47904 matches found
WBCE CMS v1.6.2 - Remote Code Execution (RCE)
Exploit Title: WBCE CMS v1.6.2 - Remote Code Execution RCE Date: 3/5/2024 Exploit Author: Ahmet Ümit BAYRAM Vendor Homepage: https://wbce-cms.org/ Software Link: https://github.com/WBCE/WBCECMS/archive/refs/tags/1.6.2.zip Version: 1.6.2 Tested on: MacOS import requests from bs4 import BeautifulSo...
Rocket LMS 1.9 - Persistent Cross Site Scripting (XSS)
Title: Rocket LMS 1.9 - Persistent Cross Site Scripting XSS Date: 04/16/2024 Exploit Author: Sergio Medeiros Vendor Homepage: https://codecanyon.net/item/rocket-lms-learning-management-academy-script/33120735 Software Link: https://lms.rocket-soft.org Version: 1.9 Tested on Firefox and Chrome...
Prison Management System - SQL Injection Authentication Bypass
Exploit : Prison Management System Using PHP -SQL Injection Authentication Bypass Date: 15/03/2024 Exploit Author: Sanjay Singh Vendor Homepage: https://www.sourcecodester.com Software Link:https://www.sourcecodester.com/sql/17287/prison-management-system.html Tested on: Windows ,XAMPP CVE :...
Freefloat FTP Server 1.0 - 'PWD' Remote Buffer Overflow
Exploit title: Freefloat FTP Server 1.0 - 'PWD' Remote Buffer Overflow Date: 08/22/2023 Exploit Author: Waqas Ahmed Faroouqi ZEROXINN Vendor Homepage: http://www.freefoat.com Version: 1.0 Tested on Windows XP SP3 !/usr/bin/python import socket Metasploit Shellcode msfvenom -p...
Jedox 2022.4.2 - Remote Code Execution via Directory Traversal
Exploit Title: Jedox 2022.4.2 - Remote Code Execution via Directory Traversal Date: 28/04/2023 Exploit Author: Team Syslifters / Christoph MAHRL, Aron MOLNAR, Patrick PIRKER and Michael WEDL Vendor Homepage: https://jedox.com Version: Jedox 2022.4 22.4.2 and older CVE : CVE-2022-47875 Introductio...
qdPM 9.2 - Cross-site Request Forgery (CSRF)
Exploit Title: qdPM 9.2 - Cross-site Request Forgery CSRF Google Dork: NA Date: 03/27/2022 Exploit Author: Chetanya Sharma @AggressiveUser Vendor Homepage: https://qdpm.net/ Software Link: https://sourceforge.net/projects/qdpm/files/latest/download Version: 9.2 Tested on: KALI OS CVE :...
Sysax FTP Automation 6.9.0 - Privilege Escalation
Exploit Author: bzyo @bzyo Exploit Title: Sysax FTP Automation 6.9.0 - Privilege Escalation Date: 03-20-2022 Vulnerable Software: Sysax FTP Automation 6.9.0 Vendor Homepage: https://www.sysax.com/ Version: 6.9.0 Software Link: https://www.sysax.com/download/sysaxautosetup.msi Tested on: Windows 1...
Gestionale Open 11.00.00 - Local Privilege Escalation
Exploit Title: Gestionale Open 11.00.00 - Local Privilege Escalation Date: 2021-07-19 Author: Alessandro 'mindsflee' Salzano Vendor Homepage: https://www.gestionaleopen.org/ Software Homepage: https://www.gestionaleopen.org/ Software Link:...
NIMax 5.3.1f0 - 'VISA Alias' Denial of Service (PoC)
Exploit Title: NIMax 5.3.1f0 - 'VISA Alias' Denial of Service PoC Date: 24/06/2021 Exploit Author: LinxzSec Vulnerability: Local Denial of Service DoS Vendor Homepage: https://www.ni.com/en-gb.html Software Link: License Required -...
Profiling System for Human Resource Management 1.0 - Remote Code Execution (Unauthenticated)
Exploit Title: Profiling System for Human Resource Management 1.0 - Remote Code Execution Unauthenticated Date: 19-03-2021 Exploit Author: Christian Vierschilling Vendor Homepage: https://www.sourcecodester.com Software Link:...
