47904 matches found
PostgreSQL 9.3-11.7 - Remote Code Execution (RCE) (Authenticated)
Exploit Title: PostgreSQL 9.3-11.7 - Remote Code Execution RCE Authenticated Date: 2022-03-29 Exploit Author: b4keSn4ke Github: https://github.com/b4keSn4ke Vendor Homepage: https://www.postgresql.org/ Software Link: https://www.postgresql.org/download/linux/debian/ Version: 9.3 - 11.7 Tested on:...
Netgear Genie 2.4.64 - Unquoted Service Path
Exploit Title: Netgear Genie 2.4.64 - Unquoted Service Path Exploit Author: Mert DAŞ Version: 2.4.64 Date: 23.10.2021 Vendor Homepage: https://www.netgear.com/ Tested on: Windows 10 C:\Users\Mertsc qc NETGEARGenieDaemon SC QueryServiceConfig SUCCESS SERVICENAME: NETGEARGenieDaemon TYPE : 10...
Sync Breeze 13.6.18 - 'Multiple' Unquoted Service Path
Exploit Title: Sync Breeze 13.6.18 - 'Multiple' Unquoted Service Path Discovery by: Brian Rodriguez Date: 16-06-2021 Vendor Homepage: https://www.syncbreeze.com/ Software Links: https://www.syncbreeze.com/setupsx64/syncbreezesrvsetupv13.6.18x64.exe...
Atlassian JIRA 8.11.1 - User Enumeration
Title: Atlassian JIRA 8.11.1 - User Enumeration Author: Dolev Farhi Vulnerable versions: version ' print'e.g. python3 script.py https://jiratarget.com usernames.txt' sys.exit if lensys.argv 3: help server = sys.argv1 usernames = sys.argv2 randomuser = '0x00001' try: os.path.existsusernames except...
Cemetry Mapping and Information System 1.0 - Multiple SQL Injections
Exploit Title: Cemetry Mapping and Information System 1.0 - Multiple SQL Injections Exploit Author: Mesut Cetin Date: 2021-01-12 Vendor Homepage: https://www.sourcecodester.com/php/12779/cemetery-mapping-and-information-system-using-phpmysqli.html Software Link:...
System Explorer 7.0.0 - 'SystemExplorerHelpService' Unquoted Service Path
Exploit Title: System Explorer 7.0.0 - 'SystemExplorerHelpService' Unquoted Service Path Date: 2020-10-14 Exploit Author: Mohammed Alshehri Vendor Homepage: http://systemexplorer.net/ Software Link: http://systemexplorer.net/download/SystemExplorerSetup.exe Version: Version 7.0.0 Tested on:...
Femitter FTP Server 1.x - (Authenticated) Multiple Vulnerabilities
/ Femitter Server FTP 1.x Multiple Vulnerability ---------------------------------------------------- Arbitrary: ---------- The vulnerability is caused due to an input validation error when processing FTP requests. This can be exploited to read, modify, or delete arbitrary files from the affected...
Curfew e-Pass Management System 1.0 - FromDate SQL Injection
Exploit Title: Curfew e-Pass Management System 1.0 - FromDate SQL Injection Date: 28/9/2023 Exploit Author: Puja Dey Vendor Homepage: https://phpgurukul.com Software Link: https://phpgurukul.com/curfew-e-pass-management-system-using-php-and-mysql/ Version: 1.0 Tested on: Windows 10/Wamp 1 login...
Minio 2022-07-29T19-40-48Z - Path traversal
Exploit Title: Minio 2022-07-29T19-40-48Z - Path traversal Date: 2023-09-02 Exploit Author: Jenson Zhao Vendor Homepage: https://min.io/ Software Link: https://github.com/minio/minio/ Version: Up to excluding 2022-07-29T19-40-48Z Tested on: Windows 10 CVE : CVE-2022-35919 Required before executio...
NVClient v5.0 - Stack Buffer Overflow (DoS)
Exploit Title: NVClient v5.0 - Stack Buffer Overflow DoS Discovered by: Ahmet Ümit BAYRAM Discovered Date: 2023-08-19 Software Link: http://www.neonguvenlik.com/yuklemeler/yazilim/kst-f919-hd2004.rar Software Manual:...
