47904 matches found
Quick.CMS 6.7 - Remote Code Execution (Authenticated)
Exploit Title: Quick.CMS 6.7 - Remote Code Execution Authenticated Date: 2020-12-28 Exploit Author: mari0x00 Vendor Homepage: https://opensolution.org/ Software Link: https://opensolution.org/download/?sFile=Quick.Cmsv6.7-pl.zip Description:...
Simple Grocery Store Sales And Inventory System 1.0 - Authentication Bypass
Exploit Title: Simple Grocery Store Sales And Inventory System 1.0 - Authentication Bypass Date: 24/09/2020 Exploit Author: Saurav Shukla & Jyotsna Adhana Vendor Homepage: https://www.sourcecodester.com/php/14461/simple-grocery-store-sales-and-inventory-system-using-phpmysql-source-code.html...
Joomla! com_fabrik 3.9.11 - Directory Traversal
Exploit Title: Joomla! comfabrik 3.9.11 - Directory Traversal Google Dork: inurl:"index.php?option=comfabrik" Date: 2020-03-30 Exploit Author: qw3rTyTy Vendor Homepage: https://fabrikar.com/ Software Link: https://fabrikar.com/downloads Version: 3.9 Tested on: Debian/Nginx/Joomla! 3.9.11...
SecuSTATION IPCAM-130 HD Camera - Remote Configuration Disclosure
Exploit Title: SecuSTATION IPCAM-130 HD Camera - Remote Configuration Disclosure Author: Todor Donev Date: 2020-02-23 Vendor: https://secu.jp/ Product Link: https://secu.jp/support/831nh1.html CVE: N/A SecuSTATION IPCAM-130 HD Camera Remote Configuration Disclosure Copyright 2020 c Todor Donev...
vBulletin 5.0 < 5.5.4 - 'updateAvatar' Authenticated Remote Code Execution
?php / --------------------------------------------------------------------- vBulletin = 5.5.4 updateAvatar Remote Code Execution Vulnerability --------------------------------------------------------------------- author..............: Egidio Romano aka EgiX mail................:...
Linksys E-series - Remote Code Execution
!/usr/bin/php ?php / Exploit for 0day linksys unauthenticated remote code execution vulnerability. As exploited by TheMoon worm; Discovered in the wild on Feb 13, 2013 by Johannes Ullrich. I was hoping this would stay under-wraps until a firmware patch could be released, but it appears the cat is...
ABB Cylon FLXeon 9.3.4 - WebSocket Command Spawning
ABB Cylon FLXeon 9.3.4 wsConnect.js WebSocket Command Spawning PoC Vendor: ABB Ltd. Product web page: https://www.global.abb Affected version: FLXeon Series FBXi Series, FBTi Series, FBVi Series CBX Series FLX Series CBT Series CBV Series Firmware: =9.3.4 Advisory ID: ZSL-2025-5913 Advisory URL:...
TELSAT marKoni FM Transmitter 1.9.5 - Insecure Access Control Change Password
TELSAT marKoni FM Transmitter 1.9.5 Insecure Access Control Change Password Vendor: TELSAT Srl Product web page: https://www.markoni.it Affected version: Markoni-D Compact FM Transmitters Markoni-DH Exciter+Amplifiers FM Transmitters Markoni-A Analogue Modulator FM Transmitters Firmware: 1.9.5...
Saflok - Key Derication Function Exploit
// Exploit Title: Saflok KDF // Date: 2023-10-29 // Exploit Author: a51199deefa2c2520cea24f746d899ce // Vendor Homepage: https://www.dormakaba.com/ // Version: System 6000 // Tested on: Dormakaba Saflok cards // CVE: N/A include include define MAGICTABLESIZE 192 define KEYLENGTH 6 define UIDLENGT...
