47884 matches found
Alt-N MDaemon webmail 20.0.0 - 'file name' Stored Cross Site Scripting (XSS)
Exploit Title: Alt-N MDaemon webmail 20.0.0 - 'file name' Stored Cross Site Scripting XSS Date: 2020-08-25 Exploit Author: Kailash Bohara Vendor Homepage: https://www.altn.com/ Version: Mdaemon webmail .jpg 2. Go to New mail, select recipient and the select attachment. Code gets executed as right...
TerraMaster TOS 4.2.06 - Unauthenticated Remote Code Execution (Metasploit)
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "TerraMaster TOS 4.2.06 - Unauthenticated Remote Code Execution", 'Description' = %q This module exploits a unauthenticated command execution...
Adaware Web Companion 4.9.2159 - 'WCAssistantService' Unquoted Service Path
Exploit Title: Adaware Web Companion 4.9.2159 - 'WCAssistantService' Unquoted Service Path Exploit Author : ZwX Exploit Date: 2020-01-05 Vendor Homepage : http://webcompanion.com/ Link Software :...
SpotAuditor 5.3.2 - 'Key' Denial of Service
Exploit Title: SpotAuditor 5.3.2 - 'Key' Denial of Service Exploit Author : ZwX Exploit Date: 2019-11-28 Vendor Homepage : http://www.nsauditor.com/ Link Software : http://spotauditor.nsauditor.com/downloads/spotauditorsetup.exe Tested on OS: Windows 7 Social: twitter.com/ZwX2a ''' Proof of Conce...
WordPress Plugin Sliced Invoices 3.8.2 - 'post' SQL Injection
Exploit Title: Wordpress Sliced Invoices 3.8.2 - 'post' SQL Injection Date: 2019-10-22 Exploit Author: Lucian Ioan Nitescu Contact: https://twitter.com/LucianNitescu Webiste: https://nitesculucian.github.io Vendor Homepage: https://slicedinvoices.com/ Software Link:...
Joomla! Component JoomCRM 1.1.1 - SQL Injection
Exploit Title: Joomla! Component JoomCRM 1.1.1 - SQL Injection Dork: N/A Date: 2019-01-11 Exploit Author: Ihsan Sencan Vendor Homepage: http://joomboost.com/ Software Link: https://extensions.joomla.org/extensions/extension/marketing/crm/joomcrm/ Version: 1.1.1 Category: Webapps Tested on:...
Microsoft Defender for Endpoint (MDE) - Elevation of Privilege
!/bin/bash Exploit Title: Microsoft Defender for Endpoint MDE - Elevation of Privilege Date: 2025-05-27 Exploit Author: Rich Mirch Vendor Homepage: https://learn.microsoft.com/en-us/defender-endpoint/ Software Link:...
TightVNC 2.8.83 - Control Pipe Manipulation
Exploit Title: TightVNC 2.8.83 - Control Pipe Manipulation Date: 06/09/2025 Exploit Author: Ionut Zevedei [email protected] Exploit Repository: https://github.com/zeved/CVE-2024-42049-PoC Vendor Homepage: https://www.tightvnc.com/ Software Link: https://www.tightvnc.com/download.php Version: 2.8.83...
unzip-stream 0.3.1 - Arbitrary File Write
Exploit Title: unzip-stream 0.3.1 - Arbitrary File Write Date: 18th April, 2024 Exploit Author: Ardayfio Samuel Nii Aryee Software link: https://github.com/mhr3/unzip-stream Version: unzip-stream 0.3.1 Tested on: Ubuntu CVE: CVE-2024-42471 NB: Python's built-in zipfile module has limitations on t...
DocsGPT 0.12.0 - Remote Code Execution
Exploit Title: DocsGPT 0.12.0 - Remote Code Execution Date: 09/04/2025 Exploit Author: Shreyas Malhotra OSMSEC Vendor Homepage: https://github.com/arc53/docsgpt Software Link: https://github.com/arc53/DocsGPT/archive/refs/tags/0.12.0.zip Version: 0.8.1 through 0.12.0 Tested on: Debian Linux/Ubunt...
