47904 matches found
Kemp Load Master 7.1.16 - Multiple Vulnerabilities
Exploit Title: Kemp Load Master - Multiple Vulnerabilities RCE, CSRF, XSS, DoS Date: 01 April 2015 Author: Roberto Suggi Liverani Software Link: http://kemptechnologies.com/load-balancer/ Version: 7.1.16 and previous versions Tested on: Kemp Load Master 7.1-16 CVE : CVE-2014-5287/5288 Link:...
Microsoft Windows - XRM-MS File NTLM Information Disclosure Spoofing
Exploit Author: John Page aka hyp3rlinx Website: hyp3rlinx.altervista.org Source: https://hyp3rlinx.altervista.org/advisories/MicrosoftWindowsxrm-msFileNTLM-HashDisclosure.txt x.com/hyp3rlinx ISR: ApparitionSec Vendor www.microsoft.com Product .xrm-ms File Type Vulnerability Type NTLM Hash...
Online Fire Reporting System OFRS - SQL Injection Authentication Bypass
Exploit Title: Online Fire Reporting System SQL Injection Authentication Bypass Date: 02/10/2024 Exploit Author: Diyar Saadi Vendor Homepage: https://phpgurukul.com/online-fire-reporting-system-using-php-and-mysql/ Software Link:...
Siklu MultiHaul TG series < 2.0.0 - unauthenticated credential disclosure
Exploit Title: Siklu MultiHaul TG series - unauthenticated credential disclosure Date: 28-02-2024 Exploit Author: semaja2 Vendor Homepage: https://siklu.com/ Software Link: https://partners.siklu.com/home/frontdoor Version: 2.0.0 Tested on: 2.0.0 CVE : None assigned Instructions 1. Perform IPv6...
Easywall 0.3.1 - Authenticated Remote Command Execution
Exploit Title: Easywall 0.3.1 - Authenticated Remote Command Execution Date: 30-11-2023 Exploit Author: Melvin Mejia Vendor Homepage: https://jpylypiw.github.io/easywall/ Software Link: https://github.com/jpylypiw/easywall Version: 0.3.1 Tested on: Ubuntu 22.04 import requests, json, urllib3...
Razer Sila - Command Injection
Exploit Title: Razer Sila - Command Injection Google Dork: N/A Date: 4/9/2022 Exploit Author: Kevin Randall Vendor Homepage: https://www2.razer.com/ap-en/desktops-and-networking/razer-sila Software Link: https://www2.razer.com/ap-en/desktops-and-networking/razer-sila Version:...
Prowise Reflect v1.0.9 - Remote Keystroke Injection
Exploit Title: Prowise Reflect v1.0.9 - Remote Keystroke Injection Date: 30/10/2022 Exploit Author: Rik Lutz Vendor Homepage: https://www.prowise.com/ Version: V1.0.9 Tested on: Windows 10 Prowise Reflect software version 1.0.9 for Windows is vulnerable to a remote keystroke injection. Much like...
WordPress Plugin Learnpress 4.1.4.1 - Arbitrary Image Renaming
Exploit Title: WordPress Plugin Learnpress 4.1.4.1 - Arbitrary Image Renaming Date: 08-01-2022 Exploit Author: Ceylan Bozogullarindan Author Webpage: https://bozogullarindan.com Vendor Homepage: https://thimpress.com/ Software Link: https://thimpress.com/learnpress-plugin/ Version: 4.1.4.1 Tested...
PolicyKit-1 0.105-31 - Privilege Escalation
Exploit Title: PolicyKit-1 0.105-31 - Privilege Escalation Exploit Author: Lance Biggerstaff Original Author: ryaagard https://github.com/ryaagard Date: 27-01-2022 Github Repo: https://github.com/ryaagard/CVE-2021-4034 References: https://www.qualys.com/2022/01/25/cve-2021-4034/pwnkit.txt...
Vodafone H-500-s 3.5.10 - WiFi Password Disclosure
Exploit Title: Vodafone H-500-s 3.5.10 - WiFi Password Disclosure Date: 01/01/2022 Exploit Author: Daniel Monzón stark0de Vendor Homepage: https://www.vodafone.es/ Software Link: N/A Version: Firmware version Vodafone-H-500-s-v3.5.10 Hardware model: Sercomm VFH500 The WiFi access point password...
