Whatsapp 2.19.216 - Remote Code Execution

Exploit Title: Whatsapp 2.19.216 - Remote Code Execution Date: 2019-10-16 Exploit Author: Valerio Brussani @valbrux Vendor Homepage: https://www.whatsapp.com/ Version: include include include typedef uint8t byte; char gadgetp; void libc, lib; //dls iteration for rop int dlcallbackstruct dlphdrinf...

MV Video Sharing Software 1.2 - 'searchname' SQL Injection

Exploit Title: MV Video Sharing Software 1.2 - 'searchname' SQL Injection Dork: N/A Date: 2018-10-16 Exploit Author: Ihsan Sencan Vendor Homepage: https://melerovideo.com/software/ Software Link: https://sourceforge.net/projects/mvvideosharingsoftware/ Version: 1.2 Category: Webapps Tested on:...

Academic Timetable Final Build 7.0 - Information Disclosure

\n"; printr$ver; echo "\n"; / Array sEcho = 10 iTotalRecords = 3 iTotalDisplayRecords = 3 aaData = Array 0 = Array 0 = testdb1 1 = testdb1 2 = ADMIN 3 = 6CC4E8CFFEAF202D7475BC906612F9A29A9C8117 1 = Array 0 = ADMIN 1 = admin 2 = ADMIN 3 = 4AC...

Lansweeper 7.2 - Incorrect Access Control

Exploit Title: Lansweeper 7.2 - Incorrect Access Control SHODAN DORK : title:"Lansweeper - Login" Date: 2020-06-14 Exploit Author: Amel BOUZIANE-LEBLOND Vendor Homepage: https://www.lansweeper.com/ Software Link: https://www.lansweeper.com Version: 6.0.x through 7.2.x Tested on: Windows CVE :...

KORA 2.7.0 - 'cid' SQL Injection

Exploit Title: KORA 2.7.0 - SQL Injection Dork: N/A Date: 2018-10-13 Exploit Author: Ihsan Sencan Vendor Homepage: http://www.matrix.msu.edu/ Software Link: https://sourceforge.net/projects/kora/files/latest/download Version: 2.7.0 Category: Webapps Tested on: WiN7x64/KaLiLinuXx64 CVE: N/A POC: 1...

HaPe PKH 1.1 - Cross-Site Request Forgery (Update Admin)

Exploit Title: HaPe PKH 1.1 - Cross-Site Request Forgery Update Admin Dork: N/A Date: 2018-10-12 Exploit Author: Ihsan Sencan Vendor Homepage: http://www.sitejo.id Software Link: https://sourceforge.net/projects/hape-pkh/files/latest/download Version: 1.1 Category: Webapps Tested on:...

Xlight FTP 3.9.3.1 - Buffer Overflow (PoC)

Exploit Title: Xlight FTP 3.9.3.1 - 'Buffer Overflow' PoC Discovered by: Yehia Elghaly Discovered Date: 2021-11-12 Vendor Homepage: https://www.xlightftpd.com/ Software Link: https://www.xlightftpd.com/download/setup.exe Tested Version: 3.9.3.1 Vulnerability Type: Buffer Overflow Local Tested on...

memono Notepad Version 4.2 - Denial of Service (PoC)

Exploit Title: memono Notepad Version 4.2 - Denial of Service PoC Date: 06-09-2021 Author: Geovanni Ruiz Download Link: https://apps.apple.com/es/app/memono-bloc-de-notas/id906470619 Version: 4.2 Category: DoS iOS Vulnerability Color Notes is vulnerable to a DoS condition when a long list of...

Cisco ASA 9.14.1.10 and FTD 6.6.0.1 - Path Traversal (2)

Exploit Title: Cisco ASA 9.14.1.10 and FTD 6.6.0.1 - Path Traversal 2 Date: 12 Dec 2020 Exploit Author: [email protected] Vendor Homepage: cisco.com Software Link: It’s against Hardware, specifically ASA’s and FTD’s Version: ASAs from version 9.6 to 9.14.1.10 and FTD’s versions 6.2.3 to...

