47904 matches found
Gandia Integra Total 4.4.2236.1 - SQL Injection
/ Author : Byte Reaper CVE : CVE-2025-41373 Vulnerability : SQL Affected Path : /encuestas/integrawebv4/integra/html/view/hislistadoacciones.php?idestudio= Affected Versions : 2.1.2217.3 to v4.4.2236.1 Description: This endpoint concatenates the idestudio parameter directly into an SQL query...
GetSimple CMS v3.3.16 - Remote Code Execution (RCE)
Exploit Title: GetSimple CMS v3.3.16 - Remote Code Execution RCE Data: 18/5/2023 Exploit Author : Youssef Muhammad Vendor: Get-simple Software Link: Version app: 3.3.16 Tested on: linux CVE: CVE-2022-41544 import sys import hashlib import re import requests from xml.etree import ElementTree from...
10-Strike Network Inventory Explorer Pro 9.31 - Buffer Overflow (SEH)
Exploit Title: 10-Strike Network Inventory Explorer Pro 9.31 - Buffer Overflow SEH Date: 2021-10-31 Exploit Author: ro0k Vendor Homepage: https://www.10-strike.com/ Software Link: https://www.10-strike.com/networkinventoryexplorer/network-inventory-pro-setup.exe Version: 9.31 Tested on: Windows 1...
Eibiz i-Media Server Digital Signage 3.8.0 - Directory Traversal
Exploit Title: Eibiz i-Media Server Digital Signage 3.8.0 - Directory Traversal Date: 2020-08-22 Exploit Author: LiquidWorm Vendor Homepage: http://www.eibiz.co.th Affected version: =3.8.0 CVE: N/A Eibiz i-Media Server Digital Signage 3.8.0 oldfile File Path Traversal Vendor: EIBIZ Co.,Ltd. Produ...
FHEM 6.0 - Local File Inclusion
Exploit Title: FHEM 6.0 - Local File Inclusion Date: 2020-02-10 Exploit Author: Emre ÖVÜNÇ Vendor Homepage: https://fhem.de/ Software Link: https://fhem.de/Download Version: v6.0 Tested on: Windows Link: https://github.com/EmreOvunc/FHEM-6.0-Local-File-Inclusion-LFI-Vulnerability PoC To exploit...
Odin Secure FTP Expert 7.6.3 - 'Site Info' Denial of Service (PoC)
Exploit Title: Odin Secure FTP Expert 7.6.3 - 'Site Info' Denial of Service PoC Discovery by: Ivan Marmolejo Discovery Date: 2020-03-27 Vendor Homepage: https://odin-secure-ftp-expert.jaleco.com/ Software Link Download : http://tr.oldversion.com/windows/odin-secure-ftp-expert-7-6-3 Version : Odin...
CyberArk Password Vault 10.6 - Authentication Bypass
Exploit Title: CyberArk Password Vault 10.6 - Authentication Bypass Date: 2019-10-16 Author: Daniel Martinez Adan adon90 Vendor: https://www.cyberark.com Software: https://www.cyberark.com/products/privileged-account-security-solution/enterprise-password-vault/ Collaborator: Luis Buendía...
Ahsay Backup 7.x - 8.1.1.50 - Authenticated Arbitrary File Upload / Remote Code Execution (Metasploit)
Exploit Title: Authenticated insecure file upload and code execution flaw in Ahsay Backup v7.x - v8.1.1.50. Metasploit Date: 26-6-2019 Exploit Author: Wietse Boonstra Vendor Homepage: https://ahsay.com Software Link: http://ahsay-dn.ahsay.com/v8/81150/cbs-win.exe Version: 7.x 'Ahsay Backup...
Microsoft SQL Server Management Studio 17.9 - '.xel' XML External Entity Injection
Exploit Title: Microsoft SQL Server Management Studio 17.9 - '.xel' XML External Entity Injection Date: 2018-10-10 Author: John Page aka hyp3rlinx Website: hyp3rlinx.altervista.org Venodor: www.microsoft.com Software: SQL Server Management Studio 17.9 and SQL Server Management Studio 18.0 Preview...
