47904 matches found
Winpakpro 4.8 - 'ScheduleService' Unquoted Service Path
Exploit Title: Winpakpro 4.8 - 'ScheduleService' Unquoted Service Path Discovery by: Alan Mondragon Discovery Date: 2021-03-16 Vendor Homepage: https://www.security.honeywell.com/product-repository/winpak Software Links : https://www.security.honeywell.com/product-repository/winpak WinPackPro...
Wordpress Epsilon Framework Multiple Themes - Unauthenticated Function Injection
Exploit Title: Wordpress Epsilon Framework Multiple Themes - Unauthenticated Function Injection Date: 22/12/2020 Exploit Authors: gx1 lotar Vendor Homepage: https://wordpress.com/ Software Link: https://github.com/WordPress/WordPress Affected Themes: shapely - Fixed in version 1.2.9 newsmag - Fix...
Genexus Protection Server 9.6.4.2 - 'protsrvservice' Unquoted Service Path
Exploit Title: Genexus Protection Server 9.6.4.2 - 'protsrvservice' Unquoted Service Path Service Path Exploit Author : SamAlucard Exploit Date: 2020-11-08 Vendor : Genexus Version : Genexus Protection Server 9.6.4.2 Software Link: https://www.genexus.com/en/developers/downloadcenter?data=;; Vend...
Victor CMS 1.0 - 'Search' SQL Injection
Exploit Title: Victor CMS 1.0 - 'Search' SQL Injection Date: 2020-08-04 Exploit Author: Edo Maland Vendor Homepage: https://github.com/VictorAlagwu/CMSsite Software Link: https://github.com/VictorAlagwu/CMSsite/archive/master.zip Version: 1.0 Tested on: XAMPP / Windows 10...
Microsoft Windows mshta.exe 2019 - XML External Entity Injection
Exploit Title: Microsoft Windows mshta.exe 2019 - XML External Entity Injection Date: 2020-07-07 Exploit Author: hyp3rlinx Vendor homepage: https://www.microsofft.com/ CVE: N/A + Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source:...
phpIPAM 1.4 - SQL Injection
!/usr/bin/env python3 Exploit Title: phpIPAM Custom Field Filter SQL Injection Exploit Announcement Date: September 16, 2019 5:18 AM Exploit Creation Date: September 27, 2019 Exploit Author: Kevin Kirsche Vendor Homepage: https://phpipam.net Software Link:...
LanSpy 2.0.1.159 - Buffer Overflow (SEH) (Egghunter)
Exploit Title: LanSpy 2.0.1.159 - Local Buffer Overflow SEH Egghunter Exploit Author: bzyo Date: 12-19-18 Twitter: @bzyo Vulnerable Software: LanSpy 2.0.1.159 Vendor Homepage: https://lizardsystems.com Version: 2.0.1.159 Software Link 1:...
Samba < 3.6.2 (x86) - Denial of Service (PoC)
!/usr/bin/python """ Exploit for Samba vulnerabilty CVE-2015-0240 by sleepya The exploit only targets vulnerable x86 smbd 3.6.24 which 'creds' is controlled by ReferentID field of PrimaryName ServerName. That means 'talloczero' in libtalloc does not write a value on 'creds' address. Reference: -...
phpMyAdmin - '/scripts/setup.php' PHP Code Injection
!/bin/bash CVE-2009-1151: phpMyAdmin '/scripts/setup.php' PHP Code Injection RCE PoC v0.11 by pagvac gnucitizen.org, 4th June 2009. special thanks to Greg Ose labs.neohapsis.com for discovering such a cool vuln, and to str0ke milw0rm.com for testing this PoC script and providing feedback! PoC...
InfluxDB OSS 2.7.11 - Operator Token Privilege Escalation
Exploit Title: InfluxDB OSS Operator Privilege Escalation via BusinessLogic Flaw Date: 22/03/2024 Exploit Author: Andrea Pasin Xenom0rph97 Researcher Homepage: https://xenom0rph97.github.io/xeno/ GitHub Exploit repo: https://github.com/XenoM0rph97/CVE-2024-30896 Software Link:...
