Exploit for CVE-2020-1472

PoC exploit for CVE-2020-1472, a vulnerability in the Windows Netlogon service that allows authentication bypass. The exploit uses the Impacket library to test the vulnerability and attempt to perform a Netlogon authentication bypass. It targets the Netlogon service on a domain controller and sen...

Online Voting System 1.0 SQL Injection / Remote Code Execution

Exploit Title: Online Voting System 1.0 - SQLi Authentication Bypass + Remote Code Execution RCE Exploit Author: Geiseric Original Exploit Author: deathflash1411 - https://www.exploit-db.com/exploits/50076 - https://www.exploit-db.com/exploits/50075 Date 02.07.2021 Vendor Homepage:...

GHSA-HM2P-FHWX-9285 Incorrect Permission Assignment for Critical Resource in Plone

Plone through 5.2.4 allows remote authenticated managers to perform disk I/O via crafted keyword arguments to the ReStructuredText transform in a Python script...

Incorrect Permission Assignment for Critical Resource in Plone

Plone through 5.2.4 allows remote authenticated managers to perform disk I/O via crafted keyword arguments to the ReStructuredText transform in a Python script...

Rocket.Chat 3.12.1 NoSQL Injection / Code Execution

Title: Rocket.Chat 3.12.1 - NoSQL Injection to RCE Unauthenticated Author: enox Date: 06-06-2021 Product: Rocket.Chat Vendor: https://rocket.chat/ Vulnerable Versions: Rocket.Chat 3.12.1 CVE: CVE-2021-22911 Credits: https://blog.sonarsource.com/nosql-injections-in-rocket-chat !/usr/bin/python...

Inkpad Notepad And To Do List 4.3.61 Denial Of Service

Exploit Title: Inkpad Notepad & To do list 4.3.61 - Denial of Service PoC Date: 2021-06-03 Author: Brian Rodríguez Download Link: https://play.google.com/store/apps/details?id=com.workpail.inkpad.notepad.notes&hl=esMX Version: 4.3.61 Category: DoS Android Vulnerability InkPad Bloc de notas - Tare...

Exploit for SQL Injection in Cacti

CVE-2020-14295 CVE-2020-14295 proof of concept. The original p...

RarmaRadio 2.72.8 Denial Of Service

Exploit Title: RarmaRadio 2.72.8 - Denial of Service PoC Date: 2021-05-25 Exploit Author: Ismael Nava Vendor Homepage: http://www.raimersoft.com/ Software Link: http://raimersoft.com/downloads/rarmaradiosetup.exe Version: 2.75.8 Tested on: Windows 10 Home x64 STEPS Open the program RarmaRadio Cli...

RarmaRadio 2.72.8 - Denial of Service Exploit

Exploit Title: RarmaRadio 2.72.8 - Denial of Service PoC Exploit Author: Ismael Nava Vendor Homepage: http://www.raimersoft.com/ Software Link: http://raimersoft.com/downloads/rarmaradiosetup.exe Version: 2.75.8 Tested on: Windows 10 Home x64 STEPS Open the program RarmaRadio Click in Edit and...

CommScope Ruckus IoT Controller Web Application Directory Traversal

Vulnerability Details Affected Vendor: CommScope Affected Product: Ruckus IoT Controller Affected Version: 1.7.1.0 and earlier Platform: Linux CWE Classification: CWE-22: Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal', CWE-250: Execution with Unnecessary Privileges...

CVE-2021-33509

Plone through 5.2.4 allows remote authenticated managers to perform disk I/O via crafted keyword arguments to the ReStructuredText transform in a Python script...

Code injection

Plone through 5.2.4 allows remote authenticated managers to perform disk I/O via crafted keyword arguments to the ReStructuredText transform in a Python script...

CVE-2021-33509

Plone 5.2.4 and earlier are affected by an arbitrary file-write vulnerability. Remote authenticated managers can cause disk I/O by sending crafted keyword arguments to the ReStructuredText transform in Python scripts, enabling potential file writes to the server. Root cause is exposed via docutil...

GHSA-J756-F273-XHP4 github.com/nats-io/nats-server Import token permissions checking not enforced

This advisory is canonically Problem Description The NATS server provides for Subjects which are namespaced by Account; all Subjects are supposed to be private to an account, with an Export/Import system used to grant cross-account access to some Subjects. Some Exports are public, such that anyon...

Exploit for OS Command Injection in Cacti

Cacti-CVE-2020-8813 Usage: cactirce.py options Op...

Microweber CMS 1.1.20 - Remote Code Execution (Authenticated) Exploit

Exploit Title: Microweber CMS 1.1.20 - Remote Code Execution Authenticated Exploit Author: sl1nki Vendor Homepage: https://microweber.org/ Software Link: https://github.com/microweber/microweber/tree/1.1.20 Version: " . shellexec$REQUEST"fexec" . ""; ?' Notes: SSL verification is disabled by...

Exploit for CVE-2018-10933

PoC exploit for CVE-2018-10933, a vulnerability in libSSH that allows authentication bypass. The target product/service is libSSH, a free and open-source implementation of the Secure Shell protocol. The vulnerability class/vector is authentication bypass, allowing an attacker to spawn a shell...

Cacti 1.2.12 - 'filter' SQL Injection

Exploit Title: Cacti 1.2.12 - 'filter' SQL Injection / Remote Code Execution Date: 04/28/2021 Exploit Author: Leonardo Paiva Vendor Homepage: https://www.cacti.net/ Software Link: https://www.cacti.net/downloads/cacti-1.2.12.tar.gz Version: 1.2.12 Tested on: Ubuntu 20.04 CVE : CVE-2020-14295...

Exploit for Incorrect Authorization in Moodle

Python script to exploit CVE-2020-14321https://moodle.org/mod...

Native Church Website 1.0 Shell Upload Exploit

Exploit Title: Native Church Website - Arbitrary File Upload Authenticated Exploit Author: Richard Jones Vendor Homepage: https://www.sourcecodester.com/php/11764/native-church-website-phpmysql.html Version: 1.0 Tested on: Windows 10 build 19041 + xampp 3.2.4 /usr/bin/python3 import requests impo...