47884 matches found
RATES SYSTEM 1.0 - 'Multiple' SQL Injections
Exploit Title: RATES SYSTEM 1.0 - 'Multiple' SQL Injections Date: 11-08-2021 Exploit Author: Halit AKAYDIN hLtAkydn Software Link: https://www.sourcecodester.com/php/14904/rates-system.html Version: V1.0 Category: Webapps Tested on: Linux/Windows Description: PHP Dashboards is prone to an...
Acer Updater Service 1.2.3500.0 - 'UpdaterService.exe' Unquoted Service Path
Exploit Title: Acer Updater Service 1.2.3500.0 - 'UpdaterService.exe' Unquoted Service Path Discovery by: Emmanuel Lujan Discovery Date: 2020-11-26 Vendor Homepage: https://www.acer.com/ac/en/US/content/home Tested Version: 1.2.3500.0 Vulnerability Type: Unquoted Service Path Tested on OS: Window...
Metasploit Framework 6.0.11 - msfvenom APK template command injection
Exploit Title: Metasploit Framework 6.0.11 - msfvenom APK template command injection Exploit Author: Justin Steven Vendor Homepage: https://www.metasploit.com/ Software Link: https://www.metasploit.com/ Version: Metasploit Framework 6.0.11 and Metasploit Pro 4.18.0 CVE : CVE-2020-7384 !/usr/bin/e...
LimeSurvey 4.3.10 - 'Survey Menu' Persistent Cross-Site Scripting
Exploit Title: LimeSurvey 4.3.10 - 'Survey Menu' Persistent Cross-Site Scripting Date: 2020-08-23 Exploit Author: Matthew Aberegg Vendor Homepage: https://www.limesurvey.org Version: LimeSurvey 4.3.10+200812 Tested on: Ubuntu 18.04.4 Patch Link:...
iMessage - Memory Corruption when Decoding NSKnownKeysDictionary1
There is a memory corruption vulnerability when decoding an object of class NSKnownKeysDictionary1. This class decodes an object of type NSKnownKeysMappingStrategy1, which decodes a length member which is supposed to represent the length of the keys of the dictionary. However, this member is...
OpenSIS 8.0 'modname' - Directory Traversal
Exploit Title: OpenSIS 8.0 'modname' - Directory/Path Traversal Date: 09-02-2021 Exploit Author: Eric Salario Vendor Homepage: http://www.os4ed.com/ Software Link: https://opensis.com/download Version: 8.0 Tested on: Windows, Linux CVE: CVE-2021-40651 The 'modname' parameter in the 'Modules.php' ...
Atlassian Jira Server Data Center 8.16.0 - Reflected Cross-Site Scripting (XSS)
Exploit Title: Atlassian Jira Server/Data Center 8.16.0 - Reflected Cross-Site Scripting XSS Date: 06/05/2021 Exploit Author: CAPTAINHOOK Vendor Homepage: https://www.atlassian.com/ Software Link: https://www.atlassian.com/software/jira/download/data-center Version: versions 8.5.14, 8.6.0 ≤ versi...
MariaDB 10.2 - 'wsrep_provider' OS Command Execution
Exploit Title: MariaDB 10.2 /MySQL - 'wsrepprovider' OS Command Execution Date: 03/18/2021 Exploit Author: Central InfoSec Version: MariaDB 10.2 before 10.2.37, 10.3 before 10.3.28, 10.4 before 10.4.18, and 10.5 before 10.5.9; Percona Server through 2021-03-03; and the wsrep patch through...
User Management System 1.0 - 'uid' SQL Injection
Exploit Title: User Management System 1.0 - 'uid' SQL Injection Google Dork: N/A Date: 29/1/2021 Exploit Author: Zeyad Azima Vendor Homepage: https://phpgurukul.com/ Software Link: https://phpgurukul.com/user-management-system-in-php-using-stored-procedure/ Version: V1 Tested on: Windows Identify...
