47904 matches found
Seowon SLR-120 Router - Remote Code Execution (Unauthenticated)
Exploit Title: Seowon SLR-120 Router - Remote Code Execution Unauthenticated Date: 2022-03-11 Exploit Author: Aryan Chehreghani Vendor Homepage: http://www.seowonintech.co.kr Software Link: http://www.seowonintech.co.kr/en/product/detail.asp?num=126&bigkind=B05&middlekind=B0530 Version: All versi...
10-Strike Network Inventory Explorer Pro 9.31 - 'srvInventoryWebServer' Unquoted Service Path
Exploit Title: 10-Strike Network Inventory Explorer Pro 9.31 - 'srvInventoryWebServer' Unquoted Service Path Discovery by: Brian Rodriguez Date: 04-11-2021 Vendor Homepage: https://www.10-strike.com/ Software Link: https://www.10-strike.com/networkinventoryexplorer/network-inventory-pro-setup.exe...
NewsLister - Authenticated Persistent Cross-Site Scripting
Exploit Title: NewsLister - Authenticated Persistent Cross-Site Scripting Date: 2020-11-27 Exploit Author: Emre Aslan Vendor Homepage: https://www.netartmedia.net/newslister.html Tested on: Windows & XAMPP == PoC HTTP Request == GET /admin/index.php?page=add HTTP/1.1 Host: 127.0.0.1:8080...
Online Voting System Project in PHP - 'username' Persistent Cross-Site Scripting
Exploit Title: Online Voting System Project in PHP - 'username' Persistent Cross-Site Scripting Date: 27-11-2020 Exploit Author: Sagar Banwa Vendor Homepage: https://projectworlds.in/ Software Link: https://projectworlds.in/free-projects/php-projects/online-voting-system-project-in-php-2/ Tested...
Mitel mitel-cs018 - Call Data Information Disclosure
Exploit Title: Mitel mitel-cs018 - Call Data Information Disclosure Date: 2003-07-28 Exploit Author: Andrea Intilangelo acme olografix / paranoici Vendor Homepage: www.mitel.com Version: mitel-cs018 Tested on: Windows, Linux There is an interesting bug in a Mitel's servers for Voice over IP that...
B-swiss 3 Digital Signage System 3.6.5 - Cross-Site Request Forgery (Add Maintenance Admin)
Exploit Title: B-swiss 3 Digital Signage System 3.6.5 - Cross-Site Request Forgery Add Maintenance Admin Date: 2020-09-16 Exploit Author: LiquidWorm Vendor Homepage: https://www.b-swiss.com Version: 3.6.5 Affected version: 3.6.5,3.6.2,3.6.1,3.6.0,3.5.80,3.5.40,3.5.20,3.5.00,3.2.00,3.1.00 !--...
Microsoft Internet Explorer 8 - Fixed Col Span ID (Full ASLR + DEP + EMET 5.1 Bypass) (MS12-037)
function strtointstr return str.charCodeAt10x10000 + str.charCodeAt0; var free = "EEEE"; while free.length 500 free += free; var string1 = "AAAA"; while string1.length 500 string1 += string1; var string2 = "BBBB"; while string2.length 500 string2 += string2; var fr = new Array; var al = new Array...
RealVNC - Authentication Bypass (Metasploit)
$Id: realvnc41bypass.rb 13641 2011-08-26 04:40:21Z bannedit $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...
Petrol Pump Management Software v1.0 - Remote Code Execution (RCE)
Exploit Title: Petrol Pump Management Software v1.0 - Remote Code Execution RCE Date: 02/04/2024 Exploit Author: Sandeep Vishwakarma Vendor Homepage: https://www.sourcecodester.com Software Link:https://www.sourcecodester.com/php/17180/petrol-pump-management-software-free-download.html Version:...
WEBIGniter v28.7.23 - Stored Cross Site Scripting (XSS)
Exploit Title: WEBIGniter v28.7.23 Stored Cross Site Scripting XSS Exploit Author: Sagar Banwa Date: 19/10/2023 Vendor: https://webigniter.net/ Software: https://webigniter.net/demo Reference: https://portswigger.net/web-security/cross-site-scripting Tested on: Windows 10/Kali Linux CVE :...
