exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 52,131 RSS Feed

Exploit Files

Microsoft Error Reporting Local Privilege Elevation
Posted Sep 27, 2023
Authored by bwatters-r7, Filip Dragovic, Octoberfest7 | Site metasploit.com

This Metasploit module takes advantage of a bug in the way Windows error reporting opens the report parser. If you open a report, Windows uses a relative path to locate the rendering program. By creating a specific alternate directory structure, we can coerce Windows into opening an arbitrary executable as SYSTEM. If the current user is a local admin, the system will attempt impersonation and the exploit will fail.

tags | exploit, arbitrary, local
systems | windows
advisories | CVE-2023-36874
SHA-256 | a872f68c00626fe384e850bbe5b416e5a094fcbf5639c9f1deb5248fc85413ca
RoyalTSX 6.0.1 RTSZ File Handling Heap Memory Corruption
Posted Sep 25, 2023
Authored by LiquidWorm | Site zeroscience.mk

RoyalTSX version 6.0.1 suffers from an RTSZ file handling heap memory corruption vulnerability. The application receives SIGABRT after the RAPortCheck.createNWConnection() function is handling the SecureGatewayHost object in the RoyalTSXNativeUI. When the hostname has an array of around 1600 bytes and the Test Connection is clicked the application crashes instantly.

tags | exploit
SHA-256 | 6bddf02ee202f21877203f81e88ca57213713fa9fe71c747db9f8b293f536b4a
OPNsense 23.1.11_1 / 23.7.3 / 23.7.4 Cross Site Scripting / Privilege Escalation
Posted Sep 25, 2023
Authored by Yasar Klawohn, JM | Site x41-dsec.de

OPNsense versions 23.1.11_1, 23.7.3, and 23.7.4 suffer from cross site scripting vulnerabilities that can allow for privilege escalation.

tags | exploit, vulnerability, xss
SHA-256 | 76e4fc1b6aee4986d4bbb70760bae717204a144677ec04e5e69cc9e4ca014975
LogoBee CMS 0.2 Cross Site Scripting
Posted Sep 25, 2023
Authored by indoushka

LogoBee CMS version 0.2 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | c2ead32c5cb5f5d010966c9529b1024ec709d62421149c9904c0751f97329087
Lamano LMS 0.1 Insecure Settings
Posted Sep 25, 2023
Authored by indoushka

Lamano LMS version 0.1 suffers from an ignored default credential vulnerability.

tags | exploit
SHA-256 | 1211a4d26c19dfb4f055d2493981d0ec9270c990f56c26cfafa09b3466428519
Elasticsearch 8.5.3 Stack Overflow
Posted Sep 22, 2023
Authored by Touhami Kasbaoui

Elasticsearch version 8.5.3 stack overflow proof of concept exploit.

tags | exploit, overflow, proof of concept
advisories | CVE-2023-31419
SHA-256 | 3ea73849caae7368d08d81cb21e393baddfab08e0fc2108b64083363b66bb17a
Taskhub 2.8.8 Cross Site Scripting
Posted Sep 22, 2023
Authored by nu11secur1ty

Taskhub version 2.8.8 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 6848bc97935d0e957e7130f797a4d53871d013225ec80f59f0fcfe2afb38638c
TOTOLINK Wireless Routers Remote Command Execution
Posted Sep 21, 2023
Authored by h00die-gr3y, Kazamayc | Site metasploit.com

Multiple TOTOLINK network products contain a command injection vulnerability in setting/setTracerouteCfg. This vulnerability allows an attacker to execute arbitrary commands through the command parameter. After exploitation, an attacker will have full access with the same user privileges under which the webserver is running - which is typically root.

tags | exploit, arbitrary, root
advisories | CVE-2023-30013
SHA-256 | fc2e74774d3c46b6268870bd1ebc63fc2bde4c03b9aa77f9c16fb05791fe2e00
Luxcal Event Calendar 3.2.3 Cross Site Request Forgery
Posted Sep 21, 2023
Authored by indoushka

Luxcal Event Calendar version 3.2.3 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
SHA-256 | 2988b35bb1b22bee81c03c905525b0e5df1206ee53aee901ca3b610f65c28437
Lamano CMS 2.0 Cross Site Request Forgery
Posted Sep 20, 2023
Authored by indoushka

Lamano CMS version 2.0 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
SHA-256 | 4edc3a8db5685aeb3ec3b74618f5d07d632dab06c41888d25c14ad6578ce55b4
WordPress Theme My Login 2FA Brute Force
Posted Sep 20, 2023
Authored by Joost Grunwald | Site iecetee.com

WordPress Theme My Login 2FA plugin versions prior to 1.2 suffer from a brute forcing vulnerability.

