47904 matches found
ABB Cylon Aspect 3.08.03 - Guest2Root Privilege Escalation
!/usr/bin/env python Exploit Title: ABB Cylon Aspect 3.08.03 - Guest2Root Privilege Escalation Vendor: ABB Ltd. Product web page: https://www.global.abb Affected version: NEXUS Series, MATRIX-2 Series, ASPECT-Enterprise, ASPECT-Studio Firmware: =3.08.03 Summary: ASPECT is an award-winning scalabl...
CodeAstro Online Railway Reservation System 1.0 - Cross Site Scripting (XSS)
Exploit Title: CodeAstro Online Railway Reservation System 1.0 - Cross Site Scripting XSS Date: 2024-08-15 Exploit Author: Raj Nandi Vendor Homepage: https://codeastro.com/ Software Link: https://codeastro.com/online-railway-reservation-system-in-php-with-source-code/ Version: 1.0 Tested on: Any ...
Human Resource Management System 1.0 - 'employeeid' SQL Injection
Exploit Title: Human Resource Management System - SQL Injection Date: 13-01-2024 Exploit Author: Srikar Exp1o1t9r Vendor Homepage: https://www.sourcecodester.com/php/15740/human-resource-management-system-project-php-and-mysql-free-source-code.html Software Link:...
Online DJ Booking Management System 1.0 - 'Multiple' Blind Cross-Site Scripting
Exploit Title: Online DJ Booking Management System 1.0 - 'Multiple' Blind Cross-Site Scripting Date: 2021-10-06 Exploit Author: Yash Mahajan Vendor Homepage: https://phpgurukul.com/ Software Link: https://phpgurukul.com/online-dj-booking-management-system-using-php-and-mysql/ Version: V 1.0...
Library System 1.0 - 'student_id' SQL injection (Authenticated)
Exploit Title: Library System 1.0 - 'studentid' SQL injection Authenticated Google Dork: intitle: "Library System by YahooBaba" Date: 26/08/2021 Exploit Author: Vinay Bhuria Vendor Homepage: https://www.yahoobaba.net Software Link: https://www.yahoobaba.net/project/library-system-in-php Version:...
ECOA Building Automation System - Configuration Download Information Disclosure
Exploit Title: ECOA Building Automation System - Configuration Download Information Disclosure Date: 25.06.2021 Exploit Author: Neurogenesia Vendor Homepage: http://www.ecoa.com.tw ECOA Building Automation System Configuration Download Information Disclosure Vendor: ECOA Technologies Corp. Produc...
RaspAP 2.6.6 - Remote Code Execution (RCE) (Authenticated)
Exploit Title: RaspAP 2.6.6 - Remote Code Execution RCE Authenticated Date: 23.08.2021 Exploit Author: Moritz Gruber Vendor Homepage: https://raspap.com/ Software Link: https://github.com/RaspAP/raspap-webgui Version: 2.6.6 Tested on: Linux raspberrypi 5.10.52-v7+ import requests from requests.ap...
Adtran Personal Phone Manager 10.8.1 - 'emailAddress' Stored Cross-Site Scripting (XSS)
Exploit Title: Adtran Personal Phone Manager 10.8.1 - 'emailAddress' Stored Cross-Site Scripting XSS Date: 1/21/2021 Exploit Author: 3ndG4me Vendor Homepage: https://adtran.com/web/page/portal/Adtran/wphome Version: v10.8.1 Tested on: NetVanta 7060 and NetVanta 7100 CVE : CVE-2021-25679...
Faulty Evaluation System 1.0 - 'multiple' Stored Cross-Site Scripting
Exploit Title: Faulty Evaluation System 1.0 - 'multiple' Stored Cross-Site Scripting Date: 2021-02-16 Exploit Author: Suresh Kumar Vendor Homepage: https://www.sourcecodester.com/ Software Link: https://www.sourcecodester.com/php/14710/faulty-evaluation-system-using-phpcodeigniter-source-code.htm...
CyberArk PSMP 10.9.1 - Policy Restriction Bypass
Exploit Title: CyberArk PSMP 10.9.1 - Policy Restriction Bypass Google Dork: NA Date: 2020-02-25 Exploit Author: LAHBAL Said Vendor Homepage: https://www.cyberark.com/ Software Link: https://www.cyberark.com/ Version: PSMP = 11.1 Prerequisites Policy allows us to overwrite PSMRemoteMachine...