WonderCMS 3.1.3 - Authenticated Remote Code Execution
Exploit Title: WonderCMS 3.1.3 - Authenticated Remote Code Execution Date: 2020-11-27 Exploit Author: zetc0de Vendor Homepage: https://www.wondercms.com/ Software Link: https://github.com/robiso/wondercms/releases/download/3.1.3/WonderCMS-3.1.3.zip Version: 3.1.3 Tested on: Ubuntu 16.04 CVE :...
Grafana 7.0.1 - Denial of Service (PoC)
Exploit Title: Grafana 7.0.1 - Denial of Service PoC Date: 2020-05-23 Exploit Author: mostwanted002 Vendor Homepage: https://grafana.com/ Software Link: https://grafana.com/grafana/download Version: 3.0.1 - 7.0.1 Tested on: Linux CVE : CVE-2020-13379 !/bin/bash if $1 != "" ; then curl -I...
Sistem Informasi Pengumuman Kelulusan Online 1.0 - Cross-Site Request Forgery (Add Admin)
Exploit Title: Sistem Informasi Pengumuman Kelulusan Online 1.0 - Cross-Site Request Forgery Add Admin Google Dork: N/A Date: 2020-06-10 Exploit Author: Extinction Vendor Homepage: https://adikiss.net/ Software Link:...
Hisilicon HiIpcam V100R003 Remote ADSL - Credentials Disclosure
!/usr/bin/perl -w Hisilicon HiIpcam V100R003 Remote ADSL Credentials Disclosure Copyright 2019 c Todor Donev Hisilicon HiIpcam V100R003 Remote ADSL Credentials Disclosure ============================================================= Exploit Author: Todor Donev 2019 Disclaimer: This or previous...
Microsoft Windows 10 - UAC Protection Bypass Via Microsoft Windows Store (WSReset.exe) and Registry (Metasploit)
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Windows 10 UAC Protection Bypass Via Windows Store WSReset.exe and Registry', 'Description' = %q This module exploits a flaw in the WSReset.exe...
Dnsmasq < 2.78 - Information Leak
''' Sources: https://raw.githubusercontent.com/google/security-research-pocs/master/vulnerabilities/dnsmasq/CVE-2017-14494.py https://security.googleblog.com/2017/10/behind-masq-yet-more-dns-and-dhcp.html Sadly, there are no easy docker setup instructions available. Setup a simple network with...
Gitea 1.22.0 - Stored XSS
Exploit Title: Stored XSS in Gitea Date: 27/08/2024 Exploit Authors: Catalin Iovita & Alexandru Postolache Vendor Homepage: https://github.com/go-gitea/gitea Version: 1.22.0 Tested on: Linux 5.15.0-107, Go 1.23.0 CVE: CVE-2024-6886 Vulnerability Description Gitea 1.22.0 is vulnerable to a Stored...
SPA-Cart eCommerce CMS 1.9.0.3 - SQL Injection
Exploit Title: SPA-Cart eCommerce CMS 1.9.0.3 - SQL Injection Exploit Author: CraCkEr Date: 20/08/2023 Vendor: SPA-Cart Vendor Homepage: https://spa-cart.com/ Software Link: https://demo.spa-cart.com/ Version: 1.9.0.3 Tested on: Windows 10 Pro Impact: Database Access CVE: CVE-2023-4548 CWE: CWE-8...
Swagger UI 4.1.3 - User Interface (UI) Misrepresentation of Critical Information
Exploit Title: Swagger UI 4.1.3 - User Interface UI Misrepresentation of Critical Information Date: 14 April, 2023 Exploit Author: Rafael Cintra Lopes Vendor Homepage: https://swagger.io/ Version: 4.1.3 CVE: CVE-2018-25031 Site: https://rafaelcintralopes.com.br/ Usage: python swagger-exploit.py...
Engineers Online Portal 1.0 - 'multiple' Authentication Bypass
Exploit Title: Engineers Online Portal 1.0 - 'multiple' Authentication Bypass Exploit Author: Alon Leviev Date: 22-10-2021 Category: Web application Vendor Homepage: https://www.sourcecodester.com/php/13115/engineers-online-portal-php.html Software Link:...
