Employee Management System 1.0 - Cross Site Scripting (Stored)

Exploit Title: Employee Management System 1.0 - Stored Cross Site Scripting Date: 2020-10-16 Exploit Author: Ankita Pal Vendor Homepage: https://www.sourcecodester.com/php/14432/employee-management-system-using-php.html Software Link:...

phpIPAM 1.4 - SQL Injection

!/usr/bin/env python3 Exploit Title: phpIPAM Custom Field Filter SQL Injection Exploit Announcement Date: September 16, 2019 5:18 AM Exploit Creation Date: September 27, 2019 Exploit Author: Kevin Kirsche Vendor Homepage: https://phpipam.net Software Link:...

Microsoft Windows 7 SP1 (x86) - Local Privilege Escalation (MS16-014)

/ Exploit Title: Elevation of privilege on Windows 7 SP1 x86 Date: 28/06-2016 Exploit Author: @blomster81 Vendor Homepage: www.microsoft.com Version: Windows 7 SP1 x86 Tested on: Windows 7 SP1 x86 CVE : 2016-0400 MS16-014 EoP PoC created from...

Magento eCommerce - Remote Code Execution

Exploit Title : Magento Shoplift exploit SUPEE-5344 Author : Manish Kishan Tanwar AKA error1046 Date : 25/08/2015 Love to : zero cool,Team indishell,Mannu,Viki,Hardeep Singh,Jagriti,Kishan Singh and ritu rathi Debugged At : Indishell Laboriginally developed by joren //////////////////////// ///...

Samba < 3.6.2 (x86) - Denial of Service (PoC)

!/usr/bin/python """ Exploit for Samba vulnerabilty CVE-2015-0240 by sleepya The exploit only targets vulnerable x86 smbd 3.6.24 which 'creds' is controlled by ReferentID field of PrimaryName ServerName. That means 'talloczero' in libtalloc does not write a value on 'creds' address. Reference: -...

CrushFTP 11.3.1 - Authentication Bypass

Exploit Title: CrushFTP 11.3.1 - Authentication Bypass Date: 2025-05-15 Exploit Author: @İbrahimsql Exploit Author's github: https://github.com/ibrahimsql Vendor Homepage: https://www.crushftp.com Software Link: https://www.crushftp.com/download.html Version: =2.28.1 , colorama=0.4.6 ,...

Ruckus IoT Controller 1.7.1.0 - Undocumented Backdoor Account

Exploit Title: CommScope Ruckus IoT Controller 1.7.1.0 - Undocumented Account Date: 2021.05.26 Exploit Author: korelogic Vendor Homepage: https://www.commscope.com/globalassets/digizuite/917216-faq-security-advisory-id-20210525-v1-0.pdf Affected Product: Ruckus IoT Controller Version: 1.7.1.0 and...

phpIPAM 1.6 - Reflected Cross Site Scripting (XSS)

Exploit Title: phpIPAM 1.6 - Reflected Cross Site Scripting XSS Date: 2024-10-26 Exploit Author: CodeSecLab Vendor Homepage: https://github.com/phpipam/phpipam Software Link: https://github.com/phpipam/phpipam Version: 1.5.1 Tested on: Ubuntu Windows CVE : CVE-2023-24657 PoC:...

WBCE CMS Version 1.6.1 - Remote Command Execution (Authenticated)

Exploit Title: WBCE CMS Version : 1.6.1 Remote Command Execution Date: 30/11/2023 Exploit Author: tmrswrr Vendor Homepage: https://wbce-cms.org/ Software Link: https://github.com/WBCE/WBCECMS/archive/refs/tags/1.6.1.zip Version: 1.6.1 Tested on: https://www.softaculous.com/apps/cms/WBCECMS POC: 1...

