47904 matches found
Supra Smart Cloud TV - 'openLiveURL()' Remote File Inclusion
Exploit Title: Remote file inclusion Date: 03-06-2019 Exploit Author: Dhiraj Mishra Vendor Homepage: https://supra.ru Software Link: https://supra.ru/catalog/televizory/televizorsuprastvlc40lt0020f/ CVE: CVE-2019-12477 References: https://nvd.nist.gov/vuln/detail/CVE-2019-12477...
PCMan FTP Server 2.0.7 - Buffer Overflow
Exploit Title: PCMan FTP Server 2.0.7 - Buffer Overflow Date: 04/17/2025 Exploit Author: Fernando Mengali Vendor Homepage: http://pcman.openfoundry.org/ Software Link: https://www.exploit-db.com/apps/9fceb6fefd0f3ca1a8c36e97b6cc925d-PCMan.7z Version: 2.0.7 Tested on: Windows XP SP3 - Version 5.1...
Angular-Base64-Upload Library 0.1.21 - Unauthenticated Remote Code Execution (RCE)
Exploit Title: Angular-Base64-Upload Library 0.1.21 - Unauthenticated Remote Code Execution RCE Date: 10 October 2024 Discovered by : Ravindu Wickramasinghe | rvz @rvizx9 Exploit Author: Ravindu Wickramasinghe | rvz @rvizx9 Vendor Homepage: https://www.npmjs.com/package/angular-base64-upload...
AEGON LIFE v1.0 Life Insurance Management System - Stored cross-site scripting (XSS)
Exploit Title: Life Insurance Management Stored System- cross-site scripting XSS Exploit Author: Aslam Anwar Mahimkar Date: 18-05-2024 Category: Web application Vendor Homepage: https://projectworlds.in/ Software Link: https://projectworlds.in/life-insurance-management-system-in-php/ Version: AEG...
NCH Express Invoice - Clear Text Password Storage and Account Takeover
Exploit Title: NCH Express Invoice - Clear Text Password Storage and Account Takeover Google Dork:: intitle:ExpressInvoice - Login Date: 07/Apr/2020 Exploit Author: Tejas Nitin Pingulkar https://cvewalkthrough.com/ Vendor Homepage: https://www.nchsoftware.com/ Software Link:...
PMB 7.4.6 - SQL Injection
Exploit Title: PMB 7.4.6 - SQL Injection Google Dork: inurl:opaccss Date: 2023-01-06 Exploit Author: str0xo DZ Walid Ben https://github.com/Str0xo Vendor Homepage: http://www.sigb.net Software Link: http://forge.sigb.net/redmine/projects/pmb/files Affected versions : = 7.4.6 -==== Software...
WordPress Plugin Welcart e-Commerce 2.0.0 - 'search[order_column][0]' SQL injection
Exploit Title: WordPress Plugin Welcart e-Commerce 2.0.0 - 'searchordercolumn0' SQL injection Date: 04/08 2020 Exploit Author: Erik David Martin Vendor Homepage: https://www.welcart.com/ Software Link: https://downloads.wordpress.org/plugin/usc-e-shop.2.0.0.zip Category: Web Application Version:...
Artworks Gallery Management System 1.0 - 'id' SQL Injection
Exploit Title: Artworks Gallery Management System 1.0 - 'id' SQL Injection Exploit Author: Vijay Sachdeva Date: 2020-12-22 Vendor Homepage: https://www.sourcecodester.com/php/14634/artworks-gallery-management-system-php-full-source-code.html Software Link:...
Microsoft Windows - Escalate UAC Protection Bypass (Via dot net profiler) (Metasploit)
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Windows Escalate UAC Protection Bypass Via dot net profiler', 'Description' = %q Microsoft Windows allows for the automatic loading of a profilin...
WordPress Plugin Popup Builder 3.49 - Persistent Cross-Site Scripting
Exploit Title: Wordpress Popup Builder 3.49 - Persistent Cross-Site Scripting Google Dork: inurl:"\wp-content\plugins\popupbuilder" Date: 2019-06-13 Exploit Author: Unk9vvN Vendor Homepage: https://popup-builder.com/ Software Link: https://wordpress.org/plugins/popup-builder/ Version: 3.49 Tested...
vTiger CRM 6.3.0 - (Authenticated) Remote Code Execution
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Exploit Title: Vtiger CRM = 6.3.0 Authenticated Remote Code Execution Date: 2015-09-28 Exploit Author: Benjamin Daniel Mussler Vendor Homepage: https://www.vtiger.com Software Link: https://www.vtiger.com/open-source-downloads/ Version: 6.3.0 and lowe...
