47904 matches found
Billing Management System 2.0 - 'email' SQL injection Auth Bypass
Exploit Title: Billing Management System 2.0 - 'email' SQL injection Auth Bypass Date: 2021-02-16 Exploit Author: Pintu Solanki Vendor Homepage: https://www.sourcecodester.com/ Software Link: https://www.sourcecodester.com/php/14380/billing-management-system-php-mysql-updated.html Software: Billi...
Eibiz i-Media Server Digital Signage 3.8.0 - Configuration Disclosure
Exploit Title: Eibiz i-Media Server Digital Signage 3.8.0 - Configuration Disclosure Date: 2020-08-21 Exploit Author: LiquidWorm Vendor Homepage: http://www.eibiz.co.th Version: =3.8.0 CVE: N/A Eibiz i-Media Server Digital Signage 3.8.0 Configuration Disclosure Vendor: EIBIZ Co.,Ltd. Product web...
Simple Startup Manager 1.17 - 'File' Local Buffer Overflow (PoC)
Exploit Title: Simple Startup Manager 1.17 - 'File' Local Buffer Overflow PoC Exploit Author: PovlTekstTV Date: 2020-07-15 Vulnerable Software: Simple Startup Manager Software Link Download: http://www.ashkon.com/download/startup-manager.exe Version: 1.17 Vulnerability Type: Local Buffer Overflow...
Super Backup 2.0.5 for iOS - Directory Traversal
Title: Super Backup 2.0.5 for iOS - Directory Traversal Author: Vulnerability Laboratory Date: 2020-04-30 Software: https://apps.apple.com/us/app/super-backup-export-import/id1052684097 CVE: N/A Document Title: =============== Super Backup v2.0.5 iOS - Directory Traversal Vulnerability References...
Argus Surveillance DVR 4.0 - Weak Password Encryption
Exploit Title: Argus Surveillance DVR 4.0 - Weak Password Encryption Exploit Author: Salman Asad @deathflash1411 a.k.a LeoBreaker Date: 12.07.2021 Version: Argus Surveillance DVR 4.0 Tested on: Windows 7 x86 Build 7601 & Windows 10 Reference: https://deathflash1411.github.io/blog/dvr4-hash-crack...
Easy Chat Server 3.1 - Directory Traversal and Arbitrary File Read
Exploit Title: Easy Chat Server 3.1 - Directory Traversal and Arbitrary File Read Date: 11 October 2021 Exploit Author: z4nd3r Vendor Homepage: http://www.echatserver.com/ Software Link: http://www.echatserver.com/ Version: 3.1 Tested on: Windows 10 Pro Build 19042, English Description: The web...
OpenText Content Server 20.3 - 'multiple' Stored Cross-Site Scripting
Exploit Title: OpenText Content Server 20.3 - 'multiple' Stored Cross-Site Scripting Date: 19/02/2021 Exploit Author: Kamil Breński Vendor Homepage: https://www.opentext.com/ Software Link: https://www.opentext.com/products-and-solutions/products/enterprise-content-management/content-management...
Avaya IP Office 11 - Password Disclosure
Exploit Title: Avaya IP Office 11 - Password Disclosure Exploit Author: hyp3rlinx Date: 2020-06-09 Vender Homepage: https://downloads.avaya.com Product Link: https://downloads.avaya.com/css/P8/documents/101067493 CVE: CVE-2020-7030 + Credits: John Page aka hyp3rlinx + Website:...
Nostromo - Directory Traversal Remote Command Execution (Metasploit)
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Nostromo Directory Traversal Remote Command Execution', 'Description' = %q This module exploits a remote command execution vulnerability in...
Oracle WebLogic - wls-wsat Component Deserialization Remote Code Execution (Metasploit)
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Oracle WebLogic wls-wsat Component Deserialization RCE', 'Description' = %q The Oracle WebLogic WLS WSAT Component is vulnerable to a XML...
Apache Tomcat 8/7/6 (Debian-Based Distros) - Local Privilege Escalation
============================================= - Discovered by: Dawid Golunski - http://legalhackers.com - dawid at legalhackers.com - CVE-2016-1240 - Release date: 30.09.2016 - Revision: 1 - Severity: High ============================================= I. VULNERABILITY -------------------------...
