47904 matches found
Savsoft Quiz 5 - Stored Cross-Site Scripting
Exploit Title: Savsoft Quiz 5 - Stored Cross-Site Scripting Date: 2020-07-28 Exploit Author: Mayur Parmarth3cyb3rc0p Vendor Homepage: https://savsoftquiz.com/ Software Link: https://github.com/savsofts/savsoftquizv5.git Version: 5.0 Tested on: Windows 10 Contact:...
Easy2Pilot 7 - Cross-Site Request Forgery (Add User)
Exploit Title: Easy2Pilot 7 - Cross-Site Request Forgery Add User Author: indoushka Date: 2020-02-20 Tested on: windows 10 Français V.Pro / browser : Mozilla firefox 69.032-bit Vendor: http://easy2pilot-v7.com/ CVE: N/A poc : + Dorking İn Google Or Other Search Enggine. + save code as poc.html +...
Ricoh Driver - Privilege Escalation (Metasploit)
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core/exploit/exe' class MetasploitModule 'Ricoh Driver Privilege Escalation', 'Description' = %q Various Ricoh printer drivers allow escalation of privilege...
ipPulse 1.92 - 'Enter Key' Denial of Service (PoC)
Exploit Title: ipPulse 1.92 - 'Enter Key' Denial of Service PoC Discovery by: Diego Buztamante Discovery Date: 2019-11-18 Vendor Homepage: https://www.netscantools.com/ippulseinfo.html Software Link : http://download.netscantools.com/ipls192.zip Tested Version: 1.92 Vulnerability Type: Denial of...
Microsoft Windows Server 2012 - 'Group Policy' Security Feature Bypass (MS15-014)
Exploit Title: Microsoft Windows Server 2012 - 'Group Policy' Security Feature Bypass Date: 2019-10-28 Exploit Author: Thomas Zuk Version: Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, Windows Server 2008 R2, Windows 8, Windows Server 2012, Windows RT, Windows 8.1, Windows...
Kirona-DRS 5.5.3.5 - Information Disclosure
Exploit Title: Kirona-DRS 5.5.3.5 - Information Disclosure Discovered Date: 2019-10-03 Shodan Search: /opt-portal/pages/login.xhtml Exploit Author: Ramikan Vendor Homepage: https://www.kirona.com/products/dynamic-resource-scheduler/ Affected Version: DRS 5.5.3.5 may be other versions. Tested On...
iMessage - Decoding NSSharedKeyDictionary Can Read Object Out of Bounds
When an NSKeyedUnarchiver decodes an object, it first allocates the object using allocWithZone, and then puts the object into a dictionary for temporary objects. It then calls the appropriate initWithCoder: on the allocated object. If initWithCoder: or any method it calls decodes the same object,...
WordPress Plugin Event Tickets 4.10.7.1 - CSV Injection
Exploit Title: WordPress Plugin Event Tickets = 4.10.7.1 - CSV Injection Google Dork: inurl:"\wp-content\plugins\event-tickets" Date: 09-01-2019 Exploit Author: MTK http://mtk911.cf/ Vendor Homepage: https://tri.be/ Software Link: https://downloads.wordpress.org/plugin/event-tickets.4.10.7.1.zip...
BlogEngine.NET 3.3.6/3.3.7 - XML External Entity Injection
Exploit Title: Out-of-band XML External Entity Injection on BlogEngine.NET Date: 19 June 2019 Exploit Author: Aaron Bishop Vendor Homepage: https://blogengine.io/ Version: v3.3.7 Tested on: 3.3.7, 3.3.6 CVE : 2019-10718 1. Description ============== BlogEngine.NET is vulnerable to an Out-of-Band...
TightVNC - Authentication Failure Integer Overflow (PoC)
!/usr/bin/env python [email protected] Modified Andres Lopez Luksenberg's exploit for Authentication Failure scenario in TightVNC. BID 33569 CVE-2009-0388 import socket serversocket = socket.socketsocket.AFINET, socket.SOCKSTREAM serversocket.bind'', 5900 serversocket.listen1 while True:...