SolarWinds Serv-U 15.4.2 HF1 - Directory Traversal
Exploit Title: SolarWinds Serv-U 15.4.2 HF1 - Directory Traversal Date: 2025-05-28 Exploit Author: @ibrahimsql Exploit Author's github: https://github.com/ibrahimsql Vendor Homepage: https://www.solarwinds.com/serv-u-managed-file-transfer-server Software Link:...
Grokability Snipe-IT 8.0.4 - Insecure Direct Object Reference (IDOR)
Exploit Title: Grokability Snipe-IT 8.0.4 - Insecure Direct Object Reference IDOR Google Dork: N/A Date: 2025-05-02 Exploit Author: Sn1p3r-H4ck3r Siripong Jintung Vendor Homepage: https://snipeitapp.com Software Link: https://github.com/grokability/snipe-it Version: /printassigned endpoint. This...
TP-Link VN020 F3v(T) TT_V6.2.1021 - Buffer Overflow Memory Corruption
Exploit Title: TP-Link VN020 F3vT TTV6.2.1021 - Buffer Overflow Memory Corruption Date: 11/24/2024 Exploit Author: Mohamed Maatallah Vendor Homepage: https://www.tp-link.com Version: TTV6.2.1021 VN020-F3vT Tested on: VN020-F3vT Router Hardware Version 1.0 CVE: CVE-2024-12344 Category: Remote...
User Registration & Login and User Management System v3.0 - SQL Injection (Unauthenticated)
Exploit Title: User Registration & Login and User Management System v3.0 - SQL Injection Unauthenticated Google Dork: NA Date: 19/08/2023 Exploit Author: Ashutosh Singh Umath Vendor Homepage: https://phpgurukul.com Software Link:...
Zenphoto 1.6 - Multiple stored XSS
Exploit Title: Zenphoto 1.6 - Multiple stored XSS Application: Zenphoto-1.6 xss poc Version: 1.6 Bugs: XSS Technology: PHP Vendor URL: https://www.zenphoto.org/news/zenphoto-1.6/ Software Link: https://github.com/zenphoto/zenphoto/archive/v1.6.zip Date of found: 01-05-2023 Author: Mirabbas Ağalar...
Seagate Central Storage 2015.0916 - Unauthenticated Remote Command Execution (Metasploit)
Exploit Title: Seagate Central Storage 2015.0916 - Unauthenticated Remote Command Execution Metasploit Date: Dec 9 2019 Exploit Author: Ege Balci Vendor Homepage: https://www.seagate.com/de/de/support/external-hard-drives/network-storage/seagate-central/ Version: 2015.0916 CVE : 2020-6627 This...
WAGO 750-8212 PFC200 G2 2ETH RS - Privilege Escalation
Exploit Title: WAGO 750-8212 PFC200 G2 2ETH RS Privilege Escalation Date: 02/16/2022 Exploit Author: Momen Eldawakhly Cyber Guy at Cypro AB Vendor Homepage: https://www.wago.com Version: Firmware version 03.05.1017 Tested on: PopOS! Linux ======================================== = The ordinary us...
KeePass 2.44 - Denial of Service (PoC)
Exploit Title : KeePass 2.44 - Denial of Service PoC Product : KeePass Password Safe Version : Help About KeePass Help any local help area Drag&Drop HTML File Save the contents to html. Payload-1: DoS & Run Cmd //=0;i-- tryo+=x.c" + "harAti;catchereturn o;f"\"function fx,yvar i,o=\"\\\""+...
Ajenti 2.1.31 - Remote Code Exection (Metasploit)
Exploit Title: Ajenti 2.1.31 - Remote Code Exection Metasploit Date: 2019-10-29 Exploit Author: Onur ER Vendor Homepage: http://ajenti.org/ Software Link: https://github.com/ajenti/ajenti Version: 2.1.31 Tested on: Ubuntu 19.10 This module requires Metasploit: https://metasploit.com/download...
