39001 matches found
Charles Proxy 4.2 - Local root Privilege Escalation Exploit
Exploit for macOS platform in category local exploits Charles Proxy is a great mac application for debugging web services and inspecting SSL traffic for any application on your machine. In order to inspect the SSL traffic it needs to configure the system to use a proxy so that it can capture the...
ipPulse 1.92 - IP Address/HostName-Comment Denial of Service #PoC Exploit
Exploit for windows platform in category dos / poc Exploit Title: ipPulse 1.92 - 'IP Address/HostName-Comment' Denial of Service PoC Discovery by: Luis Martinez Vendor Homepage: https://www.netscantools.com/ippulseinfo.html Software Link : http://download.netscantools.com/ipls192.zip Tested...
Allok MOV Converter 4.6.1217 Buffer Overflow Exploit
Exploit for windows platform in category local exploits Exploit Title : Allok MOV Converter 4.6.1217 - Remote Buffer Overflow Discovery by : Shubham Singh Known As : Spirited Wolf Twitter: @Pwsecspirit Youtube Channel : www.youtube.com/c/Pentestingwithspirit Software Link :...
fusermount - user_allow_other Restriction Bypass and SELinux Label Control Exploit
Exploit for linux platform in category dos / poc / It is possible to bypass fusermount's restrictions on the use of the "allowother" mount option as follows if SELinux is active. Here's a minimal demo, tested on a Debian system with SELinux enabled in permissive mode:...
Responsive Filemanager 9.13.1 Server-Side Request Forgery Vulnerability
Exploit for php platform in category web applications Exploit Title: Responsive filemanager - SSRF Exploit Author: GUIA BRAHIM FOUAD Vendor Homepage: http://responsivefilemanager.com/ Software Link: https://github.com/trippo/ResponsiveFilemanager/releases/download/v9.13.1/responsivefilemanager.zi...
H2 Database 1.4.197 - Information Disclosure Exploit
Exploit for linux platform in category web applications Exploit Title: H2 Database 1.4.197 - Information Disclosure Exploit Author: owodelta Vendor Homepage: www.h2database.com Software Link: http://www.h2database.com/html/download.html Version: all versions Tested on: Linux CVE : CVE-2018-14335...
Microsoft Wireless Display Adapter 2 Command Injection / Broken Access Control Vulnerability
Exploit for windows platform in category remote exploits Command Injection, Broken Access Control and Evil-Twin-Attack in Microsoft Wireless Display Adapter V2 - CVE-2018-8306 Affected Products: Microsoft Wireless Display Adapter V2: - Microsoft Wireless Display Adapter V2 Softwareversion 2.0.835...
ProjectSend - SQL Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: ProjectSend - SQL Injection Exploit Author: GUIA BRAHIM FOUAD Vendor Homepage: https://www.projectsend.org/ Software Link: https://www.projectsend.org/download/241/ Version: R1053 Tested on: ProjectSend version: R1053, php...
FTPShell Client 5.22 Remote Buffer Overflow Exploit
Exploit for windows platform in category remote exploits !/usr/bin/python Exploit Title : FTPShell Client 5.22 - Remote Buffer Overflow Discovery by : Shubham Singh Known As : Spirited Wolf Twitter: @Pwsecspirit Email : email protected Youtube Channel : www.youtube.com/c/Pentestingwithspirit...
NetScanTools Basic Edition 2.5 - Hostname Denial of Service (PoC) Exploit
Exploit for windows platform in category dos / poc Exploit Title: NetScanTools Basic Edition 2.5 - 'Hostname' Denial of Service PoC Discovery by: Luis MartÃnez Vendor Homepage: https://www.netscantools.com/ Software Link : http://download.netscantools.com/nstb250.zip Tested Version: 2.5...
WordPress Gwolle Guestbook 2.5.3 Cross Site Scripting Vulnerability
Exploit for php platform in category web applications Advisory Title: WordPress Gwolle Guestbook Plugin XSS Security Vulnerability Advisory URL: http://www.defensecode.com/advisories.php Software: WordPress Gwolle Guestbook plugin Language: PHP Version: 2.5.3 and below Vendor Status: Vendor...
WordPress Snazzy Maps 1.1.3 Cross Site Scripting Vulnerability
Exploit for php platform in category web applications Advisory Title: WordPress Snazzy Maps Plugin Multiple XSS Vulnerabilities Advisory URL: http://www.defensecode.com/advisories.php Software: WordPress Snazzy Maps plugin Language: PHP Version: 1.1.3 and below Vendor Status: Vendor contacted, no...