TP-Link Archer AX21 - Unauthenticated Command Injection
!/usr/bin/python3 Exploit Title: TP-Link Archer AX21 - Unauthenticated Command Injection Date: 07/25/2023 Exploit Author: Voyag3r https://github.com/Voyag3r-Security Vendor Homepage: https://www.tp-link.com/us/ Version: TP-Link Archer AX21 AX1800 firmware versions before 1.1.4 Build 20230219...
Remote Desktop Web Access - Authentication Timing Attack (Metasploit Module)
!/usr/bin/env python3 -- coding: utf-8 -- standard modules from metasploit import module extra modules DEPENDENCIESMISSING = False try: import base64 import itertools import os import requests except ImportError: DEPENDENCIESMISSING = True Metasploit Metadata metadata = 'name': 'Microsoft RDP Web...
GitLab 11.4.7 - Remote Code Execution (Authenticated)
Exploit Title: GitLab 11.4.7 Authenticated Remote Code Execution No Interaction Required Date: 15th December 2020 Exploit Author: Mohin Paramasivam Shad0wQu35t Software Link: https://about.gitlab.com/ POC: https://liveoverflow.com/gitlab-11-4-7-remote-code-execution-real-world-ctf-2018/ Tested on...
ntfs-3g (Debian 9) - Local Privilege Escalation
!/bin/bash echo "@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@" echo "@ CVE-2017-0359, PoC by Kristian Erik Hermansen @" echo "@ ntfs-3g local privilege escalation to root @" echo "@ Credits to Google Project Zero @" echo "@ Affects: Debian 9/8/7, Ubuntu, Gentoo, others @" echo "@ Tested:...
Nagios XI 5.7.3 - 'mibs.php' Remote Command Injection (Authenticated)
Exploit Title: Nagios XI 5.7.3 - 'mibs.php' Remote Command Injection Authenticated Date: 10-27-2020 Vulnerability Discovery: Chris Lyne Vulnerability Details: https://www.tenable.com/security/research/tra-2020-58 Exploit Author: Matthew Aberegg Vendor Homepage:...
MAPLE Computer WBT SNMP Administrator 2.0.195.15 - Remote Buffer Overflow
Exploit Title: MAPLE Computer WBT SNMP Administrator 2.0.195.15 - Remote Buffer Overflow Author: hyp3rlinx Discovery Date: 2019-07-17 Vendor Homepage: www.computerlab.com Software Link: https://www.computerlab.com/index.php/downloads/category/27-device-manager Software Link:...
Adobe ColdFusion 11 - LDAP Java Object Deserialization Remode Code Execution (RCE)
Exploit Title: Adobe ColdFusion 11 - LDAP Java Object Deserialization Remode Code Execution RCE Google Dork: intext:"adobe coldfusion 11" Date: 2022-22-02 Exploit Author: Amel BOUZIANE-LEBLOND https://twitter.com/amellb Vendor Homepage: https://www.adobe.com/sea/products/coldfusion-family.html...
PHP Timeclock 1.04 - 'Multiple' Cross Site Scripting (XSS)
Exploit Title: PHP Timeclock 1.04 - 'Multiple' Cross Site Scripting XSS Date: May 3rd 2021 Exploit Author: Tyler Butler Vendor Homepage: http://timeclock.sourceforge.net Software Link: https://sourceforge.net/projects/timeclock/files/PHP%20Timeclock/PHP%20Timeclock%201.04/ Version: 1.04 Tested on...
Dup Scout Enterprise 10.0.18 - 'online_registration' Remote Buffer Overflow
Dup Scout Enterprise 10.0.18 - 'onlineregistration' Remote Buffer Overflow Requires web service to be enabled. Tested on Windows 10 Pro x64 Based on: https://www.exploit-db.com/exploits/43145 and https://www.exploit-db.com/exploits/40457 Credits: Tulpa and SICKNESS for original exploits Modified:...
Gym Management System 1.0 - Stored Cross Site Scripting
Exploit Title: Gym Management System 1.0 - Stored Cross Site Scripting Date: 21/10/2020 Exploit Author: Jyotsna Adhana Vendor Homepage: https://www.sourcecodester.com/php/14541/gym-management-system-using-phpmysqli-source-code.html Software Link:...