Wordpress Plugin WP Video Playlist 1.1.1 - Stored Cross-Site Scripting (XSS)
Exploit Title: Wordpress Plugin WP Video Playlist 1.1.1 - Stored Cross-Site Scripting XSS Date: 12 April 2024 Exploit Author: Erdemstar Vendor: https://wordpress.com/ Version: 1.1.1 Proof Of Concept: 1. Click Add Video part and enter the XSS payload as below into the first input of form or Reques...
Online Art gallery project 1.0 - Arbitrary File Upload (Unauthenticated)
Exploit Title: Online Art gallery project 1.0 - Arbitrary File Upload Unauthenticated Google Dork: n/a Date: 14/06/2023 Exploit Author: Ramil Mustafayev Vendor Homepage: https://github.com/projectworldsofficial Software Link: https://github.com/projectworlds32/Art-Gallary-php/archive/master.zip...
Flexense HTTP Server 10.6.24 - Buffer Overflow (DoS) (Metasploit)
Exploit Title: Flexense HTTP Server 10.6.24 - Buffer Overflow DoS Metasploit Date: 2018-03-09 Exploit Author: Ege Balci Vendor Homepage: https://www.flexense.com/downloads.html Version: 'Flexense HTTP Server Denial Of Service', 'Description' = %q This module triggers a Denial of Service...
Epson Stylus SX510W Printer Remote Power Off - Denial of Service
Exploit Title: Epson Stylus SX510W Printer Remote Power Off - Denial of Service PoC Discovery by: Rafael Pedrero Discovery Date: 2020-05-16 Vendor Homepage: https://www.epson.es/ Software Link : https://www.epson.es/products/printers/inkjet-printers/for-home/epson-stylus-sx510w Tested Version:...
Sony playmemories home - 'PMBDeviceInfoProvider' Unquoted Service Path
Exploit Title: Sony playmemories home - 'PMBDeviceInfoProvider' Unquoted Service Path Date: 09/03/2022 Exploit Author: Saud Alenazi Vendor Homepage: https://www.sony.com/ Software Link: https://support.d-imaging.sony.co.jp/www/disoft/int/download/playmemories-home/win/en/index.html Version: 6.0...
CMSuno 1.7 - 'tgo' Stored Cross-Site Scripting (XSS) (Authenticated)
Exploit Title: CMSuno 1.7 - 'tgo' Stored Cross-Site Scripting XSS Authenticated Date: 03-08-2021 Exploit Author: splint3rsec Vendor Homepage: https://github.com/boiteasite Software Link: https://github.com/boiteasite/cmsuno Affected Versions: CMSuno 1.7 and prior CVE : CVE-2021-36654 CMSuno versi...
Dolibarr ERP/CRM 10.0.6 - Login Brute Force
Exploit Title: Dolibarr ERP/CRM 10.0.6 - Login Brute Force Date:2020-01-18 Exploit Author: Creamy Chicken Soup Vendor Homepage: https://www.dolibarr.org Software Link: https://sourceforge.net/projects/dolibarr/ Version: 10.0.6 Tested on: Windows 10 - 64bit CVE: CVE-2020-7995 function...
Wordpress Epsilon Framework Multiple Themes - Unauthenticated Function Injection
Exploit Title: Wordpress Epsilon Framework Multiple Themes - Unauthenticated Function Injection Date: 22/12/2020 Exploit Authors: gx1 lotar Vendor Homepage: https://wordpress.com/ Software Link: https://github.com/WordPress/WordPress Affected Themes: shapely - Fixed in version 1.2.9 newsmag - Fix...
Joomla! Plugin XCloner Backup 3.5.3 - Local File Inclusion (Authenticated)
Exploit Title: Joomla! Plugin XCloner Backup 3.5.3 - Local File Inclusion Authenticated Date: 2020-05-10 Exploit Author: Mehmet Kelepçe / Gais Cyber Security Exploit-Db Author ID: 8763 Reference: https://www.xcloner.com/xcloner-news/security-release-available-for-archived-joomla-version/ Vendor...
