Результаты поиска

Adive Framework 2.0.8 - Cross-Site Request Forgery (Change Admin Password) # Exploit Title: Adive Framework 2.0.8 - Cross-Site Request Forgery (Change Admin Password) # Exploit Author: Sarthak Saini # Date: 2020-01-18 # Vendor Link : https://www.adive.es/ # Software Link...

GTalk Password Finder 2.2.1 - 'Key' Denial of Service (PoC) # Exploit Title: GTalk Password Finder 2.2.1 - 'Key' Denial of Service (PoC) # Exploit Author: Ismail Tasdelen # Exploit Date: 2020-01-16 # Vendor Homepage : http://www.nsauditor.com/ # Link Software ...

Plantronics Hub 3.13.2 - SpokesUpdateService Privilege Escalation (Metasploit) ## # This module requires Metasploit: https://metasploit.com/download # Current source: https://github.com/rapid7/metasploit-framework ## class MetasploitModule < Msf::Exploit::Local Rank = ExcellentRanking...

Netgear - 'TelnetEnable' Magic Packet (Metasploit) ## # This module requires Metasploit: https://metasploit.com/download # Current source: https://github.com/rapid7/metasploit-framework ## class MetasploitModule < Msf::Exploit::Remote Rank = ExcellentRanking include...

WeChat - Memory Corruption in CAudioJBM::InputAudioFrameToJBM There is a memory corruption vulnerability in audio processing during a voice call in WeChat. When an RTP packet is processed, there is a call to UnpacketRTP. This function decrements the length of the packet by 12 without checking...

Android - ashmem Readonly Bypasses via remap_file_pages() and ASHMEM_UNPIN This bug report describes two ways in which an attacker can modify the contents of a read-only ashmem fd. I'm not sure at this point what the most interesting user of ashmem is in the current Android release, but there...

Barco WePresent - file_transfer.cgi Command Injection (Metasploit) ## # This module requires Metasploit: https://metasploit.com/download # Current source: https://github.com/rapid7/metasploit-framework ## class MetasploitModule < Msf::Exploit::Remote Rank = ExcellentRanking include...

Advanced System Repair Pro 1.9.1.7 - Insecure File Permissions # Exploit Title: Advanced System Repair Pro 1.9.1.7 - Insecure File Permissions # Exploit Author: ZwX # Exploit Date: 2020-01-12 # Vendor Homepage : https://advancedsystemrepair.com/ # Software Link...

SpotOutlook 1.2.6 - 'Name' Denial of Service (PoC) # Exploit Title: SpotOutlook 1.2.6 - 'Name' Denial of Service (PoC) # Exploit Author: Ismail Tasdelen # Exploit Date: 2020-01-06 # Vendor Homepage : http://www.nsauditor.com/ # Link Software ...

VPN unlimited 6.1 - Unquoted Service Path # Exploit Title: VPN unlimited 6.1 - Unquoted Service Path # Date: 2020-1-13 # Exploit Author: Amin Rawah # Vendor Homepage: https://www.vpnunlimitedapp.com # Version: 6.1 # Tested on: Windows 10 64bit C:\Users\Amin>sc qc VPNUnlimitedService [SC]...

TotalAV 2020 4.14.31 - Privilege Escalation # Exploit Title: TotalAV 2020 4.14.31 - Privilege Escalation # Date: 2020-01-09 # Exploit Author: Kusol Watchara-Apanukorn # Vendor Homepage: https://www.totalav.com/ # Version: 4.14.31 # Fixed on: 5.3.35 # Tested on: Windows 10 x64 # CVE ...

Pandora 7.0NG - Remote Code Execution # Exploit Title: Pandora 7.0NG - Remote Code Execution # Date: 2019-11-14 # Exploit Author: Askar (@mohammadaskar2) # CVE: CVE-2019-20224 # Vendor Homepage: https://pandorafms.org/ # Software link...