OpenEMR 5.0.1 - 'controller' Remote Code Execution
Exploit Title: OpenEMR 5.0.1 - 'controller' Remote Code Execution Date: 2020-06-22 Exploit Author: Emre ÖVÜNÇ Vendor Homepage: https://www.open-emr.org/ Software Link: https://www.open-emr.org/wiki/index.php/OpenEMRDownloads Version: v5.0.1 Tested on: Linux Link:...
BIND - 'TSIG' Denial of Service
!/usr/bin/python coding:utf-8 from scapy.all import DNS, DNSQR, IP, sr1, UDP, DNSRRTSIG, DNSRROPT tsig = DNSRRTSIGrrname="local-ddns", algoname="hmac-sha256", rclass=255, maclen=0, macdata="", timesigned=0, fudge=300, error=16 dnsreq = IPdst='127.0.0.1'/UDPdport=53/DNSrd=1, ad=1,...
MiniTool ShadowMaker 3.2 - 'MTAgentService' Unquoted Service Path
Exploit Title: MiniTool ShadowMaker 3.2 - 'MTAgentService' Unquoted Service Path Discovery by: Thalia Nieto Discovery Date: 02/01/21 Vendor Homepage: https://www.minitool.com Software Link: https://www.minitool.com/backup/thanks-download.html?v=sm-free&r=download-center/ Tested Version: 3.2...
Webmin 1.962 - 'Package Updates' Escape Bypass RCE (Metasploit)
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Webmin 1.962 - Package Update Escape Bypass RCE Metasploit', 'Description' = %q This module exploits an arbitrary command execution vulnerability...
aaPanel 6.6.6 - Privilege Escalation & Remote Code Execution (Authenticated)
Exploit Title: aaPanel 6.6.6 - Authenticated Privilege Escalation Google Dork: Date: 04.05.2020 Exploit Author: Ünsal Furkan Harani Zemarkhos Vendor Homepage: https://www.aapanel.com/ Software Link: https://github.com/aaPanel/aaPanel Version: 6.6.6 REQUIRED Tested on: Linux ubuntu 4.4.0-131-gener...
Wordpress Plugin Autoptimize 2.7.6 - Arbitrary File Upload (Authenticated)
Exploit Title: Wordpress Plugin Autoptimize 2.7.6 - Arbitrary File Upload Authenticated Date: 2020-08-24 Software Link: https://wordpress.org/plugins/autoptimize/ Author : SunCSR Team Version: v2.7.6 Tested on Ubuntu 18.04 / Kali Linux Reference: https://wpvulndb.com/vulnerabilities/10372...
LayerBB < 1.1.4 - Cross-Site Request Forgery
Exploit Title: LayerBB 1.1.3 - Multiple CSRF Date: 4/7/2019 Author: 0xB9 Twitter: @0xB9Sec Contact: 0xB9atpm.me Software Link: https://forum.layerbb.com/downloads.php?view=file&id=30 Version: 1.1.3 Tested on: Ubuntu 18.04 CVE: CVE-2019-16531 1. Description: LayerBB is a free open-source forum...
Online Documents Sharing Platform 1.0 - 'user' SQL Injection
Exploit Title: Online Documents Sharing Platform 1.0 - 'user' SQL Injection Date: 21.01.2021 Exploit Author: CANKAT ÇAKMAK Vendor Homepage: https://www.sourcecodester.com/php/14653/online-documents-sharing-platform-php-full-source-code.html Software Link:...
RAD SecFlow-1v SF_0290_2.3.01.26 - Persistent Cross-Site Scripting
Exploit Title: RAD SecFlow-1v SF02902.3.01.26 - Persistent Cross-Site Scripting Date: 2020-08-31 Exploit Author: Jonatan Schor and Uriel Yochpaz Vendor Homepage: https://www.rad.com/products/secflow-1v-IIoT-Gateway Version: SecFlow-1v os-image SF02902.3.01.26 Tested on: RAD SecFlow-1v CVE : N/A A...
NOKIA VitalSuite SPM 2020 - 'UserName' SQL Injection
Exploit Title: NOKIA VitalSuite SPM 2020 - 'UserName' SQL Injection Exploit Author: Berk Dusunur Google Dork: N/A Type: Web App Date: 2020-05-28 Vendor Homepage: https://www.nokia.com Software Link: https://www.nokia.com/networks/products/vitalsuite-performance-management-software/ Affected...