Rukovoditel 2.6.1 - Cross-Site Request Forgery (Change password)

Exploit Title: Rukovoditel 2.6.1 - Cross-Site Request Forgery Change password Date: 2020-12-14 Exploit Author: KeopssGroup0day,Inc Vendor Homepage: https://www.rukovoditel.net/ Software Link: https://www.rukovoditel.net/download.php Version: v2.6.1 Tested on: Kali Linux...

Processwire CMS 2.4.0 - 'download' Local File Inclusion

Exploit Title: Local File Inclusion Processwire CMS 2.4.0 Vulnerability Type: Unauthenticated LFI Date: 03.11.2020 Exploit Author: Y1LD1R1M Type: WEBAPPS Platform: PHP Vendor Homepage: https://processwire.com/ Version: 2.4.0 Tested on: Kali Linux Description Local File Inclusion in Processwire CM...

Gerapy 0.9.7 - Remote Code Execution (RCE) (Authenticated)

Exploit Title: Gerapy 0.9.7 - Remote Code Execution RCE Authenticated Date: 03/01/2022 Exploit Author: Jeremiasz Pluta Vendor Homepage: https://github.com/Gerapy/Gerapy Version: All versions of Gerapy prior to 0.9.8 CVE: CVE-2021-43857 Tested on: Gerapy 0.9.6 Vulnerability: Gerapy prior to versio...

Shrew Soft VPN Client 2.2.2 - 'iked' Unquoted Service Path

Exploit Title: Shrew Soft VPN Client 2.2.2 - 'iked' Unquoted Service Path Date: 2019-11-14 Exploit Author: D.Goedecke Vendor Homepage: www.shrew.net Software Link: https://www.shrew.net/download/vpn/vpn-client-2.2.2-release.exe Version: 2.2.2 Tested on: Windows 10 64bit C:\Users\userwmic service...

TP-Link TL-WR1043ND 2 - Authentication Bypass

Exploit Title: TP-Link TL-WR1043ND 2 - Authentication Bypass Date: 2019-06-20 Exploit Author: Uriel Kosayev Vendor Homepage: https://www.tp-link.com Version: TL-WR1043ND V2 Tested on: TL-WR1043ND V2 CVE : CVE-2019-6971 CVE Link: https://nvd.nist.gov/vuln/detail/CVE-2019-6971 import requests ascii...

Zabbix 4.4 - Authentication Bypass

Exploit Title: Zabbix 4.4 - Authentication Bypass Date: 2019-10-06 Exploit Author: Todor Donev Software Link: https://www.zabbix.com/download Version: Zabbix 4.4 Tested on: Linux Apache/2 PHP/7.2 Zabbix Initializing the browser Referer = User-Agent = Opera/9.61 Macintosh; Intel Mac OS X; U; de...

MidiCart PHP - 'Item_List.php?MainGroup' SQL Injection

source: https://www.securityfocus.com/bid/13513/info MidiCart PHP is prone to an SQL-injection vulnerability because it fails to properly sanitize user-supplied input before using it in an SQL query. A successful exploit could allow an attacker to compromise the application, access or modify data...

EA Origin < 10.5.38 - Remote Code Execution

Exploit Title: EA Origin 10.5.38 Remote Code Execution Date: 05/22/2019 Exploit Author: Dominik Penner @zer0pwn Vendor Homepage: https://www.origin.com Software Link: https://www.origin.com/can/en-us/store/download Version: 10.5.38 and below Tested on: Windows 7, Windows 8, Windows 10 CVE :...

GIU Gallery Image Upload 0.3.1 - 'category' SQL Injection

Exploit Title: GIU Gallery Image Upload 0.3.1 - 'category' SQL Injection Dork: N/A Date: 2018-10-16 Exploit Author: Ihsan Sencan Vendor Homepage: http://tradesouthwest.com Software Link: https://sourceforge.net/projects/giugalleryimageupload/ Version: 0.3.1 Category: Webapps Tested on:...

Joomla! 'com_easygb' Component - 'Itemid' Parameter Cross-Site Scripting Vulnerability

Joomla! 'comeasygb' Component 'Itemid' Parameter Cross Site Scripting Vulnerability. Webapps exploit for php platform source: http://www.securityfocus.com/bid/40860/info The 'comeasygb' component for Joomla! is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitiz...

