39001 matches found
Brave Browser < 0.13.0 - long alert() argument Denial of Service Exploit
Exploit for windows platform in category dos / poc Exploit Title:Brave Browser...
Microsoft Windows - nt!NtQueryAttributesFile Kernel Stack Memory Disclosure Exploit
Exploit for windows platform in category dos / poc / We have discovered that the nt!NtQueryAttributesFile system call invoked with paths of certain kernel objects discloses uninitialized kernel stack memory to user-mode clients. The vulnerability affects Windows 7 to 10, 32/64-bit. The paths that...
Brave Browser < 0.13.0 - window.close(self) Denial of Service Exploit
Exploit for windows platform in category dos / poc Exploit Title:Brave Browser Brave Window Object Remote Denial of Service. Brave Window Object Remote Denial of Service Proof of Concept Click the below link to Trigger the Vulnerability.. Brave Window Object DoS Test POC 0day.today 2018-04-17...
Cobub Razor 0.8.0 SQL Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: Cobub Razor 0.8.0 SQL injection Vulnerability Exploit Author: Kyhvedni1/email [email protected]/4 Vendor Homepage: http://www.cobub.com/ Software Link: https://github.com/cobub/razor Version: 0.8.0 CVE : CVE-2018-8057 The...
Microsoft Windows - nt!NtQueryInformationTransactionManager (TransactionManagerRecoveryInformation)
Exploit for windows platform in category dos / poc / We have discovered that the nt!NtQueryInformationTransactionManager system call invoked with the TransactionManagerRecoveryInformation 4 information class may disclose uninitialized kernel pool memory to user-mode clients. The vulnerability...
Dell EMC ViPR Controller Information Exposure Vulnerability
Exploit for linux platform in category dos / poc DSA-2018-071: Dell EMC ViPR Controller Information Exposure Vulnerability Dell EMC Identifier: DSA-2018- 071 CVE Identifier: CVE-2018-1240 Severity: Medium Severity Rating: CVSS v3 Base Score: 5.4 AV:A/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H Affected...
Microsoft Windows Kernel (Windows 7 x86) - Local Privilege Escalation (MS17-017) Exploit
Exploit for windows platform in category local exploits include include include include pragma commentlib, "psapi.lib" define POCDEBUG 0 if POCDEBUG == 1 define POCDEBUGBREAK getchar elif POCDEBUG == 2 define POCDEBUGBREAK DebugBreak else define POCDEBUGBREAK endif CONST LONG maxTimes = 2000; CON...
Barco ClickShare CSE-200 Denial Of Service Vulnerability
Exploit for hardware platform in category dos / poc !/usr/bin/python Exploit Title: Barco ClickShare CSE-200 - Remote Denial of Service Date: 11-04-2018 Hardware Link: https://www.barco.com/de/product/clickshare-cse-200 Exploit Author: Florian Hauser Contact: florian DOT g DOT hauser AT gmail DOT...
Microsoft Windows - nt!NtQueryFullAttributesFile Kernel Stack Memory Disclosure Exploit
Exploit for windows platform in category dos / poc / We have discovered that the nt!NtQueryFullAttributesFile system call invoked with paths of certain kernel objects discloses uninitialized kernel stack memory to user-mode clients. The vulnerability affects Windows 7 to 10, 32/64-bit. The paths...
Microsoft Edge - OpenProcess() ACG Bypass Exploit
Exploit for windows platform in category dos / poc Each Edge Content process MicrosoftEdgeCP.exe needs to call SetProcessMitigationPolicy on itself to enable ACG. The callstack when this happens is: 00 KERNELBASE!SetProcessMitigationPolicy 01 MicrosoftEdgeCP!SetProcessDynamicCodePolicy+0xc0 02...
Microsoft Windows - nt!NtQueryVolumeInformationFile Kernel Stack Memory Disclosure Exploit
Exploit for windows platform in category dos / poc / We have discovered that the nt!NtQueryVolumeInformationFile system call invoked against certain kernel objects discloses uninitialized kernel stack memory to user-mode clients. The vulnerability affects Windows 10 32/64-bit; other versions were...