ASX to MP3 Converter 1.82.50 (Windows XP SP3) - '.asx' Local Stack Overflow
''' Exploit Title: ASX to MP3 Converter 1.82.50 Stack Overflow Date: 2 Oct 2015 Exploit Author: exptr Vendor Homepage: http://mini-stream.net Version: 1.82.50 Tested on: Windows XP SP3 ''' import struct filename = "exploit.asx" dummy = "A"0x104 EIP = struct.pack'I', 0x76af3adc FFFF =...
PHP < 5.3.12 / < 5.4.2 - CGI Argument Injection
Exploit Title: Cve-2012-1823 PHP CGI Argument Injection Exploit Date: May 4, 2012 Author: rayh4c0x4080sec0x2ecom Exploit Discovered by wofeiwo0x4080sec0x2ecom import socket import sys def cgiexploit: pwncode = """""" postLength = lenpwncode httpraw="""POST...
TypeSetter 5.1 - CSRF (Change admin e-mail)
Exploit Title: TypeSetter 5.1 - CSRF Change admin e-mail Exploit Author: Alperen Ergel Software Homepage: https://www.typesettercms.com/ Version : 5.1 Tested on: Kali & ubuntu Category: WebApp Description Attacker can change admin e-mail address Vulnerable - Go to the admin page view preferences ...
Online Shopping Alphaware 1.0 - Authentication Bypass
Title: Online Shopping Alphaware 1.0 - Authentication Bypass Exploit Author: Ahmed Abbas Date: 2020-07-28 Vendor Homepage: https://www.sourcecodester.com/php/14368/online-shopping-alphaware-phpmysql.html Software Link:...
Linux Kernel 5.1.x - 'PTRACE_TRACEME' pkexec Local Privilege Escalation (2)
Exploit Title: Linux Kernel 5.1.x - 'PTRACETRACEME' pkexec Local Privilege Escalation 2 Date: 11/22/21 Exploit Author: Ujas Dhami Version: 4.19 - 5.2.1 Platform: Linux Tested on: Ubuntu 19.04 kernel 5.0.0-15-generic Parrot OS 4.5.1 kernel 4.19.0-parrot1-13t-amd64 Kali Linux kernel...
RouterOS 6.40.5 - 6.44 and 6.48.1 - 6.49.10 - Denial of Service
Exploit Title: CVE-2024-27686: RouterOS-SMB-DOS Google Dork: N/A Date: 03/04/2024 Exploit Author: ice-wzl, Solstice Cyber Solutions Vendor Homepage: https://mikrotik.com/ Software Link: https://mikrotik.com/download/archive Version: RouterOS devices ranging from 6.40.5 - 6.44 and 6.48.1 - 6.49.10...
Rumble Mail Server 0.51.3135 - 'servername' Stored XSS
Exploit Title: Rumble Mail Server 0.51.3135 - 'servername' Stored XSS Date: 2020-9-3 Exploit Author: Mohammed Alshehri Vendor Homepage: http://rumble.sf.net/ Software Link: https://sourceforge.net/projects/rumble/files/Windows%20binaries/rumble0.51.3135-setup.exe Version: Version 0.51.3135 Tested...
Alstrasoft AskMe Pro 2.1 - Multiple SQL Injections
-+================================================================================+- -+ AlstraSoft AskMe Pro = 2.1 SQL Injection Vulnerabilitys +- -+================================================================================+- Discovered By: t0pP8uZz Discovered On: 10 JUNE 2008 Script...
qdPM 9.2 - Password Exposure (Unauthenticated)
Exploit Title: qdPM 9.2 - DB Connection String and Password Exposure Unauthenticated Date: 03/08/2021 Exploit Author: Leon Trappett thepcn3rd Vendor Homepage: https://qdpm.net/ Software Link: https://sourceforge.net/projects/qdpm/files/latest/download Version: 9.2 Tested on: Ubuntu 20.04 Apache2...