PHPMailer < 5.2.20 with Exim MTA - Remote Code Execution
!/usr/bin/python Exploit Title: RCE for PHPMailer 5.2.20 with Exim MTA Date: 16/06/2017 Exploit Author: @phacktul Software Link: https://github.com/PHPMailer/PHPMailer Version: 5.2.20 Tested on: Debian x86/x64 CVE : CVE-2016-10033,CVE-2016-10074,CVE-2016-10034,CVE-2016-10045 @phacktul -...
JBoss & JMX Console - Misconfigured Deployment Scanner
!/usr/bin/perl Exploit Title: JBoss, JMX Console, misconfigured DeploymentScanner Date: Oct 3 2011 Author: y0ug codsec.com Version: Tested on: Linux CVE : CVE-2010-0738 POC against misconfigured JBoss JMX Console It use the addUrl method in DeploymentScanner module More information...
eMule 0.42d - IRC Remote Buffer Overflow
!/usr/bin/perl eMule = 0.42d Remote Exploit by kcope exploits the DecodeBase16 buffer overflow tested on WinXP SP1 / Win2k SP4 bindport/connectback shellcode thanks Kostya Kortchinsky for his posting to bugtraq greetings to sander, blackzero, beginna, adize, A-cru and wY :p have fun! kcope,...
Microsoft Windows 11 23h2 - CLFS.sys Elevation of Privilege
Exploit Title: Microsoft Windows 11 23h2 - CLFS.sys Elevation of Privilege Date: 2025-04-16 Exploit Author: Milad Karimi Ex3ptionaL Contact: [email protected] Zone-H: www.zone-h.org/archive/notifier=Ex3ptionaL MiRROR-H: https://mirror-h.org/search/hacker/49626/ CVE: CVE-2024-49138 include...
Ivanti Connect Secure 22.7R2.5 - Remote Code Execution (RCE)
Exploit Title: Ivanti Connect Secure 22.7R2.5 - Remote Code Execution RCE Date: 2025-01-11 Exploit Author: @absholi7ly CVE: CVE-2025-0282 import requests import sys import struct import socket import ssl import urllib3 import time Disable SSL warnings...
LearnPress WordPress LMS Plugin 4.2.7 - SQL Injection
Exploit Title: LearnPress WordPress LMS Plugin 4.2.7 - SQL Injection Google Dork: inurl:"/wp-json/learnpress/v1/" OR inurl:"/wp-content/plugins/learnpress/" OR "powered by LearnPress" AND "version 4.2.7" Date: Current Date, e.g., October 30, 2024 Exploit Author: Your Name or Username Vendor...
FluxBB 1.5.11 - Stored Cross-Site Scripting (XSS)
Exploit Title: FluxBB 1.5.11 Stored xss Date: 3/8/2025 Exploit Author: Chokri Hammedi Vendor Homepage: www.fluxbb.org Software Link: https://www.softaculous.com/apps/forums/FluxBB Version: FluxBB 1.5.11 Tested on: Windows XP 1. login to admin panel 2. go to /adminforums.php 3. click on "add forum...
CE Phoenix Version 1.0.8.20 - Stored XSS
Exploit Title: CE Phoenix Version 1.0.8.20 - Stored XSS Date: 2023-11-25 Exploit Author: tmrswrr Category : Webapps Vendor Homepage: https://phoenixcart.org/ Version: v3.0.1 Tested on: https://www.softaculous.com/apps/ecommerce/CEPhoenix POC: 1-Login admin panel , go to this url :...
ProjeQtOr Project Management System v10.4.1 - Multiple XSS
Exploit Title: ProjeQtOr Project Management System V10.4.1 - Multiple XSS Version: V10.4.1 Bugs: Multiple XSS Technology: PHP Vendor URL: https://www.projeqtor.org Software Link: https://sourceforge.net/projects/projectorria/files/projeqtorV10.4.1.zip/download Date of found: 09.07.2023 Author:...
Roxy WI v6.1.0.0 - Unauthenticated Remote Code Execution (RCE)
ADVISORY INFORMATION Exploit Title: Roxy WI v6.1.0.0 - Unauthenticated Remote Code Execution RCE Date of found: 21 July 2022 Application: Roxy WI = v6.1.0.0 Author: Nuri Çilengir Vendor Homepage: https://roxy-wi.org Software Link: https://github.com/hap-wi/roxy-wi.git Advisory:...
