Online Bike Rental 1.0 Shell Upload

Exploit Title: Online Bike Rental v1.0 – Authenticated Arbitrary File Upload / Remote Code Execution Date: July 31, 2020 Exploit Author: Adeeb Shah @hyd3sec Vendor Homepage: https:/www.sourcecodester.com Software Link: https://www.sourcecodester.com/php/14374/online-bike-rental-phpmysql.html...

elaniin CMS - Authentication Bypass Vulnerability

Exploit for php platform in category web applications Exploit Title: elaniin CMS 1.0 - Authentication Bypass Exploit Author: BKpatron Vendor Homepage:https://elaniin.com/ Software Link:https://github.com/elaniin/CMS/archive/master.zip Version: v1.0 Tested on: Win 10 CVE: N/A Vulnerability: Attack...

F5 Big-IP 13.1.3 Build 0.0.6 Local File Inclusion

Exploit Title: F5 Big-IP 13.1.3 Build 0.0.6 - Local File Inclusion Date: 2019-08-17 Exploit Author: Carlos E. Vieira Vendor Homepage: https://www.f5.com/products/big-ip-services Version: 0: return True else: return False else: return False def leakPasswd: print"+ Leaking /etc/passwd from server"...

FTPDummy! 4.80 Local Buffer Overflow

Exploit Title: FTPDummy! 4.80 - Local Buffer Overflow SEH Date: 2020-07-22 Author: Felipe Winsnes Software Link: http://www.dummysoftware.com/ftpdummy.html Version: 4.80 Tested on: Windows 7 x86 Blog: https://whitecr0wz.github.io/ Proof of Concept: 1.- Run the python script, it will create the fi...

Online Polling System 1.0 - Authentication Bypass

Exploit Title: Online Polling System 1.0 - Authentication Bypass Date: 2020-07-20 Author: AppleBois Version: NULL Software Link: https://www.sourcecodester.com/php/14330/online-polling-system.html Administration Control Panel || Authentication Bypass Unthenticated User perform SQL Injection bypas...

Xen Input Validation Error Vulnerability (CNVD-2021-17751)

Xen is an open source virtual machine monitor product. It enables different and incompatible operating systems to run on the same computer and supports runtime migration to ensure uptime and avoid downtime. A security vulnerability exists in Xen 4.13.x and earlier versions. An attacker could...

RiteCMS 2.2.1 - Authenticated Remote Code Execution

Exploit Title: RiteCMS 2.2.1 - Authenticated Remote Code Execution Date: 2020-07-03 Exploit Author: Enes Özeser Vendor Homepage: http://ritecms.com/ Version: 2.2.1 Tested on: Linux CVE: CVE-2020-23934 1- Go to following url. http://HOST/cms/ 2- Default username and password is admin:admin. We mus...

F5 NGINX Controller Authentication Vulnerability

F5 NGINX Controller is a centralized monitoring and management platform for NGINX from F5. The platform supports the management of multiple NGINX instances using a visual interface. A security vulnerability exists in the NGINX controller NATS messaging service in F5 NGINX Controller versions 1.0....

Student Enrollment 1.0 - Remote Code Execution

Student Enrollment version 1.0 suffers from an unauthenticated remote code execution vulnerability. Exploit Title: Student Enrollment 1.0 - Unauthenticated Remote Code Execution Date: 2020-06-22 Exploit Author: Selim Enes 'Enesdex' Karaduman Vendor Homepage:...

All in One Support Button < 1.8.8 - Authenticated Stored Cross-Site Scripting

The lack of CSRF and Capability checks on AJAX calls, such as arcontactussavemenuitem, could allow low-privilege users to perform stored XSS attacks. The payloads will then be triggered in frontend pages. The Vendor attempted a fix with v1.8.1, by adding capability and some sanitisation checks...

CityBook < 2.4.4 - Unauthenticated Reflected XSS

Unauthenticated Reflected XSS vulnerability was discovered in the «CityBook - Directory & Listing WordPress Theme», tested version — v2.4.3. Edit WPScanTeam June 17th, 2020 - Confirmed & Escalated to Envato June 18th, 2020 - v2.4.4 released, fixing the issue...

snappville.com Cross Site Scripting vulnerability OBB-1191361

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

Microsoft Windows Kernel Elevation of Privilege Vulnerability (CNVD-2021-22924)

Microsoft Windows and Microsoft Windows Server are both products of Microsoft Corporation.Microsoft Windows is an operating system for personal devices.Microsoft Windows Server is a server operating system. Windows Kernel is one of the Windows system kernels. A privilege vulnerability exists in...

Virtual Airlines Manager 2.6.2 - &#039;airport&#039; SQL Injection

Exploit Title: Virtual Airlines Manager 2.6.2 - 'airport' SQL Injection Google Dork: N/A Date: 2020-06-08 Exploit Author: Kostadin Tonev Vendor Homepage: http://virtualairlinesmanager.net Software Link: https://virtualairlinesmanager.net/index.php/vam-releases/ Version: 2.6.2 Tested on: Linux Min...

Virtual Airlines Manager 2.6.2 - &#039;notam&#039; SQL Injection

Exploit Title: Virtual Airlines Manager 2.6.2 - 'notam' SQL Injection Date: 2020-06-07 Exploit Author: Pankaj Kumar Thakur Vendor Homepage: http://virtualairlinesmanager.net/ Dork: inurl:notamid= Affected Version: 2.6.2 Tested on: Ubuntu CVE : N/A Vulnerable parameter -------------------...

Navigate CMS 2.8.7 SQL Injection

Exploit Title: Navigate CMS 2.8.7 - ''sidx' SQL Injection Authenticated Date: 2020-06-04 Exploit Author: Gus Ralph Vendor Homepage: https://www.navigatecms.com/en/home Software Link: https://sourceforge.net/projects/navigatecms/files/releases/navigate-2.8.7r1401.zip/download Version: 2.8.7 Tested...

Navigate CMS 2.8.7 - Cross-Site Request Forgery (Add Admin)

Exploit Title: Navigate CMS 2.8.7 - Cross-Site Request Forgery Add Admin Date: 2020-06-04 Exploit Author: Gus Ralph Vendor Homepage: https://www.navigatecms.com/en/home Software Link: https://sourceforge.net/projects/navigatecms/files/releases/navigate-2.8.7r1401.zip/download Version: 2.8.7 Teste...

Page Builder: PageLayer - Drag and Drop website builder < 1.1.2 - CSRF leading to XSS

A flaw allowed attackers to forge a request on behalf of a site’s administrator to modify the settings of the plugin which could allow for malicious Javascript injection...

osTicket 1.14.1 - (Saved Search) Persistent Cross-Site Scripting Vulnerability

Exploit for php platform in category web applications Exploit Title: osTicket 1.14.1 - 'Saved Search' Persistent Cross-Site Scripting Exploit Author: Matthew Aberegg Vendor Homepage: https://osticket.com Patch Link:...

Mikrotik Router Monitoring System 1.2.3 - &#039;community&#039; SQL Injection

Exploit Title: Mikrotik Router Monitoring System 1.2.3 - 'community' SQL Injection Exploit Author: jul10l1r4 Julio Lira Google Dork: N/A Date: 2020-05-16 Vendor Homepage: https://mikrotik.com Software Link: https://mikrotik.com/download Version: = 1.2.3 Tested on: Debian 10 buster CVE: 2020-13118...