Microsoft Windows - nt!NtQueryVirtualMemory (Memory(Privileged)BasicInformation) Kernel 64-bit Stack
Exploit for windows platform in category dos / poc / We have discovered that the nt!NtQueryVirtualMemory system call invoked with the MemoryBasicInformation 0x0 and MemoryPrivilegedBasicInformation 0x8 information classes discloses uninitialized kernel stack memory to user-mode clients. The...
Microsoft Windows - nt!NtQuerySystemInformation (SystemPageFileInformation(Ex)) Kernel 64-bit Stack
Exploit for windows platform in category dos / poc / We have discovered that the nt!NtQuerySystemInformation system call invoked with the SystemPageFileInformation 0x12 and SystemPageFileInformationEx 0x90 information classes discloses uninitialized kernel stack memory to user-mode clients. The...
Joomla jDownloads 3.2.58 Component Cross Site Scripting Vulnerability
Exploit for php platform in category web applications Exploit Title: Joomla! Component jDownloads 3.2.58 - Cross Site Scripting Exploit Author: Sureshbabu Narvaneni Author Blog : http://nullnews.in Vendor Homepage: http://www.jdownloads.com/ Software Link:...
Microsoft Windows - nt!NtQueryInformationProcess (ProcessImageFileName) Kernel 64-bit Pool/Stack Mem
Exploit for windows platform in category dos / poc / We have discovered that the nt!NtQueryInformationProcess system call invoked with the ProcessImageFileName 0x1B information class discloses uninitialized kernel memory to user-mode clients. The vulnerability affects 64-bit versions of Windows 7...
Microsoft Windows - nt!NtQueryVirtualMemory (MemoryImageInformation) Kernel 64-bit Stack Memory Disc
Exploit for windows platform in category dos / poc / We have discovered that the nt!NtQueryVirtualMemory system call invoked with the MemoryImageInformation 0x6 information class discloses uninitialized kernel stack memory to user-mode clients. The vulnerability affects 64-bit versions of Windows...
Sophos Cyberoam UTM CR25iNG 10.6.3 MR-5 Insecure Direct Object Reference Vulnerability
Exploit for jsp platform in category web applications Exploit Title: Sophos Cyberoam UTM - Privilege Escalation Date: 31/08/2016 Exploit Author: Chintan Gurjar Frogy Vendor Homepage: http://www.sophos.com/ Software Link: https://www.cyberoam.com/downloads/datasheet/CR25iNG.html Version: Cyberoam...
AMD Plays.tv 1.27.5.0 - plays_service.exe Arbitrary File Execution Exploit
Exploit for windows platform in category local exploits http://support.amd.com/en-us/download?cmpid=CCCOffline - Click "Automatically Detect - Download Now" Installation Automatically Installs "Raptr, Inc Plays TV Service" OR https://plays.tv/download Target OS: Windows Any Privilege: SYSTEM Type...
Microsoft Window Manager (Windows 7 x86) - Menu Management Component UAF Privilege Elevation Exploit
Exploit for windows platform in category local exploits include include include include pragma commentlib, "psapi.lib" define POCDEBUG 0 if POCDEBUG == 1 define POCDEBUGBREAK getchar elif POCDEBUG == 2 define POCDEBUGBREAK DebugBreak else define POCDEBUGBREAK endif static PVOIDfastcall...
Microsoft Windows - CiSetFileCache TOCTOU Incomplete Fix Exploit
Exploit for windows platform in category dos / poc Windows: CiSetFileCache TOCTOU CVE-2017-11830 Incomplete Fix Platform: Windows 10 1709 including Win10S Class: Security Feature Bypass Summary: The fix for CVE-2017-11830 is insufficient to prevent a normal user application adding a cached signin...
CloudMe Sync 1.11.0 Local Buffer Overflow Exploit
Exploit for windows platform in category local exploits Exploit Title: Local Buffer Overflow on CloudMe Sync v1.11.0 Date: 08.03.2018 Vendor Homepage: https://www.cloudme.com/en Software Link: https://www.cloudme.com/downloads/CloudMe1110.exe Category: Local Exploit Discovery: Prasenjit Kanti Pau...
