DB: 2023-06-08
2 changes to exploits/shellcodes/ghdb Apache 2.4.x - Buffer Overflow Yahoo User Interface library (YUI2) TreeView v2.8.2 - Multiple Reflected Cross Site Scripting (XSS) USB Flash Drives Control 4.1.0.0 - Unquoted Service Path
This commit is contained in:
Exploit-DB
parent
ccfd0c515d
commit
12f9039552
2 changed files with 39 additions and 2 deletions
36
exploits/windows/local/51508.txt
Normal file
36
exploits/windows/local/51508.txt
Normal file
|
|
@ -0,0 +1,36 @@
|
|||
# Exploit Title: USB Flash Drives Control 4.1.0.0 - Unquoted Service Path
|
||||
# Date: 2023-31-05
|
||||
# Exploit Author: Jeffrey Bencteux
|
||||
# Vendor Homepage: https://binisoft.org/
|
||||
# Software Link: https://binisoft.org/wfc
|
||||
# Version: 4.1.0.0
|
||||
# Tested on: Microsoft Windows 11 Pro
|
||||
# Vulnerability Type: Unquoted Service Path
|
||||
|
||||
PS C:\> wmic service get name,displayname,pathname,startmode |findstr /i
|
||||
"auto" |findstr /i /v "c:\windows"
|
||||
USB Flash Drives Control usbcs C:\Program Files\USB Flash
|
||||
Drives Control\usbcs.exe Auto
|
||||
|
||||
PS C:\> sc.exe qc usbcs
|
||||
[SC] QueryServiceConfig SUCCESS
|
||||
|
||||
SERVICE_NAME: usbcs
|
||||
TYPE : 10 WIN32_OWN_PROCESS
|
||||
START_TYPE : 2 AUTO_START
|
||||
ERROR_CONTROL : 1 NORMAL
|
||||
BINARY_PATH_NAME : C:\Program Files\USB Flash Drives
|
||||
Control\usbcs.exe
|
||||
LOAD_ORDER_GROUP :
|
||||
TAG : 0
|
||||
DISPLAY_NAME : USB Flash Drives Control
|
||||
DEPENDENCIES :
|
||||
SERVICE_START_NAME : LocalSystem
|
||||
|
||||
PS C:\> systeminfo
|
||||
OS Name: Microsoft Windows 11 Pro
|
||||
OS Version: 10.0.22621 N/A Build 22621
|
||||
OS Manufacturer: Microsoft Corporation
|
||||
|
||||
--
|
||||
Jeffrey BENCTEUX
|
||||
|
|
@ -11544,7 +11544,7 @@ id,file,description,date_published,author,type,platform,port,date_added,date_upd
|
|||
35786,exploits/multiple/webapps/35786.txt,"Ansible Tower 2.0.2 - Multiple Vulnerabilities",2015-01-14,"SEC Consult",webapps,multiple,80,2015-01-14,2015-01-14,0,OSVDB-116965;OSVDB-116964;OSVDB-116963;OSVDB-116962;OSVDB-116961;OSVDB-116960;OSVDB-116959;CVE-2015-1482;CVE-2015-1481;CVE-2015-1368,,,,,
|
||||
44220,exploits/multiple/webapps/44220.txt,"antMan < 0.9.1a - Authentication Bypass",2018-03-02,"Joshua Bowser",webapps,multiple,,2018-03-02,2018-03-09,0,CVE-2018-7739,,,,,
|
||||
50267,exploits/multiple/webapps/50267.txt,"Antminer Monitor 0.5.0 - Authentication Bypass",2021-09-06,Vulnz,webapps,multiple,,2021-09-06,2021-09-06,0,,,,,http://www.exploit-db.comantminer-monitor-0.5.0.zip,
|
||||
51193,exploits/multiple/webapps/51193.py,"Apache 2.4.x - Buffer Overflow",2023-04-01,"Sunil Iyengar",webapps,multiple,,2023-04-01,2023-04-01,0,CVE-2021-44790,,,,,
|
||||
51193,exploits/multiple/webapps/51193.py,"Apache 2.4.x - Buffer Overflow",2023-04-01,"Sunil Iyengar",webapps,multiple,,2023-04-01,2023-06-07,1,CVE-2021-44790,,,,,
|
||||
49927,exploits/multiple/webapps/49927.py,"Apache Airflow 1.10.10 - 'Example Dag' Remote Code Execution",2021-06-02,"Pepe Berba",webapps,multiple,,2021-06-02,2021-06-02,0,CVE-2020-13927;CVE-2020-11978,,,,,
|
||||
15710,exploits/multiple/webapps/15710.txt,"Apache Archiva 1.0 < 1.3.1 - Cross-Site Request Forgery",2010-12-09,"Anatolia Security",webapps,multiple,,2010-12-09,2010-12-09,1,CVE-2010-3449,,,,,http://www.anatoliasecurity.com/adv/as-adv-2010-001.txt
|
||||
12689,exploits/multiple/webapps/12689.txt,"Apache Axis2 Administration Console - (Authenticated) Cross-Site Scripting",2010-05-21,"Richard Brain",webapps,multiple,,2010-05-20,2016-12-19,0,OSVDB-64844;CVE-2010-2103,,,,,
|
||||
|
|
