47904 matches found
InnovaStudio WYSIWYG Editor 5.4 - Unrestricted File Upload / Directory Traversal
Exploit Title: InnovaStudio WYSIWYG Editor 5.4 - Unrestricted File Upload / Directory Traversal Date: 11/04/2023 Exploit Author: Zer0FauLT [email protected] Vendor Homepage: innovastudio.com Product: Asset Manager Version: = Asset Manager ASP Version 5.4 Tested on: Windows 10 and Windows...
PHPJabbers Simple CMS 5 - 'name' Persistent Cross-Site Scripting (XSS)
Exploit Title: PHPJabbers Simple CMS 5 - 'name' Persistent Cross-Site Scripting XSS Google Dork: subtitle:Copyright © 2021 PHPJabbers.com Date: 2021-10-28 Exploit Author: Vulnerability-Lab Vendor Homepage: https://www.phpjabbers.com/faq.php Software Link: https://www.phpjabbers.com/simple-cms/...
Fluig 1.7.0 - Path Traversal
Exploit Title: Fluig 1.7.0 - Path Traversal Date: 26/11/2020 Exploit Author: Lucas Souza Vendor Homepage: https://www.totvs.com/fluig/ Version: payload.txt curl -s https://raw.githubusercontent.com/lucxssouza/banners/main/xFluig/banner banner -- FUNCTIONS -- function create-payload wordlist.txt...
Beauty Parlour Management System 1.0 - 'sername' SQL Injection
Exploit Title: Beauty Parlour Management System 1.0 - 'sername' SQL Injection Date: 19/2/2021 Exploit Author: Thinkland Security Team Vendor Homepage: https://phpgurukul.com/beauty-parlour-management-system-using-php-and-mysql/ Software Link:...
EgavilanMedia Address Book 1.0 Exploit - SQLi Auth Bypass
Exploit Title: EgavilanMedia Address Book 1.0 Exploit - SQLi Auth Bypass Date: 02-12-2020 Exploit Author: Mayur Parmarth3cyb3rc0p Vendor Homepage: http://egavilanmedia.com Software Link : http://egavilanmedia.com/egm-address-book/ Version: 1.0 Tested on: PopOS Attack Vector: An attacker can gain...
LimeSurvey 4.1.11 - 'Permission Roles' Persistent Cross-Site Scripting
Exploit Title: LimeSurvey 4.1.11 - 'Permission Roles' Persistent Cross-Site Scripting Date: 05/26/2020 Exploit Author: Matthew Aberegg Vendor Homepage: https://www.limesurvey.org Version: LimeSurvey 4.1.11+200316 Tested on: Ubuntu 18.04.4 Patch Link:...
Ubiquiti airOS - Arbitrary File Upload (Metasploit)
This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Ubiquiti airOS Arbitrary File Upload', 'Description' = %q This module exploits a pre-auth file upload to install a new root user to /etc/passwd an...
Sendmail 8.12.8 (BSD) - 'Prescan()' Remote Command Execution
/ Sendmail 8.12.8 prescan PROOF OF CONCEPT exploit by bysin This is to prove that the bug in sendmail 8.12.8 and below is vulnerable. On sucessful POC exploitation the program should crash with the following: Program received signal SIGSEGV, Segmentation fault. 0x5c5c5c5c in ?? / include include...
Cockpit Version 234 - Server-Side Request Forgery (Unauthenticated)
Exploit Title: Cockpit Version 234 - Server-Side Request Forgery Unauthenticated Date: 08.01.2021 Exploit Author: Metin Yunus Kandemir Vendor Homepage: https://cockpit-project.org/ Version: v234 Tested on: Ubuntu 18.04 !/usr/bin/python3 import argparse import requests import sys import urllib3...
Windows 11 10.0.22000 - Backup service Privilege Escalation
Title: Windows 11 10.0.22000 - Backup service Privilege Escalation Author: nu11secur1ty Date: 01.13.2023 Vendor: https://www.microsoft.com/ Software: https://www.microsoft.com/en-us/software-download/windows11 Reference: https://github.com/nu11secur1ty/CVE-mitre/tree/main/2023/CVE-2023-21752...
