47884 matches found
Cockpit Version 234 - Server-Side Request Forgery (Unauthenticated)
Exploit Title: Cockpit Version 234 - Server-Side Request Forgery Unauthenticated Date: 08.01.2021 Exploit Author: Metin Yunus Kandemir Vendor Homepage: https://cockpit-project.org/ Version: v234 Tested on: Ubuntu 18.04 !/usr/bin/python3 import argparse import requests import sys import urllib3...
LibreNMS 1.46 - MAC Accounting Graph Authenticated SQL Injection
Exploit Title: LibreNMS 1.46 - MAC Accounting Graph Authenticated SQL Injection Google Dork: Unknown Date: 13-12-2020 Exploit Author: Hodorsec Vendor Homepage: https://www.librenms.org Software Link: https://github.com/librenms/librenms Update notice:...
Exim 4.87 < 4.91 - (Local / Remote) Command Execution
Qualys Security Advisory The Return of the WIZard: RCE in Exim CVE-2019-10149 ======================================================================== Contents ======================================================================== Summary Local exploitation Remote exploitation - Non-default...
WebsiteBaker 2.13.0 - Remote Code Execution (RCE) (Authenticated)
Exploit Title: WebsiteBaker 2.13.0 - Remote Code Execution RCE Authenticated Date: 18-09-2021 Exploit Author: Halit AKAYDIN hLtAkydn Vendor Homepage: https://websitebaker.org/ Software Link: http://wiki.websitebaker.org/doku.php/en/downloads Version: 2.13.0 Category: Webapps Tested on:...
OpenEMR 5.0.0 - Remote Code Execution (Authenticated)
Exploit Title: OpenEMR 5.0.0 - Remote Code Execution Authenticated Date 10.06.2021 Exploit Author: Ron Jost Hacker5preme Vendor Homepage: https://www.open-emr.org/ Software Link: https://sourceforge.net/projects/openemr/files/OpenEMR%20Current/5.0.0/openemr-5.0.0.zip/download Version: 5.0.0 Teste...
Microsoft SharePoint Server 16.0.10372.20060 - 'GetXmlDataFromDataSource' Server-Side Request Forgery (SSRF)
Exploit Title: Microsoft SharePoint Server 16.0.10372.20060 - 'GetXmlDataFromDataSource' Server-Side Request Forgery SSRF Date: 09 Jun 2021 Exploit Author: Alex Birnberg Software Link: https://www.microsoft.com/en-us/download/details.aspx?id=57462 Version: 16.0.10372.20060 Tested on: Windows Serv...
Tailor Management System - 'id' SQL Injection
Exploit Title: Tailor Management System - 'id' SQL Injection Google Dork: N/A Date: 2020-09-08 Exploit Author: mosaaed Vendor Homepage: https://www.sourcecodester.com/php/14378/tailor-management-system-php-mysql.html Software Link:...
FreeSWITCH - Event Socket Command Execution (Metasploit)
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'FreeSWITCH Event Socket Command Execution', 'Description' = %q This module uses the FreeSWITCH event socket interface to execute system commands...
Zyxel NBG-418N v2 Modem 1.00(AAXM.6)C0 - Cross-Site Request Forgery
NBG-418N v2 Modem CSRF Exploit & PoC...
Nagios XI 5.5.6 - Remote Code Execution / Privilege Escalation
Exploit Title: Nagios XI 5.5.6 Remote Code Execution and Privilege Escalation Date: 2019-01-22 Exploit Author: Chris Lyne @lynerc Vendor Homepage: https://www.nagios.com/ Product: Nagios XI Software Link: https://assets.nagios.com/downloads/nagiosxi/5/xi-5.5.6.tar.gz Version: From 2012r1.0 to 5.5...
Microsoft SQL Server Management Studio 17.9 - '.xmla' XML External Entity Injection
Exploit Title: Microsoft SQL Server Management Studio 17.9 - '.xmla' XML External Entity Injection Date: 2018-10-10 Author: John Page aka hyp3rlinx Website: hyp3rlinx.altervista.org Venodor: www.microsoft.com Software: SQL Server Management Studio 17.9 and SQL Server Management Studio 18.0 Previe...
e107 CMS 2.3.0 - CSRF
Exploit Title: e107 CMS 2.3.0 - CSRF Date: 04/03/2021 Exploit Author: Tadjmen Vendor Homepage: https://e107.org Software Link: https://e107.org/download Version: 2.3.0 Tested on: Windows 10 CVE : CVE-2021-27885 CSRF vulnerability on e107 CMS Bug Description Hi. I found a CSRF on the e107 CMS...