WordPress Strong Testimonials 2.31.4 Cross Site Scripting Vulnerability
Exploit for php platform in category web applications Advisory Title: WordPress Strong Testimonials Plugin Multiple XSS Vulnerabilities Advisory URL: http://www.defensecode.com/advisories.php Software: WordPress Strong Testimonials plugin Language: PHP Version: 2.31.4 and below Vendor Status:...
WordPress Responsive Thumbnail Slider Plugin - Arbitrary File Upload Exploit
Exploit for php platform in category remote exploits This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "WordPress Responsive Thumbnail Slider Arbitrary File Upload", 'Description' = %q This module...
Online Trade 1 - Information Disclosure Vulnerability
Exploit for linux platform in category web applications Exploit Title: Online Trade 1 - Information Disclosure Exploit Author: Dhamotharan Vendor Homepage: https://codecanyon.net/item/online-trade-online-forex-and-cryptocurrency-investment-system/21987193?srank=14 CVE : CVE-2018-14328 Version: 1...
Super CMS Blog Pro PHP Script 1.0 SQL Injection / Shell Upload Vulnerabilities
Exploit for php platform in category web applications Exploit Title: Super Cms Blog Pro PHP Script v1.0 - Upload shell & SQL Injection Google Dork: N/A Date: 2018/25/7 Exploit Author: ShanoWeb Author Mail : MrdotNet2NetatGmaildotcom Vendor Homepage: https://www.codester.com/Seunex Software Buy:...
QNap QVR Client 5.1.1.30070 - Password Denial of Service #PoC Exploit
Exploit for windows platform in category dos / poc Exploit Title: QNap QVR Client 5.1.1.30070 - 'Password' Denial of Service PoC Discovery by: Luis MartÃnez Vendor Homepage: https://www.qnapsecurity.com/n/en/ Software Link : http://download.qnap.com/Surveillance/QVRClient/Qmon5.1.1.30070.zip Test...
CleanMyMac3 Local Privilege Escalation Exploit
Exploit for macOS platform in category local exploits CleanMyMac3 installs a rooted helper com.macpaw.CleanMyMac3.Agent, and its XPC interface does not validate anything. In CMPrivilegedOperationprotocol, there are actually more than one way to execute privileged code. The most straight forward o...
Tracto ERC20 Integer Overflow Vulnerability
Exploit for multiple platform in category dos / poc Hello,I found an integer overflow in increaseApproval function.And it doesn't use the safe function to add value. code addresss: https://etherscan.io/address/0x30ceCB5461A449A90081F5a5F55db4e048397BAB vuln code: function increaseApproval address...
Skia - Heap Overflow in SkScan::FillPath due to Precision Error Vulnerability
Exploit for multiple platform in category dos / poc There is a heap overflow in Skia when drawing paths with antialiasing turned off. This issue can be triggered in both Google Chrom and Mozilla Firefox by rendering a specially crafted SVG image. PoCs for both browsers are attached. Details: When...
Axis Network Camera Remote Command Execution Exploit
This Metasploit module exploits an authentication bypass in .srv functionality and a command injection in parhand to execute code as the root user. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModul...
SoftNAS Cloud OS Command Injection Vulnerability
Exploit for php platform in category web applications SoftNAS Cloud OS Command Injection 1. Advisory Information Title: SoftNAS Cloud OS Command Injection Advisory ID: CORE-2018-0009 Advisory URL: http://www.coresecurity.com/advisories/softnas-cloud-OS-command-injection Date published: 2018-07-26...
Trivum Multiroom Setup Tool 8.76 - Cross-Site Request Forgery (Admin Bypass) Vulnerability
Exploit for hardware platform in category web applications Exploit Title: Trivum Multiroom Setup Tool 8.76 - Corss-Site Request Forgery Admin Bypass Date: 2018-07-25 Software Link: https://world.trivum-shop.de https://world.trivum-shop.de/ Version: 9.34 build 13381 - 12.07.18 Category: hardware,...
Inteno IOPSYS - (Authenticated) Local Privilege Escalation Exploit
Exploit for linux platform in category local exploits !/usr/bin/python import json import sys import subprocess import socket import os from websocket import createconnection def ubusAuthhost, username, password: ws = createconnection"ws://" + host, header = "Sec-WebSocket-Protocol: ubus-json" re...
Core FTP 2.0 - XRMD Denial of Service PoC Exploit
Exploit for windows platform in category dos / poc Exploit Title: Core FTP 2.0 - 'XRMD' Denial of Service PoC Exploit Author: Erik David Martin Vendor Homepage: http://www.coreftp.com/ Software Link: http://www.coreftp.com/server/download/CoreFTPServer.exe Version: Version 2.0, build 653, 32-bit...
