47884 matches found
Web Based Online Hotel Booking System 0.1.0 - Authentication Bypass
Exploit Title: Web Based Online Hotel Booking System 0.1.0 - Authentication Bypass Date: 2020-07-03 Exploit Author: KeopssGroup0day,Inc Vendor Homepage: https://github.com/mrzulkarnine/Web-based-hotel-booking-system Software Link: https://github.com/mrzulkarnine/Web-based-hotel- booking-system...
Ubuntu 19.10 - ubuntu-aufs-modified mmap_region() Breaks Refcounting in overlayfs/shiftfs Error Path
Tested on 19.10. Ubuntu's aufs kernel patch includes the following change which I interestingly can't see in the AUFS code at https://github.com/sfjro/aufs5-linux/blob/master/mm/mmap.c: ================================================================== +define vmafputvma vmadofputvma, func, LINE...
IBM Security Verify Access 10.0.0 - Open Redirect during OAuth Flow
Exploit Title : IBM Security Verify Access 10.0.0 - Open Redirect during OAuth Flow ======== ================================================ 0. Overview 1. Detailed Description 2. Proof Of Concept 3. Solution 4. Disclosure Timeline 5. References 6. Credits 7. Legal Notices ========...
SPA-Cart eCommerce CMS 1.9.0.3 - Reflected XSS
Exploit Title: SPA-Cart eCommerce CMS 1.9.0.3 - Reflected XSS Exploit Author: CraCkEr Date: 20/08/2023 Vendor: SPA-Cart Vendor Homepage: https://spa-cart.com/ Software Link: https://demo.spa-cart.com/ Version: 1.9.0.3 Tested on: Windows 10 Pro Impact: Manipulate the content of the site CVE:...
Jobpilot v2.61 - SQL Injection
Exploit Title: Jobpilot v2.61 - SQL Injection Date: 2023-06-17 Exploit Author: Ahmet Ümit BAYRAM Vendor: https://codecanyon.net/item/jobpilot-job-portal-laravel-script/37897822 Demo Site: https://jobpilot.templatecookie.com Tested on: Kali Linux CVE: N/A ----- PoC: SQLi ----- Parameter: long GET...
College Management System 1.0 - 'course_code' SQL Injection (Authenticated)
Exploit Title: College Management System - 'coursecode' SQL Injection Authenticated Date: 2022-24-03 Exploit Author: Eren Gozaydin Vendor Homepage: https://code-projects.org/college-management-system-in-php-with-source-code/ Software Link:...
Zenario CMS 9.0.54156 - Remote Code Execution (RCE) (Authenticated)
Exploit Title: Zenario CMS 9.0.54156 - Remote Code Execution RCE Authenticated Date: 04/02/2022 Exploit Author: minhnq22 Vendor Homepage: https://zenar.io/ Software Link: https://zenar.io/download-page Version: 9.0.54156 Tested on: Ubuntu 21.04 CVE : CVE-2021–42171 Python3 import os import sys...
Baixar GLPI Project 9.4.6 - SQLi
Exploit Title: Baixar GLPI Project 9.4.6 - SQLi Date: 10/12 Exploit Author: Joas Antonio Vendor Homepage: https://glpi-project.org/pt-br/ https://www.blueonyx.it/ Software Link: https://glpi-project.org/pt-br/baixar/ Version: GLPI - 9.4.6 Tested on: Windows/Linux CVE : CVE-2021-44617 POC1:...
WAGO 750-8212 PFC200 G2 2ETH RS - Privilege Escalation
Exploit Title: WAGO 750-8212 PFC200 G2 2ETH RS Privilege Escalation Date: 02/16/2022 Exploit Author: Momen Eldawakhly Cyber Guy at Cypro AB Vendor Homepage: https://www.wago.com Version: Firmware version 03.05.1017 Tested on: PopOS! Linux ======================================== = The ordinary us...
WordPress Plugin Backup and Restore 1.0.3 - Arbitrary File Deletion
Exploit Title: WordPress Plugin Backup and Restore 1.0.3 - Arbitrary File Deletion Date: 11/07/2021 Exploit Author: Murat DEMIRCI @butterflyhunt3r Vendor Homepage: https://www.miniorange.com/ Software Link: https://wordpress.org/plugins/backup-and-restore-for-wp/ Version: 1.0.3 Tested on : Window...