Apache Tomcat < 9.0.1 (Beta) / < 8.5.23 / < 8.0.47 / < 7.0.8 - JSP Upload Bypass / Remote Code Execution (1)
E-DB Note: https://www.alphabot.com/security/blog/2017/java/Apache-Tomcat-RCE-CVE-2017-12617.html When running on Windows with HTTP PUTs enabled e.g. via setting the readonly initialisation parameter of the Default to false it was possible to upload a JSP file to the server via a specially crafte...
Shelly PRO 4PM v0.11.0 - Authentication Bypass
!/bin/bash Exploit Title: Shelly PRO 4PM v0.11.0 - Authentication Bypass Google Dork: NA Date: 2nd August 2023 Exploit Author: The Security Team exploitsecurity.io Exploit Blog: https://www.exploitsecurity.io/post/cve-2023-33383-authentication-bypass-via-an-out-of-bounds-read-vulnerability Vendor...
Atom CMS 2.0 - Remote Code Execution (RCE)
Exploit Title: Atom CMS 2.0 - Remote Code Execution RCE Date: 22.03.2022 Exploit Author: Ashish Koli Shikari Vendor Homepage: https://thedigitalcraft.com/ Software Link: https://github.com/thedigicraft/Atom.CMS Version: 2.0 Tested on: Ubuntu 20.04.3 LTS CVE: CVE-2022-25487 Description This script...
Baixar GLPI Project 9.4.6 - SQLi
Exploit Title: Baixar GLPI Project 9.4.6 - SQLi Date: 10/12 Exploit Author: Joas Antonio Vendor Homepage: https://glpi-project.org/pt-br/ https://www.blueonyx.it/ Software Link: https://glpi-project.org/pt-br/baixar/ Version: GLPI - 9.4.6 Tested on: Windows/Linux CVE : CVE-2021-44617 POC1:...
Employees Daily Task Management System 1.0 - 'username' SQLi Authentication Bypass
Exploit Title: Employees Daily Task Management System 1.0 - 'username' SQLi Authentication Bypass Exploit Author: able403 Date: 08/12/2021 Vendor Homepage: https://www.sourcecodester.com/php/15030/employee-daily-task-management-system-php-and-sqlite-source-code.html Software Link:...
WordPress Plugin Filterable Portfolio Gallery 1.0 - 'title' Stored Cross-Site Scripting (XSS)
Exploit Title: WordPress Plugin Filterable Portfolio Gallery 1.0 - 'title' Stored Cross-Site Scripting XSS Date: 10/25/2021 Exploit Author: Murat DEMIRCI @butterflyhunt3r Vendor Homepage: http://www.filterable-portfolio.com/ Software Link: https://wordpress.org/plugins/fg-gallery/ Version: 1.0...
WordPress Plugin Media-Tags 3.2.0.2 - Stored Cross-Site Scripting (XSS)
Exploit Title: WordPress Plugin Media-Tags 3.2.0.2 - Stored Cross-Site Scripting XSS Date: 25-10-2021 Exploit Author: Akash Rajendra Patil Vendor Homepage: https://wordpress.org/plugins/media-tags/ Software Link: www.codehooligans.com/projects/wordpress/media-tags/ Version: 3.2.0.2 Tested on...
DiskBoss 7.7.14 - 'Reports and Data Directory' Buffer Overflow (SEH Egghunter)
Exploit Title: DiskBoss 7.7.14 - 'Reports and Data Directory' Buffer Overflow SEH Egghunter Date: 2020-07-26 Exploit Author: MasterVlad Vendor Homepage: https://www.diskboss.com/ Software Link: https://github.com/x00x00x00x00/diskboss7.7.14/raw/master/diskbosssetupv7.7.14.exe Version: 7.7.14...
HC10 HC.Server Service 10.14 - Remote Invalid Pointer Write
Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/HC10-HC.SERVER-10.14-REMOTE-INVALID-POINTER-WRITE.txt + ISR: ApparitionSec Vendor www.hostingcontroller.com Product HC10 HC.Server Service 10.14 HC10 is a unified hosting...
Google Android 5.0.1 - Metaphor Stagefright (ASLR Bypass)
Source: https://github.com/NorthBit/Metaphor Metaphor - Stagefright with ASLR bypass By Hanan Be'er from NorthBit Ltd. Link to whitepaper: https://raw.githubusercontent.com/NorthBit/Public/master/NorthBit-Metaphor.pdf Twitter: https://twitter.com/HighByte Metaphor's source code is now released! T...
