47904 matches found
Belkin Wemo UPnP - Remote Code Execution (Metasploit)
V This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Belkin Wemo UPnP Remote Code Execution', 'Description' = %q This module exploits a command injection in the Belkin Wemo UPnP API via the...
Academic Timetable Final Build 7.0b - Cross-Site Request Forgery (Add Admin)
Exploit Title: Academic Timetable Final Build 7.0b - Cross-Site Request Forgery Add Admin Dork: N/A Date: 2018-10-13 Exploit Author: Ihsan Sencan Vendor Homepage: http://geoffpartridge.net/ Software Link: https://sourceforge.net/projects/timetableacademic/files/latest/download Version: 7.0a-7.0b...
Linux 4.4.0 < 4.4.0-53 - 'AF_PACKET chocobo_root' Local Privilege Escalation (Metasploit)
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'AFPACKET chocoboroot Privilege Escalation', 'Description' = %q This module exploits a race condition and use-after-free in the packetsetring...
Processwire CMS 2.4.0 - 'download' Local File Inclusion
Exploit Title: Local File Inclusion Processwire CMS 2.4.0 Vulnerability Type: Unauthenticated LFI Date: 03.11.2020 Exploit Author: Y1LD1R1M Type: WEBAPPS Platform: PHP Vendor Homepage: https://processwire.com/ Version: 2.4.0 Tested on: Kali Linux Description Local File Inclusion in Processwire CM...
WordPress Plugin Multi-Scheduler 1.0.0 - Cross-Site Request Forgery (Delete User)
Exploit Title: WordPress Plugin Multi-Scheduler 1.0.0 - Cross-Site Request Forgery Delete User Google Dork: N/A Date: 2020-05-21 Exploit Author: UnD3sc0n0c1d0 Vendor Homepage: https://www.bdtask.com/ Software Link: https://downloads.wordpress.org/plugin/multi-scheduler.1.0.0.zip Category: Web...
PHP-FPM - Underflow Remote Code Execution (Metasploit)
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'PHP-FPM Underflow RCE', 'Description' = %q This module exploits an underflow vulnerability in versions 7.1.x below 7.1.33, 7.2.x below 7.2.24 and...
Windows 11 SMB Client - Privilege Escalation & Remote Code Execution (RCE)
!/usr/bin/env python3 Exploit Title: Windows 11 SMB Client - Privilege Escalation & Remote Code Execution RCE Author: Mohammed Idrees Banyamer Instagram: @banyamersecurity GitHub: https://github.com/mbanyamer Date: 2025-06-13 Tested on: Windows 11 version 22H2, Windows Server 2022, Kali Linux...
Sentrifugo 3.2 - File Upload Restriction Bypass (Authenticated)
Exploit Title: Sentrifugo 3.2 - File Upload Restriction Bypass Authenticated Date: 26/10/2020 Exploit Author: Gurkirat Singh Vendor Homepage: http://www.sentrifugo.com/ POC Link: https://www.exploit-db.com/exploits/47323 Version: 3.2 Tested on: Linux and Windows CVE : CVE-2019-15813 Contact...
Ovidentia 7.9.4 - Multiple Vulnerabilities
Ovidentia 7.9.4 Multiple Remote Vulnerabilities Vendor: Cantico Product web page: http://www.ovidentia.org Affected version: 7.9.4 Summary: Ovidentia is both a content management system CMS and a collaborative environment Groupware. Desc: Input passed via several parameters is not properly...
Hyip Rio 2.1 - Arbitrary File Upload
Exploit Title: Hyip Rio 2.1 - Arbitrary File Upload Exploit Author: CraCkEr Date: 30/07/2023 Vendor: tdevs Vendor Homepage: https://tdevs.co/ Software Link: https://hyiprio-feature.tdevs.co/ Version: 2.1 Tested on: Windows 10 Pro Impact: Allows User to upload files to the web server CVE:...
SiteMagic CMS 4.4.2 - Arbitrary File Upload (Authenticated)
Exploit Title: SiteMagic CMS 4.4.2 - Arbitrary File Upload Authenticated Date: 2020-09-02 Exploit Author: v1n1v131r4 Vendor Homepage: https://sitemagic.org/ Software Link: https://sitemagic.org/Download.html Version: 4.4.2 Tested on: Ubuntu 18.04 CVE : N/A PoC:...