Lenovo Power Management Driver 1.67.17.48 - 'pmdrvs.sys' Denial of Service (PoC)
Exploit Title: Lenovo Power Management Driver 1.67.17.48 - 'pmdrvs.sys' Denial of Service PoC Date: 2019-12-11 Exploit Author: Nassim Asrir CVE: CVE-2019-6192 Tested On: Windows 1064bit | ThinkPad T470p Vendor : https://www.lenovo.com/us/en/ Ref :...
Microsoft Windows 10 - SET_REPARSE_POINT_EX Mount Point Security Feature Bypass
Windows: SETREPARSEPOINTEX Mount Point Security Feature Bypass Platform: Windows 10 1903, 1809 not tested earlier Class: Security Feature Bypass Summary: The NTFS driver supports a new FS control code to set a mount point which the existing sandbox mitigation doesn’t support allowing a sandboxed...
Agent Tesla Botnet - Arbitrary Code Execution (Metasploit)
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "Tesla Agent Remote Code Execution", 'Description' = %q This module exploits the command injection vulnerability of tesla agent botnet panel. ,...
AZADMIN CMS 1.0 - SQL Injection
Sql Injection on AZADMIN CMS of HIDEA v1.0 + Date: 24/06/2019 + CWE Number : CWE-89 + Risk: High + Author: Felipe Andrian Peixoto + Vendor Homepage: https://www.hidea.com/ + Contact: [email protected] + Tested on: Windows 7 and Linux + Vulnerable Files: newsdet.php + Dork :...
Microsoft Office SharePoint Server 2016 - Denial of Service (Metasploit)
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'sharepoint-ruby' class MetasploitModule 'DOS Vulnerability in SharePoint 2016 Server', 'Description' = %q A vulnerability in Microsoft SharePoint Server could...
Google Chrome V8 JavaScript Engine 71.0.3578.98 - Out-of-Memory. Denial of Service (PoC)
function main var vArr = new Array; var bigArray = new Array0x20000000; vArr0 = String.prototype.toLowerCase.callbigArray; vArr1 = String.prototype.toLowerCase.callbigArray; vArr2 = String.prototype.toLowerCase.callbigArray;...
Microsoft Windows 7 < 10 / 2008 < 2012 (x86/x64) - Secondary Logon Handle Privilege Escalation (MS16-032) (Metasploit)
This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' require 'msf/core/payloadgenerator' require 'msf/core/exploit/powershell' require 'rex' class MetasploitModule 'MS16-032 Secondary Logon Handle Privile...
YourFreeWorld Autoresponder Hosting - 'tr.php' SQL Injection
Autoresponder Hosting id Remote SQL Injection Vulnerability Author: Hussin X Home : www.IQ-TY.com & www.TrYaG.cc script :http://www.yourfreeworld.com/script/autoresponderhosting.php DorK : inurl:tr.php?id= Autoresponder Exploit :...
Adapt Authoring Tool 0.11.3 - Remote Command Execution (RCE)
Exploit Title: Adapt Authoring Tool 0.11.3 - Remote Command Execution RCE Date: 2024-11-24 Exploit Author: Eui Chul Chung Vendor Homepage: https://www.adaptlearning.org/ Software Link: https://github.com/adaptlearning/adaptauthoring Version: 0.11.3 CVE Identifier: CVE-2024-50672 , CVE-2024-50671...
E-INSUARANCE v1.0 - Stored Cross Site Scripting (XSS)
Exploit Title: E-INSUARANCE v1.0 - Stored Cross Site Scripting XSS Google Dork: NA Date: 28-03-2024 Exploit Author: Sandeep Vishwakarma Vendor Homepage: https://www.sourcecodester.com Software Link:https://www.sourcecodester.com/php/16995/insurance-management-system-php-mysql.html Version: v1.0...
Game Jackal Server v5 - Unquoted Service Path "GJServiceV5"
Exploit Title: Game Jackal Server v5 - Unquoted Service Path Date: 06/07/2023 Exploit Author: Idan Malihi Vendor Homepage: https://www.allradiosoft.ru Software Link: https://www.allradiosoft.ru/en/ss/index.htm Version: 5 Tested on: Microsoft Windows 10 Pro CVE : CVE-2023-36166 PoC C:\Userswmic...