Inbit Messenger v4.9.0 - Unauthenticated Remote Command Execution (RCE)
Exploit Title: Inbit Messenger v4.9.0 - Unauthenticated Remote Command Execution RCE Date: 11/08/2022 Exploit Author: a-rey Vendor Homepage: http://www.inbit.com/support.html Software Link: http://www.softsea.com/review/Inbit-Messenger-Basic-Edition.html Version: v4.6.0 - v4.9.0 Tested on: Window...
Chamilo LMS 1.11.14 - Account Takeover
Exploit Title: Chamilo LMS 1.11.14 - Account Takeover Date: July 21 2021 Exploit Author: sirpedrotavares Vendor Homepage: https://chamilo.org Software Link: https://chamilo.org Version: Chamilo-lms-1.11.x Tested on: Chamilo-lms-1.11.x CVE: CVE-2021-37391 Publication:...
CMSuno 1.7 - 'tgo' Stored Cross-Site Scripting (XSS) (Authenticated)
Exploit Title: CMSuno 1.7 - 'tgo' Stored Cross-Site Scripting XSS Authenticated Date: 03-08-2021 Exploit Author: splint3rsec Vendor Homepage: https://github.com/boiteasite Software Link: https://github.com/boiteasite/cmsuno Affected Versions: CMSuno 1.7 and prior CVE : CVE-2021-36654 CMSuno versi...
ICE Hrm 29.0.0.OS - 'xml upload' Stored Cross-Site Scripting (XSS)
Exploit Title: ICE Hrm 29.0.0.OS - 'xml upload' Stored Cross-Site Scripting XSS Exploit Author: Piyush Patil & Rafal Lykowski Vendor Homepage: https://icehrm.com/ Version: 29.0.0.OS Tested on: Windows 10 and Kali Description The file upload feature in ICE Hrm Version 29.0.0.OS allows remote...
Oracle Siebel Sales 8.1 - Persistent Cross-Site Scripting
Exploit Title : Oracle Siebel Sales 8.1 - Persistent Cross-Site Scripting Exploit Author : omurugur Software link: https://www.oracle.com/tr/applications/siebel/ Effective version : Oracle Siebel Sales 8.1 CVE: N/A Examples Request; POST /salesADMINtrk/start.swe HTTP/1.1 Content-Type:...
snapd < 2.37 (Ubuntu) - 'dirty_sock' Local Privilege Escalation (1)
!/usr/bin/env python3 """ dirtysock: Privilege Escalation in Ubuntu via snapd In January 2019, current versions of Ubuntu Linux were found to be vulnerable to local privilege escalation due to a bug in the snapd API. This repository contains the original exploit POC, which is being made available...
DZCP (deV!L`z Clanportal) 1.3.6 - 'Show' SQL Injection
source: https://www.securityfocus.com/bid/21391/info deV!Lz Clanportal is prone to an SQL-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in an SQL query. A successful exploit could allow an attacker to compromise the application,...
Sudo 1.9.17 Host Option - Elevation of Privilege
Exploit Title: Sudo 1.9.17 Host Option - Elevation of Privilege Date: 2025-06-30 Exploit Author: Rich Mirch Vendor Homepage: https://www.sudo.ws Software Link: https://www.sudo.ws/dist/sudo-1.9.17.tar.gz Version: Stable 1.9.0 - 1.9.17, Legacy 1.8.8 - 1.8.32 Fixed in: 1.9.17p1 Vendor Advisory:...
MoziloCMS 3.0 - Remote Code Execution (RCE)
Exploit Title: MoziloCMS 3.0 - Remote Code Execution RCE Date: 10/09/2024 Exploit Author: Secfortress https://github.com/sec-fortress Vendor Homepage: https://mozilo.de/ Software Link: https://github.com/moziloDasEinsteigerCMS/mozilo3.0/archive/refs/tags/3.0.1.zip Version: 3.0 Tested on: Debian...
Backdrop CMS 1.23.0 - Stored XSS
Exploit Title: Backdrop CMS 1.23.0 - Stored Cross-Site Scripting - Post Body Field Date: 2023-08-21 Exploit Author: Sinem Şahin Vendor Homepage: https://backdropcms.org/ Version: 1.23.0 Tested on: Windows & XAMPP == Tutorial http://HOST/backdrop/node/add/post 2- Write your xss payload in the body...