Faq Administrator 2.1 - 'faq_reply.php' Remote File Inclusion
================================================================== Faq Administrator RFI ================================================================== Info:- Scripts: Faq Administrator http://www.campbus.com/downloads/faqadmin/faqadmin-current.tgz Version : 2.1b Dork & vuln : download script...
JetBrains TeamCity 2023.11.4 - Authentication Bypass
!/usr/bin/env python3 -- coding: utf-8 -- """ Exploit Title: JetBrains TeamCity 2023.11.4 - Authentication Bypass Date: 2024-02-21 Exploit Author: ibrahimsql https://github.com/ibrahimsql Vendor Homepage: https://www.jetbrains.com/teamcity/ Version: =2.25.1 """ import requests import argparse...
LiveHelperChat 4.61 - Stored Cross Site Scripting (XSS) via Department Assignment Alias Nick Field
Exploit Title: LiveHelperChat 4. Save the changes. 5. Revist the Department Assignment settings page and edit the Alias Nick field, the cross site scripting xss will execute...
LiveHelperChat 4.61 - Stored Cross Site Scripting (XSS) via Operator Surname
Exploit Title: LiveHelperChat 4.61 - Stored Cross Site Scripting XSS via Operator Surname Date: 09/06/2025 Exploit Author: Manojkumar J TheWhiteEvil Linkedin: https://www.linkedin.com/in/manojkumar-j-7ba35b202/ Vendor Homepage: https://github.com/LiveHelperChat/livehelperchat/ Software Link:...
Best Student Result Management System v1.0 - Multiple SQLi
Title: Best Student Result Management System v1.0 - Multiple SQLi Author: nu11secur1ty Date: 04/08/2024 Vendor: https://www.mayurik.com/ Software: https://www.sourcecodester.com/php/15653/best-student-result-management-system-project-source-code-php-and-mysql-free-download Reference:...
thrsrossi Millhouse-Project 1.414 - Remote Code Execution
sdsdsds ------WebKitFormBoundaryzlHN0BEvvaJsDgh8 Content-Disposition: form-data; name="files"; filename="" Content-Type: application/octet-stream ------WebKitFormBoundaryzlHN0BEvvaJsDgh8 Content-Disposition: form-data; name="category" 1 ------WebKitFormBoundaryzlHN0BEvvaJsDgh8 Content-Disposition...
Osprey Pump Controller 1.0.1 - Cross-Site Request Forgery
!-- Exploit Title: Osprey Pump Controller 1.0.1 - Cross-Site Request Forgery Exploit Author: LiquidWorm Vendor: ProPump and Controls, Inc. Product web page: https://www.propumpservice.com | https://www.pumpstationparts.com Affected version: Software Build ID 20211018, Production 10/18/2021 Mirage...
WordPress Plugin Select All Categories and Taxonomies 1.3.1 - Reflected Cross-Site Scripting (XSS)
Exploit Title: WordPress Plugin Select All Categories and Taxonomies 1.3.1 - Reflected Cross-Site Scripting XSS Date: 2/15/2021 Author: 0xB9 Software Link: https://downloads.wordpress.org/plugin/select-all-categories-and-taxonomies-change-checkbox-to-radio-buttons.1.3.1.zip Version: 1.3.1 Tested...
Online Library Management System 1.0 - 'Search' SQL Injection
Exploit Title: Online Library Management System 1.0 - 'Search' SQL Injection Date: 23-06-2021 Exploit Author: Berk Can Geyikci Vendor Homepage: https://www.sourcecodester.com/ Software Link: https://www.sourcecodester.com/sites/default/files/download/janobe/ols.zip Version: 1.0 Tested on: Windows...
EgavilanMedia PHPCRUD 1.0 - 'First Name' SQL Injection
Exploit Title: EgavilanMedia PHPCRUD 1.0 - 'First Name' SQL Injection Date: 5/17/2021 Exploit Author: Dimitrios Mitakos Vendor Homepage: https://egavilanmedia.com Software Link: https://egavilanmedia.com/crud-operation-with-php-mysql-bootstrap-and-dompdf/ Version: 1.0 Tested on: Debian GNU/Linux ...