Kite 1.2021.610.0 - Unquoted Service Path
Exploit Title: Kite 1.2021.610.0 - Unquoted Service Path Date: 2020-11-6 Exploit Author: Ghaleb Al-otaibi Vendor Homepage: https://www.kite.com/ Version: Version 4.2.0.1 U1 Tested on: Microsoft Windows 10 Pro - 10.0.19044 N/A Build 19044 CVE : NA Service info: C:\Windows\system32\cmd.exesc qc...
Pinkie 2.15 - TFTP Remote Buffer Overflow (PoC)
Exploit Title: Pinkie 2.15 - TFTP Remote Buffer Overflow PoC Discovered by: Yehia Elghaly Discovered Date: 2021-11-19 Vendor Homepage: http://www.ipuptime.net/ Software Link : http://ipuptime.net/PinkieSetup.zip Tested Version: 2.15 Vulnerability Type: Buffer Overflow DoS Remote Tested on OS:...
Payment Terminal 3.1 - 'Multiple' Cross-Site Scripting (XSS)
Exploit Title: Payment Terminal 3.1 - 'Multiple' Cross-Site Scripting XSS Date: 2021-11-05 Exploit Author: Vulnerability Lab Vendor Homepage: https://www.criticalgears.com/ Software Link: https://www.criticalgears.com/product/authorize-net-payment-terminal/...
WebPort 1.19.1 - Reflected Cross-Site Scripting
Exploit Title: WebPort 1.19.1 - Reflected Cross-Site Scripting Date: 2019-05-30 Exploit Author: Emre ÖVÜNÇ Vendor Homepage: https://webport.se/ Software Link: https://webport.se/nedladdningar/ Version: v1.19.1 Tested on: Windows/Linux CVE-2019-12461...
Symantec DLP 15.5 MP1 - Cross-Site Scripting
Exploit Title: Persistent XSS on Symantec DLP = 15.5 MP1 Date: 2019-06-21 Exploit Author: Chapman Schleiss Vendor Homepage: https://www.symantec.com/ Software Link: https://support.symantec.com/us/en/mysymantec.html Version: = 15.5 MP1 CVE : 2019-9701 Advisory-URL:...
Grav CMS 1.7.48 - Remote Code Execution (RCE)
Exploit Title: Grav CMS 1.7.48 - Remote Code Execution RCE Date: 2025-08-07 Exploit Author: binneko https://github.com/binneko Vendor Homepage: https://getgrav.org/ Software Link: https://github.com/getgrav/grav/releases/tag/1.7.48 Version: Grav CMS v1.7.48 / Admin Plugin v1.10.48 Tested on: Debi...
Zucchetti Axess CLOKI Access Control 1.64 - Cross Site Request Forgery (CSRF)
Exploit Title: Zucchetti Axess CLOKI Access Control 1.64 - Cross Site Request Forgery CSRF Date: 13/12/2021 Exploit Author: LiquidWorm Vendor Homepage: https://www.axesstmc.com/cloki/ !-- Zucchetti Axess CLOKI Access Control 1.64 CSRF Disable Access Control Vendor: Zucchetti Axess S.p.A. Product...
Microsoft Internet Explorer 11 and WPAD service 'Jscript.dll' - Use-After-Free
Exploit Title: Microsoft Internet Explorer 8/11 and WPAD service 'Jscript.dll' - Use-After-Free Date: 2021-05-04 Exploit Author: deadlock Forrest Orr Vendor Homepage: https://www.microsoft.com/ Software Link: https://www.microsoft.com/en-gb/download/internet-explorer.aspx Versions: IE 8-11 64-bit...
Guild Wars 2 - Insecure Folder Permissions
Exploit Title: Guild Wars 2 - Insecure Folder Permissions Date: 2020-10-09 Exploit Author: George Tsimpidas Software Link : https://account.arena.net/welcome Version Build : 106915 Tested on: Microsoft Windows 10 Home 10.0.18362 N/A Build 18362 Category: local Vulnerability Description: Guild War...
Cayin Digital Signage System xPost 2.5 - Remote Command Injection
Title: Cayin Digital Signage System xPost 2.5 - Remote Command Injection Author:LiquidWorm Date: 2020-06-04 Vendor: https://www.cayintech.com CVE: N/A !/usr/bin/env python3 Cayin Digital Signage System xPost 2.5 Pre-Auth SQLi Remote Code Execution Vendor: CAYIN Technology Co., Ltd. Product web...
