Technicolor TC7300.B0 - 'hostname' Persistent Cross-Site Scripting

Exploit Title: Technicolor TC7300.B0 - 'hostname' Persistent Cross-Site Scripting Google Dork: N/A Date: 2019-11-11 Exploit Author: Luis Stefan Vendor Homepage: https://www.technicolor.com/ Software Link: N/A Version: TC7300.B0 - STFA.51.20 Tested on: macOS Mojave and Catalina CVE : !/usr/bin/env...

SOCA Access Control System 180612 - Cross-Site Request Forgery (Add Admin)

SOCA Access Control System 180612 CSRF Add Admin Exploit Vendor: SOCA Technology Co., Ltd Product web page: http://www.socatech.com Affected version: 180612, 170000 and 141007 Summary: The company's products include Proximity and Fingerprint access control system, Time and Attendance, Electric...

Boa 0.93.15 - Administrator Password Overwrite Authentication Bypass

source: https://www.securityfocus.com/bid/25676/info Boa is prone to an authentication-bypass vulnerability because the application fails to ensure that passwords are not overwritten by specially crafted HTTP Requests. An attacker can exploit this issue to gain unauthorized access to the affected...

Azon Dominator Affiliate Marketing Script - SQL Injection

Exploit Title: Azon Dominator - Affiliate Marketing Script - SQL Injection Date: 2024-06-03 Exploit Author: Buğra Enis Dönmez Vendor: https://www.codester.com/items/12775/azon-dominator-affiliate-marketing-script Demo Site: https://azon-dominator.webister.net/ Tested on: Arch Linux CVE: N/A Reque...

xbtitFM 4.1.18 - Multiple Vulnerabilities

Exploit Title: xbtitFM 4.1.18 Multiple Vulnerabilities Date: 22-01-2024 Vendor Homepage: https://xbtitfm.eu Affected versions: 4.1.18 and prior Description: The SQLi and the path traversal are unauthenticated, they don't require any user interaction to be exploited and are present in the default...

Apache James Server 2.3.2 - Remote Command Execution (RCE) (Authenticated) (2)

Exploit Title: Apache James Server 2.3.2 - Remote Command Execution RCE Authenticated 2 Date: 27/09/2021 Exploit Author: shinris3n Vendor Homepage: http://james.apache.org/server/ Software Link: http://ftp.ps.pl/pub/apache/james/server/apache-james-2.3.2.zip Version: Apache James Server 2.3.2...

ECOA Building Automation System - Cookie Poisoning Authentication Bypass

Exploit Title: ECOA Building Automation System - Cookie Poisoning Authentication Bypass Date: 25.06.2021 Exploit Author: Neurogenesia Vendor Homepage: http://www.ecoa.com.tw ECOA Building Automation System Cookie Poisoning Authentication Bypass Vendor: ECOA Technologies Corp. Product web page:...

WordPress Plugin RSS for Yandex Turbo 1.29 - Stored Cross-Site Scripting (XSS)

Exploit Title: WordPress Plugin RSS for Yandex Turbo 1.29 - Stored Cross-Site Scripting XSS Date: 17/04/2021 Exploit Author: Himamshu Dilip Kulkarni Software Link: https://wordpress.org/plugins/rss-for-yandex-turbo/ Version: 1.29 Tested on: Windows Steps to reproduce vulnerability: 1. Install...

AgataSoft PingMaster Pro 2.1 - Denial of Service (PoC)

Exploit Title: AgataSoft PingMaster Pro 2.1 - Denial of Service PoC Date: 2021-02-15 Exploit Author: Ismael Nava Vendor Homepage: http://agatasoft.com/ Software Link: http://agatasoft.com/PingMasterPro.exe Version: 2.1 Tested on: Windows 10 Home x64 STEPS Open the program AgataSoft PingMaster Pro...

b2evolution 6.11.6 - 'plugin name' Stored XSS

Exploit Title: b2evolution 6.11.6 - 'plugin name' Stored XSS Date: 09/02/2021 Exploit Author: Soham Bakore, Nakul Ratti Vendor Homepage: https://b2evolution.net/ Software Link: https://b2evolution.net/downloads/6-11-6-stable?download=12405 Version: 6.11.6 Tested on: latest version of Chrome,...

