47904 matches found
SharePoint Workflows - XOML Injection (Metasploit)
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'SharePoint Workflows XOML Injection', 'Description' = %q This module exploits a vulnerability within SharePoint and its .NET backend that allows ...
Torrent 3GP Converter 1.51 - Stack Overflow (SEH)
Exploit Title: Torrent 3GP Converter 1.51 - Stack Overflow SEH Exploit Author: boku Date: 2020-01-24 Software Vendor: torrentrockyou Vendor Homepage: http://www.torrentrockyou.com Software Link: http://www.torrentrockyou.com/download/tr3gpconverter.exe Version: Torrent 3GP Converter Version 1.51...
Product Key Explorer 4.2.0.0 - 'Name' Denial of Service (POC)
Exploit Title: Product Key Explorer 4.2.0.0 - 'Name' Denial of Service POC Discovery by: SajjadBnd Date: 2019-12-10 Vendor Homepage: http://www.nsauditor.com Software Link: http://www.nsauditor.com/downloads/productkeyexplorersetup.exe Tested Version: 4.2.0.0 Vulnerability Type: Denial of Service...
Bludit - Directory Traversal Image File Upload (Metasploit)
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "Bludit Directory Traversal Image File Upload Vulnerability", 'Description' = %q This module exploits a vulnerability in Bludit. A remote user cou...
Dahua DVR 2.608.0000.0/2.608.GV00.0 - Authentication Bypass (Metasploit)
Dahua DVR Authentication Bypass - CVE-2013-6117 --Summary-- Dahua web-enabled DVRs and rebranded versions do not enforce authentication on their administrative services. Zhejiang Dahua Technology Co., Ltd. http://www.dahuasecurity.com --Affects-- Dahua web-enabled DVRs Dahua-rebranded web-enabled...
Electrolink FM/DAB/TV Transmitter - Pre-Auth MPFS Image Remote Code Execution
Electrolink FM/DAB/TV Transmitter Pre-Auth MPFS Image Remote Code Execution Vendor: Electrolink s.r.l. Product web page: https://www.electrolink.com Affected version: 10W, 100W, 250W, Compact DAB Transmitter 500W, 1kW, 2kW Medium DAB Transmitter 2.5kW, 3kW, 4kW, 5kW High Power DAB Transmitter 100...
Ivanti Avalanche <v6.4.0.0 - Remote Code Execution
""" Exploit Title: Ivanti Avalanche IIIss'.formatself.namesize, self.valuesize, self.type, self.namesize, self.valuesize, self.name, self.value Create a header structure class HP: def initself, hdr, payload: self.hdr = hdr self.payload = payload self.pad = b'\x00' 16 - lenself.hdr + lenself.paylo...
WordPress Plugin WooCommerce Booster Plugin 5.4.3 - Authentication Bypass
Exploit Title: WordPress Plugin WooCommerce Booster Plugin 5.4.3 - Authentication Bypass Date: 2021-09-16 Exploit Author: Sebastian Kriesten 0xB455 Contact: https://twitter.com/0xB455 Affected Plugin: Booster for WooCommerce Plugin Slug: woocommerce-jetpack Vulnerability disclosure:...
WordPress Plugin WP-Paginate 2.1.3 - 'preset' Stored XSS
Exploit Title: WordPress Plugin WP-Paginate 2.1.3 - 'preset' Stored XSS Date: 04-01-2021 Software Link: https://wordpress.org/plugins/wp-paginate/ Exploit Author: Park Won Seok Contact: [email protected] Category: Webapps Version: WP-PaginateVer-2.1.3 CVE : N/A Tested on: Windows 10 x64...
OpenBSD - Dynamic Loader chpass Privilege Escalation (Metasploit)
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'OpenBSD Dynamic Loader chpass Privilege Escalation', 'Description' = %q This module exploits a vulnerability in the OpenBSD ld.so dynamic loader...
AppXSvc 17763 - Arbitrary File Overwrite (DoS)
Exploit Title: AppXSvc 17763 - Arbitrary File Overwrite DoS Date: 2019-10-28 Exploit Author: Gabor Seljan Vendor Homepage: https://www.microsoft.com/ Version: 17763.1.amd64fre.rs5release.180914-1434 Tested on: Windows 10 Version 1809 for x64-based Systems CVE: CVE-2019-1476 Summary: AppXSvc...
