47884 matches found
ECOA Building Automation System - Weak Default Credentials
Exploit Title: ECOA Building Automation System - Weak Default Credentials Date: 25.06.2021 Exploit Author: Neurogenesia Vendor Homepage: http://www.ecoa.com.tw ECOA Building Automation System Weak Default Credentials Vendor: ECOA Technologies Corp. Product web page: http://www.ecoa.com.tw Affecte...
CMSimple 5.2 - 'External' Stored XSS
Exploit Title: CMSimple 5.2 - 'External' Stored XSS Date: 2021/04/07 Exploit Author: Quadron Research Lab Version: CMSimple 5.2 Tested on: Windows 10 x64 HUN/ENG Professional Vendor: https://www.cmsimple.org/en/ Description The CMSimple 5.2 allow stored XSS via the Settings CMS Filebrowser...
Budget Management System 1.0 - 'Budget title' Stored XSS
Exploit Title: Budget Management System 1.0 - 'Budget title' Stored XSS Exploit Author: Jitendra Kumar Tripathi Vendor Homepage: https://www.sourcecodester.com/ Software Link: https://www.sourcecodester.com/php/14403/budget-management-system.html Version: 1 Tested on Windows 10 + Xampp 8.0.3 XSS...
MyBB Thread Redirect Plugin 0.2.1 - Cross-Site Scripting
Exploit Title: MyBB Thread Redirect Plugin 0.2.1 - Cross-Site Scripting Date: 7/23/2018 Author: 0xB9 Software Link: https://github.com/jamiesage123/Thread-Redirect Version: 0.2.1 Tested on: Windows 10 1. Description: This plugin allows threads to redirect to a URL with optional custom text. The...
QiHang Media Web Digital Signage 3.0.9 - Cleartext Credential Disclosure
Exploit Title: QiHang Media Web Digital Signage 3.0.9 - Cleartext Credential Disclosure Date: 2020-08-12 Exploit Author: LiquidWorm Vendor Homepage: http://www.howfor.com Tested on: Microsoft Windows Server 2012 R2 Datacenter CVE : N/A QiHang Media Web QH.aspx Digital Signage 3.0.9 Cleartext...
vBulletin 5.6.1 - 'nodeId' SQL Injection
Exploit Title: vBulletin 5.6.1 - 'nodeId' SQL Injection Date: 2020-05-15 Exploit Author: Photubias Vendor Advisory: 1 https://forum.vbulletin.com/forum/vbulletin-announcements/vbulletin-announcementsaa/4440032-vbulletin-5-6-1-security-patch-level-1 Version: vBulletin v5.6.x prior to Patch Level 1...
Microsoft DirectWrite - Invalid Read in SplicePixel While Processing OTF Fonts
Microsoft DirectWrite is a modern Windows API for high-quality text rendering. A majority of its code resides in the DWrite.dll user-mode library. It is used by a variety of widely used desktop programs such as the Chrome, Firefox and Edge browsers and constitutes an attack surface for memory...
Alkacon OpenCMS 10.5.x - Cross-Site Scripting
Exploit Title: Alkacon OpenCMS 10.5.x - Multiple XSS in Apollo Template Google Dork: N/A Date: 18/07/2019 Exploit Author: Aetsu Vendor Homepage: http://www.opencms.org Software Link: https://github.com/alkacon/apollo-template Version: 10.5.x Tested on: 10.5.5 / 10.5.4 CVE : CVE-2019-13234,...
Jobberbase 2.0 - 'subscribe' SQL Injection
!/bin/bash Exploit Title: Jobberbase 2.0 - 'subscribe' SQL injection Date: 29 August 2019 Exploit Author: Damian Ebelties https://zerodays.lol/ Vendor Homepage: http://www.jobberbase.com/ Version: 2.0 Tested on: Ubuntu 18.04.1 : ' The page "/subscribe/" is vulnerable for SQL injection. Simply mak...
Baldr Botnet Panel - Arbitrary Code Execution (Metasploit)
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'net/http' class MetasploitModule "Baldr Botnet Panel Shell Upload Exploit", 'Description' = %q This module exploits the file upload vulnerability of baldr malwa...
