47904 matches found
VestaCP 0.9.8 - 'v_interface' Add IP Stored XSS
Title: VestaCP 0.9.8 - 'vinterface' Add IP Stored XSS Date: 07.03.2021 Author: Numan Türle Vendor Homepage: https://vestacp.com Software Link: https://myvestacp.com alert1&vshared=on&vowner=admin&vname=&vnat=&ok=Add...
AnyTXT Searcher 1.2.394 - 'ATService' Unquoted Service Path
Exploit Title: AnyTXT Searcher 1.2.394 - 'ATService' Unquoted Service Path Date: 2020-12-11 Exploit Author: Mohammed Alshehri Vendor Homepage: Anytxt.net Software Link: https://sourceforge.net/projects/anytxt/files/AnyTXT.Searcher.1.2.394.exe Version: Version 1.2.394 Tested on: Microsoft Windows ...
Cassandra Web 0.5.0 - Remote File Read
Exploit Title: Cassandra Web 0.5.0 - Remote File Read Date: 12-28-2020 Exploit Author: Jeremy Brown Vendor Homepage: https://github.com/avalanche123/cassandra-web Software Link: https://rubygems.org/gems/cassandra-web/versions/0.5.0 Version: 0.5.0 Tested on: Linux !/usr/bin/python -- coding: UTF-...
Pharmacy Store Management System 1.0 - 'id' SQL Injection
Exploit Title: Pharmacy Store Management System 1.0 - 'id' SQL Injection Google Dork: N/A Date: 1.12.2020 Exploit Author: Aydın Baran Ertemir Vendor Homepage: https://www.sourcecodester.com/php/13225/pharmacy-store-management-system.html Software Link:...
CSZ CMS 1.2.7 - 'title' HTML Injection
Exploit Title: CSZ CMS 1.2.7 - 'title' HTML Injection Exploit Author: Metin Yunus Kandemir Vendor Homepage: https://www.cszcms.com/ Software Link: https://sourceforge.net/projects/cszcms/ Version: v1.2.7 Description: Authenticated user can inject hyperlink to Backend System Dashboard and Member...
Grandstream GSD3710 1.0.11.13 - Stack Overflow
!/usr/bin/env python3 Exploit Title: Grandstream GSD3710 1.0.11.13 - Stack Overflow Date: 2025-05-29 Exploit Author: Pepelux Vendor Homepage: https://www.grandstream.com/ Version: Grandstream GSD3710 - firmware:1.0.11.13 and lower Tested on: Linux and MacOS CVE: CVE-2022-2025 """ Author: Jose Lui...
PrusaSlicer 2.6.1 - Arbitrary code execution
Exploit Title: PrusaSlicer 2.6.1 - Arbitrary code execution on g-code export Date: 16/01/2024 Exploit Author: Kamil Breński Vendor Homepage: https://www.prusa3d.com Software Link: https://github.com/prusa3d/PrusaSlicer Version: PrusaSlicer up to and including version 2.6.1 Tested on: Windows and...
Joomla! v4.2.8 - Unauthenticated information disclosure
!/usr/bin/env ruby Exploit Title: Joomla! v4.2.8 - Unauthenticated information disclosure Exploit author: noraj Alexandre ZANNI for ACCEIS https://www.acceis.fr Author website: https://pwn.by/noraj/ Exploit source: https://github.com/Acceis/exploit-CVE-2023-23752 Date: 2023-03-24 Vendor Homepage:...
WordPress Plugin amministrazione-aperta 3.7.3 - Local File Read - Unauthenticated
Exploit Title: WordPress Plugin amministrazione-aperta 3.7.3 - Local File Read - Unauthenticated Google Dork: inurl:/wp-content/plugins/amministrazione-aperta/ Date: 23-03-2022 Exploit Author: Hassan Khan Yusufzai - Splint3r7 Vendor Homepage: https://wordpress.org/plugins/amministrazione-aperta/...
Wing FTP Server 4.3.8 - Remote Code Execution (RCE) (Authenticated)
Exploit Title: Wing FTP Server - Authenticated RCE Date: 02/06/2022 Exploit Author: notcos Credit: Credit goes to the initial discoverer of this exploit, Alex Haynes. Vendor Homepage: https://www.wftpserver.com/ Software Link: https://www.wftpserver.com/download/WingFtpServer.exe Version: " %...