Network Management Card 6.2.0 - Host Header Injection
Exploit Title: Network Management Card 6.2.0 - Host Header Injection Google Dork: Date: 2019-11-21 Exploit Author: Amal E Thamban,Kamal Paul Vendor Homepage: https://www.apc.com/in/en/ Software Link: https://www.apc.com/shop/in/en/products/Network-Management-Card Version: v6.2.0 Tested on: Kali...
Cisco Small Business 220 Series - Multiple Vulnerabilities
!/usr/bin/python2.7 """ Subject Realtek Managed Switch Controller RTL83xx PoC 2019 bashis https://www.realtek.com/en/products/communications-network-ics/category/managed-switch-controller Brief description 1. Boa/Hydra suffer of exploitable stack overflow with a 'one byte read-write loop' w/o...
Microsoft Windows - 'SeImpersonatePrivilege' Local Privilege Escalation
source: https://www.securityfocus.com/bid/28833/info Microsoft Windows is prone to a privilege-escalation vulnerability. Successful exploits may allow authenticated users to elevate their privileges to NetworkService. This allows attackers to execute code with elevated privileges and aids in...
Wordpress Plugin Background Image Cropper v1.2 - Remote Code Execution
Exploit Title: Wordpress Plugin Background Image Cropper v1.2 - Remote Code Execution Date: 2024-04-16 Author: Milad Karimi Ex3ptionaL Contact: [email protected] Zone-H: www.zone-h.org/archive/notifier=Ex3ptionaL Vendor Homepage: https://wordpress.org Software Link:...
Gitea 1.16.6 - Remote Code Execution (RCE) (Metasploit)
Exploit Title: Gitea Git Fetch Remote Code Execution Date: 09/14/2022 Exploit Author: samguy Vendor Homepage: https://gitea.io Software Link: https://dl.gitea.io/gitea/1.16.6 Version: 'Gitea Git Fetch Remote Code Execution', 'Description' = %q This module exploits Git fetch command in Gitea...
RealTimes Desktop Service 18.1.4 - 'rpdsvc.exe' Unquoted Service Path
Exploit Title: RealTimes Desktop Service 18.1.4 - 'rpdsvc.exe' Unquoted Service Path Discovery by: Erick Galindo Discovery Date: 2020-11-07 Vendor Homepage: https://www.real.com/ Tested Version: 18.1.4 Vulnerability Type: Unquoted Service Path Tested on OS: Windows 7 Enterprise SP1 x64 es Step to...
CMS Made Simple 2.1.6 - 'cntnt01detailtemplate' Server-Side Template Injection
Exploit Title: CMS Made Simple 2.1.6 - 'cntnt01detailtemplate' Server-Side Template Injection Google Dork: N/A Date: 11/10/2017 Exploit Author: Gurkirat Singh Vendor Homepage: http://www.cmsmadesimple.org/ Software Link: N/A Version: 2.1.6 Tested on: Linux CVE : CVE-2017-16783 POC :...
WordPress Plugin ChopSlider 3.4 - 'id' SQL Injection
Exploit Title: ChopSlider3 Wordpress Plugin3.4 - 'id' SQL Injection Exploit Author: SunCSR Sun Cyber Security Research Google Dork: N/A Date: 2020-05 -12 Vendor Homepage: https://idangero.us/ Software Link: https://github.com/idangerous/Plugins Version: getrow'SELECT FROM ' . CHOPSLIDERTABLENAME...
Zyxel USG FLEX H series uOS 1.31 - Privilege Escalation
Exploit Title: Zyxel USG FLEX H series uOS 1.31 - Privilege Escalation Date: 2025-04-23 Exploit Author: Marco Ivaldi Vendor Homepage: https://www.zyxel.com/ Version: Zyxel uOS V1.31 see https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-= =3D...
GYM MS - GYM Management System - Cross Site Scripting (Stored)
Exploit Title: GYM MS - GYM Management System - Cross Site Scripting Stored Date: 29/09/2023 Vendor Homepage: https://phpgurukul.com/gym-management-system-using-php-and-mysql/ Software Link: https://phpgurukul.com/projects/GYM-Management-System-using-PHP.zip Version: 1.0 Last Update: 31 August 20...