Adlisting Classified Ads 2.14.0 - WebPage Content Information Disclosure
Exploit Title: Adlisting Classified Ads 2.14.0 - WebPage Content Information Disclosure Exploit Author: CraCkEr Date: 25/07/2023 Vendor: Templatecookie Vendor Homepage: https://templatecookie.com/ Software Link: https://templatecookie.com/demo/adlisting-classified-ads-script Version: 2.14.0 Teste...
copyparty v1.8.6 - Reflected Cross Site Scripting (XSS)
Exploit Title: copyparty v1.8.6 - Reflected Cross Site Scripting XSS Date: 23/07/2023 Exploit Author: Vartamtezidis Theodoros @TheHackyDog Vendor Homepage: https://github.com/9001/copyparty/ Software Link: https://github.com/9001/copyparty/releases/tag/v1.8.6 Version: =1.8.6 Tested on: Debian Lin...
Blackcat Cms v1.4 - Remote Code Execution (RCE)
Exploit Title: Blackcat Cms v1.4 - Remote Code Execution RCE Application: blackcat Cms Version: v1.4 Bugs: RCE Technology: PHP Vendor URL: https://blackcat-cms.org/ Software Link: https://github.com/BlackCatDevelopment/BlackCatCMS Date of found: 13.07.2023 Author: Mirabbas Ağalarov Tested on: Lin...
OpenEMR 5.0.1.3 - 'manage_site_files' Remote Code Execution (Authenticated)
Exploit Title: OpenEMR 5.0.1.3 - 'managesitefiles' Remote Code Execution Authenticated Date 12.06.2021 Exploit Author: Ron Jost Hacker5preme Vendor Homepage: https://www.open-emr.org/ Software Link: https://github.com/openemr/openemr/archive/refs/tags/v5013.zip Version: Prior to 5.0.1.4 Tested on...
OpenEMR 4.1.0 - 'u' SQL Injection
Exploit Title: OpenEMR 4.1.0 - 'u' SQL Injection Date: 2021-04-03 Exploit Author: Michael Ikua Vendor Homepage: https://www.open-emr.org/ Software Link: https://github.com/openemr/openemr/archive/refs/tags/v410.zip Version: 4.1.0 Original Advisory:...
Winpakpro 4.8 - 'GuardTourService' Unquoted Service Path
Exploit Title: Winpakpro 4.8 - 'GuardTourService' Unquoted Service Path Discovery by: Alan Mondragon Discovery Date: 2021-03-16 Vendor Homepage: https://www.security.honeywell.com/product-repository/winpak Software Links : https://www.security.honeywell.com/product-repository/winpak WinPackPro...
eBeam education suite 2.5.0.9 - 'eBeam Device Service' Unquoted Service Path
Exploit Title: eBeam education suite 2.5.0.9 - 'eBeam Device Service' Unquoted Service Path Discovery by: Luis Martinez Discovery Date: 2021-03-14 Vendor Homepage: https://www.luidia.com Tested Version: 2.5.0.9 Vulnerability Type: Unquoted Service Path Tested on OS: Windows 10 Pro x64 es Step to...
Online Marriage Registration System (OMRS) 1.0 - Remote code execution (3)
Exploit Title: Online Marriage Registration System OMRS 1.0 - Remote code execution 3 Date: 10/02/2021 Exploit Author: Ricardo Ruiz @ricardojoserf Vendor Homepage: https://phpgurukul.com/ Software Link: https://phpgurukul.com/online-marriage-registration-system-using-php-and-mysql/ Version: 1.0...
Hotel Management System 1.0 - Remote Code Execution (Authenticated)
Exploit Title: Hotel Management System 1.0 - Remote Code Execution Authenticated Google Dork: N/A Date: 2020-09-23 Exploit Author: Eren Şimşek Vendor Homepage: https://www.sourcecodester.com/php/14458/hotel-management-system-project-using-phpmysql.html Software Link:...
