what you don't know can hurt you
Showing 1 - 25 of 45,853 RSS Feed

Exploit Files

WinGate 9.4.1.5998 Insecure Permissions / Privilege Escalation
Posted Jun 5, 2020
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

WinGate version 9.4.1.5998 suffers from an insecure permissions vulnerability that allows for privilege escalation.

tags | exploit
advisories | CVE-2020-13866
MD5 | cca9ea7f3d456df0c0e3a3e30fed3922
Avaya IP Office 11 Insecure Transit / Password Disclosure
Posted Jun 5, 2020
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

Avaya IP Office versions 9.1.8.0 through 11 suffer from an insecure transit vulnerability that allows for password disclosure.

tags | exploit
advisories | CVE-2020-7030
MD5 | aa4f9f8d14cf8ae3c1ea713bab3c17d0
Cisco UCS Director Cloupia Script Remote Code Execution
Posted Jun 5, 2020
Authored by mr_me, wvu | Site metasploit.com

This Metasploit module exploits an authentication bypass and directory traversals in Cisco UCS Director versions prior to 6.7.4.0 to leak the administrator's REST API key and execute a Cloupia script containing an arbitrary root command. Note that the primary functionality of this module is to leverage the Cloupia script interpreter to execute code. This functionality is part of the application's intended operation and considered a "foreverday." The authentication bypass and directory traversals only get us there. If you already have an API key, you may set it in the API_KEY option. The LEAK_FILE option may be set if you wish to leak the API key from a different absolute path, but normally this isn't advisable. Tested on Cisco's VMware distribution of 6.7.3.0.

tags | exploit, arbitrary, root
systems | cisco
advisories | CVE-2020-3243, CVE-2020-3250
MD5 | a3283617421910d08a845659be600c53
Castel NextGen DVR 1.0.0 Bypass / CSRF / Disclosure
Posted Jun 5, 2020
Authored by Aaron Bishop

Castel NextGen DVR version 1.0.0 suffers from authorization bypass, credential disclosure, and cross site request forgery vulnerabilities.

tags | exploit, vulnerability, bypass, info disclosure, csrf
advisories | CVE-2020-11679, CVE-2020-11680, CVE-2020-11681, CVE-2020-11682
MD5 | aa89a93b4527459f2ae2ef8eb52607af
Online Course Registration 1.0 SQL Injection
Posted Jun 5, 2020
Authored by BKpatron

Online Course Registration version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

tags | exploit, remote, sql injection
MD5 | fc61e51364ffbf260baf70a6f6adda53
Quick Player 1.3 Denial Of Service
Posted Jun 5, 2020
Authored by Felipe Winsnes

Quick Player version 1.3 suffers from a denial of service vulnerability.

tags | exploit, denial of service
MD5 | 40cf6545b04e1c24d68ca9ceae3a6b4f
WordPress Drag And Drop Multi File Uploader Remote Code Execution
Posted Jun 4, 2020
Authored by h00die, Austin Martin | Site metasploit.com

This Metasploit module exploits a file upload feature of Drag and Drop Multi File Upload - Contact Form 7 for versions prior to 1.3.4. The allowed file extension list can be bypassed by appending a %, allowing for php shells to be uploaded. No authentication is required for exploitation.

tags | exploit, shell, php, file upload
advisories | CVE-2020-12800
MD5 | 8741d1320b67d5240a0da5c63f0f5065
WebLogic Server Deserialization Remote Code Execution
Posted Jun 4, 2020
Authored by Shelby Pace, Y4er, Quynh Le | Site metasploit.com

This Metasploit module exploits a Java object deserialization vulnerability in multiple versions of WebLogic. Unauthenticated remote code execution can be achieved by sending a serialized BadAttributeValueExpException object over the T3 protocol to vulnerable versions of WebLogic. Leveraging an ExtractorComparator enables the ability to trigger method.invoke(), which will execute arbitrary code.