Small CRM 2.0 - 'email' SQL Injection
Exploit Title: Small CRM 2.0 - 'email' SQL Injection Google Dork: N/A Date: 2020-10-10 Exploit Author: Ahmet Ümit BAYRAM Vendor Homepage: https://phpgurukul.com/ Software Link: https://phpgurukul.com/small-crm-php/ Version: V2.0 Tested on: Kali Linux CVE : N/A ========== Vulnerable Code =========...
Extreme Networks Aerohive HiveOS 11.0 - Remote Denial of Service (PoC)
Exploit title : Extreme Networks Aerohive HiveOS 11.0 - Remote Denial of Service PoC Exploit Author : LiquidWorm Date : 2020-05-06 Vendor: Extreme Networks Product web page: https://www.extremenetworks.com Datasheet: https://www.aerohive.com/wp-content/uploads/AerohiveDatasheetHiveOS.pdf Affected...
WordPress Plugin Photo Gallery 1.5.34 - Cross-Site Scripting (2)
Exploit Title: WordPress Plugin Photo Gallery by 10Web img src=a onerror='alert2;' 4. Click Save. 5. It will show pop-up confirming existence of XSS vulnerability Timeline 09-01-2019 - Vulnerability Reported 09-03-2019 - Vendor responded 09-04-2019 - New version released 1.5.35 09-10-2019 - Full...
Linux Kernel 3.10.0-514.21.2.el7.x86_64 / 3.10.0-514.26.1.el7.x86_64 (CentOS 7) - SUID Position Independent Executable 'PIE' Local Privilege Escalation
/ CVE-2017-1000253.c - an exploit for CentOS-7 kernel versions 3.10.0-514.21.2.el7.x8664 and 3.10.0-514.26.1.el7.x8664 Copyright C 2017 Qualys, Inc. This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free...
Casdoor < v1.331.0 - '/api/set-password' CSRF
Exploit Title: Casdoor history.pushState'', '', '/'; document.forms0.submit; If a user is logged into the Casdoor Webapp at time of execution, a new user will be created in the app with the following credentials userOwner: builtin userName: admin newPassword: hacked...
Nokia BMC Log Scanner - Remote Code Execution
Exploit Title: Nokia BMC Log Scanner Remote Code Execution Google Dork: N/A Date: November 29, 2023 Exploit Author: Carlos Andres Gonzalez, Matthew Gregory Vendor Homepage: https://www.nokia.com/ Software Link: N/A Version: 13 Tested on: Linux CVE : CVE-2022-45899 Description The BMC Log Scanner...
Bludit 4.0.0-rc-2 - Account takeover
Exploit Title: Bludit 4.0.0-rc-2 - Account takeover Author: nu11secur1ty Date: 04.11.2013 Vendor: https://www.bludit.com/ Software: https://github.com/bludit/bludit/releases/tag/4.0.0-rc-2 Reference: https://www.cloudflare.com/learning/access-management/account-takeover/ Reference:...
Zyxel NWA-1100-NH - Command Injection
Exploit Title: Zyxel NWA-1100-NH - Command Injection Date: 12/4/2022 Exploit Author: Ahmed Alroky Vendor Homepage: https://www.zyxel.com/homepage.shtml Version: ALL BEFORE 2.12 Tested on: Linux CVE : CVE-2021-4039 References :...
iRZ Mobile Router - CSRF to RCE
Exploit Title: iRZ Mobile Router - CSRF to RCE Google Dork: intitle:"iRZ Mobile Router" Date: 2022-03-18 Exploit Author: Stephen Chavez & Robert Willis Vendor Homepage: https://en.irz.ru/ Software Link: https://github.com/SakuraSamuraii/ez-iRZ Version: Routers through 2022-03-16 Tested on: RU21,...
Hospitals Patient Records Management System 1.0 - 'room_types' Stored Cross Site Scripting (XSS)
Exploit Title: Hospitals Patient Records Management System 1.0 - 'roomtypes' Stored Cross Site Scripting XSS Exploit Author: Sant268 Vendor Homepage: https://www.sourcecodester.com/ Software Link:...
