Sourceforge PhpGACL Cross-Site Scripting Vulnerability

Sourceforge PhpGACL is a pluggable Php, Mysql based platform used to provide access control for platforms organized by Sourceforge. A cross-site scripting vulnerability exists in phpGACL 3.3.7, which stems from a specially designed HTTP request that could lead to arbitrary JavaScript execution...

WinAVR Version 20100110 - Insecure Folder Permissions Vulnerability

Exploit Title: WinAVR Version 20100110 - Insecure Folder Permissions Exploit Author: Mohammed Alshehri Vendor Homepage: https://sourceforge.net/projects/winavr/ Software Link: https://sourceforge.net/projects/winavr/files/WinAVR/20100110/WinAVR-20100110-install.exe Version: Version 20100110 Teste...

Rumble Mail Server 0.51.3135 - 'domain and path' Stored XSS

Exploit Title: Rumble Mail Server 0.51.3135 - 'domain and path' Stored XSS Date: 2020-9-3 Exploit Author: Mohammed Alshehri Vendor Homepage: http://rumble.sf.net/ Software Link: https://sourceforge.net/projects/rumble/files/Windows%20binaries/rumble0.51.3135-setup.exe Version: Version 0.51.3135...

Sentrifugo Version 3.2 - 'announcements' Remote Code Execution (Authenticated)

Exploit Title: Sentrifugo Version 3.2 - 'announcements' Remote Code Execution Authenticated Google Dork: N/A Date: 2020.10.06 Exploit Author: Fatih Çelik Vendor Homepage: https://sourceforge.net/projects/sentrifugo/ Software Link: https://sourceforge.net/projects/sentrifugo/ Blog:...

Sentrifugo 3.2 Remote Code Execution

Exploit Title: Sentrifugo 3.2 - 'assets' Remote Code Execution Authenticated Google Dork: N/A Date: 2020.10.06 Exploit Author: Fatih Çelik Vendor Homepage: https://sourceforge.net/projects/sentrifugo/ Software Link: https://sourceforge.net/projects/sentrifugo/ Blog:...

Sourceforge Home DNS Server Elevation of Privilege Vulnerability

Home DNS Server is an open source software supporting DNS services organized by Sourceforge. An elevation of privilege vulnerability exists in Home DNS Server version 0.10, which stems from insufficient access restrictions in the default installation directory, and can be exploited by an attacker...

RiteCMS 2.2.1 - Remote Code Execution (Authenticated)

Exploit Title: RiteCMS 2.2.1 - Authenticated Remote Code Execution Date: 2020-07-03 Exploit Author: H0j3n Vendor Homepage: http://ritecms.com/ Software Link: http://sourceforge.net/projects/ritecms/files/ritecms2.2.1.zip/download Version: 2.2.1 Tested on: Linux Reference:...

Mara CMS 7.5 - Reflective Cross-Site Scripting

Exploit Title: Mara CMS 7.5 - Reflective Cross-Site Scripting Google Dork: NA Date: 2020-08-01 Exploit Author: George Tsimpidas Vendor Homepage: https://sourceforge.net/projects/maracms/ Software Link: https://sourceforge.net/projects/maracms/files/MaraCMS75.zip/download Version: 7.5 Tested on:...

Mara CMS 7.5 Cross Site Scripting

============================================================================== | Title : Mara CMS 7.5 Cross Site Scripting | | Author : George Tsimpidas | | Tested on : Kali Linux X64 | | Vendor : https://sourceforge.net/projects/maracms/ |...

Webtareas 2.1p - Arbitrary File Upload (Authenticated) Vulnerability

Exploit for php platform in category web applications Exploit Title: Webtareas 2.1p - Arbitrary File Upload Authenticated Author: AppleBois Exploit author : AppleBois Vendor Hompage:https://sourceforge.net/projects/webtareas/ Version: 2.1 && 2.1p Tested on: Window 10 64 bit environment || XAMPP...