Taskhub CRM Tool 2.8.6 - SQL Injection

Exploit Title: Taskhub CRM Tool 2.8.6 - SQL Injection Date: 2023-08-12 Exploit Author: Ahmet Ümit BAYRAM Vendor: https://codecanyon.net/item/taskhub-project-management-finance-crm-tool/25685874 Tested on: Kali Linux & MacOS CVE: N/A Request GET /projects?filter=notstarted HTTP/1.1 Host: localhost...

revive-adserver v5.4.1 - Cross-Site Scripting (XSS)

Exploit Title: revive-adserver v5.4.1 - Cross-Site Scripting XSS Application: revive-adserver Version: 5.4.1 Bugs: XSS Technology: PHP Vendor URL: https://www.revive-adserver.com/ Software Link: https://www.revive-adserver.com/download/ Date of found: 31-03-2023 Author: Mirabbas Ağalarov Tested o...

Auto Dealer Management System v1.0 - SQL Injection

Exploit Title: Auto Dealer Management System v1.0 - SQL Injection Author Name: Muhammad Navaid Zafar Ansari Date: 18 February 2023 CVE Assigned: CVE-2023-0912 mitre.org nvd.nist.org Vendor Homepage: https://www.sourcecodester.com Software Link: Auto Dealer Management System Version: v 1.0 Tested...

OpenBMCS 2.4 - Server Side Request Forgery (SSRF) (Unauthenticated)

Exploit Title: OpenBMCS 2.4 - Server Side Request Forgery SSRF Unauthenticated Exploit Author: LiquidWorm Date: 26/10/2021 OpenBMCS 2.4 Unauthenticated SSRF / RFI Vendor: OPEN BMCS Product web page: https://www.openbmcs.com Affected version: 2.4 Summary: Building Management & Controls System BMCS...

Young Entrepreneur E-Negosyo System 1.0 - SQL Injection Authentication Bypass

Exploit Title: Young Entrepreneur E-Negosyo System 1.0 - SQL Injection Authentication Bypass Date: 2021-10-02 Exploit Author: Jordan Glover Vendor Homepage: https://www.sourcecodester.com/php/12684/young-entrepreneur-e-negosyo-system.html Software Link:...

IPFire 2.25 - Remote Code Execution (Authenticated)

Exploit Title: IPFire 2.25 - Remote Code Execution Authenticated Date: 15/05/2021 Exploit Author: Mücahit Saratar Vendor Homepage: https://www.ipfire.org/ Software Link: https://downloads.ipfire.org/releases/ipfire-2.x/2.25-core156/ipfire-2.25.x8664-full-core156.iso Version: 2.25 - core update 15...

dataSIMS Avionics ARINC 664-1 - Local Buffer Overflow (PoC)

Exploit Title: dataSIMS Avionics ARINC 664-1 - Local Buffer Overflow PoC Exploit Author: Kağan Çapar Date: 2020-02-17 Vendor Homepage: https://www.ddc-web.com/ Software Link: https://www.ddc-web.com/en/connectivity/databus/milstd1553-1/software-1/bu-69414?partNumber=BU-69414 Version: 4.5.3 Tested...

Microsoft Windows mshta.exe 2019 - XML External Entity Injection

Exploit Title: Microsoft Windows mshta.exe 2019 - XML External Entity Injection Date: 2020-07-07 Exploit Author: hyp3rlinx Vendor homepage: https://www.microsofft.com/ CVE: N/A + Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source:...

CuteNews 2.0.3 - Arbitrary File Upload

CuteNews 2.0.3 Remote File Upload Vulnerability ================================================= 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0...

Bluemoon inc. PopnupBlog 3.30 - 'index.php' Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/30827/info Bluemoon inc. PopnupBlog is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecti...

WordPress Core 6.2 - Directory Traversal

Exploit Title: WordPress Core 6.2 - Directory Traversal Date: 2025-04-16 Exploit Author: Milad Karimi Ex3ptionaL Contact: [email protected] Zone-H: www.zone-h.org/archive/notifier=Ex3ptionaL Version: = 6.2 Tested on: Win, Ubuntu CVE : CVE-2023-2745 import requests from colorama import init,...

Monstra CMS 3.0.4 - Remote Code Execution (RCE)

Exploit Title: Monstra CMS 3.0.4 - Remote Code Execution RCE Date: 05.05.2024 Exploit Author: Ahmet Ümit BAYRAM Vendor Homepage: https://monstra.org/ Software Link: https://monstra.org/monstra-3.0.4.zip Version: 3.0.4 Tested on: MacOS import requests import random import string import time import...