School File Management System 1.0 - 'multiple' Stored Cross-Site Scripting
Exploit Title: School File Management System 1.0 - 'multiple' Stored Cross-Site Scripting Date: 2021-02-11 Exploit Author: Pintu Solanki Vendor Homepage: https://www.sourcecodester.com/ Software Link: https://www.sourcecodester.com/php/14155/school-file-management-system.html Software: : School...
Xerox AltaLink C8035 Printer - Cross-Site Request Forgery (Add Admin)
Exploit Title: Xerox AltaLink C8035 Printer - Cross-Site Request Forgery Add Admin Date: 2018-12-17 Exploit Author: Ismail Tasdelen Vendor Homepage: https://www.xerox.com/ Hardware Link : https://www.office.xerox.com/en-us/multifunction-printers/altalink-c8000-series Software : Xerox Printer...
Web Companion versions 5.1.1035.1047 - 'WCAssistantService' Unquoted Service Path
Exploit Title: Web Companion versions 5.1.1035.1047 - 'WCAssistantService' Unquoted Service Path Exploit Author: Debashis Pal Date: 2019-10-17 Vendor Homepage : https://webcompanion.com Source: https://webcompanion.com Version: Web Companion versions 5.1.1035.1047 CVE : N/A Tested on: Windows 7...
PHP 7.1 < 7.3 - 'json serializer' disable_functions Bypass
= 8; public function str2ptr&$str, $p = 0, $s = 8 $address = 0; for$j = $s-1; $j = 0; $j-- $address = 8; return $out; unable to leak ro segments public function leak1$addr global $spl1; $this-write$this-abc, 8, $addr - 0x10; return strlengetclass$spl1; the real deal public function leak2$addr, $p...
ToendaCMS 1.0.0 - 'FCKeditor' Arbitrary File Upload
!/usr/bin/php -q -d shortopentag=on 126 $result.=" ."; else $result.=" ".$string$i; if strlendechexord$string$i==2 $exa.=" ".dechexord$string$i; else $exa.=" 0".dechexord$string$i; $cont++;if $cont==15 $cont=0; $result.="\r\n"; $exa.="\r\n"; return $exa."\r\n".$result; $proxyregex =...
OpenSSH server (sshd) 9.8p1 - Race Condition
Exploit Title : OpenSSH server sshd 9.8p1 - Race Condition Author : Milad Karimi Ex3ptionaL Date : 2025-04-16 Description: Targets a signal handler race condition in OpenSSH's server sshd on glibc-based Linux systems. It exploits a vulnerability where the SIGALRM handler calls async-signal-unsafe...
SilverStripe 5.3.8 - Stored Cross Site Scripting (XSS) (Authenticated)
Exploit Title: SilverStripe 5.3.8 - Stored Cross Site Scripting XSS Authenticated Date: 2025-01-15 Exploit Author: James Nicoll Vendor Homepage: https://www.silverstripe.org/ Software Link: https://www.silverstripe.org/download/ Category: Web Application Version: 5.2.22 Tested on: SilverStripe...
flatnux 2021-03.25 - Remote Code Execution (Authenticated)
Exploit Title: flatnux-2021-03.25 - Remote Code Execution Authenticated Exploit Author: Ömer Hasan Durmuş Vendor Homepage: https://en.altervista.org Software Link: http://flatnux.altervista.org/flatnux.html Version: 2021-03.25 Tested on: Windows/Linux POST...
Auto Dealer Management System v1.0 - SQL Injection on manage_user.php
Exploit Title: Auto Dealer Management System v1.0 - SQL Injection on manageuser.php Exploit Author: Muhammad Navaid Zafar Ansari Date: 18 February 2023 CVE Assigned: CVE-2023-0915 mitre.org nvd.nist.org Vendor Homepage: https://www.sourcecodester.com Software Link: Auto Dealer Management System...