HP Display Assistant x64 Edition 3.20 - 'DTSRVC' Unquoted Service Path
Exploit Title: HP Display Assistant x64 Edition 3.20 - 'DTSRVC' Unquoted Service Path Date: 2020-11-08 Exploit Author: Julio Aviña Vendor Homepage: https://www.portrait.com/ Software Link: https://www.portrait.com/dtune/hwp/enu/ Software Version: 3.20 File Version: 1.0.0.1 Tested on: Windows 10 P...
LibreNMS - addhost Command Injection (Metasploit)
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'LibreNMS addhost Command Injection', 'Description' = %q This module exploits a command injection vulnerability in the open source network...
Ultimate Member WordPress Plugin 2.6.6 - Privilege Escalation
!/usr/bin/env python3 Exploit Title: Ultimate Member WordPress Plugin 2.6.6 - Privilege Escalation Exploit Author: Gurjot Singh CVE: CVE-2023-3460 Description : The attached PoC demonstrates how an unauthenticated attacker can escalate privileges to admin by abusing unsanitized input in...
Park Ticketing Management System 1.0 - 'viewid' SQL Injection
Exploit Title: Park Ticketing Management System 1.0 - 'viewid' SQL Injection Google Dork: N/A Date: 29/1/2021 Exploit Author: Zeyad Azima Vendor Homepage: https://phpgurukul.com/ Software Link: https://phpgurukul.com/park-ticketing-management-system-using-php-and-mysql/ Version: V1 Tested on:...
Xorg X11 Server - Local Privilege Escalation (Metasploit)
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Xorg X11 Server Local Privilege Escalation', 'Description' = %q WARNING: Successful execution of this module results in /etc/passwd being...
Craft CMS 2.7.9/3.2.5 - Information Disclosure
Exploit Title : CraftCms Users information disclosure From uploaded File Author Discovered By : Mohammed Abdul Raheem Author's Company Name : TrekShield IT Solution Author Exploit-db : https://www.exploit-db.com/?author=9783 Found Vulnerability On : 20-07-2019 Vendor Homepage:https://craftcms.com...
mooSocial 3.1.8 - Cross-Site Scripting (XSS) on User Login Page
Exploit Title: mooSocial 3.1.8 - Cross-Site Scripting XSS on User Login Page Date: 26 September 2023 Exploit Author: Astik Rawat ahrixia Vendor Homepage: https://moosocial.com Software Link: https://travel.moosocial.com/ Version: 3.1.8 Tested on: Windows 11 CVE : CVE-2023-43325 Description: A Cro...
GLPI GZIP(Py3) 9.4.5 - RCE
!/usr/bin/env python3 Exploit Title: GLPI GZIPPy3 9.4.5 - RCE Date: 08-30-2021 Exploit Authors: Brian Peters & n3rada Vendor Homepage: https://glpi-project.org/ Software Link: https://github.com/glpi-project/glpi/releases Version: 0.8.5-9.4.5 Tested on: Exploit ran on Kali 2021. GLPI Ran on Windo...
MiniTool Partition Wizard - Unquoted Service Path
Exploit Title: MiniTool Partition Wizard - Unquoted Service Path Date: 07/04/2022 Exploit Author: Saud Alenazi Vendor Homepage: https://www.minitool.com/ Software Link: https://www.minitool.com/download-center/ Version: 12.0 Tested: Windows 10 Pro x64 es PoC : C:\Users\saudhsc qc MTSchedulerServi...
Fuel CMS 1.4.13 - 'col' Blind SQL Injection (Authenticated)
Exploit Title: Fuel CMS 1.4.13 - 'col' Blind SQL Injection Authenticated Date: 2021-04-11 Exploit Author: Rahad Chowdhury Vendor Homepage: https://www.getfuelcms.com/ Software Link: https://github.com/daylightstudio/FUEL-CMS/archive/1.4.13.zip Version: 1.4.13 Tested on: Kali Linux, PHP 7.4.16,...
Dolibarr ERP-CRM 14.0.2 - Stored Cross-Site Scripting (XSS) / Privilege Escalation
Exploit Title: Dolibarr ERP-CRM 14.0.2 - Stored Cross-Site Scripting XSS / Privilege Escalation Exploit Author: Oscar Gutierrez m4xp0w3r Date: 18/10/2021 Vendor Homepage: https://www.dolibarr.org/ Software Link: https://github.com/Dolibarr Tested on: Ubuntu, LAAMP Vendor: Dolibarr Version: v14.0....