Wavlink WN533A8 - Password Disclosure
Exploit Title: Wavlink WN533A8 - Password Disclosure Date: 2022-06-12 Exploit Author: Ahmed Alroky Author Company : AIactive Version: M33A8.V5030.190716 Vendor home page : wavlink.com Authentication Required: No CVE : CVE-2022-34046 Tested on: Windows Exploit...
dnsrecon 0.10.0 - CSV Injection
Exploit Title: dnsrecon 0.10.0 - CSV Injection Author: Dolev Farhi Date: 2021-01-07 Vendor Homepage: https://github.com/darkoperator/dnsrecon/ Version : 0.10.0 Tested on: ParrotOS 4.10 dnsrecon, when scanning a TXT record such as SPF, i.e.: spf.domain.com, outputs a CSV report -c out.csv with...
Cyber Cafe Management System Project (CCMS) 1.0 - Persistent Cross-Site Scripting
Exploit Title: Cyber Cafe Management System Project CCMS 1.0 - Persistent Cross-Site Scripting Date: 04-12-2020 Exploit Author: Pruthvi Nekkanti Vendor Homepage: https://phpgurukul.com Product link: https://phpgurukul.com/cyber-cafe-management-system-using-php-mysql/ Version: 1.0 Tested on: Kali...
Microsoft Windows - Win32k Elevation of Privilege
Exploit Title: Microsoft Windows - Win32k Elevation of Privilege Author: nu11secur1ty Date: 08.03.2020 Exploit Date: 01/14/2020 Vendor: Microsoft Software Link: https://support.microsoft.com/en-us/help/3095649/win32k-sys-update-in-windows-october-2015 Exploit link:...
Mersive Solstice 2.8.0 - Remote Code Execution
Exploit Title: Mersive Solstice 2.8.0 - Remote Code Execution Google Dork: N/A Date: 2016-12-23 Exploit Author: Alexandre Teyar Vendor Homepage: https://www2.mersive.com/ Firmware Link: http://www.mersive.com/Support/Releases/SolsticeServer/SGE/Android/2.8.0/Solstice.apk Versions: 2.8.0 Tested On...
V-SOL GPON/EPON OLT Platform 2.03 - Remote Privilege Escalation
Exploit Title: V-SOL GPON/EPON OLT Platform 2.03 - Remote Privilege Escalation Author: LiquidWorm Discovery Date: 2019-09-26 Vendor: Guangzhou V-SOLUTION Electronic Technology Co., Ltd. Product web page: https://www.vsolcn.com Tested on: GoAhead-Webs Advisory ID: ZSL-2019-5538 Advisory URL:...
Cyber Cafe Management System Project (CCMS) 1.0 - SQL Injection Authentication Bypass
Exploit Title: Cyber Cafe Management System Project CCMS 1.0 - SQL Injection Authentication Bypass Date: 29-09-2021 Exploit Author: sudoninja Vendor Homepage: https://phpgurukul.com Product link: https://phpgurukul.com/cyber-cafe-management-system-using-php-mysql/ Version: 1.0 Tested on: XAMPP /...
Simple Image Gallery System 1.0 - 'id' SQL Injection
Exploit Title: Simple Image Gallery System 1.0 - 'id' SQL Injection Date: 2020-08-12 Exploit Author: Azumah Foresight Xorlali M4sk0ff Vendor Homepage: https://www.sourcecodester.com/php/14903/simple-image-gallery-web-app-using-php-free-source-code.html Software Link:...
Monica 2.19.1 - 'last_name' Stored XSS
Exploit Title: Monica 2.19.1 - 'lastname' Stored XSS Date: 22-02-2021 Exploit Author: BouSalman Vendor Homepage: https://www.monicahq.com/ Software Link: https://github.com/monicahq/monica/releases Version: Monica 2.19.1 Tested on: Ubuntu 18.04 CVE : CVE-2021-27370 POST /people HTTP/1.1 Host:...
AnyDesk 5.4.0 - Unquoted Service Path
Exploit Title: AnyDesk 5.4.0 - Unquoted Service Path Exploit Author: SajjadBnd Date: 2019-12-23 Vendor Homepage: http://anydesk.com Software Link: https://download.anydesk.com/AnyDesk.exe Version: Software Version 5.4.0 Tested on: Win10 x64 SERVICENAME: AnyDesk TYPE : 10 WIN32OWNPROCESS STARTTYPE...
