39001 matches found
Microsoft Edge Chakra JIT - Out-of-Bounds Reads/Writes Exploit
Exploit for windows platform in category dos / poc / It seems that this issue is similar to the issue 1429 MSRC 42111. It might need to refresh the page several times to observe a crash. PoC: / let arr = new Uint32Array1000; for let i = 0; i 0x1000000; i++ for let j = 0; j 1; j++ i--; i++; arri =...
Instagram-Clone Script 2.0 - Cross-Site Scripting Vulnerability
Exploit for php platform in category web applications Exploit Title: Instagram-clone Script 2.0 - Cross-Site Scripting Exploit Author: L0RD Vendor Homepage: https://github.com/yTakkar/Instagram-clone Version: 2.0 CVE: CVE-2018-13849 Tested on: Kali linux POC : Persistent Cross site scripting :...
IBM QRadar SIEM - Unauthenticated Remote Code Execution Exploit
Exploit for unix platform in category remote exploits This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'securerandom' class MetasploitModule 'IBM QRadar SIEM Unauthenticated Remote Code Execution', 'Description...
Oracle WebLogic 12.1.2.0 RMI Registry UnicastRef Object Java Deserialization Remote Code Execution
Exploit for multiple platform in category web applications !/usr/bin/python -- coding: utf-8 -- from argparse import RawTextHelpFormatter import socket, argparse, subprocess, ssl, os.path HELPMESSAGE = ''' --------------------------------------------------------------------------------------...
Umbraco CMS SeoChecker Plugin 1.9.2 - Cross-Site Scripting Vulnerability
Exploit for php platform in category web applications Author Information Author : Ahmed Elhady Mohamed twitter : @AhmedELhady Software Information Affected Software : SeoChecker Umbraco CMS Plug-in Version: version 1.9.2 Software website : https://soetemansoftware.nl/seo-checker Description...
D-Link DIR601 2.02 - Credential Disclosure Vulnerability
Exploit for hardware platform in category web applications Exploit title: D-Link DIR601 2.02NA - Credential disclosure Exploit Author: Richard Rogerson Vendor Homepage: http://ca.dlink.com/ Software Link: http://support.dlink.ca/ProductInfo.aspx?m=DIR-601 Version: = 2.02NA Tested on: D-Link DIR60...
OpenSSH < 6.6 SFTP (x64) - Command Execution Exploit
Exploit for linux platform in category remote exploits define GNUSOURCE // THIS PROGRAM IS NOT DESIGNED TO BE SAFE AGAINST VICTIM MACHINES THAT // TRY TO ATTACK BACK, THE CODE IS SLOPPY! // In other words, please don't use this against other people's machines. include include include include...
Elektronischer Leitz-Ordner 10 - SQL Injection Vulnerability
Exploit for linux platform in category web applications Title: Elektronischer Leitz-Ordner 10 - SQL Injection Author: Jens Regel, Schneider & Wulf EDV-Beratung GmbH & Co. KG Software: https://www.elo.com/en-de/ CVE: N/A Affected Products: ELOenterprise 10 ELO Access Manager = 10.17.120...
OpenSSH < 6.6 SFTP - Command Execution Exploit
Exploit for linux platform in category remote exploits OpenSSH 8 else 32 print "+ bit libc mapped @ -, path: ".formatBITS, addr0, addr1, path libcbase = intaddr0, 16 libcpath = path if "stack" in line: addr = addr.split"-" saddrstart = intaddr0, 16 saddrend = intaddr1, 16...
Tor Browser < 0.3.2.10 - Use After Free (PoC ) Exploit
Tor Browser versions 0.3.2.x before 0.3.2.10 suffer from a use-after-free vulnerability that can result in a denial of service condition. Exploit Title: Tor Browser - Use After Free PoC Exploit Author: t4rkd3vilz Vendor Homepage: https://www.torproject.org/ Software Link:...
WolfSight CMS 3.2 - SQL Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: WolfSight CMS 3.2 - SQL Injection Exploit Author: Berk Dusunur & Zehra Karabiber Vendor Homepage: http://www.wolfsight.com Software Link: http://www.wolfsight.com Version: v3.2 Tested on: Parrot OS / WinApp Server CVE : N/A PoC...
Boxoft WAV to WMA Converter 1.0 - Local Buffer Overflow (SEH) Exploit
Exploit for windows platform in category local exploits Exploit Title: Boxoft wav-wma Converter - Local Buffer Overflow SEH Software Link: http://www.boxoft.com/wav-to-wma/ Software Version:1.0 Exploit Author: Achilles Target: Windows 7 x64 CVE: Description: A malicious .wav file cause this...