Visitor Management System in PHP 1.0 - Persistent Cross-Site Scripting
Title: Visitor Management System in PHP 1.0 - Persistent Cross-Site Scripting Exploit Author: Rahul Ramkumar Date: 2020-09-16 Vendor Homepage: https://projectworlds.in Software Link: https://projectworlds.in/wp-content/uploads/2020/07/Visitor-Management-System-in-PHP.zip Version: 1.0 Tested On:...
IBM InfoPrint 4247-Z03 Impact Matrix Printer - Directory Traversal
Exploit Title: IBM InfoPrint 4247-Z03 Impact Matrix Printer - Directory Traversal Date: 2020-01-01 Exploit Author: Raif Berkay Dincel Vendor Homepage: ibm.com Software https://www-01.ibm.com/common/ssi/cgi-bin/ssialias?subtype=ca&infotype=an&appname=iSource&supplier=897&letternum=ENUS107-295...
rConfig 3.9.2 - Remote Code Execution
Exploit Title: rConfig 3.9.2 - Remote Code Execution Date: 2019-09-18 Exploit Author: Askar Vendor Homepage: https://rconfig.com/ Software link: https://rconfig.com/download Version: v3.9.2 Tested on: CentOS 7.7 / PHP 7.2.22 CVE : CVE-2019-16662 !/usr/bin/python import requests import sys from...
SNMPc Enterprise Edition 9/10 - Mapping Filename Buffer Overflow
!/usr/bin/python -- coding: utf-8 -- -------------------------------------------------------------------- Exploit: SNMPc Enterprise Edition 9 & 10 Mapping File Name BOF Date: 11 July 2019 Exploit Author: @xerubus | mogozobo.com Vendor Homepage: https://www.castlerock.com/ Software Linke:...
Alienvault OSSIM/USM 5.3.4/5.3.5 - Remote Command Execution (Metasploit)
This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class MetasploitModule 'AlienVault USM/OSSIM API Command Execution', 'Description' = %q This module exploits an unauthenticated command injection in...
ReiserFS (Linux Kernel 2.6.34-rc3 / RedHat / Ubuntu 9.10) - 'xattr' Local Privilege Escalation
!/usr/bin/env python ''' team-edward.py Linux Kernel http://jon.oberheide.org Information: https://bugzilla.redhat.com/showbug.cgi?id=568041 The kernel allows processes to access the internal ".reiserfspriv" directory at the top of a reiserfs filesystem which is used to store xattrs. Permissions...
PHP 4.4.3 < 4.4.6 - 'PHPinfo()' Cross-Site Scripting
//////////////////////////////////////////////////////////////////////// // // // | || | | | | | | | || || \ // // | |/ || '|/ |/ -| ' \ / -/ |||| /| || / // // ||||,||| ,|||||||,| || |||||| // // // // Proof of concept code from the Hardened-PHP Project // // C Copyright 2007 Stefan Esser //...
Tatsu 3.3.11 - Unauthenticated RCE
Exploit Title:Tatsu 3.3.11 - Unauthenticated RCE Date: 2025-04-16 Exploit Author: Milad Karimi Ex3ptionaL Contact: [email protected] Zone-H: www.zone-h.org/archive/notifier=Ex3ptionaL MiRROR-H: https://mirror-h.org/search/hacker/49626/ Product: Tatsu wordpress plugin = 3.3.11 CVE:...
PopojiCMS 2.0.1 - Remote Command Execution (RCE)
Exploit Title: PopojiCMS 2.0.1 - Remote Command Execution Date: 14/04/2024 Exploit Author: Ahmet Ümit BAYRAM Vendor Homepage: https://www.popojicms.org/ Software Link: https://github.com/PopojiCMS/PopojiCMS/archive/refs/tags/v2.0.1.zip Version: Version : 2.0.1 Tested on:...
Cisco UCS-IMC Supervisor 2.2.0.0 - Authentication Bypass
Exploit Title: Cisco UCS-IMC Supervisor 2.2.0.0 - Authentication Bypass + Cisco IMC Supervisor - 2.2.1.0 + Date: 08/21/2019 + Affected Component: /app/ui/ClientServlet?apiName=GetUserInfo + Vendor:...