Sony Playstation 4 (PS4) < 7.02 / FreeBSD 9 / FreeBSD 12 - 'ip6_setpktopt' Kernel Local Privilege Escalation (PoC)
/ FreeBSD 12.0-RELEASE x64 Kernel Exploit Usage: $ clang -o exploit exploit.c -lpthread $ ./exploit / include include include include include include include include define KERNEL include undef KERNEL define WANTFILE include include include include include define WANTSOCKET include include define...
eWON Flexy - Authentication Bypass
!/usr/bin/env python ''' Exploit Title: eWON v13.0 Authentication Bypass Date: 2018-10-12 Exploit Author: Photubias – tijldotDeneutatHowestdotbe for www.ic4.be Vendor Advisory: 1 https://websupport.ewon.biz/support/news/support/ewon-security-enhancement-131s0-0 2...
Cisco UCS Director - default scpuser password (Metasploit)
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'net/ssh' require 'net/ssh/commandstream' class MetasploitModule "Cisco UCS Director default scpuser password", 'Description' = %q This module abuses a known...
Microsoft Font Subsetting - DLL Heap Corruption in ReadTableIntoStructure
-----===== Background =====----- The Microsoft Font Subsetting DLL fontsub.dll is a default Windows helper library for subsetting TTF fonts; i.e. converting fonts to their more compact versions based on the specific glyphs used in the document where the fonts are embedded. It is used by Windows G...
Linux Kernel 3.13.1 - 'Recvmmsg' Local Privilege Escalation (Metasploit)
This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require "msf/core" class MetasploitModule 'Linux Kernel 3.13.1 Recvmmsg Privilege Escalation', 'Description' = %q This module attempts to exploit CVE-2014-0038, by sendin...
Fortinet FortiOS, FortiProxy, and FortiSwitchManager 7.2.0 - Authentication bypass
Exploit Title: Fortinet FortiOS, FortiProxy, and FortiSwitchManager 7.2.0 - Authentication bypass Date: 2022-10-10 Exploit Author: Zach Hanley, SC Vendor Homepage: https://www.fortinet.com Version: 7.0.0 Tested on: Linux CVE : CVE-2022-40684 This module requires Metasploit:...
PopojiCMS Version 2.0.1 - Remote Command Execution
Exploit Title: PopojiCMS Version : 2.0.1 Remote Command Execution Date: 27/11/2023 Exploit Author: tmrswrr Vendor Homepage: https://www.popojicms.org/ Software Link: https://github.com/PopojiCMS/PopojiCMS/archive/refs/tags/v2.0.1.zip Version: Version : 2.0.1 Tested on:...
Webutler v3.2 - Remote Code Execution (RCE)
Exploit Title: Webutler v3.2 - Remote Code Execution RCE Application: webutler Cms Version: v3.2 Bugs: RCE Technology: PHP Vendor URL: https://webutler.de/en Software Link: http://webutler.de/download/webutlerv3.2.zip Date of found: 03.08.2023 Author: Mirabbas Ağalarov Tested on: Linux 2. Technic...
WooCommerce v7.1.0 - Remote Code Execution(RCE)
Title: Wordpress Plugin WooCommerce v7.1.0 - Remote Code ExecutionRCE Date: 2022-12-07 Author: Milad Karimi Vendor Homepage: https://wordpress.org/plugins/woocommerce Software Link: https://wordpress.org/plugins/woocommerce Tested on: windows 10 , firefox Version: 7.1.0 CVE : N/A Description:...
Dr. Fone 4.0.8 - 'net_updater32.exe' Unquoted Service Path
Exploit Title: Dr. Fone v4.0.8- 'netupdater32.exe' Unquoted Service Path Discovery Date: 2022-05-07 Discovery by: Esant1490 Vendor Homepage: https://drfone.wondershare.net Software Link : https://download.wondershare.net/drfonefull4008.exe Tested Version: 4.0.8 Tested on OS: Windows 10 Pro x64 en...
Atlassian Confluence 7.12.2 - Pre-Authorization Arbitrary File Read
Exploit Title: Atlassian Confluence 7.12.2 - Pre-Authorization Arbitrary File Read Date: 2021-10-05 Exploit Author: Mayank Deshmukh Vendor Homepage: https://www.atlassian.com/ Software Link: https://www.atlassian.com/software/confluence/download-archives Version: version 7.4.10 and 7.5.0 ≤ versio...
