Результаты поиска

WordPress Plugin W3 Total Cache - Unauthenticated Arbitrary File Read (Metasploit) ## # This module requires Metasploit: https://metasploit.com/download # Current source: https://github.com/rapid7/metasploit-framework # ## class MetasploitModule < Msf::Auxiliary include Msf::Auxiliary::Report...

Microsoft Edge Chakra - Cross Context Use-After-Free <!-- 1. Background The CrossSite class is used for passing JavaScript variables across different contexts. Chakra is basically trying to wrap every variable being passed from a context to another context. The way it wraps an object is, first...

Skia and Firefox - Integer Overflow in SkTDArray Leading to Out-of-Bounds Write <!-- Skia bug report: https://bugs.chromium.org/p/skia/issues/detail?id=7674 Mozilla bug report: https://bugzilla.mozilla.org/show_bug.cgi?id=1441941 In Skia, SkTDArray stores length (fCount) and capacity...

D-Link DSL-2750B - OS Command Injection (Metasploit) ## # This module requires Metasploit: https://metasploit.com/download # Current source: https://github.com/rapid7/metasploit-framework ## class MetasploitModule < Msf::Exploit::Remote Rank = GreatRanking include...

Samsung Galaxy S7 Edge - Overflow in OMACP WbXml String Extension Processing OMACP is a protocol supported by many mobile devices which allows them to receive provisioning information over the mobile network. One way to provision a device is via a WAP push SMS message containing provisioning...

Online Matrimonial Project 1.0 - Authenticated Remote Code Execution # Exploit Title: Online Matrimonial Project 1.0 - Authenticated Remote Code Execution # Exploit Author: Valerio Alessandroni # Date: 2020-10-07 # Vendor Homepage: https://projectworlds.in/ # Software Link...

Oracle WebCenter Sites 11.1.1.8.0/12.2.1.x - Cross-Site Scripting # Exploit Title: Multiple XSS Oracle WebCenter Sites (FatWire Content Server) 7.x < 11gR1 # Dork: inurl:Satellite?c # Date: 18.12.201 # Exploit Author: Richard Alviarez # Vendor Homepage: http://oracle.com # Version: 7.x < 11gR1...

docPrint Pro 8.0 - 'Add URL' Buffer Overflow (SEH Egghunter) # Exploit Title: docPrint Pro 8.0 - 'Add URL' Buffer Overflow (SEH Egghunter) # Date: 2020-07-26 # Exploit Author: MasterVlad # Vendor Homepage: http://www.verypdf.com # Software Link: http://dl.verypdf.net/docprint_pro_setup.exe #...

SyncBreeze 10.0.28 - 'password' Remote Buffer Overflow # Exploit Title: SyncBreeze 10.0.28 - 'password' Remote Buffer Overflow # Date: 18-Sep-2020 # Exploit Author: Abdessalam king(A.salam) # Vendor Homepage: http://www.syncbreeze.com # Software Link...

Razer Chroma SDK Server 3.16.02 - Race Condition Remote File Execution Exploit Title: Razer Chroma SDK Server 3.16.02 - Race Condition Remote File Execution Date: 2020-08-13 Exploit Author: Loke Hui Yi Vendor Homepage: https://razerid.razer.com Software Link...

Boxoft Audio Converter 2.3.0 - '.wav' Buffer Overflow (SEH) # Exploit Title: Boxoft Audio Converter 2.3.0 - '.wav' Buffer Overflow (SEH) # Discovery by: Luis Martinez # Discovery Date: 2020-11-22 # Vendor Homepage: http://www.boxoft.com/ # Software Link...

ZeroShell 3.9.0 - 'cgi-bin/kerbynet' Remote Root Command Injection (Metasploit) ## # This module requires Metasploit: https://metasploit.com/download # Current source: https://github.com/rapid7/metasploit-framework ## class MetasploitModule < Msf::Exploit::Remote Rank = NormalRanking...

WonderCMS 3.1.3 - 'content' Persistent Cross-Site Scripting # Exploit Title: WonderCMS 3.1.3 - 'content' Persistent Cross-Site Scripting # Date: 20-11-2020 # Exploit Author: Hemant Patidar (HemantSolo) # Vendor Homepage: https://www.wondercms.com/ # Version: 3.1.3 # Tested on: Windows 10/Kali...

Free MP3 CD Ripper 2.8 - Multiple File Buffer Overflow (Metasploit) ## # This module requires Metasploit: https://metasploit.com/download # Current source: https://github.com/rapid7/metasploit-framework ## class MetasploitModule < Msf::Exploit::Remote Rank = ExcellentRanking include...

Boxoft Convert Master 1.3.0 - 'wav' SEH Local Exploit # Exploit Title: Boxoft Convert Master 1.3.0 - 'wav' SEH Local Exploit # Date: 17.09.2020 # Vendor Homepage: http://www.boxoft.com/ # Software Link: http://www.boxoft.com/convert-master/setup(boxoft-conver=t-master).exe # Exploit Author...

AMD / ARM / Intel - Speculative Execution Variant 4 Speculative Store Bypass /* ======== Intro / Overview ======== After Michael Schwarz made some interesting observations, we started looking into variants other than the three already-known ones. I noticed that Intel's Optimization Manual...

Linux 4.4.0 < 4.4.0-53 - 'AF_PACKET chocobo_root' Local Privilege Escalation (Metasploit) ## # This module requires Metasploit: https://metasploit.com/download # Current source: https://github.com/rapid7/metasploit-framework ## class MetasploitModule < Msf::Exploit::Local Rank = GoodRanking...

Microsoft Windows - 'POP/MOV SS' Privilege Escalation Demo exploitation of the POP SS vulnerability (CVE-2018-8897), leading to unsigned code execution with kernel privilages. - KVA Shadowing should be disabled and the relevant security update should be uninstalled. - This may not work with...

Linux 2.6.30 < 2.6.36-rc8 - Reliable Datagram Sockets (RDS) Privilege Escalation (Metasploit) ## # This module requires Metasploit: https://metasploit.com/download # Current source: https://github.com/rapid7/metasploit-framework ## class MetasploitModule < Msf::Exploit::Local Rank =...

Bludit 3.9.2 - Authentication Bruteforce Bypass (Metasploit) ## # This module requires Metasploit: https://metasploit.com/download # Current source: https://github.com/rapid7/metasploit-framework ## class MetasploitModule < Msf::Auxiliary include Msf::Exploit::Remote::HttpClient...