2177 matches found
📄 PandoraFMS 7.0NG.772 SQL Injection
PandoraFMS version 7.0NG.772 proof of concept authenticated remote SQL injection exploit. Exploit Title: PandoraFMS console v7.0NG.772 - SQL Injection Authenticated Date: 21/11/2023 Exploit Author: Osama Yousef Vendor Homepage: https://pandorafms.com/ Software Link:...
Progress Telerik Report Server 2024 Q1 (10.0.24.305) - Authentication Bypass
Exploit Title: Progress Telerik Report Server 2024 Q1 10.0.24.305 - Authentication Bypass Fofa Dork: title="Telerik Report Server" Date: 2024-09-22 Exploit Author: VeryLazyTech GitHub: https://github.com/verylazytech/CVE-2024-4358 Vendor Homepage: https://www.telerik.com/report-server Software...
Simple Chat System 1.0 Cross Site Scripting
Exploit Title:Simple Chat System 1.0 Reflected XSS Date:05/12/2024 Exploit Author:Merve Hatice Arslan Vendor Homepage:https://code-projects.org/simple-chat-system/ Sofware Link:https://download.code-projects.org/details/ec6340ea-ef68-48d9-b9b2-da397f52b2dc Version:1.0 Tested on:Linux / XAMPP...
Exploit for CVE-2024-42640
CVE-2024-42640 Unauthenticated Remote Code Execution via Angul...
SmartAgent 1.1.0 SQL Injection Vulnerability
Exploit Title: SmartAgent v1.1.0 - Unauthenticated SQL Injection SQLi Exploit Author: Alter Prime Vendor Homepage: https://smarts-srlcom.com/, https://smartagent.com Version: Build v1.1.0 Tested on: Kali Linux An unauthenticated user can inject SQL queries through a POST request to the vulnerable...
Sysax Multi Server 6.99 Cross Site Scripting
Exploit Title: Sysax Multi Server 6.99 - Reflected XSS Date: 2024-11-03 Exploit Author: Yehia Elghaly Mrvar0x Vendor Homepage: https://www.sysax.com/ Software Link: https://www.sysax.com/download/sysaxservsetup.msi Version: MultiServer 6.99 Tested on: Windows 10 x64 Reflected XSS - Affected...
SofaWiki 3.9.2 Shell Upload
Exploit Title: SofaWiki 3.9.2 - Remote Code Execution RCE via Open Ticket File Upload Date: 10/17/2024 Exploit Author: Chokri Hammedi Vendor Homepage: https://www.sofawiki.com Software Link: https://www.sofawiki.com/site/files/snapshot.zip Version: 3.9.2 Tested on: Windows XP Summary: A remote co...
Peel Shopping 2.x Cross Site Scripting / SQL Injection Exploit
Peel Shopping versions 2.x and below 3.1 suffer from cross site scripting and remote SQL injection vulnerabilities. This was already noted discovery in 2012 by Cyber-Crystal but this data provides more details. Exploit Title: Peel Shopping "catid=" SQL injection Google Dork:...
Helpdeskz 2.0.2 Cross Site Scripting
Exploit Title: Stored XSS Vulnerability via File Name Google Dork: N/A Date: 08 Aug 2024 Exploit Author: Md. Sadikul Islam Vendor Homepage: https://www.helpdeskz.com/ Software Link: https://github.com/helpdesk-z/helpdeskz-dev/archive/2.0.2.zip Version: v2.0.2 Tested on: Kali Linux / Firefox...
WordPress Shield Security 20.0.5 Cross Site Scripting
Exploit Title: CVE-2024-7313 - Reflected XSS to Unauthorised Administrator Account Creation Google Dork: inurl:"/wp-content/plugins/wp-simple-firewall/" Cannot find version numbers from this DORK Date: 16/08/2024 Exploit Author: Tim Lepp Vendor Homepage: https://getshieldsecurity.com/ Software...