TitanNit Web Control 2.01 / Atemio 7600 - Root Remote Code Execution

!/usr/bin/env python -- coding: utf-8 -- TitanNit Web Control 2.01 / Atemio 7600 Root Remote Code Execution Vendor: AAF Digital HD Forum | Atelmo GmbH Product web page: http://www.aaf-digital.info | https://www.atemio.de Affected version: Firmware =2.01 Summary: The Atemio AM 520 HD Full HD...

TEM Opera Plus FM Family Transmitter 35.45 - XSRF

CSRF Change Forward Power: ------------------------- input type="submit" val...

Typora v1.7.4 - OS Command Injection

Exploit Title: Typora v1.7.4 - OS Command Injection Discovered by: Ahmet Ümit BAYRAM Discovered Date: 13.09.2023 Vendor Homepage: http://www.typora.io Software Link: https://download.typora.io/windows/typora-setup-ia32.exe Tested Version: v1.7.4 latest Tested on: Windows 2019 Server 64bit Steps t...

Aures Booking & POS Terminal - Local Privilege Escalation

Exploit Title: Aures Booking & POS Terminal - Local Privilege Escalation References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2323 Release Date: ============= 2023-07-17 Vulnerability Laboratory ID VL-ID: ==================================== 2323 Common...

TP-Link TL-WR740N - Authenticated Directory Transversal

Exploit Title: TP-Link TL-WR740N - Authenticated Directory Transversal Date: 13/7/2023 Exploit Author: Anish Feroz Zeroxinn Vendor Homepage: http://www.tp-link.com Version: TP-Link TL-WR740n 3.12.11 Build 110915 Rel.40896n Tested on: TP-Link TL-WR740N...

Bludit < 3.13.1 Backup Plugin - Arbitrary File Download (Authenticated)

-- coding: utf-8 -- /usr/bin/env python Exploit Title: Bludit 3.13.1 Backup Plugin - Arbitrary File Download Authenticated Date: 2022-07-21 Exploit Author: Antonio Cuomo arkantolo Vendor Homepage: https://www.bludit.com Software Link: https://github.com/bludit/bludit Version: 3.13.1 Tested on:...

Church Management System 1.0 - 'search' SQL Injection (Unauthenticated)

Exploit Title: Church Management System 1.0 - 'search' SQL Injection Unauthenticated Exploit Author: Erwin Krazek Nero Date: 17/09/2021 Vendor Homepage: https://www.sourcecodester.com/php/14949/church-management-system-cms-website-using-php-source-code.html Software Link:...

Simple CRM 3.0 - 'name' Stored Cross site scripting (XSS)

Exploit Title: Simple CRM 3.0 - 'name' Stored Cross site scripting XSS Date: 20/06/2021 Exploit Author: Riadh Benlamine rbn0x00 Vendor Homepage: https://phpgurukul.com/ Software Link: https://phpgurukul.com/small-crm-php/ Version: 3.0 Category: Webapps Tested on: Apache2+MariaDB latest version...

Cotonti Siena 0.9.19 - 'maintitle' Stored Cross-Site Scripting

Exploit Title: Cotonti Siena 0.9.19 - 'maintitle' Stored Cross-Site Scripting Date: 2021-15-06 Exploit Author: Fatih İLGİN Vendor Homepage: cotonti.com Vulnerable Software: https://www.cotonti.com/download/siena0919 Affected Version: 0.9.19 Tested on: Windows 10 Vulnerable Parameter Type: POST...

FOGProject 1.5.9 - File Upload RCE (Authenticated)

Exploit Title: FOGProject 1.5.9 - File Upload RCE Authenticated Date: 2021-04-28 Exploit Author: [email protected] Vendor Homepage: https://fogproject.org Software Link: https://github.com/FOGProject/fogproject/archive/1.5.9.zip Tested on: Debian 10 On the Attacker Machine: 1 Create an empty 10Mb...