Xoops CMS 2.5.10 - Stored Cross-Site Scripting (XSS) (Authenticated)
Exploit Title: Xoops CMS 2.5.10 - Stored Cross-Site Scripting XSS Authenticated Date: 2023-06-12 Exploit Author: tmrswrr Vendor Homepage: https://xoops.org/ Software https://github.com/XOOPS/XoopsCore25/releases/tag/v2.5.10 Version: 2.5.10 Tested : https://www.softaculous.com/apps/cms/Xoops ---...
TinyWebGallery v2.5 - Stored Cross-Site Scripting (XSS)
Exploit Title: TinyWebGallery v2.5 - Stored Cross-Site Scripting XSS Application: TinyWebGallery Version: v2.5 Bugs: Stored Xss Technology: PHP Vendor URL: http://www.tinywebgallery.com/ Software Link: https://www.tinywebgallery.com/download.php?tinywebgallery=latest Date of found: 07-05-2023...
Jedox 2020.2.5 - Disclosure of Database Credentials via Improper Access Controls
Exploit Title: Jedox 2020.2.5 - Disclosure of Database Credentials via Improper Access Controls Date: 28/04/2023 Exploit Author: Team Syslifters / Christoph MAHRL, Aron MOLNAR, Patrick PIRKER and Michael WEDL Vendor Homepage: https://jedox.com Version: Jedox 2020.2 20.2.5 and older CVE :...
Sophos Web Appliance 4.3.10.4 - Pre-auth command injection
!/bin/bash Exploit Title: Sophos Web Appliance 4.3.10.4 - Pre-auth command injection Exploit Author: Behnam Abasi Vanda Vendor Homepage: https://www.sophos.com Version: Sophos Web Appliance older than version 4.3.10.4 Tested on: Ubuntu CVE : CVE-2023-1671 Shodan Dork: title:"Sophos Web Appliance"...
Sielco PolyEco Digital FM Transmitter 2.0.6 - Radio Data System POST Manipulation
Exploit Title: Sielco PolyEco Digital FM Transmitter 2.0.6 - Radio Data System POST Manipulation Exploit Author: LiquidWorm Vendor: Sielco S.r.l Product web page: https://www.sielco.org Affected version: PolyEco1000 CPU:2.0.6 FPGA:10.19 PolyEco1000 CPU:1.9.4 FPGA:10.19 PolyEco1000 CPU:1.9.3...
Marval MSM v14.19.0.12476 - Remote Code Execution (RCE) (Authenticated)
Exploit Title: Marval MSM v14.19.0.12476 - Remote Code Execution RCE Authenticated Date: 27/5/2022 Exploit Author: Momen Eldawakhly Cyber Guy Vendor Homepage: https://www.marvalnorthamerica.com/ Software Link: https://www.marvalnorthamerica.com/ Version: v14.19.0.12476 Tested on: Windows Detailed...
aaPanel 6.8.21 - Directory Traversal (Authenticated)
Exploit Title: aaPanel 6.8.21 - Directory Traversal Authenticated Date: 22.02.2022 Exploit Author: Fikrat Ghuliev Ghuliev Vendor Homepage: https://www.aapanel.com/ Software Link: https://www.aapanel.com Version: 6.8.21 Tested on: Ubuntu Application vulnerable to Directory Traversal and attacker c...
WordPress Plugin RegistrationMagic V 5.0.1.5 - SQL Injection (Authenticated)
Exploit Title: WordPress Plugin RegistrationMagic V 5.0.1.5 - SQL Injection Authenticated Date 23.01.2022 Exploit Author: Ron Jost Hacker5preme Vendor Homepage: https://registrationmagic.com/ Software Link:...
CMSimple_XH 1.7.4 - Remote Code Execution (RCE) (Authenticated)
Exploit Title: CMSimpleXH 1.7.4 - Remote Code Execution RCE Authenticated Date: 01-10-2021 Exploit Author: Halit AKAYDIN hLtAkydn Vendor Homepage: https://www.cmsimple-xh.org/ Software Link: https://www.cmsimple-xh.org/?Downloads Version: 1.7.4 Category: Webapps Tested on: Linux/Windows CMSimpleX...
