Результаты поиска

Google Android - 'cfp_ropp_new_key_reenc' / 'cfp_ropp_new_key' RKP Memory Corruption Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=979 As part of Samsung KNOX, Samsung phones include a security hypervisor called RKP (Real-time Kernel Protection), running in EL2. This...

Dokany 1.2.0.1000 - Stack-Based Buffer Overflow Privilege Escalation /* Exploit Title - Dokany Stack-based Buffer Overflow Privilege Escalation Date - 14th January 2019 Discovered by - Parvez Anwar (@parvezghh) Vendor Homepage - http://dokan-dev.github.io Tested Version -...

Netgear Routers - Password Disclosure Trustwave SpiderLabs Security Advisory TWSL2017-003: Multiple Vulnerabilities in NETGEAR Routers Published: 01/30/2017 Version: 1.0 Vendor: NETGEAR (http://www.netgear.com/) Product: Multiple products Finding 1: Remote and Local Password Disclosure...

Real Estate Custom Script 2.0 - SQL Injection # Exploit Title: Real Estate Custom Script 2.0 - SQL Injection # Dork: N/A # Date: 2019-01-14 # Exploit Author: Ihsan Sencan # Vendor Homepage: http://ocsolutions.co.in/ # Software Link...

Job Portal Platform 1.0 - SQL Injection # Exploit Title: Job Portal 1.0 - SQL Injection # Dork: N/A # Date: 2019-01-14 # Exploit Author: Ihsan Sencan # Vendor Homepage: http://ocsolutions.co.in/ # Software Link...

HelpDeskZ < 1.0.2 - (Authenticated) SQL Injection / Unauthorized File Download ''' # Exploit Title: HelpDeskZ <= v1.0.2 - Authenticated SQL Injection / Unauthorized file download # Google Dork: intext:"Help Desk Software by HelpDeskZ", inurl:?v=submit_ticket # Date: 2017-01-30 # Exploit...

Find a Place CMS Directory 1.5 - SQL Injection # Exploit Title: Locations CMS 1.5 - SQL Injection # Dork: N/A # Date: 2019-01-13 # Exploit Author: Ihsan Sencan # Vendor Homepage: https://themerig.com/ # Software Link...

HealthNode Hospital Management System 1.0 - SQL Injection # Exploit Title: HealthNode Hospital Management System 1.0 - SQL Injection # Dork: N/A # Date: 2019-01-13 # Exploit Author: Ihsan Sencan # Vendor Homepage: http://sunriseservices.biz/ # Software Link...

Modern POS 1.3 - Arbitrary File Download # Exploit Title: Modern POS 1.3 - Arbitrary File Download # Dork: N/A # Date: 2019-01-13 # Exploit Author: Ihsan Sencan # Vendor Homepage: http://itsolution24.com/ # Software Link...

Modern POS 1.3 - SQL Injection # Exploit Title: Modern POS 1.3 - SQL Injection # Dork: N/A # Date: 2019-01-13 # Exploit Author: Ihsan Sencan # Vendor Homepage: http://itsolution24.com/ # Software Link: https://codecanyon.net/item/modern-pos-point-of-sale-with-stock-management-system/22702683 #...

Live Call Support Widget 1.5 - Remote Code Execution / SQL Injection # Exploit Title: Live Call Support 1.5 - Remote Code Execution / SQL Injection # Dork: N/A # Date: 2019-01-13 # Exploit Author: Ihsan Sencan # Vendor Homepage: http://ranksol.com/ # Software Link...

Craigs Classified Ads CMS Theme 1.0.2 - SQL Injection # Exploit Title: Craigs CMS 1.0.2 - SQL Injection # Dork: N/A # Date: 2019-01-13 # Exploit Author: Ihsan Sencan # Vendor Homepage: https://themerig.com/ # Software Link...