Comment System 1.0 - 'multiple' Stored Cross-Site Scripting

Exploit Title: Comment System 1.0 - 'multiple' Stored Cross-Site Scripting Date: 2021-02-18 Exploit Author: Pintu Solanki Vendor Homepage: https://www.sourcecodester.com/ Software Link: https://www.sourcecodester.com/php/14713/comment-system-phpmysqli-full-source-code.html Software: : Comment...

Flexmonster Pivot Table & Charts 2.7.17 - 'Remote Report' Reflected XSS

Exploit Title: Flexmonster Pivot Table & Charts 2.7.17 - 'Remote Report' Reflected XSS Date: 08/01/2020 Exploit Author: Marco Nappi Vendor Homepage: https://www.flexmonster.com/ Version:Flexmonster Pivot Table & Charts 2.7.17 Tested on:Flexmonster Pivot Table & Charts 2.7.17 CVE : CVE-2020-20140...

OCS Inventory NG 2.7 - Remote Code Execution

Exploit Title: OCS Inventory NG 2.7 - Remote Code Execution Date: 2020-06-05 Exploit Author: Askar @mohammadaskar2 CVE: CVE-2020-14947 Vendor Homepage: https://ocsinventory-ng.org/ Version: v2.7 Tested on: Ubuntu 18.04 / PHP 7.2.24 !/usr/bin/python3 import requests import sys import warnings impo...

Ethernet Device Drivers Frame Padding - 'Etherleak' Infomation Leakage

!/usr/bin/perl -w etherleak, code that has been 5 years coming. On 04/27/2002, I disclosed on the Linux Kernel Mailing list, a vulnerability that would be come known as the 'etherleak' bug. In various situations an ethernet frame must be padded to reach a specific size or fall on a certain...

VP-ASP Shopping Cart - 'Shopadmin.asp' HTML Injection

source: https://www.securityfocus.com/bid/15490/info VP-ASP Shopping Cart is prone to an HTML injection vulnerability. This is due to a lack of proper validation of user-supplied input before being used in dynamically generated content. Attacker-supplied HTML and script code would be executed in...

ABB Cylon Aspect 3.08.02 - Cookie User Password Disclosure

ABB Cylon Aspect 3.08.02 - Cookie User Password Disclosure Vendor: ABB Ltd. Product web page: https://www.global.abb Affected version: NEXUS Series, MATRIX-2 Series, ASPECT-Enterprise, ASPECT-Studio Firmware: =3.08.02 Summary: ASPECT is an award-winning scalable building energy management and...

Backdrop CMS 1.23.0 - Stored XSS

Exploit Title: Backdrop CMS 1.23.0 - Stored Cross-Site Scripting - Post Body Field Date: 2023-08-21 Exploit Author: Sinem Şahin Vendor Homepage: https://backdropcms.org/ Version: 1.23.0 Tested on: Windows & XAMPP == Tutorial http://HOST/backdrop/node/add/post 2- Write your xss payload in the body...

dawa-pharma 1.0-2022 - Multiple-SQLi

Title: dawa-pharma-1.0-2022 Multiple-SQLi Author: nu11secur1ty Date: 10/12/2023 Vendor: https://www.mayurik.com/ Software: https://www.mayurik.com/source-code/P0349/best-pharmacy-billing-software-free-download Reference: https://portswigger.net/web-security/sql-injection Description: The email...

TSplus 16.0.0.0 - Remote Work Insecure Files and Folders

Exploit Title: TSplus 16.0.0.0 - Remote Work Insecure Files and Folders Permissions Date: 2023-08-09 Exploit Author: Carlo Di Dato for Deloitte Risk Advisory Italia Vendor Homepage: https://tsplus.net/ Version: Up to 16.0.0.0 Tested on: Windows CVE : CVE-2023-31068 With TSPlus Remote Work v...

Inbit Messenger v4.9.0 - Unauthenticated Remote Command Execution (RCE)

Exploit Title: Inbit Messenger v4.9.0 - Unauthenticated Remote Command Execution RCE Date: 11/08/2022 Exploit Author: a-rey Vendor Homepage: http://www.inbit.com/support.html Software Link: http://www.softsea.com/review/Inbit-Messenger-Basic-Edition.html Version: v4.6.0 - v4.9.0 Tested on: Window...