IntelliChoice eFORCE Software Suite 2.5.9 - Username Enumeration
Exploit Title: IntelliChoice eFORCE Software Suite 2.5.9 - Username Enumeration Date: 03.05.2021 Exploit Author: LiquidWorm Vendor Homepage: https://www.eforcesoftware.com IntelliChoice eFORCE Software Suite v2.5.9 Username Enumeration Vendor: IntelliChoice, Inc. Product web page:...
Simple CRM 3.0 - 'email' SQL injection (Authentication Bypass)
Exploit Title: Simple CRM 3.0 - 'email' SQL injection Authentication Bypass Date: 22/06/2021 Exploit Author: Rinku Kumar rinku191 Vendor Homepage: https://phpgurukul.com/ Software Link: https://phpgurukul.com/small-crm-php/ Version: 3.0 Category: Webapps Tested on: Apache2+MariaDB latest version...
WebSSH for iOS 14.16.10 - 'mashREPL' Denial of Service (PoC)
Exploit Title: WebSSH for iOS 14.16.10 - 'mashREPL' Denial of Service PoC Author: Luis Martinez Discovery Date: 2021-05-18 Vendor Homepage: https://apps.apple.com/mx/app/webssh-ssh-client/id497714887 Software Link: App Store for iOS devices Tested Version: 14.16.10 Vulnerability Type: Denial of...
openMAINT openMAINT 2.1-3.3-b - 'Multiple' Persistent Cross-Site Scripting
Exploit Title: openMAINT openMAINT 2.1-3.3-b - 'Multiple' Persistent Cross-Site Scripting Date: 13/03/2021 Exploit Author: Hosein Vita Vendor Homepage: https://www.openmaint.org/ Software Link: https://sourceforge.net/projects/openmaint/files/2.1/Core%20updates/openmaint-2.1-3.3.1/ Version: 2.1-3...
Seacms 11.1 - 'ip and weburl' Remote Command Execution
Exploit Title: Seacms 11.1 - 'ip and weburl' Remote Command Execution Date: 20201212 Exploit Author: j5s Vendor Homepage: https://www.seacms.net/ Software Link: https://www.seacms.net/ Version: 11.1 POST /SeaCMS111/5f9js3/adminip.php?action=set HTTP/1.1 Host: 192.168.137.139 User-Agent: Mozilla/5...
Warehouse Inventory System 1.0 - Cross-Site Request Forgery (Change Admin Password)
Exploit Title: Warehouse Inventory System 1.0 - Cross-Site Request Forgery Change Admin Password Exploit Author: Bobby Cooke boku & Adeeb Shah @hyd3sec Date: 2020-08-09 Vendor Homepage: https://oswapp.com Software Link: https://github.com/siamon123/warehouse-inventory-system/archive/master.zip...
All-Dynamics Digital Signage System 2.0.2 - Cross-Site Request Forgery (Add Admin)
Exploit Title: All-Dynamics Digital Signage System 2.0.2 - Cross-Site Request Forgery Add Admin Discovery by: LiquidWorm Discovery Date: 2020-08-05 Vendor Homepage: https://www.all-dynamics.de !-- All-Dynamics Software enlogic:show Digital Signage System 2.0.2 CSRF Add Admin Vendor: All-Dynamics...
Centreon 19.10.5 - Database Credentials Disclosure
Exploit Title: Centreon 19.10.5 - Database Credentials Disclosure Date: 2020-01-27 Exploit Author: Fabien AUNAY, Omri Baso Vendor Homepage: https://www.centreon.com/ Software Link: https://github.com/centreon/centreon Version: 19.10.5 Tested on: CentOS 7 CVE : - Centreon 19.10.5 Database...
Microsoft Windows - Escalate UAC Protection Bypass (Via dot net profiler) (Metasploit)
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Windows Escalate UAC Protection Bypass Via dot net profiler', 'Description' = %q Microsoft Windows allows for the automatic loading of a profilin...
Ajenti 2.1.31 - Remote Code Exection (Metasploit)
Exploit Title: Ajenti 2.1.31 - Remote Code Exection Metasploit Date: 2019-10-29 Exploit Author: Onur ER Vendor Homepage: http://ajenti.org/ Software Link: https://github.com/ajenti/ajenti Version: 2.1.31 Tested on: Ubuntu 19.10 This module requires Metasploit: https://metasploit.com/download...