Microsoft DirectWrite / AFDKO - Heap-Based Buffer Overflow Due to Integer Overflow in readTTCDirectory
-----===== Background =====----- AFDKO Adobe Font Development Kit for OpenType is a set of tools for examining, modifying and building fonts. The core part of this toolset is a font handling library written in C, which provides interfaces for reading and writing Type 1, OpenType, TrueType to some...
AnyBurn 4.3 - Local Buffer Overflow (PoC)
Exploit Title: AnyBurn Date: 15-12-2018 Vendor Homepage: http://www.anyburn.com/ Software Link : http://www.anyburn.com/anyburnsetup.exe Exploit Author: Achilles Tested Version: 4.3 32-bit Tested on: Windows 7 x64 Vulnerability Type: Denial of Service DoS Local Buffer Overflow Steps to Produce th...
MidiCart PHP - 'Item_List.php?MainGroup' Cross-Site Scripting
source: https://www.securityfocus.com/bid/13518/info MidiCart PHP is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code executed in the browser...
Ghost CMS 5.59.1 - Arbitrary File Read
!/usr/bin/env python3 -- coding: utf-8 -- """ Exploit Title: Ghost CMS 5.59.1 - Arbitrary File Read Date: 2023-09-20 Exploit Author: ibrahimsql https://github.com/ibrahmsql Vendor Homepage: https://ghost.org Software Link: https://github.com/TryGhost/Ghost Version: =2.28.1, zipfile, tempfile Usag...
Microsoft Edge Renderer Process (Mojo IPC) 134.0.6998.177 - Sandbox Escape
Titles: Microsoft Edge Renderer Process Mojo IPC 134.0.6998.177 - Sandbox Escape Author: nu11secur1ty Date: 08/07/2025 Vendor: Microsoft Software: https://www.microsoft.com/en-us/software-download/windows11 Reference: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-49730...
Tenda FH451 1.0.0.9 Router - Stack-based Buffer Overflow
/ Title : Tenda FH451 1.0.0.9 Router - Stack-based Buffer Overflow Author : Byte Reaper Telegram : @ByteReaper0 CVE : CVE-2025-7795 Vulnerability : Buffer Overflow Description : A buffer overflow vulnerability affecting certain Tenda routers, exploitable via an unauthenticated POST request to an...
CodeAstro Online Railway Reservation System 1.0 - Cross Site Scripting (XSS)
Exploit Title: CodeAstro Online Railway Reservation System 1.0 - Cross Site Scripting XSS Date: 2024-08-15 Exploit Author: Raj Nandi Vendor Homepage: https://codeastro.com/ Software Link: https://codeastro.com/online-railway-reservation-system-in-php-with-source-code/ Version: 1.0 Tested on: Any ...
FoF Pretty Mail 1.1.2 - Local File Inclusion (LFI)
Exploit Title: FoF Pretty Mail 1.1.2 - Local File Inclusion LFI Date: 03/28/2024 Exploit Author: Chokri Hammedi Vendor Homepage: https://flarum.org/ Software Link: https://github.com/FriendsOfFlarum/pretty-mail Version: 1.1.2 Tested on: Windows XP CVE: N/A Description: The FoF Pretty Mail extensi...
PaulPrinting CMS - Multiple Cross Site Web Vulnerabilities
Exploit Title: PaulPrinting CMS - Multiple Cross Site Web Vulnerabilities References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2285 Release Date: ============= 2023-07-19 Vulnerability Laboratory ID VL-ID: ==================================== 2285 Common...
craftercms 4.x.x - CORS
Exploit Title: craftercms 4.x.x - CORS Author: nu11secur1ty Date: 03.07.2023 Vendor: https://docs.craftercms.org/en/4.0/index.html Software: https://github.com/craftercms/craftercms/tags = 4.x.x Reference: https://portswigger.net/web-security/cors Description: The application implements an HTML5...
X-Skipper-Proxy v0.13.237 - Server Side Request Forgery (SSRF)
Exploit Title: X-Skipper-Proxy v0.13.237 - Server Side Request Forgery SSRF Date: 24/10/2022 Exploit Author: Hosein Vita & Milad Fadavvi Vendor Homepage: https://github.com/zalando/skipper Software Link: https://github.com/zalando/skipper Version: v0.13.237 Tested on: Linux CVE: CVE-2022-38580...
