39001 matches found
Joomla JEXTN Reverse Auction 3.1.0 Component - SQL Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: Joomla! Component JEXTN Reverse Auction 3.1.0 - SQL Injection Dork: N/A Date: 01.02.2018 Vendor Homepage: http://jextn.com/ Software Link:...
Fancy Clone Script - search_browse_product SQL Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: Fancy Clone Script - 'searchbrowseproduct' SQL Injection Exploit Author: 8bitsec Vendor Homepage: https://pofitec.com/ Software Link: https://pofitec.com/fancy-clone-script.php Version: 1.0 Tested on: Kali Linux 2.0 | Mac OS...
Joomla Jimtawl 2.1.6 Component - Arbitrary File Upload Vulnerability
Exploit for php platform in category web applications Exploit Title: Joomla! Component Jimtawl 2.2.5 - Arbitrary File Upload Dork: N/A Vendor Homepage: http://janguo.de/ Software Link: https://extensions.joomla.org/extensions/extension/multimedia/streaming-a-broadcasting/jimtawl/ Software Downloa...
Joomla JEXTN Membership 3.1.0 Component - usr_plan SQL Injection Exploit
Exploit for php platform in category web applications 0day.today 2018-04-11...
Oracle Hospitality Simphony (MICROS) 2.7 < 2.9 - Directory Traversal Exploit
Exploit for multiple platform in category web applications Exploit Title: Oracle Hospitality Simphony MICROS directory traversal Exploit Author: Dmitry Chastuhin https://twitter.com/chipik Vendor Homepage: http://www.oracle.com/ Version: 2.7, 2.8 and 2.9 Tested on: Win, nix CVE : CVE-2018-2636...
Joomla JE PayperVideo 3.0.0 Component - usr_plan SQL Injection Exploit
Exploit for php platform in category web applications 0day.today 2018-04-12...
Advance Loan Management System - id SQL Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: Advance Loan Management System - 'id' SQL Injection Exploit Author: 8bitsec Vendor Homepage: https://codecanyon.net/ Software Link:...
Sync Breeze Enterprise 10.4.18 - Remote Buffer Overflow (SEH) Exploit
Exploit for windows platform in category remote exploits Exploit Title: Sync Breeze Enterprise v10.4.18 Server - Unauthenticated Remote Buffer Overflow SEH Exploit Author: Daniel Teixeira Vendor Homepage: http://www.syncbreeze.com Software Link:...
WordPress Propertyhive 1.4.14 Cross Site Scripting Vulnerability
WordPress Propertyhive plugin version 1.4.14 suffers from a cross site scripting vulnerability. WordPress Propertyhive 1.4.14 Cross Site Scripting Vulnerability Vulnerable Propertyhive 1.4.14 Propertyhive is prone to a stored cross-site scripting vulnerability because it fails to sufficiently...
WebKit - WebCore::FrameView::clientToLayoutViewportPoint Use-After-Free Exploit
Exploit for multiple platform in category dos / poc function jsfuzzer var b = document.createElement"body"; a.appendb; ta.autofocus = true; var iframe = document.createElement"iframe"; b.appendChildiframe; li.appendChilddd; iframe.contentDocument.caretRangeFromPoint; function eventhandler...
LibRaw 0.18.7 Denial Of Service Vulnerability
Exploit for linux platform in category dos / poc LibRaw 0.18.7 Denial Of Service Vulnerability ====================================================================== 1 Affected Software LibRaw versions prior to 0.18.7. ====================================================================== 2...
WebKit - detachWrapper Use-After-Free Exploit
Exploit for multiple platform in category dos / poc ::detachWrapper /Users/projectzero/webkit/WebKit/WebKitBuild/Release...
IPSwitch MoveIt 9.4 Cross Site Scripting Vulnerability
Exploit for asp platform in category web applications Exploit Title: IPSwitch MoveIt Stored Cross Site Scripting XSS Software Link: https://www.ipswitch.com/moveit Affected Version: 8.1-9.4 only confirmed on 8.1 but other versions prior to 9.5 may also be vulnerable Exploit Author: email protecte...