Online Voting System 1.0 - Authentication Bypass (SQLi)
Exploit Title: Online Voting System 1.0 - Authentication Bypass SQLi Exploit Author: Salman Asad @deathflash1411 a.k.a LeoBreaker Date 30.06.2021 Vendor Homepage: https://www.sourcecodester.com/ Software Link: https://www.sourcecodester.com/php/4808/voting-system-php.html Version 1.0 Tested on:...
Sonlogger 4.2.3.3 - SuperAdmin Account Creation / Information Disclosure
Exploit Title: Sonlogger 4.2.3.3 - SuperAdmin Account Creation / Information Disclosure Date: 04-02-2021 Exploit Author: Berkan Er Vendor Homepage: https://www.sonlogger.com/ Version: 4.2.3.3 Tested on: Windows 10 Enterprise x64 Version 1803 A remote attacker can be create an user with SuperAdmin...
WordPress Plugin Supsystic Data Tables Generator 1.9.96 - Multiple Vulnerabilities
Exploit Title: WordPress Plugin Supsystic Data Tables Generator 1.9.96 - Multiple Vulnerabilities Date: 24/07/2020 Exploit Author: Erik David Martin Vendor Homepage: https://supsystic.com/ Software Link: https://downloads.wordpress.org/plugin/data-tables-generator-by-supsystic.1.9.96.zip Category...
Selea CarPlateServer (CPS) 4.0.1.6 - Remote Program Execution
Exploit Title: Selea CarPlateServer CPS 4.0.1.6 - Remote Program Execution Date: 08.11.2020 Exploit Author: LiquidWorm Vendor Homepage: https://www.selea.com Selea CarPlateServer CPS v4.0.1.6 Remote Program Execution Vendor: Selea s.r.l. Product web page: https://www.selea.com Affected version:...
Bludit 3.9.2 - Authentication Bruteforce Mitigation Bypass
!/usr/bin/env ruby Title: Bludit 3.9.2 - Authentication Bruteforce Mitigation Bypass Author: noraj Alexandre ZANNI Author website: https://pwn.by/noraj/ Date: 2020-08-16 Vendor Homepage: https://www.bludit.com/ Software Link: https://github.com/bludit/bludit/archive/3.9.2.tar.gz Version: = 3.9.2...
Oriol Espinal CMS 1.0 - 'id' SQL Injection
Exploit Title: Oriol Espinal CMS 1.0 - 'id' SQL Injection Google Dork: inurl:/eotoolsshare/ Date: 2020-06-03 Exploit Author: TSAR Vendor Homepage: http://www.oriolespinal.es/eowd Software Link: http://www.oriolespinal.es/eotools Version: ALL VERSION UP TO LATEST Tested on: MACOS 10.11.2 CVE : NOt...
Pi-Hole - heisenbergCompensator Blocklist OS Command Execution (Metasploit)
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Pi-Hole heisenbergCompensator Blocklist OS Command Execution', 'Description' = %q This exploits a command execution in Pi-Hole MSFLICENSE, 'Autho...
Genexis Platinum-4410 2.1 - Authentication Bypass
Exploit Title: Genexis Platinum-4410 2.1 - Authentication Bypass Date: 20220-01-08 Exploit Author: Husinul Sanub Author Contact: https://www.linkedin.com/in/husinul-sanub-658239106/ Vulnerable Product: Genexis Platinum-4410 v2.1 Home Gateway Router https://genexis.co.in/product/ont/ Firmware...
Linux 5.3 - Privilege Escalation via io_uring Offload of sendmsg() onto Kernel Thread with Kernel Creds
Since commit 0fa03c624d8f "iouring: add support for sendmsg", first in v5.3, iouring has support for asynchronously calling sendmsg. Unprivileged userspace tasks can submit IORINGOPSENDMSG submission queue entries, which cause sendmsg to be called either in syscall context in the original task, o...
Online Invoicing System 2.6 - 'description' Persistent Cross-Site Scripting
Exploit Title: Online Invoicing System 2.6 - 'description' Persistent Cross-Site Scripting Date: 2019-11-29 Exploit Author: Cemal Cihad ÇİFTÇİ Vendor Homepage: https://bigprof.com Software Download Link : https://github.com/bigprof-software/online-invoicing-system Software : Online Invoicing Syst...
