47884 matches found
AEGON LIFE v1.0 Life Insurance Management System - SQL injection vulnerability.
Exploit Title: Life Insurance Management System- SQL injection vulnerability. Exploit Author: Aslam Anwar Mahimkar Date: 18-05-2024 Category: Web application Vendor Homepage: https://projectworlds.in/ Software Link: https://projectworlds.in/life-insurance-management-system-in-php/ Version: AEGON...
WEBIGniter v28.7.23 - Stored XSS
Title: WEBIGniter v28.7.23 XSS Author: RedTeamer IT Security, Mesut Cetin Date: 09/04/2023 Vendor: https://webigniter.net/ Software: https://webigniter.net/demo Reference: https://portswigger.net/web-security/cross-site-scripting/stored Description: During the user creation process, the 'yourname...
Joomla JLex Review 6.0.1 - Reflected XSS
Exploit Title: Joomla JLex Review 6.0.1 - Reflected XSS Exploit Author: CraCkEr Date: 01/08/2023 Vendor: JLexArt Vendor Homepage: https://jlexart.com/ Software Link: https://extensions.joomla.org/extension/jlex-review/ Demo: https://jlexreview.jlexart.com/ Version: 6.0.1 Tested on: Windows 10 Pro...
OpenBMCS 2.4 - Information Disclosure
Exploit Title: OpenBMCS 2.4 - Information Disclosure Exploit Author: LiquidWorm Date: 26/10/2021 OpenBMCS 2.4 Secrets Disclosure Vendor: OPEN BMCS Product web page: https://www.openbmcs.com Affected version: 2.4 Summary: Building Management & Controls System BMCS. No matter what the size of your...
Employees Daily Task Management System 1.0 - 'username' SQLi Authentication Bypass
Exploit Title: Employees Daily Task Management System 1.0 - 'username' SQLi Authentication Bypass Exploit Author: able403 Date: 08/12/2021 Vendor Homepage: https://www.sourcecodester.com/php/15030/employee-daily-task-management-system-php-and-sqlite-source-code.html Software Link:...
WordPress Plugin Slider by Soliloquy 2.6.2 - 'title' Stored Cross Site Scripting (XSS) (Authenticated)
Exploit Title: WordPress Plugin Slider by Soliloquy 2.6.2 - 'title' Stored Cross Site Scripting XSS Authenticated Date: 02/12/2021 Exploit Author: Abdurrahman Erkan @erknabd Vendor Homepage: https://soliloquywp.com/ Software Link: https://wordpress.org/plugins/soliloquy-lite/ Version: 2.6.2 Teste...
Dynojet Power Core 2.3.0 - Unquoted Service Path
Exploit Title: Dynojet Power Core 2.3.0 - Unquoted Service Path Exploit Author: Pedro Sousa Rodrigues https://www.0x90.zone/ / @PedroSECR Version: 2.3.0 Build 303 Date: 30.10.2021 Vendor Homepage: https://www.dynojet.com/ Software Link: https://docs.dynojet.com/Document/18762 Tested on: Windows 1...
Online Library Management System 1.0 - Arbitrary File Upload Remote Code Execution (Unauthenticated)
Exploit Title: Online Library Management System 1.0 - Arbitrary File Upload Remote Code Execution Unauthenticated Date: 23-06-2021 Exploit Author: Berk Can Geyikci Vendor Homepage: https://www.sourcecodester.com/ Software Link:...
Win10 MailCarrier 2.51 - 'POP3 User' Remote Buffer Overflow
Exploit Title: Win10 MailCarrier 2.51 - 'POP3 User' Remote Buffer Overflow Date: 2019-10-01 Author: Lance Biggerstaff Original Exploit Author: Dino Covotsos - Telspace Systems Vendor Homepage: https://www.tabslab.com/ Version: 2.51 Tested on: Windows 10 Note: Every version of Windows 10 has a...
PostgreSQL 9.3 - COPY FROM PROGRAM Command Execution (Metasploit)
\ This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core/exploit/postgres' class MetasploitModule 'PostgreSQL COPY FROM PROGRAM Command Execution', 'Description' = %q Installations running Postgres 9.3 and...