@ -34120,7 +34120,7 @@ id,file,description,date_published,author,type,platform,port,date_added,date_upd
|
|||
8066,exploits/php/webapps/8066.txt,"YACS CMS 8.11 - 'update_trailer.php' Remote File Inclusion",2009-02-16,ahmadbady,webapps,php,,2009-02-15,2017-02-13,1,OSVDB-52041,,,,,
|
||||
44424,exploits/php/webapps/44424.txt,"Yahei PHP Prober 0.4.7 - Cross-Site Scripting",2018-04-09,ManhNho,webapps,php,,2018-04-09,2018-04-09,0,CVE-2018-9238,"Cross-Site Scripting (XSS)",,,http://www.exploit-db.comtz_e.zip,
|
||||
7131,exploits/php/webapps/7131.txt,"yahoo answers - 'id' SQL Injection",2008-11-16,snakespc,webapps,php,,2008-11-15,2017-01-02,1,OSVDB-49906;CVE-2008-5490,,,,,
|
||||
51198,exploits/php/webapps/51198.txt,"Yahoo User Interface library (YUI2) TreeView v2.8.2 - Multiple Reflected Cross Site Scripting (XSS)",2023-04-01,"SITE Team",webapps,php,,2023-04-01,2023-04-01,0,CVE-2022-48197,,,,,
|
||||
51198,exploits/php/webapps/51198.txt,"Yahoo User Interface library (YUI2) TreeView v2.8.2 - Multiple Reflected Cross Site Scripting (XSS)",2023-04-01,"SITE Team",webapps,php,,2023-04-01,2023-06-07,1,CVE-2022-48197,,,,,
|
||||
13845,exploits/php/webapps/13845.txt,"Yamamah - 'news' SQL Injection / Source Code Disclosure",2010-06-12,anT!-Tr0J4n,webapps,php,,2010-06-11,2016-10-27,0,CVE-2010-2336;CVE-2010-2335;CVE-2010-2334;CVE-2010-1300;OSVDB-65648;OSVDB-65479;OSVDB-63344,,,,http://www.exploit-db.comyamamah_v1.rar,
|
||||
13849,exploits/php/webapps/13849.txt,"Yamamah 1.0 - SQL Injection",2010-06-12,TheMaStEr,webapps,php,,2010-06-11,,1,CVE-2010-1300,,,,http://www.exploit-db.comyamamah_v1.rar,
|
||||
11947,exploits/php/webapps/11947.txt,"Yamamah 1.00 - Multiple Vulnerabilities",2010-03-30,indoushka,webapps,php,,2010-03-29,,0,OSVDB-63344;CVE-2010-2335;CVE-2010-1300,,,,http://www.exploit-db.comyamamah_v1.rar,
|
||||
|
|
@ -41409,6 +41409,7 @@ id,file,description,date_published,author,type,platform,port,date_added,date_upd
|
|||
12469,exploits/windows/local/12469.rb,"Urgent Backup 3.20 / ABC Backup Pro 5.20 / ABC Backup 5.50 - '.zip' File (SEH)",2010-04-30,Lincoln,local,windows,,2010-04-29,,1,OSVDB-64213;CVE-2010-1686,,,,http://www.exploit-db.comabcbackupprosetup.exe,http://www.corelan.be:8800/advisories.php?id=CORELAN-10-034
|
||||
19323,exploits/windows/local/19323.c,"URL Hunter - Local Buffer Overflow (DEP Bypass)",2012-06-21,Ayrbyte,local,windows,,2012-06-21,2012-06-25,1,OSVDB-83362,,,http://www.exploit-db.com/screenshots/idlt19500/urlhunter.png,http://www.exploit-db.comurlhuntersetup.exe,
|
||||
16645,exploits/windows/local/16645.rb,"URSoft W32Dasm 8.93 - Disassembler Function Buffer Overflow (Metasploit)",2010-09-25,Metasploit,local,windows,,2010-09-25,2011-03-10,1,CVE-2005-0308;OSVDB-13169,"Metasploit Framework (MSF)",,,,
|
||||
51508,exploits/windows/local/51508.txt,"USB Flash Drives Control 4.1.0.0 - Unquoted Service Path",2023-06-07,"Jeffrey Bencteux",local,windows,,2023-06-07,2023-06-07,0,,,,,,
|
||||
41542,exploits/windows/local/41542.c,"USBPcap 1.1.0.0 (WireShark 2.2.5) - Local Privilege Escalation",2017-03-07,"Parvez Anwar",local,windows,,2017-03-07,2017-03-15,0,CVE-2017-6178,,,,,
|
||||
39888,exploits/windows/local/39888.txt,"Valve Steam 3.42.16.13 - Local Privilege Escalation",2016-06-06,"Gregory Smiley",local,windows,,2016-06-06,2016-06-06,0,CVE-2016-5237,,,,,
|
||||
17459,exploits/windows/local/17459.txt,"Valve Steam Client Application 1559/1559 - Local Privilege Escalation",2011-06-29,LiquidWorm,local,windows,,2011-06-29,2011-06-29,0,,,,,,http://www.zeroscience.mk/en/vulnerabilities/ZSL-2011-5022.php
|
||||
|
|
|
|||
|
Can't render this file because it is too large.
|
Loading…
Add table
Reference in a new issue