39001 matches found
DigitalPersona 5.1.0.656 (DpHostW) - Unquoted Service Path Vulnerability
Exploit Title: DigitalPersona 5.1.0.656 'DpHostW' - Unquoted Service Path Discovery by: Teresa Q Vendor:DigitalPersona U. are U. One Touch Version: 5.1.0.656 Vulnerability Type: Unquoted Service Path Vendor Homepage : https://www.hidglobal.com/crossmatch Tested on OS: Windows 10 Home x64 es Analy...
Nidesoft 3GP Video Converter 2.6.18 - Local Stack Buffer Overflow Exploit
Exploit Title: Nidesoft 3GP Video Converter 2.6.18 - Local Stack Buffer Overflow Author: Felipe Winsnes Software Link: http://www.nidesoft.com/downloads/3gp-video-converter.exe Version: 2.6.18 Tested on: Windows 7 x86 Blog: https://whitecr0wz.github.io/ Proof of Concept: 1.- Run the python script...
Microsoft Windows Local Spooler Bypass Vulnerability
Windows: Local Spooler CVE-2020-1337 Bypass One way of exploiting this on Windows 10 2004 is to understand that FileNormalizedNameInformation will fail if the new path after the mount point is not under the root directory of the server. For example the admin$ share points to c:\windows. If you se...
SaltStack Salt REST API Arbitrary Command Execution Exploit
This Metasploit module exploits an authentication bypass and command injection in SaltStack Salt's REST API to execute commands as the root user. The following versions have received a patch: 2015.8.10, 2015.8.13, 2016.3.4, 2016.3.6, 2016.3.8, 2016.11.3, 2016.11.6, 2016.11.10, 2017.7.4, 2017.7.8,...
PowerPoint 2003/2007/2010 Silent Builder Exploit
The exploit allows you to convert EXE & JAR to .PPS its coded 100% from scratch and used by private method to assure a great stability and lasting FUD time. You are able to attach it to the most e-mail providers nowadays everyone uses Microsoft Office so it gives a huge chance of success. This...
WordPress File Manager 6.8 Remote Code Execution Exploit
The WordPress File Manager wp-file-manager plugin versions 6.0 through 6.8 allows remote attackers to upload and execute arbitrary PHP code because it renames an unsafe example elFinder connector file to have the .php extension. This, for example, allows attackers to run the elFinder upload or...
Rapid7 Metasploit Framework msfvenom APK Template Command Injection Exploit
This Metasploit module exploits a command injection vulnerability in Metasploit Framework's msfvenom payload generator when using a crafted APK file as an Android payload template. Affected includes Metasploit Framework versions 6.0.11 and below and Metasploit Pro versions 4.18.0 and below. This...
KMSpico (Service KMSELDI) 17.1.0.0 - Unquoted Service Path Vulnerability
Exploit Title: KMSpico 17.1.0.0 - 'Service KMSELDI' Unquoted Service Path Exploit Author : SamAlucard Vendor : KMSpico Version : ServiceKMS 17.1.0.0 Vendor Homepage : https://official-kmspico.com/ Tested on OS: Windows 7 Pro Analyze PoC : ============== C:\sc qc "Service KMSELDI" SC...
Winstep 18.06.0096 - (Xtreme Service) Unquoted Service Path Vulnerability
Exploit Title: Winstep 18.06.0096 - 'Xtreme Service' Unquoted Service Path Exploit Author : SamAlucard Vendor : Winstep Version : WsxService 18.06.0096 Vendor Homepage : https://www.winstep.net/xtreme.asp Tested on OS: Windows 7 Pro Analyze PoC : ============== C:\sc qc "Winstep Xtreme Service" S...
MEMU PLAY 3.7.0 - (MEmusvc) Unquoted Service Path Vulnerability
Exploit Title: MEMU PLAY 3.7.0 - 'MEmusvc' Unquoted Service Path Exploit Author : SamAlucard Vendor : Microvirt Version : Microvirt MEMU 3.7.0 Vendor Homepage : https://www.memuplay.com/ Tested on OS: Windows 10 Home Analyze PoC : ============== C:\Users\Sam Sanzsc qc "MEmusvc" SC...