WordPress Plugin All-in-One Video Gallery plugin 2.4.9 - Local File Inclusion (LFI)
Exploit Title: WordPress Plugin All-in-One Video Gallery plugin 2.4.9 - Local File Inclusion LFI Exploit Author: Mohamed Magdy Abumusilm Aka m19o Software: All-in-One Video Gallery plugin Version: = 2.4.9 Tested on: Windows,linux Poc:...
qdPM 9.1 - Remote Code Execution (Authenticated)
Exploit Title: qdPM 9.1 - Remote Code Execution RCE Authenticated Google Dork: intitle:qdPM 9.1. Copyright © 2020 qdpm.net Date: 2021-08-03 Original Exploit Author: Rishal Dwivedi Loginsoft Original ExploitDB ID: 47954 Exploit Author: Leon Trappett thepcn3rd Vendor Homepage: http://qdpm.net/...
Cerberus FTP Web Service 11 - 'svg' Stored Cross-Site Scripting (XSS)
Exploit Title: Cerberus FTP web Service 11 - 'svg' Stored Cross-Site Scripting XSS Date: 08/06/2021 Exploit Author: Mohammad Hossein Kaviyany Vendor Homepage: www.cerberusftp.com Software Link: https://www.cerberusftp.com/download/ Version:11.0 releases prior to 11.0.4, 10.0 releases prior to...
WordPress Plugin Database Backups 1.2.2.6 - 'Database Backup Download' CSRF
Exploit Title: WordPress Plugin Database Backups 1.2.2.6 - 'Database Backup Download' CSRF Date: 2/10/2021 Author: 0xB9 Software Link: https://wordpress.org/plugins/database-backups/ Version: 1.2.2.6 Tested on: Windows 10 CVE: CVE-2021-24174 1. Description: This plugin allows admins to create and...
MiladWorkShop VIP System 1.0 - 'lang' SQL Injection
Exploit Title: MiladWorkShop VIP System 1.0 - 'lang' SQL Injection Google Dork: Powered By MiladWorkShop VIP System Date: 2020-03-03 Exploit Author: AYADI Mohamed email : [email protected] Vendor Homepage: https://miladworkshop.ir/ Software Link: https://miladworkshop.ir/vip.html Version:...
ManageEngine Application Manager 14.2 - Privilege Escalation / Remote Command Execution (Metasploit)
This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "ManageEngine Application Manager v14.2 - Privilege Escalation / Remote Command Execution", 'Description' = %q This module exploits sqli and comman...
Spidermonkey - IonMonkey Leaks JS_OPTIMIZED_OUT Magic Value to Script
IonMonkey can, during a bailout, leak an internal JSOPTIMIZEDOUT magic value to the running script. This magic value can then be used to achieve memory corruption. Prerequisites Magic Values Spidermonkey represents JavaScript values with the C++ type JS::Value 1, which is a NaN-boxed value that c...
Linux Kernel < 4.4.0-83 / < 4.8.0-58 (Ubuntu 14.04/16.04) - Local Privilege Escalation (KASLR / SMEP)
// A proof-of-concept local root exploit for CVE-2017-1000112. // Includes KASLR and SMEP bypasses. No SMAP bypass. // Tested on Ubuntu trusty 4.4.0- and Ubuntu xenial 4-8-0- kernels. // // EDB Note: Also included the work from...
Wallos < 1.11.2 - File Upload RCE
Exploit Title: Wallos - File Upload RCE Authenticated Date: 2024-03-04 Exploit Author: [email protected] Vendor Homepage: https://github.com/ellite/Wallos Software Link: https://github.com/ellite/Wallos Version: 1.11.2 Tested on: Debian 12 Wallos allows you to upload an image/logo when you create...
ICL ScadaFlex II SCADA Controllers SC-1/SC-2 1.03.07 - Remote File CRUD
Exploit Title: CL ScadaFlex II SCADA Controllers SC-1/SC-2 1.03.07 Remote File CRUD Exploit Author: LiquidWorm !/usr/bin/env python3 -- coding: utf-8 -- ICL ScadaFlex II SCADA Controllers SC-1/SC-2 1.03.07 Remote File CRUD Vendor: Industrial Control Links, Inc. Product web page:...