Zortam MP3 Media Studio 23.45 - Local Buffer Overflow (SEH) Exploit
Exploit for windows platform in category dos / poc !/usr/bin/python Title: Zortam Mp3 Media Studio Local Buffer Overflow SEH Author: Kevin McGuigan Twitter: @h3xagram Author Website: https://www.7elements.co.uk Vendor Website: http://www.zortam.com/ Version: 23.45 Tested on: Windows 7 32 bit Date...
Microsoft Windows Kernel (Windows 7 x86) - Local Privilege Escalation (MS16-039) Exploit
Exploit for windows platform in category local exploits include include include include pragma commentlib, "psapi.lib" define POCDEBUG 0 if POCDEBUG == 1 define POCDEBUGBREAK getchar elif POCDEBUG == 2 define POCDEBUGBREAK DebugBreak else define POCDEBUGBREAK endif static HBITMAP hBmpHunted = NUL...
D-Link DIR-615 Wireless Router - Persistent Cross Site Scripting Vulnerability
Exploit for hardware platform in category web applications Exploit Title: D-Link DIR-615 Wireless Router - Persistent Cross Site Scripting XSS Exploit Author: Sayan Chatterjee Vendor Homepage: http://www.dlink.co.in Hardware Link: http://www.dlink.co.in/products/?pid=678 Category: Hardware Wi-fi...
Drupal < 7.58 / < 8.3.9 / < 8.4.6 / < 8.5.1 Drupalgeddon2 Remote Code Execution Exploit
Exploit for php platform in category remote exploits This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Drupalgeddon2', 'Description' = %q CVE-2018-7600 / SA-CORE-2018-002 Drupal before 7.58, 8.x...
Microsoft Credential Security Support Provider - Remote Code Execution Vulnerability
Exploit for windows platform in category remote exploits credssp This is a poc code for exploiting CVE-2018-0886. It should be used for educational purposes only. It relies on a fork of the rdpy projecthttps://github.com/preempt/rdpy, allowing also credssp relay. Written by Eyal Karni, Preempt...
GNU Beep 1.3 - HoleyBeep Local Privilege Escalation Exploit
Exploit for linux platform in category local exploits !/usr/bin/env python3 E-DB Note https://gist.github.com/Arignir/0b9d45c56551af39969368396e27abe8/ec853f14afd6e86fb3f2efce2086e28f33039ddc E-DB Note https://sigint.sh//holeybeep This is an exploit for HoleyBeep. To use it, place any command you...
Joomla Convert Forms version 2.0.3 - Formula Injection (CSV Injection) Vulnerability
Exploit for php platform in category web applications Exploit Title: Joomla Extension Convert Forms version 2.0.3 - Formula Injection CSV Injection Google Dork: N/A Exploit Author: Jetty Sairam Software Link:...
MikroTik 6.41.4 - FTP daemon Denial of Service PoC
Exploit for linux platform in category dos / poc Title: MikroTik 6.41.4 Denial of service FTP daemon crash CVE: CVE-2018-10070 CWE: CWE-400 Exploit Author: Hosein Askari FarazPajohan Vendor HomePage: https://mikrotik.com/ Version : 6.41.4 Released 2018-Apr-05 | All Version Date: 13-05-2018...
Drupal < 7.58 / < 8.3.9 / < 8.4.6 / < 8.5.1 Drupalgeddon2 Remote Code Execution Exploit
Exploit for php platform in category web applications require 'net/http' Hans Topo ruby port from Drupalggedon2 exploit. Based on Vitalii Rudnykh exploit target = ARGV0 command = ARGV1 url = target + '/user/register?elementparents=account/mail/%23value&ajaxform=1&wrapperformat=drupalajax' shell =...