IPTInstaller 4.0.9 - (PassThru Service) Unquoted Service Path Vulnerability
Exploit Title: IPTInstaller 4.0.9 - 'PassThru Service' Unquoted Service Path Exploit Author : SamAlucard Vendor : HTC Version : IPTInstaller 4.0.9 Vendor Homepage : https://www.htc.com/latam/ Tested on OS: Windows 7 Pro Analyze PoC : ============== C:\Users\DSAZ230sc qc "PassThru Service" SC...
iDeskService 3.0.2.1 - (iDeskService) Unquoted Service Path Vulnerability
Exploit Title: iDeskService 3.0.2.1 - 'iDeskService' Unquoted Service Path Discovery by: Leslie Lara Vendor Homepage: https://www.huawei.com/en/corporate-information Software Links : https://www.advanceduninstaller.com/iDesk-3021-ac22913ee90dd58ca897d1ddf3d62a8f-application.htm Tested Version:...
Realtek Andrea RT Filters 1.0.64.10 - (AERTSr64.EXE) Unquoted Service Path Vulnerability
Exploit Title: Realtek Andrea RT Filters 1.0.64.10 - 'AERTSr64.EXE' Unquoted Service Path Discovery by: Erika Figueroa Vendor Homepage: https://www.realtek.com/en/ Tested Version: 1.0.64.10 Vulnerability Type: Unquoted Service Path Tested on OS: Windows 8.1 x64 es Step to discover Unquoted Servic...
OKI sPSV Port Manager 1.0.41 - (sPSVOpLclSrv) Unquoted Service Path Vulnerability
Exploit Title: OKI sPSV Port Manager 1.0.41 - 'sPSVOpLclSrv' Unquoted Service Path Exploit Author: Julio Aviña Vendor Homepage: https://www.oki.com/ Software Link: https://www.oki.com/mx/printing/download/sPSV0100412270910.exe Software Version: 1.0.41 File Version: 1.4.2.0 Tested on: Windows 10 P...
Privacy Drive v3.17.0 - (pdsvc.exe) Unquoted Service Path Vulnerability
Exploit Title: Privacy Drive v3.17.0 - 'pdsvc.exe' Unquoted Service Path Exploit Author: Mohammed Alshehri Vendor Homepage: https://www.cybertronsoft.com/ Software Link: https://www.cybertronsoft.com/download/privacy-drive-setup.exe Version: Version 3.17.0 Build 1456 Tested on: Microsoft Windows...
Syncplify Server! 5.0.37 - (SMWebRestServicev5) Unquoted Service Path Vulnerability
Exploit Title: Syncplify.me Server! 5.0.37 - 'SMWebRestServicev5' Unquoted Service Path Exploit Author: Julio Aviña Vendor Homepage: https://www.syncplify.me/ Software Link: https://download.syncplify.me/SMServerSetup.exe Version: 5.0.37 Tested on: Windows 10 Pro x64 es Vulnerability Type: Unquot...
Magic Mouse 2 utilities 2.20 - (magicmouse2service) Unquoted Service Path Vulnerability
Exploit Title: Magic Mouse 2 utilities 2.20 - 'magicmouse2service' Unquoted Service Path Exploit Author : SamAlucard Vendor : Magic Utilities Pty Version : 64-bit 2.20 Vendor Homepage : https://magicutilities.net/magic-mouse/home Tested on OS: Windows 10 Home Analyze PoC : ============== C:\sc qc...
Canon Inkjet Extended Survey Program 5.1.0.8 - (IJPLMSVC.EXE) - Unquoted Service Path Vulnerability
Exploit Title: Canon Inkjet Extended Survey Program 5.1.0.8 - 'IJPLMSVC.EXE' - Unquoted Service Path Discovery by: Carlos Roa Vendor Homepage: https://www.usa.canon.com/internet/portal/us/home Tested Version: 5.1.0.8 Vulnerability Type: Unquoted Service Path Tested on OS: Windows 7 Professional 6...
HP WMI Service 1.4.8.0 - (HPWMISVC.exe) Unquoted Service Path Vulnerability
Exploit Title: HP WMI Service 1.4.8.0 - 'HPWMISVC.exe' Unquoted Service Path Discovery by: Jocelyn Arenas Vendor Homepage: https://www8.hp.com/mx/es/home.html Tested Version: 1.4.8.0 Vulnerability Type: Unquoted Service Path Tested on OS: Windows 10 Home x64 es Step to discover Unquoted Service...