Simple College Website 1.0 - 'page' Local File Inclusion
Exploit Title: Simple College Website 1.0 - 'page' Local File Inclusion Date: 30-10-2020 Exploit Author: mosaaed Vendor Homepage: https://www.sourcecodester.com/php/14548/simple-college-website-using-htmlphpmysqli-source-code.html Software Link:...
Nagios XI 5.7.3 - 'Manage Users' Authenticated SQL Injection
Exploit Title: Nagios XI 5.7.3 - 'Manage Users' Authenticated SQL Injection Date: 10-18-2020 Exploit Author: Matthew Aberegg Vendor Homepage: https://www.nagios.com/products/nagios-xi/ Vendor Changelog: https://www.nagios.com/downloads/nagios-xi/change-log/ Software Link:...
SMPlayer 19.5.0 - Denial of Service (PoC)
Title : SMPlayer 19.5.0 - Denial of Service PoC Tested on : Windows 7 64 bit Vulnerable Software: SMPlayer v 19.5.0 Exploit Author: Malav Vyas Vendor Homepage: https://smplayer.info Version : 19.5.0 Software Link : https://smplayer.info/en/downloads POC run this python file, which will generate...
Restaurant Management System 1.0 - Remote Code Execution
Exploit Title: Restaurant Management System 1.0 - Remote Code Execution Date: 2019-10-16 Exploit Author: Ibad Shah Vendor Homepage: https://www.sourcecodester.com/users/lewa Software Link: https://www.sourcecodester.com/php/11815/restaurant-management-system.html Version: N/A Tested on: Apache...
Microsoft Windows Kernel - win32k.sys TTF Font Processing Pool Corruption in win32k!ulClearTypeFilter
We have encountered a Windows kernel crash in the win32k.sys driver while processing a corrupted TTF font file. An example crash log excerpt generated after triggering the bug is shown below: --- cut --- Fatal System Error: 0x00000050...
SPIP - 'connect' PHP Injection (Metasploit)
This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' class Metasploit3 'SPIP connect Parameter PHP Injection'...
ABB Cylon Aspect Studio 3.08.03 - Binary Planting
Exploit Title: ABB Cylon Aspect Studio 3.08.03 - Binary Planting Vendor: ABB Ltd. Product web page: https://www.global.abb Affected version: type project P R O J E C T .| | | |'| . | | |. |' .---"| .-' '-. | | .--'| || | | | .-'| .| | || '- | | | || | |' | |. | || | | | | || | | '-' ' "" '-' '-.'...
Smart Manager 8.27.0 - Post-Authenticated SQL Injection
Exploit Title: Smart Manager 8.27.0 - Post-Authenticated SQL Injection Date: 2024-01-18 Exploit Author: Ivan Spiridonov - xbz0n Vendor Homepage: https://www.storeapps.org/ Software Link: https://www.storeapps.org/product/smart-manager/ Version: 8.27.0 Tested on: Ubuntu 22.04 CVE: CVE-2024-0566 SQ...
Extensive VC Addons for WPBakery page builder 1.9.0 - Remote Code Execution (RCE)
Exploit Title: Extensive VC Addons for WPBakery page builder 1.9.1 - Unauthenticated RCE Date: 12 march 2025 Exploit Author: Ravina Vendor Homepage: wprealize Version: 1.9.1 Tested on: windows, linux CVE ID : CVE-2023-0159 Vulnerability Type: Remote Code Execution...
Purei CMS 1.0 - SQL Injection
Exploit Title: Purei CMS 1.0 - SQL Injection Date: 27-03-2024 Exploit Author: Number 7 Vendor Homepage: purei.com Version: 1.0 Tested on: Linux Introduction: An SQL injection vulnerability permits attackers to modify backend SQL statements through manipulation of user input. Such an injection...
SolarView Compact 6.00 - Command Injection
Exploit Title: SolarView Compact 6.00 - Command Injection - Shodan Dork: http.html:"solarview compact" - Exploit Author: ByteHunter - Email: [email protected] - Version: 6.00 - Tested on: 6.00 - CVE : CVE-2023-23333 import argparse import requests def vulncheckipaddress, port: url =...
