Exploit for CVE-2023-38646

For educational purposes only Inspired by Assetnote resea...

Zstore 6.5.4 Database Disclosure

==================================================================================================================================== | Title : Zstore version 6.5.4 Database Disclosure Exploit | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 108.032-bit ...

ProjeQtOr Project Management System 10.3.2 Shell Upload

Exploit Title: ProjeQtOr Project Management System 10.3.2 -Remote Code Execution RCE Application: ProjeQtOr Project Management System Version: 10.3.2 Bugs: Remote Code Execution RCE Authenticated via file upload Technology: PHP Vendor URL: https://www.projeqtor.org Software Link:...

Online Railway Reservation System 1.0 Missing Access Control

Exploit Title: Online Railway Reservation System 1.0 - Admin Account Creation Unauthenticated Date: 07/01/2022 Exploit Author: Zachary Asher Vendor Homepage: https://www.sourcecodester.com/php/15121/online-railway-reservation-system-phpoop-project-free-source-code.html Software Link:...

10-Strike Network Inventory Explorer Pro 9.31 Buffer Overflow

Exploit Title: 10-Strike Network Inventory Explorer Pro 9.31 - Buffer Overflow SEH Date: 2021-10-31 Exploit Author: ro0k Vendor Homepage: https://www.10-strike.com/ Software Link: https://www.10-strike.com/networkinventoryexplorer/network-inventory-pro-setup.exe Version: 9.31 Tested on: Windows 1...

ROS-2-473

2.473 Nettle library vulnerabilityCVE-2021-20305 1. Vulnerability Description: A Nettle library vulnerability involving the use of a failed cryptographic algorithm and allowing an unauthenticated remote attacker to execute arbitrary code.FSTEC Russia Information Security Threats Data Bank...

phpPgAdmin 7.13.0 - COPY FROM PROGRAM Command Execution (Authenticated) Vulnerability

Exploit Title: phpPgAdmin 7.13.0 - COPY FROM PROGRAM Command Execution Authenticated Exploit Author: Valerio Severini Vendor Homepage: Software Link: https://github.com/phppgadmin/phppgadmin/releases/tag/REL7-13-0 Version: 7.13.0 or lower Tested on: Debian 10 and Ubuntu Description: phpPgAdmin...

Complaint Management System 1.0 - Authentication Bypass

Exploit Title: complaint management system 1.0 - Authentication Bypass Google Dork: N/A Date: 2020-05-10 Exploit Author: BKpatron Vendor Homepage: https://www.sourcecodester.com/php/14206/complaint-management-system.html Software Link:...

Adive Framework 2.0.8 - Cross-Site Request Forgery (Change Admin Password) Vulnerability

Exploit for php platform in category web applications Exploit Title: Adive Framework 2.0.8 - Cross-Site Request Forgery Change Admin Password Exploit Author: Sarthak Saini Vendor Link : https://www.adive.es/ Software Link: https://github.com/ferdinandmartin/adive-php7 Version: 2.0.8...

Advie Framework 2.0.8 Cross Site Scripting

Exploit Title: Adive Framework 2.0.8 - Persistent Cross-Site Scripting Exploit Author: Sarthak Saini Dork: N/A Date: 2020-01-18 Vendor Link : https://www.adive.es/ Software Link: https://github.com/ferdinandmartin/adive-php7 Version: 2.0.8 Category: Webapps Tested on: windows64bit / mozila firefo...

XEROX WorkCentre 7855 Printer - Cross-Site Request Forgery (Add Admin) Vulnerability

Exploit for hardware platform in category web applications Exploit Title: XEROX WorkCentre 7855 Printer - Cross-Site Request Forgery Add Admin Exploit Author: Ismail Tasdelen Vendor Homepage: https://www.xerox.com/ Hardware Link :...

CyberArk 9.7 - Memory Disclosure

Exploit Title: CyberArk 9.7 - Memory Disclosure Date: 2018-06-04 Exploit Author: Thomas Zuk @Freakazoidile Vendor Homepage: https://www.cyberark.com/products/privileged-account-security-solution/enterprise-password-vault/ Version: 9.7 and 10 Tested on: Windows 2008, Windows 2012, Windows 7, Windo...

Dup Scout Enterprise 10.5.12 Share Username Buffer Overflow

!/usr/bin/python Exploit Author: bzyo Twitter: @bzyo Exploit Title: Dup Scout Enterprise 10.5.12 - Local Buffer Overflow Date: 02-22-2018 Vulnerable Software: Dup Scout Enterprise v10.5.12 Vendor Homepage: http://www.dupscout.com Version: 10.5.12 Software Link:...

ClipBucket 2.8.3 SQL Injection / Arbitrary File Read / Write

@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ .:. Exploit Title ClipBucket 2.8.3 - Multiple Vulnerabilities .:. Google Dorks .:. "Forged by ClipBucket" inurl:viewcollection.php?cid= .:. Date: August 15, 2017 .:. Exploit Author: bRpsd .:. Skype contact: vegno...

Kaspersky Total Security Security Bypass Vulnerability

Kaspersky Total security is prone to a security bypass vulnerability. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Joomla Spider FAQ SQL Injection

Exploit Title : Joomla Spider FAQ component SQL Injection vulnerability Author : Manish Kishan Tanwar AKA error1046 Vendor Link : http://demo.web-dorado.com/spider-faq.html Date : 21/03/2015 Discovered at : IndiShell Lab Love to : zero cool,Team indishell,Mannu,Viki,Hardeep Singh,Incredible,Kisha...

phpSound Music Sharing Platform 1.0.5 - Multiple Cross-Site Scripting Vulnerabilities

phpSound Music Sharing Platform 1.0.5 - Multiple Cross-Site Scripting Vulnerabilities Exploit Title: phpSound Music Sharing Platform Multiple XSS Vulnerabilities Date: 08-10-2014 Exploit Author: Halil Dalabasmaz Version: v1.0.5 Vendor Link:...

Super Player 3500 (.m3u) - Local Stack Based Buffer Overflow

No description provided by source. !/usr/bin/perl SuperPlayer3500 Local stack based buffer overflow Author:jun Email:[email protected] Date:Tue Jul 22 2013 Vendor Link:http://www.haojie.cn Software Link:http://www.haojie.cn/download/setup3500.exe App Version:3500 Tested on:windows xp sp3 $file ...

BlazeDVD Pro player 6.1 - Stack Based Buffer Overflow (Direct Ret)

No description provided by source. !/usr/bin/perl BlazeDVD Pro player 6.1 Local stack based buffer overflow Author: PuN1sh3r Email: [email protected] Date: Mon Jul 15 03:01:37 EDT 2013 Vendor link: http://www.blazevideo.com/download.htmm Software Link:...

SoftBizScripts Dating Script SQL Injection Vunerability

No description provided by source. Exploit Title: SoftBizScripts Dating Script SQL Injection Vunerability Date: 29-4-2010 Author: 41.w4r10r Vendor Link : http://softbizscripts.com/ Version: Web Application Tested on: Apcahe/Unix CVE : if exists Dork : inurl:searchresults.php?browse=1 Code :...