COMMAX Smart Home Ruvie CCTV Bridge DVR Service - Config Write / DoS (Unauthenticated)
Exploit Title: COMMAX Smart Home Ruvie CCTV Bridge DVR Service - Config Write / DoS Unauthenticated Date: 02.08.2021 Exploit Author: LiquidWorm Vendor Homepage: https://www.commax.com COMMAX Smart Home Ruvie CCTV Bridge DVR Service Unauthenticated Config Write / DoS Vendor: COMMAX Co., Ltd. Prodc...
SmartFoxServer 2X 2.17.0 - God Mode Console Remote Code Execution
Exploit Title: SmartFoxServer 2X 2.17.0 - God Mode Console Remote Code Execution Date: 29.01.2021 Exploit Author: LiquidWorm Vendor Homepage: https://www.smartfoxserver.com Vendor: gotoAndPlay Product web page: https://www.smartfoxserver.com Affected version: Server: 2.17.0 Remote Admin: 3.2.6...
Kronos WebTA 4.0 - Authenticated Remote Privilege Escalation
Exploit Title: Kronos WebTA 4.0 - Authenticated Remote Privilege Escalation Discovered by: Elwood Buck & Nolan B. Kennedy of Mindpoint Group Exploit Author: Nolan B. Kennedy nxkennedy Discovery date: 2019-09-20 Vendor Homepage: https://www.kronos.com/products/kronos-webta Version: 3.8.x - 4.0...
iNetTools for iOS 8.20 - 'Whois' Denial of Service (PoC)
Exploit Title: iNetTools for iOS 8.20 - 'Whois' Denial of Service PoC Discovery by: Ivan Marmolejo Discovery Date: 2019-11-25 Vendor Homepage: https://apps.apple.com/mx/app/inettools-ping-dns-port-scan/id561659975 Software Link: App Store for iOS devices Tested Version: 8.20 Vulnerability Type:...
pkexec - Race Condition Privilege Escalation
/ Exploit Title: pkexec Race condition CVE-2011-1485 exploit Author: xi4oyu Tested on: rhel 6 CVE : 2011-1485 Linux pkexec exploit by xi4oyu , thx [email protected] Have fun ¡Á U can reach us @ http://www.wooyun.org : / include include include include include include include include include include...
Simple Backup Plugin Python Exploit 2.7.10 - Path Traversal
Exploit Title: Simple Backup Plugin 0: printresponse.text Replace with the desired action for the downloaded content filepath = f'simplebackupfilename' with openfilepath, 'wb' as file: file.writeresponse.content printf'File saved in: filepath' else: print"Nothing was downloaded. You can try to...
Camaleon CMS v2.7.0 - Server-Side Template Injection (SSTI)
Exploit Title: Camaleon CMS v2.7.0 - Server-Side Template Injection SSTI Exploit Author: PARAG BAGUL CVE: CVE-2023-30145 Description Camaleon CMS v2.7.0 was discovered to contain a Server-Side Template Injection SSTI vulnerability via the formats parameter. Affected Component All versions below...
Roxy Fileman 1.4.5 - Arbitrary File Upload
Exploit Title: Roxy Fileman 1.4.5 - Arbitrary File Upload Date: 09/04/2023 Exploit Author: Zer0FauLT [email protected] Vendor Homepage: roxyfileman.com Software Link: https://web.archive.org/web/20190317053437/http://roxyfileman.com/download.php?f=1.4.5-net Version: = 1.4.5 Tested on: Window...
Microsoft Exchange Mailbox Assistants 15.0.847.40 - 'Service MSExchangeMailboxAssistants' Unquoted Service Path
Exploit Title: Microsoft Exchange Mailbox Assistants 15.0.847.40 - 'Service MSExchangeMailboxAssistants' Unquoted Service Path Exploit Author: Antonio Cuomo arkantolo Exploit Date: 2022-04-11 Vendor : Microsoft Version : 15.0.847.40 Tested on OS: Microsoft Exchange Server 2013 SP1 PoC :...
PHPIPAM 1.4.4 - SQLi (Authenticated)
Exploit Title: PHPIPAM 1.4.4 - SQLi Authenticated Google Dork: if applicable Date: 20/01/2022 Exploit Author: Rodolfo "Inc0gbyt3" Tavares Vendor Homepage: https://github.com/phpipam/phpipam Software Link: https://github.com/phpipam/phpipam Version: 1.4.4 Tested on: Linux/Windows CVE :...