WordPress Plugin Curtain 1.0.2 - Cross-site Request Forgery (CSRF)
Exploit Title: WordPress Plugin Curtain 1.0.2 - Cross-site Request Forgery CSRF Date: 24-03-2022 Exploit Author: Hassan Khan Yusufzai - Splint3r7 Vendor Homepage: https://wordpress.org/plugins/curtain/ Version: 1.0.2 Tested on: Firefox Summary: Cross site forgery vulnerability has been identified...
SEO Panel 4.8.0 - 'order_col' Blind SQL Injection (1)
Exploit Title: SEO Panel 4.8.0 - 'ordercol' Blind SQL Injection 1 Date: 17/02/2021 Exploit Author: Piyush Patil Vendor Homepage: https://www.seopanel.org/ Software Link: https://github.com/seopanel/Seo-Panel/releases/tag/4.8.0 Version: 4.8.0 Reference -...
HiSilicon Video Encoders - Full admin access via backdoor password
!/usr/bin/env bash Exploit Title: HiSilicon video encoders - full admin access via backdoor password Date: 2020-09-20 Exploit Author: Alexei Kojenov Vendor Homepage: multiple vendors Software Link: N/A Version: vendor-specific Tested on: Linux CVE: CVE-2020-24215 Vendors: URayTech, J-Tech Digital...
D-Link DIR-615 T1 20.10 - CAPTCHA Bypass
Exploit Title: D-Link DIR-615 T1 20.10 - CAPTCHA Bypass Date: 2019-10-12 Exploit Author: huzaifa hussain Vendor Homepage: https://in.dlink.com/ Version: DIR-615 T1 ver:20.10 Tested on: D-LINK ROUTER "MODEL NO: DIR-615" with "FIRMWARE VERSION:20.10" & "HARDWARE VERSION:T1 CVE: CVE-2019-17525 D-LIN...
Open-AudIT 3.3.0 - Reflective Cross-Site Scripting (Authenticated)
Exploit Title: Open-AudIT 3.3.0 - Reflective Cross-Site Scripting Authenticated Date: 2020-04-26 Exploit Author: Kamaljeet Kumar Vendor Homepage: https://opmantek.com/network-discovery-inventory-software/ Software Link: https://www.open-audit.org/downloads.php Version: 3.3.0 CVE : CVE-2020-12261...
ASUS GiftBox Desktop 1.1.1.127 - 'ASUSGiftBoxDesktop' Unquoted Service Path
Exploit Title: ASUS GiftBox Desktop 1.1.1.127 - 'ASUSGiftBoxDesktop' Unquoted Service Path Discovery by: Oscar Flores Discovery Date: 2020-03-05 Vendor Homepage: https://www.asus.com/ Software Link : https://www.microsoft.com/en-us/p/asus-giftbox/9wzdncrdrb6s?activetab=pivot:overviewtab Tested...
JavaScriptCore - Type Confusion During Bailout when Reconstructing Arguments Objects
The following sample was found by Fuzzilli and then slightly modified. It crashes JSC in debug builds: function main const v2 = 1337,1337; const v3 = 1337,v2,v2,0; Object.proto = v3; for let v10 = 0; v10 inheritscell-JSC::JSCell::vm, std...
ActiveFax Server 6.92 Build 0316 - 'POP3 Server' Denial of Service
Exploit Title: ActiveFax Server 6.92 Build 0316 - 'POP3 Server' Denial of Service Date: 2019-10-12 Vendor Homepage: https://www.actfax.com/ Software Link : https://www.actfax.com/download/actfaxsetupx64ge.exe Exploit Author: Achilles Tested Version: 6.92 Tested on: Windows 7 x64 Vulnerability Typ...
WordPress Theme Zoner Real Estate - 4.1.1 Persistent Cross-Site Scripting
Exploit Title: WordPress Theme Zoner Real Estate - 4.1.1 Persistent Cross-Site Scripting Google Dork: inurl:/wp-content/themes/zoner/ Date: 2019-09-24 Exploit Author: m0ze Vendor Homepage: https://fruitfulcode.com/ Software Link:...
MikroTik RouterOS < 6.43.12 (stable) / < 6.42.12 (long-term) - Firewall and NAT Bypass
CVE-2019-3924 A remote, unauthenticated attacker can proxy traffic through RouterOS via probes sent to the agent binary. This PoC demonstrates how to exploit a LAN host from the WAN. A video demonstrating the attack can be found here: https://www.youtube.com/watch?v=CxyOtsNVgFg A Tenable Research...
