Showing 1 - 25 of 49,119

Exploit Files

Backdoor.Win32.Wollf.16 Hardcoded Credential: Posted Jan 21, 2022; Authored by malvuln | Site malvuln.com; Backdoor.Win32.Wollf.16 malware suffers from a hardcoded credential vulnerability.; tags | exploit; systems | windows; MD5 | 4ce52164a4ee3f9382baf71f4c27d495; Download | Favorite | View

Backdoor.Win32.Wollf.16 Authentication Bypass: Posted Jan 21, 2022; Authored by malvuln | Site malvuln.com; Backdoor.Win32.Wollf.16 malware suffers from an authentication bypass vulnerability.; tags | exploit, bypass; systems | windows; MD5 | a6064aef3963aa3ad1d965feafc34c41; Download | Favorite | View

Banco Guayaquil 8.0.0 Cross Site Scripting: Posted Jan 21, 2022; Authored by Taurus Omar; Banco Guayaquil for iOS version 8.0.0 suffers from a script insertion vulnerability where a user can insert malicious code into their own name and could possibly be leveraged for attacks upstream.; tags | exploit, xss; systems | ios; MD5 | 9fe795c9676108261961f6cb37a2628d; Download | Favorite | View

Online Project Time Management 1.0 SQL Injection: Posted Jan 21, 2022; Authored by nu11secur1ty; Online Project Time Management version 1.0 suffers from a remote SQL injection vulnerability.; tags | exploit, remote, sql injection; MD5 | 29db9e4141f52450f2461938b5b01425; Download | Favorite | View

Grandstream GXV3175 Unauthenticated Command Execution: Posted Jan 20, 2022; Authored by Brendan Coles, alhazred, Brendan Scarvell | Site metasploit.com; This Metasploit module exploits a command injection vulnerability in Grandstream GXV3175 IP multimedia phones. The settimezone action does not validate input in the timezone parameter allowing injection of arbitrary commands. A buffer overflow in the phonecookie cookie parsing allows authentication to be bypassed by providing an alphanumeric cookie 93 characters in length. This module was tested successfully on Grandstream GXV3175v2 hardware revision V2.6A with firmware version 1.0.1.19.; tags | exploit, overflow, arbitrary; advisories | CVE-2019-10655; MD5 | d0714d342ba12f124e7b2588f1b2bde6; Download | Favorite | View

VMware vCenter Server Unauthenticated Log4Shell JNDI Injection Remote Code Execution: Posted Jan 20, 2022; Authored by Spencer McIntyre, RageLtMan, jbaines-r7, w3bd3vil | Site metasploit.com; VMware vCenter Server is affected by the Log4Shell vulnerability whereby a JNDI string can be sent to the server that will cause it to connect to the attacker and deserialize a malicious Java object. This results in OS command execution in the context of the root user in the case of the Linux virtual appliance and SYSTEM on Windows. This Metasploit module will start an LDAP server that the target will need to connect to. This exploit uses the logon page vector.; tags | exploit, java, root; systems | linux, windows; advisories | CVE-2021-44228; MD5 | 32d2d28bcb4dba8e71d1328de3ecb778; Download | Favorite | View

Ransomware Builder Babuk Insecure Permissions: Posted Jan 20, 2022; Authored by malvuln | Site malvuln.com; Ransomware Builder Babuk malware suffers from an insecure permissions vulnerability.; tags | exploit; MD5 | a0cd8289685e1605dfafad9ad4ee310e; Download | Favorite | View

Backdoor.Win32.Wisell Remote Command Execution: Posted Jan 20, 2022; Authored by malvuln | Site malvuln.com; Backdoor.Win32.Wisell malware suffers from a remote command execution vulnerability.; tags | exploit, remote; systems | windows; MD5 | 235e6158650f534d03cf794bbe213c8c; Download | Favorite | View

CollectorStealerBuilder Panel 2.0.0 Man-In-The-Middle: Posted Jan 20, 2022; Authored by malvuln | Site malvuln.com; The panel for Collector Stealer malware version 2.0.0 suffers from a man-in-the-middle vulnerability.; tags | exploit; MD5 | 78d4972e4013313c7d6d598a0bb2c3dc; Download | Favorite | View

CollectorStealerBuilder Panel 2.0.0 Insecure Credential Storage: Posted Jan 20, 2022; Authored by malvuln | Site malvuln.com; The panel for Collector Stealer malware version 2.0.0 stores the login credentials in plaintext in its MySQL database. Third-party attackers who gain access to the system can read the database username passwords without having to crack them offline.; tags | exploit; MD5 | 6e13ca6b026a5716e7f55a09e24384c8; Download | Favorite | View

VulturiBuilder Insecure Permissions: Posted Jan 20, 2022; Authored by malvuln | Site malvuln.com; VulturiBuilder malware suffers from an insecure permissions vulnerability.; tags | exploit; MD5 | ae3e3340f93567f3bbe330d3e69b0088; Download | Favorite | View

WordPress Email Template Designer – WP HTML Mail 3.0.9 Cross Site Scripting: Posted Jan 19, 2022; Authored by Chloe Chamberland | Site wordfence.com; WordPress Email Template Designer – WP HTML Mail plugin versions 3.0.9 and below suffer from a cross site scripting vulnerability.; tags | exploit, xss; advisories | CVE-2022-0218; MD5 | 961ed2fa6e6f7b7b1b24ccf2f6d4c866; Download | Favorite | View

Archeevo 5.0 Local File Inclusion: Posted Jan 18, 2022; Authored by Miguel Santareno; Archeevo version 5.0 suffers from a local file inclusion vulnerability.; tags | exploit, local, file inclusion; MD5 | d4916c25ed879d611b512e54a177db61; Download | Favorite | View