Isshue Shopping Cart 3.5 - 'Title' Cross Site Scripting (XSS)
Exploit Title: Isshue Shopping Cart 3.5 - 'Title' Cross Site Scripting XSS Date: 2021-10-22 Exploit Author: Vulnerability Lab Vendor Homepage: https://www.bdtask.com/multi-store-ecommerce-shopping-cart-software/ Version: 3.5 Document Title: =============== Isshue Shopping Cart v3.5 - Cross Site W...
Mitsubishi Electric & INEA SmartRTU - Source Code Disclosure
Exploit Title: Mitsubishi Electric & INEA SmartRTU - Source Code Disclosure Date: 2021-17-10 Exploit Author: Hamit CİBO Vendor Homepage: https://www.inea.si Software Link: https://www.inea.si/telemetrija-in-m2m-produkti/mertu/ Version: ME RTU Tested on: Windows CVE : CVE-2018-16060 PoC Request GE...
WordPress Plugin Stripe Payments 2.0.39 - 'AcceptStripePayments-settings[currency_code]' Stored XSS
Exploit Title: WordPress Plugin Stripe Payments 2.0.39 - 'AcceptStripePayments-settingscurrencycode' Stored XSS Date: 04-01-2021 Software Link: https://wordpress.org/plugins/stripe-payments/developers Exploit Author: Park Won Seok Contact: [email protected] Category: Webapps Version:...
Prey 1.9.6 - "CronService" Unquoted Service Path
Exploit Title: Prey 1.9.6 - "CronService" Unquoted Service Path Discovery by: Ömer Tuygun Discovery Date:16.10.2020 Vendor Homepage: https://preyproject.com/ Software Link: https://preyproject.com/download/ Tested Version: 1.9.6 Vulnerability Type: Unquoted Service Path Tested on OS: Windows 10 P...
GetSimple CMS 3.3.16 - Persistent Cross-Site Scripting (Authenticated)
Exploit Title: GetSimple CMS 3.3.16 - Persistent Cross-Site Scripting Authenticated Google Dork: - Date: 2020-09-29 Exploit Author: Roel van Beurden Vendor Homepage: http://get-simple.info Software Link: http://get-simple.info/download Version: 3.3.16 Tested on: Linux Ubuntu 18.04 CVE: N/A 1...
Composr CMS 10.0.30 - Persistent Cross-Site Scripting
Title: Composr CMS 10.0.30 - Persistent Cross-Site Scripting Author: Manuel Garcia Cardenas Date: 2020-02-06 Vendor: https://compo.sr/ CVE: N/A ============================================= MGC ALERT 2020-001 - Original release date: February 06, 2020 - Last revised: May 21, 2020 - Discovered by:...
LibreOffice < 6.2.6 Macro - Python Code Execution (Metasploit)
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'LibreOffice Macro Python Code Execution', 'Description' = %q LibreOffice comes bundled with sample macros written in Python and allows the abilit...
Horde Webmail 5.2.22 - Multiple Vulnerabilities
Title: Horde Webmail - XSS + CSRF to SQLi, RCE, Stealing Emails var url = "http://webmail.victimserver.com/trean/"; var params =...
WordPress Core 4.7.0/4.7.1 - Content Injection
2017 - @leonjza Wordpress 4.7.0/4.7.1 Unauthenticated Content Injection PoC Full bug description: https://blog.sucuri.net/2017/02/content-injection-vulnerability-wordpress-rest-api.html Usage example: List available posts: $ python inject.py http://localhost:8070/ Discovering API Endpoint API liv...
Jorani v1.0.3-(c)2014-2023 - XSS Reflected & Information Disclosure
Title: Jorani v1.0.3-c2014-2023 - XSS Reflected & Information Disclosure Author: nu11secur1ty Date: 08/27/2023 Vendor: https://jorani.org/ Software: https://demo.jorani.org/session/login Reference: https://portswigger.net/web-security/cross-site-scripting Reference:...
