47904 matches found
Crime records Management System 1.0 - 'Multiple' SQL Injection (Authenticated)
Exploit Title: Crime records Management System 1.0 - 'Multiple' SQL Injection Authenticated Date: 17/08/2021 Exploit Author: Davide 't0rt3ll1n0' Taraschi Vendor Homepage: https://www.sourcecodester.com/users/osman-yahaya Software Link:...
Simple Water Refilling Station Management System 1.0 - Remote Code Execution (RCE) through File Upload
Exploit Title: Simple Water Refilling Station Management System 1.0 - Remote Code Execution RCE through File Upload Exploit Author: Matt Sorrell Date: 2021-08-14 Vendor Homepage: https://www.sourcecodester.com Software Link:...
IPCop 2.1.9 - Remote Code Execution (RCE) (Authenticated)
Exploit Title: IPCop 2.1.9 - Remote Code Execution RCE Authenticated Date: 02/08/2021 Exploit Author: Mücahit Saratar Vendor Homepage: https://www.ipcop.org/ Software Link: https://sourceforge.net/projects/ipcop/files/IPCop/IPCop%202.1.8/ipcop-2.1.8-install-cd.i486.iso -...
TextPattern CMS 4.8.7 - Remote Command Execution (Authenticated)
Exploit Title : TextPattern CMS 4.8.7 - Remote Command Execution Authenticated Date : 2021/09/06 Exploit Author : Mert Daş [email protected] Software Link : https://textpattern.com/filedownload/113/textpattern-4.8.7.zip Software web : https://textpattern.com/ Tested on: Server : Xampp First ...
DELL dbutil_2_3.sys 2.3 - Arbitrary Write to Local Privilege Escalation (LPE)
Exploit Title: DELL dbutil23.sys 2.3 - Arbitrary Write to Local Privilege Escalation LPE Date: 10/05/2021 Exploit Author: Paolo Stagno aka VoidSec Version: include include include include define IOCTLCODE 0x9B0C1EC8 // IOCTLCODE value, used to reach the vulnerable function taken from IDA define...
SEO Panel 4.8.0 - 'order_col' Blind SQL Injection (2)
Exploit Title: SEO Panel 4.8.0 - 'ordercol' Blind SQL Injection 2 Author: nu11secur1ty Testing and Debugging: nu11secur1ty Date: 04/25/2021 Vendor: https://www.seopanel.org/ Link: https://www.seopanel.org/spdownload/4.8.0 CVE: CVE-2021-28419 + Exploit Source: !/usr/bin/python3 Author: @nu11secur1...
Cemetry Mapping and Information System 1.0 - Multiple Stored Cross-Site Scripting
Exploit Title: Cemetry Mapping and Information System 1.0 - Multiple Stored Cross-Site Scripting Exploit Author: Mesut Cetin Date: 2021-01-10 Vendor Homepage: https://www.sourcecodester.com/php/12779/cemetery-mapping-and-information-system-using-phpmysqli.html Software Link:...
Stock Management System 1.0 - Cross-Site Request Forgery (Change Username)
Exploit Title: Stock Management System 1.0 - Cross-Site Request Forgery Change Username Exploit Author: Bobby Cooke & Adeeb Shah @hyd3sec CVE ID: N/A Date: 2020-09-01 Vendor Homepage: https://www.sourcecodester.com/php/14366/stock-management-system-php.html Software Link:...
Daily Expenses Management System 1.0 - 'item' SQL Injection
Exploit Title: Daily Expenses Management System 1.0 - 'item' SQL Injection Date: 2020-08-05 Exploit Author: Edo Maland Vendor Homepage: https://www.sourcecodester.com/php/14372/daily-tracker-system-phpmysql.html Software Link:...
Victor CMS 1.0 - 'cat_id' SQL Injection
Exploit Title: Victor CMS 1.0 - 'catid' SQL Injection Google Dork: N/A Date: 2020-05-19 Exploit Author: Kishan Lal Choudhary Vendor Homepage: https://github.com/VictorAlagwu/CMSsite Software Link: https://github.com/VictorAlagwu/CMSsite/archive/master.zip Version: 1.0 Tested on: Windows 10...