Zoo Management System 1.0 - Unauthenticated RCE
Exploit Title: Zoo Management System 1.0 - Unauthenticated RCE Date: 16.10.2023 Exploit Author: Çağatay Ceyhan Vendor Homepage: https://www.sourcecodester.com/php/15347/zoo-management-system-source-code-php-mysql-database.htmlgooglevignette Software Link:...
Servisnet Tessa - Add sysAdmin User (Unauthenticated) (Metasploit)
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Servisnet Tessa - Add sysAdmin User Unauthenticated Metasploit', 'Description' = %q This module exploits an authentication bypass in Servisnet...
Cypress Solutions CTM-200/CTM-ONE - Hard-coded Credentials Remote Root (Telnet/SSH)
Exploit Title: Cypress Solutions CTM-200/CTM-ONE - Hard-coded Credentials Remote Root Telnet/SSH Date: 21.09.2021 Exploit Author: LiquidWorm Vendor Homepage: https://www.cypress.bc.ca !/usr/bin/env python3 Cypress Solutions CTM-200/CTM-ONE Hard-coded Credentials Remote Root Telnet/SSH Vendor:...
Church Management System 1.0 - 'Multiple' Stored Cross-Site Scripting (XSS)
Exploit Title: Church Management System 1.0 - 'Multiple' Stored Cross-Site Scripting XSS Date: 07/03/2021 Exploit Author: Murat DEMIRCI @butterflyhunt3r Vendor Homepage: https://www.sourcecodester.com Software Link: https://www.sourcecodester.com/php/11206/church-management-system.html Version: 1...
Brother BRPrint Auditor - 'Multiple' Unquoted Service Path
Exploit Title: Brother BRPrint Auditor 3.0.7 - 'Multiple' Unquoted Service Path Discovery by: Brian Rodriguez Date: 14-06-2021 Vendor Homepage: https://support.brother.com/ Software Links:...
SAPSetup Automatic Workstation Update Service 750 - 'NWSAPAutoWorkstationUpdateSvc' Unquoted Service Path
Exploit Title: SAPSetup Automatic Workstation Update Service 750 - 'NWSAPAutoWorkstationUpdateSvc' Unquoted Service Path Discovery by: Alan Mondragon Discovery Date: 2021-03-16 Vendor Homepage: https://help.sap.com/ Software Links : https://help.sap.com/ SAP Tested Version: 750 Final Release...
Online Marriage Registration System 1.0 - 'searchdata' SQL Injection
Exploit Title: Online Marriage Registration System 1.0 - 'searchdata' SQL Injection Date: 12-21-2020 Exploit Authors: Andrea Bruschi, Raffaele Sabato Vendor: Phpgurukul Product Web Page: https://phpgurukul.com/online-marriage-registration-system-using-php-and-mysql/ Version: 1.0 CVE: CVE-2020-351...
ElkarBackup 1.3.3 - Persistent Cross-Site Scripting
Exploit Title: ElkarBackup 1.3.3 - Persistent Cross-Site Scripting Date: 2020-08-14 Exploit Author: Enes Özeser Vendor Homepage: https://www.elkarbackup.org/ Version: 1.3.3 Tested on: Linux 1- Go to following url. http://HOST/elkarbackup/login 2- Default username and password is root:root. We mus...
Online Course Registration 2.0 - Remote Code Execution
Exploit Title: Online Course Registration 2.0 - Remote Code Execution Exploit Author: Metin Yunus Kandemir Vendor Homepage: https://phpgurukul.com/ Software Link: https://phpgurukul.com/online-course-registration-free-download/ Version: v2.0 Category: Webapps Tested on: Xampp for Windows...
PHPMyManga 0.8.1 - 'template.php' Multiple File Inclusions
+------------------------------------------------------------------------------------------- + PhpMyManga +------------------------------------------------------------------------------------------- + Details: + Input passed to the 'actionsPage' or 'formPage' parameter in template.php is not...