Tag: 112

osTicket 1.12 – Formula Injection
remote code execution

osTicket 1.12 – Formula Injection

- Exploit Details # Exploit Title: osTicket-v1.12 Formula Injection # Vendor Homepage: //osticket.com/ # Software Link: //osticket.com/download/ # Exploit Author: Aishwarya Iyer # Contact: //twitter.com/aish_9524 ... Read More

DDoS Exploit, Denial of Service

osTicket 1.12 – Persistent Cross-Site Scripting via File Upload

- Exploit Details # Exploit Title: osTicket-v1.12 Stored XSS via File Upload # Vendor Homepage: //osticket.com/ # Software Link: //osticket.com/download/ # Exploit Author: Aishwarya Iyer ... Read More

Local - Privilege Escalation Exploits, Local Exploit

osTicket 1.12 – Persistent Cross-Site Scripting

- Exploit Details # Exploit Title: osTicket-v1.12 Stored XSS # Vendor Homepage: //osticket.com/ # Software Link: //osticket.com/download/ # Exploit Author: Aishwarya Iyer # Contact: //twitter.com/aish_9524 ... Read More

Local - Privilege Escalation Exploits, Local Exploit

i-doit 1.12 – ‘qr.php’ Cross-Site Scripting

- Exploit Details # Exploit Title: i-doit 1.12 Cross Site Scripting on qr.php file # Date: 28-03-2019 # Software Link: //www.i-doit.org/ # Version: 1.12 # ... Read More

DDoS Exploit, Denial of Service

Base64 Decoder 1.1.2 – Local Buffer Overflow (SEH Egghunter)

- Exploit Details #!/usr/bin/env python # Exploit Title: Base64 Decoder 1.1.2 Local Buffer Overflow (SEH) + Egghunter # Date: 28.03.2019 # Exploit Author: Paolo Perego ... Read More

Local - Privilege Escalation Exploits, Local Exploit

LayerBB 1.1.2 – Cross-Site Scripting

- Exploit Details # Exploit Title: LayerBB 1.1.2 - Cross-Site Scripting # Date: 11/19/2018 # Author: 0xB9 # Twitter: @0xB9Sec # Contact: 0xB9pm.me # Software ... Read More

remote code execution

NTPsec 1.1.2 – ‘ntp_control’ Authenticated NULL Pointer Dereference (PoC)

- Exploit Details #!/usr/bin/env python # Exploit Title: ntpsec 1.1.2 authenticated NULL pointer exception Proof of concept # Bug Discovery: Magnus Klaaborg Stubman (@magnusstubman) # ... Read More

DDoS Exploit, Denial of Service

i-doit CMDB 1.12 – Arbitrary File Download

- Exploit Details # Exploit Title: i-doit CMDB 1.12 - Arbitrary File Download # Dork: N/A # Date: 2019-01-11 # Exploit Author: Ihsan Sencan # ... Read More

remote code execution

i-doit CMDB 1.12 – SQL Injection

- Exploit Details # Exploit Title: i-doit CMDB 1.12 - SQL Injection # Dork: N/A # Date: 2019-01-11 # Exploit Author: Ihsan Sencan # Vendor ... Read More