Casdoor 1.13.0 - SQL Injection (Unauthenticated)
// Exploit Title: Casdoor 1.13.0 - SQL Injection Unauthenticated // Date: 2022-02-25 // Exploit Author: Mayank Deshmukh // Vendor Homepage: https://casdoor.org/ // Software Link: https://github.com/casdoor/casdoor/releases/tag/v1.13.0 // Version: version 1.13.1 // Security Advisory:...
Seowon 130-SLC router - 'queriesCnt' Remote Code Execution (Unauthenticated)
Exploit Title: Seowon 130-SLC router - 'queriesCnt' Remote Code Execution Unauthenticated Date: 2021-09-15 Exploit Author: Aryan Chehreghani Vendor Homepage: http://www.seowonintech.co.kr Software Link: http://www.seowonintech.co.kr/en/product/detail.asp?num=150&bigkindB05&middlekindB0529 Version...
COVID19 Testing Management System 1.0 - 'Multiple' SQL Injections
Exploit Title: COVID19 Testing Management System 1.0 - 'Multiple' SQL Injections Date: 17-08-2021 Exploit Author: Halit AKAYDIN hLtAkydn Vendor Homepage: https://phpgurukul.com Software Link: https://phpgurukul.com/covid19-testing-management-system-using-php-and-mysql/ Version: V1 Category: Webap...
Seagate BlackArmor NAS sg2000-2000.1331 - Command Injection
Exploit Title: Seagate BlackArmor NAS sg2000-2000.1331 - Command Injection Date: 15.07.2021 Discovered by: Jeroen - IT Nerdbox Exploit Author: Metin Yunus Kandemir Version: sg2000-2000.1331 Vendor Homepage: https://www.seagate.com/ Software Link:...
Online Library Management System 1.0 - 'Search' SQL Injection
Exploit Title: Online Library Management System 1.0 - 'Search' SQL Injection Date: 23-06-2021 Exploit Author: Berk Can Geyikci Vendor Homepage: https://www.sourcecodester.com/ Software Link: https://www.sourcecodester.com/sites/default/files/download/janobe/ols.zip Version: 1.0 Tested on: Windows...
Alt-N MDaemon webmail 20.0.0 - 'Contact name' Stored Cross Site Scripting (XSS)
Exploit Title: Alt-N MDaemon webmail 20.0.0 - 'Contact name' Stored Cross Site Scripting XSS Date: 2020-08-25 Exploit Author: Kailash Bohara Vendor Homepage: https://www.altn.com/ Version: Mdaemon webmail 3. We can see execution code and after saving it, each time we visits the distribution list...
Life Insurance Management System 1.0 - 'client_id' SQL Injection
Exploit Title: Life Insurance Management System 1.0 - 'clientid' SQL Injection Date: 15/1/2021 Exploit Author: Aitor Herrero Vendor Homepage: https://www.sourcecodester.com Software Link: https://www.sourcecodester.com/php/14665/life-insurance-management-system-php-full-source-code.html Version:...
online Chatting System 1.0 - 'id' SQL Injection
Exploit Title: online Chatting System 1.0 - 'id' SQL Injection Google Dork: N/A Date: 2020-05-17 Exploit Author: BKpatron Vendor Homepage: https://www.sourcecodester.com/php/14224/online-chatting-system-using-phpmysql.html Software Link:...
Pi-hole < 4.4 - Authenticated Remote Code Execution
!/usr/bin/env python3 Pi-hole = 4.4 RCE Author: Nick Frichette Homepage: https://frichetten.com Note: This exploit must be run with root privileges and port 80 must not be occupied. While it is possible to exploit this from a non standard port, for the sake of simplicity and not having to modify...
FreeSWITCH 1.10.1 - Command Execution
Exploit Title: FreeSWITCH 1.10.1 - Command Execution Date: 2019-12-19 Exploit Author: 1F98D Vendor Homepage: https://freeswitch.com/ Software Link: https://files.freeswitch.org/windows/installer/x64/FreeSWITCH-1.10.1-Release-x64.msi Version: 1.10.1 Tested on: Windows 10 x64 FreeSWITCH listens on...