SmartBlog 2.0.1 - 'id_post' Blind SQL injection

Exploit Title: SmartBlog 2.0.1 - 'idpost' Blind SQL injection Date: 2020-11-05 Exploit Author: C0wnuts Vendor Homepage: https://github.com/smartdatasoft/smartblog Version: 2.0.1 Tested on: Linux Description : A blind SQL injection is present in the "idpost" parameter of the "details" controller. ...

OpenSSH 3.x - Challenge-Response Buffer Overflow (1)

source: https://www.securityfocus.com/bid/5093/info The OpenSSH team has reported two vulnerabilities in OpenSSH that are remotely exploitable and may allow for unauthenticated attackers to obtain root privileges. The conditions are related to the OpenSSH SSH2 challenge-response mechanism. They...

Bank Locker Management System - SQL Injection

Exploit Title: Bank Locker Management System - SQL Injection Application: Bank Locker Management System Date: 12.09.2023 Bugs: SQL Injection Exploit Author: SoSPiro Vendor Homepage: https://phpgurukul.com/ Software Link: https://phpgurukul.com/bank-locker-management-system-using-php-and-mysql/...

Yank Note v3.52.1 (Electron) - Arbitrary Code Execution

Exploit Title: Yank Note v3.52.1 Electron - Arbitrary Code Execution Date: 2023-04-27 Exploit Author: 8bitsec CVE: CVE-2023-31874 Vendor Homepage: yank-note.com Software Link: https://github.com/purocean/yn Version: 3.52.1 Tested on: Ubuntu 22.04 | Mac OS 13 Release Date: 2023-04-27 Product &...

Auto Dealer Management System v1.0 - SQL Injection in sell_vehicle.php

Exploit Title: Auto Dealer Management System v1.0 - SQL Injection in sellvehicle.php Author Name: Muhammad Navaid Zafar Ansari Date: 18 February 2023 CVE Assigned: CVE-2023-0913 mitre.org nvd.nist.org Vendor Homepage: https://www.sourcecodester.com Software Link: Auto Dealer Management System...

CSZ CMS 1.3.0 - 'Multiple' Blind SQLi

Exploit Title: CSZ CMS 1.3.0 - 'Multiple' Blind SQLi Date: 2021-04-22 Exploit Author: Dogukan Dincer Vendor Homepage: https://www.cszcms.com/ Software Link: https://sourceforge.net/projects/cszcms/files/install/CSZCMS-V1.3.0.zip/download Version: 1.3.0 Tested on: Kali Linux, Windows 10, PHP 7.2.4...

Delta Controls enteliTOUCH 3.40.3935 - Cookie User Password Disclosure

Exploit Title: Delta Controls enteliTOUCH 3.40.3935 - Cookie User Password Disclosure Exploit Author: LiquidWorm Vendor: Delta Controls Inc. Product web page: https://www.deltacontrols.com Affected version: 3.40.3935 3.40.3706 3.33.4005 Summary: enteliTOUCH - Touchscreen Building Controller. Get...

WorkTime 10.20 Build 4967 - Unquoted Service Path

Exploit Title: WorkTime 10.20 Build 4967 - Unquoted Service Path Discovery by: Yehia Elghaly Date: 30-12-2021 Vendor Homepage: https://www.worktime.com/ Software Link: https://www.worktime.com/download/worktimecorporate.exe Tested Version: 10.20 Build Build 4967 Vulnerability Type: Unquoted Servi...

WordPress Plugin WPGraphQL 1.3.5 - Denial of Service

Exploit Title: WordPress Plugin WPGraphQL 1.3.5 - Denial of Service Author: Dolev Farhi Date: 2021-04-12 Vendor Homepage: https://www.wpgraphql.com/ Version: 1.3.5 Tested on: Ubuntu """ This attack uses duplication of fields amplified by GraphQL batched queries, resulting in server OOM and MySQL...

Spotweb 1.4.9 - 'search' SQL Injection

Exploit Title: Spotweb 1.4.9 - 'search' SQL Injection Google Dork: N/A Date: 20 December 2020 Exploit Author: BouSalman Vendor Homepage: https://github.com/spotweb/spotweb Software Link: N/A Version: 1.4.9 Tested on: Ubuntu 18.04 CVE: CVE-2020-35545 GET...