tags | exploit, cracker
SHA-256 | fe8aceb8123364ee1922662e5a7cfebebb8673ffd8e52fc079dba68cb781494f
Apache Airflow 1.10.10 Remote Code Execution
Posted Sep 19, 2023
Authored by Pepe Berba, Ismail E. Dawoodjee, xuxiang | Site metasploit.com

This Metasploit module exploits an unauthenticated command injection vulnerability by combining two critical vulnerabilities in Apache Airflow version 1.10.10. The first, CVE-2020-11978, is an authenticated command injection vulnerability found in one of Airflow's example DAGs, "example_trigger_target_dag", which allows any authenticated user to run arbitrary OS commands as the user running Airflow Worker/Scheduler. The second, CVE-2020-13927, is a default setting of Airflow 1.10.10 that allows unauthenticated access to Airflow's Experimental REST API to perform malicious actions such as creating the vulnerable DAG above. The two CVEs taken together allow vulnerable DAG creation and command injection, leading to unauthenticated remote code execution.

tags | exploit, remote, arbitrary, vulnerability, code execution
advisories | CVE-2020-11978, CVE-2020-13927
SHA-256 | bb3e8db54407d69676a1eba8103ab6fd9b1a3d72a85765a5ca4067e046a3ef88
Lexmark Device Embedded Web Server Remote Code Execution
Posted Sep 19, 2023
Authored by jheysel-r7, James Horseman, Zach Hanley | Site metasploit.com

An unauthenticated remote code execution vulnerability exists in the embedded webserver in certain Lexmark devices through 2023-02-19. The vulnerability is only exposed if, when setting up the printer or device, the user selects "Set up Later" when asked if they would like to add an Admin user. If no Admin user is created, the endpoint /cgi-bin/fax_change_faxtrace_settings is accessible without authentication. The endpoint allows the user to configure a number of different fax settings. A number of the configurable parameters on the page fail to be sanitized properly before being used in a bash eval statement, allowing for an unauthenticated user to run arbitrary commands.

tags | exploit, remote, arbitrary, cgi, code execution, bash
advisories | CVE-2023-26067, CVE-2023-26068
SHA-256 | 55b25ea44278a5136992f906756ff24cc7e2991ab7847a6388c6522fffc7a70a
WordPress Essential Blocks 4.2.0 / Essential Blocks Pro 1.1.0 PHP Object Injection
Posted Sep 19, 2023
Authored by Marco Wotschka | Site wordfence.com

WordPress Essential Blocks plugin versions 4.2.0 and below and Essential Blocks Pro versions 1.1.0 and below suffer from multiple PHP object injection vulnerabilities.

tags | exploit, php, vulnerability
advisories | CVE-2023-4386, CVE-2023-4402
SHA-256 | 3bc456da9e240b7476040544d3e4f0b5fa6f68d4e3ad65a015be529481ab73ad
Taskhub 2.8.7 SQL Injection
Posted Sep 19, 2023
Authored by CraCkEr

Taskhub version 2.8.7 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
advisories | CVE-2023-4987
SHA-256 | ec51f7c0ec6ec9827399486aa736c27e2875675b7757f895f52b660f9301b1c9
Packers And Movers Management System 1.0 SQL Injection
Posted Sep 19, 2023
Authored by Robert Cretu | Site robsware.github.io

Packers and Movers Management System version 1.0 suffers from a remote blind SQL injection vulnerability. Proof of concept exploit written in python included.

tags | exploit, remote, sql injection, proof of concept, python
advisories | CVE-2023-30415
SHA-256 | 392e218592b7d81bc0c0a1e2e699e9fe38ca587052d6e6393e97b66c59ab44ea
Super Store Finder 3.7 Remote Command Execution
Posted Sep 19, 2023
Authored by Etharus

Super Store Finder versions 3.7 and below suffer from a remote command execution vulnerability.

tags | exploit, remote
SHA-256 | 59708f67b0915cf1156ee9e02ad60df7ef019793a0e335e432949ea847133ec7
Lamano CMS 2.0 SQL Injection
Posted Sep 19, 2023
Authored by indoushka

Lamano CMS version 2.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

tags | exploit, remote, sql injection
SHA-256 | f412c3931e25a39ec1c5fcb717e74cf9484b0f9d3276f419ff29c98d94d3c48d
Lacabane 1.0 SQL Injection
Posted Sep 19, 2023
Authored by indoushka

Lacabane version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

tags | exploit, remote, sql injection
SHA-256 | 043fbb7035b63b83fc99760c04f28efb227c9bcf40d2f8b44ae15acfc3e31e28
Free And Open Source Inventory Management System 1.0 SQL Injection
Posted Sep 19, 2023
Authored by Sefa Ozan

