Exploit Remote Exploint 2019- Úvod  Remote  Web App  Local&Privilege Escalation  DoS & PoC  ShellCode  Exploit  Exploit prog.  Ex. Techniky  Exp. kit  Typy Exploitù  Exploit Articles 

Remote Exploint  H  2020  2019  2018

2019-12-20FreeSWITCH 1.10.1 - Command ExecutionremoteWindows
2019-12-18OpenMRS - Java Deserialization RCE (Metasploit)remoteLinux
2019-12-06Integard Pro NoJs 2.2.0.9026 - Remote Buffer OverflowremoteWindows
2019-11-20FusionPBX - Operator Panel exec.php Command Execution (Metasploit)remoteMultiple
2019-11-20FreeSWITCH - Event Socket Command Execution (Metasploit)remoteMultiple
2019-11-20Bludit - Directory Traversal Image File Upload (Metasploit)remotePHP
2019-11-20Pulse Secure VPN - Arbitrary Command Execution (Metasploit)remoteMultiple
2019-11-19Microsoft Windows 7 (x86) - 'BlueKeep' Remote Desktop Protocol (RDP) Remote Windows Kernel Use After FreeremoteWindows_x86
2019-11-18nipper-ng 0.11.10 - Remote Buffer Overflow (PoC)remoteLinux
2019-11-12eMerge E3 Access Controller 4.6.07 - Remote Code ExecutionremoteHardware
2019-11-12eMerge E3 Access Controller 4.6.07 - Remote Code Execution (Metasploit)remoteHardware
2019-11-12CBAS-Web 19.0.0 - Information DisclosureremoteHardware
2019-11-08rConfig - install Command Execution (Metasploit)remoteLinux
2019-11-04Ayukov NFTP client 1.71 - 'SYST' Buffer OverflowremoteWindows
2019-11-01Nostromo - Directory Traversal Remote Command Execution (Metasploit)remoteMultiple
2019-10-31MikroTik RouterOS 6.45.6 - DNS Cache PoisoningremoteHardware
2019-10-29Win10 MailCarrier 2.51 - 'POP3 User' Remote Buffer OverflowremoteWindows
2019-10-29Microsoft Windows Server 2012 - 'Group Policy' Remote Code ExecutionremoteWindows
2019-10-29Microsoft Windows Server 2012 - 'Group Policy' Security Feature BypassremoteWindows
2019-10-22Total.js CMS 12 - Widget JavaScript Code Injection (Metasploit)remoteMultiple
2019-10-22Moxa EDR-810 - Command Injection / Information DisclosureremoteHardware
2019-10-17ThinVNC 1.0b1 - Authentication BypassremoteWindows
2019-10-16Whatsapp 2.19.216 - Remote Code ExecutionremoteAndroid
2019-10-15Podman & Varlink 1.5.1 - Remote Code ExecutionremoteLinux
2019-10-07freeFTP 1.0.8 - 'PASS' Remote Buffer OverflowRemoteWindows
2019-10-02DOUBLEPULSAR - Payload Execution and Neutralization (Metasploit)RemoteWindows
2019-09-30Cisco Small Business 220 Series - Multiple VulnerabilitiesRemoteHardware
2019-09-30GoAhead 2.5.0 - Host Header InjectionRemoteMultiple
2019-09-24Microsoft Windows - BlueKeep RDP Remote Windows Kernel Use After Free (Metasploit)RemoteWindows
2019-09-24File Sharing Wizard 1.5.0 - POST SEH OverflowRemoteWindows
2019-09-23HPE Intelligent Management Center < 7.3 E0506P09 - Information DisclosureRemotewatchOS
2019-09-23Hisilicon HiIpcam V100R003 Remote ADSL - Credentials DisclosureRemoteHardware
2019-09-16Inteno IOPSYS Gateway - Improper Access RestrictionsRemoteHardware
2019-09-10October CMS - Upload Protection Bypass Code Execution (Metasploit)RemotePHP
2019-09-10LibreNMS - Collectd Command Injection (Metasploit)RemoteLinux
2019-09-06FusionPBX 4.4.8 - Remote Code ExecutionRemoteLinux
2019-09-06Pulse Secure 8.1R15.1/8.2/8.3/9.0 SSL VPN - Remote Code ExecutionRemoteMultiple
2019-09-05AwindInc SNMP Service - Command Injection (Metasploit)RemoteLinux
2019-09-03Cisco RV110W/RV130(W)/RV215W Routers Management Interface - Remote Command Execution (Metasploit)RemoteHardware
2019-09-03Cisco Data Center Network Manager - Unauthenticated Remote Code Execution (Metasploit)RemoteJava