Oracle WebLogic Server 14.1.1.0.0 - Local File Inclusion
Exploit Title: Oracle WebLogic Server 14.1.1.0.0 - Local File Inclusion Date: 25/1/2022 Exploit Author: Jonah Tan @picar0jsu Vendor Homepage: https://www.oracle.com Software Link: https://www.oracle.com/middleware/technologies/weblogic-server-installers-downloads.html Version: 12.1.3.0.0,...
MilleGPG5 5.7.2 Luglio 2021 - Local Privilege Escalation
Exploit Title: MilleGPG5 5.7.2 Luglio 2021 x64 - Local Privilege Escalation Date: 2021-07-19 Author: Alessandro 'mindsflee' Salzano Vendor Homepage: https://millegpg.it/ Software Homepage: https://millegpg.it/ Software Link: https://www.millegpg.it/download/MilleGPGInstall.exe Version: 5.7.2 Test...
Mumara Classic 2.93 - 'license' SQL Injection (Unauthenticated)
Exploit Title: Mumara Classic 2.93 - 'license' SQL Injection Unauthenticated Date: 2021-11-11 Exploit Author: v0yager Shain Lakin Vendor Homepage: https://mumara.com Version: = 2.93 Tested on: CentOS 7 -==== Vulnerability ====- An SQL injection vulnerability in licenseupdate.php in Mumara Classic...
NIMax 5.3.1 - 'Remote VISA System' Denial of Service (PoC)
Exploit Title: NIMax 5.3.1 - 'Remote VISA System' Denial of Service PoC Date: 24/06/2021 Exploit Author: LinxzSec Vulnerability: Local Denial of Service DoS Vendor Homepage: https://www.ni.com/en-gb.html Software Link: License Required -...
T-Soft E-Commerce 4 - change 'admin credentials' Cross-Site Request Forgery (CSRF)
Exploit Title: T-Soft E-Commerce 4 - change 'admin credentials' Cross-Site Request Forgery CSRF Exploit Author: Alperen Ergel Software Homepage: https://www.tsoft.com.tr/ Version : v4 Tested on: Kali Linux 2021.4 / xammp Category: WebApp Google Dork: intext:'T-Soft E-Ticaret Sistemleriyle...
Online Covid Vaccination Scheduler System 1.0 - Arbitrary File Upload to Remote Code Execution (Unauthenticated)
Exploit Title: Online Covid Vaccination Scheduler System 1.0 - Arbitrary File Upload to Remote Code Execution Unauthenticated Date: 2021-07-07 Exploit Author: faisalfs10x Vendor Homepage: https://www.sourcecodester.com/ Software Link:...
TextPattern CMS 4.9.0-dev - Remote Command Execution (RCE) (Authenticated)
Exploit Title: TextPattern CMS 4.9.0-dev - Remote Command Execution RCE Authenticated Date: 07/04/2021 Exploit Author: Mevlüt Akçam Software Link: https://github.com/textpattern/textpattern Vendor Homepage: https://textpattern.com/ Version: 4.9.0-dev Tested on: 20.04.1-Ubuntu !/usr/bin/python3...
SOYAL 701 Server 9.0.1 - Insecure Permissions
Exploit Title: SOYAL 701 Server 9.0.1 - Insecure Permissions Date: 25.01.2021 Exploit Author: LiquidWorm Vendor Homepage: https://www.soyal.com.tw https://www.soyal.com Vendor: SOYAL Technology Co., Ltd Product web page: https://www.soyal.com.tw | https://www.soyal.com Affected version: 9.0.1...
Laravel 8.4.2 debug mode - Remote code execution
Exploit Title: Laravel 8.4.2 debug mode - Remote code execution Date: 1.14.2021 Exploit Author: SunCSR Team Vendor Homepage: https://laravel.com/ References: https://www.ambionics.io/blog/laravel-debug-rce https://viblo.asia/p/6J3ZgN8PKmB Version: = 8.4.2 Tested on: Ubuntu 18.04 + nginx + php 7.4...
Easy-Hide-IP 5.0.0.3 - 'EasyRedirect' Unquoted Service Path
Exploit Title: Easy-Hide-IP 5.0.0.3 - 'EasyRedirect' Unquoted Service Path Date: 2019-11-22 Exploit Author: Rene Cortes S Vendor Homepage: https://easy-hide-ip.com Software Link: https://easy-hide-ip.com Version: 5.0.0.3 Tested on: Windows 7 Professional Service Pack 1 Step to discover the unquot...