SMPlayer 18.6.0 Memory Corruption Exploit
Exploit for multiple platform in category dos / poc SMPlayer 18.6.0 - Memory Corruption DoS Vulnerability Product & Service Introduction: =============================== SMPlayer is a free multimedia player for Windows and Linux with built-in codecs that can play virtually any video and audio...
10-Strike LANState 8.8 - Local Buffer Overflow (SEH) Exploit
Exploit for windows platform in category local exploits Exploit Title: 10-Strike LANState 8.8 - Local Buffer Overflow SEH Exploit Author: absolomb Vendor Homepage: https://www.10-strike.com/products.shtml Software Link: https://www.10-strike.com/lanstate/download.shtml Version 8.8 Tested on:...
Sourcetree Remote Code Execution Exploit
Sourcetree suffers from multiple remote code execution vulnerabilities related to git submodules and argument injection. macOS versions 1.0b2 up to 2.7.6 and Windows versions 0.5.1.0 up to 2.6.10 are affected. Sourcetree Remote Code Execution Exploit CVE ID: CVE-2018-11235. CVE-2018-13385...
10-Strike Bandwidth Monitor 3.7 - Local Buffer Overflow (SEH) Exploit
Exploit for windows platform in category local exploits Title: 10-Strike Bandwidth Monitor 3.7 - Local Buffer Overflow SEH Exploit Author: absolomb Vendor Homepage: https://www.10-strike.com/products.shtml Software Link: https://www.10-strike.com/bandwidth-monitor/download.shtml Run script, open ...
GeoVision GV-SNVR0811 Directory Traversal Vulnerability
Exploit for linux platform in category web applications Exploit Title: GeoVision GV-SNVR0811 Directory Traversal Exploit Author: Berk Dusunur Google Dork: N/A Type: Hardware Vendor Homepage: http://www.geovision.com.tw/product/GV-SNVR0811 Software Link:...
GetGo Download Manager 6.2.1.3200 - Buffer Overflow Exploit
Exploit for windows platform in category dos / poc Exploit Title: GetGo Download Manager 6.2.1.3200 - Buffer Overflow Denial of Service Exploit Author: Nathu Nandwani Website: http://nandtech.co CVE: CVE-2017-17849 Tested On: Windows 7 x86, Windows 10 x64 Details The downloader feature of GetGo...
NUUO NVRmini - upgrade_handle.php Remote Command Execution Vulnerability
Exploit for hardware platform in category web applications Exploit Title: NUUO NVR Unauthenticated Remote Code Execution Exploit Author: Berk Dusunur Vendor Homepage: http://www.nuuo.com/ Software Link: http://www.nuuo.com/ Affected Version: v2016 Tested on: Parrot OS CVE : N/A Proof Of Concept G...
Windows Speech Recognition - Buffer Overflow Exploit
Exploit for windows platform in category dos / poc Title: Windows Speech Recognition- Buffer Overflow Author: Nassim Asrir Contact: email protected | https://www.linkedin.com/in/nassim-asrir-b73a57122/ Vendor: https://www.microsoft.com/ About Windows Speech Recognition:...
Tenda Wireless N150 Router 5.07.50 - Cross-Site Request Forgery (Reboot Router) Exploit
Exploit for hardware platform in category web applications Exploit Title: Tenda Wireless N150 Router 5.07.50 - Cross-Site Request Forgery Reboot Router Exploit Author: Nathu Nandwani Website: http://nandtech.co CVE: CVE-2015-5996 Description: The router is vulnerable to a cross-site request forge...
Network Manager VPNC 1.2.4 Privilege Escalation Vulnerability
Network Manager VPNC version 1.2.4 suffers from a privilege escalation vulnerability. Network Manager VPNC - Privilege Escalation CVE-2018-10900 Release URL: https://pulsesecurity.co.nz/advisories/NM-VPNC-Privesc CVE: CVE-2018-10900 Author: Denis Andzakovic Source:...
D-link DAP-1360 - Path Traversal / Cross-Site Scripting Vulnerabilities
Exploit for hardware platform in category web applications Exploit Title: D-Link DAP-1360 File path traversal and Cross site scriptingreflected can lead to Authentication Bypass easily. Date: 20-07-2018 Exploit Author: r3m0t3nu11 Contact : http://twitter.com/r3m0t3nu11 Vendor : www.dlink.com...
Cisco Adaptive Security Appliance Path Traversal Exploit
This Metasploit module exploits a security vulnerability in Cisco ASA that would allow an attacker to view sensitive system information without authentication by using directory traversal techniques. require 'msf/core' class MetasploitModule "Cisco Adaptive Security Appliance - Path Traversal",...