Umbraco CMS SeoChecker Plugin 1.9.2 - Cross-Site Scripting Vulnerability
Exploit for php platform in category web applications Author Information Author : Ahmed Elhady Mohamed twitter : @AhmedELhady Date : 01/07/2018 Software Information Affected Software : SeoChecker Umbraco CMS Plug-in Version: version 1.9.2 Software website : https://soetemansoftware.nl/seo-checker...
Activision Infinity Ward Call of Duty Modern Warfare 2 - Buffer Overflow Exploit
Exploit for windows platform in category remote exploits Exploit Title: Stack-based buffer overflow in Activision Infinity Ward Call of Duty Modern Warfare 2 Exploit Author: Maurice Heumann Contact: https://twitter.com/momo5502?lang=en Website: https://momo5502.com/ CVE: CVE-2018-10718 Category:...
Linux/x86 - Kill Process Shellcode (20 bytes)
/ Exploit Title: Kill PID shellcode Date: 07/09/2018 Exploit Author: Nathu Nandwani Platform: Linux/x86 Size: 20 bytes Compile: gcc -fno-stack-protector -z execstack killproc.c -o killproc / include include int main unsigned short pid = 2801; char shellcode = "\x31\xc0" / xor eax, eax / "\xb0\x25...
GitList 0.6.0 Argument Injection Exploit
This Metasploit module exploits an argument injection vulnerability in GitList version 0.6.0. The vulnerability arises from GitList improperly validating input using the php function 'escapeshellarg'. This module requires Metasploit: https://metasploit.com/download Current source:...
HID discoveryd command_blink_on Unauthenticated Remote Command Execution Exploit
This Metasploit module exploits an unauthenticated remote command execution vulnerability in the discoveryd service exposed by HID VertX and Edge door controllers. This Metasploit module was tested successfully on a HID Edge model EH400 with firmware version 2.3.1.603 Build 04/23/2012. This modul...
HP VAN SDN Controller Root Command Injection Exploit
This Metasploit module exploits a hardcoded service token or default credentials in HPE VAN SDN Controller versions 2.7.18.0503 and below to execute a payload as root. A root command injection was discovered in the uninstall action's name parameter, obviating the need to use sudo for privilege...
PolarisOffice 2017 8 - Remote Code Execution Exploit
Exploit for windows platform in category remote exploits + Credits: John Page aka hyp3rlinx Vendor: ============= www.polarisoffice.com Product: =========== PolarisOffice 2017 v8 Polaris Document Solution is an integrated solution for corporate document life cycle from document creation, use,...
Airties AIR5444TT - Cross-Site Scripting Vulnerability
Exploit for windows platform in category web applications Exploit Title: Airties AIR5444TT - Cross-Site Scripting Exploit Author: Raif Berkay Dincel Vendor Homepage: airties.com Software http://www.airties.com.tr/support/dcenter/ Version: 1.0.0.18 CVE-ID: CVE-2018-8738 Tested on: MacOS High Sierr...
SoftExpert Excellence Suite 2.0 - cddocument SQL Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: SoftExpert Excellence Suite 2.0 - 'cddocument' SQL Injection Author: Seren PORSUK Date: 2018-06-28 Type: webapps Platform: PHP CVE= N/A Vendor Homepage : https://www.softexpert.com/solucao/softexpert-excellence-suite/ DETAILS A...
ADB Broadband Gateways / Routers - Authorization Bypass Vulnerability
Exploit for hardware platform in category web applications ======================================================================= title: Authorization Bypass product: All ADB Broadband Gateways / Routers based on Epicentro platform vulnerable version: Hardware: ADB P.RG AV4202N, DV2210, VV2220,...
Intel Processor Diagnostic Tool (IPDT) Privilege Escalation Vulnerability
Intel Processor Diagnostic Tool IPDT versions prior to 4.1.0.27 suffer from three code execution and privilege escalation vulnerabilities. Hi @ll, the executable installers of Intel's Processor Diagnostic Tool IPDT before v4.1.0.27 have three vulnerabilities^Wbeginner's errors which all allow...
ADB Broadband Gateways / Routers - Local Root Jailbreak Vulnerability
Exploit for hardware platform in category local exploits title: Local root jailbreak via network file sharing flaw product: All ADB Broadband Gateways / Routers based on Epicentro platform vulnerable version: Hardware: ADB P.RG AV4202N, DV2210, VV2220, VV5522, etc. fixed version: see "Solution"...
ADB Broadband Gateways / Routers - Privilege Escalation Vulnerability
Exploit for hardware platform in category local exploits title: Privilege escalation via linux group manipulation product: All ADB Broadband Gateways / Routers based on Epicentro platform vulnerable version: Hardware: ADB P.RG AV4202N, DV2210, VV2220, VV5522, etc. fixed version: see "Solution"...