Cisco Adaptive Security Appliance - Path Traversal (Metasploit)
require 'msf/core' class MetasploitModule "Cisco Adaptive Security Appliance - Path Traversal", 'Description' = %q Cisco Adaptive Security Appliance - Path Traversal CVE-2018-0296 A security vulnerability in Cisco ASA that would allow an attacker to view sensitive system information without...
PaperCut NG/MG 22.0.4 - Authentication Bypass
Exploit Title: PaperCut NG/MG 22.0.4 - Authentication Bypass Date: 21 April 2023 Exploit Author: MaanVader Vendor Homepage: https://www.papercut.com/ Version: 8.0 or later Tested on: 22.0.4 CVE: CVE-2023-27350 import requests from bs4 import BeautifulSoup import re def vulnversion: ip = input"Ent...
Ericsson Network Location MPS GMPC21 - Remote Code Execution (RCE) (Metasploit)
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Ericsson Network Location MPS - Restrictions Bypass RCE Meow Variant', 'Description' = %q This module exploits an arbitrary command execution...
PEEL Shopping 9.3.0 - 'Comments' Persistent Cross-Site Scripting
Exploit Title: PEEL Shopping 9.3.0 - 'Comments/Special Instructions' Stored Cross-Site Scripting Date: 2021-02-16 Exploit Author: Anmol K Sachan Vendor Homepage: https://www.peel.fr/ Software Link: https://sourceforge.net/projects/peel-shopping/ Software: PEEL SHOPPING 9.3.0 Vulnerability Type:...
Virtual Airlines Manager 2.6.2 - 'id' SQL Injection
Exploit Title: Virtual Airlines Manager 2.6.2 - 'id' SQL Injection Date: 2020-06-09 Exploit Author: Mosaaed Vendor Homepage: http://virtualairlinesmanager.net/ Dork: N/A Affected Version: 2.6.2 Tested on: Ubuntu CVE : N/A ------------------- xss...
Phoenix Contact WebVisit 6.40.00 - Password Disclosure
Exploit Title: Phoenix Contact WebVisit 6.40.00 - Password Disclosure Exploit Author: Deneut Tijl Date: 2018-09-30 Vendor Homepage: www.phoenixcontact.com Software Link: https://www.phoenixcontact.com/online/portal/nl/?uri=pxc-oc-itemdetail:pid=2985725&library=nlnl&pcck=P-19-05-01&tab=5 Version:...
Microsoft Windows Server 2008 R2 (x64) - 'SrvOs2FeaToNt' SMB Remote Code Execution (MS17-010)
Exploit Author: Juan Sacco at KPN Red Team - http://www.kpn.com Date and time of release: May, 9 2017 - 13:00PM Found this and more exploits on my open source security project: http://www.exploitpack.com MS17-010 - https://technet.microsoft.com/en-us/library/security/ms17-010.aspx Tested on:...
OpenEMR 5.0.2.1 - Remote Code Execution
Exploit Title: OpenEMR 5.0.2.1 - Remote Code Execution Exploit Author: Hato0, BvThTrd Date: 2020-08-07 Vendor Homepage: https://www.open-emr.org/ Software Link: https://sourceforge.net/projects/openemr/files/OpenEMR%20Current/5.0.2.1/openemr-5.0.2.tar.gz/download Version: 5.0.2.1 without patches...
Fluig 1.7.0 - Path Traversal
Exploit Title: Fluig 1.7.0 - Path Traversal Date: 26/11/2020 Exploit Author: Lucas Souza Vendor Homepage: https://www.totvs.com/fluig/ Version: payload.txt curl -s https://raw.githubusercontent.com/lucxssouza/banners/main/xFluig/banner banner -- FUNCTIONS -- function create-payload wordlist.txt...