2019-09-03Cisco UCS Director - default scpuser password (Metasploit)RemoteUnix
2019-09-02IntelBras TELEFONE IP TIP200/200 LITE 60.61.75.15 - Arbitrary File ReadRemoteHardware
2019-09-02Cisco Email Security Appliance (IronPort) C160 - 'Host' Header InjectionRemoteHardware
2019-08-20QEMU - Denial of ServiceRemoteLinux
2019-08-21Cisco UCS Director, Cisco Integrated Management Controller Supervisor and Cisco UCS Director Express for Big Data - Multiple VulnerabilitiesRemoteMultiple
2019-08-21LibreOffice < 6.2.6 Macro - Python Code Execution (Metasploit)RemoteMultiple
2019-08-14Agent Tesla Botnet - Arbitrary Code Execution (Metasploit)RemotePHP
2019-08-13AZORult Botnet - SQL InjectionRemotePHP
2019-08-13Agent Tesla Botnet - Arbitrary Code ExecutionRemotePHP
2019-08-12Webmin 1.920 - Unauthenticated Remote Code Execution (Metasploit)RemoteLinux
2019-08-12ManageEngine OpManager 12.4x - Unauthenticated Remote Command Execution (Metasploit)RemoteMultiple
2019-08-12ManageEngine Application Manager 14.2 - Privilege Escalation / Remote Command Execution (Metasploit)RemoteMultiple
2019-08-12ManageEngine OpManager 12.4x - Privilege Escalation / Remote Command Execution (Metasploit)RemoteMultiple
2019-08-08Baldr Botnet Panel - Arbitrary Code Execution (Metasploit)RemotePHP
2019-08-05ARMBot Botnet - Arbitrary Code ExecutionRemoteMultiple
2019-08-05Apache Tika 1.15 - 1.17 - Header Command Injection (Metasploit)RemoteWindows
2019-07-30Redis 4.x / 5.x - Unauthenticated Code Execution (Metasploit)RemoteLinux
2019-07-29WordPress Plugin Database Backup < 5.2 - Remote Code Execution (Metasploit)RemotePHP
2019-07-29Schneider Electric Pelco Endura NET55XX Encoder - Authentication Bypass (Metasploit)RemoteUnix
2019-07-24Trend Micro Deep Discovery Inspector IDS - Security BypassRemoteMultiple
2019-07-19MAPLE Computer WBT SNMP Administrator 2.0.195.15 - Remote Buffer Overflow (EggHunter)RemoteWindows_x86
2019-07-17MAPLE Computer WBT SNMP Administrator 2.0.195.15 - Remote Buffer OverflowRemoteWindows
2019-07-16PHP Laravel Framework 5.5.40 / 5.6.x < 5.6.30 - token Unserialize Remote Command Execution (Metasploit)RemoteLinux
2019-07-12Xymon 4.3.25 - useradm Command Execution (Metasploit)RemoteMultiple
2019-07-07Apache mod_ssl < 2.8.7 OpenSSL - 'OpenFuckV2.c' Remote Buffer Overflow (2)RemoteUnix
2019-07-05Microsoft Exchange 2003 - base64-MIME Remote Code ExecutionRemoteWindows
2019-07-03Apache Tomcat - CGIServlet enableCmdLineArguments Remote Code Execution (Metasploit)RemoteWindows
2019-07-01FaceSentry Access Control System 6.4.8 - Remote SSH RootRemoteHardware
2019-07-01Linux Mint 18.3-19.1 - 'yelp' Command Injection (Metasploit)RemoteLinux
2019-06-26Nagios XI 5.5.6 - Magpie_debug.php Root Remote Code Execution (Metasploit)RemoteLinux
2019-06-25SAPIDO RB-1732 - Remote Command ExecutionRemoteHardware
2019-06-25SuperDoctor5 - 'NRPE' Remote Code ExecutionRemoteMultiple
2019-06-21EA Origin < 10.5.38 - Remote Code ExecutionRemoteWindows
2019-06-20Cisco Prime Infrastructure Health Monitor - TarArchive Directory Traversal (Metasploit)RemoteLinux
2019-06-17AROX School-ERP Pro - Unauthenticated Remote Command Execution (Metasploit)RemotePHP
2019-06-11Webmin 1.910 - 'Package Updates' Remote Command Execution (Metasploit)RemoteLinux
2019-06-05Exim 4.87 < 4.91 - (Local / Remote) Command ExecutionRemoteLinux
2019-06-05LibreNMS - addhost Command Injection (Metasploit)RemoteLinux
