability
Exploit for windows platform in category web applications Exploit Title: Unauthenticated Remote SQLi Exploit Author: Mohamed Sayed - From SecureMisr Company Vendor Homepage: https://www-01.ibm.com/support/docview.wss?uid=ibm10728883 Version: IGI 5.2.3.2 REQUIRED Tested on: Windows 10 CVE :...
Linux/x86 - Add User(r00t/blank) Polymorphic Shellcode (103 bytes)
/ Shellcode Title: Linux/x86 - Add Userr00t/blank Polymorphic Shellcode 103 bytes Date: 2018-09-13 Author: Ray Doyle @doylersec Homepage: https://www.doyler.net Tested on: Linux/x86 gcc -o polyaddusershellcode -z execstack -fno-stack-protector polyaddusershellcode.c / / Disassembly of section...
MyBB 1.8.17 - Cross-Site Scripting Vulnerability
Exploit for php platform in category web applications Exploit Title: MyBB 1.8.17 - Cross-Site Scripting Author: 0xB9 Twitter: @0xB9Sec Contact: 0xB9atpm.me Software Link: https://mybb.com/download/ Version: 1.8.17 Tested on: Ubuntu 18.04 CVE: CVE-2018-15596 1. Description: On the forum RSS...
Faleemi Desktop Software 1.8.2 - SavePath for ScreenShots Buffer Overflow (SEH) Exploit
Exploit for windows platform in category local exploits Exploit Title: Faleemi Desktop Software 1.8.2 - 'SavePath for ScreenShots' Buffer Overflow SEH Author: Gionathan "John" Reale Software Link: http://support.faleemi.com/fsc776/Faleemiv1.8.exe Tested Version: 1.8.2 Tested on OS: Windows 7 32bi...
Apache Portals Pluto 3.0.0 - Remote Code Execution Exploit
Exploit for windows platform in category web applications Exploit Title: Apache Portals Pluto 3.0.0 - Remote Code Execution Exploit Author: Che-Chun Kuo Vendor Homepage: https://portals.apache.org/pluto/ Software Link: http://archive.apache.org/dist/portals/pluto/ Version: 3.0.0 Tested on: Window...
InduSoft Web Studio 8.1 SP1 - Tag Name Buffer Overflow (SEH) Exploit
Exploit for linux platform in category local exploits Exploit Title: InduSoft Web Studio 8.1 SP1 - 'Tag Name' Buffer Overflow SEH Discovery by: Luis Martinez Vendor Homepage: http://www.indusoft.com/ Software Link: http://www.indusoft.com/Products-Downloads Tested Version: 8.1 SP1 Vulnerability...
SynaMan 4.0 build 1488 - Authenticated Cross-Site Scripting Vulnerability
Exploit for windows platform in category web applications Exploit Author: bzyo CVE: CVE-2018-10763 Twitter: @bzyo Exploit Title: SynaMan 4.0 - Authenticated Cross Site Scripting XSS Vulnerable Software: SynaMan 4.0 build 1488 Vendor Homepage: http://web.synametrics.com/SynaMan.htm Version: 4.0...
STOPzilla AntiMalware 6.5.2.59 - Privilege Escalation Exploit
Exploit for windows platform in category local exploits / Exploit Title: STOPzilla AntiMalware 6.5.2.59 - Privilege Escalation Author: Parvez Anwar @parvezghh Vendor Homepage: https://www.stopzilla.com/ Software link:...
Linux/x86 - Random Bytewise XOR + Insertion Encoder Shellcode (54 bytes)
/ Title: Linux/x86 - Random Bytewise XOR + Insertion Encoder Shellcode 54 bytes Author: Ray Doyle @doylersec Homepage: https://www.doyler.net Tested on: Linux/x86 gcc -o xorencodedshellcode -z execstack -fno-stack-protector xorencodedshellcode.c / / Disassembly of section .text: 08048060 : 804806...
Socusoft Photo to Video Converter 8.07 - Registration Name Buffer Overflow Exploit
Exploit for windows platform in category local exploits Exploit Title: Socusoft Photo to Video Converter 8.07 - 'Registration Name' Buffer Overflow Exploit Author : ZwX Vendor Homepage : http://www.dvd-photo-slideshow.com/photo-to-video-converter.html Version Software : 8.07 Tested on OS: Windows...
Linux/x86 - File Modification(/etc/hosts) Polymorphic Shellcode (99 bytes)
/ Title: Linux/86 - File Modification/etc/hosts Polymorphic Shellcode 99 bytes Author: Ray Doyle @doylersec Tested on: Linux/x86 gcc -o polyhostsshellcode -z execstack -fno-stack-protector polyhostsshellcode.c / / Disassembly of section .text: 08048060 : 8048060: 29 c9 sub ecx,ecx 8048062: 51 pus...