BMC Server Automation RSCD Agent - NSH Remote Command Execution Exploit
This Metasploit module exploits a weak access control check in the BMC Server Automation RSCD agent that allows arbitrary operating system commands to be executed without authentication. Note: Under Windows, non-powershell commands may need to be prefixed with 'cmd /c'. This module requires...
systemd (systemd-tmpfiles) < 236 - fs.protected_hardlinks=0 Local Privilege Escalation Vulnerabil
Exploit for linux platform in category local exploits Product: systemd systemd-tmpfiles Versions-affected: 236 and earlier Author: Michael Orlitzky Fixed-in: commit 5579f85 , version 237 Bug-report: https://github.com/systemd/systemd/issues/7736 Acknowledgments: Lennart Poettering who, instead of...
Sprecher Automation SPRECON-E-C / PU-2433 Traversal / DoS
Sprecher Automation SPRECON-E-C and PU-2433 versions prior to 8.49 suffer from directory traversal, missing authentication, broken authentication, and denial of service vulnerabilities. ======================================================================= title: Sprecher Automation SPRECON-E-C ...
Joomla CP Event Calendar 3.0.1 Component - id SQL Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: Joomla! Component CP Event Calendar 3.0.1 - SQL Injection Dork: N/A Date: 30.01.2018 Vendor Homepage: http://www.joomlacalendars.com/ Software Link:...
Joomla Visual Calendar 3.1.3 Component - id SQL Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: Joomla! Component Visual Calendar 3.1.3 - SQL Injection Dork: N/A Date: 30.01.2018 Vendor Homepage: http://www.joomlacalendars.com/ Software Link:...
LabF nfsAxe 3.7 TFTP Client - Local Buffer Overflow Exploit
Exploit for windows platform in category dos / poc !/usr/bin/python Exploit Author: Miguel Mendez Z Exploit Title: LabF nfsAxe v3.7 - TFTP "Input Directory" Local Buffer Overflow Date: 29-01-2018 Software: LabF nfsAxe Version: v3.7 Vendor Homepage: http://www.labf.com Software Link:...
BMC BladeLogic RSCD Agent 8.3.00.64 - Windows Users Disclosure Exploit
Exploit for windows platform in category web applications Exploit Title: BMC BladeLogic RSCD agent get Windows users Filename: BMCwinUsers.py Github: https://github.com/bao7uo/bmcbladelogic Date: 2018-01-27 Exploit Author: Paul Taylor / Foregenix Ltd Website: http://www.foregenix.com/blog Version...
HPE iMC 7.3 - RMI Java Deserialization Exploit
Exploit for windows platform in category remote exploits Exploit Title: HPE iMC 7.3 Java RMI Registry Deserialization RCE Vulnerability Exploit Author: Chris Lyne @lynerc Vendor Homepage: www.hpe.com Software Link:...
Advantech WebAccess < 8.3 - SQL Injection Exploit
Exploit for windows platform in category web applications !/usr/bin/python2.7 Exploit Title: Advantech WebAccess BWSCADARest Login Method SQL Injection Authentication Bypass Vulnerability Date: 01-13-2018 Exploit Author: Chris Lyne @lynerc Vendor Homepage: www.advantech.com Software Link:...
System Shield 5.0.0.136 - Privilege Escalation Exploit
Exploit for windows platform in category local exploits / Exploit Title - System Shield AntiVirus & AntiSpyware Arbitrary Write Privilege Escalation Date - 29th January 2018 Discovered by - Parvez Anwar @parvezghh Vendor Homepage - http://www.iolo.com/ Tested Version - 5.0.0.136 Driver Version -...
Joomla Picture Calendar for Joomla 3.1.4 Component - Directory Traversal Vulnerability
Exploit for php platform in category web applications Exploit Title: Joomla! Component Picture Calendar for Joomla 3.1.4 - Directory Traversal Dork: N/A Date: 30.01.2018 Vendor Homepage: http://www.joomlacalendars.com/ Software Link:...
macOS - sysctl_vfs_generic_conf Stack Leak Through Struct Padding Exploit
Exploit for macOS platform in category dos / poc / The sysctls vfs.generic.conf. are handled by sysctlvfsgenericconf, which is implemented as follows: static int sysctlvfsgenericconf SYSCTLHANDLERARGS int name, namelen; struct vfstable vfsp; struct vfsconf vfsc; voidoidp; name = arg1; namelen =...
Oracle WebLogic - wls-wsat Component Deserialization Remote Code Execution Exploit
The Oracle WebLogic WLS WSAT component is vulnerable to an XML deserialization remote code execution vulnerability. Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0, 12.2.1.1.0 and 12.2.1.2.0...