HC10 HC.Server Service 10.14 - Remote Invalid Pointer Write
Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/HC10-HC.SERVER-10.14-REMOTE-INVALID-POINTER-WRITE.txt + ISR: ApparitionSec Vendor www.hostingcontroller.com Product HC10 HC.Server Service 10.14 HC10 is a unified hosting...
Supra Smart Cloud TV - 'openLiveURL()' Remote File Inclusion
Exploit Title: Remote file inclusion Date: 03-06-2019 Exploit Author: Dhiraj Mishra Vendor Homepage: https://supra.ru Software Link: https://supra.ru/catalog/televizory/televizorsuprastvlc40lt0020f/ CVE: CVE-2019-12477 References: https://nvd.nist.gov/vuln/detail/CVE-2019-12477...
RealVNC - Authentication Bypass (Metasploit)
$Id: realvnc41bypass.rb 13641 2011-08-26 04:40:21Z bannedit $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...
Samba 3.3.5 - Format String / Security Bypass
source: https://www.securityfocus.com/bid/35472/info Samba is prone to multiple vulnerabilities. Attackers can leverage these issues to execute arbitrary code within the context of the vulnerable application or to bypass certain security restrictions. Samba 3.0.31 through 3.3.5 are affected. The...
UUCP - File Creation/Overwriting Symlinks
/ root exploit: multiple subsystem errors allowing root exploit bashack.c - Thu Nov 30 21:50:50 NZDT 2000 redhat 6.1 /etc/rc.d/ and scripts that are trusting the untrustworthy. /bin/sh acts silly when u get it to use the include define FNAME "/usr/man/man1/last.1.gz;export PATH=...
Microsoft Outlook - Remote Code Execution (RCE)
Titles: Microsoft Outlook - Remote Code Execution RCE Author: nu11secur1ty Date: 07/06/2025 Vendor: Microsoft Software: https://www.microsoft.com/en-us/microsoft-365/outlook/log-in Reference: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-47176...
Sitecore 10.4 - Remote Code Execution (RCE)
Exploit Title: Sitecore 10.4 - Remote Code Execution RCE Exploit Author: Yesith Alvarez Vendor Homepage: https://developers.sitecore.com/downloads Version: Sitecore 10.3 - 10.4 CVE : CVE-2025-27218 Link: https://github.com/yealvarez/CVE/blob/main/CVE-2025-27218/exploit.py from requests import...
Microsoft Windows - NTLM Hash Leak Malicious Windows Theme
Exploit Title: CVE-2024-21320 - NTLM Hash Leak via Malicious Windows Theme Date: 02/03/2025 Exploit Author: Abinesh Kamal K U CVE : CVE-2024-21320 Ref: https://www.cve.org/CVERecord?id=CVE-2024-21320 Step 1: Install Responder Responder is a tool to capture NTLM hashes over SMB. git clone...
WBCE 1.6.0 - Unauthenticated SQL injection
Exploit Title: |Unauthenticated SQL injection in WBCE 1.6.0 Date: 15.11.2023 Exploit Author: young pope Vendor Homepage: https://github.com/WBCE/WBCECMS Software Link: https://github.com/WBCE/WBCECMS/archive/refs/tags/1.6.0.zip Version: 1.6.0 Tested on: Kali linux CVE : CVE-2023-39796 There is an...
TP-Link TL-WR740N - Buffer Overflow 'DOS'
Exploit Title: TP-Link TL-WR740N - Buffer Overflow 'DOS' Date: 8/12/2023 Exploit Author: Anish Feroz ZEROXINN Vendor Homepage: http://www.tp-link.com Version: TP-Link TL-WR740n 3.12.11 Build 110915 Rel.40896n Tested on: TP-Link TL-WR740N Description: There exist a buffer overflow vulnerability in...
Shelly PRO 4PM v0.11.0 - Authentication Bypass
!/bin/bash Exploit Title: Shelly PRO 4PM v0.11.0 - Authentication Bypass Google Dork: NA Date: 2nd August 2023 Exploit Author: The Security Team exploitsecurity.io Exploit Blog: https://www.exploitsecurity.io/post/cve-2023-33383-authentication-bypass-via-an-out-of-bounds-read-vulnerability Vendor...