Ghost CMS 5.42.1 - Path Traversal
!/usr/bin/env python3 -- coding: utf-8 -- """ Exploit Title: Ghost CMS 5.42.1 - Path Traversal Date: 2023-06-15 Exploit Author:ibrahimsql https://github.com/ibrahimsql Vendor Homepage: https://ghost.org Software Link: https://github.com/TryGhost/Ghost Version: =2.28.1 """ import requests import s...
Icinga Web 2.10 - Authenticated Remote Code Execution
!/usr/bin/env python3 Exploit Title: Icinga Web 2.10 - Authenticated Remote Code Execution Date: 8/07/2023 Exploit Author: Dante CoronaAka. cxdxnt Software Link: https://github.com/Icinga/icingaweb2 Vendor Homepage: https://icinga.com/ Software Link: https://github.com/Icinga/icingaweb2 Version:...
Online Clinic Management System 2.2 - Multiple Stored Cross-Site Scripting (XSS)
Exploit Title: Online Clinic Management System 2.2 - Multiple Stored Cross-Site Scripting XSS Date: 27-06-2019 Exploit Author: Rafael Pedrero Vendor Homepage: https://bigprof.com Software Download Link : https://bigprof.com/appgini/applications/online-clinic-management-system Version : 2.2...
Yenkee Hornet Gaming Mouse - 'GM312Fltr.sys' Denial of Service (PoC)
Exploit Title: Yenkee Hornet Gaming Mouse - 'GM312Fltr.sys' Denial of Service PoC Date: 2021/04/07 Exploit Author: Quadron Research Lab Version: all version Tested on: Windows 10 x64 HUN/ENG Professional Vendor: https://www.yenkee.eu/gaming-mouse-hornet-aim/yms-3029 Reference:...
OpenCart 3.0.3.7 - 'Change Password' Cross-Site Request Forgery (CSRF)
Exploit Title : OpenCart 3.0.3.7 - 'Change Password' Cross-Site Request Forgery CSRF Date : 2021/08/06 Exploit Author : Mert Daş [email protected] Software Link : http://www.opencart.com/index.php?route=download/download : https://github.com/opencart Software web : www.opencart.com Tested on...
Sonatype Nexus 3.21.1 - Remote Code Execution (Authenticated)
Exploit Title: Sonatype Nexus 3.21.1 - Remote Code Execution Authenticated Exploit Author: 1F98D Original Author: Alvaro Muñoz Date: 27 May 2020 Vendor Hompage: https://www.sonatype.com/ CVE: CVE-2020-10199 Tested on: Windows 10 x64 References:...
Motorola Device Manager 2.5.4 - 'ForwardDaemon.exe ' Unquoted Service Path
Exploit Title: Motorola Device Manager 2.5.4 - 'ForwardDaemon.exe 'Unquoted Service Path Discovery by: Angel Canseco Discovery Date: 2020-11-07 Vendor Homepage: https://motorola-device-manager.programas-gratis.net/gracias Tested Version: 2.5.4 Vulnerability Type: Unquoted Service Path Tested on O...
BlogEngine 3.3.8 - 'Content' Stored XSS
Exploit Title: BlogEngine 3.3.8 - 'Content' Stored XSS Date: 11/2020 Exploit Author: Andrey Stoykov Vendor Homepage: https://blogengine.io/ Software Link: https://github.com/BlogEngine/BlogEngine.NET/releases/download/v3.3.8.0/3380.zip Version: 3.3.8 Tested on: Windows Server 2016 Exploit and...
DiskBoss 7.7.14 - 'Reports and Data Directory' Buffer Overflow (SEH Egghunter)
Exploit Title: DiskBoss 7.7.14 - 'Reports and Data Directory' Buffer Overflow SEH Egghunter Date: 2020-07-26 Exploit Author: MasterVlad Vendor Homepage: https://www.diskboss.com/ Software Link: https://github.com/x00x00x00x00/diskboss7.7.14/raw/master/diskbosssetupv7.7.14.exe Version: 7.7.14...
UCM6202 1.0.18.13 - Remote Command Injection
Exploit Title: UCM6202 1.0.18.13 - Remote Command Injection Date: 2020-03-23 Exploit Author: Jacob Baines Vendor: http://www.grandstream.com Product Link: http://www.grandstream.com/products/ip-pbxs/ucm-series-ip-pbxs/product/ucm6200-series Tested on: UCM6202 1.0.18.13 CVE : CVE-2020-5722 Shodan...