Academy LMS 6.2 - SQL Injection
Exploit Title: Academy LMS 6.2 - SQL Injection Exploit Author: CraCkEr Date: 29/08/2023 Vendor: Creativeitem Vendor Homepage: https://creativeitem.com/ Software Link: https://demo.creativeitem.com/academy/ Tested on: Windows 10 Pro Impact: Database Access CVE: CVE-2023-4974 CWE: CWE-89 / CWE-74 /...
Ruijie Reyee Mesh Router - MITM Remote Code Execution (RCE)
Exploit Title: Ruijie Reyee Wireless Router firmware version B11P204 - MITM Remote Code Execution RCE Date: April 15, 2023 Exploit Author: Mochammad Riyan Firmansyah of SecLab Indonesia Vendor Homepage: https://ruijienetworks.com Software Link:...
Bang Resto v1.0 - Stored Cross-Site Scripting (XSS)
Exploit Title: Bang Resto v1.0 - Stored Cross-Site Scripting XSS Date: 2023-04-02 Exploit Author: Rahad Chowdhury Vendor Homepage: https://www.hockeycomputindo.com/2021/05/restaurant-pos-source-code-free.html Software Link: https://github.com/mesinkasir/bangresto/archive/refs/heads/main.zip...
Xerte 3.10.3 - Directory Traversal (Authenticated)
Exploit Title: Xerte 3.10.3 - Directory Traversal Authenticated Date: 05/03/2021 Exploit Author: Rik Lutz Vendor Homepage: https://xerte.org.uk Software Link: https://github.com/thexerteproject/xerteonlinetoolkits/archive/refs/heads/3.9.zip Version: up until 3.10.3 Tested on: Windows 10 XAMP CVE ...
WordPress Plugin CP Blocks 1.0.14 - Stored Cross Site Scripting (XSS)
Exploit Title: WordPress Plugin CP Blocks 1.0.14 - Stored Cross Site Scripting XSS Date: 2022-02-02 Exploit Author: Shweta Mahajan Vendor Homepage: https://wordpress.org/plugins/cp-blocks/ Software Link: https://wordpress.org/plugins/cp-blocks/ Tested on Windows CVE: CVE-2022-0448 Reference:...
Student Management System 1.0 - SQLi Authentication Bypass
Exploit Title: Student Management System 1.0 - SQLi Authentication Bypass Date: 2020-07-06 Exploit Author: Enes Özeser Vendor Homepage: https://www.sourcecodester.com/php/14268/student-management-system.html Version: 1.0 Tested on: Windows & WampServer CVE: CVE-2020-23935 1- Go to following url...
Aruba Instant 8.7.1.0 - Arbitrary File Modification
Exploit Title: Aruba Instant 8.7.1.0 - Arbitrary File Modification Date: 15/07/2021 Exploit Author: Gr33nh4t Vendor Homepage: https://www.arubanetworks.com/ Version: Aruba Instant 6.4.x: 6.4.4.8-4.2.4.17 and below Aruba Instant 6.5.x: 6.5.4.18 and below Aruba Instant 8.3.x: 8.3.0.14 and below Aru...
Monitoring System (Dashboard) 1.0 - 'uname' SQL Injection
Exploit Title: Monitoring System Dashboard 1.0 - 'uname' SQL Injection Exploit Author: Richard Jones Date: 2021-01-26 Vendor Homepage: https://www.sourcecodester.com/php/11741/monitoring-system-dashboard.html Software Link:...
Interview Management System 1.0 - 'id' SQL Injection
Exploit Title: Interview Management System 1.0 - 'id' SQL Injection Exploit Author: Saeed Bala Ahmed r0b0tG4nG Date: 2020-12-10 Google Dork: N/A Vendor Homepage: https://www.sourcecodester.com/php/14585/interview-management-system-phpmysqli-full-source-code.html Software Link:...