HP Display Assistant x64 Edition 3.20 - (DTSRVC) Unquoted Service Path Vulnerability
Exploit Title: HP Display Assistant x64 Edition 3.20 - 'DTSRVC' Unquoted Service Path Exploit Author: Julio Aviña Vendor Homepage: https://www.portrait.com/ Software Link: https://www.portrait.com/dtune/hwp/enu/ Software Version: 3.20 File Version: 1.0.0.1 Tested on: Windows 10 Pro x64 es...
Genexus Protection Server 9.6.4.2 - (protsrvservice) Unquoted Service Path Vulnerability
Exploit Title: Genexus Protection Server 9.6.4.2 - 'protsrvservice' Unquoted Service Path Service Path Exploit Author : SamAlucard Vendor : Genexus Version : Genexus Protection Server 9.6.4.2 Software Link: https://www.genexus.com/en/developers/downloadcenter?data=;; Vendor Homepage :...
Motorola Device Manager 2.5.4 - (MotoHelperService.exe) Unquoted Service Path Vulnerability
Exploit Title: Motorola Device Manager 2.5.4 - 'MotoHelperService.exe' Unquoted Service Path Discovery by: Angel Canseco Vendor Homepage: https://motorola-device-manager.programas-gratis.net/descarga-completada Tested Version: 2.5.4 Vulnerability Type: Unquoted Service Path Tested on OS: Windows ...
Motorola Device Manager 2.5.4 - (ForwardDaemon.exe) Unquoted Service Path Vulnerability
Exploit Title: Motorola Device Manager 2.5.4 - 'ForwardDaemon.exe 'Unquoted Service Path Discovery by: Angel Canseco Vendor Homepage: https://motorola-device-manager.programas-gratis.net/gracias Tested Version: 2.5.4 Vulnerability Type: Unquoted Service Path Tested on OS: Windows 10 Pro x64 es St...
Motorola Device Manager 2.4.5 - (ForwardDaemon.exe) Unquoted Service Path Vulnerability
Exploit Title: Motorola Device Manager 2.4.5 - 'ForwardDaemon.exe ' Unquoted Service Path Discovery by: Angel Canseco Vendor Homepage: https://www.filehorse.com/es/descargar-motorola-device-manager/ Tested Version: 2.4.5 Vulnerability Type: Unquoted Service Path Tested on OS: Windows 10 Pro x64 e...
DiskBoss v11.7.28 - Multiple Services Unquoted Service Path Vulnerability
Exploit Title: DiskBoss v11.7.28 - Multiple Services Unquoted Service Path Exploit Author: Mohammed Alshehri Vendor Homepage: https://www.diskboss.com/ Software Link: https://www.diskboss.com/downloads.html Version: v11.7.28 Tested on: Microsoft Windows Server 2019 Standard 10.0.17763 N/A Build...
Deep Instinct Windows Agent 1.2.24.0 - (DeepNetworkService) Unquoted Service Path Vulnerability
Exploit Title: Deep Instinct Windows Agent 1.2.24.0 - 'DeepNetworkService' Unquoted Service Path Discovery by: Paulina Girón Vendor Homepage: https://www.deepinstinct.com/ Software Links :...
DigitalPersona 4.5.0.2213 - (DpHostW) Unquoted Service Path Vulnerability
Exploit Title: DigitalPersona 4.5.0.2213 - 'DpHostW' Unquoted Service Path Exploit Author : SamAlucard Vendor : DigitalPersona U. are U. One Touch Version : DigitalPersona Pro 4.5.0.2213 Vendor Homepage : https://www.hidglobal.com/crossmatch Tested on OS: Windows 10 Home Analyze PoC :...
RealTimes Desktop Service 18.1.4 - (rpdsvc.exe) Unquoted Service Path Vulnerability
Exploit Title: RealTimes Desktop Service 18.1.4 - 'rpdsvc.exe' Unquoted Service Path Discovery by: Erick Galindo Vendor Homepage: https://www.real.com/ Tested Version: 18.1.4 Vulnerability Type: Unquoted Service Path Tested on OS: Windows 7 Enterprise SP1 x64 es Step to discover Unquoted Service...
Chrome V8 Turbofan Type Confusion Exploit
V8: Turbofan fails to deoptimize code after map deprecation, leading to type confusion NOTE: We have evidence that the following bug is being used in the wild. Therefore, this bug is subject to a 7 day disclosure deadline. VULNERABILITY DETAILS When turbofan compiles code that performs a Map...
git-lfs Remote Code Execution Exploit
Proof of concept git-lfs remote code execution exploit written in Go. Affects Git, GitHub CLI, GitHub Desktop, Visual Studio, GitKraken, SmartGit, SourceTree, and more. / Go PoC exploit for git-lfs - Remote Code Execution RCE vulnerability CVE-2020-27955 git-lfs-RCE-exploit-CVE-2020-27955.go...