Davolink DVW 3200 Router - Password Disclosure Exploit
Exploit for hardware platform in category web applications Exploit Title: Davolink DVW 3200 Router - Password Disclosure Google Dork: N/A Zoomeye dork : https://www.zoomeye.org/searchResult?q=%22var%20userpasswd%22%20%2Bapp%3A%22DAVOLINK%20GAPD-7000%20WAP%20httpd%22 Date: 2018-07-13 Exploit Autho...
Micro Focus Secure Messaging Gateway (SMG) < 471 - Remote Code Execution Exploit
Exploit for php platform in category remote exploits This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "MicroFocus Secure Messaging Gateway Remote Code Execution", 'Description' = %q This module...
Linux/x86 - Bind (4444/TCP) Shell (/bin/sh) + IPv6 Shellcode (100 bytes)
Title: Linux/x86 - Bind 4444/TCP Shell + IPv6 Shellcode 100 bytes Length : 100bytes Author: Kartik Durg Write-up Link: https://iamroot.blog/2018/07/17/0x1-shellbindtcpipv6-linux-x86/ Tested on: Ubuntu 16.0.4.1 i686 / global start section .text start: ;References: ;1http://syscalls.kernelgrok.com/...
WordPress LimoLabs 1.0.0 Remote Password Disclosure Vulnerability
Exploit for php platform in category web applications Exploit Title: Wordpress Plugin LimoLabs-iCabbi Remote Password Disclosure Google Dork: inurl:"plugins/limolabs-icabbi" Exploit Author: Gabriel Lipski gabriel.lipskiATprotonmail.com Vendor Homepage: https://www.icabbi.com Tested on: Ubuntu...
Nagios Core 4.4.1 - Denial of Service Vulnerability
Exploit for linux platform in category dos / poc Exploit Title: Nagios Core Multiple Local Denial of Service Exploit Author: Fakhri Zulkifli @d0lph1n98 Vendor Homepage: https://www.nagios.org/ Software Link: https://www.nagios.org/downloads/nagios-core/ Version: 4.4.1 and earlier Tested on: 4.4.1...
Splinterware System Scheduler Pro 5.12 - Buffer Overflow (SEH) Exploit
Exploit for windows platform in category local exploits !/usr/bin/python Exploit Author: bzyo Twitter: @bzyo Exploit Title: Splinterware System Scheduler Pro 5.12 - Local Buffer Overflow SEH Vulnerable Software: System Scheduler Pro 5.12 Vendor Homepage: https://www.splinterware.com Version: 5.12...
Poppler v0.62.0 Memory Corruption Vulnerability
Exploit for linux platform in category dos / poc Title: Poppler v0.62.0 Memory Corruption Vulnerability CVE: CVE-2018-13988 CWE: CWE-119 Exploit Author: Hosein Askari Vendor HomePage: https://poppler.freedesktop.org/ Version : version 0.62.0 and earlier versions Tested on: Ubuntu 18.04...
TP-Link Archer C2 v3.0 UnAuthenticated Remote Code Execution Vulnerability
Exploit for hardware platform in category web applications Exploit Title: UnAuthenticated Remote Code Execution at TP-Link Archer C2 Router Date: 17.07.2018 Exploit Author: Ismail Tasdelen Vendor Homepage: https://www.tp-link.com/ Hardware Link :...
Zoho ManageEngine 13 (13790 build) XSS / File Read / File Deletion Vulnerabilities
Exploit for php platform in category web applications This issue has been reported to the vendor who has already published patches for this issue. https://www.manageengine.com/products/applicationsmanager/issues.html ========================== Advisory: Zoho manageengine Applications Manager...
Oracle Fusion Middleware 12c (12.2.1.3.0) WebLogic SAML Issues Vulnerability
Two vulnerabilities were discovered within the Oracle WebLogic SAML service provider authentication mechanism. By inserting an XML comment into the SAML NameID tag, an attacker can coerce the SAML service provider to log in as another user. Additionally, WebLogic does not require signed SAML...
Microsoft DNS dnslint.exe Tool Forced Drive-By Download Vulnerability
Microsoft's dnslint.exe tool does not verify domain names when parsing DNS text-files using the "/ql" switch making it prone to forced drive-by downloads, providing an end user is tricked into using a server text-file containing a script/binary reference instead of a normally expected domain name...
Linux Driver National Instruments Remote Code Injection Vulnerability
Exploit for linux platform in category remote exploits Hello , i've recently discovered a critical vulnerability in the National Instruments Linux driver package, which opens up an remote code injection software update vulnerability. Classification: CRITICAL / 0day - easily exploitable Impact:...
CMS Made Simple 2.2.5 Authenticated Remote Command Execution Exploit
CMS Made Simple version 2.2.5 allows an authenticated administrator to upload a file and rename it to have a .php extension. The file can then be executed by opening the URL of the file in the /uploads/ directory. This module requires Metasploit: https://metasploit.com/download Current source:...