Linear eMerge E3 1.00-06 - Remote Code Execution
Title: Linear eMerge E3 1.00-06 - Remote Code Execution Author: LiquidWorm Date: 2019-11-13 Vendor Homepage: http://linear-solutions.com/nscfamily/e3-series/ Software Link: http://linear-solutions.com/nscfamily/e3-series/ Affected version: =2.3.0a Advisory:...
WordPress Plugin Photo Gallery 1.5.34 - SQL Injection
Exploit Title: WordPress Plugin Photo Gallery by 10Web Add new and in add galleries / Gallery groups. GET request going with parameter albumid is vulnerable to Time Based Blind SQL injection. Following is the POC, 1...
Apache Tika 1.15 - 1.17 - Header Command Injection (Metasploit)
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Apache Tika Header Command Injection', 'Description' = %q This module exploits a command injection vulnerability in Apache Tika 1.15 - 1.17 on...
WordPress Plugin Contact Form Maker 1.13.1 - Cross-Site Request Forgery
Exploit Title: Contact Form by WD CSRF → LFI Date: 2019-03-17 Exploit Author: Panagiotis Vagenas Vendor Homepage: http://web-dorado.com/ Software Link: https://wordpress.org/plugins/contact-form-maker Version: 1.13.1 Tested on: WordPress 5.1.1 Description ----------- Plugin implements the followi...
eBay Magento 1.9.2.1 - PHP FPM XML eXternal Entity Injection
============================================= - Release date: 29.10.2015 - Discovered by: Dawid Golunski - Severity: High/Critical - eBay Magento ref.: APPSEC-1045 ============================================= I. VULNERABILITY ------------------------- eBay Magento CE = 1.9.2.1 XML eXternal Entit...
Linux Kernel 3.13 - SGID Privilege Escalation
/ CVE-2014-4014 Linux Kernel Local Privilege Escalation PoC Vitaly Nikolenko http://hashcrack.org Usage: ./poc filepath where filepath is the file on which you want to set the sgid bit / define GNUSOURCE include include include include include include include include include define STACKSIZE 1024...
Microsoft Windows Server 2000/2003 - Code Execution (MS08-067)
!/usr/bin/env python MS08-067 Exploit by Debasis Mohanty aka Tr0y/nopsled www.hackingspirits.com www.coffeeandsecurity.com Email: d3basis.m0hanty @ gmail.com E-DB Note: Exploit Update https://github.com/offensive-security/exploitdb/pull/77/filesdiff-5247d21ae6747fa8543ef0ba9c06c0e2 import struct...
Mambo Component Sitemap 2.0.0 - Remote File Inclusion
Sitemap 2.0.0 for Mambo 4.5.1 CMS Author : Ahmad Maulana a.k.a Matdhule Date : July 12th 2006 Location : Indonesia, Jakarta Web : http://advisories.echo.or.id/adv/adv38-matdhule-2006.txt Critical Lvl : Highly critical Impact : System access Where : From Remote...
OnePlug CMS - '/products/details.asp?Product_ID' SQL Injection
source: https://www.securityfocus.com/bid/16155/info OnePlug CMS is prone to multiple SQL-injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in SQL queries. Successful exploitation could allow an attacker to...
GnomeHack - Local Buffer Overflow
/ gnomehack local buffer overflow. gid=games60 Author: Cody Tubbs loophole of hhp. www.hhp-programming.net / [email protected] 12/17/2000 Tested on Debian 2.2, kernel 2.2.17 - x86. sgid "games"60 by default. bash-2.03$ id uid=1000loophole gid=501noc bash-2.03$ ./h 0 0 Ret-addr 0x7fffe81c, offset...
Ruckus IoT Controller 1.7.1.0 - Undocumented Backdoor Account
Exploit Title: CommScope Ruckus IoT Controller 1.7.1.0 - Undocumented Account Date: 2021.05.26 Exploit Author: korelogic Vendor Homepage: https://www.commscope.com/globalassets/digizuite/917216-faq-security-advisory-id-20210525-v1-0.pdf Affected Product: Ruckus IoT Controller Version: 1.7.1.0 and...