Cayin Signage Media Player 3.0 - Remote Command Injection (root)

Title: Cayin Signage Media Player 3.0 - Remote Command Injection root Author:LiquidWorm Date: 2020-06-04 Vendor: https://www.cayintech.com CVE: N/A !/usr/bin/env python3 Cayin Signage Media Player 3.0 Root Remote Command Injection Vendor: CAYIN Technology Co., Ltd. Product web page:...

YouPHPTube 7.2 - 'userCreate.json.php' SQL Injection

Exploit Title: YouPHPTube 7.3 SQL Injection Google Dork: / Date: 19.08.2019 Exploit Author: Fabian Mosch, r-tec IT Security GmbH Vendor Homepage: https://www.youphptube.com/ Software Link: https://github.com/YouPHPTube/YouPHPTube Version: 7.3 Tested on: Linux/Windows CVE : CVE-2019-14430 The...

NoviSmart CMS - SQL injection

Exploit Title: NoviSmart CMS SQL injection Date: 23.7.2019. Exploit Author: n1x MS-WEB Vendor Homepage: http://www.novismart.com/ Version: Every version CVE : CWE-89 Vulnerable parameter: Referer HTTP Header field GET Request GET / HTTP/1.1 Referer:...

ProFTPd - 'mod_sftp' Integer Overflow Denial of Service (PoC)

ProFTPD modsftp Integer Overflow by Kingcope reference: http://www.castaglia.org/proftpd/modules/modsftp.html Exploit Title: ProFTPD modsftp Integer Overflow Date: 7 February 2011 Author: Kingcope Software Link: http://www.castaglia.org/proftpd/modules/modsftp.html Tested on: Centos 5.5 Program...

ABB Cylon Aspect 3.08.03 - Guest2Root Privilege Escalation

!/usr/bin/env python Exploit Title: ABB Cylon Aspect 3.08.03 - Guest2Root Privilege Escalation Vendor: ABB Ltd. Product web page: https://www.global.abb Affected version: NEXUS Series, MATRIX-2 Series, ASPECT-Enterprise, ASPECT-Studio Firmware: =3.08.03 Summary: ASPECT is an award-winning scalabl...

Computer Laboratory Management System v1.0 - Multiple-SQLi

Title: Computer Laboratory Management System v1.0 - Multiple-SQLi Author: nu11secur1ty Date: 03/28/2024 Vendor: https://github.com/oretnom23 Software: https://www.sourcecodester.com/php/17268/computer-laboratory-management-system-using-php-and-mysql.htmlcomment-104400 Reference:...

RoyalTSX 6.0.1 - RTSZ File Handling Heap Memory Corruption PoC

RoyalTSX 6.0.1 RTSZ File Handling Heap Memory Corruption PoC Vendor: Royal Apps GmbH Web page: https://www.royalapps.com Affected version: 6.0.1.1000 macOS Summary: Royal TS is an ideal tool for system engineers and other IT professionals who need remote access to systems with different protocols...

WordPress adivaha Travel Plugin 2.3 - SQL Injection

Exploit Title: WordPress adivaha Travel Plugin 2.3 - SQL Injection Exploit Author: CraCkEr Date: 29/07/2023 Vendor: adivaha - Travel Tech Company Vendor Homepage: https://www.adivaha.com/ Software Link: https://wordpress.org/plugins/adiaha-hotel/ Demo: https://www.adivaha.com/demo/adivaha-online/...

BoxBilling<=4.22.1.5 - Remote Code Execution (RCE)

Exploit Title: BoxBilling POC Video : https://drive.google.com/file/d/1m2glCeJ9QXc8epuY2QfvbWwjLTJ8Hjx/view?usp=sharing...

Men Salon Management System 1.0 - Multiple Vulnerabilities

Exploit Title: Men Salon Management System 1.0 - Multiple Vulnerabilities Date: 2021-09-09 Exploit Author: Aryan Chehreghani Vendor Homepage: https://phpgurukul.com Software Link: https://phpgurukul.com/men-salon-management-system-using-php-and-mysql Version: 1.0 Tested on: Windows 10 - XAMPP...

