50 matches found
flatnux 2021-03.25 Remote Code Execution
Exploit Title: flatnux-2021-03.25 - Remote Code Execution Authenticated Exploit Author: Ömer Hasan Durmuş Vendor Homepage: https://en.altervista.org Software Link: http://flatnux.altervista.org/flatnux.html Version: 2021-03.25 Tested on: Windows/Linux POST...
Music Gallery Site v1.0 - SQL Injection on page Master.php
Exploit Title: Music Gallery Site v1.0 - SQL Injection on page Master.php Exploit Author: Muhammad Navaid Zafar Ansari Date: 21 February 2023 CVE Assigned: CVE-2023-0962 mitre.org nvd.nist.org Vendor Homepage: https://www.sourcecodester.com Software Link: Music Gallery Site Version: v 1.0 Tested...
Best pos Management System v1.0 - SQL Injection Vulnerability
Exploit Title: Best pos Management System v1.0 - SQL Injection Exploit Author: Ahmed Ismail @MrOz1l Vendor Homepage: https://www.sourcecodester.com/php/16127/best-pos-management-system-php.html Software Link: https://www.sourcecodester.com/sites/default/files/download/mayurik/kruxton.zip Version:...
Simple Chatbot Application 1.0 - (Category) Stored Cross site Scripting Vulnerability
Exploit Title: Simple Chatbot Application 1.0 - 'Category' Stored Cross site Scripting Exploit Author: Vani K G Vendor Homepage: https://www.sourcecodester.com/ Software Link: https://www.sourcecodester.com/php/14788/simple-chatbot-application-using-php-source-code.html Version: 1.0 Tested on:...
Lot Reservation Management System 1.0 Cross Site Scripting
Exploit Title: lot reservation management system 1.0 - Stored Cross Site Scripting Date: 2020-10-22 Exploit Author: Ankita Pal Vendor Homepage: https://www.sourcecodester.com/php/14530/lot-reservation-management-system-using-phpmysqli-source-code.html Software Link:...
Free Desktop Clock x86 Venetian Blinds Zipper 3.0 - Unicode Stack Overflow (SEH)
Exploit Title: Free Desktop Clock x86 Venetian Blinds Zipper 3.0 - Unicode Stack Overflow SEH Exploit Author: Bobby Cooke Date: 2020-04-11 Vendor: Drive Software Company Vendor Site: http://www.drive-software.com Software Download: http://www.drive-software.com/download/freeclock.exe Tested On:...
WordPress Fruitful 3.8 Cross Site Scripting
Exploit Title: WordPress Theme Fruitful 3.8 - Persistent Cross-Site Scripting Dork: intext:"Fruitful theme by fruitfulcode Powered by: WordPress" intext:"Comment" intext:"Leave a Reply" Date: 2020-02-14 Category : Webapps Software Link: https://downloads.wordpress.org/theme/fruitful.3.8.zip Vendo...
phpMyChat Plus 1.98 SQL Injection
Title: phpMyChat Plus 1.98 - 'pmcusername' SQL Injection Date: 2020-02-13 Exploit Author: J3rryBl4nks Vendor Homepage: http://ciprianmp.com/latest/ Software Link: https://sourceforge.net/projects/phpmychat/files/phpMyChatPlus/ Version MyChat Plus 1.98 Tested on Windows 10/Kali Rolling The phpMyCh...
Intelbras Router WRN150 1.0.18 Cross Site Request Forgery
Exploit Title: Intelbras Router WRN150 1.0.18 - Cross-Site Request Forgery Date: 2019-10-25 Exploit Author: Prof. Joas Antonio Vendor Homepage: https://www.intelbras.com/pt-br/ Software Link: http://en.intelbras.com.br/node/25896 Version: 1.0.18 Tested on: Windows CVE : N/A PoC1:...
Oracle Hyperion Planning 11.1.2.4 Cross Site Scripting Vulnerability
Exploit for windows platform in category web applications Exploit Title: Oracle Hyperion Planning, 11.1.2.4 Vulnerable to Cross Site Scripting Exploit Author: Hasan Alqawzai Vendor Homepage: https://www.oracle.com Software Link:...
