874 matches found
Schlix CMS 2.2.6-6 Cross Site Scripting
Exploit Title: Schlix CMS 2.2.6-6 - 'title' Persistent Cross-Site Scripting Authenticated Date: 2021-05-05 Exploit Author: Emircan Baş Vendor Homepage: https://www.schlix.com/ Software Link: https://www.schlix.com/downloads/schlix-cms/schlix-cms-v2.2.6-6.zip Version: 2.2.6-6 Tested on: Windows &...
Schlix CMS 2.2.6-6 Remote Code Execution
Exploit Title: Schlix CMS 2.2.6-6 - Remote Code Execution Authenticated Date: 2021-05-06 Exploit Author: Eren Saraç Vendor Homepage: https://www.schlix.com/ Software Link: https://www.schlix.com/downloads/schlix-cms/schlix-cms-v2.2.6-6.zip Version: 2.2.6-6 Tested on: Windows & WampServer ==...
Moeditor 0.2.0 - XSS to Remote Command Execution Vulnerability
Exploit Title: Moeditor 0.2.0 - XSS to RCE Exploit Author: TaurusOmar CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Risk: High 8.8 Vendor Homepage: https://moeditor.js.org/ Version: 0.2.0 Tested on: Windows, Linux, MacOs Software Description: Software to view and edit sales documentation Moeditor...
Markdown Explorer 0.1.1 - XSS to Remote Command Execution Vulnerability
Exploit Title: Markdown Explorer 0.1.1 - XSS to RCE Exploit Author: TaurusOmar CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Risk: High 8.8 Vendor Homepage: https://github.com/jersou/markdown-explorer Version: 0.1.1 Tested on: Windows, Linux, MacOs Software Description: Easily explore, view and ed...
Anote 1.0 - Persistent Cross-Site Scripting
Exploit Title: Anote 1.0 - Persistent Cross-Site Scripting Exploit Author: TaurusOmar Date: 04/05/2021 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Risk: High 8.8 Vendor Homepage: https://github.com/AnotherNote/anote Version: 1.0 Tested on: Linux, MacOs Software Description: A simple opensource...
Xmind 2020 - Persistent Cross-Site Scripting
Exploit Title: Xmind 2020 - XSS to RCE Exploit Author: TaurusOmar Date: May 4th, 2021 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Risk: High 8.8 Vendor Homepage: https://www.xmind.net/ Version: 2020 Tested on: Windows, Linux, MacOs Software Description: XMind, a full-featured mind mapping and...
Marky 0.0.1 - XSS to Remote Command Execution Vulnerability
Exploit Title: Marky 0.0.1 - XSS to RCE Exploit Author: TaurusOmar CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Risk: High 8.8 Vendor Homepage: https://github.com/vesparny/marky Version: 0.0.1 Tested on: Linux, MacOs, Windows Software Description: Marky is an editor for markdown with a friendly...
jQuery 1.2 - Cross-Site Scripting Vulnerability
Exploit Title: jQuery 1.2 - Cross-Site Scripting XSS Exploit Author: Central InfoSec Version: jQuery versions greater than or equal to 1.2 and before 3.5.0 CVE : CVE-2020-11022 Proof of Concept 1: 0day.today 2021-10-19...
Digital Crime Report Management System 1.0 - SQL Injection (Authentication Bypass) Vulnerability
Exploit Title: Digital Crime Report Management System 1.0 - SQL Injection Authentication Bypass Exploit Author: Galuh Muhammad Iman Akbar GaluhID Vendor Homepage: https://iwantsourcecodes.com/digital-crime-report-management-system-in-php-with-source-code/ Software Link:...
Blitar Tourism 1.0 - Authentication Bypass SQL Injection Vulnerability
Exploit Title: Blitar Tourism 1.0 - Authentication Bypass SQLi Exploit Author: sigeri94 Vendor Homepage: https://sourcecodeaplikasi.info/source-code-aplikasi-biro-travel-berbasis-web/ Software Link: https://codeload.github.com/satndy/Aplikasi-Biro-Travel/zip/master Version: 1.0 POST /travel/Admin...