Froxlor 0.10.29.1 - SQL Injection (Authenticated)

Exploit Title: Froxlor 0.10.29.1 - SQL Injection Authenticated Exploit Author: Martin Cernac Date: 2021-11-05 Vendor: Froxlor https://froxlor.org/ Software Link: https://froxlor.org/download.php Affected Version: 0.10.28, 0.10.29, 0.10.29.1 Patched Version: 0.10.30 Category: Web Application Teste...

davfs2 1.4.6/1.4.7 - Local Privilege Escalation

davfs2 1.4.6/1.4.7 local privilege escalation exploit Bug Description: davfs2 is a Linux utility which allows OS users to mount a remote webdav server as a local partition. The bug is well documented at http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=723034. Basically the program "mount.davfs"...

CodoForum v5.1 - Remote Code Execution (RCE)

Exploit Title: CodoForum v5.1 - Remote Code Execution RCE Date: 06/07/2022 Exploit Author: Krish Pandey @vikaran101 Vendor Homepage: https://codoforum.com/ Software Link: https://bitbucket.org/evnix/codoforumdownloads/downloads/codoforum.v.5.1.zip Version: CodoForum v5.1 Tested on: Ubuntu 20.04...

Argus Surveillance DVR 4.0 - Weak Password Encryption

Exploit Title: Argus Surveillance DVR 4.0 - Weak Password Encryption Exploit Author: Salman Asad @deathflash1411 a.k.a LeoBreaker Date: 12.07.2021 Version: Argus Surveillance DVR 4.0 Tested on: Windows 7 x86 Build 7601 & Windows 10 Reference: https://deathflash1411.github.io/blog/dvr4-hash-crack...

Mini Mouse 9.2.0 - Path Traversal

Exploit Title: Mini Mouse 9.2.0 - Path Traversal Author: gosh Date: 02-04-2021 Vendor Homepage: http://yodinfo.com Software Link: https://imgv.oss-cn-hangzhou.aliyuncs.com/minimouse.msi Version: 9.2.0 Tested on: Windows 10 Pro build 19042.662 POC GET /file=C:%5CWindows%5Cwin.ini HTTP/1.1 Host:...

Ovidentia 6 - 'id' SQL injection (Authenticated)

Exploit Title: Ovidentia 6 - 'id' SQL injection Authenticated Exploit Author: Felipe Prates Donato m4ud Vendor Homepage: http://www.ovidentia.org Version: 6 DORK : "Powered by Ovidentia" http://Site/ovidentia/index.php?tg=delegat&idx=mem&id=1 UNION Select select...

OpenSMTPD - MAIL FROM Remote Code Execution (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'OpenSMTPD MAIL FROM Remote Code Execution', 'Description' = %q This module exploits a command injection in the MAIL FROM field during SMTP...

Websvn 2.6.0 - Remote Code Execution (Unauthenticated)

Exploit Title: Websvn 2.6.0 - Remote Code Execution Unauthenticated Date: 20/06/2021 Exploit Author: g0ldm45k Vendor Homepage: https://websvnphp.github.io/ Software Link: https://github.com/websvnphp/websvn/releases/tag/2.6.0 Version: 2.6.0 Tested on: Docker + Debian GNU/Linux Buster CVE :...

Microsoft Exchange 2019 - Unauthenticated Email Download

Exploit Title: Microsoft Exchange 2019 - Unauthenticated Email Download Date: 03-11-2021 Exploit Author: Gonzalo Villegas a.k.a Cl34r Vendor Homepage: https://www.microsoft.com/ Version: OWA Exchange 2013 - 2019 Tested on: OWA 2016 CVE : CVE-2021-26855 Details: checking users mailboxes and...

Zabbix 4.2 - Authentication Bypass

Exploit Title: Zabbix 4.2 - Authentication Bypass Date: 2019-10-06 Exploit Author: Milad Khoshdel Software Link: https://www.zabbix.com/download Version: Zabbix 2.x , 3.x , 4.x Tested on latest version Zabbix 4.2 Tested on: Linux Apache/2 PHP/7.2 Google Dork: inurl:zabbix/zabbix.php =========...

Wordpress Plugin EventON Calendar 3.0.5 - Reflected Cross-Site Scripting

Exploit Title: Wordpress Plugin EventON Calendar 3.0.5 - Reflected Cross-Site Scripting Date: 27.11.2020 Exploit Author: b3kc4t Mustafa GUNDOGDU Vendor Homepage: https://www.myeventon.com/ Version: 3.0.5 Tested on: Ubuntu 18.04 CVE : 2020-29395 Description Link:...