Kirona-DRS 5.5.3.5 - Information Disclosure
Exploit Title: Kirona-DRS 5.5.3.5 - Information Disclosure Discovered Date: 2019-10-03 Shodan Search: /opt-portal/pages/login.xhtml Exploit Author: Ramikan Vendor Homepage: https://www.kirona.com/products/dynamic-resource-scheduler/ Affected Version: DRS 5.5.3.5 may be other versions. Tested On...
BlogEngine.NET 3.3.6/3.3.7 - XML External Entity Injection
Exploit Title: Out-of-band XML External Entity Injection on BlogEngine.NET Date: 19 June 2019 Exploit Author: Aaron Bishop Vendor Homepage: https://blogengine.io/ Version: v3.3.7 Tested on: 3.3.7, 3.3.6 CVE : 2019-10718 1. Description ============== BlogEngine.NET is vulnerable to an Out-of-Band...
Joomla! Component VMap 1.9.6 - SQL Injection
Exploit Title: Joomla! Component VMap 1.9.6 - SQL Injection Dork: N/A Date: 2019-01-23 Exploit Author: Ihsan Sencan Vendor Homepage: http://wdmtech.com/ Software Link: https://extensions.joomla.org/extensions/extension/maps-a-weather/maps-a-locations/vmap/ Version: 1.9.6 Category: Webapps Tested...
Golden FTP Server 4.70 - PASS Stack Buffer Overflow (Metasploit)
$Id: goldenftppassbof.rb 12812 2011-06-02 01:10:22Z bannedit $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...
Maran PHP Shop - 'prod.php' SQL Injection
Maran PHP Shop prod.php cat SQL Injection Vulnerability url: http://www.maran.pamil-visions.com/maranshop.php Author: JosS mail: sys-projectathotmaildotcom site: http://spanish-hackers.com team: Spanish Hackers Team - SHT This was written for educational purpose. Use it at your own risk. Author...
Tigo Energy Cloud Connect Advanced (CCA) 4.0.1 - Command Injection
/ Title : Tigo Energy Cloud Connect Advanced CCA 4.0.1 - Command Injection Author : Byte Reaper CVE : CVE-2025-7769 / include include include include "argparse.h" include include include define FULLURL 2500 define POSTPAYLOAD 5500 const char baseurl = NULL; const char cookies = NULL; const char i...
Citrix NetScaler ADC/Gateway 14.1 - Memory Disclosure
Exploit Title: Citrix NetScaler ADC/Gateway 14.1 - Memory Disclosure Exploit Author: Yesith Alvarez Vendor Homepage: hhttps://support.citrix.com/support-home/kbsearch/article?articleNumber=CTX693420 CVE: CVE-2025-5777 Link: https://github.com/yealvarez/CVE/blob/main/CVE-2025-5777/exploit.py impor...
Microsoft Windows 11 23h2 - CLFS.sys Elevation of Privilege
Exploit Title: Microsoft Windows 11 23h2 - CLFS.sys Elevation of Privilege Date: 2025-04-16 Exploit Author: Milad Karimi Ex3ptionaL Contact: [email protected] Zone-H: www.zone-h.org/archive/notifier=Ex3ptionaL MiRROR-H: https://mirror-h.org/search/hacker/49626/ CVE: CVE-2024-49138 include...
TranzAxis 3.2.41.10.26 - Stored Cross-Site Scripting (XSS) (Authenticated)
Exploit Title: TranzAxis 3.2.41.10.26 - Stored Cross-Site Scripting XSS Authenticated Date: 10th, March, 2025 Exploit Author: ABABANK REDTEAM Vendor Homepage: https://compassplustechnologies.com/ Version: 3.2.41.10.26 Tested on: Window Server 2016 1. Login to web application 2. Click on Entire...
Unified Remote 3.13.0 - Remote Code Execution (RCE)
Exploit Title: Unified Remote 3.13.0 - Remote Code Execution RCE Google Dork: NA Date: 03/03/2023 Exploit Author: H4rk3nz0 Vendor Homepage: https://www.unifiedremote.com/ Software Link: https://www.unifiedremote.com/download/windows Version: 3.13.0 Current Tested on: Windows CVE : NA Due to the u...