CMSMadeSimple 2.2.5 - Remote Code Execution Exploit
Exploit for php platform in category web applications Exploit Title: CMS Made Simple 2.2.5 authenticated Remote Code Execution Exploit Author: Mustafa Hasan @strukt93 Vendor Homepage: http://www.cmsmadesimple.org/ Software Link: http://www.cmsmadesimple.org/downloads/cmsms/ Version: 2.2.5 CVE:...
Apache PDFBox 1.8.14 / 2.0.10 Denial Of Service Vulnerability
Exploit for windows platform in category dos / poc CVE-2018-8036 DoS OOM Vulnerability in Apache PDFBox's AFMParser Severity: Important Vendor: The Apache Software Foundation Versions Affected: Apache PDFBox 1.8.0 to 1.8.14 Apache PDFBox 2.0.0 to 2.0.10 Earlier, unsupported Apache PDFBox versions...
Online Trade - Information Disclosure Vulnerability
Exploit for php platform in category web applications Exploit Title: Online Trade 1 - Information Disclosure Exploit Author: L0RD Vendor Homepage: https://codecanyon.net/item/online-trade-online-forex-and-cryptocurrency-investment-system/21987193?srank=14 CVE: CVE-2018-12908 Version: 1 Tested on:...
ShopNx - Arbitrary File Upload Vulnerability
Exploit for php platform in category web applications Exploit Title: ShopNx - Angular5 Single Page Shopping Cart Application 1 - Arbitrary File Upload Exploit Author: L0RD Email: email protected Vendor Homepage: http://codenx.com/ Version: 1 CVE: CVE-2018-12519 Tested on: Win 10...
ManageEngine Exchange Reporter Plus < Build 5311 - Remote Code Execution Exploit
ManageEngine Exchange Reporter Plus versions 5310 and below suffer from a remote code execution vulnerability. Exploit Title: ManageEngine Exchange Reporter Plus = 5310 Unauthenticated RCE Date: 28-06-2018 Software Link: https://www.manageengine.com/products/exchange-reports/ Exploit Author: Kacp...
NuCom NC-WR644GACV Unauthenticated Configuration File Download Vulnerability
NuCom NC-WR644GACV with software versions STA 005 and below suffer from a configuration file download vulnerability that allows for extraction of the administrative credentials. Overview ======== Researchers of NVEL4 Cybersecurity company have discovered that it is possible to access to the confi...
Microsoft Forefront Unified Access Gateway 2010 External DNS Interaction Vulnerability
Microsoft Forefront Unified Access Gateway 2010 allows remote attackers to trigger outbound DNS queries for arbitrary hosts via a comma-separated list of URLs in the origurl parameter, possibly causing a traffic amplification and/or SSRF outcome...
Linux/x86 - Execve /bin/cat /etc/passwd Shellcode (37 bytes)
/ Linux/x86 - execve /bin/cat /etc//passwd shellcode 37 bytes Author: Anurag Srivastava Tested on: i686 GNU/Linux Shellcode Length: 37 Greetz - Manish Kishan Tanwar,Kishan Sharma,Vardan,Himanshu,Ravi and Spirited w0lf Disassembly of section .text: 08048060 : 8048060: 29 c9 sub ecx,ecx 8048062: 51...
Geutebruck 5.02024 G-Cam/EFD-2250 - simple_loglistjs.cgi Remote Command Execution Exploit
This Metasploit module exploits a an arbitrary command execution vulnerability. The vulnerability exists in the /uapi-cgi/viewer/simpleloglistjs.cgi page and allows an anonymous user to execute arbitrary commands with root privileges. Firmware 'Geutebruck simpleloglistjs.cgi Remote Command...
Microsoft Windows Kernel (win32k.sys) Local Denial Of Service Vulnerability
Microsoft Windows Kernel win32k.sys suffers from a local denial of service null pointer vulnerability in NtUserConsoleControl. It is possible to trigger a BSOD caused by a Null pointer deference when calling the system call NtUserConsoleControl with the following arguments: -...
Dolibarr ERP CRM < 7.0.3 - PHP Code Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: Unauthenticated Remote Code Evaluation in Dolibarr ERP CRM =7.0.3 Exploit Author: om3rcitak - https://omercitak.com Vendor Homepage: https://dolibarr.org Software Link: https://github.com/Dolibarr/dolibarr Version: =7.0.3 Tested...
WeChat Pay SDK XXE Injection Vulnerability
Exploit for java platform in category web applications Title XXE in WeChat Pay Sdk WeChat leave a backdoor on merchant websites ------------------------------------------ Background aMobile payments surge to $9 trillion a year, changing how people shop, borrowaeven panhandlea, as WSJ.com once...
DAMICMS 6.0.0 - Cross-Site Request Forgery (Add Admin) Vulnerability
Exploit for php platform in category web applications...