TitanNit Web Control 2.01 / Atemio 7600 - Root Remote Code Execution
!/usr/bin/env python -- coding: utf-8 -- TitanNit Web Control 2.01 / Atemio 7600 Root Remote Code Execution Vendor: AAF Digital HD Forum | Atelmo GmbH Product web page: http://www.aaf-digital.info | https://www.atemio.de Affected version: Firmware =2.01 Summary: The Atemio AM 520 HD Full HD...
Windows PowerShell - Event Log Bypass Single Quote Code Execution
Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/WINDOWSPOWERSHELLSINGLEQUOTECODEEXECEVENTLOGBYPASS.txt + twitter.com/hyp3rlinx + ISR: ApparitionSec Vendor www.microsoft.com Product Microsoft Windows PowerShell Built on the...
TEM Opera Plus FM Family Transmitter 35.45 - XSRF
CSRF Change Forward Power: ------------------------- input type="submit" val...
Bludit < 3.13.1 Backup Plugin - Arbitrary File Download (Authenticated)
-- coding: utf-8 -- /usr/bin/env python Exploit Title: Bludit 3.13.1 Backup Plugin - Arbitrary File Download Authenticated Date: 2022-07-21 Exploit Author: Antonio Cuomo arkantolo Vendor Homepage: https://www.bludit.com Software Link: https://github.com/bludit/bludit Version: 3.13.1 Tested on:...
revive-adserver v5.4.1 - Cross-Site Scripting (XSS)
Exploit Title: revive-adserver v5.4.1 - Cross-Site Scripting XSS Application: revive-adserver Version: 5.4.1 Bugs: XSS Technology: PHP Vendor URL: https://www.revive-adserver.com/ Software Link: https://www.revive-adserver.com/download/ Date of found: 31-03-2023 Author: Mirabbas Ağalarov Tested o...
Private Internet Access 3.3 - 'pia-service' Unquoted Service Path
Exploit Title: Private Internet Access 3.3 - 'pia-service' Unquoted Service Path Date: 04/03/2022 Exploit Author: Saud Alenazi Vendor Homepage: https://www.privateinternetaccess.com Software Link: https://www.privateinternetaccess.com/download Version: 3.3.0.100 Tested: Windows 10 x64 Contact:...
HTTP Commander 3.1.9 - Stored Cross Site Scripting (XSS)
Exploit Title: HTTP Commander 3.1.9 - Stored Cross Site Scripting XSS Date: 07/01/2022 Exploit Author: Oscar Sandén Vendor Homepage: https://www.element-it.com Software Link: https://www.element-it.com/downloads.aspx Version: 3.1.9 Tested on: Windows Server 2016 Description There is a stored XSS ...
Young Entrepreneur E-Negosyo System 1.0 - SQL Injection Authentication Bypass
Exploit Title: Young Entrepreneur E-Negosyo System 1.0 - SQL Injection Authentication Bypass Date: 2021-10-02 Exploit Author: Jordan Glover Vendor Homepage: https://www.sourcecodester.com/php/12684/young-entrepreneur-e-negosyo-system.html Software Link:...
ECOA Building Automation System - Directory Traversal Content Disclosure
Exploit Title: ECOA Building Automation System - Directory Traversal Content Disclosure Date: 25.06.2021 Exploit Author: Neurogenesia Vendor Homepage: http://www.ecoa.com.tw ECOA Building Automation System Directory Traversal Content Disclosure Vendor: ECOA Technologies Corp. Product web page:...
Umbraco CMS 8.9.1 - Directory Traversal
Exploit Title: Umbraco CMS 8.9.1 - Path traversal and Arbitrary File Write Authenticated Exploit Author: BitTheByte Description: Authenticated path traversal vulnerability. Exploit Research: https://www.tenable.com/security/research/tra-2020-59 Vendor Homepage: https://umbraco.com/ Version:...