Draytek VigorAP 1000C - Persistent Cross-Site Scripting
Title: Draytek VigorAP 1000C - Persistent Cross-Site Scripting Author: Vulnerability Laboratory Date: 2020-05-07 Vendor: https://www.draytek.com/ Software: https://www.draytek.com/products/vigorap-903/ CVE: N/A Document Title: =============== Draytek VigorAP - RADIUS Persistent XSS Vulnerability...
Zyxel ZyWall 310 / ZyWall 110 / USG1900 / ATP500 / USG40 - Login Page Cross-Site Scripting
Exploit Title: Reflected XSS on Zyxel login pages Date: 10 Apr 2019 Exploit Author: Aaron Bishop Vendor Homepage: https://www.zyxel.com/us/en/ Version: V4.31 Tested on: ZyWall 310, ZyWall 110, USG1900, ATP500, USG40 - weblogin.cgi, webauthrelogin.cgi CVE : 2019-9955 1. Description ==============...
PHP Links 1.3 - 'id' SQL Injection
------------------------------------------------------------- ----- H-T Team HouSSaMix + ToXiC350 from MoroCCo -------- ------------------------------------------------------------- = Author : Houssamix From H-T Team = Script : PHP Links from DeltaScripts = 1.3 = Download :...
Axigen < 10.5.7 - Persistent Cross-Site Scripting
Exploit Title: Axigen alert1 PoC of the POST request: POST /?h=1bb40e85937506a7186a125bd8c5d7ef&page=glset HTTP/1.1 Host: localhost:9443 Cookie: eula=true;...
GitLab CE/EE < 16.7.2 - Password Reset
Exploit Title: GitLab CE/EE 16.7.2 - Password Reset Exploit Author: Sebastian Kriesten 0xB455 Twitter: https://twitter.com/0xB455 Date: 2024-01-12 Vendor Homepage: gitlab.com Vulnerability disclosure: https://about.gitlab.com/releases/2024/01/11/critical-security-release-gitlab-16-7-2-released/...
Employee Daily Task Management System 1.0 - 'Name' Stored Cross-Site Scripting (XSS)
Exploit Title: Employee Daily Task Management System 1.0 - 'Name' Stored Cross-Site Scripting XSS Date: 09/11/2021 Exploit Author: Ragavender A G Vendor Homepage: https://www.sourcecodester.com/ Software Link: https://www.sourcecodester.com/sites/default/files/download/oretnom23/edtms.zip Version...
Balbooa Joomla Forms Builder 2.0.6 - SQL Injection (Unauthenticated)
Exploit Title: Balbooa Joomla Forms Builder 2.0.6 - SQL Injection Unauthenticated Date: 24.10.2021 Exploit Author: blockomat2100 Vendor Homepage: https://www.balbooa.com/ Version: 2.0.6 Tested on: Docker An example request to trigger the SQL-Injection: POST /index.php?option=combaforms HTTP/1.1...
WordPress Plugin Supsystic Contact Form 1.7.5 - Multiple Vulnerabilities
Exploit Title: WordPress Plugin Supsystic Contact Form 1.7.5 - Multiple Vulnerabilities Date: 24/07/2020 Exploit Author: Erik David Martin Vendor Homepage: https://supsystic.com/ Software Link: https://downloads.wordpress.org/plugin/contact-form-by-supsystic.1.7.5.zip Version: 1.7.5 Tested on:...
Filmora 12 version ( Build 1.0.0.7) - Unquoted Service Paths Privilege Escalation
Exploit Title: Filmora 12 version Build 1.0.0.7 - Unquoted Service Paths Privilege Escalation Date: 20 May 2023 Exploit Author: Thurein Soe Vendor Homepage: https://filmora.wondershare.com Software Link: https://mega.nz/file/tQNGGZTQE1u20rdbT4R3pgSoUBG93IPAXqesJ5yyn6T8RlMFxaE Version: Filmora 12...
ThingsBoard 3.3.1 'description' - Stored Cross-Site Scripting (XSS)
Exploit Title: ThingsBoard 3.3.1 'description' - Stored Cross-Site Scripting XSS Date: 03/08/2022 Exploit Author: Steffen Langenfeld & Sebastian Biehler Vendor Homepage: https://thingsboard.io/ Software Link: https://github.com/thingsboard/thingsboard/releases/tag/v3.3.1 Version: 3.3.1 Tested on:...