BigTree CMS 4.4.10 - Remote Code Execution
Exploit Title: BigTree CMS 4.4.10 - Remote Code Execution Google Dork: " BigTree CMS " Date: 2020-25-09 Exploit Author: SunCSR ThienNV and HoaVT - Sun Cyber Security Research Vendor Homepage: https://www.bigtreecms.org/ Software Link: https://www.bigtreecms.org/ Version: 4.4.10 Tested on: Windows...
Dolibarr 11.0.3 - Persistent Cross-Site Scripting
Title: Dolibarr 11.0.3 - Persistent Cross-Site Scripting Author: Mehmet Kelepce / Gais Cyber Security Date : 2020-04-14 Vendor: https://www.dolibarr.org/ Exploit-DB Author ID: 8763 Remotely Exploitable: Yes Dynamic Coding Language: PHP CVSSv3 Base Score: 7.4 AV:N, AC:L, PR:L, UI:N, S:C, C:L, I:L,...
Apache Pluto 3.0.0 / 3.0.1 - Persistent Cross-Site Scripting
Exploit Title: Stored XSS Date: 25-04-2019 Exploit Author: Dhiraj Mishra Vendor Homepage: https://portals.apache.org/pluto Software Link: https://portals.apache.org/pluto/download.html Version: 3.0.0, 3.0.1 Tested on: Ubuntu 16.04 LTS CVE: CVE-2019-0186 References:...
SimplePress CMS 1.0.7 - SQL Injection
Exploit Title: SimplePress CMS 1.0.7 - SQL Injection Dork: N/A Date: 2019-01-24 Exploit Author: Ihsan Sencan Vendor Homepage: https://sourceforge.net/projects/simplepresscms/ Software Link: https://ayera.dl.sourceforge.net/project/simplepresscms/1.0%20alpha/1.0.7alpha.zip Version: 1.0.7 Category:...
bludit Pages Editor 3.0.0 - Arbitrary File Upload
Exploit Title: bludit Pages Editor 3.0.0 - Arbitrary File Upload Date: 2018-10-02 Google Dork: N/A Exploit Author: BouSalman Vendor Homepage: https://www.bludit.com/ Software Link: N/A Version: 3.0.0 Tested on: Ubuntu 18.04 CVE : 2018-1000811 POST /admin/ajax/upload-files HTTP/1.1 Host:...
Moodle 2.x/3.x - SQL Injection
Exploit: Moodle SQL Injection via Object Injection Through User Preferences Date: April 6th, 2017 Exploit Author: Marko Belzetski Contact: [email protected] Vendor Homepage: https://moodle.org/ Version: 3.2 to 3.2.1, 3.1 to 3.1.4, 3.0 to 3.0.8, 2.7.0 to 2.7.18 and other unsupported versio...
WEBIGniter v28.7.23 File Upload - Remote Code Execution
Title: WEBIGniter v28.7.23 File Upload - Remote Code Execution Author: nu11secur1ty Date: 09/04/2023 Vendor: https://webigniter.net/ Software: https://webigniter.net/demo Reference: https://portswigger.net/web-security/file-upload Description: The media function suffers from file upload...
Microsoft Office 365 Version 18.2305.1222.0 - Elevation of Privilege + RCE.
Title: Microsoft Office 365 Version 18.2305.1222.0 - Elevation of Privilege + RCE. Author: nu11secur1ty Date: 07.18.2023 Vendor: https://www.microsoft.com/ Software: https://www.microsoft.com/en-us/microsoft-365/microsoft-office Reference: https://portswigger.net/web-security/access-control...
Online Diagnostic Lab Management System 1.0 - Account Takeover (Unauthenticated)
Exploit Title: Online Diagnostic Lab Management System 1.0 - Account Takeover Unauthenticated Date: 11/01/2022 Exploit Author: Himash Vendor Homepage: https://www.sourcecodester.com/php/15129/online-diagnostic-lab-management-system-php-free-source-code.html Software Link:...
Vehicle Parking Tracker System 1.0 - 'Owner Name' Stored Cross-Site Scripting
Exploit Title: Vehicle Parking Tracker System 1.0 - 'Owner Name' Stored Cross-Site Scripting Date: 2021-01-30 Exploit Author: Anmol K Sachan Vendor Homepage: https://phpgurukul.com/ Software Link: https://phpgurukul.com/vehicle-parking-management-system-using-php-and-mysql/ Software: : Vehicle...