SyncBreeze 10.0.28 - 'login' Denial of Service (Poc)
Exploit Title: SyncBreeze 10.0.28 - 'login' Denial of Service Poc Data: 18-Dec-2020 Exploit Author: Ahmed Elkhressy Vendor Homepage: http://www.syncbreeze.com Software Link: http://www.syncbreeze.com/setups/syncbreezeentsetupv10.0.28.exe Version: 10.0.28 Tested on: Windows 7, Windows 10...
Tailor MS 1.0 - Reflected Cross-Site Scripting
Exploit Title: Tailor MS 1.0 - Reflected Cross-Site Scripting Exploit Author: Bobby Cooke boku & Adeeb Shah @hyd3sec Date: 2020-09-14 CVE ID: CVE-2020-23835 Vendor Homepage: https://www.sourcecodester.com Software Link:...
Cacti v1.2.8 - Unauthenticated Remote Code Execution (Metasploit)
Exploit Title: Cacti v1.2.8 - Unauthenticated Remote Code Execution Metasploit Date: 2020-02-29 Exploit Author: Lucas Amorim sh286s CVE: CVE-2020-8813 Vendor Homepage: https://cacti.net/ Version: v1.2.8 Tested on: Linux This module requires Metasploit: https://metasploit.com/download Current...
Pterodactyl Panel 1.11.11 - Remote Code Execution (RCE)
Exploit Title: Pterodactyl Panel 1.11.11 - Remote Code Execution RCE Date: 22/06/2025 Exploit Author: Zen-kun04 Vendor Homepage: https://pterodactyl.io/ Software Link: https://github.com/pterodactyl/panel Version: 1.11.11 Tested on: Ubuntu 22.04.5 LTS CVE: CVE-2025-49132 import requests import js...
FlatCore CMS 2.0.7 - Remote Code Execution (RCE) (Authenticated)
Exploit Title: FlatCore CMS 2.0.7 - Remote Code Execution RCE Authenticated Date: 04/10/2021 Exploit Author: Mason Soroka-Gill @sgizoid Vendor Homepage: https://flatcore.org/ Software Link: https://github.com/flatCore/flatCore-CMS/archive/refs/tags/v2.0.7.tar.gz Version: 2.0.7 Tested on: Ubuntu...
Dnsmasq < 2.78 - Heap Overflow
''' Sources: https://raw.githubusercontent.com/google/security-research-pocs/master/vulnerabilities/dnsmasq/CVE-2017-14492.py https://security.googleblog.com/2017/10/behind-masq-yet-more-dns-and-dhcp.html 1 Build the docker and open two terminals docker build -t dnsmasq . docker run --rm -t -i...
JBoss Application Server 4.2 < 4.2.0.CP09 / 4.3 < 4.3.0.CP08 - Remote Command Execution
JBoss AS Remote Exploit by Kingcope use IO::Socket; use LWP::UserAgent; use URI::Escape; use MIME::Base64; sub usage print "JBoss AS Remote Exploit\nby Kingcope\n\nusage: perl jboss.pl \n"; print "example: perl daytona.pl 192.168.2.10 8080 192.168.2.2 443 lnx\n"; exit; if $ARGV != 4 usage; $host ...
NanoCMS v0.4 - Remote Code Execution (RCE) (Authenticated)
Exploit Title: NanoCMS v0.4 - Remote Code Execution RCE Authenticated Date: 2022-07-26 Exploit Auuthor: p1ckzi Vendor Homepage: https://github.com/kalyan02/NanoCMS Version: NanoCMS v0.4 Tested on: Linux Mint 20.3 CVE: N/A Description: this script uploads a php reverse shell to the target. NanoCMS...
WBCE CMS 1.5.1 - Admin Password Reset
Exploit Title: WBCE CMS 1.5.1 - Admin Password Reset Google Dork: intext: "Way Better Content Editing" Date: 20/12/2021 Exploit Author: citril or https://github.com/maxway2021 Vendor Homepage: https://wbce.org/ Software Link: https://wbce.org/de/downloads/ Version: = 1.5.1 Tested on: Linux CVE :...
Voting System 1.0 - Authentication Bypass (SQLI)
Exploit Title: Voting System 1.0 - Authentication Bypass SQLI Date: 06/05/2021 Exploit Author: secure77 Vendor Homepage: https://www.sourcecodester.com/php/12306/voting-system-using-php.html Software Link:...