47884 matches found
Roxy WI v6.1.0.0 - Unauthenticated Remote Code Execution (RCE) via subprocess_execute
Exploit Title: Roxy WI v6.1.0.0 - Unauthenticated Remote Code Execution RCE via subprocessexecute Exploit Author: Iyaad Luqman K Application: Roxy WI = v6.1.0.0 Vendor Homepage: https://roxy-wi.org Software Link: https://github.com/hap-wi/roxy-wi.git Tested on: Ubuntu 22.04 CVE : CVE-2022-31137 P...
Wolf CMS 0.8.3.1 - Remote Code Execution (RCE)
Exploit Title: Wolf CMS 0.8.3.1 - Remote Code Execution RCE Date: 2023-05-02 Exploit Author: Ahmet Ümit BAYRAM Vendor Homepage: https://wolf-cms.readthedocs.io Software Link: https://github.com/wolfcms/wolfcms Version: 0.8.3.1 Tested on: Kali Linux Steps to Reproduce Firstly, go to the "Files" ta...
Active WebCam 11.5 - Unquoted Service Path
Exploit Title: Active WebCam 11.5 - Unquoted Service Path Exploit Author: Salman Asad @deathflash1411 a.k.a LeoBreaker Date: 09.09.2021 Software Link: https://www.techspot.com/downloads/175-active-webcam.html Vendor Homepage: https://www.pysoft.com/ Version: 11.5 Tested on: Windows 10 Note: "Star...
AnyTXT Searcher 1.2.394 - 'ATService' Unquoted Service Path
Exploit Title: AnyTXT Searcher 1.2.394 - 'ATService' Unquoted Service Path Date: 2020-12-11 Exploit Author: Mohammed Alshehri Vendor Homepage: Anytxt.net Software Link: https://sourceforge.net/projects/anytxt/files/AnyTXT.Searcher.1.2.394.exe Version: Version 1.2.394 Tested on: Microsoft Windows ...
WordPress Plugin Stripe Payments 2.0.39 - 'AcceptStripePayments-settings[currency_code]' Stored XSS
Exploit Title: WordPress Plugin Stripe Payments 2.0.39 - 'AcceptStripePayments-settingscurrencycode' Stored XSS Date: 04-01-2021 Software Link: https://wordpress.org/plugins/stripe-payments/developers Exploit Author: Park Won Seok Contact: [email protected] Category: Webapps Version:...
Prey 1.9.6 - "CronService" Unquoted Service Path
Exploit Title: Prey 1.9.6 - "CronService" Unquoted Service Path Discovery by: Ömer Tuygun Discovery Date:16.10.2020 Vendor Homepage: https://preyproject.com/ Software Link: https://preyproject.com/download/ Tested Version: 1.9.6 Vulnerability Type: Unquoted Service Path Tested on OS: Windows 10 P...
AV Arcade - 'Search' Cross-Site Scripting / HTML Injection
Exploit Title: AV Arcade Search Field XSS/HTML Injection Date: 6/5/2010 Author: Vadim Toptunov, http://www.twitter.com/pentesting Software Link: http://www.avscripts.net/avarcade/ Version: 5.1.4 Free and Pro latest and prior Tested on: Any NIX CVE : N/a Code : below Description: AV arcade is a fr...
Laravel Pulse 1.3.1 - Arbitrary Code Injection
!/usr/bin/env python3 Exploit Title: Laravel Pulse 1.3.1 - Arbitrary Code Injection Author: Mohammed Idrees Banyamer @banyamersecurity GitHub: https://github.com/mbanyamer Date: 2025-06-06 Tested on: Laravel Pulse v1.2.0 / Ubuntu 22.04 / Apache2 CVE: CVE-2024-55661 Type: Remote Code Execution via...
qdPM 9.1 - Remote Code Execution (RCE) (Authenticated) (v2)
Exploit Title: qdPM 9.1 - Remote Code Execution RCE Authenticated Google Dork: intitle:qdPM 9.1. Copyright © 2020 qdpm.net Date: 2021-08-03 Original Exploit Author: Rishal Dwivedi Loginsoft Original ExploitDB ID: 47954 https://www.exploit-db.com/exploits/47954 Exploit Author: Leon Trappett...