Palo Alto Networks Expedition 1.2.90.1 - Admin Account Takeover
Exploit Title: Palo Alto Networks Expedition 1.2.90.1 - Admin Account Takeover Shodan Dork: html:"expedition project" FOFA Dork: "expedition project" && iconhash="1499876150" Exploit Author: ByteHunter Email: [email protected] Vulnerable Versions: 1.2 1.2.92 Tested on: 1.2.90.1 & 1.2.75 CVE ...
Ruijie Switch PSG-5124 26293 - Remote Code Execution (RCE)
Exploit Title: Ruijie Switch PSG-5124 26293 - Remote Code Execution RCE - Shodan Dork: http.htmlhash:-1402735717 - Fofa Dork: body="img/freeloginge.gif" && body="./img/loginbg.gif" - Exploit Author: ByteHunter - Email: [email protected] - Version: PSG-5124LINK SOFTWARE RELEASE:26293 - Tested...
WordPress Plugin Duplicator < 1.5.7.1 - Unauthenticated Sensitive Data Exposure to Account Takeover
Exploit Title: WordPress Plugin Duplicator 1.5.7.1 - Unauthenticated Sensitive Data Exposure to Account Takeover Google Dork: inurl:"plugins/duplicator/" Date: 2023-12-04 Exploit Author: Dmitrii Ignatyev Vendor Homepage:...
Online ID Generator 1.0 - Remote Code Execution (RCE)
Title: Online ID Generator 1.0 - Remote Code Execution RCE Author: nu11secur1ty Date: 08/31/2023 Vendor: https://www.youtube.com/watch?v=JdB9po5DTc Software: https://www.sourcecodester.com/sites/default/files/download/oretnom23/idgenerator0.zip Reference:...
SPA-Cart eCommerce CMS 1.9.0.3 - Reflected XSS
Exploit Title: SPA-Cart eCommerce CMS 1.9.0.3 - Reflected XSS Exploit Author: CraCkEr Date: 20/08/2023 Vendor: SPA-Cart Vendor Homepage: https://spa-cart.com/ Software Link: https://demo.spa-cart.com/ Version: 1.9.0.3 Tested on: Windows 10 Pro Impact: Manipulate the content of the site CVE:...
Pydio Cells 4.1.2 - Unauthorised Role Assignments
Exploit Title: Pydio Cells 4.1.2 - Unauthorised Role Assignments Affected Versions: 4.1.2 and earlier versions Fixed Versions: 4.2.0, 4.1.3, 3.0.12 Vulnerability Type: Privilege Escalation Security Risk: high Vendor URL: https://pydio.com/ Vendor Status: notified Advisory URL:...
Pentaho BA Server EE 9.3.0.0-428 - Remote Code Execution (RCE) (Unauthenticated)
Exploit Title: Pentaho BA Server EE 9.3.0.0-428 - Remote Code Execution RCE Unauthenticated Author: dwbzn Date: 2022-04-04 Vendor: https://www.hitachivantara.com/ Software Link: https://www.hitachivantara.com/en-us/products/lumada-dataops/data-integration-analytics/download-pentaho.html Version:...
WebSSH for iOS 14.16.10 - 'mashREPL' Denial of Service (PoC)
Exploit Title: WebSSH for iOS 14.16.10 - 'mashREPL' Denial of Service PoC Author: Luis Martinez Discovery Date: 2021-05-18 Vendor Homepage: https://apps.apple.com/mx/app/webssh-ssh-client/id497714887 Software Link: App Store for iOS devices Tested Version: 14.16.10 Vulnerability Type: Denial of...
rConfig 3.9.5 - Remote Code Execution (Unauthenticated)
Exploit Title: rConfig 3.9.5 - Remote Code Execution Unauthenticated Google Dork: N/A Date: 2020-10-13 Exploit Author: Daniel Monzón stark0de Vendor Homepage: https://www.rconfig.com/ Software Link: https://www.rconfig.com/downloads/rconfig-3.9.5.zip Version: rConfig v3.9.5 Tested on: CentOS 7 x6...