Arq 5.10 - Local Privilege Escalation Exploit (1)
Exploit for macOS platform in category local exploits !/usr/bin/env ruby Arq USE AT YOUR OWN RISK - THIS WILL OVERWRITE THE ROOT USER'S CRONTAB! $binarytarg...
Arq 5.10 - Local Privilege Escalation Exploit (2)
Exploit for macOS platform in category local exploits !/bin/bash Arq payload.sh EOF !/bin/bash rm -rf $HOME/.arq510privescexp while : do pid=\ps auxwww |grep '$app/Contents/MacOS/Arq' |grep -v grep |xar...
Joomla JS Support Ticket 1.1.0 Component - Cross-Site Request Forgery Vulnerability
Exploit for php platform in category web applications CODE input type="hidden" name="task" id="task" value="sa...
Artifex MuJS 1.0.2 - Integer Overflow Exploit
Exploit for multiple platform in category dos / poc Exploit Title: DoS caused by the interactive call between two functions Date: 2018-01-16 Exploit Author: Andrea Sindoni - @invictus1306 Vendor: Artifex https://www.artifex.com/ Software Link: https://github.com/ccxvii/mujs Version: Mujs -...
TSiteBuilder 1.0 - SQL Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: TSiteBuilder 1.0 - SQL Injection Dork: N/A Date: 27.01.2018 Vendor Homepage: http://www.datacomponents.net/ Software Link: http://www.datacomponents.net/products/website/ Version: 1.0 Category: Webapps Tested on:...
PACSOne Server 6.6.2 DICOM Web Viewer - Directory Trasversal Vulnerability
Exploit for php platform in category web applications Exploit Title: PACSOne Server 6.6.2 DICOM Web Viewer Directory Trasversal / Local File Inclusion Software Link: http://www.pacsone.net/download.htm Google Dork: inurl:pacs/login.php inurl:pacsone/login.php inurl:pacsone filetype:php home...
Multilanguage Real Estate MLM Script 3.0 - srch SQL Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: Multilanguage Real Estate MLM Script = 3.0 - SQL Injection Dork: N/A Vendor Homepage: http://www.phpscriptsmall.com/ Software Link:...
KeystoneJS < 4.0.0-beta.7 - Cross-Site Request Forgery Vulnerability
Exploit for jsp platform in category web applications Exploit Title: Application wide CSRF Bypass Date: Sep, 2017 Exploit Author: Saurabh Banawar Vendor Homepage: http://keystonejs.com/ Software Link: https://github.com/keystonejs/keystone Version: 4.0.0 Tested on: Windows 8.1 CVE : 2017-16570...
Buddy Zone 2.9.9 - SQL Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: Vastal I-Tech Facebook Clone 2.9.9 - SQL Injection Dork: N/A Vendor Homepage: http://vastal.com/ Software Link: http://vastal.com/buddy-zone-social-networking-script.html Version: 2.9.9 Category: Webapps Tested on:...
Linux/ARM - Reverse TCP (192.168.1.1:4444/TCP) Shell (/bin/sh) Null Free Shellcode (80 bytes)
/ Title: Linux/ARM - Reverse Shell TCP /bin/sh. Null free shellcode 80 bytes Date: 2018-01-25 Tested: armv7l Raspberry Pi v3 Author: rtmcx - twitter: @rtmcx / .section .text .global start start: / Enter Thumb mode / .ARM add r3, pc, 1 bx r3 .THUMB / Create a new socket/ mov r0, 2 // PFINET = 2 mo...
Linux/x86 - Egghunter Shellcode (12 Bytes)
/ Title: Linux/x86 - EggHunter Shellcode 12 Bytes Description: Smallest Null-Free Egg Hunter Shellcode - 12 Bytes Date : 14/Jan/2018 Author: Nipun Jaswal @nipunjaswal ; SLAE-1080 Details: 1. Works with an executable EGG 2. Make sure you clear EDX, EAX registers in the shellcode before any other...
Task Rabbit Clone 1.0 - id SQL Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: Task Rabbit Clone 1.0 - SQL Injection Dork: N/A Vendor Homepage: http://migrateshop.com/ Software Link: http://migrateshop.com/product/task-rabbit-clone-php-script/ Version: 1.0 Category: Webapps Tested on: WiN7x64/KaLiLinuXx64...