Shrew Soft VPN Client 2.2.2 - 'iked' Unquoted Service Path
Exploit Title: Shrew Soft VPN Client 2.2.2 - 'iked' Unquoted Service Path Date: 2019-11-14 Exploit Author: D.Goedecke Vendor Homepage: www.shrew.net Software Link: https://www.shrew.net/download/vpn/vpn-client-2.2.2-release.exe Version: 2.2.2 Tested on: Windows 10 64bit C:\Users\userwmic service...
College Notes Management System 1.0 - 'user' SQL Injection
Exploit Title: College Notes Management System 1.0 - 'user' SQL Injection Dork: N/A Date: 2018-10-15 Exploit Author: Ihsan Sencan Vendor Homepage: https://anirbandutta.ml/ Software Link: https://sourceforge.net/projects/college-notes-management/ Software Link:...
Ajenti 2.1.36 - Remote Code Execution (Authenticated)
!/usr/bin/python3 import requests import sys import warnings from bs4 import BeautifulSoup import json warnings.filterwarnings"ignore", category=UserWarning, module='bs4' if lensys.argv 6: print"Usage: ./exploit.py https://url username password listenerIP listenerPort" exit url = sys.argv1 userna...
Lansweeper 7.2 - Incorrect Access Control
Exploit Title: Lansweeper 7.2 - Incorrect Access Control SHODAN DORK : title:"Lansweeper - Login" Date: 2020-06-14 Exploit Author: Amel BOUZIANE-LEBLOND Vendor Homepage: https://www.lansweeper.com/ Software Link: https://www.lansweeper.com Version: 6.0.x through 7.2.x Tested on: Windows CVE :...
CraftCMS 3 vCard Plugin 1.0.0 - Remote Code Execution
Exploit Title: CraftCMS 3 vCard Plugin 1.0.0 - Remote Code Execution Date: 2020-05-18 Exploit Author: Wade Guest Vendor Homepage: https://craftcms.com/ Software Link: https://plugins.craftcms.com/vcard Vulnerability Details: https://gitlab.com/wguest/craftcms-vcard-exploit Version: 1.0.0 Tested o...
D-Link Devices - Unauthenticated Remote Command Execution in ssdpcgi (Metasploit)
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'D-Link Devices Unauthenticated Remote Command Execution in ssdpcgi', 'Description' = %q D-Link Devices Unauthenticated Remote Command Execution i...
LUYA CMS 1.0.12 - Cross-Site Scripting
Exploit Title: LUYA CMS 1.0.12 - Cross-Site Scripting Date: 2018-10-11 Exploit Author: Ismail Tasdelen Vendor Homepage: https://luya.io/ Software Link : https://github.com/luyadev/luya/ Software : LUYA CMS Version : 1.0.12 Vulernability Type : Cross-site Scripting Vulenrability : Stored XSS CVE :...
Juniper-SRX-Firewalls&EX-switches - (PreAuth-RCE) (PoC)
Exploit Title: juniper-SRX-Firewalls&EX-switches PreAuth-RCE PoC Description: This code serves as both a vulnerability detector and a proof of concept for CVE-2023-36845. It executes the phpinfo function on the login page of the target device, allowing to inspect the PHP configuration. also this...
Task Management System 1.0 - 'id' SQL Injection
Exploit Title: Task Management System 1.0 - 'id' SQL Injection Exploit Author: Saeed Bala Ahmed r0b0tG4nG Date: 2020-12-08 Google Dork: N/A Vendor Homepage: https://www.sourcecodester.com/php/14615/task-management-system-using-phpmysqli-source-code.html Software Link:...
Whatsapp 2.19.216 - Remote Code Execution
Exploit Title: Whatsapp 2.19.216 - Remote Code Execution Date: 2019-10-16 Exploit Author: Valerio Brussani @valbrux Vendor Homepage: https://www.whatsapp.com/ Version: include include include typedef uint8t byte; char gadgetp; void libc, lib; //dls iteration for rop int dlcallbackstruct dlphdrinf...