Beauty Parlour Management System 1.0 - 'sername' SQL Injection
Exploit Title: Beauty Parlour Management System 1.0 - 'sername' SQL Injection Date: 19/2/2021 Exploit Author: Thinkland Security Team Vendor Homepage: https://phpgurukul.com/beauty-parlour-management-system-using-php-and-mysql/ Software Link:...
aptdaemon < 1.1.1 - File Existence Disclosure
Exploit Title: File Existence Disclosure in aptdaemon " sys.exit0 FILETOCHECK = sys.argv1 bus = dbus.SystemBus aptdbusobject = bus.getobject"org.debian.apt", "/org/debian/apt" aptdbusinterface = dbus.Interfaceaptdbusobject, "or...
TP-Link Archer C50 3 - Denial of Service (PoC)
Exploit Title: TP-Link Archer C50 3 - Denial of Service PoC Date: 2020-01-25 Exploit Author: thewhiteh4t Vendor Homepage: https://www.tp-link.com/ Version: TP-Link Archer C50 v3 Build 171227 Tested on: Arch Linux x64 CVE: CVE-2020-9375 Description:...
Microsoft SQL Server Management Studio 17.9 - XML External Entity Injection
Exploit Title: Microsoft SQL Server Management Studio 17.9 - XML External Entity Injection Date: 2018-10-10 Author: John Page aka hyp3rlinx Website: hyp3rlinx.altervista.org Venodor: www.microsoft.com Software: SQL Server Management Studio 17.9 and SQL Server Management Studio 18.0 Preview 4 CVE:...
Simple Public Chat Room 1.0 - Authentication Bypass SQLi
Exploit Title: Simple Public Chat Room 1.0 - Authentication Bypass SQLi Exploit Author: Richard Jones Date: 2021-01-26 Vendor Homepage: https://www.sourcecodester.com/php/12295/simple-public-chat-room-using-php.html Software Link:...
MiniWeb HTTP Server 0.8.19 - Buffer Overflow (PoC)
Exploit Title: MiniWeb HTTP Server 0.8.19 - Buffer Overflow PoC Date: 13.12.2020 Exploit Author: securityforeveryone.com Author Mail: helloATsecurityforeveryone.com Vendor Homepage: https://sourceforge.net/projects/miniweb/ Software Link:...
BloodX CMS 1.0 - Authentication Bypass
Exploit Title: BloodX CMS 1.0 - Authentication Bypass Google Dork: N/A Date: 2020-09-02 Exploit Author: BKpatron Vendor Homepage: https://github.com/diveshlunker/BloodX Software Link: https://github.com/diveshlunker/BloodX/archive/master.zip Version: v1.0 Tested on: Win 10 CVE: N/A my website:...
PHPJabbers Simple CMS 5 - 'name' Persistent Cross-Site Scripting (XSS)
Exploit Title: PHPJabbers Simple CMS 5 - 'name' Persistent Cross-Site Scripting XSS Google Dork: subtitle:Copyright © 2021 PHPJabbers.com Date: 2021-10-28 Exploit Author: Vulnerability-Lab Vendor Homepage: https://www.phpjabbers.com/faq.php Software Link: https://www.phpjabbers.com/simple-cms/...
ShareMouse 5.0.43 - 'ShareMouse Service' Unquoted Service Path
Exploit Title: ShareMouse 5.0.43 - 'ShareMouse Service' Unquoted Service Path Discovery Date: 2020-09-08 Discovery by: Alan Lacerda alacerda Vendor Homepage: https://www.sharemouse.com/ Software Link: https://www.sharemouse.com/ShareMouseSetup.exe Version: 5.0.43 Tested on OS: Microsoft Windows 1...
VUPlayer 2.49 .m3u - Local Buffer Overflow (DEP,ASLR)
Exploit title: VUPlayer 2.49 .m3u - Local Buffer Overflow DEP,ASLR Date: 2020-05-22 Exploit Author: Gobinathan L Vendor Homepage: http://www.vuplayer.com/ Version: v2.49 Tested on: Windows 7 Professional with ALSR and Full DEP Turned ON. Usage : $ python .py ===================================...