Cyclos 4.14.7 - 'groupId' DOM Based Cross-Site Scripting (XSS)

Exploit Title: Cyclos 4.14.7 - 'groupId' DOM Based Cross-Site Scripting XSS Date: 17/04/2021 Exploit Author: Tin Pham aka TF1T of VietSunshine Cyber Security Services Vendor Homepage: https://www.cyclos.org/ Version: Cyclos 4.14.7 and prior Tested on: Ubuntu CVE : CVE-2021-31673 Description: A...

ICT Protege GX/WX 2.08 - Stored Cross-Site Scripting (XSS)

Exploit Title: ICT Protege GX/WX 2.08 - Stored Cross-Site Scripting XSS Exploit Author: LiquidWorm Vendor: Integrated Control Technology Ltd. Product web page: https://www.ict.co Affected version: GX: Ver: 2.08.1002 K1B3 Lib: 04.00.217 Int: 2.3.235.J013 OS: 2.0.20 WX: Ver: 4.00 284 H062 App:...

WordPress Plugin Jetpack 9.1 - Cross Site Scripting (XSS)

Exploit Title: WordPress Plugin Jetpack 9.1 - Cross Site Scripting XSS Date: 2022-02-07 Author: Milad karimi Software Link: https://wordpress.org/plugins/jetpack Version: 9.1 Tested on: Windows 11 CVE: N/A 1. Description: This plugin creates a Jetpack from any post types. The slider import search...

Cain & Abel 4.9.56 - Unquoted Service Path

Exploit Title: Cain & Abel 4.9.56 - Unquoted Service Path Exploit Author: Aryan Chehreghani Date: 2022-02-08 Software Link: https://www.malavida.com/en/soft/cain-and-abel Version: 4.9.56 Tested on: Windows 10 x64 PoC SERVICENAME: Abel TYPE : 110 WIN32OWNPROCESS interactive STARTTYPE : 2 AUTOSTART...

Hospitals Patient Records Management System 1.0 - Account TakeOver

Exploit Title: Hospitals Patient Records Management System 1.0 - Account TakeOver Date: 30/12/2021 Exploit Author: twseptian Vendor Homepage: https://www.sourcecodester.com/php/15116/hospitals-patient-records-management-system-php-free-source-code.html Software Link:...

RiteCMS 3.1.0 - Arbitrary File Deletion (Authenticated)

Exploit Title: RiteCMS 3.1.0 - Arbitrary File Deletion Authenticated Date: 25/07/2021 Exploit Author: faisalfs10x https://github.com/faisalfs10x Vendor Homepage: https://ritecms.com/ Software Link: https://github.com/handylulu/RiteCMS/releases/download/V3.1.0/ritecms.v3.1.0.zip Version: = 3.1.0...

ECOA Building Automation System - 'multiple' Cross-Site Request Forgery (CSRF)

Exploit Title: ECOA Building Automation System - 'multiple' Cross-Site Request Forgery CSRF Date: 25.06.2021 Exploit Author: Neurogenesia Vendor Homepage: http://www.ecoa.com.tw ECOA Building Automation System Cross-Site Request Forgery Vendor: ECOA Technologies Corp. Product web page:...

WordPress Plugin Plainview Activity Monitor 20161228 - Remote Code Execution (RCE) (Authenticated) (2)

Exploit Title: WordPress Plugin Plainview Activity Monitor 20161228 - Remote Code Execution RCE Authenticated 2 Date: 07.07.2021 Exploit Author: Beren Kuday GORUN Vendor Homepage: https://wordpress.org/plugins/plainview-activity-monitor/ Software Link:...

Alt-N MDaemon webmail 20.0.0 - 'file name' Stored Cross Site Scripting (XSS)

Exploit Title: Alt-N MDaemon webmail 20.0.0 - 'file name' Stored Cross Site Scripting XSS Date: 2020-08-25 Exploit Author: Kailash Bohara Vendor Homepage: https://www.altn.com/ Version: Mdaemon webmail .jpg 2. Go to New mail, select recipient and the select attachment. Code gets executed as right...