GovRAT 2.0 - FUD unknown RAT with special functions
This RAT was written by me and cannot be blocked. FUD tested with the strictest firewall policies. You are buying the source code + digital certificate to sign your files. I can also host the C&C for you for extra Functions: Access C&C with any browser. Compile C&C for Linux OR Windows. VALID...
Asterisk 17.6.0 / 17.5.1 Denial Of Service Exploit
Asterisk versions 17.5.1 and 17.6.0 were found vulnerability to a denial of service condition where Asterisk segfaults when receiving an INVITE flood over TCP. Asterisk crash due to INVITE flood over TCP - Fixed versions: 13.37.1, 16.14.1, 17.8.1, 18.0.1 - Enable Security Advisory:...
TP-Link WDR4300 - Remote Code Execution (Authenticated) Exploit
Exploit Title: TP-Link WDR4300 - Remote Code Execution Authenticated Date: 2020-08-28 Exploit Author: Patrik Lantz Vendor Homepage: https://www.tp-link.com/se/home-networking/wifi-router/tl-wdr4300/ Version: TL-WDR4300, N750 Wireless Dual Band Gigabit Router Tested on: Firmware version 3.13.33 an...
Amarok 2.8.0 - Denial of Service Exploit
Exploit Title: Amarok 2.8.0 - Denial-of-Service Exploit Author: FishballAndMeatball Vendor Homepage: https://amarok.kde.org/ Software link: https://community.kde.org/Amarok/GettingStarted/Download Version: Amarok 2.8.0 Tested on: Windows 10, Windows 7, Windows XP CVE: CVE-2020-13152 my $file=...
Quick N Easy FTP Service 3.2 - Unquoted Service Path Vulnerability
Exploit Title: Quick 'n Easy FTP Service 3.2 - Unquoted Service Path Discovery by: yunaranyancat Discovery Date: October 2020 Vendor Homepage: https://www.pablosoftwaresolutions.com/html/quickneasyftpservice.html Software Link : www.pablosoftwaresolutions.com/download.php?id=10 Tested Version: 3....
Cobian Backup Service Unquoted Service Path Vulnerability
Exploit Title: Cobian Backup Service sc qc CobianBackup11 SC QueryServiceConfig SUCCESS SERVICENAME: CobianBackup11 TYPE : 10 WIN32OWNPROCESS STARTTYPE : 2 AUTOSTART ERRORCONTROL : 1 Normal BINARYPATHNAME : C:\Program Files x86\Cobian Backup 11\cbService.exe LOADORDERGROUP : TAG : 0 DISPLAYNAME :...
Foxit Reader 9.7.1 - Remote Command Execution (Javascript API) Exploit
Exploit Title: Foxit Reader 9.7.1 - Remote Command Execution Javascript API Exploit Author: Nassim Asrir Vendor Homepage: https://www.foxitsoftware.com/ Description: Foxit Reader before 10.0 allows Remote Command Execution via the unsafe app.opencPDFWebPage JavaScript API which allows an attacker...
HealthMonitor 3.1 Unquoted Service Path Vulnerability
Exploit Title: HealthMonitor 3.1 - Unquoted Service Path Discovery by: yunaranyancat Vendor Homepage: https://sourceforge.net/projects/healthmonitor/ Software Link : https://sourceforge.net/projects/healthmonitor/files/HealthMonitor%20Application/3.1%20Stable/HealthMonitor3.1Stable.zip/download...
Foxit Reader 9.7.1 - Remote Command Execution (Javascript API) Exploit
Exploit Title: Foxit Reader 9.7.1 - Remote Command Execution Javascript API Exploit Author: Nassim Asrir Vendor Homepage: https://www.foxitsoftware.com/ Description: Foxit Reader before 10.0 allows Remote Command Execution via the unsafe app.opencPDFWebPage JavaScript API which allows an attacker...