Faulty Evaluation System 1.0 - 'multiple' Stored Cross-Site Scripting

Exploit Title: Faulty Evaluation System 1.0 - 'multiple' Stored Cross-Site Scripting Date: 2021-02-16 Exploit Author: Suresh Kumar Vendor Homepage: https://www.sourcecodester.com/ Software Link: https://www.sourcecodester.com/php/14710/faulty-evaluation-system-using-phpcodeigniter-source-code.htm...

Apache Flink 1.11.0 - Unauthenticated Arbitrary File Read (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Apache Flink File Read Vulnerability', 'Description' = %q This module exploits an unauthenticated directory traversal vulnerability in Apache Fli...

macOS 18.7.0 Kernel - Local Privilege Escalation

macOS-Kernel-Exploit DISCLAIMER You need to know the KASLR slide to use the exploit. Also SMAP needs to be disabled which means that it's not exploitable on Macs after 2015. These limitations make the exploit pretty much unusable for in-the-wild exploitation but still helpful for security...

WordPress Core 4.6 - Remote Code Execution

!/bin/bash / / / / / / / / / / / / / / / / / / // / / / /// / / / / // / // / // / / / / // / // , / / / ///, /,// // //,///||// // // WordPress 4.6 - Remote Code Execution RCE PoC Exploit CVE-2016-10033 wordpress-rce-exploit.sh ver. 1.0 Discovered and coded by Dawid Golunski @dawidgolunski...

LiveHelperChat 4.61 - Stored Cross Site Scripting (XSS) via Telegram Bot Username

Exploit Title: LiveHelperChat 4.61 - Stored Cross Site Scripting XSS via Telegram Bot Username Date: 09/06/2025 Exploit Author: Manojkumar J TheWhiteEvil Linkedin: https://www.linkedin.com/in/manojkumar-j-7ba35b202/ Vendor Homepage: https://github.com/LiveHelperChat/livehelperchat/ Software Link:...

Apache HugeGraph Server 1.2.0 - Remote Code Execution (RCE)

Exploit Title: Apache HugeGraph Server 1.2.0 - Remote Code Execution RCE Exploit Author: Yesith Alvarez Vendor Homepage: https://hugegraph.apache.org/docs/download/download/ Version: Apache HugeGraph 1.0.0 - 1.2.0 CVE : CVE-2024–27348 from requests import Request, Session import sys import json d...

ResidenceCMS 2.10.1 - Stored Cross-Site Scripting (XSS)

Exploit Title: ResidenceCMS 2.10.1 - Stored Cross-Site Scripting XSS Date: 8-7-2024 Category: Web Application Exploit Author: Jeremia Geraldi Sihombing Version: 2.10.1 Tested on: Windows CVE: CVE-2024-39143 Description: ---------------- A stored cross-site scripting XSS vulnerability exists in...

Human Resource Management System 1.0 - 'employeeid' SQL Injection

Exploit Title: Human Resource Management System - SQL Injection Date: 13-01-2024 Exploit Author: Srikar Exp1o1t9r Vendor Homepage: https://www.sourcecodester.com/php/15740/human-resource-management-system-project-php-and-mysql-free-source-code.html Software Link:...

OpenEMR v7.0.1 - Authentication credentials brute force

Exploit Title: OpenEMR v7.0.1 - Authentication credentials brute force Date: 2023-04-28 Exploit Author: abhhi Abhishek Birdawade Vendor Homepage: https://www.open-emr.org/ Software Link: https://github.com/openemr/openemr/archive/refs/tags/v701.tar.gz Version: 7.0.1 Tested on: Windows ''' Example...

Simple Task Managing System v1.0 - SQL Injection (Unauthenticated)

Exploit Title: Simple Task Managing System v1.0 - SQL Injection Unauthenticated Date: 2022-01-09 Exploit Author: Hamdi Sevben Vendor Homepage: https://www.sourcecodester.com/php/15624/simple-task-managing-system-php-mysqli-free-source-code.html Software Link:...

Clansphere CMS 2011.4 - Stored Cross-Site Scripting (XSS)

Exploit Title: Clansphere CMS 2011.4 - Stored Cross-Site Scripting XSS Exploit Author: Sinem Şahin Date: 2022-10-08 Vendor Homepage: https://www.csphere.eu/ Version: 2011.4 Tested on: Windows & XAMPP == Tutorial http://HOST/index.php?mod=buddys&action=create&id=925872 2- Write XSS Payload into th...