WordPress PZ Frontend Manager 1.0.5 Cross Site Request Forgery
Exploit Title: pz-frontend-manager = 1.0.5 - CSRF change user profile picture Date: 2024-07-01 Exploit Author: Vuln Seeker Cybersecurity Team Vendor Homepage: https://wordpress.org/plugins/pz-frontend-manager/ Version: = 1.0.5 Tested on: Firefox Contact me: [email protected] The plugin does no...
Xhibiter NFT Marketplace 1.10.2 SQL Injection
Exploit Title: xhibiter nft marketplace SQLI Google Dork: intitle:"View - Browse, create, buy, sell, and auction NFTs" Date: 29/06/204 Exploit Author: Sohel yousef - https://www.linkedin.com/in/sohel-yousef-50a905189/ Vendor Homepage:...
Poultry Farm Management System 1.0 Shell Upload
Exploit Title: Poultry Farm Management System v1.0 - Remote Code Execution RCE Date: 24-06-2024 CVE: N/A Awaiting ID to be assigned Exploit Author: Jerry Thomas w3bn00b3r Vendor Homepage: https://www.sourcecodester.com/php/15230/poultry-farm-management-system-free-download.html Software Link:...
Poultry Farm Management System v1.0 - Remote Code Execution (RCE)
Exploit Title: Poultry Farm Management System v1.0 - Remote Code Execution RCE Date: 24-06-2024 CVE: N/A Awaiting ID to be assigned Exploit Author: Jerry Thomas w3bn00b3r Vendor Homepage: https://www.sourcecodester.com/php/15230/poultry-farm-management-system-free-download.html Software Link:...
AEGON LIFE v1.0 Life Insurance Management System - Unauthenticated Remote Code Execution (RCE)
Exploit Title: Life Insurance Management System- Unauthenticated Remote Code Execution RCE Exploit Author: Aslam Anwar Mahimkar Date: 18-05-2024 Category: Web application Vendor Homepage: https://projectworlds.in/ Software Link: https://projectworlds.in/life-insurance-management-system-in-php/...
Zyxel IKE Packet Decoder - Unauthenticated Remote Code Execution (Metasploit)
Exploit Title: Zyxel IKE Packet Decoder Unauthenticated Remote Code Execution Date: 2023-03-31 Exploit Author: sf Vendor Homepage: https://www.zyxel.com/ Software Link: https://www.zyxel.com/ Version: ATP Firmware version 4.60 to 5.35 inclusive, USG FLEX Firmware version 4.60 to 5.35 inclusive, V...
AEGON LIFE 1.0 Remote Code Execution
Exploit Title: Life Insurance Management System- Unauthenticated Remote Code Execution RCE Exploit Author: Aslam Anwar Mahimkar Date: 18-05-2024 Category: Web application Vendor Homepage: https://projectworlds.in/ Software Link: https://projectworlds.in/life-insurance-management-system-in-php/...
AEGON LIFE v1.0 Life Insurance Management System - Stored cross-site scripting (XSS)
Exploit Title: Life Insurance Management Stored System- cross-site scripting XSS Exploit Author: Aslam Anwar Mahimkar Date: 18-05-2024 Category: Web application Vendor Homepage: https://projectworlds.in/ Software Link: https://projectworlds.in/life-insurance-management-system-in-php/ Version: AEG...
Dotclear 2.29 - Remote Code Execution (RCE)
Exploit Title: Dotclear 2.29 - Remote Code Execution RCE Discovered by: Ahmet Ümit BAYRAM Discovered Date: 26.04.2024 Vendor Homepage: https://git.dotclear.org/explore/repos Software Link: https://github.com/dotclear/dotclear/archive/refs/heads/master.zip Tested Version: v2.29 latest Tested on:...
Plantronics Hub 3.25.1 Arbitrary File Read
Exploit Title: Plantronics Hub 3.25.1 – Arbitrary File Read Date: 2024-05-10 Exploit Author: Farid Zerrouk from Deloitte Belgium, Alaa Kachouh from Mastercard Vendor Homepage: https://support.hp.com/us-en/document/ish9869257-9869285-16/hpsbpy03895 Version: Plantronics Hub for Windows version 3.25...