F5 BIG-IP 11.6 SSL Virtual Server - Ticketbleed Memory Disclosure Exploit
Exploit for hardware platform in category remote exploits -- coding: utf-8 -- !/usr/bin/python Exploit Title: Ticketbleed Google Dork: n/a Exploit Author: @0x00string Vendor Homepage: https://f5.com/ Software Link: https://support.f5.com/csp/article/K05121675 Version: see software link for versio...
IMP XForm 2.0 DatalifeEngine SQL Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: IMP XForm v2.0 DatalifeEngine Module SQL Injection Exploit Author: Hesam Bazvand Software Link: http://www.datalifeengine.ir/download/1396/IMP.XForm.v2.0.zip Tested on: Windows 10 / Kali Linux Category: WebApps Dork :...
SysGauge Pro 4.6.12 Local Buffer Overflow Exploit
Exploit for windows platform in category local exploits !/usr/bin/python Exploit Title : SysGauge Pro v4.6.12 - Local Buffer Overflow SEH Exploit Author : Hashim Jawad Twitter : @ihack4falafel Author Website : ihack4falafel.com Vendor Homepage : http://www.sysgauge.com/ Vulnerable Software :...
DVD X Player Standard 5.5.3.9 - Buffer Overflow Vulnerability
Exploit for windows platform in category local exploits Exploit Title: Buffer Overflow on DVD X Player Standard 5.5.3.9 Vendor Homepage: http://www.dvd-x-player.com Software Link: http://www.dvd-x-player.com/download/DVDXPlayerSetup- Standard.exe Category: Local SEH Based Exploit Credit: Prasenji...
WordPress File Upload Plugin 4.3.3 - Stored Cross Site Scripting Vulnerability
Exploit for php platform in category web applications Exploit Title: WordPress Plugin WordPress File Upload 4.3.3 - Stored XSS Exploit Author: ManhNho Vendor Homepage: https://www.iptanus.com/ Software Link: https://downloads.wordpress.org/plugin/wp-file-upload.zip Version: 4.3.3 Tested on: Windo...
Wordpress Activity Log 2.4.0 Plugin - Stored Cross Site Scripting Vulnerability
Exploit for php platform in category web applications Exploit Title : Activity Log Wordpress Plugin Stored Cross Site Scripting XSS Exploit Author : Stefan Broeder Vendor Homepage: https://pojo.me Software Link: https://wordpress.org/plugins/aryo-activity-log/ Version: 2.4.0 CVE : CVE-2018-8729...
Wordpress Relevanssi 3.5.12 / 3.6.0 SQL Injection Vulnerability
Exploit for php platform in category web applications Details ================ Software: Relevanssi Version: 3.5.12,3.6.0 Homepage: https://wordpress.org/plugins/relevanssi/ Advisory report: https://advisories.dxw.com/advisories/sqli-relevanssi/ CVE: Awaiting assignment CVSS: 8.5 High;...
WordPress Rating-Widget: Star Review System 2.8.9 Information Disclosure Vulnerability
WordPress Rating-Widget: Star Review System plugin version 2.8.9 suffers from an information disclosure vulnerability. Details ================ Software: Rating-Widget: Star Review System Version: 2.8.9 Homepage: https://wordpress.org/plugins/rating-widget/ Advisory report:...
WUZHI CMS 4.1.0 - Add Admin Account Cross-Site Request Forgery Vulnerability
Exploit for php platform in category web applications Exploit Title: WUZHI CMS 4.1.0 CSRF vulnerability add admin account Exploit Author: taoge Vendor Homepage: https://github.com/wuzhicms/wuzhicms Software Link: https://github.com/wuzhicms/wuzhicms Version: 4.1.0 CVE : CVE-2018-9926 An issue was...
WUZHI CMS 4.1.0 - Add User Account Cross-Site Request Forgery Vulnerability
Exploit for php platform in category web applications Exploit Title: WUZHI CMS 4.1.0 CSRF vulnerability add user account Exploit Author: taoge Vendor Homepage: https://github.com/wuzhicms/wuzhicms Software Link: https://github.com/wuzhicms/wuzhicms Version: 4.1.0 CVE : CVE-2018-9927 An issue was...