Mitsubishi Electric & INEA SmartRTU - Source Code Disclosure
Exploit Title: Mitsubishi Electric & INEA SmartRTU - Source Code Disclosure Date: 2021-17-10 Exploit Author: Hamit CİBO Vendor Homepage: https://www.inea.si Software Link: https://www.inea.si/telemetrija-in-m2m-produkti/mertu/ Version: ME RTU Tested on: Windows CVE : CVE-2018-16060 PoC Request GE...
Wyomind Help Desk 1.3.6 - Remote Code Execution (RCE)
Exploit Title: Wyomind Help Desk 1.3.6 - Remote Code Execution RCE Date: 2021-07-07 Exploit Author: Patrik Lantz Vendor Homepage: https://www.wyomind.com/magento2/helpdesk-magento-2.html Version: Content-Type: multipart/form-data; boundary=---------------------------243970849510445067673127196635...
Simple College Website 1.0 - 'full' Stored Cross Site Scripting
Exploit Title: Simple College Website 1.0 - 'full' Stored Cross Site Scripting Exploit Author: Marco Catalano @stunn4 Date: 2021-01-25 Vendor Homepage: https://www.sourcecodester.com/php/7772/simple-college-website-using-php-and-mysql.html Software Link:...
Inteno IOPSYS 3.16.4 - root filesystem access via sambashare (Authenticated)
Exploit Title: Inteno IOPSYS 3.16.4 - root filesystem access via sambashare Authenticated Date: 2020-03-29 Exploit Author: Henrik Pedersen Vendor Homepage: https://intenogroup.com/ Version: Iopsys -p -k Requires: impacket websocket-client On Windows: pyreadline """ def ubusAuthhost, username,...
Vehicle Parking Management System 1.0 - Authentication Bypass
Exploit Title: Vehicle Parking Management System 1.0 - Authentication Bypass Google Dork: N/A Date: 2020-10-14 Exploit Author: BKpatron Vendor Homepage: https://www.sourcecodester.com/php/14415/vehicle-parking-management-system-project-phpmysql-full-source-code.html Software Link:...
Windscribe 1.83 - 'WindscribeService' Unquoted Service Path
Exploit Title: Windscribe 1.83 - 'WindscribeService' Unquoted Service Path Date: 2020-06-26 Exploit Author: Ethan Seow Vendor Homepage: https://windscribe.com Version: v1.83 Build 20 Tested on: Microsoft Windows 10 Home 10.0.18363 Build 18363 filename : exploit.bat Code start @echo off sc config...
V-SOL GPON/EPON OLT Platform 2.03 - Unauthenticated Configuration Download
Title: V-SOL GPON/EPON OLT Platform 2.03 - Unauthenticated Configuration Download Date: 2019-09-27 Author: LiquidWorm Vendor: Guangzhou V-SOLUTION Electronic Technology Co., Ltd. Product web page: https://www.vsolcn.com Affected version: V2.03.62RIPv6 V2.03.54R V2.03.52R V2.03.49 V2.03.47 V2.03.4...
Linux Kernel 2.4.x/2.6.x (CentOS 4.8/5.3 / RHEL 4.8/5.3 / SuSE 10 SP2/11 / Ubuntu 8.10) (PPC) - 'sock_sendpage()' Local Privilege Escalation
/ Linux socksendpage NULL pointer dereference Copyright 2009 Ramon de Carvalho Valle This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or at your...
ERPNext 14.82.1 - Account Takeover via Cross-Site Request Forgery (CSRF)
Exploit Title: ERPNext 14.82.1 - Account Takeover via Cross-Site Request Forgery CSRF Google Dork: inurl:"/api/method/frappe" Date: 2025-04-29 Exploit Author: Ahmed Thaiban Thvt0ne Vendor Homepage: https://erpnext.com Software Link: https://github.com/frappe/erpnext Version: Delete User Click Her...
Palo Alto PAN-OS < v11.1.2-h3 - Command Injection and Arbitrary File Creation
Exploit Title: Palo Alto PAN-OS bool: ret = False uri = "/ssl-vpn/hipreport.esp" s = requests.Session r = "" headers = "User-Agent" : \ "Mozilla/5.0 Windows NT 10.0; Win64; x64 AppleWebKit/537.36 KHTML, like Gecko Chrome/118.0.0.0 Safari/537.36", Windows 10 Chrome 118.0.0.0 "Content-Type":...