tags | exploit, java, remote, arbitrary, code execution, protocol
advisories | CVE-2020-2883
MD5 | 70d9c90a8b31214d86ae1cb6e37b7167
Cayin Digital Signage System xPost 2.5 Code Execution / SQL Injection
Posted Jun 4, 2020
Authored by LiquidWorm | Site zeroscience.mk

CAYIN xPost version 2.5 suffers from an unauthenticated SQL injection vulnerability. Input passed via the GET parameter wayfinder_seqid in wayfinder_meeting_input.jsp is not properly sanitised before being returned to the user or used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code and execute SYSTEM commands.

tags | exploit, arbitrary, sql injection
MD5 | d6686dcd290750e64871dcec7268adfc
VMWare vCloud Director 9.7.0.15498291 Remote Code Execution
Posted Jun 4, 2020
Authored by Tomas Melicher

VMWare vCloud Director version 9.7.0.15498291 suffers from a remote code execution vulnerability.

tags | exploit, remote, code execution
MD5 | 697658590aa5e4209d66313afcf6c893
Cayin Content Management Server 11.0 Root Remote Command Injection
Posted Jun 4, 2020
Authored by LiquidWorm | Site zeroscience.mk

CAYIN CMS suffers from an authenticated OS semi-blind command injection vulnerability using default credentials. This can be exploited to inject and execute arbitrary shell commands as the root user through the NTP_Server_IP HTTP POST parameter in system.cgi page.

tags | exploit, web, arbitrary, shell, cgi, root
MD5 | 2b40a82dbae2a46bd38664601734d373
Navigate CMS 2.8.7 Cross Site Request Forgery
Posted Jun 4, 2020
Authored by Gus Ralph

Navigate CMS version 2.8.7 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
MD5 | 70129b1732ee864fbabae6f9f394621e
Cayin Signage Media Player 3.0 Root Remote Command Injection
Posted Jun 4, 2020
Authored by LiquidWorm | Site zeroscience.mk

CAYIN SMP-xxxx suffers from an authenticated OS command injection vulnerability using default credentials. This can be exploited to inject and execute arbitrary shell commands as the root user through the NTP_Server_IP HTTP GET parameter in system.cgi and wizard_system.cgi pages.

tags | exploit, web, arbitrary, shell, cgi, root
MD5 | 9a04cbad2c7bcc1e00789b91f73a0061
NeonLMS Learning Management System PHP Laravel Script 4.6 XSS
Posted Jun 4, 2020
Authored by th3d1gger

NeonLMS Learning Management System PHP Laravel Script version 4.6 suffers from a persistent cross site scripting vulnerability.

tags | exploit, php, xss
MD5 | 2e508022471e1a49271d4745b0b3e811
NeonLMS Learning Management System PHP Laravel Script 4.6 File Download
Posted Jun 4, 2020
Authored by th3d1gger

NeonLMS Learning Management System PHP Laravel Script version 4.6 suffers from an arbitrary file download vulnerability.

tags | exploit, arbitrary, php, info disclosure
MD5 | e762859b96e7391cb7c4d0f1d5bc1371
Navigate CMS 2.8.7 Directory Traversal
Posted Jun 4, 2020
Authored by Gus Ralph

Navigate CMS version 2.8.7 suffers from an authenticated directory traversal vulnerability.

tags | exploit, file inclusion
advisories | CVE-2020-13795
MD5 | e422428b73acd01b8faae4427b9bcb16
Secure Computing SnapGear Management Console SG560 3.1.5 Arbitrary File Read / Write
Posted Jun 4, 2020
Authored by LiquidWorm | Site zeroscience.mk

Secure Computing SnapGear Management Console SG560 version 3.1.5 suffers from arbitrary file read and write vulnerabilities. The application allows the currently logged-in user to edit the configuration files in the system using the CGI executable edit_config_files in /cgi-bin/cgix/. The files that are allowed to be modified (read/write/delete) are located in the /etc/config/ directory. An attacker can manipulate the POST request parameters to escape from the restricted environment by using absolute path and start reading, writing and deleting arbitrary files on the system.