VMware NSX SD-WAN Edge < 3.1.2 - Command Injection Exploit
Exploit for hardware platform in category web applications !/usr/bin/env python Exploit Title: Unauthenticated Command Injection vulnerability in VMware NSX SD-WAN by VeloCloud Exploit Author: paragonsec @ Critical Start Credit: Brian Sullivan from Tevora and Section 8 @ Critical Start Vendor...
ModSecurity 3.0.0 - Cross-Site Scripting Vulnerability
Exploit for linux platform in category web applications Exploit Title: ModSecurity 3.0.0 - Cross-Site Scripting Vendor Homepage: https://www.modsecurity.org Software: ModSecurity Category: Web Application Firewall Exploit Author: Adipta Basu Tested on: Mac OS High Sierra CVE: N/A Description:...
Core FTP LE 2.2 - Buffer Overflow Exploit
Exploit for windows platform in category web applications Exploit Title: Core FTP LE 2.2 - Buffer Overflow PoC Exploit Author: Berk Cem Göksel Vendor Homepage: http://www.coreftp.com/ Software Link: http://www.coreftp.com/download Version: Core FTP Client LE v2.2 Build 1921 Tested on: Windows 10...
SIPp 3.6 - Local Buffer Overflow Vulnerability
Exploit for linux platform in category dos / poc Exploit Title: SIPp 3.6 - Local Buffer Overflow PoC Exploit Author: Fakhri Zulkifli Vendor Homepage: http://sipp.sourceforge.net/ Software Link: https://github.com/SIPp/sipp/releases Version: 3.6-dev and earlier Tested on: 3.6-dev $ ./sipp -3pcc...
openslp 2.0.0 - Double-Free Exploit
Exploit for linux platform in category dos / poc ''' | | | | | | | || | | | | -| | . | . | | . | . | | | . | | -| | | | -| -| ||| || ||||||| || || ||| || 2018-06-28 SLPD DOUBLE FREE ================ CVE-2018-12938 An issue was found in openslp-2.0.0 that can be used to induce a double free bug or...
Boxoft WAV To MP3 Converter 1.1 Buffer Overflow Exploit
This Metasploit module exploits a stack buffer overflow in Boxoft WAV to MP3 Converter versions 1.0 and 1.1. By constructing a specially crafted WAV file and attempting to convert it to an MP3 file in the application, a buffer is overwritten, which allows for running shellcode. This module requir...
OX App Suite 7.8.4 XSS / XML Injection / Information Disclosure Vulnerabilities
OX App Suite version 7.8.5 suffers from XML external entity injection, information disclosure, and cross site scripting vulnerabilities. Product: OX App Suite Vendor: OX Software GmbH Internal reference: 58055 Bug ID Vulnerability type: XEE CWE-611 Vulnerable version: 7.8.4 Vulnerable component:...
Delta Industrial Automation COMMGR 1.08 - Stack Buffer Overflow Exploit
Exploit for hardware platform in category dos / poc Exploit Title: Delta Electronics Delta Industrial Automation COMMGR - Remote STACK-BASED BUFFER OVERFLOW Exploit Author: t4rkd3vilz Vendor Homepage: http://www.deltaww.com/ Software Link:...
extjs getTip() Cross Site Scripting Vulnerability
Exploit for jsp platform in category web applications A XSS vulnerability exists in the getTip method of Action Columns. The Ext JS framework brings no built-in XSS protection, meaning that developers are responsible for sanitizing their output. However. the method above takes HTML-escaped data a...
ntop-ng Authentication Bypass Vulnerability
Exploit for linux platform in category remote exploits Vulnerability title: ntop-ng 3.4.180617 - Authentication Bypass Author: Ioannis Profetis Contact: me at x86.re Vulnerable versions: 3.4.180617-4560 Fixed version: 3.4.180617 Link: ntop.org Date: 2.07.2018 CVE-2018-12520 Product Details ntopng...
Enhanced Mitigation Experience Toolkit (EMET) XML Injection Vulnerability
Exploit for windows platform in category remote exploits + Credits: John Page aka hyp3rlinx Vendor: ================ www.microsoft.com Product: =========== Enhanced Mitigation Experience Toolkit EMET Enhanced Mitigation Experience Toolkit is a freeware security toolkit for Microsoft Windows,...
TP-Link TL-WR841N V13 Cross Site Request Forgery Vulnerability
Exploit for hardware platform in category web applications Vulnerability: Cross-Site Request Forgery Affected Software: TP-Link TL-WR841N v13 Affected Version: 0.9.1 4.16 v0001.0 Build 180119 Rel.65243n Patched Version: None Overview The web interface of the router is vulnerable to CSRF. An...