Codiad 2.4.3 - Multiple Vulnerabilities
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= INDEPENDENT SECURITY RESEARCHER PENETRATION TESTING SECURITY -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= Exploit Title: Codiad 2.4.3 - Cross Site Scripting - Local File Inclusion Vulnerability's Date: 19/12/2014 Url Vendor: http://codiad.com/ Vendor Name: Codiad...
Linux Kernel < 3.8.x - open-time Capability 'file_ns_capable()' Local Privilege Escalation
/ usernsrootsploit.c by / / Copyright c 2013 Andrew Lutomirski. All rights reserved. / / You may use, modify, and redistribute this code under the GPLv2. / define GNUSOURCE include include include include include include include include include include include include include ifndef CLONENEWUSER...
Laravel Pulse 1.3.1 - Arbitrary Code Injection
!/usr/bin/env python3 Exploit Title: Laravel Pulse 1.3.1 - Arbitrary Code Injection Author: Mohammed Idrees Banyamer @banyamersecurity GitHub: https://github.com/mbanyamer Date: 2025-06-06 Tested on: Laravel Pulse v1.2.0 / Ubuntu 22.04 / Apache2 CVE: CVE-2024-55661 Type: Remote Code Execution via...
ERPNext 14.82.1 - Account Takeover via Cross-Site Request Forgery (CSRF)
Exploit Title: ERPNext 14.82.1 - Account Takeover via Cross-Site Request Forgery CSRF Google Dork: inurl:"/api/method/frappe" Date: 2025-04-29 Exploit Author: Ahmed Thaiban Thvt0ne Vendor Homepage: https://erpnext.com Software Link: https://github.com/frappe/erpnext Version: Delete User Click Her...
GLPI v10.0.1 - Unauthenticated Sensitive Data Exposure
Exploit Title: GLPI v10.0.1 - Unauthenticated Sensitive Data Exposure Date: 11 Jun 2022 Version: =10.0.0 and 10.0.2 Author: Nuri Çilengir Vendor Homepage: https://glpi-project.org/ Software Link: https://github.com/glpi-project/glpi Advisory:...
Pluck CMS 4.7.16 - Remote Code Execution (RCE) (Authenticated)
Exploit Title: Pluck CMS 4.7.16 - Remote Code Execution RCE Authenticated Date: 13.03.2022 Exploit Author: Ashish Koli Shikari Vendor Homepage: https://github.com/pluck-cms/pluck Version: 4.7.16 Tested on Ubuntu 20.04.3 LTS CVE: CVE-2022-26965 Usage : python3 exploit.py Example: python3 exploit.p...
Kyocera Command Center RX ECOSYS M2035dn - Directory Traversal File Disclosure (Unauthenticated)
Exploit Title: Kyocera Command Center RX ECOSYS M2035dn - Directory Traversal File Disclosure Unauthenticated Author: Luis Martinez Discovery Date: 2022-02-10 Vendor Homepage: https://www.kyoceradocumentsolutions.com/asia/en/products/business-application/command-center-rx.html Tested Version:...
Payara Micro Community 5.2021.6 - Directory Traversal
Exploit Title: Payara Micro Community 5.2021.6 - Directory Traversal Date: 01/10/2021 Exploit Author: Yasser Khan N3Thunt3r Vendor Homepage: https://docs.payara.fish/community/docs/release-notes/release-notes-2021-6.html Software Link:...
STVS ProVision 5.9.10 - Cross-Site Request Forgery (Add Admin)
Exploit Title: STVS ProVision 5.9.10 - Cross-Site Request Forgery Add Admin Date: 19.01.2021 Exploit Author: LiquidWorm Vendor Homepage: http://www.stvs.ch STVS ProVision 5.9.10 Cross-Site Request Forgery Add Admin Vendor: STVS SA Product web page: http://www.stvs.ch Platform: Ruby Affected...
Alumni Management System 1.0 - 'id' SQL Injection
Exploit Title: Alumni Management System 1.0 - 'id' SQL Injection Exploit Author: Aakash Madaan Date: 2020-12-17 Vendor Homepage: https://www.sourcecodester.com/php/14524/alumni-management-system-using-phpmysql-source-code.html Software Link:...
