ManageEngine Desktop Central, Password Manager Pro, and IT360 suffer from remote blind SQL injection vulnerabilities. Metasploit module included.
3de6153a54568339e66c97e4d4aaed785dc31350ed472c9d9041a12fbd2c4ec2
This Metasploit module exploits a PHP code execution vulnerability in HybridAuth versions 2.0.9 to 2.2.2. The install file 'install.php' is not removed after installation allowing unauthenticated users to write PHP code to the application configuration file 'config.php'. Note: This exploit will overwrite the application configuration file rendering the application unusable.
d1dd2c445125a3aa376f980484e9db24bee803b7e9f5542cfd557664181fc723
BlazeDVD Pro version 7.0 SEH buffer overflow exploit written in python.
28f2e7fae50adf7f22550261f04d46dcf3240ae06a9b830d634a727ddd95e19e
Bulletproof FTP Client 2010 SEH buffer overflow exploit written in python.
7a8c67f6731b5fc356c9ed27d17abe620d1f8a25301d9d30352e7e5587ee33c3
This Metasploit module takes advantage of the addition of authorized ssh keys in the gitlab-shell functionality of Gitlab. Versions of gitlab-shell prior to 1.7.4 used the ssh key provided directly in a system call resulting in a command injection vulnerability. As this relies on adding an ssh key to an account valid credentials are required to exploit this vulnerability.
65fe10c27fade5931f989520557835098ed4bf35e440ecf8cc61973c2269ee5b
This Metasploit module gains remote code execution on Firefox 15-22 by abusing two separate Javascript-related vulnerabilities to ultimately inject malicious Javascript code into a context running with chrome:// privileges.
723732f5e9f85d7844a5395a8a59e9af072256440c604cfc1138fd3468e2d08d
Senkas Kolibri WebServer version 2.0 is vulnerable to remote code execution via an overly long POST request. Sending the exploit will result in a SEH overwrite, which can then be use to redirect execution to a POP POP RET within the application's binary itself, which once executed, will allow the attacker to execute his/her payload located in the HOST field.
e7aca045137e803e2f420610b3f8fd1f46b74e952efdfc1f4fc8d70e6048f942
Tenda A5s router suffers from an authentication bypass vulnerability due to improperly trusting cookies.
75354821f95fabdfb5c0ba4d05cdf943735ebbb7e157fc3995bef4b079711abd
Webasuyst Shop Script version 5.2.2.30933 suffers from a persistent cross site scripting vulnerability.
fe9935c566e0d27e7573204885e4236ce42e9b3c2b9520e0a668607686df210c
RiverBed Stingray Traffic Manager virtual appliance version 9.6 suffers from a cross site scripting vulnerability.
253f0ee81ca7854a5f8db376166f8f7beddb893439dd7d79dde6d83271063bc2
LY Website CMS suffers from a remote SQL injection vulnerability. Note that this finding houses site-specific data.
4756b632d0ab3f467a35a95e2d3eaf6b58218fd25ab3f10aae2f252eaf91d43a
This Metasploit module exploits a vulnerability in the 3D Acceleration support for VirtualBox. The vulnerability exists in the remote rendering of OpenGL-based 3D graphics. By sending a sequence of specially crafted of rendering messages, a virtual machine can exploit an out of bounds array access to corrupt memory and escape to the host. This Metasploit module has been tested successfully on Windows 7 SP1 (64 bits) as Host running Virtual Box 4.3.6.
86c260fb68e437881ab16b483c4e49b6bc21fe1b4a46b94f446e6d346cda9dda
VMTurbo Operations Manager 4.6 and prior are vulnerable to unauthenticated OS Command injection in the web interface. Use reverse payloads for the most reliable results. Since it is a blind OS command injection vulnerability, there is no output for the executed command when using the cmd generic payload. Port binding payloads are disregarded due to the restrictive firewall settings. This Metasploit module has been tested successfully on VMTurbo Operations Manager versions 4.5 and 4.6.
0649ca7e973fb4b39c646f1c27813549f1cb5f0d02c263f2d2f7d20f3e123eb4
Jamroom version 5.2.6 suffers from a reflective cross site scripting vulnerability.
b6b6afd76f8ae1be1ddfdd8d95e7132cc33c4ecb87d6c5ea141db16a82f97cbf
Cross site request forgery exploit for Disqus for WordPress versions up to 2.7.5 that adds a stored cross site scripting attack.
b2d8ead094b8e10bb30ef3224c49e7dc5a87455af918e2e1e66ebceff7be1203
The Ribose Online Social Collaboration Platform suffers from a cross site request forgery vulnerability.
42ca4b8211a8e1d60d6cf5c5986b30586ab09989c08ef146df496e2f91aa83ad
SAS Visual Analytics version 6.4M1 suffers from an arbitrary file upload vulnerability.
507991f865b35b634138431740240750f98bf8b5e1638af3aef5f3997c9c16d4
BlackBerry Z10 suffers from a storage and access file-exchange authentication bypass vulnerability.
6ad030936de3e1297588702bfb5cc320dc713c579986b035aa88719f4f3bf757
A vulnerability within the VBoxGuest driver allows an attacker to inject memory they control into an arbitrary location they define. This can be used by an attacker to overwrite HalDispatchTable+0x4 and execute arbitrary code by subsequently calling NtQueryIntervalProfile on Windows XP SP3 systems. This has been tested with VBoxGuest Additions up to 4.3.10r93012.
ed08fc54fb11f75fb8240f00e12ad3f0eb15c9ef81cff67a88e74e2b8793b557
CS-Cart version 4.2.0 suffers from a session hijacking vulnerability due to weakly minted session identifiers.
75b089cb05c7acd3308c73cf9aed379821ea108918fd45c8a1f4b82e65e09695
GEL CMS version 4.0 suffers from a remote SQL injection vulnerability that allows for login bypass.
adce38f0b73c10b3b1fe34d367682cfe754530c4e55c16152797c3df8149dc48
WordPress CK-And-SyntaxHighLighter plugin suffers from a remote file upload vulnerability. Note that this finding houses site-specific data.
a56aed0703be5e8db85ed29cbd4c7ce15f30b85c42d4cc83cb27dde53df32e8c
IBM Sametime Meet Server version 8.5 suffers from a reflective cross site scripting vulnerability.
e4d190702ff79740508c84c53897a8ccfa7a8e5c69de6ea78f5f8bdead6ace27
IBM Sametime Meet Server version 8.5 suffers from a password disclosure vulnerability.
fbac5fd69fa0121c9ad2a573faa45822043f96f12caf4e6c772fdbfb73e4f92a
IBM Sametime Meet Server version 8.8 suffers from a remote arbitrary file upload vulnerability.
a1948e9b3992363b375614da149aca81e22e4b77935273eb6ed883981ca609b7