Business Directory Plugin < 5.11.2 - Arbitrary Listing Export

The plugin suffered from a Cross-Site Request Forgery issue, allowing an attacker to make a logged in administrator export files, which could then be downloaded by the attacker to get access to PII, such as email, home addresses etc The state is base64 encoded and will need to be adapted to the...

DMA Radius Manager 4.4.0 - Cross-Site Request Forgery (CSRF)

Exploit Title: DMA Radius Manager 4.4.0 - Cross-Site Request Forgery CSRF Date: April 8, 2021 04/08/2021 Exploit Author: Issac Briones Vendor Homepage: http://www.dmasoftlab.com/ Software Download: https://sourceforge.net/projects/radiusmanager/ Version: 4.4.0 CVE: CVE-2021-30147 input type="...

OpenCMS 11.0.2 Cross Site Request Forgery / Open Redirection Vulnerability

OpenCMS v11.0.2 -------------------------------------------------------------------------------------------------------------------------------------------------- CSRF - Login page vulnerable https://vulnerablehost.com/system/login - CSRF needs valid JSESSIONID to work, maybe logged Admin user...

Froala 3.2.6-1 Cross Site Scripting Vulnerability

Exploit Title: Stored XSS and Html Code Injection Editor Froala Version 3.2.6-1 Author: Vincent666 ibn Winnie Software Link: https://froala.com/wysiwyg-editor/ Tested on: Windows 10 Web Browser: Mozilla Firefox My Youtube Channel: https://www.youtube.com/channel/UCZOWpC2dW9sipPq5z63C2rQ PoC: In t...

OpenCMS 11.0.2 Cross Site Request Forgery / Open Redirection

OpenCMS v11.0.2 -------------------------------------------------------------------------------------------------------------------------------------------------- CSRF - Login page vulnerable https://vulnerablehost.com/system/login - CSRF needs valid JSESSIONID to work, maybe logged Admin user...

Cemetry Mapping and Information System 1.0 - &#039;user_email&#039; Sql Injection (Authentication Bypass)

Exploit Title: Cemetry Mapping and Information System 1.0 - 'useremail' Sql Injection Authentication Bypass Exploit Author: Marco Catalano Date: 2021-01-25 Vendor Homepage: https://www.sourcecodester.com/php/12779/cemetery-mapping-and-information-system-using-phpmysqli.html Software Link:...

Klog Server 2.4.1 Command Injection

Exploit Title: Klog Server 2.4.1 - Command Injection Unauthenticated Date: 22.12.2020 Exploit Author: b3kc4t Mustafa GUNDOGDU Vendor Homepage: https://www.klogserver.com/ Version: 2.4.1 Tested On: Ubuntu 18.04 CVE: 2020-35729 Description:...

CVE-2020-20299

WeiPHP 5.0 does not properly restrict access to pages, related to using POST...

WordPress Heroic Knowledge Base 3.0.1 SQL Injection

Exploit Title : wordpress Heroic Knowledge Base Plugin = 3.0.1 - sql injection Exploit Author : begininvoke Exploit Date : 2020-11-29 Vendor Homepage : https://herothemes.com + Proof Of Concept: ===================== Parameters id is vulnerable Methode POST POST /wp-admin/admin-ajax.php HTTP/1.1...

Joomla Publisher 3.0.19 Cross Site Scripting

Exploit Title: Joomla Publisher V 3.0.19 Stored XSS Date: 03.11.2020 Author: Vincent666 ibn Winnie Software Link: https://publisher.ijoomla.com/demo Tested on: Windows 10 Web Browser: Mozilla Firefox Blog : https://pentest.vincent.blogspot.com/ PoC:...

CVE-2020-24626

Unathenticated directory traversal in the ReceiverServlet class doPost method can lead to arbitrary remote code execution in HPE Pay Per Use PPU Utility Computing Service UCS Meter version 1.9...

KeeWeb 1.14.0 HTML Injection

Document Title: =============== KeeWeb v1.14.0 - Notes Html Inject Web Vulnerability References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2237 Release Date: ============= 2020-05-06 Vulnerability Laboratory ID VL-ID: ==================================== 2237...

hits script 1.0 - (item_name) SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: hits script 1.0 - 'itemname' SQL Injection Exploit Author: SajjadBnd Vendor Homepage: https://hits.ir Software Link: http://dl.persianscript.ir/script/hitsir-script-persian%28PersianScript.ir%29.zip Software Linkmirror:...

Directory traversal

An issue was discovered in Gigamon GigaVUE 5.5.01.11. The upload functionality allows an authenticated user to change the filename value in the POST method from the original filename to achieve directory traversal via a ../ sequence and, for example, obtain a complete directory listing of the...

Phpgurukul User Registration 2.0 Cross Site Scripting

Document Title: =============== Phpgurukul User Registration v2.0 - Multiple Vulnerabilities References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2216 Release Date: ============= 2020-04-20 Vulnerability Laboratory ID VL-ID:...

Phpgurukul User Registration v2.0 - Multiple Vulnerabilities

Document Title: =============== Phpgurukul User Registration v2.0 - Multiple Vulnerabilities References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2216 Release Date: ============= 2020-04-19 Vulnerability Laboratory ID VL-ID:...

TAO Open Source Assessment Platform 3.3.0 RC02 Cross Site Scripting

Document Title: =============== TAO Open Source Assessment Platform v3.3.0 RC02 - Multiple Web Vulnerabilities References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2215 Release Date: ============= 2020-04-16 Vulnerability Laboratory ID VL-ID:...

WSO2 API Manager Carbon Interface 3.0.0 File Delete

Document Title: =============== WOS2 API ManagerDelete Extension Arbitrary File DeletePath traversal CVE not assigned yet Author : Raki Ben Hamouda Security Update : https://apim.docs.wso2.com/en/latest/ Common Vulnerability Scoring System: ==================================== 8.5 Affected...

WSO2 3.1.0 - Arbitrary File Delete

Title: WSO2 3.1.0 - Arbitrary File Delete Date: 2020-04-12 Author: raki ben hamouda Vendor: https://apim.docs.wso2.com Softwrare link: https://apim.docs.wso2.com/en/latest/ CVE: N/A Document Title: =============== WOS2 API ManagerDelete Extension Arbitrary File DeletePath traversal CVE not assign...

Virtual Freer 1.58 - Remote Command Execution Exploit

Exploit for php platform in category web applications Exploit title : Virtual Freer 1.58 - Remote Command Execution Exploit Author : SajjadBnd Vendor Homepage : http://freer.ir/virtual/ Software Link : http://www.freer.ir/virtual/download.php?action=get Software Linkmirror :...