Hassan Consulting Shopping Cart 1.18 - Directory Traversal
source: https://www.securityfocus.com/bid/1777/info The $page variable in Hassan Consulting Shopping Cart does not properly check for insecure relative paths such as the double dot "..". Therefore, requesting the following URL will display the specified file:...
Mini Mouse 9.2.0 - Path Traversal
Exploit Title: Mini Mouse 9.2.0 - Path Traversal Author: gosh Date: 02-04-2021 Vendor Homepage: http://yodinfo.com Software Link: https://imgv.oss-cn-hangzhou.aliyuncs.com/minimouse.msi Version: 9.2.0 Tested on: Windows 10 Pro build 19042.662 POC GET /file=C:%5CWindows%5Cwin.ini HTTP/1.1 Host:...
Cisco ASA 9.14.1.10 and FTD 6.6.0.1 - Path Traversal (2)
Exploit Title: Cisco ASA 9.14.1.10 and FTD 6.6.0.1 - Path Traversal 2 Date: 12 Dec 2020 Exploit Author: [email protected] Vendor Homepage: cisco.com Software Link: It’s against Hardware, specifically ASA’s and FTD’s Version: ASAs from version 9.6 to 9.14.1.10 and FTD’s versions 6.2.3 to...
Joomla! 'com_easygb' Component - 'Itemid' Parameter Cross-Site Scripting Vulnerability
Joomla! 'comeasygb' Component 'Itemid' Parameter Cross Site Scripting Vulnerability. Webapps exploit for php platform source: http://www.securityfocus.com/bid/40860/info The 'comeasygb' component for Joomla! is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitiz...
CodoForum v5.1 - Remote Code Execution (RCE)
Exploit Title: CodoForum v5.1 - Remote Code Execution RCE Date: 06/07/2022 Exploit Author: Krish Pandey @vikaran101 Vendor Homepage: https://codoforum.com/ Software Link: https://bitbucket.org/evnix/codoforumdownloads/downloads/codoforum.v.5.1.zip Version: CodoForum v5.1 Tested on: Ubuntu 20.04...
Vehicle Parking Management System 1.0 - 'catename' Persistent Cross-Site Scripting (XSS)
Exploit Title: Vehicle Parking Management System 1.0 - 'catename' Persistent Cross-Site Scripting XSS Date: 2021-02-25 Exploit Author: Tushar Vaidya Vendor Homepage: https://www.sourcecodester.com/php/14415/vehicle-parking-management-system-project-phpmysql-full-source-code.html Software Link:...
WonderCMS 3.1.3 - Authenticated SSRF to Remote Remote Code Execution
Exploit Title: WonderCMS 3.1.3 - Authenticated SSRF to Remote Remote Code Execution Date: 2020-11-27 Exploit Author: zetc0de Vendor Homepage: https://www.wondercms.com/ Software Link: https://github.com/robiso/wondercms/releases/download/3.1.3/WonderCMS-3.1.3.zip Version: 3.1.3 Tested on: Ubuntu...
Academic Timetable Final Build 7.0 - Information Disclosure
\n"; printr$ver; echo "\n"; / Array sEcho = 10 iTotalRecords = 3 iTotalDisplayRecords = 3 aaData = Array 0 = Array 0 = testdb1 1 = testdb1 2 = ADMIN 3 = 6CC4E8CFFEAF202D7475BC906612F9A29A9C8117 1 = Array 0 = ADMIN 1 = admin 2 = ADMIN 3 = 4AC...
Microsoft Exchange 2019 - Unauthenticated Email Download
Exploit Title: Microsoft Exchange 2019 - Unauthenticated Email Download Date: 03-11-2021 Exploit Author: Gonzalo Villegas a.k.a Cl34r Vendor Homepage: https://www.microsoft.com/ Version: OWA Exchange 2013 - 2019 Tested on: OWA 2016 CVE : CVE-2021-26855 Details: checking users mailboxes and...