Online Examination System 1.0 - 'name' Stored Cross Site Scripting
Exploit Title: Online examination system 1.0 - 'name' Stored Cross Site Scripting Date: 29/10/2020 Exploit Author: Nikhil Kumar https://www.linkedin.com/in/nikhil-kumar-4b9443166/ Vendor Homepage: https://github.com/projectworldsofficial/online-examination-systen-in-php Software Link:...
WordPress Core < 5.2.3 - Viewing Unauthenticated/Password/Private Posts
So far we know that adding ?static=1 to a wordpress URL should leak its secret content Here are a few ways to manipulate the returned entries: - order with asc or desc - orderby - m with m=YYYY, m=YYYYMM or m=YYYYMMDD date format In this case, simply reversing the order of the returned elements...
CentOS Control Web Panel 0.9.8.838 - User Enumeration
Exploit Title: CWP CentOS Control Web Panel 0.9.8.848 User Enumeration via HTTP Response Message Date: 15 July 2019 Exploit Author: Pongtorn Angsuchotmetee, Nissana Sirijirakal, Narin Boonwasanarak Vendor Homepage: https://control-webpanel.com/changelog Software Link: Not available, user panel on...
ClanSphere 2010 - Multiple Vulnerabilities
Exploit Title: Clansphere Multiple vulnerabilities Date: 24/08/2010 Author: Sweet Contact : [email protected] Software Link: Download:http: http://sourceforge.net/projects/clansphere/ Version: all Tested on: WinXp sp3 Risk : HIGHT...
Eudora Qualcomm WorldMail 3.0 - IMAPd 'LIST' Remote Buffer Overflow (Metasploit)
$Id: eudoralist.rb 9653 2010-07-01 23:33:07Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/...
OVOO Movie Portal CMS v3.3.3 - SQL Injection
Exploit Title: OVOO Movie Portal CMS v3.3.3 - SQL Injection Date: 2023-08-12 Exploit Author: Ahmet Ümit BAYRAM Vendor: https://codecanyon.net/item/ovoomovie-video-streaming-cms-with-unlimited-tvseries/20180569 Tested on: Kali Linux & MacOS CVE: N/A Request POST /filtermovies/1 HTTP/2 Host:...
binutils 2.37 - Objdump Segmentation Fault
Exploit Title: binutils 2.37 - Objdump Segmentation Fault Date: 2021-11-03 Exploit Author: p3tryx Vendor Homepage: https://www.gnu.org/software/binutils/ Version: binutils 2.37 Tested on: Ubuntu 18.04 CVE : CVE-2021-43149 Payload file %223"\972\00\0083=Q333A11111111411111333333A $$$\FF$\80 1114...
Accounting Journal Management System 1.0 - 'id' SQLi (Authenticated)
Exploit Title: Accounting Journal Management System 1.0 - 'id' SQLi Authenticated Exploit Author: Alperen Ergel Contact: @alpernae IG/TW Software Homepage: https://www.sourcecodester.com/php/15155/accounting-journal-management-system-trial-balance-php-free-source-code.html Version : 1.0 Tested on...
Online Shopping Portal 3.1 - Remote Code Execution (Unauthenticated)
Exploit Title: Online Shopping Portal 3.1 - Remote Code Execution Unauthenticated Date: 17.06.2021 Exploit Author: Tagoletta Tağmaç Software Link: https://phpgurukul.com/shopping-portal-free-download/ Version: V3.1 Tested on: Windows & Ubuntu import requests import random import string url =...
WordPress Plugin Insert PHP 3.3.1 - PHP Code Injection
Exploit Title: WordPress 4.7.0/4.7.1 Plugin Insert PHP - PHP Code Injection Exploit Author: sucuri.net @sucurisecurity Date: 2017-02-09 Google Dork : inurl:/wp-content/plugins/insert-php/ Vendor Homepage: https://fr.wordpress.org/plugins/insert-php/ Tested on: MSWin32 Version: 3.3.1 Explanation :...