Pydio Cells 4.1.2 - Unauthorised Role Assignments
Exploit Title: Pydio Cells 4.1.2 - Unauthorised Role Assignments Affected Versions: 4.1.2 and earlier versions Fixed Versions: 4.2.0, 4.1.3, 3.0.12 Vulnerability Type: Privilege Escalation Security Risk: high Vendor URL: https://pydio.com/ Vendor Status: notified Advisory URL:...
Simple Food Ordering System v1.0 - Cross-Site Scripting (XSS)
Exploit Title: Simple Food Ordering System v1.0 - Cross-Site Scripting XSS Exploit Author: Muhammad Navaid Zafar Ansari Date: 17 February 2023 CVE Assigned: CVE-2023-0902 mitre.org nvd.nist.org Vendor Homepage: https://www.sourcecodester.com Software Link: Simple Food Ordering System Version: v 1...
SAM SUNNY TRIPOWER 5.0 - Insecure Direct Object Reference (IDOR)
Exploit Title: SAM SUNNY TRIPOWER 5.0 - Insecure Direct Object Reference IDOR Date: 7/4/2022 Exploit Author: Momen Eldawakhly Cyber Guy Vendor Homepage: https://www.sma.de Version: SUNNY TRIPOWER 5.0 Firmware version 3.10.16.R Tested on: Linux Firefox CVE : CVE-2021-46416 Proof of Concept...
Atom CMS 2.0 - Remote Code Execution (RCE)
Exploit Title: Atom CMS 2.0 - Remote Code Execution RCE Date: 22.03.2022 Exploit Author: Ashish Koli Shikari Vendor Homepage: https://thedigitalcraft.com/ Software Link: https://github.com/thedigicraft/Atom.CMS Version: 2.0 Tested on: Ubuntu 20.04.3 LTS CVE: CVE-2022-25487 Description This script...
WordPress Plugin Filterable Portfolio Gallery 1.0 - 'title' Stored Cross-Site Scripting (XSS)
Exploit Title: WordPress Plugin Filterable Portfolio Gallery 1.0 - 'title' Stored Cross-Site Scripting XSS Date: 10/25/2021 Exploit Author: Murat DEMIRCI @butterflyhunt3r Vendor Homepage: http://www.filterable-portfolio.com/ Software Link: https://wordpress.org/plugins/fg-gallery/ Version: 1.0...
Denver Smart Wifi Camera SHC-150 - 'Telnet' Remote Code Execution (RCE)
Exploit Title: Denver Smart Wifi Camera SHC-150 - 'Telnet' Remote Code Execution RCE Date: 27 July 2021 Exploit Author: Ivan Nikolsky enty8080 Vendor Homepage: https://denver.eu/products/smart-home-security/denver-shc-150/c-1024/c-1243/p-3824 Version: Denver SHC-150 all firmware versions Tested o...
Artworks Gallery Management System 1.0 - 'id' SQL Injection
Exploit Title: Artworks Gallery Management System 1.0 - 'id' SQL Injection Exploit Author: Vijay Sachdeva Date: 2020-12-22 Vendor Homepage: https://www.sourcecodester.com/php/14634/artworks-gallery-management-system-php-full-source-code.html Software Link:...
BIG-IP 15.0.0 < 15.1.0.3 / 14.1.0 < 14.1.2.5 / 13.1.0 < 13.1.3.3 / 12.1.0 < 12.1.5.1 / 11.6.1 < 11.6.5.1 - Traffic Management User Interface 'TMUI' Remote Code Execution
!/bin/bash EDB Note Download https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/48642.zip Exploit Title: F5 BIG-IP Remote Code Execution Date: 2020-07-06 Exploit Authors: Charles Dardaman of Critical Start, TeamARES Rich Mirch of Critical Start, TeamARES CVE:...