Palo Alto Networks Terminal Services Agent 7.0.3-13 - Integer Overflow /* Exploit Title - Palo Alto Networks Terminal Services Agent Integer Overflow Date - 26th January 2017 Discovered by - Parvez Anwar (@parvezghh) Vendor Homepage - https://www.paloaltonetworks.com/...

Joomla! Component JoomProject 1.1.3.2 - Information Disclosure # Exploit Title: Joomla! Component JoomProject 1.1.3.2 - Information Disclosure # Dork: N/A # Date: 2019-01-11 # Exploit Author: Ihsan Sencan # Vendor Homepage: http://joomboost.com/ # Software Link...

Joomla! Component JoomCRM 1.1.1 - SQL Injection # Exploit Title: Joomla! Component JoomCRM 1.1.1 - SQL Injection # Dork: N/A # Date: 2019-01-11 # Exploit Author: Ihsan Sencan # Vendor Homepage: http://joomboost.com/ # Software Link...

Matrix MLM Script 1.0 - Information Disclosure # Exploit Title: Matrix MLM Script 1.0 - Information Leakage # Dork: N/A # Date: 2019-01-10 # Exploit Author: Ihsan Sencan # Vendor Homepage: https://royallifefoundation.org/ # Software Link...

doitX 1.0 - 'search' SQL Injection # Exploit Title: doitX 1.0 - SQL Injection # Dork: N/A # Date: 2019-01-10 # Exploit Author: Ihsan Sencan # Vendor Homepage: http://mybizcms.com/ # Software Link: https://codecanyon.net/item/doitx/23041037 # Version: 1.0 # Category: Webapps # Tested on...

Event Calendar 3.7.4 - 'id' SQL Injection # Exploit Title: Event Calendar 3.7.4 - SQL Injection # Dork: N/A # Date: 2019-01-10 # Exploit Author: Ihsan Sencan # Vendor Homepage: http://ezcode.pt/ # Software Link: https://codecanyon.net/item/event-calendar-phpmysql-plugin/19246267 # Version...

Event Locations 1.0.1 - 'id' SQL Injection # Exploit Title: Event Locations 1.0.1 - SQL Injection # Dork: N/A # Date: 2019-01-10 # Exploit Author: Ihsan Sencan # Vendor Homepage: http://ezcode.pt/ # Software Link: https://codecanyon.net/item/event-locations-phpmysql-plugin/22100679 # Version...

Apple macOS 10.12.1 / iOS Kernel - 'IOService::matchPassive' Use-After-Free /* Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=973 IOService::matchPassive is called when trying to match a request dictionary against a candidate IOService. We can call this function on a...

Apple macOS 10.12.1 / iOS Kernel - 'host_self_trap' Use-After-Free /* Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1034 The task struct has a lock (itk_lock_data, taken via the itk_lock macros) which is supposed to protect the task->itk_* ports. The host_self_trap mach...

KB Affiliate Referral Script 1.0 - Authentication Bypass # # # # # # Exploit Title: KB Affiliate Referral PHP Script V1.0 - Authentication Bypass # Google Dork: N/A # Date: 26.01.2017 # Vendor Homepage: http://kunals.com/ # Software Download...

polkit - Temporary auth Hijacking via PID Reuse and Non-atomic Fork /* When a (non-root) user attempts to e.g. control systemd units in the system instance from an active session over DBus, the access is gated by a polkit policy that requires "auth_admin_keep" auth. This results in an auth...

Haraka < 2.8.9 - Remote Command Execution #!/usr/bin/python # Exploit Title: Harakiri # ShortDescription: Haraka comes with a plugin for processing attachments. Versions before 2.8.9 can be vulnerable to command injection # Exploit Author: xychix [xychix at hotmail.com] / [mark at outflank.nl]...

Apple macOS 10.12.1 / iOS 10.2 - Kernel Userspace Pointer Memory Corruption Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1004 mach_voucher_extract_attr_recipe_trap is a mach trap which can be called from any context Here's the code: kern_return_t...