Real Estate Management System v1.0 - Remote Code Execution via File Upload
Exploit Title: Real Estate Management System v1.0 - Remote Code Execution via File Upload Date: 2/11/2024 Exploit Author: Diyar Saadi Vendor Homepage: https://codeastro.com Version: V1.0 Tested on: Windows 11 + XAMPP 8.0.30 + Burp Suite Professional v2023.12.1.3 Description This Vulnerability all...
WordPress Plugin WP Learn Manager 1.1.2 - Stored Cross-Site Scripting (XSS)
Exploit Title: WordPress Plugin WP Learn Manager 1.1.2 - Stored Cross-Site Scripting XSS Date: July 2, 2021 Exploit Author: Mohammed Adam Vendor Homepage: https://wplearnmanager.com/ Software Link: https://wordpress.org/plugins/learn-manager/ Version: 1.1.2 References link:...
Student Result Management System 1.0 - 'class' SQL Injection
Exploit Title: Student Result Management System 1.0 - 'class' SQL Injection Date: 09.09.2020 Exploit Author: Riadh Benlamine rbn0x00 Vendor Homepage : https://projectworlds.in Software Page: https://projectworlds.in/free-projects/php-projects/student-result-management-system-project-in-php/...
GNU Mailutils 3.7 - Privilege Escalation
Exploit Title: GNU Mailutils 3.7 - Local Privilege Escalation Date: 2019-11-06 Exploit Author: Mike Gualtieri Vendor Homepage: https://mailutils.org/ Software Link: https://ftp.gnu.org/gnu/mailutils/mailutils-3.7.tar.gz Version: 2.0 = 3.7 Tested on: Gentoo CVE : CVE-2019-18862 Title : GNU Mailuti...
Horde Webmail 5.2.22 - Multiple Vulnerabilities
Title: Horde Webmail - XSS + CSRF to SQLi, RCE, Stealing Emails var url = "http://webmail.victimserver.com/trean/"; var params =...
WordPress Core 4.7.0/4.7.1 - Content Injection
2017 - @leonjza Wordpress 4.7.0/4.7.1 Unauthenticated Content Injection PoC Full bug description: https://blog.sucuri.net/2017/02/content-injection-vulnerability-wordpress-rest-api.html Usage example: List available posts: $ python inject.py http://localhost:8070/ Discovering API Endpoint API liv...
Jorani v1.0.3-(c)2014-2023 - XSS Reflected & Information Disclosure
Title: Jorani v1.0.3-c2014-2023 - XSS Reflected & Information Disclosure Author: nu11secur1ty Date: 08/27/2023 Vendor: https://jorani.org/ Software: https://demo.jorani.org/session/login Reference: https://portswigger.net/web-security/cross-site-scripting Reference:...
Franklin Fueling Systems Colibri Controller Module 1.8.19.8580 - Local File Inclusion (LFI)
Exploit Title: Franklin Fueling Systems Colibri Controller Module 1.8.19.8580 - Local File Inclusion LFI Date: 7/4/2022 Exploit Author: Momen Eldawakhly Cyber Guy Vendor Homepage: https://www.franklinfueling.com/ Version: 1.8.19.8580 Tested on: Linux Firefox CVE : CVE-2021-46417 Proof of Concept...
WordPress Plugin amministrazione-aperta 3.7.3 - Local File Read - Unauthenticated
Exploit Title: WordPress Plugin amministrazione-aperta 3.7.3 - Local File Read - Unauthenticated Google Dork: inurl:/wp-content/plugins/amministrazione-aperta/ Date: 23-03-2022 Exploit Author: Hassan Khan Yusufzai - Splint3r7 Vendor Homepage: https://wordpress.org/plugins/amministrazione-aperta/...
Wing FTP Server 4.3.8 - Remote Code Execution (RCE) (Authenticated)
Exploit Title: Wing FTP Server - Authenticated RCE Date: 02/06/2022 Exploit Author: notcos Credit: Credit goes to the initial discoverer of this exploit, Alex Haynes. Vendor Homepage: https://www.wftpserver.com/ Software Link: https://www.wftpserver.com/download/WingFtpServer.exe Version: " %...
Cypress Solutions CTM-200 2.7.1 - Root Remote OS Command Injection
Exploit Title: Cypress Solutions CTM-200 2.7.1 - Root Remote OS Command Injection Date: 21.09.2021 Exploit Author: LiquidWorm Vendor Homepage: https://www.cypress.bc.ca Cypress Solutions CTM-200 2.7.1 Root Remote OS Command Injection Vendor: Cypress Solutions Inc. Product web page:...