Lucee 5.4.2.17 - Authenticated Reflected XSS
Exploit Title: Lucee 5.4.2.17 - Authenticated Reflected XSS Google Dork: NA Date: 05/08/2023 Exploit Author: Yehia Elghaly Vendor Homepage: https://www.lucee.org/ Software Link: https://download.lucee.org/ Version:...
Cobian Backup Gravity 11.2.0.582 - 'CobianBackup11' Unquoted Service Path
Exploit Title: Cobian Backup Gravity 11.2.0.582 - 'CobianBackup11' Unquoted Service Path Discovery by: Luis Martinez Discovery Date: 2022-02-24 Vendor Homepage: https://www.cobiansoft.com/ Software Link : https://files.cobiansoft.com/programs/cbSetup.exe Tested Version: 11.2.0.582 Vulnerability...
YouTube Video Grabber 1.9.9.1 - Buffer Overflow (SEH)
Exploit Title: YouTube Video Grabber 1.9.9.1 - Buffer Overflow SEH Date: 01.11.2021 Software Link: https://www.litexmedia.com/ytgrabber.exe Exploit Author: Achilles Tested Version: 1.9.9.1 Tested on: Windows 7 64bit 1.- Run python code : YouTube.py 2.- Open EVIL.txt and copy All content to...
crossfire-server 1.9.0 - 'SetUp()' Remote Buffer Overflow
Exploit Title: crossfire-server 1.9.0 - 'SetUp' Remote Buffer Overflow Exploit Author: Khaled Salem @Khaled0x07 Software Link: https://www.exploit-db.com/apps/43240af83a4414d2dcc19fff3af31a63-crossfire-1.9.0.tar.gz Version: 1.9.0 Tested on: Kali Linux 2020.4 CVE : CVE-2006-1236 !/bin/python impor...
Zoom Meeting Connector 4.6.239.20200613 - Remote Root Exploit (Authenticated)
Exploit Title: Zoom Meeting Connector 4.6.239.20200613 - Remote Root Exploit Authenticated Date: 12-29-2020 Exploit Author: Jeremy Brown Vendor Homepage: https://support.zoom.us/hc/en-us/articles/201363093-Deploying-the-Meeting-Connector Software Link:...
Seacms 11.1 - 'checkuser' Stored XSS
Exploit Title: Seacms 11.1 - 'checkuser' Stored XSS Date: 20201212 Exploit Author: j5s Vendor Homepage: https://www.seacms.net/ Software Link: https://www.seacms.net/ Version: 11.1 POST /SEACMS111/5f9js3/adminsafe.php?action=setting HTTP/1.1 Host: 192.168.137.139 User-Agent: Mozilla/5.0 Windows N...
Konica Minolta FTP Utility 1.0 - 'LIST' Denial of Service (PoC)
Exploit Title: Konica Minolta FTP Utility 1.0 - 'LIST' Denial of Service PoC Date: 2020-05-16 Found by: Alvaro J. Gene Socket0x03 Software Link: https://konica-minolta-ftp-utility.software.informer.com/download/ Vulnerable Application: Konica Minolta FTP Utility Version: 1.0 Server: FTP Server...
National Instruments Circuit Design Suite 14.0 - Local Privilege Escalation
Exploit Title: National Instruments Circuit Design Suite 14.0 - Local Privilege Escalation Discovery Date: 2019-10-10 Exploit Author: Ivan Marmolejo Vendor Homepage: http://www.ni.com/en-us.html Software Link: https://www.ni.com/en-us/shop/select/circuit-design-suite Version: 14.0 Vulnerability...
Joomla! Component JComments 2.1 - 'ComntrNam' Cross-Site Scripting
source: https://www.securityfocus.com/bid/40230/info The JComments component for Joomla! is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecti...
openSIS 9.1 - SQLi (Authenticated)
Exploit Title: openSIS 9.1 - SQLi Authenticated Google Dork: intext:"openSIS is a product" Date: 09.09.2024 Exploit Author: Devrim Dıragumandan d0ub1edd Vendor Homepage: https://www.os4ed.com/ Software Link: https://github.com/OS4ED/openSIS-Classic/releases/tag/V9.1 Version: 9.1 Tested on: Linux ...