OpenAM 13.0 - LDAP Injection
Exploit Title: OpenAM 13.0 - LDAP Injection Date: 03/11/2021 Exploit Author: Charlton Trezevant, GuidePoint Security Vendor Homepage: https://www.forgerock.com/ Software Link: https://github.com/OpenIdentityPlatform/OpenAM/releases/tag/13.0.0,...
Sonicwall SonicOS 7.0 - Host Header Injection
Exploit Title: Sonicwall SonicOS 7.0 - Host Header Injection Google Dork: inurl:"auth.html" intitle:"SonicWall" intitle:"SonicWall Analyzer Login" Discovered Date: 03/09/2020 Reported Date: 07/09/2020 Exploit Author: Ramikan Vendor Homepage:sonicwall.com Affected Devices: All SonicWall Next Gen 6...
Eclipse Mosquitto MQTT broker 2.0.9 - 'mosquitto' Unquoted Service Path
Exploit Title: Eclipse Mosquitto MQTT broker 2.0.9 - 'mosquitto' Unquoted Service Path Discovery by: Riadh Bouchahoua Discovery Date: 19-03-2021 Vendor Homepage: https://mosquitto.org/ Software Links : https://mosquitto.org/download/ Tested Version: 2.0.9 Vulnerability Type: Unquoted Service Path...
WordPress Plugin WP Sitemap Page 1.6.2 - Persistent Cross-Site Scripting
Exploit Title: WordPress Plugin WP Sitemap Page 1.6.2 - Persistent Cross-Site Scripting Dork:N/A Date: 2020-02-17 Exploit Author: UltraSecurityTeam Team Member = Ashkan Moghaddas , AmirMohammad Safari , Behzad khalife , Milad Ranjbar Vendor Homepage: UltraSec.Org Software Link:...
TVT TD-2308SS-B DVR - Directory Traversal
Exploit Title: TVT TD-2308SS-B DVR directory traversal Shodan Dork: "Cross Web Server" Date: 01 Dec 2013 Disclosure date: 10 Sep 2013 Exploit Author: Cesar Neira Vendor Homepage: http://en.tvt.net.cn/ Affected Firmware Versions: 3.1.43.B 3.1.43.P 3.1.6.P-1.0.2.1-03 3.1.75.B-1.0.2.1-00...
Linux Kernel 2.6.37 (RedHat / Ubuntu 10.04) - 'Full-Nelson.c' Local Privilege Escalation
/ Linux Kernel = 2.6.37 local privilege escalation by Dan Rosenberg @djrbliss on twitter Usage: gcc full-nelson.c -o full-nelson ./full-nelson This exploit leverages three vulnerabilities to get root, all of which were discovered by Nelson Elhage: CVE-2010-4258 ------------- This is the interesti...
Faculty Evaluation System v1.0 - SQL Injection
Exploit Title: Faculty Evaluation System v1.0 - SQL Injection Date: 07/2023 Exploit Author: Andrey Stoykov Vendor Homepage: https://www.sourcecodester.com/php/14635/faculty-evaluation-system-using-phpmysqli-source-code.html Software Link:...
CHIYU TCP/IP Converter devices - CRLF injection
Exploit Title: CHIYU TCP/IP Converter devices - CRLF injection Date: May 31 2021 Exploit Author: sirpedrotavares Vendor Homepage: https://www.chiyu-tech.com/msg/msg88.html Software Link: https://www.chiyu-tech.com/category-hardware.html Version: BF-430, BF-431, and BF-450M TCP/IP Converter device...
Collabtive 3.1 - 'address' Persistent Cross-Site Scripting
Exploit Title: Collabtive 3.1 - 'address' Persistent Cross-Site Scripting Date: 2021-01-23 Exploit Author: Deha Berkin Bir Vendor Homepage: https://collabtive.o-dyn.de/ Version: 3.1 Tested on: Windows & XAMPP CVE: CVE-2021-3298 == Tutorial Executed Payloads " onfocus="alert1" autofocus=" HTML...
Sphider Search Engine 1.3.6 - 'word_upper_bound' RCE (Authenticated)
Exploit Title: Sphider Search Engine 1.3.6 - 'wordupperbound' RCE Authenticated Google Dork: intitle:"Sphider Admin Login" Date: 2014-07-28 Exploit Author: Gurkirat Singh Vendor Homepage: http://www.sphider.eu/ Software Link: http://www.sphider.eu/sphider-1.3.6.zip Version: v1.3.6 Tested on:...