SAPSprint 7.60 - 'SAPSprint' Unquoted Service Path
Exploit Title: SAPSprint 7.60 - 'SAPSprint' Unquoted Service Path Discovery by: Brian Rodriguez Date: 21-06-2021 Vendor Homepage: https://brother.com/ Tested Version: 7.60 Vulnerability Type: Unquoted Service Path Tested on: Windows 10 Enterprise 64 bits Step to discover Unquoted Service Path:...
Zoom Meeting Connector 4.6.239.20200613 - Remote Root Exploit (Authenticated)
Exploit Title: Zoom Meeting Connector 4.6.239.20200613 - Remote Root Exploit Authenticated Date: 12-29-2020 Exploit Author: Jeremy Brown Vendor Homepage: https://support.zoom.us/hc/en-us/articles/201363093-Deploying-the-Meeting-Connector Software Link:...
GetSimple CMS 3.3.16 - Persistent Cross-Site Scripting (Authenticated)
Exploit Title: GetSimple CMS 3.3.16 - Persistent Cross-Site Scripting Authenticated Google Dork: - Date: 2020-09-29 Exploit Author: Roel van Beurden Vendor Homepage: http://get-simple.info Software Link: http://get-simple.info/download Version: 3.3.16 Tested on: Linux Ubuntu 18.04 CVE: N/A 1...
Mida eFramework 2.9.0 - Back Door Access
Exploit Title: Mida eFramework 2.9.0 - Back Door Access Google Dork: Server: Mida eFramework Date: 2020-08-27 Exploit Author: elbae Vendor Homepage: https://www.midasolutions.com/ Software Link: http://ova-efw.midasolutions.com/ Reference:...
CSZ CMS 1.2.7 - 'title' HTML Injection
Exploit Title: CSZ CMS 1.2.7 - 'title' HTML Injection Exploit Author: Metin Yunus Kandemir Vendor Homepage: https://www.cszcms.com/ Software Link: https://sourceforge.net/projects/cszcms/ Version: v1.2.7 Description: Authenticated user can inject hyperlink to Backend System Dashboard and Member...
National Instruments Circuit Design Suite 14.0 - Local Privilege Escalation
Exploit Title: National Instruments Circuit Design Suite 14.0 - Local Privilege Escalation Discovery Date: 2019-10-10 Exploit Author: Ivan Marmolejo Vendor Homepage: http://www.ni.com/en-us.html Software Link: https://www.ni.com/en-us/shop/select/circuit-design-suite Version: 14.0 Vulnerability...
dizqueTV 1.5.3 - Remote Code Execution (RCE)
Exploit Title: dizqueTV 1.5.3 - Remote Code Execution RCE Date: 9/21/2024 Exploit Author: Ahmed Said Saud Al-Busaidi Vendor Homepage: https://github.com/vexorian/dizquetv Version: 1.5.3 Tested on: linux POC: Vulnerability Description dizqueTV 1.5.3 is vulnerable to unauthorized remote code...
WordPress Plugin Ninja Forms 3.6.25 - Reflected XSS
Exploit Title: WordPress Plugin Ninja Forms 3.6.25 - Reflected XSS Authenticated Google Dork: inurl:/wp-content/plugins/ninja-forms/readme.txt Date: 2023-07-27 Exploit Author: Mehran Seifalinia Vendor Homepage: https://ninjaforms.com/ Software Link:...
Joomla! v4.2.8 - Unauthenticated information disclosure
!/usr/bin/env ruby Exploit Title: Joomla! v4.2.8 - Unauthenticated information disclosure Exploit author: noraj Alexandre ZANNI for ACCEIS https://www.acceis.fr Author website: https://pwn.by/noraj/ Exploit source: https://github.com/Acceis/exploit-CVE-2023-23752 Date: 2023-03-24 Vendor Homepage:...
AD Manager Plus 7122 - Remote Code Execution (RCE)
Exploit Title: AD Manager Plus 7122 - Remote Code Execution RCE Exploit Author: Chan Nyein Wai & Thura Moe Myint Vendor Homepage: https://www.manageengine.com/products/ad-manager/ Software Link: https://www.manageengine.com/products/ad-manager/download.html Version: Ad Manager Plus Before 7122...