Linux Kernel 5.4 - 'BleedingTooth' Bluetooth Zero-Click Remote Code Execution
Exploit Title: Linux Kernel 5.4 - 'BleedingTooth' Bluetooth Zero-Click Remote Code Execution Date: 06/04/2020 Exploit Author: Google Security Research Andy Nguyen Tested on: 5.4.0-48-generic 52-Ubuntu SMP Thu Sep 10 10:58:49 UTC 2020 x8664 x8664 x8664 GNU/Linux CVE : CVE-2020-12351, CVE-2020-1235...
Novel Boutique House-plus 3.5.1 - Arbitrary File Download Vulnerability
Exploit Title: Novel Boutique House-plus 3.5.1 - Arbitrary File Download Exploit Author: tuyiqiang Vendor Homepage: https://xiongxyang.gitee.io/ Software Link: https://gitee.com/noveldevteam/novel-plus,https://github.com/201206030/novel-plus Version: all Tested on: linux Vulnerable code:...
SyncBreeze 10.1.16 Buffer Overflow
Exploit Title: SyncBreeze 10.1.16 - XML Parsing Stack-based Buffer Overflow Date: 03/27/2021 Author: Filipe Oliveira - filipecenturiaoathotmail.com Rafael Machado - nnszsatprotonmail.com Vendor: https://www.syncbreeze.com/ Software Link:...
ELAN Touchpad 15.2.13.1_X64_WHQL Unquoted Service Path
Exploit Title: ELAN Touchpad 15.2.13.1X64WHQL - 'ETDService' Unquoted Service Path Exploit Author : SamAlucard Exploit Date: 2021-03-22 Vendor : ELAN Microelectronics Version : ELAN Touchpad 15.2.13.1X64WHQL Vendor Homepage : http://www.emc.com.tw/ Tested on OS: Windows 8 This software installs...
WordPress Supsystic Newsletter 1.5.5 SQL Injection
Exploit Title: WordPress Plugin Supsystic Newsletter 1.5.5 - 'sidx' SQL injection Date: 24/07 2020 Exploit Author: Erik David Martin Vendor Homepage: https://supsystic.com/ Software Link: https://downloads.wordpress.org/plugin/newsletter-by-supsystic.1.5.5.zip Category: Web Application Version:...
WordPress Supsystic Backup 2.3.9 Local File Inclusion
Exploit Title: WordPress Plugin Supsystic Backup 2.3.9 - Local File Inclusion Date: 24/07/2020 Exploit Author: Erik David Martin Vendor Homepage: https://supsystic.com/ Software Link: https://downloads.wordpress.org/plugin/backup-by-supsystic.zip Version: 2.3.9 Tested on: Ubuntu 16.04.6 LTS /...
WordPress Plugin Supsystic Contact Form 1.7.5 - Multiple Vulnerabilities
Exploit Title: WordPress Plugin Supsystic Contact Form 1.7.5 - Multiple Vulnerabilities Date: 24/07/2020 Exploit Author: Erik David Martin Vendor Homepage: https://supsystic.com/ Software Link: https://downloads.wordpress.org/plugin/contact-form-by-supsystic.1.7.5.zip Version: 1.7.5 Tested on:...
SEO Panel 4.6.0 - Remote Code Execution (2)
Exploit Title: SEO Panel 4.6.0 - Remote Code Execution 2 Date: 22 Jan 2021 Exploit Author: Kr0ff Vendor Homepage: https://www.seopanel.org/https://www.kentico.com/ Software Link: https://www.seopanel.org/spdownload/4.6.0 Version: 4.6.0 Tested on: Ubuntu 20.04 !/usr/bin/env python3 ''' DESCRIPTION...
CASAP Automated Enrollment System 1.0 Cross Site Scripting
Exploit Title: CASAP ENROLLMENT SYSTEM 1.0 | CROSS SITE SCRIPTING Exploit Author: Richard Jones Date: 2021-01/23 Vendor Homepage: https://www.sourcecodester.com/php/12210/casap-automated-enrollment-system.html Software Link:...
sar2html 3.2.1 - 'plot' Remote Code Execution
Exploit Title: sar2html 3.2.1 - 'plot' Remote Code Execution Date: 27-12-2020 Exploit Author: Musyoka Ian Vendor Homepage:https://github.com/cemtan/sar2html Software Link: https://sourceforge.net/projects/sar2html/ Version: 3.2.1 Tested on: Ubuntu 18.04.1 !/usr/bin/env python3 import requests...