Google Chrome V8 JIT - LoadElimination::ReduceTransitionElementsKind Type Confusion
Exploit for multiple platform in category dos / poc / I think this commit has introduced the bug: https://chromium.googlesource.com/v8/v8.git/+/9884bc5dee488bf206655f07b8a487afef4ded9b Reduction LoadElimination::ReduceTransitionElementsKindNode node ... if objectmaps.containsZoneHandleSetsourcema...
WordPress Image Zoom 1.23 Plugin Denial Of Service Vulnerability
Exploit for php platform in category web applications Details ================ Software: WP Image Zoom Version: 1.23 Homepage: http://wordpress.org/plugins/wp-image-zoooom/ Advisory report: https://advisories.dxw.com/advisories/wp-image-zoom-dos/ CVE: Awaiting assignment CVSS: 7.5 High;...
WordPress File Upload Plugin 4.3.2 - Stored Cross Site Scripting Vulnerability
Exploit for php platform in category web applications Exploit Title: WordPress Plugin WordPress File Upload 4.3.2 - Stored XSS Date: 31/03/2018 Exploit Author: ManhNho Vendor Homepage: https://www.iptanus.com/ Software Link: https://downloads.wordpress.org/plugin/wp-file-upload.zip Version: 4.3.2...
Linux/x64 - x64 Assembly Shellcode (Generator)
!/usr/bin/env python Features: - Linux shellcode x64 assembly code generation - stack based smaller payload size - execve based - supports long commands meaning bigger than an x64 register - 64 bits - supports long parameters meaning bigger than an x64 register - 64 bits - one command only execve...
KYOCERA Multi-Set Template Editor 3.4 - Out-Of-Band XML External Entity Injection Vulnerability
Exploit for linux platform in category web applications Vendor: KYOCERA Corporation Product https://global.kyocera.com Affected version: 3.4.0906 Summary: KYOCERA Net Admin is Kyocera's unified device management software that uses a web-based platform to give network administrators easy and...
WordPress Google Drive 2.2 Plugin - Remote Code Execution Vulnerability
Exploit for php platform in category web applications Exploit Title: Plugin Google Drive for WordPress 2.2 – RCE – Unlik Exploit Author: Lenon Leite Vendor Homepage: https://wordpress.org/plugins/wp-google-drive/ Software Link: https://wordpress.org/plugins/wp-google-drive/ Contact:...
WooCommerce CSV-Importer-Plugin 3.3.6 - Remote Code Execution Vulnerability
Exploit for php platform in category web applications Exploit Title: Plugin Woocommerce CSV importer 3.3.6 – RCE – Unlink Date: 08/04/2018 Exploit Author: Lenon Leite Vendor Homepage: https://wordpress.org/plugins/woocommerce-csvimport/ Software Link:...
Buddypress Xprofile Custom Fields Type 2.6.3 - Remote Code Execution Exploit
Exploit for php platform in category web applications Exploit Title: Plugin Buddypress Xprofile Custom Fields Type 2.6.3 RCE – Unlink Date: 08/04/2018 Exploit Author: Lenon Leite Vendor Homepage: https://wordpress.org/plugins/buddypress-xprofile-custom-fields-type/ Software Link:...
iScripts SonicBB 1.0 - Reflected Cross-Site Scripting Vulnerability
Exploit for php platform in category web applications Exploit Title: iScripts SonicBB 1.0 - Reflected Cross-Site Scripting Exploit Author: ManhNho Vendor Homepage: https://www.iscripts.com Demo Page: https://www.demo.iscripts.com/sonicbb/demo/ Version: 1.0 Tested on: Windows 10 Category: Webapps...
KYOCERA Net Admin 3.4 - Cross Site Request Forgery - Add Admin Exploit
Exploit for linux platform in category web applications Vendor: KYOCERA Corporation Product https://global.kyocera.com Affected version: 3.4.0906 Summary: KYOCERA Net Admin is Kyocera's unified device management software that uses a web-based platform to give network administrators easy and...