tags | exploit, arbitrary, cgi, vulnerability
MD5 | 71fd7f2810f3f64fb2be820cb487f7b5
Online Marriage Registration System 1.0 Remote Code Execution
Posted Jun 4, 2020
Authored by Selim Enes Karaduman

Online Marriage Registration System version 1.0 suffers from a remote code execution vulnerability.

tags | exploit, remote, code execution
MD5 | 30df76e6681b75d7099836e01dfd2aea
Secure Computing SnapGear Management Console SG560 3.1.5 CSRF
Posted Jun 4, 2020
Authored by LiquidWorm | Site zeroscience.mk

Secure Computing SnapGear Management Console SG560 version 3.1.5 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
MD5 | 9068570c9d23605eb5c081c323c3b293
D-Link DIR-615 T1 20.10 CAPTCHA Bypass
Posted Jun 4, 2020
Authored by Huzaifa Hussain

D-Link DIR-615 T1 version 20.10 suffers from a CAPTCHA bypass vulnerability.

tags | exploit, bypass
advisories | CVE-2019-17525
MD5 | 4a055172c5256e9335439777f8a4cffd
Underconstructionpage Cross Site Scripting
Posted Jun 4, 2020
Authored by Atmon3r

Underconstructionpage versions prior to 3.75 suffer from a persistent cross site scripting vulnerability.

tags | exploit, xss
MD5 | b288398557517cd440d97d8d83ddea66
Clinic Management System 1.0 Shell Upload
Posted Jun 4, 2020
Authored by BKpatron

Clinic Management System version 1.0 suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell
MD5 | aef32468a77bdfeb84c28f99eb758777
Hostel Management System 2.0 SQL Injection
Posted Jun 4, 2020
Authored by Selim Enes Karaduman

Hostel Management System version 2.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 6283b938cc0817e4de2f7605525a64c5
Oriol Espinal CMS 1.0 SQL Injection
Posted Jun 4, 2020
Authored by TSAR

Oriol Espinal CMS version 1.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | c02941f13b461b54c222a2bd074379bc
Navigate CMS 2.8.7 SQL Injection
Posted Jun 4, 2020
Authored by Gus Ralph

Navigate CMS version 2.8.7 suffers from an authenticated remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | ab1f04182a74596b013f00e61ba81318
Page 1 of 1,835
Back12345Next

File Archive:

June 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jun 1st
    10 Files
  • 2
    Jun 2nd
    16 Files
  • 3
    Jun 3rd
    15 Files
  • 4
    Jun 4th
    25 Files
  • 5
    Jun 5th
    8 Files
  • 6
    Jun 6th
    0 Files
  • 7
    Jun 7th
    0 Files
  • 8
    Jun 8th
    0 Files
  • 9
    Jun 9th
    0 Files
  • 10
    Jun 10th
    0 Files
  • 11
    Jun 11th
    0 Files
  • 12
    Jun 12th
    0 Files
  • 13
    Jun 13th
    0 Files
  • 14
    Jun 14th
    0 Files
  • 15
    Jun 15th
    0 Files
  • 16
    Jun 16th
    0 Files
  • 17
    Jun 17th
    0 Files
  • 18
    Jun 18th
    0 Files
  • 19
    Jun 19th
    0 Files
  • 20
    Jun 20th
    0 Files
  • 21
    Jun 21st
    0 Files
  • 22
    Jun 22nd
    0 Files
  • 23
    Jun 23rd
    0 Files
  • 24
    Jun 24th
    0 Files
  • 25
    Jun 25th
    0 Files
  • 26
    Jun 26th
    0 Files
  • 27
    Jun 27th
    0 Files
  • 28
    Jun 28th
    0 Files
  • 29
    Jun 29th
    0 Files
  • 30
    Jun 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close