Cotonti Siena 0.9.19 - 'maintitle' Stored Cross-Site Scripting
Exploit Title: Cotonti Siena 0.9.19 - 'maintitle' Stored Cross-Site Scripting Date: 2021-15-06 Exploit Author: Fatih İLGİN Vendor Homepage: cotonti.com Vulnerable Software: https://www.cotonti.com/download/siena0919 Affected Version: 0.9.19 Tested on: Windows 10 Vulnerable Parameter Type: POST...
TerraMaster TOS 4.2.06 - Unauthenticated Remote Code Execution (Metasploit)
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "TerraMaster TOS 4.2.06 - Unauthenticated Remote Code Execution", 'Description' = %q This module exploits a unauthenticated command execution...
Nsauditor 3.1.8.0 - 'Name' Denial of Service (PoC)
Exploit Title: Nsauditor 3.1.8.0 - 'Name' Denial of Service PoC Discovery by: SajjadBnd Date: 2019-11-30 Vendor Homepage: http://www.nsauditor.com Software Link: http://www.nsauditor.com/downloads/nsauditorsetup.exe Tested Version: 3.1.8.0 Vulnerability Type: Denial of Service DoS Local Tested on...
Schneider Electric U.Motion Builder 1.3.4 - 'track_import_export.php object_id' Unauthenticated Command Injection
RCE Security Advisory https://www.rcesecurity.com 1. ADVISORY INFORMATION ======================= Product: Schneider Electric U.Motion Builder Vendor URL: www.schneider-electric.com Type: OS Command Injection CWE-78 Date found: 2018-11-15 Date published: 2019-05-13 CVSSv3 Score: 9.8...
CuteNews 2.0.3 - Arbitrary File Upload
CuteNews 2.0.3 Remote File Upload Vulnerability ================================================= 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0...
Cisco Smart Software Manager On-Prem 8-202206 - Account Takeover
Exploit Title: Cisco Smart Software Manager On-Prem 8-202206 - Account Takeover Google Dork: N/A Date: 21/07/2024 Exploit Author: Mohammed Adel Vendor Homepage: https://www.cisco.com Software Link:...
CodeCanyon RISE CRM 3.7.0 - SQL Injection
Exploit Title: CodeCanyon RISE CRM 3.7.0 - SQL Injection Google Dork: N/A Date: September 19, 2024 Exploit Author: Jobyer Ahmed Author Homepage: https://bytium.com Vulnerable Version: 3.7 Patched Version: 3.7.1 Tested on: Ubuntu 24.04, Debian Testing CVE: CVE-2024-8945 Instruction 1. Login to...
TP-Link TL-WR740N - Authenticated Directory Transversal
Exploit Title: TP-Link TL-WR740N - Authenticated Directory Transversal Date: 13/7/2023 Exploit Author: Anish Feroz Zeroxinn Vendor Homepage: http://www.tp-link.com Version: TP-Link TL-WR740n 3.12.11 Build 110915 Rel.40896n Tested on: TP-Link TL-WR740N...
Online Art gallery project 1.0 - Arbitrary File Upload (Unauthenticated)
Exploit Title: Online Art gallery project 1.0 - Arbitrary File Upload Unauthenticated Google Dork: n/a Date: 14/06/2023 Exploit Author: Ramil Mustafayev Vendor Homepage: https://github.com/projectworldsofficial Software Link: https://github.com/projectworlds32/Art-Gallary-php/archive/master.zip...
Arris Router Firmware 9.1.103 - Remote Code Execution (RCE) (Authenticated)
Exploit Title: Arris Router Firmware 9.1.103 - Remote Code Execution RCE Authenticated Date: 17/11/2022 Exploit Author: Yerodin Richards Vendor Homepage: https://www.commscope.com/ Version: 9.1.103 Tested on: TG2482A, TG2492, SBG10 CVE : CVE-2022-45701 import requests import base64 routerhost =...