Microsoft Windows 10 Build 1803 < 1903 - 'COMahawk' Local Privilege Escalation
EDB Note Download: - https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/47684-1.exe - https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/47684-2.zip COMahawk Privilege Escalation: Weaponizing CVE-2019-1405 and CVE-2019-1322 Video Demo...
WordPress Plugin Google Review Slider 6.1 - 'tid' SQL Injection
Exploit Title: Wordpress Plugin Google Review Slider 6.1 - 'tid' SQL Injection Google Dork: inurl:"/wp-content/plugins/wp-google-places-review-slider/" Date: 2019-07-02 Exploit Author: Princy Edward Exploit Author Blog : https://prinyedward.blogspot.com/ Vendor Homepage:...
Oracle Hyperion Planning 11.1.2.3 - XML External Entity
Exploit Title: XXE Injection Oracle Hyperion - Exploit Author: Lucas Dinucci [email protected] - Twitter: @identik1t - Vendor Homepage: https://www.oracle.com/applications/performance-management - Date: 02/11/2019 - Affected Product: Oracle Hyperion Enterprise Performance Management System -...
Liman 0.7 - Cross-Site Request Forgery (Change Password)
Exploit Title: Liman 0.7 - Cross-Site Request Forgery Change Password Date: 2020-10-07 Exploit Author: George Tsimpidas Software Link : https://github.com/salihciftci/liman/releases/tag/v0.7 Version: 0.7 Tested on: Ubuntu 18.04.5 LTS Bionic Beaver Category: Webapp Description: There is no CSRF...
UBICOD Medivision Digital Signage 1.5.1 - Authorization Bypass
Title: UBICOD Medivision Digital Signage 1.5.1 - Authorization Bypass Date: 2020-07-23 Author: LiquidWorm Product web page: http://www.medivision.co.kr CVE: N/A Vendor: UBICOD Co., Ltd. | MEDIVISION INC. Product web page: http://www.medivision.co.kr Affected version: Firmware 1.5.1 2013.01.3...
WordPress Plugin JoomSport 3.3 - SQL Injection
Exploit Title: JoomSport 3.3 – for Sports - SQL injection Google Dork: intext:powered by JoomSport - sport WordPress plugin Date:29/07/2019. Exploit Author: Pablo Santiago Vendor Homepage: https://beardev.com/ Software Link: https://wordpress.org/plugins/joomsport-sports-league-results-management...
Metabase 0.46.6 - Pre-Auth Remote Code Execution
Exploit Title: metabase 0.46.6 - Pre-Auth Remote Code Execution Google Dork: N/A Date: 13-10-2023 Exploit Author: Musyoka Ian Vendor Homepage: https://www.metabase.com/ Software Link: https://www.metabase.com/ Version: metabase 0.46.6 Tested on: Ubuntu 22.04, metabase 0.46.6 CVE : CVE-2023-38646...
Proxmox VE - TOTP Brute Force
Exploit Title: Proxmox VE TOTP Brute Force Date: 09/23/2023 Exploit Author: Cory Cline, Gabe Rust Vendor Homepage: https://www.proxmox.com/en/ Software Link: http://download.proxmox.com/iso/ Version: 5.4 - 7.4-1 Tested on: Debian CVE : CVE-2023-43320 import time import requests import urllib.pars...
Wordpress Plugin Elementor 3.5.5 - Iframe Injection
Exploit Title: Wordpress Plugin Elementor 3.5.5 - Iframe Injection Date: 28.08.2023 Exploit Author: Miguel Santareno Vendor Homepage: https://elementor.com/ Version: 3.5.5 Tested on: Google and Firefox latest version CVE : CVE-2022-4953 1. Description The plugin does not filter out user-controlle...
Online Thesis Archiving System 1.0 - SQLi Authentication Bypass
Exploit Title: Online Thesis Archiving System 1.0 - SQLi Authentication Bypass Exploit Author: Yehia Elghaly YME Vendor Homepage: https://www.sourcecodester.com/ Software Link: https://www.sourcecodester.com/php/15083/online-thesis-archiving-system-using-phpoop-free-source-code.html Version: Onli...