2019-06-05IBM Websphere Application Server - Network Deployment Untrusted Data Deserialization Remote Code Execution (Metasploit)RemoteWindows
2019-06-04Cisco RV130W 1.0.3.44 - Remote Stack OverflowRemoteHardware
2019-06-04NUUO NVRMini 2 3.9.1 - 'sscanf' Stack OverflowRemoteHardware
2019-05-29Oracle Application Testing Suite - WebLogic Server Administration Console War Deployment (Metasploit)RemoteJava
2019-05-28Petraware pTransformer ADC < 2.1.7.22827 - Login BypassRemoteWindows
2019-05-27Typora 0.9.9.24.6 - Directory TraversalRemotemacOS
2019-05-24Microsoft Internet Explorer Windows 10 1809 17763.316 - Scripting Engine Memory CorruptionRemoteWindows
2019-05-23Shopware - createInstanceFromNamedArguments PHP Object Instantiation Remote Code Execution (Metasploit)RemotePHP
2019-05-20GetSimpleCMS - Unauthenticated Remote Code Execution (Metasploit)RemotePHP
2019-05-14PHP-Fusion 9.03.00 - 'Edit Profile' Remote Code Execution (Metasploit)RemotePHP
2019-05-08Oracle Weblogic Server - 'AsyncResponseService' Deserialization Remote Code Execution (Metasploit)RemoteMultiple
2019-05-08PostgreSQL 9.3 - COPY FROM PROGRAM Command Execution (Metasploit)RemoteMultiple
2019-05-08Google Chrome 72.0.3626.119 - 'FileReader' Use-After-Free (Metasploit)RemoteWindows_x86
2019-05-08Lotus Domino 8.5.3 - 'EXAMINE' Stack Buffer Overflow DEP/ASLR Bypass (NSA's EMPHASISMINE)RemoteWindows
2019-05-06Xitami Web Server 2.5 - Remote Buffer Overflow (SEH + Egghunter)RemoteWindows
2019-05-06LG Supersign EZ CMS - Remote Code Execution (Metasploit)RemoteHardware
2019-05-03Blue Angel Software Suite - Command ExecutionRemoteLinux
2019-05-03Windows PowerShell ISE - Remote Code ExecutionRemoteWindows
2019-05-02Ruby On Rails - DoubleTap Development Mode secret_key_base Remote Code Execution (Metasploit)RemoteLinux
2019-04-30Pimcore < 5.71 - Unserialize Remote Code Execution (Metasploit)RemotePHP
2019-04-30AIS logistics ESEL-Server - Unauthenticated SQL Injection Remote Code Execution (Metasploit)RemoteWindows
2019-04-30Moodle 3.6.3 - 'Install Plugin' Remote Command Execution (Metasploit)RemotePHP
2019-04-30Freefloat FTP Server 1.0 - 'STOR' Remote Buffer OverflowRemoteWindows
2019-04-30Freefloat FTP Server 1.0 - 'SIZE' Remote Buffer OverflowRemoteWindows
2019-04-24Google Chrome 72.0.3626.121 / 74.0.3725.0 - 'NewFixedDoubleArray' Integer OverflowRemoteMultiple
2019-04-22ManageEngine Applications Manager 14.0 - Authentication Bypass / Remote Command Execution (Metasploit)RemoteMultiple
2019-04-19Atlassian Confluence Widget Connector Macro - Velocity Template Injection (Metasploit)RemoteMultiple
2019-04-18ManageEngine Applications Manager 11.0 < 14.0 - SQL Injection / Remote Code Execution (Metasploit)RemoteWindows
2019-04-17MailCarrier 2.51 - POP3 'RETR' SEH Buffer OverflowRemoteWindows
2019-04-15Cisco RV130W Routers - Management Interface Remote Command Execution (Metasploit)RemoteHardware
2019-04-15MailCarrier 2.51 - POP3 'TOP' SEH Buffer OverflowRemoteWindows
2019-04-15MailCarrier 2.51 - POP3 'LIST' SEH Buffer OverflowRemoteWindows
2019-04-15MailCarrier 2.51 - POP3 'USER' Buffer OverflowRemoteWindows
2019-04-15CuteNews 2.1.2 - 'avatar' Remote Code Execution (Metasploit)RemotePHP
2019-04-15RemoteMouse 3.008 - Arbitrary Remote Command ExecutionRemoteWindows
2019-04-15MailCarrier 2.51 - 'RCPT TO' Buffer OverflowRemoteWindows
2019-04-12Zimbra Collaboration - Autodiscover Servlet XXE and ProxyServlet SSRF (Metasploit)RemoteLinux
2019-04-09Apache Axis 1.4 - Remote Code ExecutionRemoteMultiple