The Shop v2.5 - SQL Injection
Exploit Title: The Shop v2.5 - SQL Injection Date: 2023-06-17 Exploit Author: Ahmet Ümit BAYRAM Vendor: https://codecanyon.net/item/the-shop/34858541 Demo Site: https://shop.activeitzone.com Tested on: Kali Linux CVE: N/A Request POST /api/v1/carts/add HTTP/1.1 Content-Type: application/json...
Service Provider Management System v1.0 - SQL Injection
Exploit Title: Service Provider Management System v1.0 - SQL Injection Date: 2023-05-23 Exploit Author: Ashik Kunjumon Vendor Homepage: https://www.sourcecodester.com/users/lewa Software Link:...
Companymaps v8.0 - Stored Cross Site Scripting (XSS)
Exploit Title: Companymaps V8.0 - Stored Cross Site Scripting XSS Date: 27.04.2023 Exploit Author: Lucas Noki 0xPrototype Vendor Homepage: https://github.com/vogtmh Software Link: https://github.com/vogtmh/cmaps Version: 8.0 Tested on: Mac, Windows, Linux CVE : CVE-2023-29983 Steps to reproduce: ...
Mars Stealer 8.3 - Admin Account Takeover
Exploit Title: Mars Stealer 8.3 - Admin Account Takeover Product: Mars Stelaer Technology: PHP Version: 8.3 Google Dork: N/A Date: 20.04.2023 Tested on: Linux Author: Sköll - twitter.com/skoll import argparse import requests parser = argparse.ArgumentParserdescription='Mars Stealer Account Takeov...
Auto Dealer Management System 1.0 - Broken Access Control Exploit
Exploit Title: Auto Dealer Management System 1.0 - Broken Access Control Exploit It leads to compromise of all application accounts by accessing the ?page=user/list with low privileged user account Date: 18 February 2023 CVE Assigned: CVE-2023-0916 mitre.org nvd.nist.org Author: Muhammad Navaid...
minewebcms 1.15.2 - Cross-site Scripting (XSS)
Exploit Title: minewebcms 1.15.2 - Cross-site Scripting XSS Google Dork: NA Date: 02/20/2022 Exploit Author: Chetanya Sharma @AggressiveUser Vendor Homepage: https://mineweb.org/ Software Link: https://github.com/mineweb/minewebcms Version: 1.15.2 Tested on: KALI OS CVE : CVE-2022-1163...
Chamilo LMS 1.11.14 - Account Takeover
Exploit Title: Chamilo LMS 1.11.14 - Account Takeover Date: July 21 2021 Exploit Author: sirpedrotavares Vendor Homepage: https://chamilo.org Software Link: https://chamilo.org Version: Chamilo-lms-1.11.x Tested on: Chamilo-lms-1.11.x CVE: CVE-2021-37391 Publication:...
SalonERP 3.0.1 - 'sql' SQL Injection (Authenticated)
Exploit Title: SalonERP 3.0.1 - 'sql' SQL Injection Authenticated Exploit Author: Betul Denizler Vendor Homepage: https://salonerp.sourceforge.io/ Software Link: https://sourceforge.net/projects/salonerp/files/latest/download Version: SalonERP v3.0.1 Tested on: Ubuntu Mate 20.04 Vulnerable...
AlphaWeb XE - File Upload Remote Code Execution (RCE) (Authenticated)
Exploit Title: AlphaWeb XE - File Upload Remote Code Execution RCE Authenticated Date: 09/09/2021 Exploit Author: Ricardo Ruiz @ricardojoserf Vendor website: https://www.zenitel.com/ Product website: https://wiki.zenitel.com/wiki/AlphaWeb Example: python3 CVE-2021-40845.py -u "http://$ip:80/" -c...
Crime records Management System 1.0 - 'Multiple' SQL Injection (Authenticated)
Exploit Title: Crime records Management System 1.0 - 'Multiple' SQL Injection Authenticated Date: 17/08/2021 Exploit Author: Davide 't0rt3ll1n0' Taraschi Vendor Homepage: https://www.sourcecodester.com/users/osman-yahaya Software Link:...