ChurchCRM v4.5.3-121fcc1 - SQL Injection
Exploit Title: ChurchCRM v4.5.3-121fcc1 - SQL Injection Author: nu11secur1ty Date: 02.27.2023 Vendor: http://churchcrm.io/ Software: https://github.com/ChurchCRM/CRM Reference: https://portswigger.net/web-security/sql-injection Description: In the manual insertion point 1 - parameter EID appears ...
Roxy WI v6.1.1.0 - Unauthenticated Remote Code Execution (RCE) via ssl_cert Upload
ADVISORY INFORMATION Exploit Title: Roxy WI v6.1.1.0 - Unauthenticated Remote Code Execution RCE via sslcert Upload Date of found: 21 July 2022 Application: Roxy WI .oastify.com;...
Library System in PHP 1.0 - 'publisher name' Stored Cross-Site Scripting (XSS)
Exploit Title: Library System in PHP 1.0 - 'publisher name' Stored Cross-Site Scripting XSS Google Dork: NA Date: 03-OCT-2021 Exploit Author: Akash Rajendra Patil Vendor Homepage: https://www.yahoobaba.net/project/library-system-in-php Software Link:...
Hospitals Patient Records Management System 1.0 - 'id' SQL Injection (Authenticated)
Exploit Title: Hospitalss Patient Records Management System 1.0 - 'id' SQL Injection Authenticated Date: 30/12/2021 Exploit Author: twseptian Vendor Homepage: https://www.sourcecodester.com/php/15116/hospitals-patient-records-management-system-php-free-source-code.html Software Link:...
ECOA Building Automation System - Local File Disclosure
Exploit Title: ECOA Building Automation System - Local File Disclosure Date: 25.06.2021 Exploit Author: Neurogenesia Vendor Homepage: http://www.ecoa.com.tw ECOA Building Automation System Local File Disclosure Vulnerability Vendor: ECOA Technologies Corp. Product web page: http://www.ecoa.com.tw...
Online Leave Management System 1.0 - Arbitrary File Upload to Shell (Unauthenticated)
Exploit Title: Online Leave Management System 1.0 - Arbitrary File Upload to Shell Unauthenticated Date: 24-08-2021 Exploit Author: Justin White Vendor Homepage: https://www.sourcecodester.com Software Link:...
Customer Relationship Management (CRM) System 1.0 - 'Category' Persistent Cross site Scripting
Exploit Title: Customer Relationship Management CRM System 1.0 - 'Category' Persistent Cross site Scripting Date: 14-05-2021 Exploit Author: Vani K G Vendor Homepage: https://www.sourcecodester.com/ Software Link:...
MagpieRSS 0.72 - 'url' Command Injection
Exploit Title: MagpieRSS 0.72 - 'url' Command Injection and Server Side Request Forgery Date: 24 March 2021 Exploit Author: bl4ckh4ck5 Vendor Homepage: http://magpierss.sourceforge.net/ Software Link:...
Microsoft Exchange 2019 - Server-Side Request Forgery
import requests from urllib3.exceptions import InsecureRequestWarning import random import string import sys def idgeneratorsize=6, chars=string.asciilowercase + string.digits: return ''.joinrandom.choicechars for in rangesize if lensys.argv " print"使用方式: python PoC.py mail.btwaf.cn [email protected]...
Textpattern CMS 4.8.4 - 'Comments' Persistent Cross-Site Scripting (XSS)
Exploit Title: Textpattern CMS 4.8.4 - 'Comments' Persistent Cross-Site Scripting XSS Date: 2021-03-04 Exploit Author: Tushar Vaidya Vendor Homepage: https://textpattern.com Software Link: https://textpattern.com/start Version: v 4.8.4 Tested on: Windows Steps-To-Reproduce: 1. Login into...