Monstra CMS 3.0.4 - Authenticated Arbitrary File Upload
Exploit Title: Monstra CMS 3.0.4 - Authenticated Arbitrary File Upload Google Dork: N/A Date: 2020-05-18 Exploit Author: Kishan Lal Choudhary Vendor Homepage: https://monstra.org Software Link: https://bitbucket.org/awilum/monstra/downloads/monstra-3.0.4.zip Version: 3.0.4 Tested on: Ubuntu 1...
Inventory Webapp - 'itemquery' SQL injection
Exploit Title: Inventory Webapp SQL injection Data: 05.09.2019 Exploit Author: mohammad zaheri Vendor HomagePage: https://github.com/edlangley/inventory-webapp Tested on: Windows Google Dork: N/A ========= Vulnerable Page: ========= /php/add-item.php ========== Vulnerable Source: ========== Line3...
Sentrifugo 3.2 - File Upload Restriction Bypass
Exploit Title: Sentrifugo 3.2 - File Upload Restriction Bypass Google Dork: N/A Date: 8/29/2019 Exploit Author: creosote Vendor Homepage: http://www.sentrifugo.com/ Version: 3.2 Tested on: Ubuntu 18.04 CVE : CVE-2019-15813 Multiple File Upload Restriction Bypass vulnerabilities were found in...
Google Chrome V8 JavaScript Engine 71.0.3578.98 - Out-of-Memory. Denial of Service (PoC)
function main var vArr = new Array; var bigArray = new Array0x20000000; vArr0 = String.prototype.toLowerCase.callbigArray; vArr1 = String.prototype.toLowerCase.callbigArray; vArr2 = String.prototype.toLowerCase.callbigArray;...
Gitea 1.24.0 - HTML Injection
Exploit Title: Gitea 1.24.0 - HTML Injection Date: 2025-03-09 Exploit Author: Mikail KOCADAĞ Vendor Homepage: https://gitea.com Software Link: https://dl.gitea.io/gitea/1.24.0/ Version: 1.24.0 Tested on: Windows 10, Linux Ubuntu 22.04 CVE : N/A Vulnerability Description: In Gitea 1.24.0, the...
Wyrestorm Apollo VX20 < 1.3.58 - Incorrect Access Control 'Credentials Disclosure'
Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/WYRESTORMAPOLLOVX20INCORRECTACCESSCONTROLCREDENTIALSDISCLOSURECVE-2024-25735.txt + twitter.com/hyp3rlinx + ISR: ApparitionSec Vendor www.wyrestorm.com Product APOLLO VX20...
Grocy <=4.0.2 - CSRF
Exploit Title: Grocy history.pushState'','', '/'; document.forms0.submit; If a user is logged into the Grocy Webapp at time of execution, a new user will be created in the app with the following credentials Username: hacker Password: test Note: In order for this to work, the target must have Crea...
101 News 1.0 - Multiple-SQLi
Title: 101 News-1.0 Multiple-SQLi Author: nu11secur1ty Date: 09/16/2023 Vendor: https://mayurik.com/ Software: https://www.sourcecodester.com/php/16067/best-online-news-portal-project-php-free-download.html Reference: https://portswigger.net/web-security/sql-injection Description: The searchtitle...
WordPress Plugin Motopress Hotel Booking Lite 4.2.4 - Stored Cross-Site Scripting (XSS)
Exploit Title: WordPress Plugin Motopress Hotel Booking Lite 4.2.4 - Stored Cross-Site Scripting XSS Date: 2022-06-05 Exploit Author: Sanjay Singh Vendor Homepage: https://motopress.com/ Software Link: https://downloads.wordpress.org/plugin/motopress-hotel-booking-lite.4.2.4.zip Version: 4.2.4...
Spy Emergency 25.0.650 - 'Multiple' Unquoted Service Path
Exploit Title: Spy Emergency 25.0.650 - Unquoted Service Path Discovery by: Erick Galindo Discovery Date: 2021-06-11 Vendor Homepage: https://www.spy-emergency.com/ Software Link: https://www.spy-emergency.com/download/download.php?id=1 Tested Version: 25.0.650.0 Vulnerability Type: Unquoted...