Mara CMS 7.5 - Reflective Cross-Site Scripting
Exploit Title: Mara CMS 7.5 - Reflective Cross-Site Scripting Google Dork: NA Date: 2020-08-01 Exploit Author: George Tsimpidas Vendor Homepage: https://sourceforge.net/projects/maracms/ Software Link: https://sourceforge.net/projects/maracms/files/MaraCMS75.zip/download Version: 7.5 Tested on:...
SuperDoctor5 - 'NRPE' Remote Code Execution
SuperMicro implemented a Remote Command Execution plugin in their implementation of NRPE in SuperDocter 5, which is their monitoring utility for SuperMicro chassis'. This is an intended feature but leaves the system open by default to unauthenticated remote command execution by abusing the...
Swagger UI 1.0.3 - Cross-Site Scripting (XSS)
/ Author : Byte Reaper Telegram : @ByteReaper0 CVE : CVE-2025-8191 Title : Swagger UI 1.0.3 - Cross-Site Scripting XSS Description : CVE-2025-8191, a vulnerability in the Swagger UI service due to poor description parameter filtering, leading to command execution on a remote server. / include...
Webrun 3.6.0.42 - 'P_0' SQL Injection
Exploit Title: Webrun 3.6.0.42 - 'P0' SQL Injection Google Dork: intitle:"Webrun 3.6.0.42" Date: 23/11/2021 Exploit Author: Vinicius Alves Vendor Homepage: https://softwell.com.br/ Version: 3.6.0.42 Tested on: Kali Linux 2021.3 CVE: CVE-2021-43650 =-=-=-= Description =-=-=-= Webrun version 3.6.0....
Simple Client Management System 1.0 - 'multiple' Stored Cross-Site Scripting (XSS)
Exploit Title: Simple Client Management System 1.0 - 'multiple' Stored Cross-Site Scripting XSS Exploit Author: Sentinal920 Date: 5-11-2021 Category: Web application Vendor Homepage: https://www.sourcecodester.com/php/15027/simple-client-management-system-php-source-code.html Software Link:...
OptiLink ONT1GEW GPON 2.1.11_X101 Build 1127.190306 - Remote Code Execution (Authenticated)
Exploit Title: OptiLink ONT1GEW GPON 2.1.11X101 Build 1127.190306 - Remote Code Execution Authenticated Date: 23/03/2021 Exploit Authors: Developed by SecNigma and Amal. Vendor Homepage: https://optilinknetwork.com/ Version: ONT1GEW V2.1.11X101 Build.1127.190306 Mitigation: Ask the vendor to issu...
IObit Uninstaller 9.5.0.15 - 'IObit Uninstaller Service' Unquoted Service Path
Title: IObit Uninstaller 9.5.0.15 - 'IObit Uninstaller Service' Unquoted Service Path Author: Gobinathan L Date: 2020-06-03 Vendor Homepage: https://www.iobit.com Software Link: https://www.iobit.com/en/advanceduninstaller.php Version : 9.5.0.15 Tested on: Windows 10 64bitEN About Unquoted Servic...
WordPress Plugin Postie 1.9.40 - Persistent Cross-Site Scripting
Exploit Title: WordPress Plugin Postie 1.9.40 - Persistent Cross-Site Scripting Google Dork: inurl:/wp-content/plugins/postie/readme.txt Date: 2020-01-15 Exploit Author: V1n1v131r4 Vendor Homepage: https://postieplugin.com/ Software Link: https://wordpress.org/plugins/postie/developers Version:...
MyT Project Management 1.5.1 - User[username] Persistent Cross-Site Scripting
Exploit Title: MyT Project Management - Userusername Stored Cross Site Scripting Exploit Author: Metin Yunus Kandemir kandemir Vendor Homepage: https://manageyourteam.net/index.html Software Link: https://sourceforge.net/projects/myt/files/latest/download Version: 1.5.1 Category: Webapps Tested o...
ActiveMQ < 5.14.0 - Web Shell Upload (Metasploit)
This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'ActiveMQ web shell upload', 'Description' = %q The Fileserver web application in Apache ActiveMQ 5.x before 5.14.0 allows remote attackers to uplo...