Netis E1+ V1.2.32533 - Unauthenticated WiFi Password Leak
Exploit Title: Netis E1+ 1.2.32533 - Unauthenticated WiFi Password Leak Date: 2020-04-25 Author: Besim ALTINOK Vendor Homepage: http://www.netis-systems.com Software Link: http://www.netis-systems.com/Suppory/downloads/dd/1/img/204 Version: V1.2.32533 Tested on: Netis E1+ V1.2.32533 Credit: İsmai...
IBM Websphere ILOG JRules 6.7 - Cross-Site Scripting
source: https://www.securityfocus.com/bid/41030/info IBM WebSphere ILOG JRules is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in...
ProFTPd - 'mod_mysql' Authentication Bypass
Just found out a problem with proftpd's sql authentication. The problem is easily reproducible if you login with username like: USER %' and 1=2 union select 1,1,uid,gid,homedir,shell from users; -- and a password of "1" without quotes. which leads to a successful login. Different account logins c...
phpBurningPortal 1.0.1 - 'lang_path' Remote File Inclusion
!/usr/bin/perl use LWP::UserAgent; use LWP::Simple; $target = @ARGV0; $shellsite = @ARGV1; $shellcmd = @ARGV2; $fileno = @ARGV3; if!$target || !$shellsite usage; header; if $fileno eq 1 $file = "questdelete.php?langpath="; elsif $fileno eq 2 $file = "questedit.php?langpath="; elsif $fileno eq 3...
CUPS 1.1.x - Negative Length HTTP Header
source: https://www.securityfocus.com/bid/6437/info A vulnerability has been reported for CUPS that if exploited may result in a DoS or the execute of code on affected systems. An attacker can exploit this vulnerability by connecting to a vulnerable system and issuing malformed HTTP headers with ...
LiveHelperChat 4.61 - Stored Cross Site Scripting (XSS) via the Chat Transfer Function
Exploit Title: LiveHelperChat 4.61 - Stored Cross Site Scripting XSS via the Chat Transfer Function Date: 09/06/2025 Exploit Author: Manojkumar J TheWhiteEvil Linkedin: https://www.linkedin.com/in/manojkumar-j-7ba35b202/ Vendor Homepage: https://github.com/LiveHelperChat/livehelperchat/ Software...
Microsoft Excel Use After Free - Local Code Execution
Titles: Microsoft Excel Use After Free - Local Code Execution Author: nu11secur1ty Date: 06/09/2025 Vendor: Microsoft Software: https://www.microsoft.com/en/microsoft-365/excel?market=af Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-27751 Versions: MS Excel 2016, MS Office...
Langflow 1.3.0 - Remote Code Execution (RCE)
Exploit Title: Langflow 1.3.0 - Remote Code Execution RCE Date: 2025-04-17 Exploit Author: VeryLazyTech Vendor Homepage: http://www.langflow.org/ Software Link: https://github.com/langflow-ai/langflow Version: Langflow 1.3.0 Tested on: Windows Server 2019 CVE: CVE-2025-3248 CVE-2025-3248 - Remote...
PyroCMS v3.0.1 - Stored XSS
Exploit Title: PyroCMS v3.0.1 - Stored XSS Date: 2023-11-25 Exploit Author: tmrswrr Category : Webapps Vendor Homepage: https://pyrocms.com/ Version: v3.0.1 Tested on: https://www.softaculous.com/apps/cms/PyroCMS...
SolarView Compact 6.0 - OS Command Injection
Exploit Title: SolarView Compact 6.0 - OS Command Injection Date: 2022-05-15 Exploit Author: Ahmed Alroky Author Company : AIactive Version: ver.6.00 Vendor home page : https://www.contec.com/ Authentication Required: No CVE : CVE-2022-29303 Tested on: Windows Exploit HTTP Request : POST...
Microfinance Management System 1.0 - 'customer_number' SQLi
Exploit Title: Microfinance Management System 1.0 - 'customernumber' SQLi Date: 2022-25-03 Exploit Author: Eren Gozaydin Vendor Homepage: https://www.sourcecodester.com/php/14822/microfinance-management-system.html Software Link:...