RemoteClinic 2 - 'Multiple' Cross-Site Scripting (XSS)
Exploit Title: RemoteClinic 2 - 'Multiple' Cross-Site Scripting XSS Exploit Author: nu11secur1ty Debug: g3ck0dr1v3r Date: 04/21/2021 Vendor Homepage: https://remoteclinic.io/ Software Link: https://github.com/remoteclinic/RemoteClinic CVE: CVE-2021-30044 + Exploit Source:...
Batflat CMS 1.3.6 - Remote Code Execution (Authenticated)
Exploit Title: Batflat CMS 1.3.6 - Remote Code Execution Authenticated Date: 2020-12-27 Exploit Author: mari0x00 Vendor Homepage: https://batflat.org/ Software Link: https://github.com/sruupl/batflat/archive/master.zip Description:...
CASAP Automated Enrollment System 1.0 - 'First Name' Stored XSS
Exploit Title: CASAP Automated Enrollment System 1.0 - 'First Name' Stored XSS Exploit Author: Anita Gaud Vendor Homepage: https://www.sourcecodester.com/php/12210/casap-automated-enrollment-system.html Software Link:...
FRITZ!Box 7.20 - DNS Rebinding Protection Bypass
Exploit Title: FRITZ!Box 7.20 - DNS Rebinding Protection Bypass Date: 2020-06-23 Exploit Author: RedTeam Pentesting GmbH Vendor Homepage: https://en.avm.de/ Version: 7.20 CVE: 2020-26887 Advisory: FRITZ!Box DNS Rebinding Protection Bypass RedTeam Pentesting discovered a vulnerability in FRITZ!Box...
Siemens Desigo PX 6.00 - Denial of Service (PoC)
Title: Siemens Desigo PX 6.00 - Denial of Service PoC Author: LiquidWorm Date: 2019-11-14 Vendor web page: https://www.siemens.com Product web page: https://new.siemens.com/global/en/products/buildings/automation/desigo.html Affected version:6.00 Affected version: Model: PXC00-E.D, PXC50-E.D,...
ThinVNC 1.0b1 - Authentication Bypass
Exploit Title: ThinVNC 1.0b1 - Authentication Bypass Date: 2019-10-17 Exploit Author: Nikhith Tumamlapalli Contributor WarMarX Vendor Homepage: https://sourceforge.net/projects/thinvnc/ Software Link: https://sourceforge.net/projects/thinvnc/files/ThinVNC1.0b1/ThinVNC1.0b1.zip/download Version:...
ProFTPd 1.3.5 - 'mod_copy' Remote Command Execution
Title: ProFTPd 1.3.5 Remote Command Execution Date : 20/04/2015 Author: R-73eN Software: ProFTPd 1.3.5 with modcopy Tested : Kali Linux 1.06 CVE : 2015-3306 Greetz to Vadim Melihow for all the hard work . import socket import sys import requests Banner banner = "" banner += " \n" banner +=" | | /...
PHP DateTime - Use-After-Free
Use After Free Vulnerability in unserialize with DateTime CVE-2015-0273 Taoguang Chen - Write Date: 2015.1.29 - Release Date: 2015.2.20 A use-after-free vulnerability was discovered in unserialize with DateTime/DateTimeZone/DateInterval/DatePeriod objects's wakeup magic method that can be abused...
Microsoft SQL Server - Hello Overflow (MS02-056) (Metasploit)
$Id: ms02056hello.rb 9179 2010-04-30 08:40:19Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/...
Windows 2024.15 - Unauthenticated Desktop Screenshot Capture
Exploit Title: Windows 2024.15 - Unauthenticated Desktop Screenshot Capture Date: 2025-05-19 Exploit Author: Chokri Hammedi Vendor Homepage: https://rs.ltd Software Link: https://rs.ltd/latest.php?os=win Version: 2024.15 Tested on: Windows 10/11 with Remote for Windows helper ''' Description: -...
