2118 matches found
Online Traffic Offense Management System 1.0 - Multiple RCE (Unauthenticated)
Exploit Title: Online Traffic Offense Management System 1.0 - Multiple RCE Unauthenticated Date: 07/10/2021 Exploit Author: Hubert Wojciechowski Contact Author: [email protected] Vendor Homepage: https://www.sourcecodester.com Software Link:...
Church Management System 1.0 SQL Injection / Code Execution
Exploit Title: Church Management System 1.0 - Authentication Bypass via SQLi + RCE Date: 21.09.2021 Exploit Author: Janik Wehrli Vendor Homepage: https://www.sourcecodester.com/php/14949/church-management-system-cms-website-using-php-source-code.html Software Link:...
Budget and Expense Tracker System 1.0 - Remote Code Execution (Unauthenticated) Exploit
Exploit Title: Budget and Expense Tracker System 1.0 - Remote Code Execution RCE Unauthenticated Exploit Author: Abdullah Khawaja hax.3xploit Vendor Homepage: https://www.sourcecodester.com/php/14893/budget-and-expense-tracker-system-php-free-source-code.html Software Link:...
Church Management System 1.0 Shell Upload
Exploit Title: Church Management System CMS-Website - Unauthenticated RCE Exploit Author: Abdullah Khawaja Date: 2021-09-17 Vendor Homepage: https://www.sourcecodester.com/php/14949/church-management-system-cms-website-using-php-source-code.html Software Link:...
Online Food Ordering System 2.0 - Remote Code Execution (Unauthenticated) Exploit
Exploit Title: Online Food Ordering System 2.0 - Remote Code Execution RCE Unauthenticated Exploit Author: Abdullah Khawaja hax.3xploit Vendor Homepage: https://www.sourcecodester.com/php/14951/online-food-ordering-system-php-and-sqlite-database-free-source-code.html Software Link:...
Online Food Ordering System 2.0 - Remote Code Execution (RCE) (Unauthenticated)
Exploit Title: Online Food Ordering System 2.0 - Remote Code Execution RCE Unauthenticated Exploit Author: Abdullah Khawaja hax.3xploit Date: 2021-09-20 Vendor Homepage: https://www.sourcecodester.com/php/14951/online-food-ordering-system-php-and-sqlite-database-free-source-code.html Software Lin...
Church Management System 1.0 - Remote Code Execution (RCE) (Unauthenticated)
Exploit Title: Church Management System 1.0 - Remote Code Execution RCE Unauthenticated Exploit Author: Abdullah Khawaja Date: 2021-09-20 Vendor Homepage: https://www.sourcecodester.com/php/14949/church-management-system-cms-website-using-php-source-code.html Software Link:...
Church Management System 1.0 - Remote Code Execution (Unauthenticated) Exploit
Exploit Title: Church Management System 1.0 - Remote Code Execution RCE Unauthenticated Exploit Author: Abdullah Khawaja Vendor Homepage: https://www.sourcecodester.com/php/14949/church-management-system-cms-website-using-php-source-code.html Software Link:...
FBI and CISA warn of APT groups exploiting ADSelfService Plus
In a joint advisory the FBI, the United States Coast Guard Cyber Command CGCYBER, and the Cybersecurity and Infrastructure Security Agency CISA warn that advanced persistent threat APT cyber-actors may be exploiting a vulnerability in ManageEngines single sign-on SSO solution. The vulnerability...
File Upload Vulnerability in TongWEB Application Server
TongWEB Application Server is a standard, secure, highly available and feature-rich enterprise application server.TongWEB Application Server is vulnerable to file upload, which can be exploited to upload a WebShell and gain control of the server...
Apartment Visitor Management System (AVMS) 1.0 - SQL injection to Remote Code Execution 0day Exploit
Exploit Title: Apartment Visitor Management System AVMS 1.0 - SQLi to RCE Exploit Author: mari0x00 Vendor Homepage: https://phpgurukul.com/apartment-visitors-management-system-using-php-and-mysql/ Software Link: https://phpgurukul.com/?smdprocessdownload=1&downloadid=10395 Version: 1.0 Tested on:...
Apartment Visitor Management System (AVMS) 1.0 - 'username' SQL Injection
Exploit Title: Apartment Visitor Management System AVMS 1.0 - 'username' SQL Injection Date: 2021-08-13 Exploit Author: mari0x00 Vendor Homepage: https://phpgurukul.com/apartment-visitors-management-system-using-php-and-mysql/ Software Link:...
TongWEB application server is vulnerable to arbitrary file upload
TongWEB Application Server is a standard, secure, highly available and feature-rich enterprise application server.TongWEB Application Server is vulnerable to arbitrary file upload, which can be exploited by attackers to upload WEBSHELL and gain control of the server...
Patient Appointment Scheduler System 1.0 Shell Upload
Exploit Title: Patient Appointment Scheduler System 1.0 - Unauthenticated File Upload & Remote Code Execution RCE Date: 03/09/2021 Exploit Author: a-rey Vendor Homepage: https://www.sourcecodester.com/php/14928/patient-appointment-scheduler-system-using-php-free-source-code.html Software Link:...
Patient Appointment Scheduler System 1.0 - Unauthenticated File Upload & Remote Code Execution
Exploit Title: Patient Appointment Scheduler System 1.0 - Unauthenticated File Upload & Remote Code Execution RCE Exploit Author: a-rey Vendor Homepage: https://www.sourcecodester.com/php/14928/patient-appointment-scheduler-system-using-php-free-source-code.html Software Link:...
Patient Appointment Scheduler System 1.0 - Unauthenticated File Upload
Exploit Title: Patient Appointment Scheduler System 1.0 - Unauthenticated File Upload Date: 03/09/2021 Exploit Author: a-rey Vendor Homepage: https://www.sourcecodester.com/php/14928/patient-appointment-scheduler-system-using-php-free-source-code.html Software Link:...
FlatCore CMS 2.0.7 Remote Code Execution
Exploit Title: FlatCore CMS 2.0.7 - Remote Code Execution RCE Authenticated Date: 04/10/2021 Exploit Author: Mason Soroka-Gill @sgizoid Vendor Homepage: https://flatcore.org/ Software Link: https://github.com/flatCore/flatCore-CMS/archive/refs/tags/v2.0.7.tar.gz Version: 2.0.7 Tested on: Ubuntu...
Exploit for Server-Side Request Forgery in Microsoft
Exchange SSRF GetShell --- RunCommand CVE-2021–26855.exe -host 10.11.11.24 -mail [email protected] --- 效果图 - 写出webshell到服务器 - 使用菜刀连接webshell...
File Upload Vulnerability in Tianmu MVC-HOME Version
Tianmu MVC-HOME Edition is a professional PHP+MYSQL product. A file upload vulnerability exists in Tianmu MVC-HOME Edition, which can be exploited by attackers to upload a webshell and gain server privileges...
CVE-2020-18114
An arbitrary file upload vulnerability in the /uploads/dede component of DedeCMS V5.7SP2 allows attackers to upload a webshell in HTM format...