Linux Kernel < 4.4.0/ < 4.8.0 (Ubuntu 14.04/16.04 / Linux Mint 17/18 / Zorin) - Local Privilege Escalation (KASLR / SMEP)
// A proof-of-concept local root exploit for CVE-2017-1000112. // Includes KASLR and SMEP bypasses. No SMAP bypass. // Tested on: // - Ubuntu trusty 4.4.0 kernels // - Ubuntu xenial 4.4.0 and 4.8.0 kernels // - Linux Mint rosa 4.4.0 kernels // - Linux Mint sarah 4.8.0 kernels // - Zorin OS 12.1...
Microsoft Windows - CSRSS Privilege Escalation (MS05-018)
include include include pragma comment lib,"Advapi32.lib" typedef struct CONSOLESTATEINFO / 0x00 / DWORD cbSize; / 0x04 / COORD ScreenBufferSize; / 0x08 / COORD WindowSize; / 0x0c / POINT WindowPosition; / 0x14 / COORD FontSize; / 0x18 / DWORD FontFamily; / 0x1c / DWORD FontWeight; / 0x20 / WCHAR...
Hunk Companion Plugin 1.9.0 - Unauthenticated Plugin Installation
Exploit Title: Hunk Companion Plugin 1.9.0 - Unauthenticated Plugin Installation Date: 16 December, 2024 Exploit Author: Jun Takemura Author's GitHub: https://github.com/JunTakemura Author's Blog: juntakemura.dev Vendor Homepage: https://themehunk.com Software Link:...
GLPI 9.5.7 - Username Enumeration
Exploit Title: GLPI 9.5.7 - Username Enumeration Date: 04/29/2023 Author: Rafael B. Vendor Homepage: https://glpi-project.org/pt-br/ Affected Versions: GLPI version 9.1 = 9.5.7 Software: https://github.com/glpi-project/glpi/releases/download/9.5.7/glpi-9.5.7.tgz import requests from bs4 import...
Lucee Scheduled Job v1.0 - Command Execution
Exploit Title: Lucee Scheduled Job v1.0 - Command Execution Date: 3-23-2012 Exploit Author: Alexander Philiotis Vendor Homepage: https://www.lucee.org/ Software Link: https://download.lucee.org/ Version: All versions with scheduled jobs enabled Tested on: Linux - Debian, Lubuntu & Windows 10 Ref ...
Employee Task Management System v1.0 - SQL Injection on (task-details.php?task_id=?)
Exploit Title: Employee Task Management System v1.0 - SQL Injection on task-details.php?taskid=? Exploit Author: Muhammad Navaid Zafar Ansari Date: 17 February 2023 CVE Assigned: CVE-2023-0904 mitre.org, nvd.nist.org Vendor Homepage: https://www.sourcecodester.com Software Link: Employee Task...
KLiK Social Media Website 1.0 - 'Multiple' SQLi
Exploit Title: KLiK Social Media Website 1.0 - 'Multiple' SQLi Date: April 1st, 2022 Exploit Author: corpse Vendor Homepage: https://github.com/msaad1999/KLiK-SocialMediaWebsite Software Link: https://github.com/msaad1999/KLiK-SocialMediaWebsite Version: 1.0 Tested on: Debian 11 Parameter: poll G...
Home Owners Collection Management System 1.0 - Account Takeover (Unauthenticated)
Exploit Title: Home Owners Collection Management System 1.0 - Account Takeover Unauthenticated Date: 9/02/2022 Exploit Author: Saud Alenazi Vendor Homepage: https://www.sourcecodester.com/ Software Link:...
WordPress Plugin Mortgage Calculators WP 1.52 - Stored Cross-Site Scripting (XSS) (Authenticated)
Exploit Title: WordPress Plugin Mortgage Calculators WP 1.52 - Stored Cross-Site Scripting XSS Authenticated Date: 25-10-2021 Exploit Author: Ceylan Bozogullarindan Vendor Homepage: https://lenderd.com/ Software Link: https://mortgagecalculatorsplugin.com/ Version: 1.52 Tested on: Linux CVE :...
Siemens S7 Layer 2 - Denial of Service (DoS)
Exploit Title: Siemens S7 Layer 2 - Denial of Service DoS Date: 21/10/2021 Exploit Author: RoseSecurity Vendor Homepage: https://www.siemens.com/us/en.html Version: Firmware versions = 3 Tested on: Siemens S7-300, S7-400 PLCs !/usr/bin/python3 from scapy.all import from colorama import Fore, Back...