Engineers Online Portal 1.0 - 'multiple' Stored Cross-Site Scripting (XSS)
Exploit Title: Engineers Online Portal 1.0 - 'multiple' Stored Cross-Site Scripting XSS Exploit Author: Alon Leviev Date: 22-10-2021 Category: Web application Vendor Homepage: https://www.sourcecodester.com/php/13115/engineers-online-portal-php.html Software Link:...
PEEL Shopping 9.3.0 - 'Comments' Persistent Cross-Site Scripting
Exploit Title: PEEL Shopping 9.3.0 - 'Comments/Special Instructions' Stored Cross-Site Scripting Date: 2021-02-16 Exploit Author: Anmol K Sachan Vendor Homepage: https://www.peel.fr/ Software Link: https://sourceforge.net/projects/peel-shopping/ Software: PEEL SHOPPING 9.3.0 Vulnerability Type:...
Microsoft Windows - Storage QoS Filter Driver Checker
Titles: Microsoft Windows - Storage QoS Filter Driver Checker Author: nu11secur1ty Date: 08/04/2025 Vendor: Microsoft Software: https://www.microsoft.com/en-us/software-download/windows11 Reference: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-49730 Description This PowerShell...
WordPress Digits Plugin 8.4.6.1 - Authentication Bypass via OTP Bruteforcing
Exploit Title: WordPress Digits Plugin 8.4.6.1 - Authentication Bypass via OTP Bruteforcing Google Dork: inurl:/wp-content/plugins/digits/ Date: 2025-04-30 Exploit Author: Saleh Tarawneh Vendor Homepage: https://digits.unitedover.com/ Version: 8.4.6.1 CVE : CVE-2025-4094 """ The Digits plugin for...
ZwiiCMS 12.2.04 - Remote Code Execution (Authenticated)
Exploit Title: ZwiiCMS 12.2.04 Remote Code Execution Authenticated Date: 03/06/2023 Exploit Author: Hadi Mene Vendor Homepage: https://zwiicms.fr/ Version: 12.2.04 and potentially lower versions Tested on: Linux CVE: CVE-2020-10567 Category: webapps ZwiiCMS 12.2.04 uses "Responible FileManager"...
Wordpress Plugin TheCartPress 1.5.3.6 - Privilege Escalation (Unauthenticated)
Exploit Title: Wordpress Plugin TheCartPress 1.5.3.6 - Privilege Escalation Unauthenticated Google Dork: inurl:/wp-content/plugins/thecartpress/ Date: 04/10/2021 Exploit Author: spacehen Vendor Homepage: https://wordpress.org/plugin/thecartpress Version: spacehen www.github.com/spacehen" def...
OpenEMR 5.0.0 - Remote Code Execution (Authenticated)
Exploit Title: OpenEMR 5.0.0 - Remote Code Execution Authenticated Date 10.06.2021 Exploit Author: Ron Jost Hacker5preme Vendor Homepage: https://www.open-emr.org/ Software Link: https://sourceforge.net/projects/openemr/files/OpenEMR%20Current/5.0.0/openemr-5.0.0.zip/download Version: 5.0.0 Teste...
LibreNMS 1.46 - MAC Accounting Graph Authenticated SQL Injection
Exploit Title: LibreNMS 1.46 - MAC Accounting Graph Authenticated SQL Injection Google Dork: Unknown Date: 13-12-2020 Exploit Author: Hodorsec Vendor Homepage: https://www.librenms.org Software Link: https://github.com/librenms/librenms Update notice:...
Point of Sales 1.0 - 'id' SQL Injection
Exploit Title: Point of Sales 1.0 - SQL Injection Date: 2020-10-22 Exploit Author: Ankita Pal Vendor Homepage: https://www.sourcecodester.com/php/14540/point-sales-phppdo-full-source-code-2020.html Software Link: https://www.sourcecodester.com/sites/default/files/download/janobe/pos0.zip Version:...