Workout Journal App 1.0 - Stored XSS
Exploit Title: Workout Journal App 1.0 - Stored XSS Date: 12.01.2024 Exploit Author: MURAT CAGRI ALIS Vendor Homepage: https://www.sourcecodester.com Software Link: https://www.sourcecodester.com/php/17088/workout-journal-app-using-php-and-mysql-source-code.html Version: 1.0 Tested on: Windows /...
Member Login Script 3.3 - Client-side desync
Title: Member Login Script 3.3 - Client-side desync Author: nu11secur1ty Date: 08/25/2023 Vendor: https://www.phpjabbers.com/ Reference: https://portswigger.net/web-security/request-smuggling/browser/client-side-desync Description: The server appears to be vulnerable to client-side desync attacks...
Apache Tomcat 10.1 - Denial Of Service
Exploit Title: Apache Tomcat 10.1 - Denial Of Service Google Dork: N/A Date: 13/07/2022 Exploit Author: Cristian 'void' Giustini Vendor Homepage: https://tomcat.apache.org/ Software Link: https://tomcat.apache.org/download-10.cgi Version: = 10.1 Tested on: Apache Tomcat 10.0 Docker CVE :...
Virtua Software Cobranca 12S - SQLi
Exploit Title: Virtua Software Cobranca 12S - SQLi Shodan Query: http.favicon.hash:876876147 Date: 13/08/2021 Exploit Author: Luca Regne Vendor Homepage: https://www.virtuasoftware.com.br/ Software Link: https://www.virtuasoftware.com.br/downloads/Cobranca12S1308.exe Version: 12S Tested on: Windo...
Franklin Fueling Systems Colibri Controller Module 1.8.19.8580 - Local File Inclusion (LFI)
Exploit Title: Franklin Fueling Systems Colibri Controller Module 1.8.19.8580 - Local File Inclusion LFI Date: 7/4/2022 Exploit Author: Momen Eldawakhly Cyber Guy Vendor Homepage: https://www.franklinfueling.com/ Version: 1.8.19.8580 Tested on: Linux Firefox CVE : CVE-2021-46417 Proof of Concept...
Build Smart ERP 21.0817 - 'eidValue' SQL Injection (Unauthenticated)
Exploit Title: Build Smart ERP 21.0817 - 'eidValue' SQL Injection Unauthenticated Date: 24/10/2021 Exploit Author: Nehru Sethuraman Vendor Homepage: https://ribccs.com/solutions/solution-buildsmart Version: 21.0817 Build: 3 Google Dorks: intitle:buildsmart accounting Tested on: OS - Windows 2012 ...
Telegram Desktop 2.9.2 - Denial of Service (PoC)
Exploit Title: Telegram Desktop 2.9.2 - Denial of Service PoC Exploit Author: Aryan Chehreghani Date: 2021-08-30 Vendor Homepage: https://telegram.org Software Link: https://telegram.org/dl/desktop/win64 Tested Version: 2.9.2 x64 Tested on OS: Windows 10 Enterprise About App Telegram is a messagi...
Mida eFramework 2.9.0 - Back Door Access
Exploit Title: Mida eFramework 2.9.0 - Back Door Access Google Dork: Server: Mida eFramework Date: 2020-08-27 Exploit Author: elbae Vendor Homepage: https://www.midasolutions.com/ Software Link: http://ova-efw.midasolutions.com/ Reference:...
V-SOL GPON/EPON OLT Platform 2.03 - Unauthenticated Configuration Download
Title: V-SOL GPON/EPON OLT Platform 2.03 - Unauthenticated Configuration Download Date: 2019-09-27 Author: LiquidWorm Vendor: Guangzhou V-SOLUTION Electronic Technology Co., Ltd. Product web page: https://www.vsolcn.com Affected version: V2.03.62RIPv6 V2.03.54R V2.03.52R V2.03.49 V2.03.47 V2.03.4...
Microsoft DirectWrite / AFDKO - Heap-Based Buffer Overflow in OpenType Font Handling in readFDSelect
-----===== Background =====----- AFDKO Adobe Font Development Kit for OpenType is a set of tools for examining, modifying and building fonts. The core part of this toolset is a font handling library written in C, which provides interfaces for reading and writing Type 1, OpenType, TrueType to some...