JavaScriptCore - GetterSetter Type Confusion During DFG Compilation
The following JavaScript program, found by Fuzzilli and slightly modified, crashes JavaScriptCore built from HEAD and the current stable release /System/Library/Frameworks/JavaScriptCore.framework/Resources/jsc: let notAGetterSetter = whatever: 42; function v2v5 const v10 = Object; if v5 const v1...
Engineers Online Portal 1.0 - 'multiple' Stored Cross-Site Scripting (XSS)
Exploit Title: Engineers Online Portal 1.0 - 'multiple' Stored Cross-Site Scripting XSS Exploit Author: Alon Leviev Date: 22-10-2021 Category: Web application Vendor Homepage: https://www.sourcecodester.com/php/13115/engineers-online-portal-php.html Software Link:...
Wise Care 365 5.6.7.568 - 'WiseBootAssistant' Unquoted Service Path
Exploit Title: Wise Care 365 5.6.7.568 - 'WiseBootAssistant' Unquoted Service Path Date: 2021-06-18 Exploit Author: Julio Aviña Vendor Homepage: https://www.wisecleaner.com/wise-care-365.html Software Link: https://downloads.wisecleaner.com/soft/WiseCare3655.6.7.568.exe Version: 5.6.7.568 Service...
QuickDate 1.3.2 - SQL Injection
Exploit Title: QuickDate 1.3.2 - SQL Injection Dork: N/A Date: 2020-02-07 Exploit Author: Ihsan Sencan Vendor Homepage: https://quickdatescript.com/ Version: 1.3.2 Tested on: Linux CVE: N/A POC: 1 POST /findmatches HTTP/1.1 Host: localhost User-Agent: Mozilla/5.0 X11; Linux x8664; rv:55.0...
ZwiiCMS 12.2.04 - Remote Code Execution (Authenticated)
Exploit Title: ZwiiCMS 12.2.04 Remote Code Execution Authenticated Date: 03/06/2023 Exploit Author: Hadi Mene Vendor Homepage: https://zwiicms.fr/ Version: 12.2.04 and potentially lower versions Tested on: Linux CVE: CVE-2020-10567 Category: webapps ZwiiCMS 12.2.04 uses "Responible FileManager"...
WordPress Plugin WP Symposium Pro 2021.10 - 'wps_admin_forum_add_name' Stored Cross-Site Scripting (XSS)
Exploit Title: WordPress Plugin WP Symposium Pro 2021.10 - 'wpsadminforumaddname' Stored Cross-Site Scripting XSS Date: 11/11/2021 Exploit Author: Murat DEMIRCI @butterflyhunt3r Vendor Homepage: http://www.wpsymposiumpro.com/ Software Link: https://wordpress.org/plugins/wp-symposium-pro/ Version:...
Customer Support System 1.0 - 'username' Authentication Bypass
Title: Customer Support System 1.0 - 'username' Authentication Bypass Date: 2020-11-11 Exploit Author: Ahmed Abbas Vendor Homepage: https://www.sourcecodester.com/php/14587/customer-support-system-using-phpmysqli-source-code.html Software Link:...
10-Strike Bandwidth Monitor 3.9 - Buffer Overflow (SEH) (ASLR + DEP Bypass)
Exploit Title: 10-Strike Bandwidth Monitor 3.9 - Buffer Overflow SEH,DEP,ASLR Exploit Author: Bobby Cooke Date: 2020-07-07 Vendor Site: https://www.10-strike.com/ Software Download: https://www.10-strike.com/bandwidth-monitor/bandwidth-monitor.exe Tested On: Windows 10 - Pro 1909 x86 Version:...
Nexus Repository Manager - Java EL Injection RCE (Metasploit)
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Nexus Repository Manager Java EL Injection RCE', 'Description' = %q This module exploits a Java Expression Language EL injection in Nexus...
XCMS v1.83 - Remote Command Execution (RCE)
Exploit Title: XCMS v1.83 - Remote Command Execution RCE Author: Onurcan Email: [email protected] Site: ihteam.net Script Download : http://www.xcms.it Date: 26/12/2022 The xcms's footerthat is in "/dati/generali/footer.dtb" is included in each page of the xcms. Taking "home.php" for example...