TP-Link Archer C50 3 - Denial of Service (PoC)
Exploit Title: TP-Link Archer C50 3 - Denial of Service PoC Date: 2020-01-25 Exploit Author: thewhiteh4t Vendor Homepage: https://www.tp-link.com/ Version: TP-Link Archer C50 v3 Build 171227 Tested on: Arch Linux x64 CVE: CVE-2020-9375 Description:...
Bash 5.0 Patch 11 - SUID Priv Drop Exploit
Exploit Title : Bash 5.0 Patch 11 - SUID Priv Drop Exploit Date : 2019-11-29 Original Author: Ian Pudney , Chet Ramey Exploit Author : Mohin Paramasivam Shad0wQu35t Version : pwn.c cat pwn.c include include...
LaborOfficeFree 19.10 - MySQL Root Password Calculator
Exploit Title: LaborOfficeFree 19.10 MySQL Root Password Calculator - CVE-2024-1346 Google Dork: N/A Date: 09/02/2023 Exploit Author: Peter Gabaldon - https://pgj11.com/ Vendor Homepage: https://www.laborofficefree.com/ Software Link: https://www.laborofficefree.com/plans Version: 19.10 Tested on...
Wise Care 365 5.6.7.568 - 'WiseBootAssistant' Unquoted Service Path
Exploit Title: Wise Care 365 5.6.7.568 - 'WiseBootAssistant' Unquoted Service Path Date: 2021-06-18 Exploit Author: Julio Aviña Vendor Homepage: https://www.wisecleaner.com/wise-care-365.html Software Link: https://downloads.wisecleaner.com/soft/WiseCare3655.6.7.568.exe Version: 5.6.7.568 Service...
Microsoft SharePoint Server 16.0.10372.20060 - 'GetXmlDataFromDataSource' Server-Side Request Forgery (SSRF)
Exploit Title: Microsoft SharePoint Server 16.0.10372.20060 - 'GetXmlDataFromDataSource' Server-Side Request Forgery SSRF Date: 09 Jun 2021 Exploit Author: Alex Birnberg Software Link: https://www.microsoft.com/en-us/download/details.aspx?id=57462 Version: 16.0.10372.20060 Tested on: Windows Serv...
Nexus Repository Manager - Java EL Injection RCE (Metasploit)
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Nexus Repository Manager Java EL Injection RCE', 'Description' = %q This module exploits a Java Expression Language EL injection in Nexus...
BlackBoard Internet NewsBoard System 1.5.1 - Remote File Inclusion
source: https://www.securityfocus.com/bid/11336/info BlackBoard Internet Newsboard System is reported prone to a remote file include vulnerability. This issue presents itself because the application fails to sanitize user-supplied data properly. This issue may allow an attacker to include malicio...
PaperCut NG/MG 22.0.4 - Authentication Bypass
Exploit Title: PaperCut NG/MG 22.0.4 - Authentication Bypass Date: 21 April 2023 Exploit Author: MaanVader Vendor Homepage: https://www.papercut.com/ Version: 8.0 or later Tested on: 22.0.4 CVE: CVE-2023-27350 import requests from bs4 import BeautifulSoup import re def vulnversion: ip = input"Ent...
Mailhog 1.0.1 - Stored Cross-Site Scripting (XSS)
Exploit Title: Mailhog 1.0.1 - Stored Cross-Site Scripting XSS Google Dork: https://www.shodan.io/search?query=mailhog 3500 Date: 06.18.2022 Exploit Author: Vulnz Vendor Homepage: https://github.com/mailhog/MailHog Software Link: https://github.com/mailhog/MailHog Version: 1.0.1 Tested on:...
Simple Public Chat Room 1.0 - Authentication Bypass SQLi
Exploit Title: Simple Public Chat Room 1.0 - Authentication Bypass SQLi Exploit Author: Richard Jones Date: 2021-01-26 Vendor Homepage: https://www.sourcecodester.com/php/12295/simple-public-chat-room-using-php.html Software Link:...
Ticket-Booking 1.4 - Authentication Bypass
Exploit Title: Ticket-Booking 1.4 - Authentication Bypass Author: Cakes Discovery Date: 2019-09-14 Vendor Homepage: https://github.com/ABHIJEET-MUNESHWAR/Ticket-Booking Software Link: https://github.com/ABHIJEET-MUNESHWAR/Ticket-Booking/archive/master.zip Tested Version: 1.4 Tested on OS: CentOS ...