PlaceOS 1.2109.1 - Open Redirection
Exploit Title: PlaceOS 1.2109.1 - Open Redirection Date: 29-09-2021 Exploit Author: Hamza Khedr @ Accenture Austalia AARO Team Vendor Homepage: https://place.technology/ Software Link: https://github.com/PlaceOS Version: 1.29.10 Tested on: Ubuntu 20.04 CVE: CVE-2021-41826 PoC:...
Police Crime Record Management System 1.0 - 'Multiple' Stored Cross-Site Scripting (XSS)
Exploit Title: Police Crime Record Management System 1.0 - 'Multiple' Stored Cross-Site Scripting XSS Date: 12/08/2021 Exploit Author: Ömer Hasan Durmuş Software Link: https://www.sourcecodester.com/php/14894/police-crime-record-management-system.html Version: v1.0 Category: Webapps Tested on:...
WordPress Plugin Picture Gallery 1.4.2 - 'Edit Content URL' Stored Cross-Site Scripting (XSS)
Exploit Title: WordPress Plugin Picture Gallery 1.4.2 - 'Edit Content URL' Stored Cross-Site Scripting XSS Date: 2021-08-06 Exploit Author: Aryan Chehreghani Software Link: https://wordpress.org/plugins/picture-gallery/ Version: 1.4.2 Tested on: Windows 10 How to Reproduce this Vulnerability: 1...
Ubee EVW327 - 'Enable Remote Access' Cross-Site Request Forgery (CSRF)
Exploit Title: Ubee EVW327 - 'Enable Remote Access' Cross-Site Request Forgery CSRF Date: 2021-05-30 Exploit Author: lated Vendor Homepage: https://www.ubeeinteractive.com Version: EVW327 document.forms0.submit;...
Printable Staff ID Card Creator System 1.0 - 'email' SQL Injection
Exploit Title: Printable Staff ID Card Creator System 1.0 - SQLi & RCE via Arbitrary File Upload Date: 2021-05-16 Exploit Author : bwnz Software Link: https://www.sourcecodester.com/php/12802/php-staff-id-card-creation-and-printing-system.html Version: 1.0 Tested on: Ubuntu 20.04.2 LTS Printable...
DigitalPersona 4.5.0.2213 - 'DpHostW' Unquoted Service Path
Exploit Title: DigitalPersona 4.5.0.2213 - 'DpHostW' Unquoted Service Path Exploit Author : SamAlucard Exploit Date: 2020-11-08 Vendor : DigitalPersona U. are U. One Touch Version : DigitalPersona Pro 4.5.0.2213 Vendor Homepage : https://www.hidglobal.com/crossmatch Tested on OS: Windows 10 Home...
Sysax Multi Server 5.50 - Denial of Service (PoC)
Exploit Title: Sysax Multi Server 5.50 - Denial of Service PoC Google Dork: NA Date: 2020-01-20 Exploit Author: Shailesh Kumavat Vendor Homepage: https://www.sysax.com/ Software Link: https://www.sysax.com/download.htmsysaxserv Version: Sysax Multi Server 5.50 Tested on: WIndow 7 CVE : if...
Adobe Acrobat Reader DC for Windows - Heap-Based Buffer Overflow due to Malformed JP2 Stream (2)
We have observed the following access violation exception in the latest version of Adobe Acrobat Reader DC for Windows, when opening a malformed PDF file: --- cut --- 7f2c.8be8: Access violation - code c0000005 first chance First chance exceptions are reported before any exception handling. This...
GOautodial 4.0 - 'CreateEvent' Persistent Cross-Site Scripting
Exploit Title: GOautodial 4.0 - 'CreateEvent' Persistent Cross-Site Scripting Author: Cakes Discovery Date: 2019-09-19 Vendor Homepage: https://goautodial.org/ Software Link: https://downloads2.goautodial.org/centos/7/isos/x8664/GOautodial-4-x8664-Pre-Release-20180929-0618.iso Tested Version: 4.0...
Enigma NMS 65.0.0 - SQL Injection
-------------------------------------------------------------------- Exploit Title: Enigma NMS searchpattern SQL Injection Date: 21 July 2019 Author: Mark Cross @xerubus | mogozobo.com Vendor: NETSAS Pty Ltd Vendor Homepage: https://www.netsas.com.au/ Software Link:...