Microsoft Exchange Active Directory Topology 15.02.1118.007 - 'Service MSExchangeADTopology' Unquoted Service Path
Exploit Title: Microsoft Exchange Active Directory Topology 15.02.1118.007 - 'Service MSExchangeADTopology' Unquoted Service Path Exploit Author: Milad Karimi Ex3ptionaL Exploit Date: 2023-01-18 Vendor : Microsoft Version : 15.02.1118.007 Tested on OS: Microsoft Exchange Server 2019 CU12 PoC :...
minewebcms 1.15.2 - Cross-site Scripting (XSS)
Exploit Title: minewebcms 1.15.2 - Cross-site Scripting XSS Google Dork: NA Date: 02/20/2022 Exploit Author: Chetanya Sharma @AggressiveUser Vendor Homepage: https://mineweb.org/ Software Link: https://github.com/mineweb/minewebcms Version: 1.15.2 Tested on: KALI OS CVE : CVE-2022-1163...
WordPress Plugin Jetpack 9.1 - Cross Site Scripting (XSS)
Exploit Title: WordPress Plugin Jetpack 9.1 - Cross Site Scripting XSS Date: 2022-02-07 Author: Milad karimi Software Link: https://wordpress.org/plugins/jetpack Version: 9.1 Tested on: Windows 11 CVE: N/A 1. Description: This plugin creates a Jetpack from any post types. The slider import search...
WordPress Plugin Plainview Activity Monitor 20161228 - Remote Code Execution (RCE) (Authenticated) (2)
Exploit Title: WordPress Plugin Plainview Activity Monitor 20161228 - Remote Code Execution RCE Authenticated 2 Date: 07.07.2021 Exploit Author: Beren Kuday GORUN Vendor Homepage: https://wordpress.org/plugins/plainview-activity-monitor/ Software Link:...
Alt-N MDaemon webmail 20.0.0 - 'file name' Stored Cross Site Scripting (XSS)
Exploit Title: Alt-N MDaemon webmail 20.0.0 - 'file name' Stored Cross Site Scripting XSS Date: 2020-08-25 Exploit Author: Kailash Bohara Vendor Homepage: https://www.altn.com/ Version: Mdaemon webmail .jpg 2. Go to New mail, select recipient and the select attachment. Code gets executed as right...
IPeakCMS 3.5 - Boolean-based blind SQLi
Exploit Title: IPeakCMS 3.5 - Boolean-based blind SQLi Date: 07.12.2020 Exploit Author: MoeAlbarbari Vendor Homepage: https://ipeak.ch/ Software Link: N/A Version: 3.5 Tested on: BackBox Linux CVE : CVE-2021-3018 Check the CMS version :goto www.site.com/cms/ and you will notice that in the login...
ReQuest Serious Play F3 Media Server 7.0.3 - Debug Log Disclosure
Exploit Title: ReQuest Serious Play F3 Media Server 7.0.3 - Debug Log Disclosure Exploit Author: LiquidWorm Software Link: http://request.com/ Version: 3.0.0 ReQuest Serious Play F3 Media Server 7.0.3 Debug Log Disclosure Vendor: ReQuest Serious Play LLC Product web page: http://www.request.com...
Lenovo Power Management Driver 1.67.17.48 - 'pmdrvs.sys' Denial of Service (PoC)
Exploit Title: Lenovo Power Management Driver 1.67.17.48 - 'pmdrvs.sys' Denial of Service PoC Date: 2019-12-11 Exploit Author: Nassim Asrir CVE: CVE-2019-6192 Tested On: Windows 1064bit | ThinkPad T470p Vendor : https://www.lenovo.com/us/en/ Ref :...
ScanGuard Antivirus 2020 - Insecure Folder Permissions
Exploit Title: ScanGuard Antivirus 2020 - Insecure Folder Permissions Date: 2019-10-10 Exploit Author: hyp3rlinx Vendor Homepage: https://www.scanguard.com/ Software Link: https://support.scanguard.com/en/kb/22/upgrades-available Version: 2020 Tested on: Windows CVE : N/A Category: exploit...
FusionPBX 4.4.8 - Remote Code Execution
!/usr/bin/python3 ''' Exploit Title: FusionPBX v4.4.8 Remote Code Execution Date: 13/08/2019 Exploit Author: Askar @mohammadaskar2 CVE : 2019-15029 Vendor Homepage: https://www.fusionpbx.com Software link: https://www.fusionpbx.com/download Version: v4.4.8 Tested on: Ubuntu 18.04 / PHP 7.2 '''...