CloudMe 1.11.2 - Buffer Overflow (SEH,DEP,ASLR)
Exploit Title: CloudMe 1.11.2 - Buffer Overflow SEH,DEP,ASLR Date: 2020-05-20 Exploit Author: Xenofon Vassilakopoulos Vendor Homepage: https://www.cloudme.com/en Software Link: https://www.cloudme.com/downloads/CloudMe1112.exe Version: CloudMe 1.11.2 Tested on: Windows 7 Professional x86 SP1 Step...
HP System Event Utility - Local Privilege Escalation
Exploit Title: HP System Event Utility - Local Privilege Escalation Author: hyp3rlinx Date: 2020-02-11 Vendor: www.hp.com Link: https://hp-system-event-utility.en.lo4d.com/download CVE: CVE-2019-18915 + Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source:...
wkhtmltopdf 0.12.6 - Server Side Request Forgery
Exploit Title: wkhtmltopdf 0.12.6 - Server Side Request Forgery Date: 20/8/2022 Exploit Author: Momen Eldawakhly Cyber Guy Vendor Homepage: https://wkhtmltopdf.org Software Link: https://wkhtmltopdf.org/downloads.html Version: 0.12.6 Tested on: Windows ASP.NET POST /PDF/FromHTML HTTP/1.1 Host:...
Online Movie Streaming 1.0 - Admin Authentication Bypass
Exploit Title: Online Movie Streaming 1.0 - Admin Authentication Bypass Exploit Author: Richard Jones Date: 2021-01-13 Vendor Homepage: https://www.sourcecodester.com/php/14640/online-movie-streaming-php-full-source-code.html Software Link:...
Multiple DrayTek Products - Pre-authentication Remote Root Code Execution
package main / CVE-2020-8515: DrayTek pre-auth remote root RCE Mon Mar 30 2020 - 0xsha.io Affected: DrayTek Vigor2960 1.3.1Beta, Vigor3900 1.4.4Beta, and Vigor300B 1.3.3Beta, 1.4.2.1Beta, and 1.4.4Beta You should upgrade as soon as possible to 1.5.1 firmware or later This issue has been fixed in...
Auerswald COMpact 8.0B - Privilege Escalation
Exploit Title: Auerswald COMpact 8.0B - Privilege Escalation Date: 06/12/2021 Exploit Author: RedTeam Pentesting GmbH Advisory: Auerswald COMpact Privilege Escalation RedTeam Pentesting discovered a vulnerability in the web-based management interface of the Auerswald COMpact 5500R PBX which allow...
FileZilla 3.33 - Buffer Overflow (PoC)
Exploit Title: FileZilla 3.33 Buffer-Overflow PoC Author: Kağan Çapar Discovery Date: 2018-10-10 Software Link: https://launchpad.net/ubuntu/+archive/primary/+sourcefiles/filezilla/3.33.0-1/filezilla3.33.0-1.debian.tar.xz Vendor Homepage : https://filezilla-project.org Tested Version: 3.33 Tested...
Academy LMS 6.0 - Reflected XSS
Exploit Title: Academy LMS 6.0 - Reflected XSS Exploit Author: CraCkEr Date: 22/07/2023 Vendor: Creativeitem Vendor Homepage: https://creativeitem.com/ Software Link: https://demo.creativeitem.com/academy/ Version: 6.0 Tested on: Windows 10 Pro Impact: Manipulate the content of the site CVE:...
Xenforo Version 2.2.13 - Authenticated Stored XSS
Exploit Title: Xenforo Version 2.2.13 - Authenticated Stored XSS Date: 2023-06-24 Exploit Author: Furkan Karaarslan Category : Webapps Vendor Homepage: https://x.com/admin.php?smilies Version: 2.2.12 REQUIRED Tested on: Windows/Linux CVE :...
Diafan CMS 6.0 - Reflected Cross-Site Scripting (XSS)
Exploit Title: Diafan CMS 6.0 - Reflected Cross-Site Scripting XSS Exploit Author: tmrswrr / Hulya Karabag Vendor Homepage: https://www.diafancms.com/ Version: 6.0 Tested on: https://demo.diafancms.com Description: 1 https://demo.diafancms.com/ Go to main page and write your payload in Search in...
phpIPAM 1.4.5 - Remote Code Execution (RCE) (Authenticated)
Exploit Title: phpIPAM 1.4.5 - Remote Code Execution RCE Authenticated Date: 2022-04-10 Exploit Author: Guilherme '@behiNdyk1' Alves Vendor Homepage: https://phpipam.net/ Software Link: https://github.com/phpipam/phpipam/releases/tag/v1.4.5 Version: 1.4.5 Tested on: Linux Ubuntu 20.04.3 LTS...