Wordpress Plugin TheCartPress 1.5.3.6 - Privilege Escalation (Unauthenticated)
Exploit Title: Wordpress Plugin TheCartPress 1.5.3.6 - Privilege Escalation Unauthenticated Google Dork: inurl:/wp-content/plugins/thecartpress/ Date: 04/10/2021 Exploit Author: spacehen Vendor Homepage: https://wordpress.org/plugin/thecartpress Version: spacehen www.github.com/spacehen" def...
Pearson Vue VTS 2.3.1911 Installer - VUEApplicationWrapper Unquoted Service Path
Exploit Title: Pearson Vue VTS 2.3.1911 Installer - VUEApplicationWrapper Unquoted Service Path Discovery by: Jok3r Discovery Date: 2020-09-14 Vendor Homepage: https://home.pearsonvue.com/ Software Link: https://vss.pearsonvue.com/VSSFiles/Documents/ENUTCInstallGuide/DownloadVTSInstaller.htm Test...
PackageKit < 1.1.13 - File Existence Disclosure
Exploit Title: File Existence Disclosure in PackageKit " sys.exit0 FILETOCHECK = sys.argv1 bus = dbus.SystemBus aptdbusobject = bus.getobject"org.freedesktop.PackageKit", "/org/freedesktop/PackageKit" aptdbusinterface = dbus.Interfaceaptdbusobject, "org.freedesktop.PackageKit" trans = aptdbusinte...
FusionPBX 4.4.3 - Remote Command Execution
Exploit Title: FusionPBX = 4.4.3 Command Injection RCE via XSS Date: 06-11-2019 Exploit Author: Dustin Cobb Vendor Homepage: https://www.fusionpbx.com Software Link: https://https://github.com/fusionpbx/fusionpbx Version: = 4.4.3 Tested on: Debian 8.11 CVE : CVE-2019-11408 XSS AND CVE-2019-11409...
FreeSMS 2.1.2 - SQL Injection (Authentication Bypass)
Exploit Title: FreeSMS 2.1.2 - Authentication Bypass Date: 2019-04-03 Exploit Author: Yilmaz Degirmenci Vendor Homepage: https://freesms.sourceforge.io/ Software Link: https://sourceforge.net/projects/freesms/ Version: v2.1.2 Category: Webapps Tested on: LAMPP for Linux Software Description :...
Auerswald COMfortel 2.8F - Authentication Bypass
Exploit Title: Auerswald COMfortel 2.8F - Authentication Bypass Date: 06/12/2021 Exploit Author: RedTeam Pentesting GmbH Version: 1400/2600/3600 Advisory: Auerswald COMfortel 1400/2600/3600 IP Authentication Bypass RedTeam Pentesting discovered a vulnerability in the web-based configuration...
Sandboxie Plus 0.7.4 - 'SbieSvc' Unquoted Service Path
Exploit Title: Sandboxie Plus 0.7.4 - 'SbieSvc' Unquoted Service Path Discovery by: Erick Galindo Discovery Date: 2020-05-06 Vendor Homepage: https://github.com/sandboxie-plus/Sandboxie/releases/download/0.7.4/Sandboxie-Plus-x64-v0.7.4.exe Tested Version: 0.7.4 Vulnerability Type: Unquoted Servic...
Interactive Suite 3.6 - 'eBeam Stylus Driver' Unquoted Service Path
Exploit Title: Interactive Suite 3.6 - 'eBeam Stylus Driver' Unquoted Service Path Discovery by: Luis Martinez Discovery Date: 2021-03-14 Vendor Homepage: https://www.luidia.com Software Link: http://down.myequil.com/dn/setup/ScrapBookwin/down.html Tested Version: 3.6 Tested on OS: Windows 10 Pro...
WonderCMS 3.1.3 - 'Menu' Persistent Cross-Site Scripting
Exploit Title: WonderCMS 3.1.3 - 'menu' Persistent Cross-Site Scripting Date: 20-11-2020 Exploit Author: Hemant Patidar HemantSolo Vendor Homepage: https://www.wondercms.com/ Version: 3.1.3 Tested on: Windows 10/Kali Linux Contact: https://www.linkedin.com/in/hemantsolo/ CVE: CVE-2020-29469 Attac...