Wordpress Survey & Poll 1.5.7.3 Plugin - sss_params SQL Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: Wordpress Plugin Survey & Poll 1.5.7.3 - 'sssparams' SQL Injection Exploit Author: Ceylan Bozogullarindan Vendor Homepage: http://modalsurvey.pantherius.com/ Software Link:...
Watchguard AP100 AP102 AP200 1.2.9.15 - Remote Code Execution Exploit
Exploit for linux platform in category web applications This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Watchguard AP Backdoor Shell', 'Description' = 'Watchguard AP's have a backdoor account...
Apache Syncope 2.0.7 Remote Code Execution Exploit
Exploit for windows platform in category remote exploits Exploit Title: Apache Syncope 2.0.7 - Remote Code Execution Date: 2018-09-12 Exploit Author: Che-Chun Kuo Vendor Homepage: https://syncope.apache.org/ Software Link: http://archive.apache.org/dist/syncope/ Version: 2.0.7 Tested on: Windows...
RPi Cam Control < 6.4.25 - Remote Command Execution Exploit
Exploit for linux platform in category web applications !/usr/bin/python import sys import requests import os import re import readline def usage: print "\nRPi Cam Web Interface Exploit\n" print "Usage: %s http://host/path/to/preview.php \n" % sys.argv0 print "Options: " print " -h, --help Show...
Tor Browser 7.0.8 Information Disclosure Vulnerability
This write up holds the details for the Tor Browser information disclosure vulnerability as discussed in CVE-2017-16541. Version 7.0.8 is affected. There is the details for CVE-2017-16541 Tor Browser information disclosure, More infos at:...
Bayanno Hospital Management System 4.0 - Cross-Site Scripting Vulnerability
Exploit for php platform in category web applications Exploit Title: Bayanno Hospital Management System 4.0 - Cross-Site Scripting Software Link: https://codecanyon.net/item/bayanno-hospital-management-system/5814621 Exploit Author: Gokhan Sagoglu Vendor Homepage:: http://creativeitem.com/ Versio...
Easy File Sharing Web Server 6.9 Buffer Overflow Exploit
Easy File Sharing Web Server version 6.9 POST msg.ghp UserID remote buffer overflow SEH exploit with DEP bypass and ROP. !/usr/bin/python Exploit Title: Easy File Sharing Web Server 6.9 - 'POST' msg.ghp 'UserID' Remote Buffer Overflow SEHDEP Bypass + ROP Google Dork: intitle:"Login - powered by...
InTouch Machine Edition 8.1 SP1 - Nombre del Tag Buffer Overflow (SEH) Exploit
Exploit for windows platform in category local exploits Exploit Title: InTouch Machine Edition 8.1 SP1 - 'Nombre del Tag' Buffer Overflow SEH Discovery by: Luis Martinez Vendor Homepage: https://on.wonderware.com/ Software Link: https://on.wonderware.com/intouch-machine-edition Tested Version: 8....
HTML5 Video Player 1.2.5 - Denial of Service Exploit
Exploit for windows platform in category dos / poc Exploit Title: HTML5 Video Player 1.2.5 - Denial of Service PoC Exploit Author: T3jv1l Vendor Homepage: http://www.html5videoplayer.net/download.html Software: http://www.html5videoplayer.net/html5videoplayer-setup.exe Contact:...
VirtualBox 5.2.6.r120293 - VM Escape Exploit
Exploit for linux platform in category local exploits Oracle fixed some of the issues I reported in VirtualBox during the Oracle Critical Patch Update - April 2018. CVE-2018-2844 was an interesting double fetch vulnerability in VirtualBox Video Acceleration VBVA feature affecting Linux hosts. VBV...
Avaya one-X 9.x / 10.0.x / 10.1.x Arbitrary File Disclosure / Deletion Vulnerabilities
Avaya one-X versions 9.x, 10.0.x, and 10.1.x suffer from arbitrary file disclosure and deletion vulnerabilities. Tittle: one-X portal arbitrary OS file access Risk: High Date: 07.Ago.2018 Author: Pedro Andujar Twitter: @pandujar .: INTRO : one-X Portal for IP Office is an application that runs on...
SocuSoft iPod Photo Slideshow 8.05 - Buffer Overflow (SEH) Exploit
Exploit for windows platform in category local exploits Exploit Title: SocuSoft iPod Photo Slideshow 8.05 - Buffer Overflow SEH Author: Shubham Singh Known As: Spirited Wolf Twitter: @Pwsecspirit Software Link:http://www.dvd-photo-slideshow.com/ipod-photo-slideshow.html Tested Version: 8.05 Teste...
Photo To Video Converter Professional 8.07 - Buffer Overflow (SEH) Exploit
Exploit for windows platform in category local exploits Exploit Title: Photo To Video Converter Professional 8.07 - Buffer Overflow SEH Author: Shubham Singh Known As: Spirited Wolf Twitter: @Pwsecspirit Software Link:hhttp://www.dvd-photo-slideshow.com/photo-to-video-converter.html Tested Versio...