Exim 4.87 < 4.91 - (Local / Remote) Command Execution
Qualys Security Advisory The Return of the WIZard: RCE in Exim CVE-2019-10149 ======================================================================== Contents ======================================================================== Summary Local exploitation Remote exploitation - Non-default...
MiniWeb HTTP Server 0.8.19 - Buffer Overflow (PoC)
Exploit Title: MiniWeb HTTP Server 0.8.19 - Buffer Overflow PoC Date: 13.12.2020 Exploit Author: securityforeveryone.com Author Mail: helloATsecurityforeveryone.com Vendor Homepage: https://sourceforge.net/projects/miniweb/ Software Link:...
Techview LA-5570 Wireless Gateway Home Automation Controller - Multiple Vulnerabilities
Exploit Title: Techview LA-5570 Wireless Gateway Home Automation Controller - Multiple Vulnerabilities Google Dork: N/A Date: 25/08/2023 Exploit Author: The Security Team exploitsecurity.io Vendor Homepage: https://www.jaycar.com.au/wireless-gateway-home-automation-controller/p/LA5570 Software...
Auerswald COMfortel 2.8F - Authentication Bypass
Exploit Title: Auerswald COMfortel 2.8F - Authentication Bypass Date: 06/12/2021 Exploit Author: RedTeam Pentesting GmbH Version: 1400/2600/3600 Advisory: Auerswald COMfortel 1400/2600/3600 IP Authentication Bypass RedTeam Pentesting discovered a vulnerability in the web-based configuration...
WordPress Plugin WP Symposium Pro 2021.10 - 'wps_admin_forum_add_name' Stored Cross-Site Scripting (XSS)
Exploit Title: WordPress Plugin WP Symposium Pro 2021.10 - 'wpsadminforumaddname' Stored Cross-Site Scripting XSS Date: 11/11/2021 Exploit Author: Murat DEMIRCI @butterflyhunt3r Vendor Homepage: http://www.wpsymposiumpro.com/ Software Link: https://wordpress.org/plugins/wp-symposium-pro/ Version:...
aptdaemon < 1.1.1 - File Existence Disclosure
Exploit Title: File Existence Disclosure in aptdaemon " sys.exit0 FILETOCHECK = sys.argv1 bus = dbus.SystemBus aptdbusobject = bus.getobject"org.debian.apt", "/org/debian/apt" aptdbusinterface = dbus.Interfaceaptdbusobject, "or...
Tailor Management System - 'id' SQL Injection
Exploit Title: Tailor Management System - 'id' SQL Injection Google Dork: N/A Date: 2020-09-08 Exploit Author: mosaaed Vendor Homepage: https://www.sourcecodester.com/php/14378/tailor-management-system-php-mysql.html Software Link:...
FreeSWITCH - Event Socket Command Execution (Metasploit)
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'FreeSWITCH Event Socket Command Execution', 'Description' = %q This module uses the FreeSWITCH event socket interface to execute system commands...
Nagios XI 5.5.6 - Remote Code Execution / Privilege Escalation
Exploit Title: Nagios XI 5.5.6 Remote Code Execution and Privilege Escalation Date: 2019-01-22 Exploit Author: Chris Lyne @lynerc Vendor Homepage: https://www.nagios.com/ Product: Nagios XI Software Link: https://assets.nagios.com/downloads/nagiosxi/5/xi-5.5.6.tar.gz Version: From 2012r1.0 to 5.5...
ES File Explorer 4.1.9.7.4 - Arbitrary File Read
Exploit Title: ES File Explorer 4.1.9.7.4 - Arbitrary File Read Date: 29/06/2021 Exploit Author: Nehal Zaman Version: ES File Explorer v4.1.9.7.4 Tested on: Android CVE : CVE-2019-6447 import requests import json import ast import sys if lensys.argv file to download" sys.exit1 url = 'http://' +...