Vehicle Parking Management System 1.0 - 'catename' Persistent Cross-Site Scripting (XSS)

Exploit Title: Vehicle Parking Management System 1.0 - 'catename' Persistent Cross-Site Scripting XSS Date: 2021-02-25 Exploit Author: Tushar Vaidya Vendor Homepage: https://www.sourcecodester.com/php/14415/vehicle-parking-management-system-project-phpmysql-full-source-code.html Software Link:...

D-Link Devices - Unauthenticated Remote Command Execution in ssdpcgi (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'D-Link Devices Unauthenticated Remote Command Execution in ssdpcgi', 'Description' = %q D-Link Devices Unauthenticated Remote Command Execution i...

WonderCMS 3.1.3 - Authenticated SSRF to Remote Remote Code Execution

Exploit Title: WonderCMS 3.1.3 - Authenticated SSRF to Remote Remote Code Execution Date: 2020-11-27 Exploit Author: zetc0de Vendor Homepage: https://www.wondercms.com/ Software Link: https://github.com/robiso/wondercms/releases/download/3.1.3/WonderCMS-3.1.3.zip Version: 3.1.3 Tested on: Ubuntu...

Scopia XT Desktop 8.3.915.4 - Cross-Site Request Forgery (change admin password)

Exploit Title: Scopia XT Desktop 8.3.915.4 - Cross-Site Request Forgery change admin password Google Dork: inurl:scopia+index.jsp Date: 2020-09-09 Exploit Author: v1n1v131r4 Vendor Homepage: https://avaya.com Software Link:...

Ericom Access Server x64 9.2.0 - Server-Side Request Forgery

Exploit Title: Ericom Access Server x64 9.2.0 - Server-Side Request Forgery Date: 2020-08-22 Exploit Author: hyp3rlinx Vendor Homepage: www.ericom.com Version: Ericom Access Server x64 for AccessNow & Ericom Blaze v9.2.0 CVE: CVE-2020-24548 + Credits: John Page aka hyp3rlinx + Website:...

Victor CMS 1.0 - 'add_user' Persistent Cross-Site Scripting

Exploit Title: Victor CMS 1.0 - 'adduser' Persistent Cross-Site Scripting Google Dork: N/A Date: 2020-05-23 Exploit Author: Nitya Nand Vendor Homepage: https://github.com/VictorAlagwu/CMSsite Software Link: https://github.com/VictorAlagwu/CMSsite/archive/master.zip Version: 1.0 Tested on: Linux C...

CraftCMS 3 vCard Plugin 1.0.0 - Remote Code Execution

Exploit Title: CraftCMS 3 vCard Plugin 1.0.0 - Remote Code Execution Date: 2020-05-18 Exploit Author: Wade Guest Vendor Homepage: https://craftcms.com/ Software Link: https://plugins.craftcms.com/vcard Vulnerability Details: https://gitlab.com/wguest/craftcms-vcard-exploit Version: 1.0.0 Tested o...

Accela Civic Platform 21.1 - 'servProvCode' Cross-Site-Scripting (XSS)

Exploit Title: Accela Civic Platform 21.1 - 'servProvCode' Cross-Site-Scripting XSS Exploit Author: Abdulazeez Alaseeri Software Link: https://www.accela.com/civic-platform/ Version: = 21.1 Tested on: JBoss server/windows Type: Web App Date: 06/07/2021 CVE: CVE-2021-33904...

LEPTON CMS 4.7.0 - 'URL' Persistent Cross-Site Scripting

Exploit Title: LEPTON CMS 4.7.0 - 'URL' Persistent Cross-Site Scripting Date: 19-11-2020 Exploit Author: Sagar Banwa Vendor Homepage: https://lepton-cms.org/ Software Link: https://lepton-cms.org/english/download/archive.php Version: 4.7.0 Tested on: Windows 10/Kali Linux CVE: CVE-2020-29240 Stor...