SunOS 5.10 Generic_147148-26 - Local Privilege Escalation
Exploit: SunOS 5.10 Generic147148-26 - Local Privilege Escalation Date: 2020-01-15 Author: Marco Ivaldi Vendor: www.oracle.com Software Link: https://www.oracle.com/technetwork/server-storage/solaris10/downloads/latest-release/index.html CVE: CVE-2020-2696 / raptordtsessionipa.c - CDE dtsession L...
October CMS - Upload Protection Bypass Code Execution (Metasploit)
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'October CMS Upload Protection Bypass Code Execution', 'Description' = %q This module exploits an Authenticated user with permission to upload and...
Samba 3.3.5 - Format String / Security Bypass
source: https://www.securityfocus.com/bid/35472/info Samba is prone to multiple vulnerabilities. Attackers can leverage these issues to execute arbitrary code within the context of the vulnerable application or to bypass certain security restrictions. Samba 3.0.31 through 3.3.5 are affected. The...
PHPCOIN 1.2.2 - '/includes/db.php?$_CCFG[_PKG_PATH_DBSE]' Traversal Arbitrary File Access
source: https://www.securityfocus.com/bid/15831/info PhpCOIN is prone to a file include vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit this issue to include arbitrary remote PHP code and execute it in the context ...
Social Warfare WordPress Plugin 3.5.2 - Remote Code Execution (RCE)
!/usr/bin/env python3 Exploit Title: Social Warfare WordPress Plugin 3.5.2 - Remote Code Execution RCE Date: 25-06-2025 Exploit Author: Huseyin Mardini @housma Original Researcher: Luka Sikic Original Exploit Author: hash3liZer Vendor Homepage: https://wordpress.org/plugins/social-warfare/ Softwa...
Microsoft Windows 11 Pro 23H2 - Ancillary Function Driver for WinSock Privilege Escalation
Exploit Title: Microsoft Windows 11 Pro 23H2 - Ancillary Function Driver for WinSock Privilege Escalation Date: 2025-05-05 Exploit Author: Milad Karimi Ex3ptionaL Contact: [email protected] Zone-H: www.zone-h.org/archive/notifier=Ex3ptionaL Tested on: Win x64 CVE : CVE-2024-38193 pragma once...
Boss Mini 1.4.0 - local file inclusion
Exploit Title: Boss Mini 1.4.0 - local file inclusion Date: 07/12/2023 Exploit Author: nltt0 https://github.com/nltt-br CVE: CVE-2023-3643 ''' / \ | | / | | / / | | \ --. | | / | |/ | ' \ / |/ / | --. \ | /\ | | | | | | | | | | \ // / /,||,|| ||, |/|// / | |/ ''' from requests import...
Icinga Web 2.10 - Arbitrary File Disclosure
!/usr/bin/env python3 Exploit Title: Icinga Web 2.10 - Arbitrary File Disclosure Date: 2023-03-19 Exploit Author: Jacob Ebben Vendor Homepage: https://icinga.com/ Software Link: https://github.com/Icinga/icingaweb2 Version: 2.8.6, 2.9.6, 2.10 Tested on: Icinga Web 2 Version 2.9.2 on Linux CVE:...
Online Motorcycle (Bike) Rental System 1.0 - Blind Time-Based SQL Injection (Unauthenticated)
Exploit Title: Online Motorcycle Bike Rental System 1.0 - Blind Time-Based SQL Injection Unauthenticated Exploit Author: Chase ComardelleCASO Date: October 18, 2021 Vendor Homepage: https://www.sourcecodester.com/php/14989/online-motorcycle-bike-rental-system-phpoop-source-code.html Software Link...
Purchase Order Management System 1.0 - Remote File Upload
Exploit Title: Purchase Order Management System 1.0 - Remote File Upload Date: 2021-09-14 Exploit Author: Aryan Chehreghani Vendor Homepage: https://www.sourcecodester.com Software Link: https://www.sourcecodester.com/php/14935/purchase-order-management-system-using-php-free-source-code.html...
KevinLAB BEMS 1.0 - Authentication Bypass
Exploit Title: KevinLAB BEMS 1.0 - Unauthenticated SQL Injection / Authentication Bypass Date: 05.07.2021 Exploit Author: LiquidWorm Vendor Homepage: http://www.kevinlab.com Vendor: KevinLAB Inc. Product web page: http://www.kevinlab.com Affected version: 4ST L-BEMS 1.0.0 Building Energy Manageme...