Interactive Suite 3.6 - 'eBeam Stylus Driver' Unquoted Service Path
Exploit Title: Interactive Suite 3.6 - 'eBeam Stylus Driver' Unquoted Service Path Discovery by: Luis Martinez Discovery Date: 2021-03-14 Vendor Homepage: https://www.luidia.com Software Link: http://down.myequil.com/dn/setup/ScrapBookwin/down.html Tested Version: 3.6 Tested on OS: Windows 10 Pro...
Cisco Adaptive Security Appliance - Path Traversal (Metasploit)
require 'msf/core' class MetasploitModule "Cisco Adaptive Security Appliance - Path Traversal", 'Description' = %q Cisco Adaptive Security Appliance - Path Traversal CVE-2018-0296 A security vulnerability in Cisco ASA that would allow an attacker to view sensitive system information without...
VUPlayer 2.49 .m3u - Local Buffer Overflow (DEP,ASLR)
Exploit title: VUPlayer 2.49 .m3u - Local Buffer Overflow DEP,ASLR Date: 2020-05-22 Exploit Author: Gobinathan L Vendor Homepage: http://www.vuplayer.com/ Version: v2.49 Tested on: Windows 7 Professional with ALSR and Full DEP Turned ON. Usage : $ python .py ===================================...
Microsoft SQL Server Management Studio 17.9 - '.xmla' XML External Entity Injection
Exploit Title: Microsoft SQL Server Management Studio 17.9 - '.xmla' XML External Entity Injection Date: 2018-10-10 Author: John Page aka hyp3rlinx Website: hyp3rlinx.altervista.org Venodor: www.microsoft.com Software: SQL Server Management Studio 17.9 and SQL Server Management Studio 18.0 Previe...
Phoenix Contact WebVisit 6.40.00 - Password Disclosure
Exploit Title: Phoenix Contact WebVisit 6.40.00 - Password Disclosure Exploit Author: Deneut Tijl Date: 2018-09-30 Vendor Homepage: www.phoenixcontact.com Software Link: https://www.phoenixcontact.com/online/portal/nl/?uri=pxc-oc-itemdetail:pid=2985725&library=nlnl&pcck=P-19-05-01&tab=5 Version:...
Virtual Airlines Manager 2.6.2 - 'id' SQL Injection
Exploit Title: Virtual Airlines Manager 2.6.2 - 'id' SQL Injection Date: 2020-06-09 Exploit Author: Mosaaed Vendor Homepage: http://virtualairlinesmanager.net/ Dork: N/A Affected Version: 2.6.2 Tested on: Ubuntu CVE : N/A ------------------- xss...
QuickDate 1.3.2 - SQL Injection
Exploit Title: QuickDate 1.3.2 - SQL Injection Dork: N/A Date: 2020-02-07 Exploit Author: Ihsan Sencan Vendor Homepage: https://quickdatescript.com/ Version: 1.3.2 Tested on: Linux CVE: N/A POC: 1 POST /findmatches HTTP/1.1 Host: localhost User-Agent: Mozilla/5.0 X11; Linux x8664; rv:55.0...
Zyxel NBG-418N v2 Modem 1.00(AAXM.6)C0 - Cross-Site Request Forgery
NBG-418N v2 Modem CSRF Exploit & PoC...
ZTE ZXV10 H201L - RCE via authentication bypass
Exploit Title: ZTE ZXV10 H201L - RCE via authentication bypass Exploit Author: l34n tasos meletlidis https://i0.rs/blog/finding-0click-rce-on-two-zte-routers/ import http.client, requests, os, argparse, struct, zlib from io import BytesIO from os import stat from Crypto.Cipher import AES def...
Responsive Tourism Website 3.1 - Remote Code Execution (RCE) (Unauthenticated)
Exploit Title: Responsive Tourism Website 3.1 - Remote Code Execution RCE Unauthenticated Date: 22.06.2021 Exploit Author: Tagoletta Tağmaç Software Link: https://www.sourcecodester.com/php/14838/simple-responsive-tourism-website-using-php-free-source-code.html Version: V 3.1 Tested on: MacOS &...