Zabbix 4.4 - Authentication Bypass
Exploit Title: Zabbix 4.4 - Authentication Bypass Date: 2019-10-06 Exploit Author: Todor Donev Software Link: https://www.zabbix.com/download Version: Zabbix 4.4 Tested on: Linux Apache/2 PHP/7.2 Zabbix Initializing the browser Referer = User-Agent = Opera/9.61 Macintosh; Intel Mac OS X; U; de...
Zabbix 4.2 - Authentication Bypass
Exploit Title: Zabbix 4.2 - Authentication Bypass Date: 2019-10-06 Exploit Author: Milad Khoshdel Software Link: https://www.zabbix.com/download Version: Zabbix 2.x , 3.x , 4.x Tested on latest version Zabbix 4.2 Tested on: Linux Apache/2 PHP/7.2 Google Dork: inurl:zabbix/zabbix.php =========...
MV Video Sharing Software 1.2 - 'searchname' SQL Injection
Exploit Title: MV Video Sharing Software 1.2 - 'searchname' SQL Injection Dork: N/A Date: 2018-10-16 Exploit Author: Ihsan Sencan Vendor Homepage: https://melerovideo.com/software/ Software Link: https://sourceforge.net/projects/mvvideosharingsoftware/ Version: 1.2 Category: Webapps Tested on:...
KORA 2.7.0 - 'cid' SQL Injection
Exploit Title: KORA 2.7.0 - SQL Injection Dork: N/A Date: 2018-10-13 Exploit Author: Ihsan Sencan Vendor Homepage: http://www.matrix.msu.edu/ Software Link: https://sourceforge.net/projects/kora/files/latest/download Version: 2.7.0 Category: Webapps Tested on: WiN7x64/KaLiLinuXx64 CVE: N/A POC: 1...
HaPe PKH 1.1 - Cross-Site Request Forgery (Update Admin)
Exploit Title: HaPe PKH 1.1 - Cross-Site Request Forgery Update Admin Dork: N/A Date: 2018-10-12 Exploit Author: Ihsan Sencan Vendor Homepage: http://www.sitejo.id Software Link: https://sourceforge.net/projects/hape-pkh/files/latest/download Version: 1.1 Category: Webapps Tested on:...
Flowise 3.0.4 - Remote Code Execution (RCE)
Exploit Title: Flowise 3.0.4 - Remote Code Execution RCE Date: 10/11/2025 Exploit Author: nltt0 https://github.com/nltt-br Vendor Homepage: https://flowiseai.com/ Software Link: https://github.com/FlowiseAI/Flowise Version: 3.0.5 CVE: CVE-2025-59528 from requests import post, session from argpars...
Websvn 2.6.0 - Remote Code Execution (Unauthenticated)
Exploit Title: Websvn 2.6.0 - Remote Code Execution Unauthenticated Date: 20/06/2021 Exploit Author: g0ldm45k Vendor Homepage: https://websvnphp.github.io/ Software Link: https://github.com/websvnphp/websvn/releases/tag/2.6.0 Version: 2.6.0 Tested on: Docker + Debian GNU/Linux Buster CVE :...
Accela Civic Platform 21.1 - 'servProvCode' Cross-Site-Scripting (XSS)
Exploit Title: Accela Civic Platform 21.1 - 'servProvCode' Cross-Site-Scripting XSS Exploit Author: Abdulazeez Alaseeri Software Link: https://www.accela.com/civic-platform/ Version: = 21.1 Tested on: JBoss server/windows Type: Web App Date: 06/07/2021 CVE: CVE-2021-33904...
TP-Link TL-WR1043ND 2 - Authentication Bypass
Exploit Title: TP-Link TL-WR1043ND 2 - Authentication Bypass Date: 2019-06-20 Exploit Author: Uriel Kosayev Vendor Homepage: https://www.tp-link.com Version: TL-WR1043ND V2 Tested on: TL-WR1043ND V2 CVE : CVE-2019-6971 CVE Link: https://nvd.nist.gov/vuln/detail/CVE-2019-6971 import requests ascii...
EA Origin < 10.5.38 - Remote Code Execution
Exploit Title: EA Origin 10.5.38 Remote Code Execution Date: 05/22/2019 Exploit Author: Dominik Penner @zer0pwn Vendor Homepage: https://www.origin.com Software Link: https://www.origin.com/can/en-us/store/download Version: 10.5.38 and below Tested on: Windows 7, Windows 8, Windows 10 CVE :...