NodAPS 4.0 - SQL injection Cross-Site Request Forgery
NodAPS 4.0 - SQL injection Cross-Site Request Forgery Exploit Title: Online Booking system - NodAPS 4.0 - 'search' SQL injection / Cross-Site Request Forgery Date: 2018-05-16 Exploit Author: Borna nematzadeh L0RD Vendor Homepage:...
KeystoneJS 4.0.0-beta.7 - Cross-Site Request Forgery
KeystoneJS 4.0.0-beta.7 - Cross-Site Request Forgery Exploit Title: Application wide CSRF Bypass Date: Sep, 2017 Exploit Author: Saurabh Banawar Vendor Homepage: http://keystonejs.com/ Software Link: https://github.com/keystonejs/keystone Version: 4.0.0 Tested on: Windows 8.1 CVE : 2017-16570 Lin...
Sync Breeze Enterprise 10.0.28 - Remote Buffer Overflow
Exploit Title: SyncBreeze POST username overflow Date: 30-Sep-2017 Exploit Author: Owais Mehtab Vendor Homepage: http://www.syncbreeze.com Software Link: http://www.syncbreeze.com/setups/syncbreezeentsetupv10.0.28.exe Version: 10.0.28 Tested on: Windows 7 !/usr/bin/python import socket import os...
WinaXe Plus 8.7 - Buffer Overflow Exploit
Exploit for windows platform in category remote exploits Exploit Title: WinaXe Plus 8.7 - lpr remote buffer overflow Date: 2017-01-16 Exploit Author: Peter Baris Exploit link: http://www.saptech-erp.com.au/resources/winaxelpr.zip Software Link: http://www.labf.com/download/winaxep-ok.html Version...
Haraj v2 Script Shell Upload Vulnerability
Exploit for php platform in category web applications |----------------------------| | xBADGIRL21 | | N3W PUBLIC 3XPL0IT | | , | | 0day T == -- | | /-' | | // | | x21 | |----------------------------| | Exploit Title : Haraj v2 Script Shell Upload Vulnerability | Exploit Author : xBADGIRL21 | Dork...
WebGate WinRDS 2.0.8 - StopSiteAllChannel Stack Overflow
WebGate WinRDS 2.0.8 - StopSiteAllChannel Stack Overflow WebGate WinRDS WESPPlayback.WESPPlaybackCtrl.1 StopSiteAllChannel Stack Buffer Overflow Vulnerability 0Day var buff1 = ""; var nops = ""; var buff2 = ""; for i=0;i128; i++ buff1 += "B"; nseh = "\xeb\x08PD"; //pop pop ret = 1007f2a0 0x1007f2...
WordPress Html5 Mp3 Player Full Path Disclosure
WordPress - Html5 Mp3 Player with Playlist Plugin / || / / / / /\ /\ \ \ \ | / \ / http://h4x0resec.blogspot.com / \ | \ \ / // / \ / / / / Software info |App. : WordPress - html5-mp3-player-with-playlist Plugin |Software: https://wordpress.org/plugins/html5-mp3-player-with-playlist/...
Wordpress Webcam 2Way Videochat Plagin XSS Vulnerability
The VideoWhisper 2 Way Video Chat is a web based video application designed for instant 1 on 1 private online video conferencing. Exploit Title : Wordpress Plugin Webcam 2Way Videochat XSS Vulnerability Exploit Author : NULLPointer Date : 17/09/2014 Download Link :...
WordPress Epic Arbitrary File Download Vulnerability
WordPress Epic theme suffers from an arbitrary file download vulnerability. Note that this finding houses site-specific data. |||||||||||||||||||||||||||||||||||||||||||||||||| |-------------------------------------------------------------------------| | Exploit Title: Wordpress epic theme...
jetAudio 7.1.9.4030 plus vx - (.m3u) Local Stack Overflow (SEH)
No description provided by source. + Vulnerability : jetAudio v 7.1.9.4030 plus vx .m3u Local Stack Overflow + Detected by : HACK4LOVE http://www.milw0rm.com/exploits/9359 + Product : jetAudio + Versions affected : 7.1.9.4030 plus vx +...