PivotX 3.0.0 RC3 - Remote Code Execution (RCE)
Exploit Title: PivotX v3.0.0 RC3 - Stored XSS to Remote Code Execution RCE Date: July 2025 Exploit Author: HayToN Vendor Homepage: https://github.com/pivotx Software Link: https://github.com/pivotx/PivotX Version: 3.0.0 RC3 Tested on: Debian 11, PHP 7.4 CVE : CVE-2025-52367 Vulnerability Type:...
Litespeed Cache WordPress Plugin 6.3.0.1 - Privilege Escalation
Exploit Title: Litespeed Cache WordPress Plugin 6.3.0.1 - Privilege Escalation Date: 2025-06-10 Exploit Author: Milad Karimi Ex3ptionaL Contact: [email protected] Zone-H: www.zone-h.org/archive/notifier=Ex3ptionaL Country: United Kingdom CVE : CVE-2024-28000 import requests import random...
Hospitals Patient Records Management System 1.0 - 'room_types' Stored Cross Site Scripting (XSS)
Exploit Title: Hospitals Patient Records Management System 1.0 - 'roomtypes' Stored Cross Site Scripting XSS Exploit Author: Sant268 Vendor Homepage: https://www.sourcecodester.com/ Software Link:...
Oliver Library Server v5 - Arbitrary File Download
Exploit Title: Oliver Library Server v5 - Arbitrary File Download Date: 14/12/2021 Exploit Authors: Mandeep Singh, Ishaan Vij, Luke Blues, CTRL Group Vendor Homepage: https://www.softlinkint.com/product/oliver/ Product: Oliver Server v5 Version: /oliver/FileServlet?source=serverFile&fileName= 2...
XAMPP 7.4.3 - Local Privilege Escalation
Exploit Title: XAMPP 7.4.3 - Local Privilege Escalation Exploit Author: Salman Asad @deathflash1411 a.k.a LeoBreaker Original Author: Maximilian Barz @S1lkys Date: 27/09/2021 Vendor Homepage: https://www.apachefriends.org Version: XAMPP 7.2.29, 7.3.x 7.3.16 & 7.4.x 7.4.4 Tested on: Windows 10 +...
ApacheOfBiz 17.12.01 - Remote Command Execution (RCE)
Exploit Title: ApacheOfBiz 17.12.01 - Remote Command Execution RCE via Unsafe Deserialization of XMLRPC arguments Date: 2021-08-04 Exploit Author: Álvaro Muñoz, Adrián Díaz s4dbrd Vendor Homepage: https://ofbiz.apache.org/index.html Software Link:...
XOS Shop 1.0.9 - 'Multiple' Arbitrary File Deletion (Authenticated)
Exploit Title: XOS Shop 1.0.9 - 'Multiple' Arbitrary File Deletion Authenticated Date: 2021-07-25 Exploit Author: faisalfs10x https://github.com/faisalfs10x Vendor Homepage: https://xos-shop.com Software Link: https://github.com/XOS-Shop/xosshopsystem/releases/tag/v1.0.9 Version: 1.0.9 Tested on:...
Phone Shop Sales Managements System 1.0 - Arbitrary File Upload
Exploit Title: Phone Shop Sales Managements System 1.0 - 'Multiple' Arbitrary File Upload to Remote Code Execution Date: 2021-07-06 Exploit Author: faisalfs10x https://github.com/faisalfs10x Vendor Homepage: https://www.sourcecodester.com/ Software Link:...
Accela Civic Platform 21.1 - 'successURL' Cross-Site-Scripting (XSS)
Exploit Title: Accela Civic Platform 21.1 - 'successURL' Cross-Site-Scripting XSS Software Link: https://www.accela.com/civic-platform/ Version: = 21.1 Author: Abdulazeez Alaseeri Tested on: JBoss server/windows Type: Web App Date: 07/06/2021 CVE-2021-34370...
Microsoft Outlook - Remote Code Execution (RCE)
Titles: Microsoft Outlook - Remote Code Execution RCE Author: nu11secur1ty Date: 07/06/2025 Vendor: Microsoft Software: https://www.microsoft.com/en-us/microsoft-365/outlook/log-in Reference: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-47176...