Casdoor 1.901.0 - Cross-Site Request Forgery (CSRF)
Exploit Title: Casdoor 1.901.0 - Cross-Site Request Forgery CSRF Application: Casdoor Version: 1.901.0 Date: 03/07/2024 Exploit Author: Van Lam Nguyen Vendor Homepage: https://casdoor.org/ Software Link: https://github.com/casdoor/casdoor/archive/refs/tags/v1.901.0.zip Tested on: Windows CVE : N/...
PHPJabbers Business Directory Script v3.2 - Multiple Vulnerabilities
Exploit Title: PHPJabbers Business Directory Script v3.2 - Multiple Vulnerabilities Date: 09/08/2023 Exploit Author: Kerimcan Ozturk Vendor Homepage: https://www.phpjabbers.com/ Software Link: https://www.phpjabbers.com/business-directory-script/ Version: 3.2 Tested on: Windows 10 Pro Description...
Uvdesk v1.1.3 - File Upload Remote Code Execution (RCE) (Authenticated)
Exploit Title: Uvdesk v1.1.3 - File Upload Remote Code Execution RCE Authenticated Date: 28/07/2023 Exploit Author: Daniel Barros @cupc4k3d - Hakai Offensive Security Vendor Homepage: https://www.uvdesk.com Software Link: https://github.com/uvdesk/community-skeleton Version: 1.1.3 Example: python...
Joomla! com_booking component 2.4.9 - Information Leak (Account enumeration)
Exploit Title: Joomla! combooking component 2.4.9 - Information Leak Account enumeration Google Dork: inurl:"index.php?option=combooking" Date: 07/12/2023 Exploit Author: qw3rTyTy Vendor Homepage: http://www.artio.net/ Software Link:...
Serendipity 2.4.0 - File Inclusion RCE
Exploit Title: Serendipity 2.4.0 - File Inclusion RCE Author: nu11secur1ty Date: 04.26.2023 Vendor: https://docs.s9y.org/index.html Software: https://github.com/s9y/Serendipity/releases/tag/2.4.0 Reference: https://portswigger.net/web-security/file-upload Reference:...
Home Owners Collection Management System 1.0 - 'id' Blind SQL Injection
Exploit Title: Home Owners Collection Management System 1.0 - 'id' Blind SQL Injection Date: 9/02/2022 Exploit Author: Saud Alenazi Vendor Homepage: https://www.sourcecodester.com/ Software Link:...
Archeevo 5.0 - Local File Inclusion
Exploit Title: Archeevo 5.0 - Local File Inclusion Google Dork: intitle:"archeevo" Date: 01/15/2021 Exploit Author: Miguel Santareno Vendor Homepage: https://www.keep.pt/ Software Link: https://www.keep.pt/produtos/archeevo-software-de-gestao-de-arquivos/ Version: 5.0 Tested on: windows 1...
Online Resort Management System 1.0 - SQLi (Authenticated)
Exploit Title: Online Resort Management System 1.0 - SQLi Authenticated Date: 15/01/2022 Exploit Author: Gaurav Grover Vendor Homepage: Software Link: Version: 1.0 Tested on: Linux and windows both Summary: There are a vulnerabilities in Online Resort Management System ORMS 1. The attacker can...
WordPress Plugin The True Ranker 2.2.2 - Arbitrary File Read (Unauthenticated)
Exploit Title: WordPress Plugin The True Ranker 2.2.2 - Arbitrary File Read Unauthenticated Date: 23/12/2021 Exploit Authors: Nicole Sheinin, Liad Levy Vendor Homepage: https://wordpress.org/plugins/seo-local-rank/ Software Link: https://plugins.svn.wordpress.org/seo-local-rank/tags/2.2.2/ Versio...
Visual Tools DVR VX16 4.2.28.0 - OS Command Injection (Unauthenticated)
Exploit Title: Visual Tools DVR VX16 4.2.28.0 - OS Command Injection Unauthenticated Date: 2021-07-05 Exploit Author: Andrea D'Ubaldo Vendor Homepage: https://visual-tools.com/ Version: Visual Tools VX16 v4.2.28.0 Tested on: VX16 Embedded Linux 2.6.35.4. CVE: CVE-2021-42071 Reference:...