XNU - Remote Double-Free via Data Race in IPComp Input Path
=== Summary === This report describes a bug in the XNU implementation of the IPComp protocol https://tools.ietf.org/html/rfc3173. This bug can be remotely triggered by an attacker who is able to send traffic to a macOS system iOS AFAIK isn't affected over two network interfaces at the same time...
phpMyAdmin 4.9.0.1 - Cross-Site Request Forgery
============================================= MGC ALERT 2019-003 - Original release date: June 13, 2019 - Last revised: September 13, 2019 - Discovered by: Manuel Garcia Cardenas - Severity: 4,3/10 CVSS Base Score - CVE-ID: CVE-2019-12922 ============================================= I...
FUXA V.1.1.13-1186 - Unauthenticated Remote Code Execution (RCE)
Exploit Title: FUXA V.1.1.13-1186- Unauthenticated Remote Code Execution RCE Date: 18/04/2023 Exploit Author: Rodolfo Mariano Vendor Homepage: https://github.com/frangoteam/FUXA Version: FUXA V.1.1.13-1186 current from argparse import RawTextHelpFormatter import argparse, sys, threading, requests...
WordPress Plugin WP Google Maps 8.1.11 - Stored Cross-Site Scripting (XSS)
Exploit Title: WordPress Plugin WP Google Maps 8.1.11 - Stored Cross-Site Scripting XSS Date: 22/6/2021 Exploit Author: Mohammed Adam Vendor Homepage: https://www.wpgmaps.com/ Software Link: https://wordpress.org/plugins/wp-google-maps/ Version: 5.7.2 Tested on: Windows 10 CVE: CVE-2021-24383...
SonicWall SSL-VPN 8.0.0.0 - 'visualdoor' Remote Code Execution (Unauthenticated)
Exploit Title: SonicWall SSL-VPN 8.0.0.0 - 'shellshock/visualdoor' Remote Code Execution Unauthenticated Exploit Author: Darren Martyn Vendor Homepage: https://www.home-assistant.io/ Version: SMA 8.0.0.4 Blog post: https://darrenmartyn.ie/2021/01/24/visualdoor-sonicwall-ssl-vpn-exploit/...
BlazeDVD 7.0 Professional - '.plf' Local Buffer Overflow (SEH,ASLR,DEP)
Title: BlazeDVD 7.0 Professional - '.plf' Local Buffer Overflow SEH,ASLR,DEP Author: emalp Date: 2020-08-31 Vendor Homepage: http://www.blazevideo.com/ Software Link: http://www.blazevideo.com/download/BlazeDVDProSetup.exe Version: 7.0.0.0 Tested on: Windows 7 Home Basic Run this file bfile.plf...
XMB 1.9.12.06 - Stored XSS
Exploit Title: Persistent XSS in XMB 1.9.12.06 Date: 06/12/2024 Exploit Author: Chokri Hammedi Vendor Homepage: https://www.xmbforum2.com/ Software Link: https://www.xmbforum2.com/download/XMB-1.9.12.06.zip Version: 1.9.12.06 Tested on: Windows XP CVE: N/A Vulnerability Details A persistent store...
Nagios XI Version 2024R1.01 - SQL Injection
Exploit Title: NAGIOS XI SQLI Google Dork: if applicable Date: 02/26/2024 Exploit Author: Jarod Jaslow MAWK https://www.linkedin.com/in/jarod-jaslow-codename-mawk-265144201/ Vendor Homepage: https://www.nagios.com/changelog/nagios-xi Software Link: https://github.com/MAWK0235/CVE-2024-24401...
Webedition CMS v2.9.8.8 - Stored XSS
Exploit Title: Webedition CMS v2.9.8.8 - Stored XSS Application: Webedition CMS Version: v2.9.8.8 Bugs: Stored Xss Technology: PHP Vendor URL: https://www.webedition.org/ Software Link: https://download.webedition.org/releases/OnlineInstaller.tgz?p=1 Date of found: 03.08.2023 Author: Mirabbas...
ManageEngine ADSelfService Plus 6.1 - User Enumeration
Exploit Title: ManageEngine ADSelfService Plus 6.1 - User Enumeration Exploit Author: Metin Yunus Kandemir Vendor Homepage: https://www.manageengine.com/ Software Link: https://www.manageengine.com/products/self-service-password/download.html Version: ADSelfService 6.1 Build 6121 Tested Against:...