Wondershare Dr.Fone 3.0.0 Unquoted Service Path Vulnerability
Exploit Title: Wondershare Dr.Fone DriverInstall.exe - "WsDrvInst" Unquoted Service Path Exploit Author: Andrea Intilangelo Vendor Homepage: https://www.wondershare.com Software Link: https://drfone.wondershare.com/ Version: 3.0.0 Tested on: Microsoft Windows 7sp2 x86/x64 CVE : CVE-2020-27992 -...
aptdaemon < 1.1.1 - File Existence Disclosure Exploit
Exploit Title: File Existence Disclosure in aptdaemon " sys.exit0 FILETOCHECK = sys.argv1 bus = dbus.SystemBus aptdbusobject = bus.getobject"org.debian.apt", "/org/debian/apt" aptdbusinterface = dbus.Interfaceaptdbusobject, "org.debian.apt" just use any valid .deb file trans = aptdbusi...
Facebook hidden profile data disclosure Exploit
This lets you gather a bunch of information, even if it is private. phone number, email, ip-address, birthday, etc. Material can automatically collect data and save, possible to connect a proxy list...
Program Access Controller v1.2.0.0 - (PACService.exe) Unquoted Service Path Vulnerability
Exploit Title: Program Access Controller v1.2.0.0 - 'PACService.exe' Unquoted Service Path Exploit Author: Mohammed Alshehri Vendor Homepage: https://www.gearboxcomputers.com/ Software Link: https://www.gearboxcomputers.com/files/ProgramAccessController.exe Version: 1.2.0.0 Tested on: Microsoft...
PackageKit < 1.1.13 - File Existence Disclosure Exploit
Exploit Title: File Existence Disclosure in PackageKit " sys.exit0 FILETOCHECK = sys.argv1 bus = dbus.SystemBus aptdbusobject = bus.getobject"org.freedesktop.PackageKit", "/org/freedesktop/PackageKit" aptdbusinterface = dbus.Interfaceaptdbusobject, "org.freedesktop.PackageKit" trans =...
Blueman < 2.1.4 - Local Privilege Escalation Vulnerability
Exploit Title: Local Privilege Escalation in Blueman 2.1.4 Exploit Author: Vaisha Bernard vbernard - at - eyecontrol.nl Vendor Homepage: https://github.com/blueman-project/blueman Software Link: https://github.com/blueman-project/blueman Version: 2.1.4 Tested on: Ubuntu 20.04 CVE: CVE-2020-15238 ...
Prey 1.9.6 - (CronService) Unquoted Service Path Vulnerability
Exploit Title: Prey 1.9.6 - "CronService" Unquoted Service Path Discovery by: Ömer Tuygun Discovery Date:16.10.2020 Vendor Homepage: https://preyproject.com/ Software Link: https://preyproject.com/download/ Tested Version: 1.9.6 Vulnerability Type: Unquoted Service Path Tested on OS: Windows 10 P...
EPSON 1.124 - (seksmdb.exe) Unquoted Service Path Vulnerability
Exploit Title: EPSON 1.124 - 'seksmdb.exe' Unquoted Service Path Discovery by: İsmail Önder Kaya Vendor Homepage: https://www.epson.co.uk/support?productID=10820&os=22driversandmanuals Tested Version: 1.124 Vulnerability Type: Unquoted Service Path Tested on OS: Windows 10 Pro x64 Step to discove...
IP Watcher v3.0.0.30 - (PACService.exe) Unquoted Service Path Vulnerability
Exploit Title: IP Watcher v3.0.0.30 - 'PACService.exe' Unquoted Service Path Exploit Author: Mohammed Alshehri Vendor Homepage: https://www.gearboxcomputers.com/ Software Link: https://www.gearboxcomputers.com/files/IPWatcherSetup.exe Version: 3.0.0.30 Tested on: Microsoft Windows 10 Education -...
Adtec Digital Multiple Products - Default Hardcoded Credentials Remote Root Vulnerability
Exploit Title: Adtec Digital Multiple Products - Default Hardcoded Credentials Remote Root Date: 2020-07-24 Exploit Author: LiquidWorm Software Link: https://www.adtecdigital.com / https://www.adtecdigital.com/support/documents-downloads Version: Multiple Adtec Digital Multiple Products - Default...
TDM Digital Signage PC Player 4.1 - Insecure File Permissions Vulnerability
Exploit Title: TDM Digital Signage PC Player 4.1 - Insecure File Permissions Exploit Author: LiquidWorm Software Link: https://www.tdmsignage.com / https://pro.sony/enNL/products/display-software/tdm-ds1y-tdm-ds3y Version: 4.1.0.4 Vendor: TDM Trending Digital Marketing Product web page:...