Genexis Platinum-4410 P4410-V2-1.31A - 'start_addr' Persistent Cross-Site Scripting
Exploit Title: Genexis Platinum-4410 P4410-V2-1.31A - 'startaddr' Persistent Cross-Site Scripting Date: 03/25/2020 Exploit Author: Jithin KS Vendor Homepage: https://www.gxgroup.eu/ont-products/ Version: Platinum-4410 Software version - P4410-V2-1.31A Tested on: Windows 10 Author Contact:...
Node.JS - 'node-serialize' Remote Code Execution (2)
Exploit Title: Node.JS - 'node-serialize' Remote Code Execution 2 Exploit Author: UndeadLarva Software Link: https://www.npmjs.com/package/node-serialize Version: 0.0.4 CVE: CVE-2017-5941 import requests import re import base64 import sys url = 'http://192.168.100.133:8000/' change this payload =...
Online Shop Project 1.0 - 'p' SQL Injection
Exploit Title: Online Shop Project 1.0 - 'p' SQL Injection Date: 2020-09-20 Exploit Author: Augkim Vendor Homepage: https://www.sourcecodester.com/php/14448/online-shop-project-using-phpmysql.html Software Link:...
Pi-hole 4.4.0 - Remote Code Execution (Authenticated)
Exploit Title: Pi-hole 4.4.0 - Remote Code Execution Authenticated Date: 2020-05-22 Exploit Author: Photubias Vendor Advisory: 1 https://github.com/pi-hole/AdminLTE Version: Pi-hole . Based and improved on: https://github.com/Frichetten/CVE-2020-11108-PoC/blob/master/cve-2020-11108-rce.py File na...
NCP_Secure_Entry_Client 9.2 - Unquoted Service Paths
Exploit Title: NCPSecureEntryClient 9.2 - Unquoted Service Paths Date: 2019-11-17 Exploit Author: Akif Mohamed Ik Vendor Homepage: http://software.ncp-e.com/ Software Link: http://software.ncp-e.com/NCPSecureEntryClient/Windows/9.2x/ Version: 9.2x Tested on: Windows 7 SP1 CVE : NA C:\Users\userwm...
Adobe Acrobat Reader DC for Windows - Use of Uninitialized Pointer due to Malformed OTF Font (CFF Table)
We have observed the following access violation exception in the latest version of Adobe Acrobat Reader DC for Windows, when opening a malformed PDF file: --- cut --- 5708.4564: Access violation - code c0000005 first chance First chance exceptions are reported before any exception handling. This...
Adive Framework 2.0.7 - Privilege Escalation
Exploit Title: Adive Framework 2.0.7 - Privilege Escalation Date: 2019-08-02 Exploit Author: Pablo Santiago Vendor Homepage: https://www.adive.es/ Software Link: https://github.com/ferdinandmartin/adive-php7 Version: 2.0.7 Tested on: Windows 10 CVE : CVE-2019-14347 Exploit import requests import...
PLC Wireless Router GPN2.4P21-C-CN - Incorrect Access Control
Exploit Title: PLC Wireless Router GPN2.4P21-C-CN -Incorrect Access Control Date: 14/01/2019 Exploit Author: Kumar Saurav Reference: https://0dayfindings.home.blog/2019/01/15/plc-wireless-router-gpn2-4p21-c-cn-incorrect-access-control/ Vendor: ChinaMobile Category: Hardware Version: GPN2.4P21-C-C...
Coman 1.0 - 'id' SQL Injection
Exploit Title: Coman - Company Management System 1.0 - SQL Injection Dork: N/A Date: 2019-01-20 Exploit Author: Ihsan Sencan Vendor Homepage: http://ragob.com/ Software Link: https://codecanyon.net/item/coman-company-management-system/17799270 Version: 1.0 Category: Webapps Tested on:...
Linux Kernel UDEV < 1.4.1 - 'Netlink' Local Privilege Escalation (Metasploit)
This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' require 'rex' require 'msf/core/post/common' require...