WordPress Plugin Error Log Viewer 1.1.1 - Arbitrary File Clearing (Authenticated)
Exploit Title: WordPress Plugin Error Log Viewer 1.1.1 - Arbitrary File Clearing Authenticated Date: 09-11-2021 Exploit Author: Ceylan Bozogullarindan Exploit Website: https://bozogullarindan.com Vendor Homepage: https://bestwebsoft.com/ Software Link:...
Hospital Management System 4.0 - 'multiple' SQL Injection
Title: Hospital Management System 4.0 - 'multiple' SQL Injection Author: nu11secur1ty Date: 02.06.2022 Vendor: https://github.com/kishan0725 Software: https://github.com/kishan0725/Hospital-Management-System CVE-2022-24263 Description: The Hospital Management System v4.0 is suffering from Multipl...
Open-AudIT Community 4.2.0 - Cross-Site Scripting (XSS) (Authenticated)
Exploit Title: Open-AudIT Community 4.2.0 - Cross-Site Scripting XSS Authenticated Date: 01/11/2021 Exploit Author: Dominic Clark parzival Vendor Homepage: https://opmantek.com/ Software Link: https://www.open-audit.org/downloads.php Category: WebApps Version: = 4.2.0 Tested on: Windows 10 CVE:...
Student Quarterly Grading System 1.0 - 'grade' Stored Cross-Site Scripting (XSS)
Exploit Title: Student Quarterly Grading System 1.0 - 'grade' Stored Cross-Site Scripting XSS Date: 11.10.2021 Exploit Author: Hüseyin Serkan Balkanli Vendor Homepage: https://www.sourcecodester.com/php/14953/student-quarterly-grading-system-using-php-and-sqlite-free-source-code.html Software Lin...
Logitech Media Server 8.2.0 - 'Title' Cross-Site Scripting (XSS)
Exploit Title: Logitech Media Server 8.2.0 - 'Title' Cross-Site Scripting XSS Shodan Dork: Search Logitech Media Server Date: 12.10.2021 Exploit Author: Mert Das Vendor Homepage: www.logitech.com Version: 8.2.0 Tested on: Windows 10, Linux POC: 1. Go to Settings / Interface tab 2. Add payload to...
Hestia Control Panel 1.3.2 - Arbitrary File Write
Title: Hestia Control Panel 1.3.2 - Arbitrary File Write Date: 07.03.2021 Author: Numan Türle Vendor Homepage: https://hestiacp.com/ Software Link: https://github.com/hestiacp/hestiacp Version: 1.3.3 Tested on: HestiaCP Version 1.3.2 curl --location --request POST...
SEO Panel 4.6.0 - Remote Code Execution (2)
Exploit Title: SEO Panel 4.6.0 - Remote Code Execution 2 Date: 22 Jan 2021 Exploit Author: Kr0ff Vendor Homepage: https://www.seopanel.org/https://www.kentico.com/ Software Link: https://www.seopanel.org/spdownload/4.6.0 Version: 4.6.0 Tested on: Ubuntu 20.04 !/usr/bin/env python3 ''' DESCRIPTION...
Seat Reservation System 1.0 - Remote Code Execution (Unauthenticated)
Exploit Title: Seat Reservation System 1.0 - Unauthenticated Remote Code Execution Exploit Author: Rahul Ramkumar Date: 2020-09-16 Vendor Homepage: www.sourcecodester.com Software Link: https://www.sourcecodester.com/sites/default/files/download/oretnom23/seat-reservation-system-using-php0.zip...
NextVPN v4.10 - Insecure File Permissions
Exploit Title: NextVPN v4.10 - Insecure File Permissions Date: 2019-12-23 Exploit Author: SajjadBnd Contact: [email protected] Vendor Homepage: https://vm3max.site Software Link:http://dl.spacevm.com/NextVPNSetup-v4.10.exe Version: 4.10 Tested on: Win10 Professional x64 Description The NextVPN...
SmartHouse Webapp 6.5.33 - Cross-Site Request Forgery
Exploit Title: SmartHouse Webapp 6.5.33 - Cross-Site Request Forgery Discovery by: LiquidWorm Date: 2019-12-02 Vendor Homepage: Tested Version: 6.5.33.17072501 CVE: N/A Advisory ID: ZSL-2019-5543 Advisory URL: https://www.zeroscience.mk/en/vulnerabilities/ZSL-2019-5543.php Carlo Gavazzi SmartHous...
