MyBB 1.8.13 – Remote Code Execution + Cross-Site Scripting Vulnerability Exploit Code Proof of Concept

 

# Exploit Title: RCE in MyBB up to 1.8.13 via installer # Date: Found on 05-29-2017 # Exploit Author: Pablo Sacristan # Vendor Homepage: https://mybb.com/ # Version: Version > 1.8.13 (Fixed in 1.8.13) # CVE : CVE-2017-16780 This RCE can be executed via CSRF but doesn’t require it (in some special cases). The requirements are… Read More »

Share Button

Eir D1000 Wireless Router – WAN Side Remote Command Injection Exploit

 

     # Exploit Title: Eir D1000 Wireless Router – WAN Side Remote Command Injection # Date: 7th November 2016 # Exploit Author: Kenzo # Website: https://devicereversing.wordpress.com # Tested on Firmware version: 2.00(AADU.5)_20150909 # Type: Webapps # Platform: Hardware   Description =========== By sending certain TR-064 commands, we can instruct the modem to open port… Read More »

Share Button

VoIP SIP Based Audit and Attack Tool DDoS Scanning Pen Testing Download

 

      SIP-Based Audit and Attack Tool Mr.SIP is a tool developed to audit and simulate SIP-based attacks. Originally it was developed to be used in academic work to help developing novel SIP-based DDoS attacks and defense approaches and then as an idea to convert it to a fully functional SIP-based penetration testing tool,… Read More »

Share Button

D-Link DIR-850L – Unauthenticated OS Command Execution Vulnerability RCE Router

 

 D-Link DIR-850L suffers from a serious vulnerability allowing for OS command execution, if you have this version of D-Link it is highly recommended that you upgrade the firmware immediately and firewall off all access to this device. This will not help you prevent insider threats but will stop the masses from locating and owning your… Read More »

Share Button

Malwarebytes for Home | Anti-Malware Premium | Free Trial Download


Spy Cameras