Joomla Plugin SexyPolling 2.1.7 - SQLi

Exploit Title: Joomla Plugin SexyPolling 2.1.7 - SQLi Google Dork: intext:"Powered by Sexy Polling" Date: 2022-02-08 Exploit Author: Wolfgang Hotwagner Vendor Homepage: https://2glux.com/projects/sexypolling Software Link: https://2glux.com/downloads/files/free/sexypollingpack2.1.72glux.com.zip...

WordPress Plugin Contact Form Builder 1.6.1 - Cross-Site Scripting (XSS)

Exploit Title: Wordpress Plugin Contact Form Builder 1.6.1 - Cross-Site Scripting XSS Date: 2022-02-07 Author: Milad karimi Software Link: https://wordpress.org/plugins/contact-forms-builder/ Version: 1.6.1 Tested on: Windows 11 CVE: N/A 1. Description: This plugin creates a Contact Form Builder...

Wordpress Plugin Download From Files 1.48 - Arbitrary File Upload

Exploit Title: Wordpress Plugin Download From Files 1.48 - Arbitrary File Upload Google Dork: inurl:/wp-content/plugins/download-from-files Date: 10/09/2021 Exploit Author: spacehen Vendor Homepage: https://wordpress.org/plugins/download-from-files/ Version: spacehen www.github.com/spacehen" def...

Hotel Management System 1.0 - Cross-Site Scripting (XSS) Arbitrary File Upload Remote Code Execution (RCE)

Exploit Title: Hotel Management System 1.0 - Cross-Site Scripting XSS Arbitrary File Upload Remote Code Execution RCE Date: 2021-08-01 Exploit Author: Merbin Russel Vendor Homepage: https://phpgurukul.com/ Software Link: https://phpgurukul.com/?smdprocessdownload=1&downloadid=7204 Version: V1.0...

htmly 2.8.0 - 'description' Stored Cross-Site Scripting (XSS)

Exploit Title: htmly 2.8.0 - 'description' Stored Cross-Site Scripting XSS Authors: @nu11secur1ty & G.Dzhankushev Date: 04.15.2021 Vendor Homepage: https://www.htmly.com/ Software Link: https://github.com/danpros/htmly CVE: CVE-2021-30637 !/usr/bin/python3 from selenium import webdriver from...

Selea Targa IP OCR-ANPR Camera - 'addr' Remote Code Execution (Unauthenticated)

Exploit Title: Selea Targa IP OCR-ANPR Camera - 'addr' Remote Code Execution Unauthenticated Date: 07.11.2020 Exploit Author: LiquidWorm Vendor Homepage: https://www.selea.com !/bin/bash Selea Targa IP OCR-ANPR Camera Unauthenticated Remote Code Execution Vendor: Selea s.r.l. Product web page:...

libbabl 0.1.62 - Broken Double Free Detection (PoC)

Exploit Title: libbabl 0.1.62 - Broken Double Free Detection PoC Date: December 14, 2020 Exploit Author: Carter Yagemann Vendor Homepage: https://www.gegl.org Software Link: https://www.gegl.org/babl/ Version: libbabl 0.1.62 and newer Tested on: Debian Buster Linux 4.19.0-9-amd64 Compile: gcc...

Microsoft NET USE win10 - Insufficient Authentication Logic

Title: Microsoft NET USE win10 - Insufficient Authentication Logic Date: 2020-04-04 Author: hyp3rlinx Vendor: www.microsoft.com CVE: N/A + Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source:...

iSeeQ Hybrid DVR WH-H4 2.0.0.P - (get_jpeg) Stream Disclosure

Title: iSeeQ Hybrid DVR WH-H4 2.0.0.P - getjpeg Stream Disclosure Date: 2019-10-29 Author: LiquidWorm Vendor:iSeeQ Link: http://www.iseeq.co.kr CVE: N/A !/bin/bash iSeeQ Hybrid DVR WH-H4 1.03R / 2.0.0.P getjpeg Stream Disclosure Vendor: iSeeQ Product web page: http://www.iseeq.co.kr Affected...