Free and Open Source Inventory Management System version 1.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | a9fc1340a0b9265105cd0bcbf5d9cfffa5e3d5d6ddb4326fc57ff7e8fe5d3573
Atos Unify OpenScape Code Execution / Missing Authentication
Posted Sep 18, 2023
Authored by Armin Weihbold | Site sec-consult.com

Atos Unify OpenScape Session Border Controller, Atos Unify OpenScape Branch, and Atos Unify OpenScape BCF suffer from remote code execution and missing authentication vulnerabilities. Atos OpenScape SBC versions before 10 R3.3.0, Branch version 10 versions before R3.3.0, and BCF version 10 versions before 10 R10.10.0 are affected.

tags | exploit, remote, vulnerability, code execution
advisories | CVE-2023-36618, CVE-2023-36619
SHA-256 | e2e8c6ce30a0287849087e96a892584daa40873cf0049db9a9cd2dc86e763b18
PTC - Codebeamer Cross Site Scripting
Posted Sep 18, 2023
Authored by Niklas Schilling | Site sec-consult.com

PTC - Codebeamer versions 22.10-SP7 and below, 22.04-SP5 and below, and 21.09-SP13 and below suffer from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2023-4296
SHA-256 | a3e11343a596c27acafa688a8dc7b67a179c5d43d4e4c49067b5f5f15cf9e85a
Ivanti Avalanche MDM Buffer Overflow
Posted Sep 18, 2023
Authored by Ege Balci | Site metasploit.com

This Metasploit module exploits a buffer overflow condition in Ivanti Avalanche MDM versions prior to 6.4.1. An attacker can send a specially crafted message to the Wavelink Avalanche Manager, which could result in arbitrary code execution with the NT/AUTHORITY SYSTEM permissions. This vulnerability occurs during the processing of 3/5/8/100/101/102 item data types. The program tries to copy the item data using qmemcopy to a fixed size data buffer on stack. Upon successful exploitation the attacker gains full access to the target system. This vulnerability has been tested against Ivanti Avalanche MDM version 6.4.0.0 on Windows 10.

tags | exploit, overflow, arbitrary, code execution
systems | windows
advisories | CVE-2023-32560
SHA-256 | f923d88a736ee1b1d58c5f717428d9695cfc5a4107837de0f4006d0c4a042202
Razer Synapse Race Condition / DLL Hijacking
Posted Sep 18, 2023
Authored by Dr. Oliver Schwarz | Site syss.de

Razer Synapse versions before 3.8.0428.042117 (20230601) suffer from multiple vulnerabilities. Due to an unsafe installation path, improper privilege management, and a time-of-check time-of-use race condition, the associated system service "Razer Synapse Service" is vulnerable to DLL hijacking. As a result, local Windows users can abuse the Razer driver installer to obtain administrative privileges on Windows.

tags | exploit, local, vulnerability
systems | windows
advisories | CVE-2022-47631
SHA-256 | 1110267026177d281063e2e963a45b1c22d0c934df7112a724fa52cee6a0a4bc
KPOT Stealer CMS 2.0 Directory Traversal
Posted Sep 18, 2023
Authored by indoushka

KPOT Stealer CMS 2.0 suffers from a directory traversal vulnerability.

tags | exploit, file inclusion
SHA-256 | a03351195e4ccd6346eb50122bfeeab02551f28a42e38a371693172b705c255b
Page 1 of 2,086
Back12345Next

File Archive:

September 2023

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    2 Files
  • 2
    Sep 2nd
    21 Files
  • 3
    Sep 3rd
    0 Files
  • 4
    Sep 4th
    17 Files
  • 5
    Sep 5th
    34 Files
  • 6
    Sep 6th
    29 Files
  • 7
    Sep 7th
    11 Files
  • 8
    Sep 8th
    25 Files
  • 9
    Sep 9th
    0 Files
  • 10
    Sep 10th
    0 Files
  • 11
    Sep 11th
    26 Files
  • 12
    Sep 12th
    23 Files
  • 13
    Sep 13th
    17 Files
  • 14
    Sep 14th
    22 Files
  • 15
    Sep 15th
    16 Files
  • 16
    Sep 16th
    0 Files
  • 17
    Sep 17th
    0 Files
  • 18
    Sep 18th
    19 Files
  • 19
    Sep 19th
    60 Files
  • 20
    Sep 20th
    23 Files
  • 21
    Sep 21st
    15 Files
  • 22
    Sep 22nd
    8 Files
  • 23
    Sep 23rd
    0 Files
  • 24
    Sep 24th
    0 Files
  • 25
    Sep 25th
    17 Files
  • 26
    Sep 26th
    3 Files
  • 27
    Sep 27th
    13 Files
  • 28
    Sep 28th
    0 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close