MidiCart PHP - 'Item_List.php?MainGroup' SQL Injection
source: https://www.securityfocus.com/bid/13513/info MidiCart PHP is prone to an SQL-injection vulnerability because it fails to properly sanitize user-supplied input before using it in an SQL query. A successful exploit could allow an attacker to compromise the application, access or modify data...
WordPress Plugin ProfilePress 3.1.3 - Privilege Escalation (Unauthenticated)
Exploit Title: WordPress Plugin ProfilePress 3.1.3 - Privilege Escalation Unauthenticated Date: 23-08-2021 Exploit Author: Numan Rajkotiya Vendor Homepage: https://profilepress.net/ Software Link: https://downloads.wordpress.org/plugin/wp-user-avatar.3.0.zip Version: 1 ProfilePress Formerly WP Us...
Wordpress Plugin Modern Events Calendar 5.16.2 - Remote Code Execution (Authenticated)
Exploit Title: Wordpress Plugin Modern Events Calendar 5.16.2 - Remote Code Execution Authenticated Date 01.07.2021 Exploit Author: Ron Jost Hacker5preme Vendor Homepage: https://webnus.net/modern-events-calendar/ Software Link:...
Ovidentia 6 - 'id' SQL injection (Authenticated)
Exploit Title: Ovidentia 6 - 'id' SQL injection Authenticated Exploit Author: Felipe Prates Donato m4ud Vendor Homepage: http://www.ovidentia.org Version: 6 DORK : "Powered by Ovidentia" http://Site/ovidentia/index.php?tg=delegat&idx=mem&id=1 UNION Select select...
Virtual Airlines Manager 2.6.2 - 'notam' SQL Injection
Exploit Title: Virtual Airlines Manager 2.6.2 - 'notam' SQL Injection Date: 2020-06-07 Exploit Author: Pankaj Kumar Thakur Vendor Homepage: http://virtualairlinesmanager.net/ Dork: inurl:notamid= Affected Version: 2.6.2 Tested on: Ubuntu CVE : N/A Vulnerable parameter -------------------...
OpenSMTPD - MAIL FROM Remote Code Execution (Metasploit)
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'OpenSMTPD MAIL FROM Remote Code Execution', 'Description' = %q This module exploits a command injection in the MAIL FROM field during SMTP...
GIU Gallery Image Upload 0.3.1 - 'category' SQL Injection
Exploit Title: GIU Gallery Image Upload 0.3.1 - 'category' SQL Injection Dork: N/A Date: 2018-10-16 Exploit Author: Ihsan Sencan Vendor Homepage: http://tradesouthwest.com Software Link: https://sourceforge.net/projects/giugalleryimageupload/ Version: 0.3.1 Category: Webapps Tested on:...
davfs2 1.4.6/1.4.7 - Local Privilege Escalation
davfs2 1.4.6/1.4.7 local privilege escalation exploit Bug Description: davfs2 is a Linux utility which allows OS users to mount a remote webdav server as a local partition. The bug is well documented at http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=723034. Basically the program "mount.davfs"...
Victor CMS 1.0 - 'add_user' Persistent Cross-Site Scripting
Exploit Title: Victor CMS 1.0 - 'adduser' Persistent Cross-Site Scripting Google Dork: N/A Date: 2020-05-23 Exploit Author: Nitya Nand Vendor Homepage: https://github.com/VictorAlagwu/CMSsite Software Link: https://github.com/VictorAlagwu/CMSsite/archive/master.zip Version: 1.0 Tested on: Linux C...
WordPress Plugin Import Export WordPress Users 1.3.1 - CSV Injection
Exploit Title: Wordpress Plugin Import Export WordPress Users = 1.3.1 - CSV Injection Exploit Author: Javier Olmedo Contact: @jjavierolmedo Website: https://sidertia.com Date: 2018-08-22 Google Dork: inurl:"/wp-content/plugins/users-customers-import-export-for-wp-woocommerce" Vendor: WebToffee...