ExifTool 12.23 - Arbitrary Code Execution
Exploit Title: ExifTool 12.23 - Arbitrary Code Execution Date: 04/30/2022 Exploit Author: UNICORD NicPWNs & Dev-Yeoj Vendor Homepage: https://exiftool.org/ Software Link: https://github.com/exiftool/exiftool/archive/refs/tags/12.23.zip Version: 7.44-12.23 Tested on: ExifTool 12.23 Debian CVE:...
Cobian Backup Gravity 11.2.0.582 - 'CobianBackup11' Unquoted Service Path
Exploit Title: Cobian Backup Gravity 11.2.0.582 - 'CobianBackup11' Unquoted Service Path Discovery by: Luis Martinez Discovery Date: 2022-02-24 Vendor Homepage: https://www.cobiansoft.com/ Software Link : https://files.cobiansoft.com/programs/cbSetup.exe Tested Version: 11.2.0.582 Vulnerability...
Simple Chatbot Application 1.0 - Remote Code Execution (RCE)
Exploit Title: Simple Chatbot Application 1.0 - Remote Code Execution RCE Date: 18/01/2022 Exploit Author: Saud Alenazi Vendor Homepage: https://www.sourcecodester.com/ Software Link: https://www.sourcecodester.com/php/14788/simple-chatbot-application-using-php-source-code.html Version: 1.0 Teste...
Plastic SCM 10.0.16.5622 - WebAdmin Server Access
Exploit Title: Plastic SCM 10.0.16.5622 - WebAdmin Server Access Shodan Dork: title:"Plastic SCM" Date: 18.10.2021 Exploit Author: Basavaraj Banakar Vendor Homepage: https://www.plasticscm.com/ Software Link: https://www.plasticscm.com/download/releasenotes/10.0.16.5622 Version: Plastic SCM...
Telegram Desktop 2.9.2 - Denial of Service (PoC)
Exploit Title: Telegram Desktop 2.9.2 - Denial of Service PoC Exploit Author: Aryan Chehreghani Date: 2021-08-30 Vendor Homepage: https://telegram.org Software Link: https://telegram.org/dl/desktop/win64 Tested Version: 2.9.2 x64 Tested on OS: Windows 10 Enterprise About App Telegram is a messagi...
Cassandra Web 0.5.0 - Remote File Read
Exploit Title: Cassandra Web 0.5.0 - Remote File Read Date: 12-28-2020 Exploit Author: Jeremy Brown Vendor Homepage: https://github.com/avalanche123/cassandra-web Software Link: https://rubygems.org/gems/cassandra-web/versions/0.5.0 Version: 0.5.0 Tested on: Linux !/usr/bin/python -- coding: UTF-...
Ksix Zigbee Devices - Playback Protection Bypass (PoC)
Exploit Title: Ksix Zigbee Devices - Playback Protection Bypass PoC Date: 2020-11-15 Exploit Author: Alejandro Vazquez Vazquez Vendor Homepage: https://www.ksixmobile.com/ Firmware Version: Gateway Zigbee Module - v1.0.3, Gateway Main Module - v1.1.2, Door Sensor - v1.0.7, PIR Motion Sensor -...
Tailor Management System 1.0 - Unrestricted File Upload to Remote Code Execution
Exploit Title: Tailor Management System 1.0 - Unrestricted File Upload to Remote Code Execution Exploit Author: Saeed Bala Ahmed r0b0tG4nG Date: 2020-09-18 Vendor Homepage: https://www.sourcecodester.com/php/14378/tailor-management-system-php-mysql.html Software Link:...
Konica Minolta FTP Utility 1.0 - 'LIST' Denial of Service (PoC)
Exploit Title: Konica Minolta FTP Utility 1.0 - 'LIST' Denial of Service PoC Date: 2020-05-16 Found by: Alvaro J. Gene Socket0x03 Software Link: https://konica-minolta-ftp-utility.software.informer.com/download/ Vulnerable Application: Konica Minolta FTP Utility Version: 1.0 Server: FTP Server...
Online AgroCulture Farm Management System 1.0 - 'pid' SQL Injection
Exploit Title: Online AgroCulture Farm Management System 1.0 - 'pid' SQL Injection Google Dork: N/A Date: 2020-05-07 Exploit Author: BKpatron Vendor Homepage: https://www.sourcecodester.com/php/14198/online-agroculture-farm-management-system-phpmysql.html Software Link:...