DeviceViewer 3.12.0.1 - 'add user' Local Buffer Overflow (DEP Bypass)
Exploit Title: Sricam DeviceViewer 3.12.0.1 - 'add user' Local Buffer Overflow DEP Bypass Date: 08/10/2019 Exploit Author: Alessandro Magnosi Vendor Homepage: http://www.sricam.com/ Software Link: http://download.sricam.com/Manual/DeviceViewer.exe Version: v3.12.0.1 Exploit type: Local Tested on:...
macOS iMessage - Heap Overflow when Deserializing
There is a heap overflow in NSURL initWithCoder: that can be reached via iMessage and likely other paths. When an NSURL is deserialized, one property its plist can contain is NS.minimalBookmarkData, which is then used as a parameter for NSURL...
Linux Kernel 4.4.0-21 < 4.4.0-51 (Ubuntu 14.04/16.04 x64) - 'AF_PACKET' Race Condition Privilege Escalation
/ chocoboroot.c linux AFPACKET race condition exploit for CVE-2016-8655. Includes KASLR and SMEP/SMAP bypasses. For Ubuntu 14.04 / 16.04 x8664 kernels 4.4.0 before 4.4.0-53.74. All kernel offsets have been tested on Ubuntu / Linux Mint. vroom vroom ============================== user@ubuntu:$ una...
Google Android 5.0.1 - Metaphor Stagefright (ASLR Bypass)
Source: https://github.com/NorthBit/Metaphor Metaphor - Stagefright with ASLR bypass By Hanan Be'er from NorthBit Ltd. Link to whitepaper: https://raw.githubusercontent.com/NorthBit/Public/master/NorthBit-Metaphor.pdf Twitter: https://twitter.com/HighByte Metaphor's source code is now released! T...
McAfee Agent 5.7.6 - Insecure Storage of Sensitive Information
Exploit Title: McAfee Agent 5.7.6 - Insecure Storage of Sensitive Information Date: 24 June 2025 Exploit Author: Keenan Scott Vendor Homepage: hxxps://www.mcafee.com/ Software Download: N/A Unable to find Version: Arguments CmdletBinding param string$DbSource =...
JUX Real Estate 3.4.0 - SQL Injection
Exploit Title: JUX Real Estate 3.4.0 - SQL Injection Exploit Author: CraCkEr Date: 26/02/2025 Vendor: JoomlaUX Vendor Homepage: https://joomlaux.com/ Software Link: https://extensions.joomla.org/extension/jux-real-estate/ Demo Link: http://demo.joomlaux.com/jux-real-estate Tested on: Windows 11 P...
Webedition CMS v2.9.8.8 - Blind SSRF
Exploit Title: Webedition CMS v2.9.8.8 - Blind SSRF Application: Webedition CMS Version: v2.9.8.8 Bugs: Blind SSRF Technology: PHP Vendor URL: https://www.webedition.org/ Software Link: https://download.webedition.org/releases/OnlineInstaller.tgz?p=1 Date of found: 07.09.2023 Author: Mirabbas...
rConfig 3.9.5 - Remote Code Execution (Unauthenticated)
Exploit Title: rConfig 3.9.5 - Remote Code Execution Unauthenticated Google Dork: N/A Date: 2020-10-13 Exploit Author: Daniel Monzón stark0de Vendor Homepage: https://www.rconfig.com/ Software Link: https://www.rconfig.com/downloads/rconfig-3.9.5.zip Version: rConfig v3.9.5 Tested on: CentOS 7 x6...
Online Discussion Forum Site 1.0 - Remote Code Execution
Exploit Title: Online Discussion Forum Site 1.0 - Remote Code Execution Google Dork: N/A Date: 2020-05-24 Exploit Author: Selim Enes 'Enesdex' Karaduman Vendor Homepage: https://www.sourcecodester.com/php/14233/online-discussion-forum-site.html Software Link:...
minaliC 2.0.0 - Denied of Service
!/usr/bin/perl use Socket; Exploit Title: minaliC 2.0.0 - Denial of Service DoS Discovery by: Fernando Mengali Discovery Date: 03 january 2024 Vendor Homepage: http://minalic.sourceforge.net/ Notification vendor: No reported Tested Version: minaliC 2.0.0 Tested on: Window XP Professional - Servic...
DS Wireless Communication - Remote Code Execution
Exploit Title: DS Wireless Communication Remote Code Execution Date: 11 Oct 2023 Exploit Author: MikeIsAStar Vendor Homepage: https://www.nintendo.com Version: Unknown Tested on: Wii CVE: CVE-2023-45887 """This code will inject arbitrary code into a client's game. You are fully responsible for al...