SmarterMail 16 - Arbitrary File Upload

Exploit Title: SmarterMail 16 - Arbitrary File Upload Google Dork: inurl:/interface/root Date: 2020-06-10 Exploit Author: vvhack.org Vendor Homepage: https://www.smartertools.com Software Link: https://www.smartertools.com Version: 16.x Tested on: Windows CVE : N/A !/usr/bin/python3 import...

Synology DiskStation Manager - smart.cgi Remote Command Execution (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule \d+&minor=?\d+&build=?\d+ &junior=\d+&unique=synology\w+?^&+/x.freeze def initializeinfo = super updateinfo info, 'Name' = 'Synology DiskStation...

Online Covid Vaccination Scheduler System 1.0 - 'username' time-based blind SQL Injection

Exploit Title: Online Covid Vaccination Scheduler System 1.0 - 'username' time-based blind SQL Injection Date: 2021-07-07 Exploit Author: faisalfs10x https://github.com/faisalfs10x Vendor Homepage: https://www.sourcecodester.com/ Software Link:...

Advanced Comment System 1.0 - 'ACS_path' Path Traversal

Exploit Title: Advanced Comment System 1.0 - 'ACSpath' Path Traversal Date: Fri, 11 Dec 2020 Exploit Author: Francisco Javier Santiago Vázquez aka "n0ipr0cs" Vendor Homepage: Advanced Comment System - ACS Version: v1.0 CVE: CVE-2020-35598...

Juniper-SRX-Firewalls&EX-switches - (PreAuth-RCE) (PoC)

Exploit Title: juniper-SRX-Firewalls&EX-switches PreAuth-RCE PoC Description: This code serves as both a vulnerability detector and a proof of concept for CVE-2023-36845. It executes the phpinfo function on the login page of the target device, allowing to inspect the PHP configuration. also this...

Hyip Rio 2.1 - Arbitrary File Upload

Exploit Title: Hyip Rio 2.1 - Arbitrary File Upload Exploit Author: CraCkEr Date: 30/07/2023 Vendor: tdevs Vendor Homepage: https://tdevs.co/ Software Link: https://hyiprio-feature.tdevs.co/ Version: 2.1 Tested on: Windows 10 Pro Impact: Allows User to upload files to the web server CVE:...

Virtual Airlines Manager 2.6.2 - 'notam' SQL Injection

Exploit Title: Virtual Airlines Manager 2.6.2 - 'notam' SQL Injection Date: 2020-06-07 Exploit Author: Pankaj Kumar Thakur Vendor Homepage: http://virtualairlinesmanager.net/ Dork: inurl:notamid= Affected Version: 2.6.2 Tested on: Ubuntu CVE : N/A Vulnerable parameter -------------------...

WordPress Plugin Import Export WordPress Users 1.3.1 - CSV Injection

Exploit Title: Wordpress Plugin Import Export WordPress Users = 1.3.1 - CSV Injection Exploit Author: Javier Olmedo Contact: @jjavierolmedo Website: https://sidertia.com Date: 2018-08-22 Google Dork: inurl:"/wp-content/plugins/users-customers-import-export-for-wp-woocommerce" Vendor: WebToffee...

Microsoft Outlook Web Access for Exchange Server 2003 - 'redir.asp' Open Redirection

source: https://www.securityfocus.com/bid/31765/info Outlook Web Access is prone to a remote URI-redirection vulnerability because the application fails to properly sanitize user-supplied input. A successful exploit may aid in phishing attacks. OWA 6.5 SP 2 is vulnerable; other versions may also ...

Wordpress Plugin Modern Events Calendar 5.16.2 - Remote Code Execution (Authenticated)

Exploit Title: Wordpress Plugin Modern Events Calendar 5.16.2 - Remote Code Execution Authenticated Date 01.07.2021 Exploit Author: Ron Jost Hacker5preme Vendor Homepage: https://webnus.net/modern-events-calendar/ Software Link:...

Oracle WebLogic Server 10.3.6.0.0 / 12.x - Remote Command Execution

import requests import sys urlin = sys.argv1 payloadurl = urlin + "/wls-wsat/CoordinatorPortType" payloadheader = 'content-type': 'text/xml' def payloadcommand commandin: htmlescapetable = "&": "&", '"': """, "'": "'", "": "", ""+"".joinhtmlescapetable.getc, c for c in commandin+"" payload1 = " \...