2019-04-09TP-LINK TL-WR940N / TL-WR941ND - Buffer OverflowRemoteHardware
2019-02-27PHP 7.2 - 'imagecolormatch()' Out of Band Heap WriteRemotePHP
2019-04-08QNAP Netatalk < 3.1.12 - Authentication BypassRemoteMultiple
2019-04-05WordPress 5.0.0 - Crop-image Shell Upload (Metasploit)RemotePHP
2019-04-03Cisco RV320 and RV325 - Unauthenticated Remote Code Execution (Metasploit)RemoteHardware
2019-04-03Google Chrome 72.0.3626.96 / 74.0.3702.0 - 'JSPromise::TriggerPromiseReactions' Type ConfusionRemoteMultiple
2019-04-03PhreeBooks ERP 5.2.3 - Remote Command ExecutionRemotePython
2019-04-03TeemIp IPAM < 2.4.0 - 'new_config' Command Injection (Metasploit)RemotePHP
2019-03-28Oracle Weblogic Server Deserialization RCE - Raw Object (Metasploit)RemoteMultiple
2019-03-28CMS Made Simple (CMSMS) Showtime2 - File Upload Remote Code Execution (Metasploit)RemotePHP
19.03.2019Jenkins 2.137 and Pipeline Groovy Plugin 2.61 - ACL Bypass and Metaprogramming RCE (Metasploit)remoteJava
18.03.2019BMC Patrol Agent - Privilege Escalation Code Execution Execution (Metasploit)remoteMultiple
15.03.2019Mail Carrier 2.5.1 - 'MAIL FROM' Buffer OverflowremoteWindows
14.03.2019FTPGetter Standard 5.97.0.177 - Remote Code ExecutionremoteWindows
14.03.2019Apache UNO / LibreOffice Version: 6.1.2 / OpenOffice 4.1.6 API - Remote Code ExecutionremoteMultiple
13.03.2019elFinder PHP Connector < 2.1.48 - exiftran Command Injection (Metasploit)remotePHP
13.03.2019Apache Tika-server < 1.18 - Command InjectionremoteWindows
07.03.2019QNAP TS-431 QTS < 4.2.2 - Remote Command Execution (Metasploit)remoteHardware
07.03.2019Imperva SecureSphere 13.x - 'PWS' Command Injection (Metasploit)remoteLinux
07.03.2019Drupal < 8.5.11 / < 8.6.10 - RESTful Web Services unserialize() Remote Command Execution (Metasploit)remotePHP
28.02.2019Alcatel-Lucent (Nokia) GPON I-240W-Q - Buffer OverflowremoteHardware
22.02.2019Nuuo Central Management - (Authenticated) SQL Server SQL Injection (Metasploit)remoteWindows
21.02.2019MikroTik RouterOS < 6.43.12 (stable) / < 6.42.12 (long-term) - Firewall and NAT BypassremoteHardware
20.02.2019Belkin Wemo UPnP - Remote Code Execution (Metasploit)remoteHardware
18.02.2019mIRC < 7.55 - 'Custom URI Protocol Handlers' Remote Command ExecutionremoteWindows
11.02.2019Adobe Flash Player - DeleteRangeTimelineOperation Type Confusion (Metasploit)remoteOSX
11.02.2019NUUO NVRmini - upgrade_handle.php Remote Command Execution (Metasploit)remotePHP
11.02.2019Indusoft Web Studio 8.1 SP2 - Remote Code ExecutionremoteMultiple
28.01.2019CloudMe Sync 1.11.2 Buffer Overflow - WoW64 (DEP Bypass)remoteWindows_x86-64
24.01.2019Ghostscript 9.26 - Pseudo-Operator Remote Code ExecutionremoteLinux
22.01.2019CloudMe Sync 1.11.2 - Buffer Overflow + EgghuntremoteWindows
22.01.2019Microsoft Windows VCF or Contact' File - URL Manipulation-Spoof Arbitrary Code ExecutionremoteWindows
21.01.2019GattLib 0.2 - Stack Buffer OverflowremoteLinux
18.01.2019Webmin 1.900 - Remote Command Execution (Metasploit)remoteCGI
18.01.2019SCP Client - Multiple Vulnerabilities (SSHtranger Things)remoteMultiple
14.01.2019Hootoo HT-05 - Remote Code Execution (Metasploit)remoteHardware
11.01.2019OpenSSH SCP Client - Write Arbitrary FilesremoteMultiple
07.01.2019Mailcleaner - (Authenticated) Remote Code Execution (Metasploit)remotePython
02.01.2019Hashicorp Consul - Remote Command Execution via Rexec (Metasploit)remoteLinux
02.01.2019Hashicorp Consul - Remote Command Execution via Services API (Metasploit)remoteLinux