TextPattern CMS 4.8.7 - Remote Command Execution (Authenticated)
Exploit Title : TextPattern CMS 4.8.7 - Remote Command Execution Authenticated Date : 2021/09/06 Exploit Author : Mert Daş [email protected] Software Link : https://textpattern.com/filedownload/113/textpattern-4.8.7.zip Software web : https://textpattern.com/ Tested on: Server : Xampp First ...
ReQuest Serious Play F3 Media Server 7.0.3 - Debug Log Disclosure
Exploit Title: ReQuest Serious Play F3 Media Server 7.0.3 - Debug Log Disclosure Exploit Author: LiquidWorm Software Link: http://request.com/ Version: 3.0.0 ReQuest Serious Play F3 Media Server 7.0.3 Debug Log Disclosure Vendor: ReQuest Serious Play LLC Product web page: http://www.request.com...
Online Shopping Portal 3.1 - 'email' SQL Injection
Exploit Title: Online Shopping Portal 3.1 - 'email' SQL Injection Date: 2020-07-06 Exploit Author: gh1mau Team Members: Capt'N,muzzo,chaos689 | https://h0fclanmalaysia.wordpress.com/ Vendor Homepage: https://phpgurukul.com/shopping-portal-free-download/ Software Link:...
WebKit - User-agent Shadow root Leak in WebCore::ReplacementFragment::ReplacementFragment
ReplacementFragment::insertFragmentForTestRenderingNode rootEditableElement auto holder = createDefaultParagraphElementdocument; holder-appendChildmfragment; rootEditableElement-appendChildholder; // 2 document.updateLayoutIgnorePendingStylesheets; return holder;...
FusionPBX 4.4.8 - Remote Code Execution
!/usr/bin/python3 ''' Exploit Title: FusionPBX v4.4.8 Remote Code Execution Date: 13/08/2019 Exploit Author: Askar @mohammadaskar2 CVE : 2019-15029 Vendor Homepage: https://www.fusionpbx.com Software link: https://www.fusionpbx.com/download Version: v4.4.8 Tested on: Ubuntu 18.04 / PHP 7.2 '''...
Oracle Application Testing Suite - WebLogic Server Administration Console War Deployment (Metasploit)
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Oracle Application Testing Suite WebLogic Server Administration Console War Deployment', 'Description' = %q This module abuses a feature in...
Linux < 4.14.103 / < 4.19.25 - Out-of-Bounds Read and Write in SNMP NAT Module
commit cc2d58634e0f "netfilter: nfnatsnmpbasic: use asn1 decoder library", first in 4.16 changed the nfnatsnmpbasic module which, when enabled, parses and modifies the ASN.1-encoded payloads of SNMP messages so that the kernel's ASN.1 infrastructure is used instead of an open-coded parser. The...
Skyvern 0.1.85 - Remote Code Execution (RCE) via SSTI
Exploit Title: Skyvern 0.1.85 - Remote Code Execution RCE via SSTI Date: 2025-06-15 Exploit Author: Cristian Branet Vendor Homepage: https://www.skyvern.com/ Software Link: https://github.com/Skyvern-AI/skyvern Version: Settings - API Key - Reveal and copy the API key" parser.addargument"-i",...
Smart Manager 8.27.0 - Post-Authenticated SQL Injection
Exploit Title: Smart Manager 8.27.0 - Post-Authenticated SQL Injection Date: 2024-01-18 Exploit Author: Ivan Spiridonov - xbz0n Vendor Homepage: https://www.storeapps.org/ Software Link: https://www.storeapps.org/product/smart-manager/ Version: 8.27.0 Tested on: Ubuntu 22.04 CVE: CVE-2024-0566 SQ...
Watcharr 1.43.0 - Remote Code Execution (RCE)
Exploit Title : Watcharr 1.43.0 - Remote Code Execution RCE CVE-2024-48827 exploit by Suphawith Phusanbai Affected Watcharr version 1.43.0 and below. import argparse import requests import json import jwt from pyfiglet import Figlet f = Figletfont='slant',width=100 printf.renderText'CVE-2024-4882...