Pluck CMS 4.7.13 - File Upload Remote Code Execution (Authenticated)
Exploit Title: Pluck CMS 4.7.13 - File Upload Remote Code Execution Authenticated Date: 25.05.2021 Exploit Author: Ron Jost Hacker5preme Vendor Homepage: https://github.com/pluck-cms/pluck Software Link: https://github.com/pluck-cms/pluck/releases/tag/4.7.13 Version: 4.7.13 Tested on Xubuntu 20.0...
Teachers Record Management System 1.0 - 'searchteacher' SQL Injection
Exploit Title: Teachers Record Management System 1.0 - 'searchteacher' SQL Injection Date: 13/02/2021 Exploit Author: Soham Bakore, Nakul Ratti Vendor Homepage: https://www.sourcecodester.com/ Software Link: https://www.sourcecodester.com/php/14399/teacher-record-system-phpmysql.html Version:1.0...
EgavilanMedia User Registration & Login System with Admin Panel 1.0 - CSRF
Exploit Title: EgavilanMedia User Registration & Login System with Admin Panel 1.0 - CSRF Date: 01-12-2020 Exploit Author: Hardik Solanki Vendor Homepage: http://egavilanmedia.com Software Link:...
Setelsa Conacwin 3.7.1.2 - Local File Inclusion
Exploit Title: Setelsa Conacwin 3.7.1.2 - Local File Inclusion Date: 02/09/20 Exploit Author: Bryan Rodriguez Martin AKA tr3mb0 Vendor Homepage: http://setelsa-security.es/productos/control-de-acceso/ Version: 3.7.1.2 Tested on: Windows FIX: The recommendation from the vendor is to update to the...
Pharmacy/Medical Store & Sale Point 1.0 - 'email' SQL Injection
Exploit Title: Pharmacy/Medical Store & Sale Point 1.0 - 'email' SQL Injection Date: 2020-08-23 Exploit Author: @naivenom Vendor Homepage: https://www.sourcecodester.com/php/14398/pharmacymedical-store-sale-point-using-phpmysql-bootstrap-framework.html Software Link:...
WhatsApp - RTP Processing Heap Corruption
Heap corruption can occur when the WhatsApp mobile application receives a malformed RTP packet. 08-31 15:43:50.721 9428 9713 F libc : Fatal signal 11 SIGSEGV, code 1, fault addr 0x7104200000 in tid 9713 Thread-11 08-31 15:43:50.722 382 382 W : debuggerd: handling request: pid=9428 uid=10119...
TLS - Renegotiation
!/usr/bin/env python RedTeam Pentesting GmbH [email protected] http://www.redteam-pentesting.de PoC exploit for the TLS renegotiation vulnerability CVE-2009-3555 License ------- CC-BY-SA http://creativecommons.org/licenses/by-sa/3.0/ Timeline -------- 2009-12-21 initial public release...
Wordpress 'simple urls' Plugin < 115 - XSS
Exploit Title: simple urls alertorigin...
Police Crime Record Management System 1.0 - 'casedetails' SQL Injection
Exploit Title: Police Crime Record Management System 1.0 - 'casedetails' SQL Injection Date: 12/08/2021 Exploit Author: Ömer Hasan Durmuş Software Link: https://www.sourcecodester.com/php/14894/police-crime-record-management-system.html Version: v1.0 Category: Webapps Tested on: Linux/Windows Ste...
Epic Games Easy Anti-Cheat 4.0 - Local Privilege Escalation
Exploit Title: Epic Games Easy Anti-Cheat 4.0 - Local Privilege Escalation Date: 04.05.2021 Exploit Author: LiquidWorm Vendor Homepage: https://www.epicgames.com https://www.easy.ac Epic Games Easy Anti-Cheat 4.0 Local Privilege Escalation Vendor: Epic Games, Inc. Product web page:...