BartVPN 1.2.2 - 'BartVPNService' Unquoted Service Path
Exploit Title: BartVPN 1.2.2 - 'BartVPNService' Unquoted Service Path Exploit Author : ZwX Exploit Date: 2019-11-18 Vendor Homepage : https://www.filehorse.com/ Link Software : https://www.filehorse.com/download-bartvpn/ Tested on OS: Windows 7 Analyze PoC : ============== C:\Users\ZwXsc qc...
ProFTPd 1.3.2 rc3 < 1.3.3b (FreeBSD) - Telnet IAC Buffer Overflow (Metasploit)
$Id: proftptelnetiac.rb 11208 2010-12-02 21:10:03Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...
Electrolink FM/DAB/TV Transmitter - Remote Authentication Removal
!/usr/bin/env python Electrolink FM/DAB/TV Transmitter Remote Authentication Removal Vendor: Electrolink s.r.l. Product web page: https://www.electrolink.com Affected version: 10W, 100W, 250W, Compact DAB Transmitter 500W, 1kW, 2kW Medium DAB Transmitter 2.5kW, 3kW, 4kW, 5kW High Power DAB...
SAP BusinessObjects Intelligence 4.3 - XML External Entity (XXE)
Exploit Title: SAP BusinessObjects Intelligence 4.3 - XML External Entity XXE Google Dork: N/A Date: 4/21/2022 Exploit Author: West Shepherd Vendor Homepage: https://www.sap.com/ Software Link: https://www.sap.com/ Version: 4.2 and 4.3 Tested on: Windows Server 2019 x64 CVE : CVE-2022-28213...
Cobian Backup 11 Gravity 11.2.0.582 - 'Password' Denial of Service (PoC)
Exploit Title: Cobian Backup 11 Gravity 11.2.0.582 - 'Password' Denial of Service PoC Discovery by: Luis Martinez Discovery Date: 2022-02-16 Vendor Homepage: https://www.cobiansoft.com/ Software Link: https://files.cobiansoft.com/programs/cbSetup.exe Tested Version: 11.2.0.582 Vulnerability Type:...
Hi-Rez Studios 5.1.6.3 - 'HiPatchService' Unquoted Service Path
Exploit Title: Hi-Rez Studios 5.1.6.3 - 'HiPatchService' Unquoted Service Path Dicovery by: Ekrem Can Kök Discovery Date: 2021-03-22 Vendor Homepage: https://www.hirezstudios.com Version: 5.1.6.3 Tested on: Windows 10 Pro x64 Step to discover Unquoted Service Path: C:\wmic service get name,...
Medical Center Portal Management System 1.0 - 'id' SQL Injection
Exploit Title: Medical Center Portal Management System 1.0 - 'id' SQL Injection Exploit Author: Saeed Bala Ahmed r0b0tG4nG Date: 2020-12-10 Google Dork: N/A Vendor Homepage: https://www.sourcecodester.com/php/14594/medical-center-portal-management-system.html Software Link:...
TDM Digital Signage PC Player 4.1 - Insecure File Permissions
Exploit Title: TDM Digital Signage PC Player 4.1 - Insecure File Permissions Date: 2020-09-23 Exploit Author: LiquidWorm Software Link: https://www.tdmsignage.com / https://pro.sony/enNL/products/display-software/tdm-ds1y-tdm-ds3y Version: 4.1.0.4 Vendor: TDM Trending Digital Marketing Product we...
WebsiteBaker 2.12.2 - 'display_name' SQL Injection (authenticated)
Exploit Title: WebsiteBaker 2.12.2 - 'displayname' SQL Injection authenticated Google Dork: - Date: 2020-09-20 Exploit Author: Roel van Beurden Vendor Homepage: https://websitebaker.org Software Link: https://wiki.websitebaker.org/doku.php/en/downloads Version: 2.12.2 Tested on: Linux Ubuntu 18.0...
VMware vCenter Server 6.7 - Authentication Bypass
Exploit Title: VMware vCenter Server 6.7 - Authentication Bypass Date: 2020-06-01 Exploit Author: Photubias Vendor Advisory: 1 https://www.vmware.com/security/advisories/VMSA-2020-0006.html Version: vCenter Server 6.7 before update 3f Tested on: vCenter Server Appliance 6.7 RTM updated from v6.0...