MedDream PACS Server 6.8.3.751 - Remote Code Execution (Unauthenticated)
!/usr/bin/python Exploit Title: MedDream PACS Server 6.8.3.751 - Remote Code Execution Unauthenticated Exploit Author: bzyo Twitter: @bzyo Date: 10-10-2020 Vulnerable Software: https://www.softneta.com/products/meddream-pacs-server/ Vendor Homepage: https://www.softneta.com Version: 6.8.3.751...
Online Food Ordering System 1.0 - Remote Code Execution
Exploit Title: Online Food Ordering System 1.0 - Remote Code Execution Google Dork: N/A Date: 2020-09-22 Exploit Author: Eren Şimşek Vendor Homepage: https://www.sourcecodester.com/php/14460/simple-online-food-ordering-system-using-phpmysql.html Software Link:...
Bus Reservation System 1.1 - Multiple-SQLi
Title: Bus Reservation System-1.1 Multiple-SQLi Author: nu11secur1ty Date: 08/26/2023 Vendor: https://www.phpjabbers.com/ Software: https://demo.phpjabbers.com/1693027053628/preview.php?lid=1 Reference: https://portswigger.net/web-security/sql-injection Description: The pickupid parameter appears...
WBCE CMS 1.6.1 - Open Redirect & CSRF
Exploit Title: WBCE CMS 1.6.1 - Open Redirect & CSRF Version: 1.6.1 Bugs: Open Redirect + CSRF = CSS KEYLOGGING Technology: PHP Vendor URL: https://wbce-cms.org/ Software Link: https://github.com/WBCE/WBCECMS/releases/tag/1.6.1 Date of found: 03-07-2023 Author: Mirabbas Ağalarov Tested on: Linux ...
WordPress Plugin Videos sync PDF 1.7.4 - Stored Cross Site Scripting (XSS)
Exploit Title: WordPress Plugin Videos sync PDF 1.7.4 - Stored Cross Site Scripting XSS Google Dork: inurl:/wp-content/plugins/video-synchro-pdf/ Date: 2022-04-13 Exploit Author: UnD3sc0n0c1d0 Vendor Homepage: http://www.a-j-evolution.com/ Software Link:...
Servisnet Tessa - Privilege Escalation (Metasploit)
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Servisnet Tessa - Privilege Escalation Metasploit', 'Description' = %q This module exploits privilege escalation in Servisnet Tessa, triggered by...
Sonicwall SonicOS 6.5.4 - 'Common Name' Cross-Site Scripting (XSS)
Exploit Title: Sonicwall SonicOS 6.5.4 - 'Common Name' Cross-Site Scripting XSS Date: 2021-10-18 Exploit Author: Vulnerability Lab Vendor Homepage: https://www.sonicguard.com/NSV-800.asp Version: 6.5.4 Document Title: =============== Sonicwall SonicOS 6.5.4 - Cross Site Scripting Web Vulnerabilit...
Active WebCam 11.5 - Unquoted Service Path
Exploit Title: Active WebCam 11.5 - Unquoted Service Path Exploit Author: Salman Asad @deathflash1411 a.k.a LeoBreaker Date: 09.09.2021 Software Link: https://www.techspot.com/downloads/175-active-webcam.html Vendor Homepage: https://www.pysoft.com/ Version: 11.5 Tested on: Windows 10 Note: "Star...
PEEL Shopping 9.3.0 - 'address' Stored Cross-Site Scripting
Exploit Title: PEEL Shopping 9.3.0 - 'address' Stored Cross-Site Scripting Date: 2021-02-11 Exploit Author: Anmol K Sachan Vendor Homepage: https://www.peel.fr/ Software Link: https://sourceforge.net/projects/peel-shopping/ Software: : PEEL SHOPPING 9.3.0 Vulnerability Type: Stored Cross-site...
Inteno IOPSYS 3.16.4 - root filesystem access via sambashare (Authenticated)
Exploit Title: Inteno IOPSYS 3.16.4 - root filesystem access via sambashare Authenticated Date: 2020-03-29 Exploit Author: Henrik Pedersen Vendor Homepage: https://intenogroup.com/ Version: Iopsys -p -k Requires: impacket websocket-client On Windows: pyreadline """ def ubusAuthhost, username,...