AV Arcade - 'Search' Cross-Site Scripting / HTML Injection
Exploit Title: AV Arcade Search Field XSS/HTML Injection Date: 6/5/2010 Author: Vadim Toptunov, http://www.twitter.com/pentesting Software Link: http://www.avscripts.net/avarcade/ Version: 5.1.4 Free and Pro latest and prior Tested on: Any NIX CVE : N/a Code : below Description: AV arcade is a fr...
PHPSavant Savant2 - 'Stylesheet.php?MosConfig_absolute_path' Remote File Inclusion
source: https://www.securityfocus.com/bid/19151/info Savant2 is prone to multiple remote file-include vulnerabilities because it fails to properly sanitize user-supplied input. An attacker can exploit these issues to include arbitrary remote files containing malicious PHP code and execute it in t...
Blood Bank v1.0 - Multiple SQL Injection
Exploit Title: Blood Bank v1.0 SQL Injection Vulnerability Date: 2023-11-14 Exploit Author: Ersin Erenler Vendor Homepage: https://code-projects.org/blood-bank-in-php-with-source-code Software Link: https://download-media.code-projects.org/2020/11/BloodBankInPHPWithSourcecode.zip Version: 1.0...
News Portal v4.0 - SQL Injection (Unauthorized)
Exploit Title: News Portal v4.0 - SQL Injection Unauthorized Date: 09/07/2023 Exploit Author: Hubert Wojciechowski Contact Author: [email protected] Vendor Homepage: https://phpgurukul.com/news-portal-project-in-php-and-mysql/c Software Link:...
Microsoft Internet Explorer / ActiveX Control - Security Bypass
Exploit Title: Microsoft Internet Explorer / ActiveX Control - Security Bypass Exploit Author: John Page aka hyp3rlinx Website: hyp3rlinx.altervista.org Source: http://hyp3rlinx.altervista.org/advisories/MICROSOFT-INTERNET-EXPLORER-ACTIVEX-CONTROL-SECURITY-BYPASS.txt twitter.com/hyp3rlinx ISR:...
KMSpico 17.1.0.0 - 'Service KMSELDI' Unquoted Service Path
Exploit Title: KMSpico 17.1.0.0 - 'Service KMSELDI' Unquoted Service Path Exploit Author : SamAlucard Exploit Date: 2020-11-08 Vendor : KMSpico Version : ServiceKMS 17.1.0.0 Vendor Homepage : https://official-kmspico.com/ Tested on OS: Windows 7 Pro Analyze PoC : ============== C:\sc qc "Service...
PhreeBooks ERP 5.2.5 - Remote Command Execution
Exploit Title: PhreeBooks ERP 5.2.5 - Remote Command Execution Date: 2020-05-01 Author: Besim ALTINOK Vendor Homepage: https://www.phreesoft.com/ Software Link: https://sourceforge.net/projects/phreebooks/ Version: v5.2.4, v5.2.5 Tested on: Xampp Credit: İsmail BOZKURT...
elFinder 2.1.47 - 'PHP connector' Command Injection
!/usr/bin/python ''' Exploit Title: elFinder SecSignal.php;echo SecSignal.jpg' def usage: if lensys.argv != 2: print "Usage: python exploit.py URL" sys.exit0 def uploadurl, payload: files = 'upload': payload, open'SecSignal.jpg', 'rb' data = "reqid" : "1693222c439f4", "cmd" : "upload", "target" :...
Linux Kernel 2.4.x/2.6.x (CentOS 4.8/5.3 / RHEL 4.8/5.3 / SuSE 10 SP2/11 / Ubuntu 8.10) (PPC) - 'sock_sendpage()' Local Privilege Escalation
/ Linux socksendpage NULL pointer dereference Copyright 2009 Ramon de Carvalho Valle This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or at your...
Cisco ISE 3.0 - Remote Code Execution (RCE)
Exploit Title: Cisco ISE 3.0 - Remote Code Execution RCE Exploit Author: @ibrahimsql ibrahimsql.com Exploit Author's github: https://github.com/ibrahmsql Description: Cisco ISE API Java Deserialization RCE CVE: CVE-2025-20124 Vendor Homepage: https://www.cisco.com/ Requirements: requests=2.25.0,...