Wondershare Dr.Fone 11.4.10 - Insecure File Permissions
Exploit Title: Wondershare Dr.Fone 11.4.10 - Insecure File Permissions Date: 04/25/2022 Exploit Author: AkuCyberSec https://github.com/AkuCyberSec Vendor Homepage: https://drfone.wondershare.com/ Software Link: https://download.wondershare.com/drfonefull3360.exe Version: 11.4.10 Tested on: Window...
VIVE Runtime Service - 'ViveAgentService' Unquoted Service Path
Exploit Title: VIVE Runtime Service - 'ViveAgentService' Unquoted Service Path Date: 11/03/2022 Exploit Author: Faisal Alasmari Vendor Homepage: https://www.vive.com/ Software Link: https://developer.vive.com/resources/downloads/ Version: 1.0.0.4 Tested: Windows 10 x64 C:\Users\Usersc qc "VIVE...
HMA VPN 5.3 - Unquoted Service Path
Exploit Title: HMA VPN 5.3 - Unquoted Service Path Date: 18/02/2022 Exploit Author: Saud Alenazi Vendor Homepage: https://www.hidemyass.com/ Software Link: https://www.hidemyass.com/en-us/downloads Version: 5.3.5913.0 Tested: Windows 10 Pro x64 es C:\Users\saudhsc qc HmaProVpn SC QueryServiceConf...
Leawo Prof. Media 11.0.0.1 - Denial of Service (DoS) (PoC)
Exploit Title: Leawo Prof. Media 11.0.0.1 - Denial of Service DoS PoC Date: 25.07.2021 Vendor Homepage:https://www.leawo.org Software Link: https://www.leawo.org/downloads/total-media-converter-ultimate.html Exploit Author: Achilles Tested Version: 11.0.0.1 Tested on: Windows 7 x64 1.- Run python...
WordPress Plugin Simple Post 1.1 - 'Text field' Stored Cross-Site Scripting (XSS)
Exploit Title: WordPress Plugin Simple Post 1.1 - 'Text field' Stored Cross-Site Scripting XSS Date: 23/07/2021 Exploit Author: Vikas Srivastava Software Link: https://wordpress.org/plugins/simple-post/ Version: 1.1 Category: Web Application Tested on Mac How to Reproduce this Vulnerability: 1...
Moodle 3.10.3 - 'url' Persistent Cross Site Scripting
Exploit Title: Moodle 3.10.3 - 'url' Persistent Cross Site Scripting Date: 22/04/2021 Exploit Author: UVision Vendor Homepage: https://moodle.org/ Software Link: https://download.moodle.org Version: 3.10.3 Tested on: Debian/Windows 10 By having the role of a teacher or an administrator or a manag...
KZTech/JatonTec/Neotel JT3500V 4G LTE CPE 2.0.1 - Remote Code Execution
Exploit Title: KZTech/JatonTec/Neotel JT3500V 4G LTE CPE 2.0.1 - Remote Code Execution Date: 03.02.2021 Exploit Author: LiquidWorm Vendor Homepage: http://www.kzbtech.com http://www.jatontec.com https://www.neotel.mk Vendor: KZ Broadband Technologies, Ltd. | Jaton Technology, Ltd. Product web pag...
python jsonpickle 2.0.0 - Remote Code Execution
Exploit Title: python jsonpickle 2.0.0 - Remote Code Execution Date: 24-2-2021 Vendor Homepage: https://jsonpickle.github.io Exploit Author: Adi Malyanker, Shay Reuven Software Link: https://github.com/jsonpickle/jsonpickle Version: 2.0.0 Tested on: windows, linux Python is an open source languag...
Sony Playstation 4 (PS4) < 7.02 - 'ValidationMessage::buildBubbleTree()' Use-After-Free WebKit Code Execution (PoC)
const OFFSETELEMENTREFCOUNT = 0x10; const OFFSETJSABVIEWVECTOR = 0x10; const OFFSETJSABVIEWLENGTH = 0x18; const OFFSETLENGTHSTRINGIMPL = 0x04; const OFFSETHTMLELEMENTREFCOUNT = 0x14; const LENGTHARRAYBUFFER = 0x8; const LENGTHSTRINGIMPL = 0x14; const LENGTHJSVIEW = 0x20; const...