SpotDialup 1.6.7 - 'Name' Denial of Service (PoC) # Exploit Title: SpotDialup 1.6.7 - 'Name' Denial of Service (PoC) # Exploit Author : Ismail Tasdelen # Exploit Date: 2020-01-06 # Vendor Homepage : http://www.nsauditor.com/ # Link Software ...

uWSGI < 2.0.17 - Directory Traversal # Exploit Title: uWSGI PHP Plugin Directory Traversal # Date: 01-03-2018 # Exploit Author: Marios Nicolaides - RUNESEC # Reviewers: Simon Loizides and Nicolas Markitanis - RUNESEC # Vendor Homepage: https://uwsgi-docs.readthedocs.io # Affected Software...

iSumsoft ZIP Password Refixer 3.1.1 - Buffer Overflow author = ''' ############################################## # Created: ScrR1pTK1dd13 # # Name: Greg Priest # # Mail...

JetBrains TeamCity 2018.2.4 - Remote Code Execution # Exploit Title: JetBrains TeamCity 2018.2.4 - Remote Code Execution # Date: 2020-01-07 # Exploit Author: Harrison Neal # Vendor Homepage: https://www.jetbrains.com/ # Software Link...

ZIP Password Recovery 2.30 - 'ZIP File' Denial of Service (PoC) # Exploit Title: ZIP Password Recovery 2.30 - 'ZIP File' Denial of Service (PoC) # Exploit Author : ZwX # Exploit Date: 2020-01-08 # Vendor Homepage : https://www.top-password.com/purchase.html # Link Software ...

Complaint Management System 4.0 - Remote Code Execution # Exploit Title: Complaint Management System 4.0 - Remote Code Execution # Exploit Author: Metin Yunus Kandemir # Vendor Homepage: https://phpgurukul.com/ # Software Link: https://phpgurukul.com/complaint-management-sytem/ # Version: v4.0...

Online Book Store 1.0 - Unauthenticated Remote Code Execution # Exploit Title: Online Book Store 1.0 - Unauthenticated Remote Code Execution # Google Dork: N/A # Date: 2020-01-07 # Exploit Author: Tib3rius # Vendor Homepage...

Django < 3.0 < 2.2 < 1.11 - Account Hijack EDB Note ~ Download: https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/47879.zip # django_cve_2019_19844_poc PoC for [CVE-2019-19844](https://www.djangoproject.com/weblog/2019/dec/18/security-releases/) # Requirements...

Job Portal 1.0 - Remote Code Execution # Exploit Title: Job Portal 1.0 - Remote Code Execution # Google Dork: N/A # Date: 2020-01-03 # Exploit Author: Tib3rius # Vendor Homepage: https://phpgurukul.com/job-portal-project/ # Software Link...

piSignage 2.6.4 - Directory Traversal # Exploit Title: piSignage 2.6.4 - Directory Traversal # Date: 2019-11-13 # Exploit Author: JunYeong Ko # Vendor Homepage: https://pisignage.com/ # Version: piSignage before 2.6.4 # Tested on: piSignage before 2.6.4 # CVE : CVE-2019-20354 Summary: The...

SpotIM 2.2 - 'Name' Denial Of Service # Exploit Title: SpotIM 2.2 - 'Name' Denial Of Service # Exploit Author : Ismail Tasdelen # Exploit Date: 2020-01-06 # Vendor Homepage : http://www.nsauditor.com/ # Link Software : http://www.nsauditor.com/downloads/spotim_setup.exe # Tested on OS: Windows...

Duplicate Cleaner Pro 4 - Denial of Service (PoC) # Exploit Title: Duplicate Cleaner Pro 4 - Denial of Service (PoC) # Date: 2020-01-05 # Vendor Homepage:https://www.digitalvolcano.co.uk/index.html # Software Link: https://www.digitalvolcano.co.uk/download/DuplicateCleanerPro4_setup.exe #...

Small CRM 2.0 - Authentication Bypass # Exploit Title: Small CRM 2.0 - Authentication Bypass # Google Dork: N/A # Date: 2020-01-02 # Exploit Author: FULLSHADE # Vendor Homepage: https://phpgurukul.com/ # Software Link: https://phpgurukul.com/small-crm-php/ # Version: V2.0 # Tested on: Windows...