Microsoft Baseline Security Analyzer 2.3 - XML External Entity Injection Vulnerability
Exploit for windows platform in category local exploits Title: Microsoft Baseline Security Analyzer 2.3 - XML External Entity Injection Author: John Page aka hyp3rlinx Vendor: Microsoft Software link: https://www.microsoft.com/en-us/download/details.aspx?id=7558 Software Version: 2.3 References:...
Any Sound Recorder 2.93 - Denial of Service Exploit
Exploit for windows platform in category dos / poc Exploit Title: Any Sound Recorder 2.93 - Denial of Service PoC Exploit Author: T3jv1l Vendor Homepage: http://www.any-sound-recorder.com Software: http://www.any-sound-recorder.com/anysoundrecorder.exe Version: Any Sound Recorder 2.93 Tested on:...
LinkNet LW-N605R 12.20.2.1486 - Remote Code Execution Exploit
Exploit for hardware platform in category web applications Title: LW-N605R 12.20.2.1486 - Remote Code Execution Author: Nassim Asrir Vendor: LINK-NET Product Link: http://linknet-usa.com/main/productinfo.php?productsid=35&language=es Firmware version: 12.20.2.1486 CVE: N/A Description: LW-N605R...
Zenmap Nmap 7.70 - Denial of Service Exploit
Exploit for windows platform in category dos / poc Exploit Title: Nmap 7.70 - Denial of Service PoC Author: Gionathan "John" Reale Software Link: https://nmap.org/dist/nmap-7.70-setup.exe Tested Version: 7.70 ZenMap Tested on OS: Windows 7 32bit Description: This vunerability causes the program t...
Socusoft 3GP Photo Slideshow 8.05 - Buffer Overflow (SEH) Exploit
Exploit for windows platform in category local exploits Exploit Title: Socusoft 3GP Photo Slideshow 8.05 - Buffer Overflow SEH Author: Shubham Singh Known As: Spirited Wolf Twitter: @Pwsecspirit Software Link:http://www.dvd-photo-slideshow.com/3gp-photo-slideshow.html Tested Version: 8.05 Tested ...
Flash Slideshow Maker Professional 5.20 - Buffer Overflow (SEH) Exploit
Exploit for windows platform in category local exploits Exploit Title: Flash Slideshow Maker Professional 5.20 - Buffer Overflow SEH Author: Shubham Singh Known As: Spirited Wolf Twitter: @Pwsecspirit Software Link:http://flash.dvd-photo-slideshow.com/ Tested Version: 5.20 Tested on OS: Windows X...
DVD Photo Slideshow Professional 8.07 - Buffer Overflow (SEH) Exploit
Exploit for windows platform in category local exploits Exploit Title: DVD Photo Slideshow Professional 8.07 - Buffer Overflow SEH Exploit Author:T3jv1l Vendor Homepage:http://www.dvd-photo-slideshow.com/ Software:www.dvd-photo-slideshow.com/dpsinstall.exe Category:Local...
MedDream PACS Server Premium 6.7.1.1 - Directory Traversal Vulnerability
Exploit for php platform in category web applications Exploit Title: Softneta MedDream PACS Server Premium 6.7.1.1 - Directory Traversal Software Link: https://www.softneta.com/products/meddream-pacs-server/downloads.html Google Dork: inurl:pacs/login.php, inurl:pacsone/login.php, inurl:pacsone...
QNAP Photo Station 5.7.0 - Cross-Site Scripting Vulnerability
Exploit for php platform in category web applications Exploit Title: QNAP Photo Station 5.7.0 - Cross-Site Scripting Exploit Author: Mitsuaki Mitch Shiraishi - secureworks Vendor Homepage: https://www.qnap.com/ja-jp/security-advisory/nas-201808-23 Software Link: N/A Version: QNAP Photo Station...
Apache Struts 2 Namespace Redirect OGNL Injection Exploit
This Metasploit module exploits a remote code execution vulnerability in Apache Struts versions 2.3 through 2.3.4, and 2.5 through 2.5.16. Remote code execution can be performed via an endpoint that makes use of a redirect action. Native payloads will be converted to executables and dropped in th...
MedDream PACS Server Premium 6.7.1.1 - email SQL Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: MedDream PACS Server Premium 6.7.1.1 - 'email' SQL Injection Software https://www.softneta.com/products/meddream-pacs-server/downloads.html Version: MedDreamPACS Premium 6.7.1.1 Exploit Author: Carlos Avila Google Dork:...
DokuWiki 2018-04-22a Greebo Arbitrary Code Execution Vulnerability
DokuWiki version 2018-04-22a Greebo suffers from a CSV formula injection vulnerability that allows for arbitrary code execution. ======================================================================= title: CSV Formula Injection product: DokuWiki vulnerable version: 2018-04-22a "Greebo" and olde...