Adtec Digital Multiple Products - Default Hardcoded Credentials Remote Root
Exploit Title: Adtec Digital Multiple Products - Default Hardcoded Credentials Remote Root Date: 2020-07-24 Exploit Author: LiquidWorm Software Link: https://www.adtecdigital.com / https://www.adtecdigital.com/support/documents-downloads Version: Multiple Adtec Digital Multiple Products - Default...
Restaurant Reservation System 1.0 - 'date' SQL Injection (Authenticated)
Exploit Title: Restaurant Reservation System 1.0 - 'date' SQL Injection Authenticated Date: 2020-10-05 Exploit Author: b1nary Vendor Homepage: https://www.sourcecodester.com/php/14482/restaurant-reservation-system-php-full-source-code-2020.html Software Link:...
Mida eFramework 2.8.9 - Remote Code Execution
Exploit Title: Mida eFramework 2.8.9 - Remote Code Execution Google Dork: Server: Mida eFramework Date: 2020-08-27 Exploit Author: elbae Vendor Homepage: https://www.midasolutions.com/ Software Link: http://ova-efw.midasolutions.com/ Reference:...
ASX to MP3 converter 3.1.3.7 - '.asx' Local Stack Overflow (DEP Bypass) (Metasploit)
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class MetasploitModule "ASX to MP3 converter 3.1.3.7 - '.asx' Local Stack Overflow DEP", 'Description' = %q This module exploits a stack buffer overfl...
Opencart 3.x - Cross-Site Scripting
Exploit Title: Opencart 3.x.x Authenticated Stored XSS Date: 08/15/2019 Exploit Author: Nipun Somani Author Web: http://thehackerstore.net Vendor Homepage: https://www.opencart.com/ Software Link: https://github.com/opencart/opencart Version: 3.x.x Tested on: Debian 9, Windows 10 x64 CVE :...
ServiceNow Multiple Versions - Input Validation & Template Injection
!/usr/bin/env python3 """ Title : ServiceNow Multiple Versions - Input Validation & Template Injection Date: 2025-01-31 Author: ibrahimsql Vendor: ServiceNow Version: Vancouver, Washington DC, Utah various patches affected from 0 before Utah Patch 10 Hot Fix 3 affected from 0 before Utah Patch 10...
Fortra GoAnywhere MFT 7.4.1 - Authentication Bypass
!/usr/bin/env python3 -- coding: utf-8 -- Exploit Title: Fortra GoAnywhere MFT 7.4.1 - Authentication Bypass Date: 2025-05-25 Exploit Author: @ibrahimsql Exploit Author's github: https://github.com/ibrahimsql Vendor Homepage: https://www.fortra.com/products/secure-file-transfer/goanywhere-mft...
CSZ CMS 1.3.0 - Stored Cross-Site Scripting (Plugin 'Gallery')
Exploit Title: CSZ CMS 1.3.0 - Stored Cross-Site Scripting Plugin 'Gallery' Date: 2023/08/18 CVE: CVE-2023-38911 Exploit Author: Daniel González Vendor Homepage: https://www.cszcms.com/ Software Link: https://github.com/cskaza/cszcms Version: 1.3.0 Tested on: CSZ CMS 1.3.0 Description: CSZ CMS...
WordPress Theme Medic v1.0.0 - Weak Password Recovery Mechanism for Forgotten Password
Exploit Title: WordPress Theme Medic v1.0.0 - Weak Password Recovery Mechanism for Forgotten Password Dork: inurl:/wp-includes/class-wp-query.php Date: 2023-06-19 Exploit Author: Amirhossein Bahramizadeh Category : Webapps Vendor Homepage:...
Pydio Cells 4.1.2 - Server-Side Request Forgery
Exploit Title: Pydio Cells 4.1.2 - Server-Side Request Forgery Affected Versions: 4.1.2 and earlier versions Fixed Versions: 4.2.0, 4.1.3, 3.0.12 Vulnerability Type: Server-Side Request Forgery Security Risk: medium Vendor URL: https://pydio.com/ Vendor Status: notified Advisory URL:...