Landa Driving School Management System 2.0.1 Arbitrary File Upload: Posted Jan 18, 2022; Authored by Sohel Yousef; Landa Driving School Management System version 2.0.1 suffers from an arbitrary file upload vulnerability.; tags | exploit, arbitrary, file upload; MD5 | 7963549ed3c7725b16cd7edcb0f82465; Download | Favorite | View

Online Resort Management System 1.0 SQL Injection: Posted Jan 18, 2022; Authored by Gaurav Grover; Online Resort Management System version 1.0 suffer from remote SQL injection vulnerabilities. Original discovery of SQL injection in this version is attributed to nu11secur1ty on January 10, 2022.; tags | exploit, remote, vulnerability, sql injection; MD5 | 372024ce26beb70ad0af01de139944e2; Download | Favorite | View

Simple Chatbot Application 1.0 Shell Upload: Posted Jan 18, 2022; Authored by Saud Alenazi; Simple Chatbot Application version 1.0 suffers from a remote shell upload vulnerability.; tags | exploit, remote, shell; MD5 | 496e3c1a6fdd0c52e04197b0bf576217; Download | Favorite | View

Simple Chatbot Application 1.0 SQL Injection: Posted Jan 18, 2022; Authored by Saud Alenazi; Simple Chatbot Application version 1.0 suffers from a remote blind SQL injection vulnerability.; tags | exploit, remote, sql injection; MD5 | 423037e1de190035b5f4204ba5afecb3; Download | Favorite | View

Nyron 1.0 SQL Injection: Posted Jan 18, 2022; Authored by Miguel Santareno; Nyron version 1.0 suffers from a remote SQL injection vulnerability.; tags | exploit, remote, sql injection; MD5 | ebda646b81bc44e41070a684f17492a0; Download | Favorite | View

OpenBMCS 2.4 Secret Disclosure: Posted Jan 17, 2022; Authored by LiquidWorm | Site zeroscience.mk; OpenBMCS version 2.4 suffers from a secret disclosure vulnerability.; tags | exploit; MD5 | 6afd87bfc0acebdfb54ecbd91b4f947d; Download | Favorite | View

OpenBMCS 2.4 Remote File Inclusion / Server-Side Request Forgery: Posted Jan 17, 2022; Authored by LiquidWorm | Site zeroscience.mk; OpenBMCS version 2.4 suffers from remote file inclusion and server-side request forgery vulnerabilities.; tags | exploit, remote, vulnerability, file inclusion; MD5 | a07cdb05430fee7d884a0a15435b9828; Download | Favorite | View

AgentTesla Builder Web Panel SQL Injection: Posted Jan 17, 2022; Authored by malvuln | Site malvuln.com; AgentTesla Builder Web Panel malware suffers from a remote SQL injection vulnerability.; tags | exploit, remote, web, sql injection; MD5 | efe393eb9fdd53e136eeefd29b90bee0; Download | Favorite | View

AgentTesla Builder Web Panel Cross Site Scripting: Posted Jan 17, 2022; Authored by malvuln | Site malvuln.com; AgentTesla Builder Web Panel malware suffers from a cross site scripting vulnerability.; tags | exploit, web, xss; MD5 | 741fff0bd029276b220bf7cb36a805a8; Download | Favorite | View

OpenBMCS 2.4 Remote Privilege Escalation: Posted Jan 17, 2022; Authored by LiquidWorm | Site zeroscience.mk; OpenBMCS version 2.4 create administrator proof of concept exploit that leverages a remote privilege escalation vulnerability.; tags | exploit, remote, proof of concept; MD5 | 86c9cf2aaa58913dbceecc5bc3d8f507; Download | Favorite | View

OpenBMCS 2.4 SQL Injection: Posted Jan 17, 2022; Authored by LiquidWorm | Site zeroscience.mk; OpenBMCS version 2.4 suffers from an authenticated remote SQL injection vulnerability.; tags | exploit, remote, sql injection; MD5 | f3540f568b23385709de647199567647; Download | Favorite | View

Chaos Ransomware Builder 4 Insecure Permissions: Posted Jan 17, 2022; Authored by malvuln | Site malvuln.com; Chaos Ransomware Builder version 4 malware suffers from an insecure permissions vulnerability.; tags | exploit; MD5 | c2c268f6fc5d05f302cf1e4ba898e768; Download | Favorite | View

Page 1 of 1,965 Back 1 2 3 4 5 Next

Top Authors In Last 30 Days

Red Hat 74 files
Ubuntu 35 files
malvuln 33 files
Google Security Research 8 files
nu11secur1ty 6 files
LiquidWorm 5 files
Vulnerability Laboratory 5 files
Yehia Elghaly 4 files
twseptian 4 files
faisalfs10x 3 files

File Archives

Systems

AIX (423)
Apple (1,853)
BSD (368)
CentOS (54)
Cisco (1,909)
Debian (5,946)
Fedora (1,690)
FreeBSD (1,241)
Gentoo (4,148)
HPUX (875)
iOS (310)
iPhone (108)
IRIX (220)
Juniper (67)
Linux (41,306)
Mac OS X (682)
Mandriva (3,105)
NetBSD (255)
OpenBSD (476)
RedHat (10,933)
Slackware (941)
Solaris (1,601)
SUSE (1,444)
Ubuntu (7,578)
UNIX (9,010)
UnixWare (182)
Windows (6,253)
Other

Exploit Files

File Archive:

January 2022

Top Authors In Last 30 Days

File Tags

File Archives

Systems