PTPublisher v2.3.4 - Unquoted Service Path
Exploit Title: PTPublisher v2.3.4 - Unquoted Service Path Discovery by: bios Discovery Date: 2022-18-04 Vendor Homepage: https://www.primera.com/ Tested Version: 2.3.4 Vulnerability Type: Unquoted Service Path Tested on OS: Microsoft Windows 10 Pro x64 Step to discover Unquoted Service Path:...
Servisnet Tessa - MQTT Credentials Dump (Unauthenticated) (Metasploit)
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'metasploit/framework/credentialcollection' require 'metasploit/framework/loginscanner/mqtt' class MetasploitModule 'Servisnet Tessa - MQTT Credentials Dump...
TestLink 1.9.20 - Unrestricted File Upload (Authenticated)
Exploit Title: TestLink 1.9.20 - Unrestricted File Upload Authenticated Date: 14th February 2021 Exploit Author: snovvcrash Original Research by: Ackcent AppSec Team Original Research: https://ackcent.com/testlink-1-9-20-unrestricted-file-upload-and-sql-injection/ Vendor Homepage:...
Solaris 10 (SPARC) - 'dtprintinfo' Local Privilege Escalation (2)
Exploit Title: Solaris 10 1/13 SPARC - 'dtprintinfo' Local Privilege Escalation 2 Date: 2021-02-01 Exploit Author: Marco Ivaldi Vendor Homepage: https://www.oracle.com/solaris/solaris10/ Version: Solaris 10 Tested on: Solaris 10 1/13 SPARC / raptordtprintcheckdirsparc2.c - Solaris/SPARC FMT LPE...
Mara CMS 7.5 - Remote Code Execution (Authenticated)
Exploit Title: Mara CMS 7.5 - Remote Code Execution Authenticated Google Dork: N/A Date: 2020-08-31 Exploit Author: Michele Cisternino 0blio Vendor Homepage: https://sourceforge.net/projects/maracms/ Software Link: https://sourceforge.net/projects/maracms/files/MaraCMS75.zip/download Version: 7.5...
PHPFusion 9.03.50 - Persistent Cross-Site Scripting
Exploit Title: PHPFusion 9.03.50 - Persistent Cross-Site Scripting Date: 2020-05-20 Exploit Author: coiffeur Vendor Homepage: https://www.php-fusion.co.uk/home.php Software Link: https://www.php-fusion.co.uk/phpfusion9downloads.php Version: v9.03.50 How? When creating a thread or editing one of h...
AEGON LIFE v1.0 Life Insurance Management System - Unauthenticated Remote Code Execution (RCE)
Exploit Title: Life Insurance Management System- Unauthenticated Remote Code Execution RCE Exploit Author: Aslam Anwar Mahimkar Date: 18-05-2024 Category: Web application Vendor Homepage: https://projectworlds.in/ Software Link: https://projectworlds.in/life-insurance-management-system-in-php/...
BoidCMS v2.0.0 - authenticated file upload vulnerability
!/usr/bin/python3 Exploit Title: BoidCMS v2.0.0 - authenticated file upload vulnerability Date: 08/21/2023 Exploit Author: 1337kid Vendor Homepage: https://boidcms.github.io// Software Link: https://boidcms.github.io/BoidCMS.zip Version: ' with open'shell.php','w' as f: f.writelinesphpcode ====...
Sielco Analog FM Transmitter 2.12 - 'id' Cookie Brute Force Session Hijacking
Exploit Title: Sielco Analog FM Transmitter 2.12 - 'id' Cookie Brute Force Session Hijacking Exploit Author: LiquidWorm Vendor: Sielco S.r.l Product web page: https://www.sielco.org Affected version: 2.12 EXC5000GX 2.12 EXC120GX 2.11 EXC300GX 2.10 EXC1600GX 2.10 EXC2000GX 2.08 EXC1600GX 2.08...
Auerswald COMpact 8.0B - Multiple Backdoors
Exploit Title: Auerswald COMpact 8.0B - Multiple Backdoors Date: 06/12/2021 Exploit Author: RedTeam Pentesting GmbH Advisory: Auerswald COMpact Multiple Backdoors RedTeam Pentesting discovered several backdoors in the firmware for the Auerswald COMpact 5500R PBX. These backdoors allow attackers w...