Snes9K 0.09z - 'Port Number' Buffer Overflow (SEH)

Exploit Title: Snes9K 0.09z - 'Port Number' Buffer Overflow SEH Date: 2020-07-20 Exploit Author: MasterVlad Vendor Homepage: https://sourceforge.net/projects/snes9k/ Software Link: https://www.exploit-db.com/apps/ef5249b64ce34575c12970b334a08c17-snes9k009z.zip Version: 0.09z Vulnerability Type:...

NetPCLinker 1.0.0.0 - Buffer Overflow (SEH Egghunter)

Exploit Title: NetPCLinker 1.0.0.0 - Buffer Overflow SEH Egghunter Date: 2019-06-28 Exploit Author: Saeed reza Zamanian Vendor Homepage: https://sourceforge.net/projects/netpclinker/ Software Link: https://sourceforge.net/projects/netpclinker/files/ Version: 1.0.0.0 Tested on: Windows Vista SP1...

NetPCLinker 1.0.0.0 - Buffer Overflow (SEH Egghunter) Exploit

Exploit Title: NetPCLinker 1.0.0.0 - Buffer Overflow SEH Egghunter Exploit Author: Saeed reza Zamanian Vendor Homepage: https://sourceforge.net/projects/netpclinker/ Software Link: https://sourceforge.net/projects/netpclinker/files/ Version: 1.0.0.0 Tested on: Windows Vista SP1 !/usr/bin/python '...

Webtareas 2.1 / 2.1p Cross Site Scripting

Author: AppleBois Homepage: https://sourceforge.net/projects/webtareas/ Affected Version: 2.1/2.1p Stored XSS Allows an attacker to execute arbitrary HTML and JavaScript code More info : https://medium.com/@tehwinsam/webtareas-2-1-c8b406c68c2a Solutions: "NONE" Payload = alert‘AppleBois’;...

Fire Web Server 0.1 Denial Of Service

Exploit Title: Fire Web Server 0.1 - Remote Denial of Service PoC Date: 2020-06-26 Exploit Author: Saeed reza Zamanian Vendor Homepage: https://sourceforge.net/projects/firewebserver/ Software Link: https://sourceforge.net/projects/firewebserver/files/ Version: Pre-Alpha Tested on: Windows 7 ,...

xmm.sourceforge.net Cross Site Scripting vulnerability OBB-1215726

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

Fire Web Server Pre-Alpha Denial Of Service

!/usr/bin/python ''' Exploit Title: Fire Web Server Pre-Alpha - Remote Denial of Service PoC Date: 2020-Jun-26 Exploit Author: Saeed reza Zamanian Vendor Homepage: https://sourceforge.net/projects/firewebserver/ Software Link: https://sourceforge.net/projects/firewebserver/files/ Version: Pre-Alp...

Navigate CMS 2.8.7 - Authenticated Directory Traversal

Exploit Title: Navigate CMS 2.8.7 - Authenticated Directory Traversal Date: 2020-06-04 Exploit Author: Gus Ralph Vendor Homepage: https://www.navigatecms.com/en/home Software Link: https://sourceforge.net/projects/navigatecms/files/releases/navigate-2.8.7r1401.zip/download Version: 2.8.7 Tested o...

Navigate CMS 2.8.7 - Cross-Site Request Forgery (Add Admin) Vulnerability

Exploit for php platform in category web applications Exploit Title: Navigate CMS 2.8.7 - Cross-Site Request Forgery Add Admin Exploit Author: Gus Ralph Vendor Homepage: https://www.navigatecms.com/en/home Software Link:...

StreamRipper32 2.6 Buffer Overflow

Exploit Title: StreamRipper32 2.6 - Buffer Overflow PoC Date: 2020-05-14 Exploit Author: Andy Bowden Tested On: Win10 x64 Download Link: http://streamripper.sourceforge.net/sr32/StreamRipper3226.exe Vendor Page: http://streamripper.sourceforge.net/ Version: 2.6 Steps To Reproduce: Double click on...