Gnew 2018.1 - Cross-Site Request Forgery Vulnerability
Exploit for php platform in category web applications Exploit Title: Gnew 2018.1 - Cross-Site Request Forgery Exploit Author: Cyril Vallicari / HTTPCS - ZIWIT Vendor website : http://gnew.xyz/ Software download : http://www.gnew.xyz/pages/download.php Version: 2018.1 Tested on: Windows 10 Home x6...
Hot Scripts Clone - subctid SQL Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: Hot Scripts Clone Script 1.0 - SQL Injection Dork: N/A Vendor Homepage: http://www.phpscriptsmall.com/ Software Link: http://www.exclusivescript.com/product/M72g4502563/php-scripts/hot-scripts-clone-:-script-classified Version:...
Trend Micro Threat Discovery Appliance 2.6.1062r1 Remote Code Execution Exploit
Exploit for linux platform in category remote exploits !/usr/local/bin/python """ Trend Micro Threat Discovery Appliance /opt/TrendMicro/MinorityReport/bin/ Then, all we do is create /engptnstores/prod/sensorSDK/data/si/dlpkill.sh with malicious code and get it executed... Notes: ====== - For thi...
PACSOne Server 6.6.2 DICOM Web Viewer - SQL Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: PACSOne Server 6.6.2 DICOM Web Viewer SQL Injection Software Link: http://www.pacsone.net/download.htm Version: PACSOne Server 6.6.2 Exploit Author: Carlos Avila Google Dork: inurl:pacs/login.php inurl:pacsone/login.php...
Nexpose < 6.4.66 - Cross-Site Request Forgery Vulnerability
Exploit for php platform in category web applications Exploit Title: Cross Site Request Forgery at Nexpose Automated Actions Exploit Author: Shwetabh Vishnoi Link: https://www.linkedin.com/in/shwetabhvishnoi Vendor Homepage: https://www.rapid7.com/ Software Link:...
Joomla Jtag Members Directory 5.3.7 Component - Arbitrary File Download Vulnerability
Exploit for php platform in category web applications Exploit Title: Joomla! Component Jtag Members Directory 5.3.7 - Arbitrary File Download Dork: N/A Date: 27.01.2018 Vendor Homepage: https://joomlatag.com/ Software Link:...
Netis WF2419 Router - Cross-Site Request Forgery Vulnerability
Exploit for hardware platform in category web applications Exploit Title: Netis-WF2419 Router Cross-Site Request Forgery CSRF Exploit Author: Sajibe Kanti Author Contact: https://twitter.com/@sajibekantibd Vendor Homepage: http://www.netis-systems.com/ Version: Netis-WF2419, V2.2.36123 Tested on:...
Artifex MuJS 1.0.2 - Denial of Service Exploit
Exploit for multiple platform in category dos / poc The jsstrtod function in jsdtoa.c in Artifex MuJS through 1.0.2 has an integer overflow because of incorrect exponent validation. Exploit Title: Integer signedness error leading to Out-of-bounds read that causes crash Date: 2018-01-24 Exploit...
ManageEngine EventLog Analyzer - Multiple Vulnerabilities (2)
Exploit for multiple platform in category web applications Multiple vulnerabilities in ManageEngine EventLog Analyzer Discovered by Pedro Ribeiro email protected, Agile Information Security ========================================================================== Disclosure: 05/11/2014 / Last...
WebKitGTK+ Memory Corruption / Spoofing / Code Execution Vulnerabilities
WebKitGTK+ versions 2.18.x suffer from various memory corruption, user interface spoofing, and code execution vulnerabilities. WebKitGTK+ Memory Corruption / Spoofing / Code Execution Vulnerabilities Advisory URL : https://webkitgtk.org/security/WSA-2018-0002.html CVE identifiers : CVE-2018-4088,...
Linux/x86 - Disable ASLR Security + Obfuscated Shellcode (23 bytes)
;Title : Linux/x86 - Disable ASLR Security obfuscated shellcode - 23 bytes ;Date : 24 Jan 2018 ;Author : 0xAlaufi ;Tested on : Linux/x86 Ubuntu 12.04.5 global start section .text start: jmp zero2 zero18: mov al,0x4 jmp zero19 zero1a: mov al,0x6 jmp zero1b zeroc: push 0x72702f2f jmp zerod zero12:...
ManageEngine Desktop Central - Create Administrator Vulnerability
Exploit for multiple platform in category web applications Administrator account creation in ManageEngine Desktop Central / Desktop Central MSP Discovered by Pedro Ribeiro email protected, Agile Information Security =================================================================================...