SCO Openserver 5.0.7 - 'outputform' Command Injection
Exploit Title: SCO Openserver 5.0.7 - 'outputform' Command Injection Google Dork: inurl:/cgi-bin/manlist?section Discovered Date: 04/09/2020 Author: Ramikan Vendor Homepage: https://www.xinuos.com/products/ Software Link: https://www.sco.com/products/openserver507/-overview Affected Version: Test...
Under Construction Page with CPanel 1.0 - SQL injection
Exploit Title: Under Construction Page with CPanel 1.0 - SQL injection Date: 17-11-2020 Exploit Author: Mayur Parmarth3cyb3rc0p Vendor Homepage: http://egavilanmedia.com Software Link : http://egavilanmedia.com/under-construction-page-with-cpanel/ Version: 1.0 Tested on: PopOS SQL Injection: SQL...
Cayin Content Management Server 11.0 - Remote Command Injection (root)
Title: Cayin Content Management Server 11.0 - Remote Command Injection root Author:LiquidWorm Date: 2020-06-04 Vendor: https://www.cayintech.com CVE: N/A Cayin Content Management Server 11.0 Root Remote Command Injection Vendor: CAYIN Technology Co., Ltd. Product web page: https://www.cayintech.c...
College-Management-System 1.2 - Authentication Bypass
Exploit Title: College-Management-System 1.2 - Authentication Bypass Author: Cakes Discovery Date: 2019-09-14 Vendor Homepage: https://github.com/ajinkyabodade/College-Management-System Software Link: https://github.com/ajinkyabodade/College-Management-System/archive/master.zip Tested Version: 1....
TFM MMPlayer 2.0 - '.m3u'/'.ppl' Universal Buffer Overflow (SEH)
!/usr/bin/perl + Bug : TFM MMPlayer 2.0 m3u/ppl Universal Buffer Overflow Exploit SEH + Author : ThE g0bL!N Greetz to all my friends Tested on: Windows XP Pro SP2 Fr Big Thnx :His0k4 Download:http://www.tfm.ro/mmplayer/download/mmplayer.zip win32exec - EXITFUNC=seh CMD=calc Size=343...
TSPlus 16.0.0.0 - Remote Work Insecure Credential storage
Exploit Title: TSPlus 16.0.0.0 - Remote Work Insecure Credential storage Date: 2023-08-09 Exploit Author: Carlo Di Dato for Deloitte Risk Advisory Italia Vendor Homepage: https://tsplus.net/ Version: Up to 16.0.0.0 Tested on: Windows CVE : CVE-2023-31069 With TSPlus Remote Work v. 16.0.0.0 you ca...
Wordpress 4.9.6 - Arbitrary File Deletion (Authenticated) (2)
Exploit Title: Wordpress 4.9.6 - Arbitrary File Deletion Authenticated 2 Date: 04/08/2021 Exploit Author: samguy Vulnerability Discovery By: Slavco Mihajloski & Karim El Ouerghemmi Vendor Homepage: https://wordpress.org Software Link: https://wordpress.org/wordpress-4.9.6.tar.gz Version: 4.9.6...
Huawei dg8045 - Authentication Bypass
Title: Huawei dg8045 - Authentication Bypass Date: 2020-06-24 Author: Abdalrahman Gamal Vendor Homepage: www.huawei.com Version: dg8045 Hardware Version: VER.A POC: The default password of this router is the last 8 characters of the device's serial number which exist in the back of the device. An...
HiSilicon video encoders - RCE via unauthenticated upload of malicious firmware
!/usr/bin/env bash Exploit Title: HiSilicon video encoders - RCE via unauthenticated upload of malicious firmware Date: 2020-09-20 Exploit Author: Alexei Kojenov Vendor Homepage: multiple vendors Software Link: N/A Version: vendor-specific Tested on: Linux CVE: CVE-2020-24217 Vendors: URayTech,...
iOS IOUSBDeviceFamily 12.4.1 - 'IOInterruptEventSource' Heap Corruption (PoC)
Exploit Title: iOS IOUSBDeviceFamily 12.4.1 - 'IOInterruptEventSource' Heap Corruption PoC Date: 2019-10-29 Exploit Author: Sem Voigtlander, Joshua Hill and Raz Mashat Vendor Homepage: https://apple.com/ Software Link: https://support.apple.com/en-hk/HT210606 Version: iOS 13 Tested on: iOS 12.4.1...